Richard Stallman <rms@gnu.org> writes:

>   > Crazy though: why don't we hot-patch existing Emacs installations?
>   > Concretely, that would mean including that fix in a widely used ELPA or MELPA package. Then users would get the fix upon the next update.
>
> This verges on a universal back door, aka "auto-upgrade"
> which is a form of malware normally found in proprietary software.

What if the user was asked for a confirmation before upgrading?  Would
that be a good solution?

Cheers,
Nico