Do LTS (long-term support) releases really reduce risk?

Several core projects such as the Linux kernel, Zephyr OS, Yocto, and various Linux distributions offer LTS (Long-term releases). Typically bug fixes and security updates are provided for 2 or more years.

Many people find comfort in this. The thought is “old” == “stable” and “new” == “risky”. However, consider the following points on risk and support:

  • in a complex system, the risks in the custom code you write, which only one or two developers ever see, are many times greater than the code in the core OS components, which many thousands of people are using. Thus, the risk of LTS vs regular release may be negligible compared to the risks in your custom project code.
  • support – where are you going to get support if there is a problem – especially from an OSS community? On an old release that people have not worked in in 2 years? Or something close the to current head of development where people are actively working?

You also have to consider the cost to add new features and move things forward. The older things are, generally the harder this is to do.

A stability issue is a serious problem in a product. But so is the friction of technical debt that keeps you from moving forward. Which is a bigger risk to your product and company? If you took the money and time used to keep old software going and rather invested it in CI/CD and automated system testing, where would you be now? One is a sunk cost, the other an investment in the future.

I think this LTS stuff is a bit overrated. On the one hand I get the stability argument, but the downside of stability is that things stop moving forward. Eventually “tech debt” as you put it will catch up with and often burn them. Case in point is some third party plugins I recently ran into when using the Gimp (Gnu Image Manipulation Program). These had been written in Python2 which has been deprecated for a long time now on Linux (but not yet in Windows 11 it seems). As a result they don’t run on any modern Linux distribution since python3 has been the standard for a long time now. So even with an LTS distribution there’s no guarantee that things won’t move forward at some point breaking old code. It seems to me the best approach is incrementally advancing the software in small steps through continuous improvement (the ‘kanban’ system) rather than allowing things to lie fallow for years then attempt a massive update. Waiting too long to update always seems to end badly IMHO.

American engineering companies seem to be subject to “tech debt” on a regular basis. I regularly encounter companies using 10 year old or even older CAD and EDA software simply because they refuse to spend the money to update to the latest versions or keep up with maintenance subscriptions. In Europe companies there seem to be more attuned to enhancing productivity so that they generally keep up with software updates so their engineers always have the best tools available.

1 Like

LTS or time based release models ( LTS is just a loooong time based release cycle) have served a purpose as the OpenSource and methods were still developing in last couple of decades. We have had Linux Distributions like Gentoo, Archlinux and NixOS which are mostly following “rolling release” model like what @jeffsFOM mentioned. New components keep trickling in as they become available and one keeps moving forward. With some vigil on breaking changes if any, this method is quite good, provided one defines own software’s touch points diligently and tests them regularly in CI, With yoe distro we are following similar model, with a quirk where we use yocto to build the distribution and yocto follows time based release model, ideally something like NixOS or ArchLinux would suite yoe philisophy better.

I think future is to leap ahead of time-based release models into rolling releases and if you see how many Arch based distributions are now available and traction that NixOS is garnering in 2024, my assertion is not far from reality. Software components especially OSS have become mature and have good unit testing mechanisms now than they had say 10-15 years ago, with github/gitlab kind of infras, CIs have become accessible to OS developers for almost no cost. integrating such components therefore is lot easier these days into distro’s than it was 15 years ago.

Sticking to time based release models of debian/Fedora/Ubuntu/Redhat etc. has been valuable but this value is diminishing with time. Some commercial distribution has to pick Arch or NixOS ( Well Manjaro is arch based ) and we will see confidence building in rolling releases more than before.

1 Like