[inoop]

> Because, suprisingly, Noone is forcing you to update immediately!

Excuse me, where do you work? Do you not have a company policy about not using software that isn't actively receiving security updates?

[9dev]

PHP releases receive three years of updates :)

[inoop]

You said:

> Hell, there's still a lot of 5.x deployments out there that work just fine.

forgive my ignorance but I was under the impression 5.x isn't actively maintained anymore?

[tehbeard]

Oh our company is fully on 7.x and looking to move existing projects to 8.x. (New ones being deployed to 8.x already)

The enterprise client is the one on 5.x (for an interop program for B2B order processing), in a secured intranet system behind firewalls (multiple, on occasion one of their teams breaks one while updating it and we lose access for a day) and a VPN.

They might get up to 7.x this year when they retire the server "our" VM within there is on and reprovision to some new metal.

But by all means, go try and bypass their procurement and change process. I'm sure they'll appreciate your insight into rapidly changing a component of one of their main revenue streams... Just let me grab some popcorn first :)

To be a little less cutting, its admirable to want to be clean and proper, to do it all the right way 100% of the time... But that ain't how the world works and you either bend to accommodate and try to do some good, or scream into the digital void... Your choice.