<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> On 02/06/2012 05:49 AM, Jo-Erlend Schinstad wrote: <blockquote cite="mid:4F2FBE4B.3050606@gmail.com" type="cite">On 06. feb. 2012 10:22, Jason Warner wrote: <blockquote type="cite">Hi All - Firefox ESR is indeed interesting, and it would seem to answer some of the question corporations might have about Firefox, but I think it is less interesting for Ubuntu. </blockquote> You have to understand that my original post was not meant as a proposal, but as an open question. If Ubuntu now prefers the rapid release pace of Firefox and Thunderbird, then it doesn't bother me that much. But it does represent a shift in strategy. 10.04 has used 3.6 until very recently when it became unsupported. The reason that was given for not upgrading it, was the SRU process. The reason that was given for starting to upgrade Firefox in a rapid pace afterwards, was that Mozilla had changed their support strategy and that it wouldn't be feasible to backport the necessary security patches to old versions. But now, Mozilla has changed their support strategy again, making it unnecessary to circumvent the norms. Now this becomes a question of communication, which to me is the biggest weakness Ubuntu has that we can do something about. If this is an active decision, then I would be interested to know when it was made and why we haven't heard anything about it. This is a significant shift, and though I try to pay close attention to what's going on, it came as a complete surprise to me. I looked for blueprints, but I couldn't find any; <a class="moz-txt-link-freetext" href="https://blueprints.launchpad.net/ubuntu/precise?searchtext=firefox">https://blueprints.launchpad.net/ubuntu/precise?searchtext=firefox</a>. It is bad communication, and we need to improve. I really don't like those surprises. I spend a fair amount of time writing articles and participating in discussions, in an effort to reduce some of the misunderstandings that will always be a part of FOSS. Because development is high pace and developers doesn't always have time, or even skills, to write comprehensible non-tech articles explaining why and how. When things like that suddenly changes without notice, then it can easily make what I write, wrong. In that case, my contributions, instead of being a small part of a small solution, becomes a bigger part of a big problem. I don't think I have to explain why that's demoralizing. Consider documentation writers. You've spent a few hours writing some paragraphs or pages explaining why Ubuntu doesn't use the newest version of Firefox. You're satisfied that your explanation really does explain and is comprehensible by anyone. That's not easy. It's hard work. So you commit. Then translators begin working on it. And translating single strings is not always that difficult, but translating an article, is. You finish two months ahead of schedule. But then someone makes a silent little decision, and instead of being two months ahead, you're suddenly two years outdated. Bad communication hurts both enthusiasm and the finished product. We need predictability. As usual, this has become much longer than I had intended. Let me finish by making a proposal. Let's use the ESR versions by default in LTS versions of Ubuntu, and add a package called something like firefox-fastpace for those who want that. This way, we don't disrupt the stability and predictability that is so attractive to those who chooses LTS versions, but also make it easy for those who do want to be on the cutting edge of the browser developments. When upgrading from an LTS to a non-LTS, the user should be asked if the ESR version should still be used, or switch to the fast pace version. Thanks for reading, Jo-Erlend Schinstad </blockquote> There was a UDS session on this [1] which I lead. I was originally of the opinion that the ESR for LTS releases was the best course of action. However, my wise colleagues have shown me that I was mistaken. I thought it would be just like 3.6 (stable ABI, still getting High/Critical fixes). The problems are: <ul> <li>High/Critical fixes will be backported only if it's not too difficult (whatever that means)</li> <li>There are usually new security features with each rapid release</li> <li>No large testing base as Jason pointed out</li> <li>Upgrades from ESR -> ESR will also be more shocking as UI across 7 releases can change quite a bit</li> <li>No guarantee of ESR existence past year 2 (or even that long depending on how you read it)</li> <li>No guarantee that the ESR is inherently a stable platform (meaning that previously, you had a release that was frozen and bug fixed for a while before it was stable, Firefox 10 was stable enough for 6 weeks of life, but who says it's stable enough for a year)</li> <li>The ever changing web, we recently migrated Lucid and Maverick to Rapid Release since Flash and some websites were breaking with 3.6</li> <li>The browser is one of the most exploited pieces of software on Linux outside of the Kernel</li> <li>(from Lucid Firefox 3.6 comparison) Why is Chromium so much faster? </li> </ul> With all these reasons, it seemed clear that we don't want the ESR in the LTS or any Ubuntu release. We want to make sure that our users have the best browsing experience possible. Thank you, Micah Gersten Ubuntu Security Team Ubuntu Mozilla Team [1] <a class="moz-txt-link-freetext" href="https://blueprints.launchpad.net/ubuntu/+spec/security-p-mozilla-lts">https://blueprints.launchpad.net/ubuntu/+spec/security-p-mozilla-lts</a> </body> </html>