Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
dudeinjapan
26 days ago
|
parent
|
context
|
favorite
| on:
We should all be using dependency cooldowns
Dependabot only suggest upgrades when there are CVEs, and even then it just alerts and raises PRs, it doesn’t force it on you. Our team sees it as a convenience, not a draconian measure.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
