Comment by zahlman
4 days ago
FWIW, I'd like if these tools had an option to prefer the oldest version satisfying the given constraints (rather than the newest, as it is now — probably still a better default).
4 days ago
FWIW, I'd like if these tools had an option to prefer the oldest version satisfying the given constraints (rather than the newest, as it is now — probably still a better default).
> prefer the oldest version satisfying the given constraints
The problem is there's no metadata for which versions fix security bugs, and therefore which previous versions are now insecure.