consider minimal version selection like go modules #4398
edvardchen
started this conversation in
Ideas
Replies: 1 comment
-
|
We'll have more to share about this in not-so-long. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Have the team consider to adopt the "minimal version selection" like go modules? The author explained the rationale well in this blog https://research.swtch.com/vgo-principles.
The benefit is that users won't get affected immediately if some one publishes a vulnerable version of their dependencies.
Beta Was this translation helpful? Give feedback.
All reactions