Comment by fragmede

Lowest risk, yes but not bulletproof.

Smaller customers don't have the same web traffic, which may not be enough to trip any given failure scenario. One could imagine that the backtracking in an onerous regexep is only triggered with a sufficiently large customer that has a path that is especially difficult to match.

With staged rollout and without a "fast" deploy procedure, by the time it hits the larger customers, it's already been deployed to some percentage of the fleet - and then you still have a problem, with a significant proportion of your fleet.

Staged rollouts are an entirely reasonable risk mitigation idea, mind you, and not one I'm even arguing against.

My point is that unfortunately it's no panacea, especially at scale. Which is what makes this all an experiment.