> (1) Ruby development goes into three-branch-model (like branches in  
> *BSD
> world):
> - CURRENT branch: trunk (currently ruby 1.9)
> - STABLE branch: ruby_1_8 branch that exists now
> - RELEASE branch: new branch to only adopt bug fixes
excuse me - why is it called "stable branch" if it isn't stable enough
to be released anytime? I thought this was the purpose of stable  
branches?

whatever. if there is a need for 1.8.6, just make that branch, apply the
patch, release it, and mark it as "final" or something. it's only  
computer
memory, after all ;)

afaik the cgi library is used heavily throughout Ruby web applications,
including RoR. I don't know much about software relase practicies,  
but it
sounds to me like a case of "fix it ASAP" - as soon as possible!

while discussing the branch thing, this may be the right time to think
about avoiding such things in the future. this type of bug is quite
common. if I understood the code right, ANY malformed input causes the
infinite loop. so, if anyone wrote a simple negative test or two, it
might have been spotted immediately.

so I guess there never was a test case in the first place. we should
change that. are there tests for cgi.rb yet, like set.rb has? if not, I
can write some.

[murphy]