Replies: 2 comments 2 replies
-
|
Fully agree on all points! |
Beta Was this translation helpful? Give feedback.
-
|
I suggest security fixes for 2.x only for critical vulnerabilities. For the rest it's time to update. |
Beta Was this translation helpful? Give feedback.
-
|
On a related note, any idea where we've derived the ‘Requires at least’ WP version (3.9) from? And if it's still accurate? Line 5 in 4fcd349 |
Beta Was this translation helpful? Give feedback.
-
|
that is historic baggage. I'd bump it up considerably. |
Beta Was this translation helpful? Give feedback.
-
I've been going through #35 recently and I keep running into restrictions due to the fact that the plugin has to support PHP 7.0. For example, nullable types and
voidas a function return type were not added until 7.1, and class property typing didn't come in until 7.4.I propose that we increase the minimum supported PHP version to 7.4, in line with the current minimum for WordPress itself. One the one hand, only 28.3% of WordPress installations have 7.4+, but on the other hand all PHP versions <7.3 are officially EOL and should be considered insecure – 7.3 is active support EOL and will lose security support at the end of this year.
What I am thinking is that the big 3.0 release can support 7.4+ (and peg its minimum version to WordPress' from then on), but anyone on an older version of PHP will still be able to use the last 2.x.x release if they absolutely insist. In the unlikely event that there are any security updates in the future we can backport them (but no features, bugfixes, etc). Plus, the stats for plugin version installations suggest that there are a fair few dead sites using our plugin, so they shouldn't be affected as they clearly aren't updating.
On a related, but separate, note, I am also looking into Rector as a way of enabling us to write code that takes advantage of PHP 8.x features whilst also transpiling down to PHP 7.x-compatible code.
So, in summary:
Beta Was this translation helpful? Give feedback.
All reactions