Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
shortrounddev2
7mo ago
0 comments
Save
Share
it's interesting that staying up to date with your dependencies is considered a vulnerability in Node
0 comments
3 comments · 2 top-level
top
newest
oldest
bichiliad
7mo ago
· 1 in thread
Having a cooldown is different from never updating. I don’t think waiting a few days is a bad security practice in any environment, node or otherwise.
vrighter
7mo ago
But only if most of everyone else doesn't do so.
skwee357
7mo ago
People who live on the edge of updates always risk vulnerabilities and incompatibility issues. It’s not about node, but anything software related.
j
/
k
navigate · click thread line to collapse
