Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Software The Internet Apache

Apache May Stop 1.3, 2.0 Series Releases 77

Posted by Soulskill from the out-with-the-old dept.
Dan Jones writes "The Apache Software Foundation may stop releasing new versions of the older 1.3 and 2.0 series of its flagship Web server product with most development now focused on the 2.2 series. Nothing is final yet, but messages to the Apache httpd developer mailing list recommend the formal deprecation of the 1.3.x branch, with most citing a lack of development activity. The Apache HTTP server project is one of the most successful and popular open source projects and has become an integral part of the technology stack for thousands of Web and SaaS applications. The first generation of Apache was released in 1995, and the 2.0 series began in 2002. Apache httpd 2.2 began in 2005, with the latest release (October 2009) being 2.2.14. However, the most recent releases of the 1.3 and 2.0 series servers were back in January 2008. With the combined total of active 1.3 and 2.0 series Apache Web servers well into the millions, any decision to end-of-life either product will be watched closely."
This discussion has been archived. No new comments can be posted.

Apache May Stop 1.3, 2.0 Series Releases More

Apache May Stop 1.3, 2.0 Series Releases

Comments Filter:

  • Surly this is just a formality (Score:3, Interesting)

    by Chrisq ( 894406 ) on Tuesday January 12, 2010 @11:29AM (#30737594)
    Surly this is just a formality. If there have not been updates for two years they are pretty-much dead projects anyway. Conversely if you have been running on an old system for two years without problems then its likely to be pretty stable, so you can just stick with it on the understanding that there will be no fixes or enhancements.

  • Security Patches (Score:3, Interesting)

    by TheNinjaroach ( 878876 ) on Tuesday January 12, 2010 @11:31AM (#30737626)
    What kind of impact will this have on security patches for remaining security flaws (if any) for 1.3 and 2.0? TFA states that security updates would be provided by "some other means" but I'm not sure what those are.

  • Putting closure on a software project is important (Score:5, Interesting)

    by MaraDNS ( 1629201 ) on Tuesday January 12, 2010 @11:53AM (#30737960) Homepage Journal

    Putting closure on a software product is important.

    Professional software usually has an EOL schedule. For example, RedHat Enterprise Linux and Windows XP both have EOLs for early 2014. This allows people using the software to plan upgrades and know when they need to be making a transition.

    This is equally as important for open-source software. It looks really bad when this is not done. For example, Dan Bernstein's DjbDNS software package has three unpatched security holes [maradns.org]. People using this software have to know about these holes and apply third-party patches.

    In addition, when the maker of an open-source program says "OK, I'm done with this program.", it allows maintainers to step forward and take over the project. For example, when I announced I would no longer work on a Doom random map generator [blogspot.com] I had been hacking on for a while, someone expressed interest in maintaining the software, and subsequent updates have since been done [blogspot.com].

    I think the Apache foundation should either say "OK, we'll still fix security bugs on this program" or "We're no longer maintaining this release". This way, the users of these programs know whether to upgrade, form their own group applying security patches, or just know they're OK from a security prospective if they're current.

    I have blogged about putting closure on open-source projects [blogspot.com] and have well defined EOL dates for older releases of my own MaraDNS [maradns.org].

    A lot of open-source projects just languish when the developers lose interest; I feel this is irresponsible and feel EOL dates and putting closure is important.

  • Re:about time (Score:3, Interesting)

    by Richard_at_work ( 517087 ) on Tuesday January 12, 2010 @11:55AM (#30737992)
    I looked into using Nginx earlier last year for reverse proxy and load balancing, and I have to say that I abandoned it due to the poor documentation - it was insanely hard to get any actual information on settings and configuration beyond sample rules.

  • Re:about time (Score:5, Interesting)

    by TheRaven64 ( 641858 ) on Tuesday January 12, 2010 @12:07PM (#30738200) Journal
    I found the Lighttpd documentation quite good. It was certainly easier to set up (for me) than Apache. The simple vhosts mechanism is great; just create a new directory (or symlink) for each vhost. No need to edit the configuration files.

  • Re:go for it (Score:5, Interesting)

    by garcia ( 6573 ) on Tuesday January 12, 2010 @12:08PM (#30738214)

    almost all of them are running them because upgrading isn't worth it for their application.

    Or because the new configuration scheme is not backwards compatible and the time required to get up to speed on the new config is too much of a hassle. There should have been some sort of 1.3->2.0->2.2 configuration updater. If there is and I'm just blind please point in the general direction :)

Slashdot Top Deals

It is easier to write an incorrect program than understand a correct one.

Close