My company has Nginx deployed from upstream's repositories. I would ideally like to include this repository in unattended-upgrades, but I'm concerned that this will break things at some point.
I understand that this carries the risk of bugs, which is a tradeoff I'm willing to make, but what's unclear to me is whether Nginx has any kind of configuration syntax/semantics backwards compatibility guarantee (we don't use third party modules so this is the only kind of backwards compatibility I care about). I've read What’s the difference between the “mainline” and “stable” branches of nginx? and the linked blog post but didn't see anything. Even if I use the stable repository, it seems that when mainline is forked and merged with stable I'm still risking breakage in the absence of a stability promise. Is that interpretation correct? Or am I missing some Nginx policy somewhere or possibly even approaching this problem completely incorrectly?
