Release stability proposal to be discussed at OTC

Tomas Mraz tomas at openssl.org
Mon Oct 4 14:30:36 UTC 2021


I've prepared this release stability proposal addition to the existing
release policy document:

https://docs.google.com/document/d/1UFkXiwsmfK-xYpXQfv0HEUKmAbSxxcK25y5s3fAIIzQ/edit?usp=sharing

This is just a starting point for further discussion, please feel free
to add any comments to the document linked above. I'll also copy the
proposed clauses to be added here for tl;dr:

- Only bug fixes including fixes for security issues and documentation
additions are allowed in stable releases. (The exception above for
platform additions to LTS branches still applies.)

- A stable release is a patch release from an existing supported minor
release branch.

- A bug fix is a fix of functionality of the libraries, modules,
applications, or the build system that (all or any items might apply):
makes the functionality conforming with the existing documentation
makes the documentation conforming with the existing behavior of the
software

- A bug fix is also a fix for an unexpected behavior (not explicitly
documented in one way or another) of the software when such unexpected
behavior is a security vulnerability.

- A bug fix might also be a fix for an unexpected behavior (not
explicitly documented in one way or another) where there is no
reasonable use-case that might depend on the unexpected behavior.

- A documentation addition allowed in stable releases is any addition
to the documentation that documents the existing behavior of the
software. I.e., the documentation additions in stable releases cannot
add new API contract constraints, or implicitly create new bugs in the
software by documenting behavior that is different from the existing
behavior of the software.

-- 
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]




More information about the openssl-project mailing list