Branch Selection

- for Application Security & Stability

Explanation

Many applications will have two viable branches to choose from. A "stable" branch intended that new features will be added to, and a "maintenance" branch that only receives fixes. In addition to these viable branches, there is almost always a developmental branch that should not be considered for server packaging. Often times the maintenance branch will be preferable for servers, but the pros and cons should be weighed on an individual basis when choosing which branch of an application to use.

Rationale

Utilization of a maintenance branch has many benefits to a system administrator and to maintainers of the server related packages.

• Lower frequency of updates - The less downtime the server has for updates and update testing, the better of a server it is.
• Reduced risk of new bugs and regressions - Since new code is not being added to the application, chances of an update containing a new security issue or bug are limited.
• Minimal reconfiguration - Unlike updates that occur in "feature" or "stable" branches of many applications, "maintenance" updates are unlikely to require changes in your configuration files or in systems that rely on the updated software.

Example

"sudo" is one instance of an application with a stable branch and a maintenance branch. It would be wise in a case such as "sudo" to diverge from the main VectorLinux package and instead opt for a package built from the maintenance branch. The sudo 1.7 branch is in mainenance mode and receives no new features, only bug fixes.