FAQ
Hello,

At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
release. As such, I would like to know for example when we could expect
5.3.2 and 5.3.3 to be released.

On a slightly different topic, I'd like to express that I would like to
improve the communication between us (the package maintainers) and you (the
upstream developers). As a first step I'll be trying to forward most of our
patches so that there's a minor divergence.

Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Search Discussions

  • Derick Rethans at Jan 12, 2010 at 10:10 pm

    On Tue, 12 Jan 2010, Raphael Geissert wrote:

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    5.3.2 is on the way, but not sure when exactly it will be released.
    On a slightly different topic, I'd like to express that I would like
    to improve the communication between us (the package maintainers) and
    you (the upstream developers). As a first step I'll be trying to
    forward most of our patches so that there's a minor divergence.
    Awesome, does that also mean you'd be willing to listen in case we might
    think some patches are a bad idea?

    regards,
    Derick
  • Raphael Geissert at Jan 13, 2010 at 1:26 am

    Derick Rethans wrote:
    On Tue, 12 Jan 2010, Raphael Geissert wrote:

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    5.3.2 is on the way, but not sure when exactly it will be released.
    Yes, I've seen the RCs. Hope it doesn't take long.
    On a slightly different topic, I'd like to express that I would like
    to improve the communication between us (the package maintainers) and
    you (the upstream developers). As a first step I'll be trying to
    forward most of our patches so that there's a minor divergence.
    Awesome, does that also mean you'd be willing to listen in case we might
    think some patches are a bad idea?
    Yes, I'm willing to discuss patches.

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net
  • Alexey Zakhlestin at Jan 13, 2010 at 10:00 am

    On 12.01.2010, at 23:48, Raphael Geissert wrote:

    Hello,

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    Great news!
    Does it mean, that 5.3 will move to "unstable" branch soon?
    (currently, Debian has 5.3 only in "testing")
    On a slightly different topic, I'd like to express that I would like to
    improve the communication between us (the package maintainers) and you (the
    upstream developers). As a first step I'll be trying to forward most of our
    patches so that there's a minor divergence.

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net



    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php
  • Ferenc Kovacs at Jan 13, 2010 at 12:16 pm
    the path is like unstable -> testing -> stable
    so the testing will be the new stable.
    http://en.wikipedia.org/wiki/File:Debian-package-cycle.png

    Tyrael
    On Wed, Jan 13, 2010 at 11:00 AM, Alexey Zakhlestin wrote:
    On 12.01.2010, at 23:48, Raphael Geissert wrote:

    Hello,

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    Great news!
    Does it mean, that 5.3 will move to "unstable" branch soon?
    (currently, Debian has 5.3 only in "testing")
    On a slightly different topic, I'd like to express that I would like to
    improve the communication between us (the package maintainers) and you (the
    upstream developers). As a first step I'll be trying to forward most of our
    patches so that there's a minor divergence.

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net



    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php

    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php
  • Raphael Geissert at Jan 13, 2010 at 4:14 pm

    Alexey Zakhlestin wrote:


    Great news!
    Does it mean, that 5.3 will move to "unstable" branch soon?
    (currently, Debian has 5.3 only in "testing")
    It is currently in "experimental," but yes, we will soon be uploading it to
    unstable so that it later migrates to testing.

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net
  • Jani Taskinen at Jan 13, 2010 at 12:45 pm

    On 01/12/2010 10:48 PM, Raphael Geissert wrote:
    Hello,

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    Wouldn't we all. Haven't seen any merges to the release branch since it
    was created..apart from some useless copyright year update.

    Johannes, wake up already and start doing what the RM is supposed to do:
    RELEASE something. And discuss the matters related to releases on
    internals@ and ONLY on internals@ mailing list.

    --Jani
  • Johannes Schlüter at Jan 13, 2010 at 2:00 pm
    Hi,
    On Tue, 2010-01-12 at 14:48 -0600, Raphael Geissert wrote:
    Hello,

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    I hope that the new release branch mere-tracking-tool goes live today,
    so that the new experimental release branch based process works nicer,
    so 5.3.2RC2 will follow shortly after (either until tomorrow, which will
    be quite a rush, better tuesday next week) further progress then depends
    on feedback from testers, hopefully 5.3.2 will be out very late
    January/early February.
    for 5.3.3 it depends on security issues being reported, bug fixes going
    in, ... maybe 3 months after.
    On a slightly different topic, I'd like to express that I would like to
    improve the communication between us (the package maintainers) and you (the
    upstream developers). As a first step I'll be trying to forward most of our
    patches so that there's a minor divergence.
    I think that's an important topic. And I think it would be good to
    improve communication with packagers to unify things that might be
    handled differently and prevent packagers from back-porting security
    fixes in a wrong way. I now that MySQL has a "packgers" list, maybe such
    a thing might be good for php, too. internals might sometimes be a bit
    crowded to follow ...

    johannes
  • Raphael Geissert at Jan 13, 2010 at 4:56 pm

    Johannes Schlüter wrote:

