Friend, considering the supply chain attacks going on these days, automatically updating everything, immediately, probably isn't the perfect move either.
Friend, considering the supply chain attacks going on these days, automatically updating everything, immediately, probably isn't the perfect move either.
You need to automatically update from a trusted source. That source better audit and update constantly. Which is hard.
Ignoring the real benefits of security updates to prevent the unlikely event of supply chain attacks sounds like a weird tradeoff.