← Back to context Comment by bfivyvysj 15 hours ago Why? 2 comments bfivyvysj Reply NetMageSCW 8 hours ago Because they could have a security flaw that might compromise your project or any users of it. vablings 1 hour ago For any of my rust projects I really don't bump my deps unless dependabot shows a serious vulnerability or I want to use a new feature added. Outside of that my deps are locked to the last known good version i use.
NetMageSCW 8 hours ago Because they could have a security flaw that might compromise your project or any users of it. vablings 1 hour ago For any of my rust projects I really don't bump my deps unless dependabot shows a serious vulnerability or I want to use a new feature added. Outside of that my deps are locked to the last known good version i use.
vablings 1 hour ago For any of my rust projects I really don't bump my deps unless dependabot shows a serious vulnerability or I want to use a new feature added. Outside of that my deps are locked to the last known good version i use.
Because they could have a security flaw that might compromise your project or any users of it.
For any of my rust projects I really don't bump my deps unless dependabot shows a serious vulnerability or I want to use a new feature added. Outside of that my deps are locked to the last known good version i use.