|
| 1 | +--- |
| 2 | +title: Release of Bugzilla 5.2, 5.0.4.1, and 4.4.14 |
| 3 | +date: 2024-09-03 |
| 4 | +author: ["justdave"] |
| 5 | +categories: |
| 6 | +- Releases |
| 7 | +- Security |
| 8 | +--- |
| 9 | +_posted by [Dave Miller](https://twitter.com/justdavemiller) \- Bugzilla Project Lead_ |
| 10 | + |
| 11 | +This has been a **long** time coming. Just over a year since we announced |
| 12 | +the [new nonprofit to manage Bugzilla](/about/zarroboogs), we finally have a |
| 13 | +set of releases to show for it. Our only excuse is that the lead developer is |
| 14 | +a volunteer, has been working almost (but not quite) alone on it, and still has |
| 15 | +to juggle his normal paying job. A little more about what can be done about that |
| 16 | +below. First let's get to the big news! |
| 17 | + |
| 18 | +## **The Releases** |
| 19 | + |
| 20 | +Here's what we're releasing today: |
| 21 | + |
| 22 | +[**4.4.14**](/download/v44) – The 4.4 branch has been on life support for a |
| 23 | +**LONG** time (it was initially released in **2013!!!**). It supports outdated |
| 24 | +OSes that are hard to find or install, let alone test for these days, and we’ve |
| 25 | +been itching to drop it for a long time. But our support policy says that we |
| 26 | +have to support it for 4 months after the following two major releases. The |
| 27 | +next major release after 4.4 was 5.0, and there have been no major releases |
| 28 | +after that until today. **That four month countdown to End-of-Life starts |
| 29 | +NOW.** This will be the final release of the 4.4 branch (barring any additional |
| 30 | +security issues being found in the next 4 months). |
| 31 | + |
| 32 | +[**5.0.4.1**](/download/v5041) – Why 5.0.4.1 when there’s a 5.0.6 release? Well, if you paid |
| 33 | +attention to the change logs, 5.0.5 and 5.0.6 contained a massive schema |
| 34 | +change, as well as reformatting almost all of the Perl code in the source, both |
| 35 | +of which are a violation of our support policy for a stable branch (a |
| 36 | +new-to-the-process release manager pushed the release out not realizing that, |
| 37 | +and by the time we caught it, it was too late). A lot of people noticed this |
| 38 | +and never upgraded to 5.0.5 or 5.0.6, since they didn’t contain any security |
| 39 | +fixes. 5.0.4.1 will give those people additional fixes for 5.0.4 without |
| 40 | +forcing them to pick up those schema and code reformatting changes. Additional |
| 41 | +updates to the 5.0 branch from now on will continue from 5.0.4.2 and onward. |
| 42 | + |
| 43 | +[**5.2**](/download/v52) – This is our new stable release, and starts the 4 month |
| 44 | +countdown for discontinuing the 4.4 branch. 5.2 is forked from the 5.0 branch |
| 45 | +after 5.0.6, and will contain those schema and code formatting changes from |
| 46 | +5.0.5 and 5.0.6 in it. So if you _**did**_ upgrade to 5.0.6, 5.2 will be |
| 47 | +equivalent to a point upgrade for you. Those schema changes should have caused |
| 48 | +a major release to happen anyway, so this is just fixing the numbering problem |
| 49 | +with that release (i.e. 5.0.5 should have been called 5.2 to begin with). Note |
| 50 | +that **if you are using the 5.1.x development releases, those did NOT feed into |
| 51 | +this**, and 5.2 would actually be a downgrade for you. |
| 52 | + |
| 53 | +[**5.3.3**](/download/v533) – In order to avoid confusion with 5.2 above, the 5.1 branch has been |
| 54 | +retroactively renumbered to 5.3. It is also basically dead, as we’ve put all of our resources |
| 55 | +into finishing off the Harmony release (see 5.9.1 below). We’re going to |
| 56 | +encourage people on 5.1.x/5.3.x to move to Harmony, but you’ll want to be mindful of |
| 57 | +the release blockers first before you make the jump. There are some features in |
| 58 | +5.1.x/5.3.x that were implemented differently in Harmony, and the code to migrate the |
| 59 | +related data may or may not work yet (if the feature in question is listed on |
| 60 | +the release blockers and you use it, you’ll want to wait for now). Even though |
| 61 | +this branch is dead, we’re put out this release with the current batch of |
| 62 | +security fixes so you aren’t left high and dry before Harmony is ready for you. |
| 63 | + |
| 64 | +[**5.9.1**](/download/v591) – This is the first official release |
| 65 | +off the Harmony branch, and is classified as a **developer preview |
| 66 | +release**, not for production use. This is what will eventually be Bugzilla |
| 67 | +6. The code is mostly good enough to use right now, but there are still |
| 68 | +showstoppers to be able to fully release it as a production release. There are |
| 69 | +also a few gotchas when upgrading from older versions of Bugzilla. If you’re |
| 70 | +interested in helping make Bugzilla 6 happen, that list of showstoppers is |
| 71 | +[here](//github.com/bugzilla/harmony/blob/main/RELEASE_BLOCKERS.md). We are |
