lemmydividebyzero@reddthat.com to Technology@lemmy.worldEnglish · 1 month agoEvery dependency you add is a supply chain attack waiting to happenbenhoyt.comexternal-linkmessage-square12linkfedilinkarrow-up181arrow-down16
arrow-up175arrow-down1external-linkEvery dependency you add is a supply chain attack waiting to happenbenhoyt.comlemmydividebyzero@reddthat.com to Technology@lemmy.worldEnglish · 1 month agomessage-square12linkfedilink
minus-squarecorsicanguppy@lemmy.calinkfedilinkEnglisharrow-up1·1 month ago Every dependency you don’t update is a zero day waiting to happen. All software carries risk. In the same breath you’re advocating updating without checking, and saying why that’s an issue. You … realize that, right? You’re so close to realising the reason enterprise distros do backports.
minus-squarerenegadespork@lemmy.jelliefrontier.netlinkfedilinkEnglisharrow-up2·1 month ago you’re advocating updating without checking, Uh… no. That’s not what I said. I said there’s risk in both updating and not updating. You need to do the assessment to decide which one is best for the situation.
In the same breath you’re advocating updating without checking, and saying why that’s an issue. You … realize that, right?
You’re so close to realising the reason enterprise distros do backports.
Uh… no. That’s not what I said. I said there’s risk in both updating and not updating. You need to do the assessment to decide which one is best for the situation.