On 1/17/2012 10:26 AM, Graham Leggett wrote: > > Take our opening site page at http://httpd.apache.org/, no mention of patches at all. Zoom in a little to the download page at http://httpd.apache.org/download.cgi#apache23, and still no mention of the patches directory. If our end users aren't alerted to the fact these patches exist, you can hardly expect our committers to. I was curious too, so here's what I found across the whole site; https://www.google.com/search?q="dist%2Fhttpd%2Fpatches"+site%3Ahttpd.apache.org&filter=0 Clearly, awareness of this area has steadily decreased. Since our docs team are partners in maintaining the site, these references have obviously been deleted over time. We all need to be aware of the same publishing mechanism, and this one has fallen apart. So it's a good time to work out what the right strategy is, seeing as there is overwhelming support for 'somehow' publishing patches. I'd suggest that patches/apply_to_x.y.z/ is a clumsy notation. It seems more efficient to set these up as patches/CVE-yyyy-iiii/ with individual files for actively (or semi-actively) maintained versions. If there is one patch which applies to 2.2.n < 2.2.17, and a second patch for 2.2.17 and higher, it would be easier to differentiate these all within one directory. This suggestion precludes publishing 'other' patches. Is there still a role for 3rd party contrib or other unreleased patches that individuals homes on people.a.o doesn't fulfill? --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org For additional commands, e-mail: docs-help@httpd.apache.org