This is particularly important for systems where canisters have no controllers and cannot be updated. In such cases, their functionality depends on system canisters, making the stability of their IDs and APIs a critical factor.
Any insights or links to official documentation would be greatly appreciated!
@diegop If you know someone who could provide insights, I’d really appreciate the tag.
Canister IDs could in theory change, but in practice I don’t see it happening. These IDs are hard-coded in so many places that I just don’t see how we could ever do that safely.
APIs are much less stable. In general, we try hard to not break APIs but sometimes there is no way around, e.g. due to security concerns.
In addition to avoiding breaking changes, when they seem unavoidable, we try as hard as possible to create a “nice” migration path for existing callers (an example by yours truly). As Severin points out, particularly in the case of vulnerabilities, providing a nice migration path isn’t always feasible.
The Governance team within DFINITY is the main developer of CMC, Governance, and Root canisters. I would say @lara is a good person to tag for those.