-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 18/07/14 17:01, Alan Pevec wrote:
Another thing that is not clear to me is who defines that transition between general stable branch state into 'Security-supported' one. Are there any written rules for that, like binding such transition to trunk milestones?
What is community supported is a function of resources available and historical experience with bitrot in N-1 branches, expanding the support scope for N-1 stable branch is fine if we can deliver it.
So this does not mean any strict rules in terms of patches applicability, but instead a matter of initiative from interested parties.
We didn't have that written down, but traditionally when N is released it becomes "Current stable release, security-supported" and N-1 "downgraded" to "Security-supported" only. N-1 was going EOL around N+1 milestone3 but we have extended that to 15 months at last design summit. IIRC "current stable release" was originally defined by markmc as the branch where stable-maint team proactively proposes backports by monitoring the trunk, but we have lost that mode long ago, backports are now done retroactively after bugs are reported.
I like that lost mode. We could end up with persons assigned to specific projects that track master and backport relevant patches. This would reduce work to be done by downstream distributors. I will try to follow master development and make relevant cherry-picks for Neutron. Others can join on per-project basis.
To clarify, I propose following wording to be added to https://wiki.openstack.org/wiki/StableBranch#Releases
When new OpenStack version is released it becomes "Current stable release, security-supported"" and previous version "Security-supported". "Current stable release" is the primary target for backports of bugfixes by the stable-maint team, other active branches may receive bugfix backports. "Security-supported" releases are target for the security fixes by the [[Vulnerability_Management#Supported_versions|VMT]] OpenStack Havana stable release will reach EOL at Juno (N+2) milestone-3 and stable releases starting from Icehouse will reach EOL 15 months after their release (approximately N+3 milestone-2).
I've heard no objections to this, so I went to wiki and updated it with the text above.
Cheers, Alan
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJTzjFaAAoJEC5aWaUY1u57650H/jktYxHmss/z2/4nzpGBUhSb IOGr7yZQze9S/vsWH6LNCP4sQ0UNk1SiURE25iBpNubfg96RBllMnT6SqZ5j1vVr cxosSxZ0JwKXiLW/CaQmPZR/eo/Afxj3QERmXqL+4tRKL+zPttqtMxsixyLfZPIt Lwv/SUksKyAPDqwZXLpTdkeM6tkjTYUmVqzp4/oL5954/xB6mbpONSO125Tso2G+ 6J9IEzldMPzp0t60AiHiXxFylrMXPjDubxT8Wq6GC7LEoZ4pT8kPSObiqk5lubK4 dCWQtNQRr3kMoqA6nVzV9W93bDRIehpkIqFhwpCsClhX81Og5b8ErUg3GYpYHQ4= =yk87 -----END PGP SIGNATURE-----