Adding upstream version 2.9.5.upstream/2.9.5

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 239 insertions, 0 deletions

diff --git a/BRANCHES b/BRANCHES
new file mode 100644
index 0000000..53b2ee9
--- /dev/null
+++ b/BRANCHES
@@ -0,0 +1,239 @@
+HAProxy branches and life cycle
+===============================
+
+The HAProxy project evolves quickly to stay up to date with modern features
+found in web environments but also takes a great care of addressing bugs which
+may affect deployed versions without forcing such users to upgrade when not
+needed. For this reason the project is developed in branches.
+
+A branch is designated as two numbers separated by a dot, for example "1.8".
+This numbering is historical. Each new development cycle increases the second
+digit by one, and after it reaches '9' it goes back to zero and the first digit
+increases by one. It effectively grows as a decimal number increased by 0.1 per
+version.
+
+The complete version is made of the branch suffixed with "-dev" followed by a
+sequence number during development, then by "." followed by a number when the
+development of that branch is finished and the branch enters a maintenance
+phase. The first release of a branch starts at ".0". Immediately after ".0" is
+issued, the next branch is created as "-dev0" as an exact copy of the previous
+branch's ".0" version. Thus we observe the following development sequence:
+
+ ... 1.9-dev10 -> 1.9-dev11 -> 1.9.0 -> 2.0-dev0 -> 2.0-dev1 ... 2.0 -> ...
+
+Occasionally a series of "-rc" versions may be emitted between the latest -dev
+and the release to mark the end of development and start of stabilizing, though
+it's mostly a signal send to users that the release is approaching rather than
+a change in the cycle as it is always hard to categorize patches.
+
+Very often the terms "branch" and "version" will be used interchangeably with
+only the first two digits to designate "the latest version of that branch". So
+when someone asks you "Could you please try the same on 1.8", it means "1.8.X"
+with X as high as possible, thus for example 1.8.20 if this one is available at
+this moment.
+
+During the maintenance phase, a maintenance branch is created for the just
+released version. The development version remains in the development branch
+called "master", or sometimes "-dev". If branches are represented vertically
+and time horizontally, this will look like this:
+
+                     versions                                       branch
+  1.9-dev10  1.9-dev11  1.9.0  2.0-dev0  2.0-dev1  2.0-dev2
+   ----+--------+---------+-------+---------+---------+---------->  master
+                           \
+                            \          1.9.1         1.9.2
+                             `-----------+-------------+--------->   1.9
+
+Each released version (e.g. 1.9.0 above) appears once in the master branch so
+that it is easy to list history of changes between versions.
+
+Before version 1.4, development and maintenance were inter-mixed in the same
+branch, which resulted in latest maintenance branches becoming unstable after
+some point. This is why versions 1.3.14 and 1.3.15 became maintenance branches
+on their own while the development pursued on 1.3 to stabilize again in the
+latest versions.
+
+Starting with version 1.4.0, a rule has been set not to create new features
+into a maintenance branch. It was not well respected and still created trouble
+with certain 1.4 versions causing regressions and confusing users.
+
+Since 1.5.0 this "no new feature" rule has become strict and maintenance
+versions only contain bug fixes that are necessary in this branch. This means
+that any version X.Y.Z is necessarily more stable than X.Y.W with W<Z.
+
+For this reason there is absolutely no excuse for not updating a version within
+your branch, as your version necessarily contains bugs that are fixed in any
+later version in that same branch. Obviously when a branch is just released,
+there will be some occasional bugs. And once in a while a fix for a recently
+discovered bug may have an undesired side effect called a regression. This must
+never happen but this will happen from time to time, especially on recently
+released versions. This is often presented as an excuse by some users for not
+updating but this is wrong, as the risk staying with an older version is much
+higher than the risk of updating. If you fear there could be an issue with an
+update because you don't completely trust the version in your branch, it simply
+means you're using the wrong branch and need an older one.
