Y
Hacker News
new
|
ask
|
show
|
jobs
by
hsbauauvhabzb
1814 days ago
No it’s not. The main problem is the dependency tree hell. If an ancestor version bumps, you should probably version bump too, irrespective of exploitability.
Don’t like it? Try using more maintainable dependency trees.