Apply your patches Link to heading
As a software engineering leader one of the basic utilities to look after is keeping your system up to date. This is a strangely neglected area of software engineering. There are several good reasons why patching (and deployment!) should be a regular task across all of the repos that you are responsible for.
- Security - the big one, new threats are discovered daily and you don’t want to be the next JLR
- Save future pain - frequently updating is much easier than bit updates when runtimes are retired
- Cost management - it makes the cost of running software visible rather than kicking it into next year’s operating budget
- Repo sizing - it helps optimise repos between myriad micros and cumbersome monos
There are tools to help, like Dependabot, but most of us prefer code changes to be checked, regression tested and signed off before deployment. This means there is manual intervention needed if you manage software source code.
How often you patch is subjective. In busy repos it should be frequent as you and your team are in there already. For stale repos then quarterly might make more sense. Just don’t forget about it and don’t leave your patching for when you have more time.