    Hi,
    On Tue, 2010-01-12 at 14:48 -0600, Raphael Geissert wrote:
    Hello,

    At Debian we are planning to include PHP 5.3 in Squeeze, the next stable
    release. As such, I would like to know for example when we could expect
    5.3.2 and 5.3.3 to be released.
    I hope that the new release branch mere-tracking-tool goes live today,
    so that the new experimental release branch based process works nicer,
    so 5.3.2RC2 will follow shortly after (either until tomorrow, which will
    be quite a rush, better tuesday next week) further progress then depends
    on feedback from testers, hopefully 5.3.2 will be out very late
    January/early February.
    for 5.3.3 it depends on security issues being reported, bug fixes going
    in, ... maybe 3 months after.
    Ok, so it looks we will be releasing with 5.3.2 + any backported patch
    necessary to fix important or critical bugs. Thanks for the info.
    On a slightly different topic, I'd like to express that I would like to
    improve the communication between us (the package maintainers) and you
    (the upstream developers). As a first step I'll be trying to forward most
    of our patches so that there's a minor divergence.
    I think that's an important topic. And I think it would be good to
    improve communication with packagers to unify things that might be
    handled differently and prevent packagers from back-porting security
    fixes in a wrong way. I now that MySQL has a "packgers" list, maybe such
    a thing might be good for php, too. internals might sometimes be a bit
    crowded to follow ...
    Such kind of mailing list might be useful, yes. It would at least help give
    the impression that there's interest on improving the communication
    channels.
    That said, I think reading and at times discussing stuff here will still be
    needed.
    As for security patches, yes, it would help if for every issue there's a
    pointer to the commits fixing them. I recently started a discussion on oss-
    sec about PHP's security policy, but haven't brought it up with the php
    security team yet.

    I hope we can make a progress.

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net
  • Raphael Geissert at Mar 12, 2010 at 12:02 am
    Hi Johannes,

    Johannes Schlüter wrote:
    for 5.3.3 it depends on security issues being reported, bug fixes going
    in, ... maybe 3 months after.
    With the current discussion about moving 6.0 to a branch and continuing the
    development of 5.4+ in trunk, I was wondering if there is going to be a
    change of plan.

    I'm mostly interested in knowing if it would be possible to get 5.3.3 out in
    a month, more or less (the latter preferred). This would be of great help
    from a Debian POV, as it would reduce the divergence; otherwise at Debian we
    are going to end up with 5.3.2 with many patches (probably more than those
    we included in 5.2.6 for lenny, because of our current work to get the
    testsuite to pass).

    Cheers,
    --
    Raphael Geissert
  • Philip Olson at Mar 12, 2010 at 12:15 am

    On Mar 11, 2010, at 4:02 PM, Raphael Geissert wrote:

    Hi Johannes,

    Johannes Schlüter wrote:
    for 5.3.3 it depends on security issues being reported, bug fixes going
    in, ... maybe 3 months after.
    With the current discussion about moving 6.0 to a branch and continuing the
    development of 5.4+ in trunk, I was wondering if there is going to be a
    change of plan.

    I'm mostly interested in knowing if it would be possible to get 5.3.3 out in
    a month, more or less (the latter preferred). This would be of great help
    from a Debian POV, as it would reduce the divergence; otherwise at Debian we
    are going to end up with 5.3.2 with many patches (probably more than those
    we included in 5.2.6 for lenny, because of our current work to get the
    testsuite to pass).
    Also, Mac users have the same desire. A recent bug fix makes compiling PHP 5.3 on Mac much easier.

    Regards,
    Philip
  • Daniel Convissor at Jan 13, 2010 at 3:47 pm
    Hi Raphael:
    On Tue, Jan 12, 2010 at 02:48:38PM -0600, Raphael Geissert wrote:
    As a first step I'll be trying to forward most of our
    patches so that there's a minor divergence.
    Is there a document somewhere that explains the changes the Debian team
    has made? (Other than reading a 600 kb diff file from the package web
    page.)

    Thanks,

    --Dan

    --
    T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
    data intensive web and database programming
    http://www.AnalysisAndSolutions.com/
    4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
  • Raphael Geissert at Jan 13, 2010 at 5:05 pm

    Daniel Convissor wrote:

    Hi Raphael:
    On Tue, Jan 12, 2010 at 02:48:38PM -0600, Raphael Geissert wrote:
    As a first step I'll be trying to forward most of our
    patches so that there's a minor divergence.
    Is there a document somewhere that explains the changes the Debian team
    has made? (Other than reading a 600 kb diff file from the package web
    page.)
    What patch do you want to know more about?

    Patches have not been properly documented, but they are usually referenced
    by an entry on the changelog giving a bit more information.

    You can browse the patches applied to every release (and download or view
    them individually) at:
    http://patch-tracker.debian.org/package/php5

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net
  • Daniel Convissor at Jan 13, 2010 at 5:48 pm

    Hi Raphael:

    What patch do you want to know more about?
    None. I am wondering if there is a resource for lay-people interested in
    installing PHP via packages so they can know any eccentricities they will
    encounter when compared to compiling it themselves.

