From 2b47a1695659b9df7e050a1aa8e3cbd3936c8e72 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Mon, 1 Aug 2022 15:38:48 -0400 Subject: [PATCH] Update Support Policy --- README.adoc | 3 ++- SUPPORT_POLICY.adoc | 21 --------------------- 2 files changed, 2 insertions(+), 22 deletions(-) delete mode 100644 SUPPORT_POLICY.adoc diff --git a/README.adoc b/README.adoc index 0a93a427..c7bfb949 100644 --- a/README.adoc +++ b/README.adoc @@ -16,7 +16,8 @@ It is recommended to install the ZenHub https://www.zenhub.com/extension[browser The feature list can be viewed in the https://docs.spring.io/spring-authorization-server/docs/current/reference/html/overview.html#feature-list[reference documentation]. == Support Policy -The Spring Authorization Server project provides software support and is documented in its link:SUPPORT_POLICY.adoc[support policy]. +The Spring Authorization Server project provides software support through the https://tanzu.vmware.com/support/oss[VMware Tanzu OSS support policy]. +https://tanzu.vmware.com/spring-runtime[Commercial support], which offers an extended support period, is also available from VMware. == Getting Started The first place to start is to read the https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-01[OAuth 2.1 Authorization Framework] to gain an in-depth understanding on how to build an Authorization Server. diff --git a/SUPPORT_POLICY.adoc b/SUPPORT_POLICY.adoc deleted file mode 100644 index 0925d2dd..00000000 --- a/SUPPORT_POLICY.adoc +++ /dev/null @@ -1,21 +0,0 @@ -= Spring Authorization Server Support Policy - -The Spring Authorization Server support offering provides the following support terms: - -* Releases are currently in the format of 0.x.y, where: -** “x” contains new features and potentially breaking changes. -** “y” contains new features and bug fixes and provides backward compatibility. -* The Spring Authorization Server project will be supported for at least 3 years after the most recent 0.x.0 release is made available for download. -* Security fixes will be provided for at least one year after the 0.x.0 release is made available for download. Security fixes will not be provided for updating versions to third-party libraries. -* Feature support and bug fixes, excluding “Security fixes”, will be provided only for the latest 0.x.y release. -* This support policy starts with version 0.2.0. -* We will switch to the standard https://tanzu.vmware.com/support/oss[Spring OSS support policy] when the Spring Authorization Server project reaches version 1.0.0. - -An example can help us understand all of these points. -Assume that 0.2.0 is released in August of 2021. -This means that the Spring Authorization Server project is supported until at least August of 2024. -If 0.3.0 is then released in May of 2022, the Spring Authorization Server project is supported until at least May of 2025. -The 0.3.0 release may contain breaking changes from 0.2.0. -If a bug is found, only 0.3.0 will be patched in a 0.3.1 release. -If a security vulnerability is found, a 0.2.4 (assume 0.2.3 is latest) and 0.3.1 release will be provided to fix the security vulnerability. -However, a vulnerability found in September of 2022 would be fixed in the 0.3.1 release but not the 0.2.3 release, because the vulnerability was discovered more than a year after the 0.2.0 release date.