See, building and configuring a staging environment also takes time and money… money which they are not willing to spend on something “for testing” and not in actual use. Plus, I’m not gonna get paid for doing that either, so why actually do it… to be honest, I would do it, even for free, but you gotta caugh up the money for the hardware man. I’ve been told “just use what you have in the scrap pile”… for what, a server 🤨? Are you serious? They barely spend any money on that even, why should I bother creating something as e staging environment.
Did you think of testing security updates on a staging environment before going in production with it, if you suspect in can break things?
I think there is no excuse to apply security fixes wich have a CVE number.
If you are on Debian stable unattended updates are not a problem.
See, building and configuring a staging environment also takes time and money… money which they are not willing to spend on something “for testing” and not in actual use. Plus, I’m not gonna get paid for doing that either, so why actually do it… to be honest, I would do it, even for free, but you gotta caugh up the money for the hardware man. I’ve been told “just use what you have in the scrap pile”… for what, a server 🤨? Are you serious? They barely spend any money on that even, why should I bother creating something as e staging environment.
This sounds so horrible, I would consider finding a better employer. I hope, you are not stuck with them.