If we release 5.2 now, we will break sites that use SSL. In 5.x-dev, there is a bug such that there are separate session cookies when a site is accessed via https versus http. See the 6.x issue queue here: http://drupal.org/node/160107 I know Neil is already aware of the issue, but I thought I would point it out to others. NOTE: this is not a bug fix for 5.1. It is a critical bug that was introduced after 5.1 and should be fixed before we break sites with a premature 5.2. But after that critical bug is patched, I'm in favor of a 5.2 release. - John On Jul 24, 2007, at 2:55 AM, Dries Buytaert wrote:
On 24 Jul 2007, at 04:10, Larry Garfield wrote:
I am not aware of any modules breaking in 5.x, other than this issue Darren Oh has raised.
I think the question is the definition of "when needed". There's no major security hole that needs plugging AFAIK, which is the usual impetus, but does "a crap load of bug fixes" count as "needed"? Personally I'd say yes, especially as some of those enable functionality (e.g., fixing a form submit handler so that it plays nice with overrides). If people are running 5.x-dev in production without problems now that sounds like acceptable regression testing. It's been six months. That's an eternity in Drupalcom. :-)
I think it's about time that we make a Drupal 5.2 release available -- there might have been more than a hundred bugs fixed. So Neil, by all means, go for it! :)
-- Dries Buytaert :: http://www.buytaert.net/