To upgrade or not to upgrade packages

For Developers
11

I know that opinion is not popular here but personally I'd say that a blanket statement like that is not correct. Packages in release branches are updated for a reason, with the exception of LuCI [1] every single base package update in the 19.07.2 branch is fixing a bug. Let's bisect the list of upgradable packages on a base x86/64 image (except LuCI packages):

  1. cgi-io - 16 - 19
    Fixes excessive memory usage on file uploads which unbreaks sysupgrades for various ram constrained devices, helper utility used by LuCI, cannot cause a soft-brick when failing

  2. opkg - 2020-01-25-c09fe209-1 - 2020-05-07-f2166a89-1
    Fixes excessive memory usage of opkg on some operations. Cannot cause a soft-brick when failing, only break opkg itself

  3. rpcd - 2019-11-10-77ad0de0-1 - 2019-12-10-aaa08366-2
    Extends acl format and adds a respawn parameter to the init script. Cannot cause a soft-brick when failing, worst case is that LuCI does not load anymore.

  4. dnsmasq - 2.80-15 - 2.80-16.1
    Two shellscript-only changes to the init script. Cannot cause a soft-brick when failing, worst case is lack of DNS or DHCP.

  5. procd - 2020-01-24-31e4b2df-1 - 2020-03-07-09b9bd82-1
    Cosmetic change to a debug printf message, no functional changes. The postinstall or prerm actions do not perform any service stopping or starting, so installing it does not cause interruptions

  6. rpcd-mod-file - 2019-11-10-77ad0de0-1 - 2019-12-10-aaa08366-2
    See 3.

  7. odhcpd-ipv6only - 2019-12-16-e53fec89-3 - 2020-05-03-49e4949c-3
    Bugfix for FS#3056. Cannot cause a soft-brick when failing, worst case is lack of DHCPv6 service in the LAN

  8. uhttpd - 2020-02-12-2ee323c0-1 - 2020-03-13-975dce23-1
    Performance fixes for HTTP and timeout fixes for TLS. Cannot cause a soft-brick when failing, worst case is lack of HTTP connectivity to the router (LuCI).

  9. rpcd-mod-iwinfo - 2019-11-10-77ad0de0-1 - 2019-12-10-aaa08366-2
    See 3.

I did multiple tests upgrading all base packages on 19.07.2 now and failed to produce any errors. Neither upgrading opkg with opkg, nor upgrading procd with opkg caused noticeable issues apart from the increased flash memory usage.

With the exception of procd, none of the above packages nor any of the LuCI package update can possibly break booting or cause a soft brick. The procd update itself could be seen as critical, however it did not cause any issues in my tests.

In general, the following considerations apply:

  • Package upgrades on top of the latest point release until the next point release are considered safe
  • Package upgrades on top of older point releases within the same release branches are usually safe
  • Developers pay attention to not change the ABI of core libraries within release series. If it happens anyway, it is considered a bug and regression
  • Usually only bug-fixes or security fixes are done. There usually are not major base library updates at all
  • For snapshot builds, no guarantees are made, as a rule of thumb, likeliness of breakage correlates with the ago of the installed snapshot

Package upgrades on top of the latest releases that cause soft-bricks or boot issues are bugs that require investigation and fixing. They're not expected.

[1]: The remaining upgradable packages in 19.07 are LuCI updates. LuCI receives regular bugfixes and feature backports. Caveat here is that components are sometimes tightly coupled so all LuCI packages must be upgraded at once to prevent ui corruption in some case. However, even a failure there does not cause soft-bricks, the router still remains reachable via SSH.

5 Likes