    For example, you discussed changing some ini settings and the possibility
    of making short tags throw deprecated warnings. So I wouldn't be
    surprised if there are other changes in your forks.

    Such a document could also be used to clarify/direct your discussions
    here.

    Patches have not been properly documented, but they are usually referenced
    by an entry on the changelog giving a bit more information.

    You can browse the patches applied to every release (and download or view
    them individually) at:
    http://patch-tracker.debian.org/package/php5
    This is a little nicer than reading the whole diff file, but as you
    mentioned, it still isn't documented well. Meaning it doesn't say
    whether a patch is Debian specific or just bringing in something done by
    the PHP team itself.

    Thanks,

    --Dan

    --
    T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
    data intensive web and database programming
    http://www.AnalysisAndSolutions.com/
    4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
  • Raphael Geissert at Jan 14, 2010 at 7:52 pm

    Daniel Convissor wrote:

    Hi Raphael:
    What patch do you want to know more about?
    None. I am wondering if there is a resource for lay-people interested in
    installing PHP via packages so they can know any eccentricities they will
    encounter when compared to compiling it themselves.
    Well, there are multiple packages to make php use the system copies of the
    libraries and security enhancements, among many other reasons.
    For example, you discussed changing some ini settings and the possibility
    of making short tags throw deprecated warnings. So I wouldn't be
    surprised if there are other changes in your forks.
    The change on the ini file is to avoid breaking applications (that
    incorrectly rely on short_open_tag being On) on upgrade (which is very
    important). We aren't doing anything really different, the default value in
    the interpreter is still On.

    The warning was being proposed to make sure those applications are fixed to
    avoid having to carry the ini patch too long.
    Such a document could also be used to clarify/direct your discussions
    here.
    The documentation will be included in the patch header. Note that most of
    them predate the time I joined the maintenance team.

    Patches have not been properly documented, but they are usually
    referenced by an entry on the changelog giving a bit more information.

    You can browse the patches applied to every release (and download or view
    them individually) at:
    http://patch-tracker.debian.org/package/php5
    This is a little nicer than reading the whole diff file, but as you
    mentioned, it still isn't documented well. Meaning it doesn't say
    whether a patch is Debian specific or just bringing in something done by
    the PHP team itself.
    Only the debian-quirks and php.ini_securitynotes patches are really Debian-
    specific. The rest should find its way to the upstream code (but some of the
    patches were not accepted in the past).

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net
  • Philip Olson at Jan 14, 2010 at 8:46 pm

    For example, you discussed changing some ini settings and the possibility
    of making short tags throw deprecated warnings. So I wouldn't be
    surprised if there are other changes in your forks.
    The change on the ini file is to avoid breaking applications (that
    incorrectly rely on short_open_tag being On) on upgrade (which is very
    important). We aren't doing anything really different, the default value in
    the interpreter is still On.

    The warning was being proposed to make sure those applications are fixed to
    avoid having to carry the ini patch too long.
    It's worth noting that PHP (as of 5.3) does not distribute a php.ini file that contains default values (like php.ini-dist essentially did). So I imagine issues arise when distributions want to enable one during the PHP install.

    Curious, do you enable one of the php.ini-* files by default? Which? Perhaps with a few other changed values to meet the defaults, like with short_open_tag?

    Regards,
    Philip
  • Raphael Geissert at Jan 14, 2010 at 9:37 pm

    Philip Olson wrote:

    It's worth noting that PHP (as of 5.3) does not distribute a php.ini file
    that contains default values (like php.ini-dist essentially did). So I
    imagine issues arise when distributions want to enable one during the PHP
    install.

    Curious, do you enable one of the php.ini-* files by default? Which?
    Perhaps with a few other changed values to meet the defaults, like with
    short_open_tag?
    On 5.2 and older we use -dist. On 5.3 we will take -production as a base but
    we have not yet decided what other changes we are going to make.

    Cheers,
    --
    Raphael Geissert - Debian Developer
    www.debian.org - get.debian.net
  • Ilia Alshanetsky at Jan 14, 2010 at 12:52 pm
    Each distribution can definitely apply different patches, but in the
    case of at least one, improper application or "adjustement" of the patch
    can lead to security holes by itself.
    On 10-01-13 12:00 PM, Raphael Geissert wrote:
    Daniel Convissor wrote:

    Hi Raphael:
    On Tue, Jan 12, 2010 at 02:48:38PM -0600, Raphael Geissert wrote:

    As a first step I'll be trying to forward most of our
    patches so that there's a minor divergence.
    Is there a document somewhere that explains the changes the Debian team
    has made? (Other than reading a 600 kb diff file from the package web
    page.)
    What patch do you want to know more about?

    Patches have not been properly documented, but they are usually referenced
    by an entry on the changelog giving a bit more information.

    You can browse the patches applied to every release (and download or view
    them individually) at:
    http://patch-tracker.debian.org/package/php5

    Cheers,

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupphp-internals @
categoriesphp
postedJan 12, '10 at 9:00p
activeMar 12, '10 at 12:15a
posts18
users10
websitephp.net

People

Translate

site design / logo © 2022 Grokbase