alt Hacker NewsYeah, I agree, but then you are at the mercy of whatever vulnerability is found in the current version(s). It just feels like a lose-lose situation no matter what you do.
Replies
thrownthatway • today at 9:28 AM
So long as we insist on everything from a light switch, the vacuum cleaner, security camera, clothes dryer, TV, car, and mobile phone being an always on, always online, Universal Turing Machine we’re not going to find a solution.
You can still update to new versions even if the new release is still in cooldown phase. You just have to be explicit that you want the new release.
pnpm audit —fix for example will whitelist releases in cooldown phase when theres a known security issue for a version you currently use.