Hi all, couple thoughts on this.
First of all, we very much realize that Bubble is a mission-critical piece of infrastructure for a lot of our users, and that when we ship buggy code, it can be anywhere from a major inconvenience to a disaster for our customer. We feel really bad when this happens, and generally scramble to get a fix out. This last couple weeks we’ve seen a couple of mistakes on our end – we’re very sorry about that.
The primary defense mechanism against this kind of issue is our QA and automated tests. All new features are tested by hand, and we run all new code through a suite of automated tests that try as many common scenarios we can think of, including scenarios we generated as a result of past bugs that have slipped to production. That said, our test coverage isn’t as good as we’d like it to be; we have a lot of corner-case feature interactions where one Bubble feature can cause bugs interacting with another Bubble feature, and we don’t have coverage for all of them. We just engaged a QA contracting firm to help expand our test coverage. We’re paying for the equivalent of a team of five full-time testers, which might expand if the initial trial goes well, and they’re currently getting up to speed on our product and starting building tests. QA is one of the areas we think we can throw money at to get improvements after our recent fundraising round, so we’re crossing our fingers this test effort goes well.
In terms of release schedules, to clarify how this works:
- For customers on free or shared hosting plans (ie, not dedicated), we have two clusters of servers; the main cluster, and the scheduled release cluster. On those clusters, we can’t deploy code to apps individually; deploying code to one of the clusters updates every app hosted on that cluster.
- For the main cluster, we release code as soon we’re done testing it. You can see a log of those releases on the “Releases” tab of this page: Releases | Bubble
- Once code has been on the main cluster for 12 hours without us doing another release or seeing evidence of new bugs (generally overnight), we mark that code as “stable”. We do sometimes see bugs in stable code, but they tend to be fairly subtle and / or impact only a tiny fraction of apps; more visible bugs generally get noticed by the team.
- The scheduled cluster contains apps where users have selected to be on the “Scheduled releases” tier, which is an option for apps on our Professional plans and above. The scheduled release tier gets updated 9am ET every day that there is new stable code. So if we don’t mark our code as stable for a few days, there may be a few days in between releases, or if deploying is going smoothly and there aren’t any bugs, we might release code every day.
- Apps on dedicated plans have the option to upgrade their cluster to the latest stable code once it becomes available. Currently, dedicated apps can choose not to upgrade for extended periods of time, although in the future we may put a limit on how out of date a dedicated cluster can get because we’ve seen a number of issues caused by apps being on very old versions of code.
So to summarize:
- Our primary mechanism to keep the platform stable is testing. Our testing isn’t as thorough as we would like it to be, and we’re currently investing more money in fixing that
- As an additional layer of protection, which we hope becomes unnecessary over time, apps can pay to be on the scheduled or dedicated tiers, which only get code that has been in production without us noticing issues with it for a period of time.
We may tweak these release schedules in the future, but we’re more excited about improving this by hiring testers, because eventually, if we don’t find bugs in our human or automated testing, they’ll make it to end users no matter how we structure our releases. Either we find them, or you find them – there’s not really another option.
We also do think it’s important to keep shipping code at a steady cadence, for a few different reasons. There are certain times we have to roll out code: we find a security issue, a web browser makes a change that breaks apps, we get hit by a new form of DDoS attack or encounter unexpected user behavior that causes issues with our systems, or a third party provider we use deprecates a feature or makes a change on their end. Moreover, our community has the expectation that we keep investing in and improving the platform: part of the bet of building your business on top of us is stability, but the other part of the bet is that Bubble is going to keep evolving and improving and the ecosystem will keep growing. One of the reactions to my most recent community update was that the rate of features we’ve shipped over the last two years has been disappointing, which is feedback we agree with and are working to change. Finally, from a change management point of view, frequent small releases tend to be safer than infrequent, massive releases: when something goes wrong during a small release, it’s usually easy to pinpoint the problem and roll back or fix-forward, whereas for massive releases where a lot is changing at once, it’s harder to diagnose issues and the likelihood of unintended consequences from multiple changes interacting with each other in bad ways is much higher. For all those reasons, we do think it’s important keep shipping code on a regular basis, but we very much agree that we need to improve the quality of those releases.