ppkarwasz commented on issue #3504: URL: https://github.com/apache/logging-log4j2/issues/3504#issuecomment-2696698461
A side question: I know that upgrading is painful, especially since we had approximately one new release per month last year, but `2.17.x` is a **very** old release and we don't maintain it anymore. The upgrade risk from `2.17.1` to `2.24.3` should be minimal, but it is still there, since we allow for behavioral changes in minor releases (change in default values, stricter interpretation of configuration errors, for example). What could we do, in your opinion, to motivate users to use maintained versions of Log4j (currently only the last minor release of `2.x`)? What are your main reasons for an upgrade (new features, known vulnerability, maintenance status of the major/minor branch)? Would an LTM (long term maintenance) branch be something you would upgrade to? **Note**: I am using "maintenance" instead of "support", since the level of "support" for all Log4j releases is the same: we answer questions if we remember how things worked in that release (even for Log4j 1). Of course more recent releases offer better "support". :wink: -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
