On May 22, 2006, at 12:38 AM, Brent Casavant wrote:
So, in short, that's why *I* rarely update ports for security reasons.
Another valid reason is configuration management. We run web services, and in order to ensure nothing breaks, we have to use a fixed set of code. Upgrading any piece of that requires many steps, including verifying functionality and checking for regressions, etc. Basically we have to run our full regression tests on any changes, then roll them out in a controlled fashion minimizing down time.
