Looking for help understanding the best practices for keeping sites built with OpenPublish secure and up-to-date.
We currently have sites running 2.3 that indicate there are security updates for Drupal Core as well updates available for several modules.
-
Is it "safe" to update Drupal core or do we need to wait for an OpenPublish release?
-
If we should update Drupal core, do we (in the current case) go with the "pure security update" (6.21) or the "security update combined with other bug fixes and improvements" (6.22)?
-
If we should wait on an OpenPublish release, how do we know when to expect it?
-
With regard to module updates, are we still to avoid updating modules on the patched modules list (http://groups.drupal.org/node/60313)? The list has not been updated for OpenPublish 2.3 -- is it still valid? Is there somewhere else we should be looking for this information?
-
Assuming the patched modules list is valid (or is brought up to date), how do we handle updates (security updates, specifically) for modules on the list? Again, if we are to wait for an OpenPublish release, is there somewhere the anticipated schedule will be communicated?
Thank you in advance for your advice.
Comments
You can do the Drupal
You can do the Drupal upgrades as normal installations.
OpenPublish is build on top of Drupal core. You can simply install 6.22
There will be no more OpenPublish release based on Drupal 6 as mentioned on Twitter somewhere.
As for 4 and 5, they made some patches to it (patches included in modules directory), you can check them against the newer version of the module.
Some modules listed can be upgraded.
-Ronald
Thanks
Appreciate your insights, Ronald.