[TYPO3-english] Which Typo3 version to use?

Jigal van Hemert jigal.van.hemert at typo3.org
Wed Dec 24 11:36:21 CET 2014 

Hi,

On 23/12/2014 20:16, Pero Peric wrote:
> Well i could have risk with 6.x and extensions that would not work
> anymore or would work with bugs and i would spent time googling for
> solutions and ending up with debugging line 2388 of class A that was
> included from class B that was included in class C  etc. - so result for
> my bosses would be - that CMS is crap and you don't know your job.

Perhaps more the latter than the former :-) Sorry, but 6.2 is stable and 
if you use extensions that are meant for 6.2 (you'll get a extremely 
clear warning if the versions don't match when you try to install an 
extension) there is no more chance for bugs than with older releases.

> Now i have CMS with security concerns in the future. Well, to be honest
> i'm not so paranoid about security with TYPO3. If some other CMS was in

It's nice that you trust the quality of TYPO3 CMS, but a security issue 
is a security issue. Some may not be relevant for your configuration, 
but over time there will be issues that are important for you.
Nobody can know when a more serious issue will be discovered and if this 
also applies to unmaintained versions.

> question like Joomla or WordPress i would be. I have TYPO3 CMS 4.2
> versions running with no problems on some sites. I have developed many
> web sites and never had security problems - so this security concerns
> are bit litte overrated for me. I mean, i trade em for stability of
> product with all its extensions that actually work ok.

Don't confuse stable with static. If you use unmaintained versions as 
old as 4.2 it's just a matter of pure luck that the site is not attacked 
in any way. Have you thought what you're going to tell your boss and 
clients when (not if!) one of those sites is hacked? I just hope that 
you're honest and tell them that you ignored security issues and kept 
using unmaintained versions.

Maybe these seem harsh words, but I fear that neither your boss nor your 
client are aware of this and I'm pretty sure they wouldn't be happy to 
know you use insecure software or deliver new sites which soon become a 
potential security risk.

-- 
Jigal van Hemert
TYPO3 CMS Active Contributor

TYPO3 .... inspiring people to share!
Get involved: typo3.org

More information about the TYPO3-english mailing list