Few open source packages can be upgraded sanely without a serious dose of buyer-beware. Plone products, as mentioned in a previous chapter, are "free as in puppies", and one of the biggest opportunities for those puppies to make a mess comes during upgrades. Here's how to protect yourself so your data stays safe and your service reliable.
Performing product upgrades should be as simple as running bin/buildout
to download and install the latest versions and this often does work. However, buildout also makes a lot of assumptions that can lead to surprises:
A stock Plone install relies on no fewer than three separate servers being up, and they do indeed go down from time to time, often without prior notice.
The release of any product depends on the uncontested quality assertions of its developers and the developers — of any packages it depends on. The amount of testing done before uploading to PyPI (one major source of packages) or plone.org's Products section varies widely...