+
+When a bug is reported in a branch, developers will systematically ask if the
+bug is present in the latest version of this branch (since developers don't
+like to work on bugs that were already fixed). It's a good practice to perform
+the update yourself and to test again before reporting the bug. Note, as long
+as you're using a supported branch, as indicated on the haproxy.org web site,
+you don't need to upgrade to another branch to report a bug. However from time
+to time it may happen that a developer will ask you if you can try it in order
+to help narrow the problem down. But this will never be a requirement, just a
+question.
+
+Once a bug is understood, it is tested on the development branch and fixed
+there. Then the fix will be applied in turn to older branches, jumping from
+one to the other in descending order. For example:
+
+               FIX
+     2.0-dev4  HERE       2.0-dev5     2.0-dev6
+   -----+-------V-------------+-----------+--------------> master
+   1.9.4         \      1.9.5     1.9.6         1.9.7
+   --+------------o-------+---------+-------------+------> 1.9
+      1.8.18       \          1.8.19         1.8.20
+   -----+-----------o------------+-------------+---------> 1.8
+
+This principle ensures that you will always have a safe upgrade path from an
+older branch to a newer: under no circumstances a bug that was already fixed
+in an older branch will still be present in a newer one. In the diagram above,
+a bug reported for 1.8.18 would be fixed between 2.0-dev4 and 2.0-dev5. The
+fix will be backported into 1.9 and from there into 1.8. 1.9.5 will be issued
+with the fix before 1.8.19 will be issued. This guarantees that for any version
+1.8 having the fix, there always exists a version 1.9 with it as well. So if
+you would upgrade to 1.8.19 to benefit from the fix and the next day decide
+that for whatever new feature you need to upgrade to 1.9, you'll have 1.9.5
+available with the same set of fixes so you will not reintroduce a previously
+fixed problem.
+
+In practice, it takes longer to release older versions than newer ones. There
+are two reasons to this. One is technical: the fixes often require some
+adaptations to be done for older versions. The other reason is stability: in
+spite of the great care and the tests, there is always a faint risk that a fix
+introduces a regression. By leaving fixes exposed in more recent versions
+before appearing in older ones, there is a much smaller probability that such a
+regression remains undetected when the next version of the older branch is
+issued.
+
+So the rule for the best stability is very simple:
+
+    STICK TO THE BRANCH THAT SUITS YOUR NEEDS AND APPLY ALL UPDATES.
+
+With other projects, some people developed a culture of backporting only a
+selection of fixes into their own maintenance branch. Usually they consider
+these fixes are critical, or security-related only. THIS IS TERRIBLY WRONG.
+It is already very difficult for the developers who made the initial patch to
+figure if and how it must be backported to an older branch, what extra patches
+it depends on to be safe, as you can imagine it is impossible for anyone else
+to make a safe guess about what to pick.
+
+     A VERSION WHICH ONLY CONTAINS A SELECTION OF FIXES IS WAY MORE
+     DANGEROUS AND LESS STABLE THAN ONE WITHOUT ANY OF THESE FIXES.
+
+Branches up to 1.8 are all designated as "long-term supported" ("LTS" for
+short), which means that they are maintained for several years after the
+release. These branches were emitted at a pace of one per year since 1.5 in
+2014. As of 2019, 1.5 is still supported and widely used, even though it very
+rarely receives updates. After a few years these LTS branches enter a
+"critical fixes only" status, which means that they will rarely receive a fix
+but if that a critital issue affects them, a release will be made, with or
+without any other fix. Once a version is not supported anymore, it will not
+receive any fix at all and it will really be time for you to upgrade to a more
+recent branch. Please note that even when an upgrade is needed, a great care is
+given to backwards compatibility so that most configs written for version 1.1
+still work with little to no modification 16 years later on version 2.0.
+
+Since 1.9, the release pacing has increased to match faster moving feature sets
+and a faster stabilization of the technical foundations. The principle is now
+the following:
+  - one release is emitted between October and December, with an odd version
+    number (such as "1.9"). This version heavily focuses on risky changes that
+    are considered necessary to develop new features. It can for example bring
+    nice performance improvements as well as invisible changes that will serve
+    later ; these versions will only be emitted for developers and highly
+    skilled users. They will not be maintained for a long time, they will
+    receive updates for 12 to 18 months only after which they will be marked
+    End-Of-Life ("EOL" for short). They may receive delicate fixes during their
+    maintenance cycle so users have to be prepared to see some breakage once in
+    a while as fixes are stabilizing. THESE VERSIONS MUST ABSOLUTELY NOT BE
+    PACKAGED BY OPERATING SYSTEM VENDORS.
