Comment 28 for bug 1619188

Comment #26 is due to a separate issue with software-properties and how it naively determines if security updates will be installed automatically. Here's the code in question:

143 def get_update_automation_level(self):
144 """ Parse the apt cron configuration. Try to fit a predefined use case
145 and return it. Special case: if the user made a custom
146 configurtation, that we cannot represent it will return None """
147 if apt_pkg.config.find_i(softwareproperties.CONF_MAP["autoupdate"]) > 0:
148 # Autodownload
149 if apt_pkg.config.find_i(softwareproperties.CONF_MAP["unattended"]) == 1\
150 and os.path.exists("/usr/bin/unattended-upgrade"):
151 return softwareproperties.UPDATE_INST_SEC
152 elif apt_pkg.config.find_i(softwareproperties.CONF_MAP["autodownload"]) == 1 and \
153 apt_pkg.config.find_i(softwareproperties.CONF_MAP["unattended"]) == 0:
154 return softwareproperties.UPDATE_DOWNLOAD
155 elif apt_pkg.config.find_i(softwareproperties.CONF_MAP["unattended"]) == 0 and \
156 apt_pkg.config.find_i(softwareproperties.CONF_MAP["autodownload"]) == 0:
157 return softwareproperties.UPDATE_NOTIFY
158 else:
159 return None

The test is line 149 and 150 assumes that -security is enabled in Allowed-Origins, which I disabled with the casper upload.