If you’ve got 40 people depending on a single piece of relatively inexpensive hardware, a spare for the future would be highly recommended.
If you can function without zerotier, I would wait. If I were in your shoes, I’d be building from source all the time (control of what I build and faster security by a couple days) and testing on a second router. That’s what I do at home, even more important in a business environment.
Downgrading would not be my choice as it increases the possibility of a config issue.
but i am already building from the git v18.06.3 tag, so that is correct, right? just something is wrong with the buildbots? or is it going to be 18.06.4 instead of 18.06.3?
Sounds like the procedure and strategy for managing the repository directories needs a revision or two once the crisis is averted.
These may be obvious and/or wrong, but are offered in case they are useful.
Releases should be protected and resiliant at the filesystem level.
For example:
Write permissions removed on the filesystem level as a crucial step before the componets of a release are deployed and announced.
"Pointer based" updates, if updates are necessary. Ie, change a symlink or the directory path in a webserver config file in order to switch from the old directory tree to the new directory tree.
Occasionally tested, quick and easy to restore nearline and offsite backups.
These can come in handy for other issues, too, like compromises that give an attacker non-root access to the filesystem (like a compromised webserver binary/user).
There are plans to create an openwrt-announcement list. So eventually you can subscribe to that once it is available to get notified whenever a new version is ready to deploy.
Now two new versions have appeared: again 18.06.3 and even 18.06.4. But this time they don't cheat me! If I understand there is an automatic system that builds releases and sometimes makes mistakes. Then I will wait for the release of the new version on the main page of the project; for now we are at 18.06.2.