Y
Hacker News
new
|
ask
|
show
|
jobs
by
alpaca128
101 days ago
How can you know that a dependency you trust won't be hacked? At best it slightly reduces the risk, but it's not even close to the effectiveness of version cooldowns that just block 100% of fresh updates.