Apt-get update once in a while

Is it ok to do an apt-get update/upgrade once in a while, or does trellis expect things to be more static?
I’m asking because I ran lynis, and it reported a package with security issues.

It should be fine, but who knows. That’s why dev/staging servers are important to test these out beforehand.

Trellis only expects the main packages to be fairly stable. The good thing is that most of these packages will get minor version updates in a backwards compatible manner.

ie: it’s fine to do most updates but if you went from PHP 6 to 7 there might be issues. (this wouldn’t happen though).

That being said: it’s very important to update your software consistently and stay up to date with security patches. You should just test it out first ideally on a non-production server.

2 Likes

That being said: it’s very important to update your software consistently and stay up to date with security patches

But how, if not with apt-get?

See Is it safe to update remote server packages? for more specific solutions.

1 Like