In order to ensure that users don't have long-lived security vulnerabilities in their applications, it would be very helpful to provide direct, specific guidance on updating indirect dependencies, which can otherwise remain versioned locked for long periods of time.
In order to ensure that users don't have long-lived security vulnerabilities in their applications, it would be very helpful to provide direct, specific guidance on updating indirect dependencies, which can otherwise remain versioned locked for long periods of time.