enterprise license

[alexskysilk]

Despite the known issues, it seems they’ve migrated the problematic module to the non-subscription version and are conducting thorough testing.

If none of that were the case, the answer to the questioner should be “It’s safe.”

Isn’t the OP looking for information about cases like this? That’s simply why the conclusion is “It’s not safe.”

I think we're actually on the same page- its the meaning we take from it that is different.

"safety" in this context is the continued uninterrupted delivery of service. the SAFEST thing to do in production is LEAVE A WORKING ENVIRONMENT ALONE. This is impractical for many reasons in a PVE environment- CVEs, corrected edge cases, etc, are continuously identified and mitigated, so the operating philosophy "for real" revolves around how to modify the stack in a way least likely (or better yet, guaranteed) not to interfere with service delivery.

Deploying a more "mature" repo is a first backstop but dont think for a second that faults the kind you were specifically pointing to dont make it into the "Enterprise repo" too. if no one tried to do the precise use case you did (I would never have, it doesnt solve a problem that I have) OR simply reverted instead of reporting it as a bug it would have survived the nosub repo. As the responsible party to providing service, its incumbent on the admin team to STAGE an upgrade before deploying it to production regardless of how "stable" the repo they are using. As long as you do that consistently, you can use even the testing repo safely- not that its a good idea to but you get my point. SAFETY is in having proper deployment procedures FAR MORE then repo dependency.

Even with the specific example cited, the dev team was aware and provided workarounds. you just have to be prepared to follow through with the solution before impacting your production.

 

[uzumo]

I think we're actually on the same page- its the meaning we take from it that is different.

That's right.

SAFETY is in having proper deployment procedures FAR MORE then repo dependency.

I don't apply updates directly to production environments myself, but since I'm in charge of non-PVE maintenance, most people who contact me about issues in my area just go ahead and apply the updates as is. And surprisingly, there are no test machines available (like on Windows, for example).

However, the company does not want to purchase the enterprise license, and another technician wants to perform Proxmox updates using the no-subscription repository instead.
I recommended buying the official license, but there is always someone who wants to go against that recommendation.

Do people who are reluctant to even buy an affordable subscription actually own a machine for testing in the first place?

If anything, I think it’s precisely in such environments that they should use a subscription service to access a more stable repository.

Most people will probably just update via the UI whenever a vulnerability is found or on a regular basis. If a problem arises, they’ll simply post on the forum or contact support. Most people—myself included—probably wouldn’t even be able to identify the root cause of the problem.