I think you misunderstand.
I didn’t see an unstable branch in Git that had recent activity, so it seemed like there was only one maintenance/development branch, and that was master. So, having you say there’s a dev/unstable branch helps me understand the dev process better.
As for demanding everything for free - I didn’t think I was demanding anything. I was looking for advice on the best approach to updates that would have the least potential for adverse events on a production server.
As for a support subscription - it’s certainly something I’m considering - I’m likely to send the project money in any case, should I move a site to active use of MC. (I’m pretty good about financially supporting products I use regularly.)
So let me summarize.
Security updates to Dovecot, for example, have to be pushed into the MC master by the devs and then each install/site needs to run the MC update to get that security patch. (i.e. Security patches are not handled by the host OS that docker is running on, right?)
So, if that’s true, we have to run the MC update script regularly to get security updates, right?
And there’s no way to get security updates without also getting “feature” updates?
It’s pretty safe to apply updates, say, via cron? Once a week? Once a month?
I get that these choices are based on the needs of each site/install - but I’m trying to get some handle on how it’s usually done - best practices, if you will, for MC.