| 72 | +hoping to have Bugzilla 6 in release candidate stage (or at least in beta) |
| 73 | +within the next few months. |
| 74 | + |
| 75 | +## Immediate **Help Wanted** |
| 76 | + |
| 77 | +1. **Documentation**. Harmony (5.9.1) in particular needs a LOT of |
| 78 | + documentation help, as what’s there now is pretty specific to trying to |
| 79 | +produce a testing environment for bugzilla.mozilla.org, rather than a |
| 80 | +standalone Bugzilla. |
| 81 | +2. **Section 508 Compliance Audit**. There are a number of US government |
| 82 | + agencies who use Bugzilla internally (NASA is a publicly visible example). |
| 83 | +New US government projects have to comply with the new accessibility guidelines |
| 84 | +in Section 508 of the Communications Act, so if we want them to be able to |
| 85 | +upgrade we need to comply (at least in our newer versions). See |
| 86 | +[https://section508.gov/](https://section508.gov/). There is a template for a |
| 87 | +compliance statement at |
| 88 | +[https://www.section508.gov/sell/vpat/](https://www.section508.gov/sell/vpat/). |
| 89 | +I would love to get a volunteer (or a company who can sponsor someone?) who |
| 90 | +could audit the 5.2 and harmony branches for compliance, file bugs for things |
| 91 | +that are violations, and figure out how much of the VPAT we can actually |
| 92 | +provide at this point. Even if we’re not compliant yet (I suspect we aren’t) I |
| 93 | +would love to be able to provide a statement with the 5.2 release saying how |
| 94 | +compliant we are, and listing what’s left to be fixed to make us compliant. See |
| 95 | +also [Bug 1785941](https://bugzilla.mozilla.org/show_bug.cgi?id=1785941). Some |
| 96 | +work has been done on this (as you can see in the dependent bugs to that one) |
| 97 | +but it still needs help. |
| 98 | + |
| 99 | +## **Ongoing Help Wanted** |
| 100 | + |
| 101 | +You can always find a list of ways to contribute to Bugzilla on our |
| 102 | +[Contributing page](http://bugzilla.org/contributing/). A few highlights with |
| 103 | +additional details: |
| 104 | + |
| 105 | +- **Donate Money**. Now that we have a legal entity capable of paying |
| 106 | + developers, we need money to pay them with (and also cover our server hosting |
| 107 | +expenses). See our [Donation page](/donate) to learn how! |
| 108 | +- **Bug Triage!** As you probably noticed from the lack of updates around here |
| 109 | + in a while, the bug list hasn’t been getting paid much attention to, either. |
| 110 | +Part of getting this project moving again means re-triaging the existing bug |
| 111 | +reports. Some of them are really ancient and may not even apply to the current |
| 112 | +code-base anymore. I’m going to have a blog post coming in the next week |
| 113 | +or two with information on this topic (specifics for how |
| 114 | +to help with it), so keep an eye out for that post! |
| 115 | +- **Code!** Once we get the above triage moving, there will be bugs to fix! |
| 116 | + Bugzilla is an Open Source project, and anyone can contribute! We also have a |
| 117 | +relatively small user base compared to some of the big projects out there, so |
| 118 | +the amount of development we'll be able to fund internally from our donations |
| 119 | +will still be limited. It will probably make better sense for us to use our |
| 120 | +internal developers (once we have money to pay some) to review patches and |
| 121 | +coach external contributors, instead of having them directly producing code. |
| 122 | +- **Paid Developer Time**. If you are a business that makes use of Bugzilla, |
| 123 | + and has a staff person responsible for maintaining your Bugzilla |
| 124 | +installation, and that person is willing, please consider officially sponsoring |
| 125 | +that person to help with upstream Bugzilla development for at least a few hours |
| 126 | +per week. Most of our lack of development lately has happened because the last |
| 127 | +few companies that used to do that stopped providing developer time during the |
| 128 | +economic downturn a few years back (either laid off said person or pulled them |
| 129 | +away to work on other things), and they haven’t returned. The developers we |
| 130 | +have currently (until we get money donated as listed above) are all volunteer, |
| 131 | +and most of them are struggling to find time to work on it. |
| 132 | + |
| 133 | +## In Conclusion |
| 134 | + |
| 135 | +We have a lot of excitement ahead of us with the first developer preview of |
| 136 | +Bugzilla 6, and the new opportunities in store for |
| 137 | +us with a real business entity to support the project now. Come find us in any |
| 138 | +of our chat rooms (links are in the footer of [our |
| 139 | +website](https://bugzilla.org/) alongside the social media links) or drop in on |
| 140 | +our [developers mailing list](https://lists.bugzilla.org/listinfo/developers) |
| 141 | +if you'd like to help. |
0 commit comments