Conventional logic assumes that one should upgrade to the latest available version of any software. Software developers issue new versions for a reason. The new version would have features lacking in the previous and existing versions, and more importantly, would contain fixes for bugs discovered from the existing versions. Failure to upgrade may render the software vulnerable and the systems hosting such software susceptible to attacks.
However, such conventional logic flies away in the face of reality and practical considerations. Many users actually prefer to stay a version or two behind the current version. The current version, for all its advanced functionality and bug-fixes may be highly unstable, not be backward compatible, may not integrate with existing third-party add-ons, and worse; may come up with new and even greater vulnerabilities compared to an existing version. History is rife with such episodes where an upgrade subverted the entire system and even caused the entire business to come to a grinding halt. It usually takes many weeks or even months for all the bugs and flaws in a new version to iron out and for the system to become stable. Even otherwise, not all the changes introduced in the new version may be to the business’ liking, and businesses may be better off continuing with the older version.
LTS and SRS Support Versions
Businesses usually take an upgrade decision on a case-to-case basis. In Joomla, the issue came into the open with the release of Joomla 3.0 in 2012. The older Joomla 2.5 was more stable and was the Long Term Support (LTS) version. The new Joomla 3.x was a Short Term Support (STS) version but came with several big improvements such as device responsiveness, Bootstrap support and jQuery support.
Several rounds of developments go into STS versions until eventually the software becomes stable and the developer rolls out an LTS version. Almost all STS releases introduce new non-breaking features and functionality whereas the LTS version focuses on infusing stability to these newly introduced features. Joomla users who wanted to try out the latest cutting-edge features and functionality had to make a trade-off with an unstable system that had many bugs, such as one bug that affected users’ password and made the system difficult to use.
However, as of now, both Joomla 2.5 and Joomla 3.0 has reached its end of life. The Joomla! Project confirmed end of support for the 2.5 series on 31st December, 2014, meaning that Joomla no longer offers bug fixes, features, or security updates for this version. The only current version available is Joomla 3.4, released on February 24, 2015, and this is recommended for all new users. Joomla 3.5 is scheduled to release in mid 2015.
Users stuck with older versions would in most cases be able to perform a one-click upgrade to the latest version. However, those stuck below Joomla 3.3 would require PHP to 5.3.10 or greater to upgrade to 3.3 and beyond.
Joomla 3.4
Joomla rolled out its 3.4 version on July 15, 2014. This would normally have been a SRS support version. However, with the 3.4 release, Joomla did away with the LTS and STS approach and introduced a new release strategy.
In the past, every x.5 version was a LTS version and all other versions were STS versions, with each release schedule spaced at six-month intervals. The new strategy does away with such timed release and makes each release a “LTS” release. There would still be minor releases, such as 3.4.1, 3.4.2 and more, considered as maintenance releases, which would focus on quality and non-breaking backwards compatibility. Each major “x.0.0” marks the beginning of a new series set with an expected lifespan of around four years. Every minor “x.y.0” release would add to the lifespan, meaning that the lifespan of a series could extend indefinitely as long as new minor releases keep coming up.
Joomla 3.4.0 is fully backward compatible with 3.3.x, and comes with the promise that nothing will break when the user updates.
To Upgrade or Not to Upgrade?
Since Joomla has done away with “forced” time-based release, each new release is for a good reason – to either address quality and stability issues, or introduce some new pressing functionality, and as such it makes sense to go in for an upgrade whenever it becomes available. Earlier, if the new functionality was not important in the user’s scheme of things, it made sense to wait and watch, making a shift only when the stable LTS release finally rolled out rather than embrace a “forced time-based update” which might come with several bugs and risks. With this new strategy, the new update is “ready when it is ready” meaning there is no time pressure to roll out an upgrade without addressing the bugs, backward compatibility, and other issues.
However, considering the fact that support for older versions would now continue for a minimum of four years even when a new upgrade becomes available, users can still chose to hold on and continue using the legacy version. This is a good option if users fear that the new version would upset the apple cart, introduce things that they do not really require and force them to use the CMS in a new way. It is important to upgrade to the minor releases though to address bug and security issues. Sticking on to an older version also makes sense if all additionally installed extensions from third party developers, especially templates, are not ready to support the new version.
To sum up, users need to always check for the latest Joomla version. Those not on the latest release need to check the reason for the new release. If the reason is to address security issues, then an upgrade is strongly recommended, but if the reason is to add a new functionality, evaluate whether the new functionality is really required and make a trade-off in terms of disruptions the new versions would force vis-à-vis the benefits of the new functionality.
Subscribe to the Joomla Security Announcements feed for the latest announcements, including the availability of new releases. Download the latest versions here.
What Version of Joomla Should You Use?
previous post