updating README

ellie timoney ellie at fastmail.com
Sun Aug 30 21:18:08 EDT 2015


Found myself reading the README -- whoops, it's very stale.

Jeroen's noticed this too, there's a task in phabricator that's just sat
there since its creation.  I've just triaged it to "High":
https://git.cyrus.foundation/T8

Jeroen writes:

> The current README in rI reads about 2.4, and versions 2.2 and 2.3 still receiving security updates.
> 
> This sounds like a false promise and should probably be amended to at least take in to account 2.5, and the ages of 2.2 and 2.3 both.

... and also links to an open question about our release life-cycle
terminology: https://git.cyrus.foundation/Q13

I was hoping to just go in and quickly update the README, but realised
along the way that I had more questions than answers, so I'm throwing it
out for discussion instead.

Here's the current README, with my comments interspersed:

> This is the Carnegie Mellon University Cyrus IMAP Server.
> 
> The 2.4 series contains numerous features and better standards
> support than previous versions.

I think I want to change "2.4" to something like "3.0-beta", though we'd
need to change it again when we eventually release a real 3.0.  I'm
slightly concerned that just labeling it "3.0" without the "-beta"
qualifier might be misleading, but I don't know that I care that much
either way.

> No further development work will progress on anything older than
> version 2.2.  Versions 2.2 and 2.3 still receive security updates,
> but new features or non-security bugfixes are unlikely to be
> backported.

How far back do we want this vague promise to extend?

The last (only) lot of security releases I did only went back as far as
2.3 (not 2.2), partly because the main bug being fixed was introduced in
2.3, and partly because backporting the other security fix (updated SSL
defaults) to 2.2 looked too hard.

When the stable series was 2.4, we offered security fixes for 2.2 and
2.3.  Given that, one could argue that now that 2.5 is the stable series
we should offer security fixes for only 2.3 and 2.4.

3.0 => 2.4 and 2.5 only?

> If you continue to install this software PLEASE be sure to read the
> documentation (located in the doc/ subdirectory).  Many common questions
> can be answered just by carefully following the documentation.
> Please also refer to http://bugzilla.cyrusimap.org for any outstanding bugs.

We have bug reports in both bugzilla and phabricator these days. 
There's the ongoing/stalled work of migrating off the old cyrusimap.org
website to cyrus.foundation which should, when complete, clear this sort
of thing up, but it's not moving fast.  What do we want to say in the
meantime?

On one hand, we want new reports going to the new site.  On another,
people looking for existing bugs probably want to see them all, not just
the newer ones.  There's probably a bunch more hands here too.

> Note that CMU only provides a source distribution. If you run into
> problems with any binary distribution, please contact the source of
> the binary distribution.
> 
> ----------------------------------------------------------------------
> * For the real README file, please see doc/readme.html.
> 
> * To install the software, please read doc/install.html (but please
>   read doc/readme.html first!).
> 
> * To see the changes since previous versions, check doc/changes.html,
>   and if upgrading look at doc/install-upgrade.html as well.
> 
> * To obtain updates to this software, visit the web page
>  http://www.cyrusimap.org/ 
>   or ftp directly from
>  ftp://ftp.cyrusimap.org/cyrus-imapd/ 

Another one where, once the website move is complete, this bit becomes
obvious.  But what do we say in the meantime?

Thoughts, opinions?

ellie


More information about the Cyrus-devel mailing list