"It" being the PyPI server not finding it? Pip not supporting the API? Or it downloads correctly but the setup.py prints that error?

What do you mean "not supported by the platforms"? And do you mean that or "removed"?

what if pip didn’t support 0.112.4 anymore?

What do you mean by that? If new versions of Python didn't run that version of fastapi? If PyPI removed it?

If you're one of those people that think every product is better if there's "AI" on the box then sure. What you're describing is static analysis though, it is not new.

Probably not. Obfuscation works, and might even depend on remote code being downloaded at either build time or run time.

There are a lot of heuristics you can use (e.g. disallowing some functions/modules) to check a codebase, but those already exist no AI required. Unless you call static analysis "AI", who knows.

Nextcloud, Syncthing, PeerTube, Vaultwarden, Gitea (+drone, drone-qemu, gitea-pages), Wireguard, FreshRSS

unattended-upgrades can already do that actually, i e. you can configure the systemd timers. But that's insufficient for my needs. Using a mirror seems like the best option so far.

What? I said I'm already using unattended-upgrades.

I am not sure what you are taking about. My question is about APT.

This doesn't seem to enhance my workflow at all. Seems I now would have to reboot, and I still need to find a separate tool to coordinate/stagger updates, like I do now. Or did I miss something?

Using scheduling is not a good option IMO, it's both too slow (some machines will wait a week to upgrade) and too fast (significant part of machines will upgrade right away).

It seems that making APT mirrors at the cadence I want is the best solution, but thanks for the answer.

I can roll back with APT too, my question is how to do the staggered rollout.

Making multiple mirrors seems like the best solution. I will explore that route.

I was hoping there was something built into APT or unattended-upgrades, I vaguely remembered such a feature... what I was remembering was probably Phased Updates, but those are controlled by Ubuntu not by me, and roll out too fast.

I am not worried about upgrades so bad that they literally don't boot. I am worried about all the possible problems that might break my service.

Which distro is image based and have the staggered rollout feature I'm after?

Ubuntu only does security updates, no?

No, why do you think that?

run your own package mirror

I think you might be on to something here. I could probably do this with a package mirror, updating it daily and rotating the staging, production, etc URLs to serve content as old as I want. This would require a bit of scripting but seems very configurable.

Thanks for the idea! Can't believe I didn't think of that. It seems so obvious now, I wonder if someone already made it.

So you can test the updates before fixing production.

My question is how to do that with APT.

deleted by creator

Why?