| ▲ | therealmarv 2 hours ago | |
As if supply chain attacks could have been prevented by 2fa or passkeys always. You want delays by x days because supply chain attacks get caught very often within 1-2 days. And if you really really want to make an exception for a zero day then that's no problem and you can still quick patch by exclusion of that rule. They don't contradict in a unsolvable problem. You want both, you get both. | ||
| ▲ | doctorpangloss 2 hours ago | parent [-] | |
How do you know what's a zero day fix? (You write something) So then you have to check every package's updates and decide if you update, yes? | ||