Comment by rpdillon
4 hours ago
The dependencies weren't vendored, meaning their behavior can change at any time if a malicious actor gains control of that third-party repo.
This is bad for security.
4 hours ago
The dependencies weren't vendored, meaning their behavior can change at any time if a malicious actor gains control of that third-party repo.
This is bad for security.
No comments yet
Contribute on Hacker News ↗