Back to Home11/17/2025, 2:23:45 AM

Untitled

nineteen999
0 points
0 comments
> Install it once and never update it (and therefore hacked and malicious versions can never arrive in your dependency tree).

Huh? What if your once-off installation or vendoring IS a hacked an malicious version and you never realise and never update it. That's worse.

Discussion Activity

No activity data yet

We're still syncing comments from Hacker News.

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (0 comments)

Discussion hasn't started yet.

ID: 45950339Type: commentLast synced: 11/17/2025, 2:58:05 AM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

View on HN