<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 02/06/2012 05:49 AM, Jo-Erlend Schinstad wrote:
<blockquote cite="mid:4F2FBE4B.3050606@gmail.com" type="cite">On 06.
feb. 2012 10:22, Jason Warner wrote:
<br>
<blockquote type="cite">Hi All -
<br>
<br>
Firefox ESR is indeed interesting, and it would seem to answer
some of the question corporations might have about Firefox, but
I think it is less interesting for Ubuntu.
<br>
<br>
</blockquote>
<br>
You have to understand that my original post was not meant as a
proposal, but as an open question. If Ubuntu now prefers the rapid
release pace of Firefox and Thunderbird, then it doesn't bother me
that much. But it does represent a shift in strategy. 10.04 has
used 3.6 until very recently when it became unsupported. The
reason that was given for not upgrading it, was the SRU process.
The reason that was given for starting to upgrade Firefox in a
rapid pace afterwards, was that Mozilla had changed their support
strategy and that it wouldn't be feasible to backport the
necessary security patches to old versions. But now, Mozilla has
changed their support strategy again, making it unnecessary to
circumvent the norms.
<br>
<br>
Now this becomes a question of communication, which to me is the
biggest weakness Ubuntu has that we can do something about. If
this is an active decision, then I would be interested to know
when it was made and why we haven't heard anything about it. This
is a significant shift, and though I try to pay close attention to
what's going on, it came as a complete surprise to me. I looked
for blueprints, but I couldn't find any;
<a class="moz-txt-link-freetext" href="https://blueprints.launchpad.net/ubuntu/precise?searchtext=firefox">https://blueprints.launchpad.net/ubuntu/precise?searchtext=firefox</a>.
It is bad communication, and we need to improve. I really don't
like those surprises. I spend a fair amount of time writing
articles and participating in discussions, in an effort to reduce
some of the misunderstandings that will always be a part of FOSS.
Because development is high pace and developers doesn't always
have time, or even skills, to write comprehensible non-tech
articles explaining why and how. When things like that suddenly
changes without notice, then it can easily make what I write,
wrong. In that case, my contributions, instead of being a small
part of a small solution, becomes a bigger part of a big problem.
I don't think I have to explain why that's demoralizing.
<br>
<br>
Consider documentation writers. You've spent a few hours writing
some paragraphs or pages explaining why Ubuntu doesn't use the
newest version of Firefox. You're satisfied that your explanation
really does explain and is comprehensible by anyone. That's not
easy. It's hard work. So you commit. Then translators begin
working on it. And translating single strings is not always that
difficult, but translating an article, is. You finish two months
ahead of schedule.
<br>
<br>
But then someone makes a silent little decision, and instead of
being two months ahead, you're suddenly two years outdated. Bad
communication hurts both enthusiasm and the finished product. We
need predictability.
<br>
<br>
As usual, this has become much longer than I had intended. Let me
finish by making a proposal. Let's use the ESR versions by default
in LTS versions of Ubuntu, and add a package called something like
firefox-fastpace for those who want that. This way, we don't
disrupt the stability and predictability that is so attractive to
those who chooses LTS versions, but also make it easy for those
who do want to be on the cutting edge of the browser developments.
When upgrading from an LTS to a non-LTS, the user should be asked
if the ESR version should still be used, or switch to the fast
pace version.
<br>
<br>
Thanks for reading,
<br>
<br>
Jo-Erlend Schinstad
<br>
<br>
</blockquote>
<br>
There was a UDS session on this [1] which I lead. I was originally
of the opinion that the ESR for LTS releases was the best course of
action. However, my wise colleagues have shown me that I was
mistaken. I thought it would be just like 3.6 (stable ABI, still
getting High/Critical fixes). The problems are:<br>
<ul>
<li>High/Critical fixes will be backported only if it's not too
difficult (whatever that means)</li>
<li>There are usually new security features with each rapid
release</li>
<li>No large testing base as Jason pointed out</li>
<li>Upgrades from ESR -> ESR will also be more shocking as UI
across 7 releases can change quite a bit</li>
<li>No guarantee of ESR existence past year 2 (or even that long
depending on how you read it)</li>
<li>No guarantee that the ESR is inherently a stable platform
(meaning that previously, you had a release that was frozen and
bug fixed for a while before it was stable, Firefox 10 was
stable enough for 6 weeks of life, but who says it's stable
enough for a year)</li>
<li>The ever changing web, we recently migrated Lucid and Maverick
to Rapid Release since Flash and some websites were breaking
with 3.6</li>
<li>The browser is one of the most exploited pieces of software on
Linux outside of the Kernel</li>
<li>(from Lucid Firefox 3.6 comparison) Why is Chromium so much
faster?<br>
</li>
</ul>
<p>With all these reasons, it seemed clear that we don't want the
ESR in the LTS or any Ubuntu release. We want to make sure that
our users have the best browsing experience possible.<br>
</p>
<p>Thank you,<br>
Micah Gersten<br>
Ubuntu Security Team<br>
Ubuntu Mozilla Team<br>
</p>
<br>
[1]
<a class="moz-txt-link-freetext" href="https://blueprints.launchpad.net/ubuntu/+spec/security-p-mozilla-lts">https://blueprints.launchpad.net/ubuntu/+spec/security-p-mozilla-lts</a><br>
</body>
</html>