Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You missed his point. He's saying "latest is an anti-pattern". Which is correct. Everyone should be pinning to specific versions or semver to avoid being accidentally upgraded to a release with breaking changes.

Yes, obviously making existing tags immutable is bad. Nobody is disputing that.



There are exceptions though. I'm the kind of person that would pin Jenkins to latest even if it is an antipattern. I'm way more concerned about security flaws than a temporary CI breakage. So for me: Everyone should be pinning Jenkins to latest to avoid accidentally staying on a release with security holes.


You are not only auto pulling fixes bit also auto pulling new security holes though.

My take on Jenkins with all its plugins is that it need to be properly shielded from external access anyways.


You probably want to pin to at least a major tag to avoid auto-pulling breaking changes at any moment but still getting security updates.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: