# Difference between /releng and /stable, today.



## rhish (May 13, 2016)

What's the difference between the source at

https://svn0.us-west.freebsd.org/base/releng/10.3/

and

https://svn0.us-west.freebsd.org/base/stable/10/

today?

Since 10.3 is the latest release, they should be the same? no?


----------



## kpa (May 13, 2016)

Stable is the work towards the next release in the 10.X line, FreeBSD 10.4.


----------



## wblock@ (May 13, 2016)

-STABLE is constantly being updated with bug fixes and new features.  -releng only gets security and major bug fixes.


----------



## rhish (May 13, 2016)

I think I got confused with that being what -RELEASE is for. 

-RELEASE also gets critical security updates, no?

If I grab releng/10.3 and update it periodically, and rebuild from it, it will rarely change, only for critical security fixes and major bugs?


----------



## rhish (May 13, 2016)

Actually, I think releng/10.3 is what I was thinking release/10.3.0 would be. 

-STABLE will include all the work between 10.3 and 10.4 as its happening. But, releng/10.3 will be relatively static, only changing for critical security fixes and major bugs?


----------



## kpa (May 13, 2016)

Releng is by definition the "release engineering branch" that receives the security and errata fixes, no other modifications because releases are otherwise locked down to avoid introducing API/ABI breakages by accident.


----------



## Phishfry (Sep 10, 2016)

Question regarding Release 11 on the same topic.

I see that releng/11.0 is a frozen branch. But i wonder how frozen it is as it has to be shaped into a Release version. For example in the `release.sh` script in my Revision r305354 download it has a hard coded -head for location to use(I ended up with FreeBSD 12 build using it with no release.conf).  Obviously this will change for the release version, hence my question: Is it really code frozen or is the release team buffing up Name and repository locations in files and other tasks. Maybe it is not code frozen to release team for that week between release to the build team. When I see frozen I think of no changes at all.
https://www.freebsd.org/releng/index.html
When I look here I wonder if "Errata fix" is what I am talking about with release fixup.

Just trying to learn what goes on. Please take no offense by stupid questions.
I may be working off the wrong revision.


----------



## Snurg (Sep 10, 2016)

If I understand wblock@ correctly, releng only receives security but not feature enhancements.

Can I deduct from this, that the risk of broken system because of (failed) functional upgrades after updating my working system just for security reasons is reduced if I use a releng instead of a " stable" version?

Furthermore, if this is true, I'd like to ask if there is a way to upgrade my smoothly-working 11-RC1 system to a releng version (and whether that would be advisable at all).

Just in advance I'd apologize for my probably stupid questions because I am more a FreeBSD fanboy than a kernel guru  Thanks for understanding


----------



## Phishfry (Sep 10, 2016)

Yes but I see a recent Revision r305427 which seems more than doc fixes like r305551 that the famous wblock@ added.

https://svnweb.freebsd.org/base/releng/?view=log


----------



## Phishfry (Sep 10, 2016)

Chasing down the PR212305 for r305427 I notice it is a security related fixup. I can understand that.

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212305


----------



## ANOKNUSA (Sep 10, 2016)

Snurg said:


> If I understand wblock@ correctly, releng only receives security but not feature enhancements.
> 
> Can I deduct from this, that the risk of broken system because of (failed) functional upgrades after updating my working system just for security reasons is reduced if I use a releng instead of a " stable" version?



That's the general idea. -RELEASE editions are intended to be relatively static, except for security and major bug fixes. Things work, so don't mess with them. The -STABLE and -CURRENT branches follow a rolling-release model: changes are committed to the repository every day, and if a security fix is committed and you update your local source to that commit, you take in every change since your last update as well as the security fix, increasing the risk of breaking something. You could just check out the commit with the security fix, but then it's up to you to verify that the patch is compatible with the current state of your system and doesn't rely on any previously committed code.



Snurg said:


> Furthermore, if this is true, I'd like to ask if there is a way to upgrade my smoothly-working 11-RC1 system to a releng version (and whether that would be advisable at all).



Once 11.0 is released, just delete your local source tree and check out the 11.0/releng branch, build, and install per the upgrade instructions in the _Handbook_. That's how I went from 10-STABLE to 10.2, and I've been running that same install on this machine ever since.


----------

