Product Versioning and Back Support Policy

This document is our stated policy as of October 1, 2015. Any specific questions can be directed to a Customer Success Manager or Product Manager at MuleSoft.

Definitions

Semantic Versioning

Semantic versioning scheme is based on a release number which has 3 components: major release number, minor release number and patch release number.

A major release means modifications or enhancements to the same Software product as designated by a change in the major release number. Major Releases do not include separate or different products marketed by MuleSoft under a different name even if such products are compatible with the relevant Software product.

A minor release means modifications or enhancements to the same Software product as designated by a change in the minor release number

Date Based Versioning.

Date based versions use the month and year for the release name in the format of, “[Month Year] Release”. For example, the “June 2015 release.”

Standard Support

Standard Support includes:

  • Technical support on the use of the software, assistance with application configuration, and guidelines on performance tuning. Application code review is not within the scope of this service.

  • MuleSoft will attempt to provide patches for customers upon request, and where technically possible, for the following: S1 issues; Critical Security Vulnerabilities; S2 issues where the product in a non-production environment is nearing a critical milestone, is unusable, and no workaround is available.

  • Customer may also request patches or fixes for non-S1 issues, although MuleSoft makes no guarantees about its ability to provide a patch. If a patch is not provided, the Customer is required to upgrade to a future release for the requested capabilities or fixes.

  • Access to software downloads, technical content and knowledge base articles.

  • Compatibility support and certification of runtime environments for the published supported environments and third party software as documented in the MuleSoft documentation at time of release or detailed in the release notes of any maintenance release.

Extended Support

Extended Support is provided for products which exist under previous support policies (see below) and can be granted on an exception basis for a product at MuleSoft’s discretion.

Extended Support includes:

  • Technical support on and around the software for production environments, including troubleshooting, diagnosis and resolution of issues which do not require source code patches.

  • MuleSoft will attempt to provide patches for customers upon request, and where technically possible, for the following: S1 issues; Critical Security Vulnerabilities; S2 issues where the product in a non-production environment is nearing a critical milestone, is unusable, and no workaround is available.

  • Access to software downloads, technical content and knowledge base articles.

End of Life Support

Products that are not covered by Standard Support or Extended Support shall be considered End of Life. End of life support will be provided for an additional 12 months after Standard Support and Extended Support end. End of Life support will be limited to technical assistance only with no source code patches or new patch level releases. Support will provide recommendations on what is possible for the Customer, including professional services, references to documentation or knowledge base articles. Patches will not be provided. If there is an issue that requires a patch, you will need to upgrade to a newer version covered by the Standard or Extended Support windows.

After End of Life support expires for a product, MuleSoft will not provide support of any kind.

Critical Security Vulnerabilities

Critical Security Vulnerabilities means any vulnerability defined as critical by MuleSoft according to the following:

For vulnerabilities discovered in third party libraries that are embedded within MuleSoft Software or vulnerabilities discovered in third party software that is in use within MuleSoft Cloud Offerings, the vulnerability will be typically shared and classified for criticality via public advisories, or otherwise identified by scanning tools as part of MuleSoft’s Vulnerability Management Process (VMP). MuleSoft evaluates each such disclosure and either accepts or alters (either higher or lower) the criticality based on its internal assessment. For those vulnerabilities that are ultimately classified as critical (or high), MuleSoft will:

  1. Update embedded libraries as required, and release an updated version or patch of the impacted product(s) for customers to update their installations;
  2. Patch the MuleSoft Cloud Offerings as required.

In both cases, the targeted timeline for such updates will be 30 days or less.

For vulnerabilities discovered in MuleSoft Cloud Offerings or Software, MuleSoft will respond to any incoming report of discovered vulnerabilities from the security research community by evaluating the report and assessing its impact and exploitability, calculating and assigning an appropriate CVSS score. Once the score has been derived, MuleSoft will determine the appropriate course of action for developing and disseminating a fix. When such a vulnerability is assigned a “high” score (>7.0), MuleSoft will treat the issue as critical, and where possible, will prioritize the fix ahead of existing development schedule.

Mule Runtimes

Mule is the runtime engine of Anypoint™ Platform. The following maintenance policies apply to on-premises, cloud and hybrid deployments of Anypoint Platform, including Mule Workers in CloudHub, API Gateways running on-premises or in the cloud and the Mule runtime deployed to a Customer’s own data center (previously referred to as Mule ESB). Mule runtimes follow semantic versioning.

Maintenance Policy

  • MuleSoft provides Standard Support for the latest released minor version of the Mule runtime.

  • Once a new minor version for a major version is released, the previous minor version will receive Standard Support for an additional 18 months. All minor versions for a major version will receive Standard Support for a minimum of 2 years or until 12 months after the release of the next long term supported version, whichever is longer.

  • Once a new major version is released, MuleSoft will continue to offer Standard Support for at least one minor version of the previous major version for a minimum of 3 years.

  • Mule will designate certain versions as a long term supported version and Standard Support will be offered for an additional 3 years, for a minimum of 5 years total Standard Support.

