Hacker News new | ask | show | jobs
by jtbayly 152 days ago
I don’t have experience with dependabot at all. I didn’t realize it was satire. I just kept thinking, “This sounds like terrible advice. This can’t be right.”
1 comments
swisniewski 152 days ago
This is not satire.

If you have a large dependency graph, you are going to have a lot of vulnerable stuff.

Letting one computer send you patches and the other computer merge it for you when all your tests pass is a good thing.

link