CentOS Stream isn’t unstable in the way that something like Arch Linux or Debian Sid is.
They effectively only got rid of point releases. Instead of going from CentOS 7 to 7.1, you just regularly get updates. Since they’re a part of the same major release, they don’t contain breaking changes.
It’s no different from running Debian Stable with the -updates repository enabled.
Right. But it does not matter in this case - Meta rolls out its own kernel (we employ a lot of kernel engineers, and PSA our Linux teams are hiring software engineers!) and we maintain our systemd backports and some other packages in the CentOS Hyperscale SIG
That was my take on it. But CentOS Stream didn't get a fix in time for last major CVE before RHEL/Oracle or ubuntu/debian for that matter. That killed it for me.
AlmaLinux mentioned this in their 2023 revue
>[After the split, we] have been able to ship critical security and bug fixes sooner than any other enterprise linux distro. [...] In some cases, any distribution that is still relying on RHEL as their upstream is still waiting for these patches to be released.
https://almalinux.org/blog/2023-12-14-2023-highlights/
Ironically, faster fixes were one of the reported reasons for moving CentOS upstream, turns out that was only for metabook.
Alma is quickly becoming the new self-hosting distro for me and I feel by now they're better than before
Stream gets faster fixes in general, but yeah for embargoed security fixes it goes the other way around
Even if you are Meta. The only trick we use is something anyone can do - hotfix it in Hyperscale, or download the Stream fix as soon as a signed build is available without waiting for it to be fully released
They effectively only got rid of point releases. Instead of going from CentOS 7 to 7.1, you just regularly get updates. Since they’re a part of the same major release, they don’t contain breaking changes.
It’s no different from running Debian Stable with the -updates repository enabled.