Hi, Some points: In my experience upgrading Maven has never been a problem (thanks to the great attention we pay to backward compatibility)
Maven versioning scheme is very unusual and I suppose that people really don't care about it or even they can't understand. Maven version is useful only to plugin developers. If you really have problem with Maven usually the fix is about upgrading a plugin, a dependency of a plugin and rarely to upgrade Maven core. So my take is that there is no need to have an explicit "support" for older releases other than the last released. The case of security vulnerabilities in Maven core, or probably in third party dependency is important, but we can spin off a branch and create a release For old releases the code is available on github and ASF git repository, anyone can create its own fork and eventually port his fix to the community just my two cents Enrico Il giorno lun 16 dic 2019 alle ore 23:29 Manfred Moser < manf...@simpligility.com> ha scritto: > Chiming in late since I remember we discussed this before. > > Here is my view. > > All releases beyond the most recent one are essentially end of lifed. We > never backport, we have no explicit support and whenever we fix something > it goes into the next release. > > That is what we concluded last time and that is the reason why the > download page only offers the latest version. > > Anything else is misleading our users with some sort of support or > guarantee that things continue to work and are tested when really they are > not. > > Of course we make a best effort to keep things smooth ... but thats really > where it ends. > > Manfred > > Karl Heinz Marbaise wrote on 2019-12-16 12:57 (GMT -08:00): > > > On 15.12.19 12:14, Elliotte Rusty Harold wrote: > >> Tentative +1. > >> > >> Is there any reason we would ever backport a fix to 3.0 or 3.2? E.g. > >> this was the last release to support Java 1.6. > > > > Unfortunately my crystal ball is under repair...I can't see into the > > future... > > > > I would say if we a really bad security issue would could decide to do a > > backport for older releases...But based on the history I know and can > > read through the mailing archives it has not happened yet... > > > > > > > >> > >> Or would we simply tell users to upgrade to 3.6.3? > >> > >> > >> On Sat, Dec 14, 2019 at 6:31 AM Karl Heinz Marbaise <khmarba...@gmx.de> > wrote: > >>> > >>> Hi, > >>> > >>> based on the history we have defined Maven 2.X EoL five years after the > >>> last release...[1] > >>> > >>> Based on that I would suggest to define End Of Life for the following > >>> Maven versions cause their release date is also five years ago... > >>> > >>> > >>> Maven 3.0.5...3.2.5 included. > >>> > >>> We have never backported some things in the last five year... > >>> > >>> WDYT? > >>> > >>> Kind regards > >>> Karl Heinz Marbaise > >>> > >>> > >>> [1]: https://maven.apache.org/docs/history.html#Maven_2 > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org > >>> For additional commands, e-mail: dev-h...@maven.apache.org > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org > > For additional commands, e-mail: dev-h...@maven.apache.org > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org > For additional commands, e-mail: dev-h...@maven.apache.org > >
