Wouldn't locking dependencies be far more likely for dependency-users to do, and... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

no-name-here 20 days ago | parent | context | favorite | on: 'No way to prevent this,' says only package manage...

Wouldn't locking dependencies be far more likely for dependency-users to do, and be approximately as effective for those that do?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact