[Koha-devel] Workflow improvement suggestions for security releases

[Jonathan Druart]

Thanks for your reply, Kyle!
(And sorry for my delayed answer, your message hit the spam folder!?)

Inline replies below.

Le jeu. 7 oct. 2021 à 13:15, Kyle Hall <kyle.m.hall at gmail.com> a écrit :
>>
>> 1. LTS
>> I think it's time to have a Long Term Support release. We noticed that
>> some people are still using very old versions, having a version that
>> is maintained several years could help them.
>> We could backport critical security bugs only. 4 (5?) years would be great.
>
>
> This has been proposed in the past. The general consensus at the time was that we as a community want to encourage libraries to stay on the latest versions of Koha and not to hang back on older versions.
> I'm not necessarily opposed,  but such a role will require quite a commitment.

For 22.05, Calalyst and Wainui are offering to maintain 19.11, and
there is a gap as there is no candidate for 20.05.
So it's kind of our first LTS :)

>> 5. Apply patches
>> We need a script to apply the patches on the different branches,
>> automatically. That's an easy bit to develop and it will help us a
>> lot.
>
>
> I'm not sure what you mean? Do you mean something that would apply a bug's patch set to say master, stable and oldstable and report on the bug if it doesn't apply to one? Or script in qa-test-tools to do that? Something else entirely?

In the first step I was suggesting a script in the release-tools repo
to auto-apply a patch set on the different stable branches.
But then, our imagination is the limit :)