whenever something is broken

xbps-install -Su usually when a regular xbps-install <package> fails due to cert issues every few months

And then, inevitably:

At most once per day. Sometimes I can go three weeks without remembering to upgrade

I have a script I run daily (named daily) that makes a timeshift backup, checks for updates from pacman, then checks for updates from the AUR. I’m very fond of it :]

as someone who is a dev by trade I update/backup on fridays because I think it’s funny.

Once a day

I do sudo pacman -Syu as a ritual each time when I start my computer or laptop. Like, the very first thing after the system is booted. So far so good, been doing that for 7 years.

For my Manjaro systems, I usually check the forums and after I see a new stable update is posted I’ll do an update in the next few days. Sometimes I’ll check between the big updates for things like browsers or other occasional high priority updates that get posted between the big updates, but usually only if I’m having a problem or have some other reason to do this.

When I am bored. A few times per month in winter. Once or twice per summer.

Under Arch, I was stalling system upgrades for around 1 and 1/2 weeks, otherwise had a lot of library issues. This also ensure that I can install software, programs and dev libs pretty easily.

Under gentoo, I update my package DB every 2 or 3 weeks, then merge changes. Usually, I do this on monday. Working from sources, with a fixed package DB, makes things really stable.

Right now, my main workstation runs OpenSuse. I upgrade every 2 weeks.

Servers are mainly running OpenBSD and stable software. Around 2/3 weeks.

I also follow Sec Lists and Software Update feeds. If something urgent shows up I do upgrades and merges in a 12h period.

For me, it’s about reducing the amount of time the “update available” icon shows up in the system tray, because its very presence bothers me. Maybe there’s something cool and new. Maybe it fixes a severe security problem. If it’s for programs I’m not using right now, then the update can be applied right now. Otherwise it’s going to have to wait until I’m done. And bother me.

Yes, I could turn updates off and never see it, but that seems like a bad plan in the long run.

My Debian trixie desktop system rotates /var/log/apt/history once a month. So over the past year:

$ zgrep upgrade /var/log/apt/history.log*gz|wc -l
25
$ ls /var/log/apt/history.log*gz|wc -l
12
$

25 upgrades in 12 months. So about twice a month on average on that one.

My home PC, about once a week, or whenever I have to install new software. My work PC, about once a month because the nvidia driver takes fucking ages to update because of DKMS.

As for the servers under my professional care… it depends. Most of the servers that I made run Debian that I update three times a year whenever the downtime is acceptable for the university (spring break, late summer, early december) or if a CVE needs fixing (e.g. xz-utils). One internet-facing server that I inherited still runs Ubuntu 16.04 because some teachers can’t possibly live without some legacy software and will throw a tantrum if upgrading is even mentioned – that one gets zero updates, and I got the dean’s promise in writing that I wouldn’t be held responsible for it.

The big virtualization server still runs ESXi 6 because the university didn’t want to pay for a lifetime license when it was available, doesn’t want to pay for a subscription now, and doesn’t want the downtime required to fully migrate to Proxmox VE. So it gets no updates. Plus it has a bad SSL cert and I need Chromium’s thisisunsafe to bypass the error.

It’s fucking rough out here.