+
+  - one release is emitted between May and June, with an even version number
+    (such as "2.0"). This version mostly relies on the technical foundations
+    brought by the previous release and tries hard not to apply risky changes.
+    Instead it will bring new user-visible features. Such versions will be
+    long-term supported and may be packaged by operating system vendors.
+
+This development model provides better stability for end users and better
+feedback for developers:
+  - regular users stick to LTS versions which rely on the same foundations
+    as the previous releases that had 6 months to stabilize. In terms of
+    stability it really means that the point zero version already accumulated
+    6 months of fixes and that it is much safer to use even just after it is
+    released.
+
+  - for developers, given that the odd versions are solely used by highly
+    skilled users, it's easier to get advanced traces and captures, and there
+    is less pressure during bug reports because there is no doubt the user is
+    autonomous and knows how to work around the issue or roll back to the last
+    working version.
+
+Thus the release cycle from 1.8 to 2.2 should look like this:
+
+ 1.8.0           1.9.0           2.0.0          2.1.0          2.2.0
+ --+---------------+---------------+--------------+--------------+----> master
+    \               \               \              \              \
+     \               \               \              \              `--> 2.2 LTS
+      \               \               \              `--+--+--+---+---> 2.1
+       \               \               `----+-----+------+-------+----> 2.0 LTS
+        \               `--+-+-+--+---+------+--------+-----|  EOL      1.9
+         `---+---+---+-----+-------+-----------+---------------+------> 1.8 LTS
+
+In short the non-LTS odd releases can be seen as technological previews of the
+next feature release, and will be terminated much earlier. The plan is to barely
+let them overlap with the next non-LTS release, allowing advanced users to
+always have the choice between the last two major releases.
+
+With all this in mind, what version should you use ? It's quite simple:
+  - if you're a first-time HAProxy user, just use the version provided by your
+    operating system. Just take a look at the "known bugs" section on the
+    haproxy.org web site to verify that it's not affected by bugs that could
+    have an impact for you.
+
+  - if you don't want or cannot use the version shipped with your operating
+    system, it is possible that other people (including the package maintainer)
+    provide alternate versions. This is the case for Debian and Ubuntu for
+    example, where you can choose your distribution and pick the branch you
+    need here: https://haproxy.debian.net/
+
+  - if you want to build with specific options, apply some patches, you'll
+    have to build from sources. If you have little experience or are not
+    certain to devote regular time to perform this task, take an "old" branch
+    (i.e. 1-2 years old max, for example 1.8 when 2.0 is emitted). You'll avoid
+    most bugs and will not have to work too often to update your local version.
+
+  - if you need a fresh version for application development, or to benefit from
+    latest improvements, take the most recent version of the most recent branch
+    and keep it up to date. You may even want to use the Git version or nightly
+    snapshots.
+
+  - if you want to develop on HAProxy, use the master from the Git tree.
+
+  - if you want to follow HAProxy's development by doing some tests without
+    the burden of entering too much into the development process, just use the
+    -dev versions of the master branch. At some point you'll feel the urge to
+    switch to the Git version anyway as it will ultimately simplify your work.
+
+  - if you're installing it on unmanaged servers with little to no hostile
+    exposure, or your home router, you should pick the latest version in one
+    of the oldest supported branches. While it doesn't guarantee that you will
+    never have to upgrade it, at least as long as you don't use too complex a
+    setup, it's unlikely that you will need to update it often.
+
+And as a general rule, do not put a non-LTS version on a server unless you are
+absolutely certain you are going to keep it up to date yourself and already
+plan to replace it once the following LTS version is issued. If you are not
+going to manage updates yourself, use pre-packaged versions exclusively and do
+not expect someone else to have to deal with the burden of building from
+sources.