Please Note: This will be the last regular release of the PHP 5.3 series. All users of PHP are encouraged to upgrade to PHP 5.4 or PHP 5.5. The PHP 5.3 series will receive only security fixes for the next year.
Posted on php.net over 2 years ago.
I would argue that while a rock solid distro base is important for a production serverā¦ so are secure componentsā¦
you missed a point: RH backports all security fixes on its products during all the OS release support lifetime
RH is rock solidā¦ and I advice you and many others here not to āreadā the rpmās version number only but to read their release notice too.
in another words: php 5.3 you find in NS is not plain vainlla php 5.3 coming from php.net
Yes, but.
What about other software that moves on? Like Drupal, ownCloud?
When they build on something, their own security related updates fall off as they eol their own support for versions that work with other underlying, older packages.
Obviously, one can run php 5.4 alongside 5.3, but, thatās certainly not supported by the underlying distro and who knows what breaks. We already saw what happened with oC 7.0.6, fortunately that wasnāt catastrophic especially as intergrated as oC is in NS, butā¦
my 2c: using on an wan exposed server a bleeding edge version of any kind of web app that needs the last release of $whatever is not a smart ideaā¦
on NS, for example, WP works flawlessyā¦ I donāt use joomla, but I read somewhere that it needs a newer version of phpā¦
if you (generally speaking) need such a feature, a small, minimal virtual machine running only what needed is the solutionā¦ Iāll never install anything that could break my server just because my webmaster said it needs latest joomla versionā¦
and, I repeat, generally speaking, ābleeding edge releaseā and āwan exposed machineā in the same sentence without a negation is not a good idea.
I get the impression your idea of bleeding edge is anything less than two years from its first release, because weāre talking about software like oC here.
Itās not like anyone in computing Iāve ever talked to would refer to openssl as bleeding anything, but theyād certainly refer to that code pile as a steaming somethingā¦
Ok, well Iāve got a pretty good idea now where this distro fits into my tool set for clients. Cool.
Weāarenāt talking about apps but talking about the upstream CentOs 7.0 & 7.1, the ācoreā, the base of Nethserver.
Iāve used bleeding age about Fedora, not about CentOS 
Centos 7 and 7.1 are out one year ago nowā¦ Can we hope itās old and stable enought to think about a Nethserver 7.1 version?
I understand core as opposed to apps, modules, etc.
My point is the most robust server in the world is worth squat without some useful apps, modules, whatever, now I keep using oC as an example but itās a relevant example of what makes the server useful. oC depends on other modules, libraries, in NSās case, apache, php, openssl, samba, etc, etc, as oC advances itās requirements, like php as the most relevant example, NS becomes less and less of an option because it canāt support an applicationās advances.
Iām sure Iām not saying anything the devs donāt understand better than I do, and for me, if I need an oC install, obviously now, Iām not going to use NS, Iāll just clone yet another one of the Ubuntu vms I built, sure, itād be spiffy if I could use NS for an oC install, but I donāt feel it fits, not from a support standpoint.
As it is I can see that my thoughts donāt align with anyone elseās here, so Iām just going to let this go, itās your baby.
Iām working on NethServer 7, but Iām alone and I canāt progress a lot.
Iām sharing here my todo list hoping to find help.
Just my opinionā¦
New versions does not mean ābleeding edgeā. Old version does not mean āStable and rock solidā.
It is a trade-off. Iāve also applied the rule āIf it is not broken donāt fix itā but it is not true all the time.
For example Iāve used Clear OS stable on a server with wan connected to internet. And it so happened that it got hacked.
Why? because the software was not updated to the newest version. All the focus was on the new version of C.O. and the fixes were announced to be available in the new releaseā¦ but the current release did not get the fixes.
Anyway. I suggest to not confuse new versions of software, with bleeding edge software technology.
Also we must not base our trust on the āprovenā technology just because it works. Because it can work very well with the malicious code inside it .
Also Development versions Like Alpha, Beta and RCās, are to be used in testing env. not in production.
After all, if we keep using āproven technologyā we will not advance and the devās. work for will be for nothing.
If there is a Stable version released we should be going forward with it and use it. Test it, then make a pre update stage and finally make the upgrade.
As my conclusion goes. If a new software was released as āstableā, we should go with it and make the steps to upgrade.
Best regards
Bogdan
Hi Filippo,
Hi everybody,
May I suggest some things to add for the new version, like:
and the list may be completed.
I know itās not easy but ā¦
Please donāt kill me!
Kind regards,
Gabriel
Iām really surprise to know that you`re alone Filippo.
I donāt know if we are numerous here but its seem that its the time to organize the community.
To know who can help for which task ( core / webgui / documentation / evangelism ).
Centos 7 have a lot of change with systemd, firewalld, name interface, xfsā¦
It`s a big challenge for one person.
Thatās a great list, could you explain better your points? You could open a dev discussion for each of them, maybe there are folks whoād like lend a hand and discuss details. What about?
How? Please open a new topic with specific proposals 
Why? Please, open a new topic and try to explain as best as possible how and why
Why am I here? happy to read about your excitement, I tried to organize as best as possible with small team:
New NethServer Teams
many of them are working hard (testing and translations for example) not all members active here though.
Do you have any suggestion? Please reply to such topic! How can you help the community?
Thatās another great starting point:
Hi Alessio,
First of all, I apologize that I have not response in the last two days but Iām in the middle of a project and I donāt have much free time.
Anyway, yesterday I managed to install NS 6.7 from ISO, like I promised here: NethServer vs Endian.
Soon I will return with details and answers to all questions.
Kind regards,
Gabriel
I plan to resume work on NethServer 7 next week. My current todo list is a bit longer than the one posted above, but Iām unsure on how to proceed: try to release as early as possible 7 which the same functions of 6 or implement new features before closing 7?
The first option has some advantages: you know that 7 should behave as 6, so everything not matching will probably be a bug. If we add features we will not know if itās a new bug coming from CentOS 7 or something we did wrong in NethServer.
Do you know Intel tick-tock model ( https://en.wikipedia.org/wiki/Intel_Tick-Tock )?
We could try to set two goals:
We could name step 1 as 7 beta, but at the end we will have a stable software and I think that nobody will install a release with the word ābetaā in its name, so we will probably miss some bugs.
On the other hand, why install 7 if it behaves like 6?
We could catch bugs later in the release cycle, so maybe my fears are unfounded.
If everybody agrees on a roadmap, we could set some milestones and have a stable release sooner.
Share your opinions or state āI will test 7 betaā, please.
Why? Because:
āI will test 7 betaā anyway! 
I think the fastest and better way is to go to 7 with the same featuers
,and then lately add the exclusive, just having the new librarys, php etc
will worth it.
Iāll test it, of course.
i agree, with you and i like the tick-tock model.
For me the ātickā is to release as early as possible 7 which the same functions of 6, then ātockā to implement new features could be also the 7.1.
Iām not a dev, but switching from centos 6 to 7 is from my point of view, already an hard workā¦ so i think a good path could be:
but it any case i think itās better upgrade to 7 before implement new featuresā¦ and i will test 7 alpha, beta or whatever 
I agree the best way is to have the tick-tock model.
Iāve talked about this as a release model previously with @alefattorini.
Having the 7.0 as a rock solid platform is the best solution I see so far. I agree with @dz00te, @mabeleira, @GG_jr and the others in this
The x.1 x.3 x.5 can have the extra features and x.0, x.2, x.4 to be the stable relese
Maybe we should vote for this ?
BR
Bogdan
Iām definitely right behind the tick-tock idea, planning 7.1 features as from now