Conversation

Replying to and
GrapheneOS is a partner in the security program so it receives security patches in advance. It doesn't help with much, since it only really takes a day to integrate the patches, build, test and ship a release. Major version upgrades are also a different story as you can see here.
2
The major version upgrades bring a lot of important privacy and security improvements every year. When the device support code receives an upgrade to the new major release (which is optional, due to Treble), that tends to prevent simply staying on the previous branch for a while.
1
Each major release of the OS is supported for 3 years, so it's possible to stick to a single major release for 3 years, but that would miss out on not only substantial privacy/security improvements (rather than only the bug fixes) but also generally blocks full security updates.
1
Show replies