I am objecting to what you are saying. It's terrible advice and an obtuse vision of the complexity of software nowadays, especially web browser.

Yes, a 3 months old release of chrome is not suited to use day to day. I link all the known and published CVE on chrome, but if you want to nickpick you could "just" check those which start with 2023-*.

OK. Shouldn't we ask questions about real or perceived “complexity of software nowadays”?

Why does displaying a piece of information that would fit onto a single 80×25 text mode screen absolutely require exposing to a third party a potentially (and, as mentioned, effectively) vulnerable WebHID functionality (which is non-standard, and seemingly only exists to make ChromeOS less mediocre operating system), various WebGL libraries and wrappers, ever-growing Javascript and CSS engines, and thousands of other entities? Someone who grants the whole internet access to local service ports by not using a firewall is considered a fool, but at the same time “non-foolish” “security conscious” people start their browsers, and see no problem in all the services embedded in them.

Isn't relying on a constant (and never ending) stream of updates from white knights in the holy castle in the manner you describe just a subscription model without a defined price?

Who controls the Web? Is controlling the web client enough for that? What benefits the endless rat race might give to them?

How come there's a hidden dependence on corporate products and their support cycles even in the process of using seemingly “open” technologies, say, for government sites and services? Is “I have no idea, my code absolutely requires latest libraries” a valid excuse?

Can mindless acceptance and circular finger-pointing between web developers, library authors, browser developers, and users solve these problems? What needs to be done?