Update Policy
Fix security vulnerabilities (GCG12001) 
Security vulnerabilities, both self-produced and these that come in through dependencies, should be fixed as soon as possible.
Keep your dependencies up to date (GCG12002) 
You should update your dependencies to avoid the situation that you miss bug fixes or security updates, because the currently used version is no longer supported or maintained.
It's much easier to update a recent version to the latest than a deprecated version.
Use LTS versions if possible.
Define a version support policy (GCG12003) 
If other people (both customers and colleagues) depends on the software it makes sense to define how long each version will be supported and will receive updates. You could also define a policy for backward compatibility.
Maintaining a changelog (GCG12004)
You should maintain a changelog to make it easier for users and contributors to see precisely what notable changes have been made between each version of the project.
Use a VCS to keep track of code changes (see GCG11001).
Software Versioning (GCG12004)
A clear and documented version schema helps users and contributors to see the importance of an update. Furthermore, the version can mark releases, pre-releases, test version etc.