< :前の番号
^ :番号順リスト
> :次の番号
P :前の記事(スレッド移動)
N :次の記事(スレッド移動)
|<:前のスレッド
>|:次のスレッド
^ :返事先
_:自分への返事
>:同じ返事先を持つ記事(前)
<:同じ返事先を持つ記事(後)
---:分割してスレッド表示、再表示
| :分割して(縦)スレッド表示、再表示
~ :スレッドのフレーム消去
.:インデックス
..:インデックスのインデックス
Issue #9216 has been updated by naruse (Yui NARUSE).
As a Programming Language developer, people should use trunk! ;-)
Anyway, I know business people needs more support for older ruby.
Such people can support them with their own resource as heroku or ruby-lang.org official
even if so-called ruby-core team finished the support.
I want only one thing, announce it when the support is finished.
----------------------------------------
misc #9216: Backport Maintenance Policy for 1.8.7, 1.9.2
https://bugs.ruby-lang.org/issues/9216#change-43452
Author: hone (Terence Lee)
Status: Open
Priority: Normal
Assignee:
Category: Project
Target version:
TL;DR
Backporting security fixes to 1.8.7, 1.9.2 in increments of 6 month terms with optional continuation upon term expiration.
Context
Many vendors like Linux distros including Red Hat, Debian, Canonical and platforms like Heroku need to maintain support for old Ruby versions past it???s end of life cycle for its customers. In order to stop duplicating our efforts, it???d be great to push these security fixes upstream. This way each vendor can base their changes on this work.
For each security incident that is proposed and considered a threat in the ruby-security mailing list, there can be gatekeepers who can verify that the rubies are vulnerable, test patches, and push code the upstream so vendors and users of those products can build rubies that match those released by their vendor.
Since vendors are on the ruby-security mailing list and will already be doing this work, there can be a volunteer service for this gatekeeper work. Volunteers can commit to a reasonable time frame like 6 months. During the last month, another 6 month commitment can be made either by the same volunteers or others looking to take over the maintainership. Even for non end of life Rubies, ruby-core should not be afraid to look to these vendors for help in maintaining current Rubies.
Heroku will be announcing it???s support plans soon, but we will probably be supporting Ruby 1.8.7 / 1.9.2 for 6 months after this announcement. Sam Kottler and I (Terence Lee) will be happy to play gatekeeper for the first 6 months (until June 2014).
In summary, I think establishing well defined dates will help out Ruby users pick and decide what they can expect to use safely. The coming Ruby 2.1.0 release announcement would be a great time to announce what happened to Ruby 1.9.2 and any of these potential changes.
--
http://bugs.ruby-lang.org/