Y
Hacker News
new
|
ask
|
show
|
jobs
by
pabs3
56 days ago
How many people actually audit the code changes in their dependencies when updating them?
1 comments
mmarian
56 days ago
Few, if any. Which is why I'm highlighting that you can't just use commit SHA + Renovate then call it a day.
link