Y
Hacker News
new
|
ask
|
show
|
jobs
by
scottfr
1807 days ago
You just need a way for a package maintainer to flag a vulnerability in a dependency as a non-issue that does not affect that package's use of the dependency.
In Dan's twitter thread, he calls this out as a viable solution.