alt Hacker NewsI was LITERALLY thinking the other day of a niche tool for engineers to help them discover and fix this in the future because at the rate I have seen models version lock dependencies I thought this is going to be a big problem in the future.
Replies
mikestorrent • today at 12:07 AM
Bigger companies have vulnerability and version management toolsets like Snyk, Cycode, etc. to help keep things up to date at scale across lots of repos.
satvikpendem • yesterday at 11:21 PM
Just use Dependi or similar VSCode extensions, they'll tell you if dependencies are outdated.
You can do prompt injection through versions. The LLM would go back to GitHub in its endless attempt to people please, but dependency managers would ignore it for being invalid.