Yii Release History & EOL Status

Q: How do I know which Yii 2 branch is still supported?

Run composer show yiisoft/yii2 to get your installed version, then compare it against the release table above. Each Yii 2 branch has an explicit phase -- active support, feature freeze, security-only, or EOL -- with dates published on the official release cycle page. If your branch is in the security-only or EOL column, no general bug fixes are being applied.

Latest Stable

Released 31 Dec 2025
(4 months ago)

Software	Yii
Introduction	Yii Framework is an open-source, high-performance PHP framework that helps developers build web applications quickly and efficiently. It follows the MVC architecture, includes strong caching and security features, and comes with built-in tools like Gii for code generation. Yii is suitable for projects of all sizes, offering flexibility, scalability, and maintainability.
Written in	PHP
Platform	Cross-platform
Type	Web application framework
Repository	https://github.com/yiisoft/yii2
Website	https://www.yiiframework.com
Lifecycle policy	https://www.yiiframework.com/release-cycle
License	BSD License

All Releases

Version	Supported PHP versions	Initial release	Latest release	Maintenance fixes & PHP compatibility fixes only	Security & PHP compatibility fixes only	End of life
Yii3	≥ 8.2	31 Dec 2025 (4 months ago)	(no single version, per-package SemVer)	31 Dec 2030 (Ends in 4 years, 7 months)	31 Dec 2032 (Ends in 6 years, 7 months)	31 Dec 2035 (Ends in 9 years, 7 months)
2.2.x	≥ 8.1	-	-	-	-	-
≥ 2.0.50	≥ 7.3, ≤ 8.4	-	2.0.54 09 Jan 2026 (4 months ago)	30 May 2024 (Ended 1 year, 11 months ago)	23 Nov 2026 (Ends in 6 months)	23 Nov 2027 (Ends in 1 year, 6 months)
≤ 2.0.49.x	≥ 5.4, ≤ 8.3	-	2.0.55 09 May 2026 (5 days ago)	29 Aug 2023 (Ended 2 years, 8 months ago)	31 Oct 2023 (Ended 2 years, 6 months ago)	23 Nov 2026 (Ends in 6 months)
1.1	≥ 5.1.0	-	-	22 Nov 2015 (Ended 10 years, 5 months ago)	01 Jan 2017 (Ended 9 years, 4 months ago)	31 Dec 2026 (Ends in 7 months)
1.0		-	-	Unavailable	Unavailable	Unavailable

How Does Yii Framework Handle Version Support?

Yii is an open-source PHP framework maintained by the Yii Software team and community contributors, released under the BSD License. Yii does not have a single unified version -- instead, Yii 1.1, Yii 2, and Yii3 each follow a separate maintenance policy, and Yii3 takes this further by versioning each package independently.

Yii 2 follows a phased support model: active support, then feature freeze (bug and security fixes only), then a security-and-PHP-compatibility-only window, and finally end of life. The exact phase for each Yii 2 branch is shown in the release table above.

Yii3 is architecturally different -- it is a collection of loosely coupled packages, each following Semantic Versioning independently. There is no single "Yii3 version number." A package gets a major version bump when it introduces breaking changes, a minor bump for new features, and a patch for bug fixes. PHP compatibility is tied per package, not per framework release.

Yii 1.1 is in maintenance mode and only receives security fixes, critical bug fixes that do not require breaking changes, and PHP compatibility updates where feasible.

Branch	Versioning Model	Current Status
Yii3	Per-package SemVer (no single framework version)	Active development
Yii 2	Single framework version with phased support	See release table above
Yii 1.1	Single version, maintenance mode	Security & critical fixes only

For the full phase timeline per branch, refer to the official Yii release cycle page.

What Are the Risks of Running an Unsupported Yii Version?

Running an EOL Yii 2 branch means your application receives no security patches -- not from the framework, and not from the extensions that were versioned against it.

The Composer dependency chain is where things break down fastest. Once a Yii 2 branch goes EOL, its minimum PHP requirement freezes in place. If your hosting environment or security policy requires a newer PHP version, you may find the framework itself is blocking the upgrade -- because EOL branches do not receive PHP compatibility updates.

