Hey Francis,
Thanks for the response.
I am worried about hypothetical scenarios where if i am not around for say a week and a security bug comes in so far i am happy with unattended-upgrades on debian handling these for me. but with caddy I am in unknown territories hence looking for options.
I do agree manual works the best but afraid of the above scenario.