First of all : I like slim framework!
My question / remark > do you have a release policy addressing these points:
- do you have something like Long Term Support version
- current supported versions (in term of features, bugfixe, security fixes)
I could’nt find anything about it.
If you don’t have one, it would be very nice to think of writting such a policy
It’s now 2021 and I can’t find information about this anywhere. If it exists in a post somewhere, someone please link me. Otherwise I am going to guess that support will just end “whenever” and that one will have to plan on just always using the latest version and may have to jump major versions at some point in order to keep getting security updates…
@Programster I was also checking development roadmap. Something like Symfony PHP framework has. But Slim is also called micro version of Symfony and the development team I guess consists of volunteers (github contributors), so we can not expect something like that. @odan are you working full-time on Slim? Or how is it really?
In terms of bug fixes, we fix the latest release of the latest major version. Slim tries to follow server and doesn’t introduce breaking changes, so an app written against Slim 4.1 will work without changes with Slim 4.7.
For previous major versions for a period of time after release of the next major version we will continue to fix bugs. As the new major version becomes bedded in, we will switch to only fixing egregious bugs and updates for PHP versions if they can be done sensibly. e.g. if a change is needed to Slim 3 to make it work with PHP 8, we would look at accepting that PR. We would not accept a feature request for Slim 3.
In terms of security fixes, we will fix reported security issues in the current major and previous major release. For an older major, will look at a provided security fix and apply if it can be done non-invasively.
TLDR: You should keep up to date with the latest release of the major version you are on which should not be difficult. If a new major version comes up, migrate to it within a couple of years.
No-one is paid to work on Slim. Everyone is a volunteer as with the vast majority of OSS projects.