|
|
|
|
|
|
by joshuat
72 days ago
|
|
|
Why would pinning the exact version in this case not have solved the problem? I agree `--ignore-scripts` would be a sensible default at this point, but my understanding is that this vulnerability exclusively impacts two newly released versions. |
|
|