Who's recommending it? It's up to the user to decide whether to stick with -release/-stable, with the understanding that packages won't see significant updates or new features until they upgrade to the next release in 6 months. But they have the option of following -current and testing the same snapshots developers are running on their laptops, and they can even help contribute so that the next release has even more tested and up-to-date packages.
The OpenBSD documentation does not really make that balance clear to the new user though. And of course there is no mechanism for regular updates either.
> New users should be running either -stable or -release.
EDIT: Haven't used OpenBSD in a while, but unless I'm misreading https://www.openbsd.org/faq/faq10.html, syspatch & binary patches only apply for release branches - in which case you would need to either deal with obsolete packages or compile them yourself. On the other hand if you where to track -stable branch you would get semi-regular binary packages (not everything for example no chromium, but at least you get firefox), but in that case syspatch won't work and you'd need to recompile kernel & userland.
Also, which exactly packages get updates is completely non-transparent for the end user if they follow official instructions.
> And of course there is no mechanism for regular updates either.
Not true. There is both syspatch(8) to apply binary updates and sysupgrade(8) to upgrade to the next release or snapshot. And there are regular packages available for -stable and -current.
> New users should be running either -stable or -release. That being said, many people do run -current on production systems to help catch bugs and test new features.
Is the full quote from the page you linked. I won't reply to you further as it's clear from other replies here you have an agenda.
But neither syspatch nor sysupgrade apply to stable branch, meaning you'll be running release and if that's how you're keeping your desktop system updated - you're definitely using vulnerable browser, as in this scenario neither firefox nor chromium will get updated until the next release.
current branch is very clearly not meant for new users, that's mentioned in various faqs multiple times.
Regardless of whether you're running 6.8 release, have applied the official syspatches, or compiled your own system from sources (-stable or release + patches). The binary packages compiled from the -stable ports tree are supported on all of these. Out-of-the-box 6.8 will always prefer packages from the packages-stable directory. And you can absolutely always use sysupgrade(8) to upgrade to the next release or snapshot.
You do have some huge misunderstandings of -stable/-release terminology and how they apply to the base system. Especially with the introduction of binary syspatch(8). There is no longer any incentive to compiling the -stable sources yourself, as the distinction between -stable and -release + errata patches has largely been lost. In the past it might contain changes not worthy of an errata, for instance, but these days that would be exceedingly rare.
You're right, there's no -stable packages for chrome. Boo hoo. What you don't see are the lengths OpenBSD has gone to protect users of these gigantic pieces of software, such as the tight integration of pledge(2) and unveil(2) by default. Heavily restricting to entirely removing filesystem and network access for every unique process type. Leaving only access to the ~/Downloads directory.
What you're telling sounds wonderful. That definitely wasn't the case a few years ago and documentation still does not reflect this conceptual merge between -release and stable.
And also, as far as I can tell the newest Firefox version available on -stable OpenBSD right now is 82.0.3 which was released in November.
