Sorry for the double reply, but I wanted to pick up on one particular point.
On 31 March 2015 21:09:47 GMT+01:00, Stanislav Malyshev <smalys...@gmail.com> wrote: >Hi! > >> That's not quite how it works; the distro package maintainers >maintain a >> sort of forked version of upstream code, combining a well-tested >> upstream release with a set of patches, many of which will be >backported >> fixes from newer releases. So the current package in Ubuntu 14.04 LTS >> [see http://packages.ubuntu.com/trusty/php5] is >"5.5.9+dfsg-1ubuntu4.7", >> and the Ubuntu Changelog shows 12 releases, mostly for security >patches, >> which is nearly as many as there have been upstream releases. > >I think this is all wrong, because I don't see how they can do better >testing with random set of patches than with real release version, but >that's beside the point. It may actually be the loose upstream definition of stability that motivates packagers to do this - they don't want to include new features, with their own potential bugs. It seems to be common practice, at least in the Debian ecosystem, so evidently they think it works out for the best. Note that they also continue to maintain their patches *after* the corresponding release branch is EOL on php.net. For instance, here is the ongoing changelog for Ubuntu 12.04LTS's package, based on PHP 5.3: http://changelogs.ubuntu.com/changelogs/pool/main/p/php5/php5_5.3.10-1ubuntu3.17/changelog If somebody were to go out of their way to install a non-default package, it's unlikely to be to include a minor change of the type we're discussing here. More likely, they would move to a newer stable branch, since the risk is only slightly higher (thanks to our minor releases being more truly minor since 5.4), and the reward much greater. Regards, -- Rowan Collins [IMSoP] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
