Skip to content

Commit 7357dda

Browse files
shadowspawnshadowspawn
authored
Separate out a more detailed release policy document (#2462)
1 parent b6e2e3a commit 7357dda

3 files changed

Lines changed: 22 additions & 9 deletions

File tree

Readme.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1162,7 +1162,8 @@ There is more information available about:
11621162
## Support
11631163

11641164
The current version of Commander is fully supported on Long Term Support versions of Node.js, and requires at least v20.
1165-
(For older versions of Node.js, use an older version of Commander.)
1165+
1166+
Older major versions of Commander receive security updates for 12 months. For more see: [Release Policy](./docs/release-policy.md).
11661167

11671168
The main forum for free and community support is the project [Issues](https://github.com/tj/commander.js/issues) on GitHub.
11681169

SECURITY.md

Lines changed: 2 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,7 @@
11
# Security Policy
22

3-
## Supported Versions
4-
5-
Security updates are supported for the current version and the previous major version.
6-
7-
Pull Requests for security issues will be considered for older versions back to 2.x.
8-
9-
## Reporting a Vulnerability
10-
113
To report a security vulnerability, please use the
124
[Tidelift security contact](https://tidelift.com/security).
135
Tidelift will coordinate the fix and disclosure.
6+
7+
Please do not report security vulnerabilities through public GitHub issues or pull requests.

docs/release-policy.md

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
# Release Policy
2+
3+
We follow [Semantic Versioning](http://semver.org/spec/v2.0.0.html), and limit breaking changes to major versions.
4+
5+
There are major releases about every six months. We do a major release and bump the minimum required node version when LTS Node.js versions reach end-of-life.
6+
7+
The release notes for major versions highlight breaking changes, and include a section of migration tips for common changes required.
8+
The [Changelog](../CHANGELOG.md) lists release notes for all versions.
9+
10+
The current release line gets all updates: features, bug fixes, and security updates. Older maintenance versions get just security updates for 12 months.
11+
12+
| Version | First Release | Release Note | Status | End of Life |
13+
| ------- | ------------- | - | ------- | ----------- |
14+
| 14.x | 2025-05-18 | [14.0.0](https://github.com/tj/commander.js/releases/tag/v14.0.0) | current | |
15+
| 13.x | 2024-12-30 | [13.0.0](https://github.com/tj/commander.js/releases/tag/v13.0.0) | maintenance | 2026-05-18 |
16+
| 12.x | 2024-02-03 | [12.0.0](https://github.com/tj/commander.js/releases/tag/v12.0.0) | maintenance | 2025-12-30 |
17+
18+
Older versions do not automatically get security updates.

0 commit comments

Comments
 (0)