Comment by jtbayly
1 month ago
I don’t have experience with dependabot at all. I didn’t realize it was satire. I just kept thinking, “This sounds like terrible advice. This can’t be right.”
1 month ago
I don’t have experience with dependabot at all. I didn’t realize it was satire. I just kept thinking, “This sounds like terrible advice. This can’t be right.”
This is not satire.
If you have a large dependency graph, you are going to have a lot of vulnerable stuff.
Letting one computer send you patches and the other computer merge it for you when all your tests pass is a good thing.