How does forge run automatic security updates?

I'm not 100% positive, but I believe Forge is using the unattended-upgrades package. The cron job should be located in /etc/cron.daily/apt

thanks @TylerODonnell , i'd never heard of unattended upgrades. I can confirm it is installed out of the box and writes to /var/log/unattended-upgrades/unattended-upgrades.log. You can also see the last run time with

ls -lh /var/lib/apt/periodic

Hi, sorry to dig up an old thread.

I have just checked the unattended upgrades log in

sudo less /var/log/unattended-upgrades/unattended-upgrades.log

and for the last couple of days it says: No packages found that can be upgraded unattended and no pending auto-removals. But when I log in to the server, on the welcome message it says

163 packages can be updated.
21 updates are security updates.

What am I missing here? Does Forge only update certain packages while other it leaves to be updated manually? I was aware it doesn't update sensible services that can cause downtime as per their docs, but I would expect the security updates should be done?

I'm actually getting the same thing as @jan_zikmund . Any update on how this works?

Would be nice to see @jan_zikmund's question answered. Anyone?