|
|
|
|
|
|
by nuvious
1535 days ago
|
|
|
I may be naive, but don't we have automation handling a lot of the maintenance of packages and scanning for vulnerabilities these days? Of the 90k packages mentioned there's probably only a handful that have known CVE's and when they come up they probably just bump the version number in their CICD if a patch is available from the primary code maintainer and if not it's reasonable 32 people could manage that many packages depending on their CICD structure. Asking more than making an assertion btw. |
|
|