Following on from the recent news that Drupal 7 security will be extended for a further 12 months there’s still the question of the extended support for organisations still using Drupal 7.
Once the official Drupal 7 security support comes to an end the plan is to hand over the security maintenance duties to a small group of partners who have clients still depending on complex Drupal 7 builds.
To become an official Drupal 7 Vendor Extended Support partner the agency needed to comply with a number of requirements in addition to payment of several fees over the course of the 3-year support extension.
The most difficult requirement the Drupal Association set out was the need to have a member of staff already on the security team for at least three months.
Any organization involved in this program must have at least 1 member on the Drupal Security Team for at least 3 months prior to joining the program and while a member of the program.
Applications for the Drupal 7 Extended Support program are now closed: but this doesn’t mean organisations using Drupal 7 are restricted to only receiving support from the selected partners.
An important final requirement for any partners included:
They agree not to keep a private version of any change. All issues from the private tracker must be released back to the community. All patches/updates must be released to the community at roughly the same time as they are released to customers.
Any existing or new clients using Drupal 7 will not be charged any premiums to continue receiving the Ixis application support service and security updates will be handled in the same way as was provided in the Drupal 6 Long Term Support service that was provided until earlier in 2022.