Official and community extensions for Yii 2 are versioned independently from the core. Maintainers stop testing against EOL branches quickly, and version constraints in composer.json start conflicting. A single composer update can cascade into a wall of incompatible constraints with no clean resolution.

For Yii3, the per-package model changes the risk profile. An individual package going unmaintained is more contained -- other packages in the ecosystem are unaffected. But it also means there is no single changelog to monitor; teams need to track each package they depend on separately.

What Happens After a Yii 2 Branch Reaches End of Life?

Once a Yii 2 branch reaches EOL, the Yii team stops publishing releases for it -- no patches, no PHP compatibility adjustments, no security fixes. The code stays available on Packagist, but no new versions are tagged.

Packagist does not natively flag EOL packages, so your CI pipeline will not alert you automatically. Tools like Roave/SecurityAdvisories help catch known CVEs in Composer dependencies, but they do not cover the general absence of maintenance.

For Yii3 packages, EOL is per-package rather than per-framework. A package that stops receiving updates can often be replaced or forked independently without touching the rest of the application -- which is one of the architectural advantages of the package-based model.

Migration Direction

Migrating from Yii 2 to Yii3 is not a version bump -- it is closer to a partial rewrite. Yii3 has no monolithic core; instead, you adopt individual packages. Most teams port the application module by module, replacing Yii 2 components with their Yii3 equivalents incrementally. Starting with stateless utilities and working toward request-handling components tends to reduce integration risk.

How To Check Your Yii Version

The answer depends on which Yii branch your project uses -- Yii 2 has a single version, while Yii3 has no global version number.

Yii 2 -- check the framework version

composer show yiisoft/yii2

This returns the installed version of the Yii 2 core. Cross-reference it with the release table above to see which support phase it falls into.

You can also print the version at runtime:

echo \Yii::getVersion();

Yii3 -- check individual packages

There is no single Yii3 version to check. Each package you depend on has its own version. List all installed Yii-related packages:

composer show | grep yiisoft

This shows every yiisoft/* package and its installed version. To inspect a specific package:

composer show yiisoft/yii-core

Check the yiisoft GitHub organisation for each package's changelog and maintenance status.

Yii 1.1

composer show yiisoft/yii

Yii 1.1 is in maintenance mode. Compare the installed version against the EOL date shown in the release table above.

FAQ -- Yii Framework Support & EOL

Q1: Does Yii3 have a version number like Yii 2 does?
No. Yii3 is not a single monolithic framework with a unified version -- it is a collection of independent packages, each versioned separately using Semantic Versioning. There is no global "Yii3 x.y.z" release. When you install Yii3, you are installing individual yiisoft/* packages, each with its own version, release history, and maintenance status. This is a fundamental architectural difference from Yii 2.

Q2: How do I know which Yii 2 branch is still supported?
Run composer show yiisoft/yii2 to get your installed version, then compare it against the release table above. Each Yii 2 branch has an explicit phase -- active support, feature freeze, security-only, or EOL -- with dates published on the official release cycle page. If your branch is in the security-only or EOL column, no general bug fixes are being applied.

Q3: What is the difference between feature freeze and security-only support in Yii 2?
During feature freeze, the Yii 2 branch still receives general bug fixes alongside security patches and PHP compatibility updates. The security-and-PHP-compatibility-only phase that follows is narrower: only vulnerabilities and PHP version compatibility are addressed. Regression fixes and behavioral corrections are no longer included unless directly tied to a security issue. This distinction matters when assessing whether staying on a branch is still viable for production use.

Q4: Can I migrate from Yii 2 to Yii3 incrementally?
Yes, and this is the approach most teams take. Because Yii3 is package-based, you do not need to rewrite the entire application at once. A common pattern is to migrate stateless service classes and utilities first, then move toward request-handling and routing components. The two architectures cannot run side-by-side in the same request lifecycle, but parts of the application logic can be ported independently while the rest stays on Yii 2.

Q5: What happens to Yii3 packages that stop being maintained?
Because each Yii3 package is independent, a single unmaintained package does not affect the rest of the ecosystem. You can fork the package, replace it with a community alternative, or vendor it into your own namespace without disrupting other Yii3 components. This is a deliberate trade-off of the per-package model -- narrower blast radius when something goes unmaintained, but more packages to monitor individually.