Future support of the Rhino 1.7 branch

[BoffoF]

I’d like to ask about the future of the Rhino 1.7 branch. Are there any plans to continue supporting 1.7 with bugfixes or security updates, and is a 1.7.16 patch release planned?

For our internal governance and open source policy, we need to use releases that are not older than one year. It would help us a lot if the 1.7 branch could continue to receive yearly maintenance patches (even small ones), so we can keep relying on it in a compliant way.

Any information on the expected maintenance strategy for 1.7 would be greatly appreciated.

[rbri]

@BoffoF I understand your question relates not only to security fixes but also to JDK 1.8 support.

I can offer dedicated "Rhino 1.7 / JDK 1.8 Long-Term Support" which would include:

• Regular maintenance builds (bi-monthly)
• Backporting of security fixes
• Bug fixes for critical issues per request

This would be available through a GitHub Sponsors tier at €1,000/month. I'm open to discussing the scope and pricing based on your specific needs.

About me: I've been contributing to Rhino since 2017 and currently serve as a project admin. You can find more details about my work on my GitHub profile and LinkedIn.
Would this arrangement work for you? Happy to discuss further.

[BoffoF]

thanks a lot for your detailed offer and for the work you’re doing on Rhino.

Regarding our setup: we are currently running on JDK 1.8, but moving to JDK 11 may also be an option for us.

Before considering a paid model, we would need some clarification on the pricing and scope. At this stage, we would prefer to continue with a free model if possible and first understand the official/public roadmap.

Could you share what the current official status is regarding long-term support for Rhino 1.7 and 1.8?
Is there a planned upcoming patch for either 1.7 or 1.8, or is it already certain that no further patches will be released for one of these versions?

Thanks again for your support and openness.

[rbri]

At this stage, we would prefer to continue with a free model if possible and first understand the official/public roadmap.

There are no concrete plans for new releases and, as in the past, there are no plans to maintain old release any further. In case of critical security problems we might consider to make a patch release for the latest (at the moment 1.8) release. The current code base moves forward really fast. We try to make it as backward compatible as possible but there are no resources to maintain old branches.

@gbrail maybe you like to add your point of view