+1 for Groovy 2.4 EOL +1 for Groovy 2.5 EOL We should discuss setting a date for release of Groovy 5.
If Groovy 3 is not EOL, it would be nice to fix gradle build to be runnable with Java 17+ ________________________________ From: Daniel Sun <sun...@apache.org> Sent: Friday, June 28, 2024 11:00 AM To: dev@groovy.apache.org <dev@groovy.apache.org> Subject: [EXT] Re: [DISCUSS] EOL for Groovy 2.4.x External Email: Use caution with links and attachments. > I would consider 2.5 for EOL as well Good idea. On 2024/06/28 12:38:54 Jochen Theodorou wrote: > +1 out with it > > I would consider 2.5 for EOL as well > > > Hi folks, > > > > Groovy 2.4.x hasn't been something we have progressed for some time. > > The last "real" commit to the GROOVY_2_4_X branch and the last release > > (2.4.21) were both in Dec 2020. > > > > For reference, 2.4.x supports back to JDK 1.6 while 2.5.x (which is > > not part of this discussion) supports back to JDK 1.7: > > https://urldefense.com/v3/__https://groovy.apache.org/download.html*requirements__;Iw!!GFN0sa3rsbfR8OLyAw!dW77vExpm0CR0GK4IYAdpSaxYFS7so2c_59snIEhg2OdIXXyWW3v9Zw0YA3nD9XznKT704nZ7_WPQg923QCVsA$ > > > > On the recommended page for GitHub security policy: > > https://urldefense.com/v3/__https://github.com/apache/groovy/security/policy__;!!GFN0sa3rsbfR8OLyAw!dW77vExpm0CR0GK4IYAdpSaxYFS7so2c_59snIEhg2OdIXXyWW3v9Zw0YA3nD9XznKT704nZ7_WPQg9UuAC7vw$ > > > > We state: > > 2.4.x Only severe/critical vulnerabilities (*) > > (*) The 2.4.x stream is no longer the focus of the core team but > > critical security fixes or community contributions may lead to > > additional releases. > > > > I propose to make the EOL official. I don't think the "weak support" > > will be good enough once CRA regulations come into play. My > > understanding from the CRA requirements is that we either intend to > > provide timely fixes for vulnerabilities for any supported version, or > > we should mark versions as EOL. This doesn't stop us from making an > > emergency fix/release if we chose, it just indicates that shouldn't be > > the expectation. > > > > If anyone objects, please discuss here, otherwise I will create a VOTE > > thread in a few days. > > > > Paul. > > > > <https://urldefense.com/v3/__https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail__;!!GFN0sa3rsbfR8OLyAw!dW77vExpm0CR0GK4IYAdpSaxYFS7so2c_59snIEhg2OdIXXyWW3v9Zw0YA3nD9XznKT704nZ7_WPQg9yROOh-g$ > > > > > Virus-free.https://urldefense.com/v3/__http://www.avast.com__;!!GFN0sa3rsbfR8OLyAw!dW77vExpm0CR0GK4IYAdpSaxYFS7so2c_59snIEhg2OdIXXyWW3v9Zw0YA3nD9XznKT704nZ7_WPQg-0hesSTw$ > > <https://urldefense.com/v3/__https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail__;!!GFN0sa3rsbfR8OLyAw!dW77vExpm0CR0GK4IYAdpSaxYFS7so2c_59snIEhg2OdIXXyWW3v9Zw0YA3nD9XznKT704nZ7_WPQg9yROOh-g$ > > > > > <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> > >
