Comment by hombre_fatal

21 hours ago

The problem is that you also want to update deps.

3 comments

hombre_fatal

Why?

NetMageSCW 8 hours ago
Because they could have a security flaw that might compromise your project or any users of it.
- vablings 1 hour ago
  
  For any of my rust projects I really don't bump my deps unless dependabot shows a serious vulnerability or I want to use a new feature added. Outside of that my deps are locked to the last known good version i use.