| ▲ | williamjackson 7 hours ago | |
Thank you for expressing my thoughts as well. The article seems to be full of contradictory “advice”. Use a dependency cooldown, okay … but don’t commit your lockfile so you are always running the latest transitive deps? That’s nuts. | ||
| ▲ | Uvix 5 hours ago | parent [-] | |
Depends on the package manager. With some you'll get the oldest transitive deps that meet all dependency requirements, not the newest. | ||