Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
hsbauauvhabzb
on July 7, 2021
|
parent
|
context
|
favorite
| on:
Npm Audit: broken by design?
No it’s not. The main problem is the dependency tree hell. If an ancestor version bumps, you should probably version bump too, irrespective of exploitability.
Don’t like it? Try using more maintainable dependency trees.
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Don’t like it? Try using more maintainable dependency trees.