[wp-meta] [Making WordPress.org] #8020: Cease support for 4.1 - 4.6
Making WordPress.org
noreply at wordpress.org
Wed Jun 25 03:13:38 UTC 2025
#8020: Cease support for 4.1 - 4.6
-------------------------+---------------------
Reporter: johnbillion | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: API | Resolution:
Keywords: |
-------------------------+---------------------
Comment (by dd32):
AFAIK there are only two things that need to be done, and it's both about
https://api.wordpress.org/core/stable-check/1.0/
1. When 6.8.2 is released, if the latest releases in `4.1-4.6` are deemed
"secure" still (ie. `outdated` not `insecure`), that the versions remain
in `wporg_get_secure_versions()`.
2. When the `4.1-4.6` releases are deemed insecure (ie. They're no longer
outdated, they're now insecure as well) they be removed entirely from
`wporg_get_secure_versions()` and moved to
`wporg_get_version_equivalents()`.
This is done as part of the `version.php` bumps during the core release
precess.
The question at hand is whether at the time of these last releases for
those branches, if they're considered outdated or insecure. I don't
perfectly recall what happened for the 3.7-4.0 branches, I believe once
the last release in the branches were made, 1 above was applied, and once
a security release in the 4.1 branch was made, 2 was applied.
It's up to the security team if we follow that 1-2 approach, or if we do
1+2 at the 6.8.2 release time and consider these old branches immediately
insecure.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/8020#comment:2>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list