Actually re-reading @bdw429s post and it does make sense - although I think the language then of “patch” and “build” is not necessarily quite right in this instance and also it is unclear of whether or not this is actually what is happening with releases (at least to me).
Also, if it is indeed correct, then any major security releases should be going back to 5.4.1 and earlier for example, and not stopping at 5.4.2 (otherwise there is not really a good point for the fourth version number).
Does this explanation fit I wonder with expectation and reality and could be a possible draft for the docs?
Lucee release numbering
Lucee releases are formed of four version numbers, separated by a period (.):
{major}.{minor}.{fix}.{patch}
Major
Changes in major version indicate a big shift in approach with potentially major breaking changes. i.e. Lucee 4 vs Lucee 5 vs Lucee 6
Minor
Changes in minor version are a collection of small but potentially breaking changes. These might be updates to underlying old libraries, for example - or language changes for Adobe compatibility. Upgrading across minor versions would expect a good deal of testing and understanding of release notes given the potential for disruption with library changes or new features.
Fix
Changes in fix version are a collection of bug fixes only. These may happen frequently and only contain bug fixes with no expected breaking changes. Companies should feel confident in upgrading fix versions while remaining on the same minor version. i.e. if you are on 5.4.1.8 and a 5.4.3.x release hits, you should feel confident in upgrading. Of course, always read the release notes and test in a test environment!
Patch
Patch number bumps are reserved for critical bug and security fixes. These back patches are intended for companies who need only critical fixes without having to test all the other minor bug fixes that have happened in subsequent fix releases.
For example, your company may be on 5.4.1.8. Lucee has released 6 months worth of fixes for the 5.4 series and is now on 5.4.7.1 but these fixes are too many for you to just upgrade and test given your current situation. A critical security patch is released and backported to all fix versions in the 5.4 series. Your company can now upgrade to 5.4.1.9 with confidence that you are only getting the major security patch update.
@Zackster - does this ring true?
