> I very much prefer regular manual updates, as it allows me to read release notes, bug reports and manual user intervention instructions before update.
But, not having the time to review 198 updates shouldn’t justify automatically permitting the updates.
I agree there isn’t time to review them, unless you have plenty of staff and time (no one does)... but the recent Solarwinds debacle was a supply chain attack, and automatic updates allowed an exploit to be propagated to many companies and agencies.
I would ask myself if I need that many packages. And raise the red flag with management that maintaining proper security is a challenge under such circumstances.
Sure, for most (including myself) it's impossible to review every little update. But the bug tracker of your distro is a good indicator if some of the most recent updates created a bunch of new tickets, especially those that are considered to be critical. In case of Arch Linux it is strongly recommended to read the latest update news on archlinux.org, before update.
In addition to that you get some experience over time which of your package updates caused most trouble in the past and you can take additional care. For example, I know that on my desktop the combo of displaylink and xorg does break from time to time with updates, therefore I carefully lookout for issues regarding xorg updates for displaylink users, before I do the xorg update.
Do you have the time for this though?
> 198 packages need to be updated