LTS for public releases (original) (raw)

Andrew Haley aph at redhat.com
Fri Nov 10 21:35:08 UTC 2017

On 10/11/17 20:16, Stephen Colebourne wrote:

On 9 November 2017 at 16:34, Andrew Haley <aph at redhat.com> wrote:

I'm finding it very hard to understand what you're complaining about. Look at the history: JDK 6 support has been extended by the community, led first by me and then by Andrew Byrgin at Azul. This was long beyond Oracle's EOL five years ago. This shows that the OpenJDK community has a solid track record of supporting old releases. Why would the LTS releases be any different? As long as people need the JDKs (and perhaps for longer!) they are available. As far as I can tell, I can't get a pre-built binary of JDK 6 or JDK 7 from Red Hat without paying.

You can get Linux binaries, kinda sorta, from fedoraproject.org and CentOS. Properly tested and TCK'd. We've been doing it a long while. I suppose you could complain that it's not "official" Red Hat, but that's more of a theoretical problem than a practical one.

I imagine the same will apply for JDK 8 when that ends public updates. And OpenJDK hasn't been doing binaries until very recently so that isn't helpful for judging what will happen going forward.

Up until today there have been 28 public update releases of Oracle JDK 8: http://www.oracle.com/technetwork/java/javase/8u-relnotes-2225394.html These are simple upgrades that generally require no developer work to upgrade to. Any serious company should use these to ensure they are security-patch safe. They have all been made available for $free. Looking to the future, and based on promises to date, the world looks very different. LTS from Oracle is almost certainly paid for. The equivalent from Red Hat or Azul is also likely to be paid for. Thus there appears to be no future official LTS release, with binaries, publicly available, for $free.

Sure, pre-built binaries need to be made available. We have been talking with all of the major players including Oracle and Adopt OpenJDK, to address this very issue.

The impact, based on current published dates, is that every security-conscious user of Java who does not pay, would have to join the ongoing train of releases.

I hope not. I don't believe that would be practical.

Ultimately, these are the criteria I believe are needed for a successful LTS: - a $free pre-built downloadable binary - pre-built for multi-platforms - from a single official location (eg. OpenJDK or Oracle) - $free security-patch updates every 3 months or so until at least one year after the GA of the next LTS

I've yet to see Oracle or anyone else commit to these LTS criteria. But I'm happy to be proved wrong.

We're still talking about it. Of course, if you have no contract no-one is obliged to give you anything, but we don't want confidence in Java to falter. If you're going to insist that Oracle is the only One True Source of Java there's nothing I can do to help, but then you wouldn't be talking on this list, which is for OpenJDK.

-- Andrew Haley Java Platform Lead Engineer Red Hat UK Ltd. <https://www.redhat.com> EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671

More information about the jdk-dev mailing list