- ๐บ๐ธUnited States benjifisher Boston area
Drupal 7 has extended support options and one of them is through Tag1.
Correct. Also (see the bottom of almost any page on d.o):
Infrastructure management for Drupal.org provided by [Tag1 logo]
Tag1 may also provide security support for d.o. I think it is fair to say that d.o will be less secure after EOL, supported (perhaps) by Tag1 instead of being supported by the Drupal Security Team. OTOH, it is still possible that the transition to the D10 site will be complete by then. I am not sure of the schedule, but I know that the Drupal Association (DA) is working hard on the migration.
If the Drupal 7 used on Drupal.org gets security fixes, those fixes should be offered for free and a new version of Drupal 7 should be released.
I disagree. The DA is not the Drupal Project. The DA maintains d.o. and has no obligation to share improvements they get through their contract with Tag1 (or any other provider).
OTOH, according to https://d7es.tag1.com/faq,
... you can share the security updates provided through Tag1 D7ES, as they are open-source software under the GPLv2+ license.
I expect that, one way or another, security updates will be shared publicly. (That is my personal expectation, not official policy of the Drupal Security Team nor anyone else.)
- ๐จ๐ฆCanada joseph.olstad
Drupal 7 has extended support options and one of them is through Tag1.
Tag 1 advertises on drupal.org so therefore I would expect that d.o is collaborating with Tag1 directly on extended support.
- ๐จ๐ฆCanada xmacinfo Canada
Still on Drupal 7
https://jobs.drupal.org will not be secure after January 5th, 2025.
<meta name="Generator" content="Drupal 7 (http://drupal.org)">Secure
- ๐จ๐ฆCanada xmacinfo Canada
Drupal.org not secure after January 5, 2025
It was written in the sky. The most important pages of Drupal.org will not be secure after January 5th, 2025.
Drupal.org pages related to modules and accounts are still using Drupal 7:
If the security teams abandons support for Drupal 7 January 5th, we should not trust using Drupal.org, even tough the login process migrated away from Drupal 7. The most important pages of Drupal are still on Drupal 7, including user profiles.
If the Drupal 7 used on Drupal.org gets security fixes, those fixes should be offered for free and a new version of Drupal 7 should be released.
New.Drupal.org
Note that this does not affect the new pages built for the https://new.drupal.org running on Drupal 10. Those pages are mostly hosting a new site running on Drupal 10 with many redirections to the Drupal 7 site.
In other words, a new frontend built on Drupal 10 with a new theme with a not secure Drupal 7 backend.