Backporting to the current stable release
There have been a number of questions about backporting things to 2.2 lately so I thought I'd try to clarify how I think about that process.
When we backport:
- Security issues rated a "medium" threat or higher.
- A fatal error or SQL error (including strict mode) can be triggered under normal usage.
- An issue that affects public use of the software (i.e. normal users experience and regularly notice it as an issue).
- It's a simple fix blocking a plugin or theme author (e.g. add an event or fix an argument).
- It's related to SSO or other third-party integration compatibility. These change frequently so we should stay on top of this.
We do not backport enhancements, refactors, or new features.
You can help us by noting in a PR if it seems like a good candidate for backporting. Please always target PRs against
When a security fix is added, release will follow within the week (or sooner for high-priority fixes).
When multiple non-security issues have been backported, we'll use our best judgement to time the release. This timeframe should typically not exceed 3 months. Weigh quantity with priority and whether the release represents a compelling upgrade for most current administrators. This should be seen as a fairly high threshold to cross. The open source community is encouraged to chime in to request a release when they see fixes stacking up that warrant it.