Y
Hacker News
new
|
ask
|
show
|
jobs
by
0x500x79
79 days ago
Pin your dependencies folks! Audit and don't upgrade to every brand new version.
1 comments
onion2k
79 days ago
But also have a regular review of your dependencies to update them when necessary, because as bad as compromised packages may be things do have vulnerabilities occasionally, and upgrading things that are a long way out-of-date can be quite hard.
link