[shortrounddev2]

it's interesting that staying up to date with your dependencies is considered a vulnerability in Node

[bichiliad]

Having a cooldown is different from never updating. I don’t think waiting a few days is a bad security practice in any environment, node or otherwise.

[vrighter]

But only if most of everyone else doesn't do so.

[skwee357]

People who live on the edge of updates always risk vulnerabilities and incompatibility issues. It’s not about node, but anything software related.