|
|
|
|
|
|
by bennyelv
854 days ago
|
|
|
Fair point - it should do. However if you've already accepted the risk that a 3rd party dependency might contain a vulnerability that has been undiscovered and you don't do any deep analysis of them, then you're still making your system more secure by at least getting the fixes for known vulnerabilities out of the door. |
|
|