  • Once a minor version is outside the Standard Support and Extended Support windows, MuleSoft will provide End of Life Support.

Mule Runtimes End of Life

In addition to the End of Life Support policy detailed above:

  • End of Life versions will not be available or supported on CloudHub. Applications running on End of Life runtimes on CloudHub will be stopped when Standard and Extended Support end.

  • End of Life versions will not be available or supported in Anypoint Studio

  • End of Life versions will not be supported by MuleSoft’s Cloud Offerings or Anypoint Platform Private Cloud Edition

  • MuleSoft reserves the right to End of Life Support a CloudHub runtime for a particular patch version of Mule runtime with 90 days notice due to critical security vulnerabilities that are fixed in a subsequent patch release.

Mule Enterprise Edition versions previous to 3.5

All MuleSoft Customers prior to October 1, 2015 will be grandfathered with the following policy: For versions prior to Mule 3.5, MuleSoft will provide Extended Support through December 31, 2016. This period will allow Customers to migrate to a newer version of the product with Standard Support.

API Gateway versions previous to 2.0

MuleSoft will provide Standard Support for API Gateway versions previous to API Gateway 2.0 according to the dates below:

Version

End of Standard Support

1.3.2

November 1, 2016

1.3.1 and previous

February 1, 2016

All other 1.x API Gateway versions reached end of Standard Support on October 1, 2016, and will have End of Life support until October 1, 2017.

Support Matrix

The following tables summarize the current status of the supported Mule versions.

Mule Runtimes

 

Release Date

End of Standard Support

3.8 - long term supported

May 16, 2016

May 16, 2021 or later

3.7

July 9, 2015

Nov 16, 2017

3.6

Jan 15, 2015

Jan 15, 2017

3.5 - long term supported

May 20, 2014

July 15, 2019

3.4

April, 2013

Grandfathered until December 31, 2016 *

3.3

 

Grandfathered until December 31, 2016 *

3.2

 

Grandfathered until December 31, 2016 *

API Gateway Runtimes

 

Release Date

End of Standard Support

2.2 January 26, 2016 January 26, 2018

2.1 - long term supported

Sep 2, 2015

July 26, 2020

2.0

July 9, 2015

July 9, 2017

1.3.2

 

November 1, 2016

1.3.1 and previous

 

February 1, 2016

* On premises only

Mule Management Console (MMC)

MuleSoft provides Standard Support for the latest minor version of a major release and for 1 year after release of the next major or minor version of Mule Management Console (MMC). After this, MuleSoft will provide End of Life Support for 1 year.

Support Matrix:

The following tables summarize the current status of the supported MMC versions.

MMC

 

Release Date

End of Standard Support

Supported Mule Versions

3.8.1

September 2016

September 2017

Supports Mule V3.5-V3.8.1

3.7.3

December 2015

December 2016

Supports Mule V3.5-V3.7.x

Anypoint Studio

Anypoint Studio follows semantic versioning. All versions of Anypoint Studio are forward compatible. Versions cannot be downgraded. MuleSoft provides Standard Support for the latest minor version of a major release. It is expected that customers upgrade versions of Studio in order to receive enhancements, bug fixes and patches.

Anypoint Connectors

Anypoint Connectors follow semantic versioning and have 4 categories: Premium, Select, MuleSoft Certified and Community.

Select and Premium

MuleSoft will provide Standard Support for the last major or minor version of a Select or Premium connector and for 1 year after release of the next major or minor version of a connector. After this, MuleSoft will provide End of Life Support. Updates to minor, and maintenance versions of APIs are all backward compatible unless a non-compatible change is introduced in the underlying API itself that the connector connects to. For non-compatible changes outside MuleSoft’s control, MuleSoft will indicate in the release notes any non-backward compatible changes to the connector.

MuleSoft Certified

MuleSoft Certified connectors are developed by MuleSoft’s partners and developer community and subsequently reviewed and certified by MuleSoft. For these connectors, MuleSoft will take initial calls from customers and isolate the issue for resolution. MuleSoft disclaims any additional support obligation for such MuleSoft Certified Connector. For support of MuleSoft Certified Connectors, customers should contact the MuleSoft partner that created the connector.

Community

Community Connector customers have access to Customer Support who troubleshoot to ensure that all licensed components of the platform are working as designed. If the Community connector is the source of the issue and assistance is required to modify or alter the connector, MuleSoft Professional Services or an accredited MuleSoft Partner can be engaged by contacting their MuleSoft Account Manager.

Anypoint Connector DevKit

MuleSoft will provide Standard Support for the last major or minor version of Anypoint Connector DevKit and for 1 year after release of the next major or minor version of Anypoint Connector DevKit. After this, MuleSoft will provide End of Life Support.

Cloud Offerings

For our Cloud Offerings, there is one current version that is supported at all times and upgrades are done on behalf of the user. Cloud Offerings use date based versioning. Cloud Offerings are backward compatible with all currently supported runtimes.