TLDR: Github, Shopify, 37 Signals, and others run unreleased versions of Rails in production.
This is a trend – with modern CI systems, the quality of OSS projects has gone up. Add in your own CI, and it gets pretty good.
We call it “Living on Main”.
In security, we are pretty used to analyzing the cost-benefit ratio (CBR) – how much is this security measure going to cost me (mainly in hindering people from getting things done) compared to the risk of a security incident? But in software development, does anyone analyze the CBR of living on main vs releases? Some of the benefits include:
- easier to get support from project developers
- much easier to upstream your own changes
- you get new features sooner
- you can be involved in the discussions about the project
- much easier to update your codebase in small chunks
What are the benefits of staying on a release? Do they outweigh the above?