IMO, the only good way is "if it works, don't fix it", which means, no updates. People are seriously overhyping updates.
I stopped updating all the stuff - OSes, smart locks, android apps, TVs, BP monitors - I honestly had multiple update problems on ALL mentioned devices, multiple times. I only update the thing when I have an actual problem and there is changelog stating that the bug is fixed, or when I want a new feature. You can handle security in other ways in almost all the cases.
I think this IT update burden has gotten out of hand - I don't recall any other domain is like that - my car, my house, my bicycle, my glasses DO NOT UPDATE and its glorious - apart from physical damage, they work the same as yesterday.
In fact; I have a laptop right now that hasn't received updates because there's a shared object that has been removed that `yay` depends on.
(this was from a long time ago).
I generally think that updates of the mainstream distro's like Debian will definitely *NOT* brick your system in almost any circumstance, and arch tends to be somewhat solid, but every once in a while something dire happens with arch which would make me not agree with the fact that updates are always seamless.
"AUR packages are user-produced content. These PKGBUILDs are completely unofficial and have not been thoroughly vetted. Any use of the provided files is at your own risk."
Usually just rebuilding a AUR package will fix most issues.
Build a tiny core, ask the community to extend: never be liable for any issue because important packages that are essentially required aren't part of the core and thus any criticism is invalid.
Not saying that's happening here, but it could happen by this definition.
But, ok, there are more issues anyway, for example it's pretty common that you have to update archlinux-keychain before an upgrade can succeed because the signing keys have rotated and someone has already packaged an update to something with the new key. That is definitely base.
A line item on my agenda today is actually helping a team figure out why when they do a release upgrade on their pet Ubuntu VM practically everything they care about on the box breaks and helping them plan out strategies to un-pet these workloads.
I've had a good share of Windows updates making a mess of things, don't get me wrong. But I've had plenty of bad updates in Linux over the years.
>it's pretty common that you have to update archlinux-keychain before an upgrade can succeed because the signing keys
"Since 2022-07-29, the archlinux-keyring-wkd-sync.service and the associated systemd timer have been created and enabled by default"
https://wiki.archlinux.org/title/Pacman/Package_signing#Upgr...
The shit is broken sometimes, it’s ok, but we are here to be intellectually curious and have a discussion.
Lying to people about how broken it can be to update in reality is the opposite of that.
We aren’t here to pull down arch or the community; just here to spit facts.
At the end of the day arch is firmly a do it yourself distro where some user intervention is expected.
> I've also been using Linux for years (Arch, btw) and never had an update break my install or cause issues
Is an anecdote that is worthy of being attacked with my own, given the context that people might come away thinking that Arch updates do not break their system.. right?
>Many people use Arch because of its package manager
True pacman is great but that has nothing to do with the AUR.