| ▲ | shortrounddev2 5 hours ago | |||||||
it's interesting that staying up to date with your dependencies is considered a vulnerability in Node | ||||||||
| ▲ | bichiliad 5 hours ago | parent | next [-] | |||||||
Having a cooldown is different from never updating. I don’t think waiting a few days is a bad security practice in any environment, node or otherwise. | ||||||||
| ||||||||
| ▲ | skwee357 5 hours ago | parent | prev [-] | |||||||
People who live on the edge of updates always risk vulnerabilities and incompatibility issues. It’s not about node, but anything software related. | ||||||||