A stupid question, because valkey is a fork version of redis, if redis has a security vulnerability, valkey will pay attention to it and fix it, right?

[RobinLin666]

A stupid question, because valkey is a fork version of redis, if redis has a security vulnerability, valkey will pay attention to it and fix it, right, and will continue to maintain it because we want to switch from redis to valkey

[PingXie]

This is a very valid question, @RobinLin666. The answer is straightforward: we address any security issues in our code base, which include the ones originating from Redis. You can review our official support statement (also copied below) and find the complete details in the document available at https://valkey.io/topics/releases/.

"
The Valkey community will also provide extended security support for the latest minor version of each major version for 5 years from when a version was first released. The minor version to be used for this extended security support will be decided once the next major version has been launched. The Valkey community will only patch security issues we believe to be possible to exploit, which will be up to the discretion of the TSC.
"

[RobinLin666]

Thanks for your reply