|
|
|
|
|
|
by charcircuit
1814 days ago
|
|
|
This is why something like living at head is important. If npm audit reports something you should just be able to upgrade to the latest version. Being stuck with old versions is not good. Sure a vulnerability might not effect you now, but what if someone on your team uses that dependency again in a way that ran be exploited, or what if a new vulnerability comes out that actually effects you. You will be stuck on an old version and have to struggle to update. |
|
|