← Back to context Comment by yoavm 4 days ago If you started your Node project yesterday, wouldn't that mean you'd get the fix later? 2 comments yoavm Reply flexd 4 days ago no, because if you used dependency cooldown you wouldn't be using the latest version when you start your project, you would be using the one that is <cooldown period> days/versions oldedit: but if that's also compromised earlier... \o/ cluckindan 4 days ago Obviously you bypass the cooldown to fix critical issues.
flexd 4 days ago no, because if you used dependency cooldown you wouldn't be using the latest version when you start your project, you would be using the one that is <cooldown period> days/versions oldedit: but if that's also compromised earlier... \o/
no, because if you used dependency cooldown you wouldn't be using the latest version when you start your project, you would be using the one that is <cooldown period> days/versions old
edit: but if that's also compromised earlier... \o/
Obviously you bypass the cooldown to fix critical issues.