Re: Supported releases

2024-02-15 Thread István Fajth
Thank you for the input from all of you! So to summarize, we see neither the need nor a realistic possibility to collect critical fixes to 1.3.0. I agree that it is unfortunate to support only the latest release, however as we did not put too much effort to keep any release supportable with all cr

Re: Supported releases

2024-02-13 Thread Sumit Agrawal
I think we can choose option "1" if any one is using 1.3.0 release, 1. Define support as “security fixes only” and include support for 1.3.0 Incoming bugs are quite high, so fixing in the old version will be difficult at this point of time, can upgrade to a higher version. Regards Sumit On W

Re: Supported releases

2024-02-13 Thread Ethan Rose
While I would also be surprised if people are successfully running an unpatched version of 1.3.0, it seems like a circular dependency to decide which versions to support based on what people are using. People will generally prefer to use supported versions so our messaging here informs their decisi

Re: Supported releases

2024-02-12 Thread Stephen O'Donnell
The first question I have is: Is anyone running 1.3.0 in production today? That release is over a year old and there are many known problems that have been fixed on 1.4.0. I would be quite surprised if anyone is running 1.3.0 successfully without some additional custom patches on top of it. If th

Supported releases

2024-02-12 Thread István Fajth
Hi developers, Me and Attila had a discussion about a PR that is posted by @ivandika3. In our SECURITY.md file we have a table about our supported versions. In light of the recent CVE, the idea is to remove the supported flag from any release prior to 1