This is pretty straightforward. Any sysadmin will know that all you need to do is to run your package manager. It's usually yum, dnf, apt, or some other similar thing. A command similar to this is probably the way:
sudo apt update && sudo apt upgrade -y
There we go! All done. Just do that for all the servers you run.
Wait what? Not done? Why not?
Right. Sorry. I guess some servers run Node.js apps. We'll have to run npm on those. I believe it's something like:
Don't forget to look through the list of known vulnerabilities in your libs. Maybe you need to take action on some of those.
Done now? Oh, not? Python apps, you say? Okay.
pip list --outdated --format=freeze | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U
Are you kidding me? There isn't even a flag for doing a full upgrade? Fine. I'll make an alias or something for next time.
At least we're done. Right? No? What, ruby too?
Right. Let's at least assume that your gemfile is up to date.
gem install bundler-auto-update bundle-auto-update -c rake test:all
Uhh. This is even worse. The native package handler doesn't even have an update command.
If you're running apps in docker containers you'll need to update your docker files and rebuild your images. Yes, this applies to things you run in kubernetes as well. You have no idea how many stale and outdated server software versions are running in containers world wide. Maybe more than stale and outdated server software versions on VMs.
This is insane. Every language has its own package manager now, and any time it doesn't cause havoc with your native package manager is a reason to celebrate (it usually doesn't to be fair, but that's nothing to take for granted).
Quite often apps aren't even compatible with a slighter older version of the language interpreter, meaning you have to install a package manually because the version available in your linux repository is a little too old. That means you now have to update that package separately from now on.
Of course every app is written in its own language as well. Pretty soon you'll be running Python, Ruby on Rails, Node.js, and probably a dozen other languages. I don't even know what upgrading Erlang, Elixir, or Nim is like. I know Rust is a nightmare though. You can't even trust the native package manager to work there. Nah, rust-up (or rustup? Whatever) is where it's at.
Appreciate the package managers for your distro. Seriously. They're doing God's work.
EDIT: remyabel has corrections and additions to this horror.
2022-08-09 posts remyabel's gemlog: RE: Let's Update Our Server, 2022 Edition
-- CC0 Björn Wärmedal