We do not hide whether an update has security fixes 🙂
In fact, we are quite open about it:
"Aside from bug fixes, almost every release will contain security fixes, security enhancements, new security protections or something related to security, either directly from us, or as part of the Chromium updates. They often also include stability fixes (for crashers). Skipping updates is almost never a good idea. They are all important, or we wouldn't be releasing them. This is pretty standard for security oriented software products like browsers, and the same would apply to any other browser."
The main reason we don't list security fixes for Chromium is that we do not run the Chromium project. The Chromium project announces their security fixes, and we inherit them, as with all products that use an open source package. We often add security patches ahead of time too, even if we are using an older release of Chromium, but most of time, the people making our changelogs don't actually check exactly how many security fixes are in Chromium, and which of them we already patched by the development team in previous updates. They just say "it got a Chromium update", and you can assume that every Chromium update is important in some way, whether it is new functionality, new website compatibility changes, security enhancements or security fixes.
We already tell you to update, and the browser tells you to update. We are working on a way to remind you if you have fallen behind on updates.