You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

THIS IS A DRAFT AND NOT IN FORCE

The Grouper Project Developers hereby commit to the following policy regarding support and patching of previous releases:

Versioning:

Grouper releases are versioned according to the following versioning pattern Major.Minor.Patch. Implementers can expect compatibility within Minor releases, namely all 2.1.x versions will maintain the same API calls. Software compiled against 2.1.0 can be expected to link against 2.1.99 without requiring changes to custom code. Occasionally, you may have to recompile against a Patch release due to changes in interfaces, but the API and old calls will still function. Releases across Minor versions may require small changes to custom developed modules, but are not expected to severely cripple existing deployments. Major releases offer no guarantee of API compatibility with existing software.

Security Fixes:

Current and the previous two Minor releases will receive active security patching by the core development team. As of August 2013 that means the 2.1.x, 2.0.x, and 1.6.x releases are maintained by the core development team. Releases outside of this window will be patched on a case-by-case basis depending on several factors including: ease of development/testing of a patch for the version, compatibility of a patch for a supported release being applied to an unsupported release, and community contributions of patches for a targeted unsupported version.

Adopters who are running unsupported releases are encouraged to upgrade to supported releases. The Grouper Development Team will be happy to accept security patches for unsupported releases and make them publicly available to other adopters running unsupported releases. Furthermore, the Grouper Development Team will work with adopters running unsupported releases to assist on a best-effort basis with what would be needed for the adopter to build write their own patch against a known vulnerability.

References used in writing above policy statement:

Shibboleth Project: https://wiki.shibboleth.net/confluence/display/SHIB2/ProductVersioning

Linux Kernel Project: https://www.kernel.org/category/releases.html

Samba Project: http://www.samba.org/samba/devel/

  • No labels