Separate or decouple security updates from the rest of HA

Why couldn’t integrations be modular though? If I am running a LTS version of Ubuntu and I have a Python library installed on my system that is a little bit outdated, I don’t have to upgrade my entire OS to fix it. I just download the latest version of that library and I’m on my way.

The Tuya integration changed earlier this year. I support HA for some family members and I had to upgrade the entire system to fix it which broke things. Why couldn’t I have just downloaded a new Tuya integration, fixed the problem, and left everything else alone?

1 Like

Actually, the python version issue is the reason I moved my HA install from native to docker. It’s a problem affecting all python programs beyond the most basic of scripts, and when pip is used to install packages it gets even more complicated, especially on a machine with a lot of things running on it. The polluted python namespace, differing package managers, virtual environments and all that complicated business is one of the reasons docker was developed, and HA runs perfectly in there. Really simplifies updates and installation.

But to answer your question - maybe it could, but you’d need to define clearly what modular means. There’s a lot of definitions of “module” in packaging.

I think this is getting off topic. Maybe this warrants its own topic/suggestion altogether independent of my original suggestion, or perhaps someone else has already thought of this.

This is how I view it:

  • Integrations are self-contained bits of middleware that talk to your devices and talk to HA
  • Users install only the integration “plugins” they need to communicate with the devices they actually own/use
  • Users choose when to upgrade each plugin - so if you upgrade your HA, your thermostat doesn’t surprise-break because of some feature that’s been deprecated that you didn’t see in the release notes.
  • Upgrades to the HA core/OS happen independently of your plugins
  • If your device maker decides to make some minor tweak to the interface between HA and their device/cloud provider, you just upgrade your plugin instead of upgrading your entire HA install.

Again think of it like a PC or phone. When your PC OS (Windows, Linux, Mac, etc) gets updates, do you also have to update every single app on your PC to the latest version? Or if you are running Windows 10, do you have to upgrade to Windows 11 to run a slightly later version of a given program? Of course not.

Are you quite sure about that assertion?

1 Like

That’s fine for an HVAC system manufacturer which controls the hardware (the hvac equipment). They effectively have one integration. Home assistant has 2758, which are made by hundreds of manufacturers. They make new devices every day, and change their method of operation at will, and often without any announcement. Some integrations (eg zwave, ZigBee, KNX) support thousands of actual devices from many more manufacturers, including some (hello Tuya) who don’t comply with standards and for whom you need to constantly update zha/z2m to make their devices work.

Those challenges are not present for your HVAC manufacturer.

2 Likes

That’s your configuration, not a configuration the majority of users use! :wink: And you’re simply not right about testing, reading and whatnot. The majority of the users of HA do regularly update their installation, very, very few with problems.

I’m sorry to say it that harsh, but what you experience, and what the forum and the statistics show are two totally different things. Most installations update without any problems or hickups at all. If something goes wrong, and chances are low nowadays, it is only, because users don’t read their logs! Changes, especially breaking changes have to be announced upfront - six months! In the logs! With a link to solve the problem!
Sure, that doesn’t apply for someone who has self programmed software (that is appdaemon) in his installation, but we’re talking here about 4,6% of installations, in total numbers not even 9000… I think it’s safe to say, this doesn’t apply to “average Joe”.

So in the end, what you want, is making it easier for you, not for the majority of users, because you weren’t able as a developer (see above, self prgrammed) to take care of your job. As a developer, it is your job to read the release notes, as a normal user, it’s not! :slight_smile: It doesn’t hurt, but it is not necessary for a working and up-to-date installation.

And I’m quite sure, and the statistics show that as well, that the type of user you describe (buying a GREEN and never update) are virtually non existant. The curves show, that many people update in a matter of days, even with minor versions. And we’re not taking into account, that only 3,73% of installations are even made on a GREEN.

Nope, can’t see that as “the biggest reason”, sorry. LTS is one possibilty to attract manufacturers, but it is only one of many.

The team at NabuCasa is a great team, and one should always assume, they think everyday about making their project even greater. And that’s why they came up with some very cool ideas a year or so ago.

It’s called “Works with Home Assitant”, see here for more info:

https://partner.home-assistant.io/

Basically it’s the Home Assistant way to get in touch with manufacturers and talk about the best solution for their product. As it turned out, manufacturers do have an interest in timely updates. :slight_smile:

And for your package point, that’s not valid. How should I imagine this? In the future I can buy my Midea HVAC unit with a GREEN in a bundle? Or do I get my new bulb together with a Pi and HA pre-installed?

I think you’re mixing things here. A manufacturer is interested to sell his product. A connection like “Works with Home Assistant” is another selling point for the product, but not for an additional HA server.

So we’re back to professional installations and manufacturers that work together with the developer team, to get their product into Home Assistant. That’s already working, can be expanded, but is working. No need for an LTS release. :slight_smile:

That’s your opinion, statistics show the exact opposite… :slight_smile:

HA isn’t going to struggle, because one or two people in a forum predict that. And as far as one outside NabuCasa can tell, it looks like NC is growing exactly in a way, that the founder and the team wants it to. Around 40 employees that get paid every month and do a fantastic job.

HA is one of the five big players in home automation, but it is the only open-source project of these five, and it’s the only one that works fully local. Meaning, it is an alternative to such multi billion dollar things like Apple Home Kit. If this is not “grow beyond the tinkerer community”, I don’t know what is.

Have you ever thought about, that maybe revenue isn’t the primary goal for an open-source project? Maybe the team behind HA wants the luxury in their life, to work on a project, that fulfill them rather than making the big dollar with it?

Maybe, just maybe, the don’t want to build a professional version with LTS support and other things. Maybe they just want to have a very cool home automation platform, that pays the bills and is fun to work on…

I highly recommend, you take the time, and readup on the visions and ideas that drive the team behind Home Assistant. There are numerous documents out there, like the “State of the open home” or the “vision from our founder”, both found on the website. And if I may suggest another thing: take the luxury and watch a few of the release videos on YT. There you get a first hand insight from Paulus and Frenck, and why they do things the way they do.

3 Likes

Note that my comment was about HVAC installers, not manufacturers. These are small to medium sized forms that install and maintain systems from multiple manufacturers. For complex smart home tech to be widespread it is going to need to be installed and supported by these firms, electricians, or such.

No

There are specialized home installers for this. The same people that do theatre and audio installs come to mind. Or others that do more complex corporate/business systems

AC firm wants nothing to do with your smart home.

My HVAC company is called Oliver Heating and Cooling. Over the past few years, they have added Electricians, Plumbers, and Remodeling (https://www.oliverheatcool.com/). Other firms near me are doing the same. I think they do want to move into adjacent areas. Smart home technology is adjacent.

Most people in the world are not like the current users of Home Assistant. To get the full value of Home Automation they will need professional help and maintenance.

This is just my speculation. We will see over time. It will be interesting to see how this actually plays out.