Not so long ago, I had the opportunity to upgrade midPoint from a long unsupported version to the latest LTS version. It was quite an experience, especially because most of the time, I was actually writing the software, but not maintaining or upgrading it.
There are many benefits when you upgrade your software, however, the upgrade is often postponed for various reasons. Let’s talk about this first before we get to the reasons to actually upgrade.
If It Works, Don’t Touch It
This is a totally understandable perspective. If it does what you want, you may be unwilling to change it. MidPoint, in particular, is not just some utility where you simply upgrade it and it works as before or even better. However, the upgrade brings changes, the configuration needs to be rethought, and it all comes with a cost.
But in fact, under the lid, there may be things that don’t work so well. Something might have changed in your environment, entropy creeps in, and some concealed problems with it. The upgrade is a chance to review them. Read on to learn about other good reasons to upgrade.
Upgrading Is Hard
Yes, it is. A midPoint upgrade guide is certainly not a light read. Schema changes in resources, object templates, and GUI configuration often require some serious commitment. However, it is not all bad news. With midPoint 4.0, we introduced the LTS (long-term support) concept and you don’t have to upgrade through each midPoint version, since LTS-to-LTS upgrade is supported as well.
We are aware of this hurdle and strive to make the process easier. With the midPoint 4.8 LTS version, the upgrade should be even smoother with some tooling helping with the process. This should also cover the upgrade path from the previous release, including the latest midPoint 4.4.x LTS version.
Other Reasons
Software is a naturally-changing thing. Some features are added, while others are culled. In theory, software capabilities can grow without ever being removed — but even improvements can cause incompatibilities. And furthermore, there are maintainability reasons to simply remove some components.
Perhaps you are not ready to quit the database that is not supported in future versions of midPoint. Realistically, we cannot continue to make midPoint better and maintain all the old stuff as well. Our reasons are predominantly about technical and business sustainability. Moreover, we want to keep support subscription prices at a reasonable level, and therefore, we often face hard decisions about eliminating support for older technology. We’re not dropping some database support because we want to limit your options, we’re also doing it to open space for more features in the product. So, let’s talk about…
New features!
If you compare the feature set of midPoint 4.0 and 4.7, you’ll see tons of changes for the better, many new capabilities, UX improvements helping you to use these features in an easier fashion, and much more. We regularly hold video workshops about our new features that you can check out here.
Bug fixes
Sometimes new features mean a few new bugs. 🙂 However, new versions bring many more bug fixes. Life with a newer midPoint version is generally better. If some bug is making it frustrating for your organization, and the bug is fixed in a newer version of midPoint, you should definitely consider an upgrade.
And then there are special kinds of bugs…
Security
Software lives in a ruthless world, with various elements (people or other software) trying to attack it. Sometimes a bug in midPoint is considered a vulnerability, and we need to fix it as soon as possible, depending on the criticality, of course.
More often than not, the bug is actually in the library we use. Even in 2022, there were high-profile vulnerabilities in OpenSSL and Spring4Shell. MidPoint is not always affected by every vulnerability in its dependencies, but it happens sometimes. The code is at least reviewed and often hardened in some way.
These fixes are backported to all the supported versions and are part of maintenance releases. Unsupported versions are not fixed and remain vulnerable.
Support, of course!
If you can handle your own midPoint installation, that’s fine. After all, that’s how midPoint is offered. However, along with our partners, we can provide additional value to the mix. We have years of experience deploying midPoint in various environments.
Bugs should only be reported for supported versions (see this list), critical fixes may be backported, but again, only to supported versions.
Finally, in many companies, there are regulatory reasons to run only supported software.
Conclusion
For me, the question is pretty obvious: “To upgrade, or yes?”. Upgrade may be painful at first, however, upgrading later is even worse. Of course, for more conservative customers, there is a fully supported LTS-to-LTS upgrade path. After upgrading, you may discover new features that will make your midPoint experience even better. Moreover, a new version is also more secure.
So don’t stay on unsupported versions. As mentioned above, our partners can help you migrate from an unsupported version, however, it is advisable to upgrade before your current version becomes obsolete.