
Ask HN: What constitutes a “hotfix”? - pb2018
At my company we are trying to define some new policies and procedures to prevent wild, partly untested code going into production under the basis that it is a hotfix. To help us implement said policies &amp; procedures we are trying to define what requirements must be met before a &quot;hotfix&quot; is to be deployed.<p>In your eyes (or your companies if they have something alike), what sort of quantifiable metrics do you use to determine if a fix is a bugfix or a hotfix.<p>- Is this &quot;fix&quot; going to solve a critical production issue?
- Are customers affected, and how many?
- Could&#x2F;does this fix introduce regressions?<p>Any ideas &#x2F; thoughts would be greatly appreciated :)
======
cimmanom
We don’t have quantifiable metrics, but I could distill our habits into some
qualitative ones:

First, we hotfix only for data loss bugs or for breakage of one of 3-5
absolutely central pieces of functionality without which our site might as
well not exist. Anything else goes through the usual testing and deployment
cycle, even if we try to accelerate said cycle a bit.

To qualify for a hotfix, a bug (other than data loss) has to make the
functional area unusable or pointless for a substantial percentage of users
(off the top of my head, we’d probably start panicking around 20%). There
can’t be a workaround or the workaround has to be so non-obvious our users
would be unable to use the site without customer service help.

In 3 years here, we’ve deployed a lot of major bugs that were fixed within the
hour - that probably happens once every week or two. Nearly allf those fixes
passed acceptance testing and cursory code review but not all wait for CI. A
handful or two of those may have even met the hotfix criteria above.

But I can only think of one or two true hotfixes where we skipped any sort of
QA process or proper merge procedure - and those were cases where the site
never came up properly at all after the deployment, so they were essentially
failed releases. The ones I can think of were production-only configuration
errors, where breakage was massive and testing in a staging or CI environment
wouldn’t have accomplished anything.

------
juangacovas
Yeah, commit message containing "hotfix" means you got a call from someone
complaining something is unexpectedly broken in production so you reproduce,
fix it as fast as possible and deploy.

Or, maybe you just "ssh rambo@production" and apply the "hotfix" to the
appropiate file(s) [the ssh rambo stuff read first at reddit X)

------
theli0nheart
I'm sure there are a lot of differing opinions on the definition, but to me, a
hotfix is a fix that's committed directly to the master / production branch of
the codebase and then immediately deployed. If there are other changes
included with the deployment, then it's not a hotfix.

------
segmondy
Hotfix is the fastest fix that can be released to fix a serious production
bug. It's hot off the press, there's no cool down period. Fix, Test, Release.
The release happens almost as soon as a fix is found

