We trade security for speed(or "velocity" if you want to be jargon about it).
I just pin everything and go through my projects every couple weeks and bump the deps (unless some really big CVE hits the news).
We trade security for speed(or "velocity" if you want to be jargon about it).
I just pin everything and go through my projects every couple weeks and bump the deps (unless some really big CVE hits the news).