Wireshark · Ethereal-dev: Re: [Ethereal-dev] Creating a stable branch

[Jaap Keuter <jaap.keuter@xxxxxxxxx>]

On Tue, 14 Mar 2006, Gerald Combs wrote:

> The next big step in improving Ethereal's security is to branch off a
> stable release.
>
> Ethereal changes quite a bit over time.  The
> "patch-ethereal-x-to-y.diff.bz2" files that accompany each release
> typically exceed 200,000 lines.  For some perspective, this is more
> lines of "diff -u" than Apache has lines of code (~ 130,000).
>
> A side effect of this high rate of change is the introduction of bugs
> (some of them security-related).  While a release might fix several
> vulnerabilities, it will typically introduce several more.
>
> Once the Coverity defect count goes to zero I plan on creating a stable
> branch, which shall only receive bug fixes.  I'd like to call it "0.99"
> and use it to create a "1.0" branch some time in the future, like so:
>
>                                      1.0---
>                                      /
>             0.99.0   0.99.1   0.99.x----          1.1or2.0
>               /        /        /                    /
> 0.10.14   0.99-------------------    ?.0   ?.1   ?.x--
>   /        /                          /     /     /
> -------------------------------------------------------> Trunk
>
> Why 0.99/1.0?  Whether we like it or not, people have been treating
> Ethereal as if it's "1.0" and have been using it in production
> environments for a very long time.  Calling it "alpha" or "beta" quality
> with version numbers like  0.10.8 defies reality.

Using it in production while highly volatile is always risky. The 0.x
numbers always show that we don't pretend it to be a final product. Once
we go to the 1.0 level peoples expectations will go to the next level as
well, magnifying the issues we see now and will be found later. This means
some serious work in the pre 1.0 phase. This is where the 0.99 tree may
come in handy.

> I'm not sure what to call any unstable releases that come from the trunk
> _after_ the 0.99 branch, however.

Yep, here you get into trouble that you'll have to calm down the
development tree before the 2.0 release. To avoid that for some smaller
improvements you may as well go from the 1.0 into the 1.1 tree.
Lets draw a picture.
                                  1.0.0  1.0.1  1.1.0
                                   /      /      /
                                 1.0...........1.1..
                                 /
      0.99.0   0.99.1    0.99.x..                    2.0.0   2.0.1
       /         /        /                           /       /
    0.99------------------                          2.0..............
     /                                              /
--------development----------------------------------------------------

Linus was in the same position, that's why he went to the 4 digit kernel
number model for 2.6. Anyway, we will all have to learn to work with
multiple trees and to understand and respect there purpose.

just my $0.02