**Sven Slootweg** @joepie91@pixie.town · 2025-04-19T19:32:55Z

Sven Slootweg @joepie91@pixie.town

So, has anyone figured out an efficient process yet to 'freeze' all releases/versions of a piece of software so that people can keep using it as it is forever seemingly unchanged, while still providing security updates and ensuring interoperability of eg. file formats?

(This is not a "recommend me a tool" question. This is a *process* question.)

Apr 19, 2025, 19:32 · · Web · · ·

**Extremely tired of doublespeak edition Rune** @rune@sound-city.dk · Apr 19, 2025, 19:59

**Extremely tired of doublespeak edition Rune** @rune@sound-city.dk · Apr 19, 2025, 19:59

Apr 19, 2025, 19:59

Extremely tired of doublespeak edition Rune @rune@sound-city.dk

@joepie91 honestly since red hat couldn't do it, I just assume the answer is no

**Riley S. Faelan** @riley@toot.cat · Apr 19, 2025, 20:07

**Riley S. Faelan** @riley@toot.cat · Apr 19, 2025, 20:07

Apr 19, 2025, 20:07

Riley S. Faelan @riley@toot.cat

@joepie91 It is incompatible with current famous models of powering software development, but there's a process.

You'll need to establish a long-term payment mechanism — such as a trust fund — that will pay for continued maintenance of the old version of a software to somebody who is reasonably familiar with it.

In practice, this sort of thing is, with some commonness, done to industrial control systems software and aviation and spacenautics software. NATO militaries (and probably others) also do it to many kinds of military sofware.

**Riley S. Faelan** @riley@toot.cat · Apr 19, 2025, 20:13

**Riley S. Faelan** @riley@toot.cat · Apr 19, 2025, 20:13

Apr 19, 2025, 20:13

Riley S. Faelan @riley@toot.cat

@joepie91 Related, in a funny-sad kind of way: https://mstdn.social/@JugglingWithEggs/114366284703714532

**Jørn** @jornane@ipv6.social · Apr 19, 2025, 20:30

**Jørn** @jornane@ipv6.social · Apr 19, 2025, 20:30

Apr 19, 2025, 20:30

Jørn @jornane@ipv6.social

@joepie91 You mean as in how you could provide this?

(I don't have an answer BTW, but the question was a bit unclear to me)

**pinoaffe** @pinoaffe@hsnl.social · Apr 20, 2025, 08:19

**pinoaffe** @pinoaffe@hsnl.social · Apr 20, 2025, 08:19

Apr 20, 2025, 08:19

pinoaffe @pinoaffe@hsnl.social

@joepie91 that sounds like a monumental task, I think it is beneficial to build conversion between different versions of the same file format into the software, and I think thorough standardisation of any file formats, protocols, and processes would help a lot, paying attention to standardising error handling too

**KFears** @KFears@mstdn.games · Apr 20, 2025, 10:32

**KFears** @KFears@mstdn.games · Apr 20, 2025, 10:32

Apr 20, 2025, 10:32

KFears @KFears@mstdn.games

@joepie91 My understanding is that it's impossible, unless you have an extreme amount of engineers essentially maintaining all the dependencies by themselves. Like, most software and libraries don't have multiple major versions maintained upstream at once. So if you are on an older version - receiving a security update is either a (pretty custom) backport, or updating the dependency to latest.

**Sven Slootweg** @joepie91@pixie.town · Apr 20, 2025, 12:51

**Sven Slootweg** @joepie91@pixie.town · Apr 20, 2025, 12:51

Apr 20, 2025, 12:51

Sven Slootweg @joepie91@pixie.town

@KFears Right, but "updating the dependency to latest" is more or less the direction I'm thinking in. Some kind of process to make that an (economically/time-wise) viable thing to do in a software maintenance process.

**KFears** @KFears@mstdn.games · Apr 20, 2025, 14:04

**KFears** @KFears@mstdn.games · Apr 20, 2025, 14:04

Apr 20, 2025, 14:04

KFears @KFears@mstdn.games

@joepie91 I don't think that's possible without extremely strict semver adherence from dependencies...

Resources

Developers

What is Mastodon?

pixie.town

More…