alt Hacker NewsI'm getting CVE fatigue with all of these super ultra critical 10/10 vulnerabilities that are some node package that compiles my frontend can get stuck if I give it a malicious regex.
It's hard to spot the stuff that actually matters.
Replies
teaearlgraycold • today at 2:33 AM
Not sure what dumbass out there is marking those as 10/10. A 10 should be an auth bypass or RCE. Not a crashed build in my CI.
Seriously. We got 116 github dependabot alerts this week. Half of them for dev dependencies.