RE: https://mastodon.social/@bagder/116294927524710539

A rare and underappreciated approach to better software security:

"our commitment to never breaking ABI or API allows all users to easily upgrade to new releases. This enables users to run recent security-fixed versions instead of legacy insecure versions."

I suspect the ecosystem would be improved greatly by this behaviour alone if it was more common.

I know it's not that simple. Maintaining years of backwards compatibility can significantly increase surface area and complexity and become its own source of vulnerabilities.

Maybe a pattern I've seen in Terraform is the middle-ground: whenever breaking changes need to happen, include a tool to automatically migrate existing dependant code to use the new API.