|
|
|
|
|
|
by mcny
947 days ago
|
|
|
It works for things you can automate. For example, at Microsoft they have some kind of dependency bot such as when you have newtonsoft installed but have version < 13.0.1 and don't upgrade within such and such time frame, your M1 gets dinged. This is a very simple fix that takes like five minutes of work if that. But I don't know if things are straight forward with machine learning.
If the recommendations are blanket,
And there is a way to automate checks,
It could work.
Main thing is there should be trust between teams.
This can't be an adversarial power play. https://github.com/advisories/GHSA-5crp-9r3c-p9vr |
|
|