|
|
|
|
|
|
by coldtea
4246 days ago
|
|
|
>If I'm using something like Composer to manage dependencies, should I be running an update every week on every past website I've created? Absolutely not. For one, an updated package can bring some subtle or crude incompatible changes when you don't expect it. Even in a minor/bugfix version. Second, what if the composer repo itself is that got compromised? Then you are installing backdoors to all your sites automatically. |
|
|