“break package manager” defined as "apt-get will not be able to finish upgrading. Stop in the middle. Whonix maintainers may or may not be able to release a fix and or instructions to repair it.
Using stable:
Requires no intervention from Whonix maintainer since it will automatically upgrade at some point to jessie when Debian developers bless jessie as stable.
Forced upgrade of Whonix jessie at decision time when Debian developers bless jessie as stable might break package manager. Risk of such breakage can be reduced by making Whonix’s Debian packages compatible with jessie/testing early. More maintenance effort by Whonix maintainer to continuously check jessie/testing compatibly since it is an always changing target (besides in the period of Debian freezing testing).
Using wheezy:
Better control on when system will be upgraded to jessie by Whonix maintainer. No surprising upgrade to jessie.
Less maintenance effort for Whonix maintainer. Work on jessie compatibly can begin as soon as jessie was blessed stable by Debian developers. But then there is very little chance of getting any Debian changes into that version that Whonix would require.
Less chance of breaking package manager.
Upgrading Whonix to jessie gets complicated, since the anon-apt-sources-list package can change the file but not run apt-get update. Whonix packages made compatible with jessie-only (I hope there is no need to break compatibility with wheezy anytime before jessie is blessed stable for a while) would not be installable on the currently running wheezy based version that is supposed to be upgraded also leaving with a difficult to manage situation.
At the moment we’re using stable over wheezy and I think it is the less problematic choice.
Why is this a non-issue for Ubuntu or many other derivatives of Debian? They rebuild the whole Debian archive on their own servers and the dedicated manpower available for this endeavor.
Maybe Whonix’s repository should also use codenames wheezy and jessie? And use wheezy in /etc/apt/sources.list.d/debian.list. At some point when jessie was blessed stable by Debian developers and Whonix is fully compatible with jessie, tell users to switch wheezy to jessie in /etc/apt/sources.list.d/debian.list as well as in /etc/apt/sources.list.d/whonix.list (using whonix_repository tool)?
> Use wheezy or stable in /etc/apt/sources.list.d/debian.list?
I think it depends on how many compatibility issues you find for the
Whonix use-case, in my experience there will probably be enough issues
to warrant separate branches,
At Whonix 9 release time, if I were to replace the stable repository with Whonix 9 packages, it would break since special instructions are required for Whonix 8 → Whonix 9 upgrades unfortunately (Release Upgrade - Whonix). [This happened during the Whonix 7 → Whonix 8 change and some users were not amazed.]
whonix-repository tool current situation:
Menu point 1 text.
Automatically install updates from the Whonix team?
Whonix News (via whonixcheck) will notify you of available updates.
When you run
apt-get dist-upgrade
updates from the Whonix team will be AUTOMATICALLY downloaded and installed, along with updates from the Debian team. Please read Placing Trust in Whonix ™ to understand the risks.
You can always start the Whonix Repository Tool again by running:
sudo whonix_repository
Menu point 1 choices.
Yes. Automatically install updates from the Whonix team.
No. I will manually update from source code.
Menu point 2 text.
Which Whonix Repository would you like to receive updates from?
Most users should select the Stable repository.
You can always start the Whonix Repository Tool again by running:
sudo whonix_repository