Yum isn't going to patch Struts, though. That's an application package.
There are services that monitor your package configuration(s) and let you know when something has been updated.
There are also mailing lists. Unless you're a Node developer, you probably only have a couple dozen dependencies in your app. Subscribe to them.
Finally, you can just check in your lockfile and update packages as part of your dev builds, then commit it whenever something changes. Your CI/CD will make sure you are always running the latest version of every application dependency in production.
There are services that monitor your package configuration(s) and let you know when something has been updated.
There are also mailing lists. Unless you're a Node developer, you probably only have a couple dozen dependencies in your app. Subscribe to them.
Finally, you can just check in your lockfile and update packages as part of your dev builds, then commit it whenever something changes. Your CI/CD will make sure you are always running the latest version of every application dependency in production.