Rendered at 14:43:46 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
dhruv3006 1 days ago [-]
GitHub lists one dependent repo for curl and that too is a mistake.
rurban 21 hours ago [-]
It not hard since opus or gpt-5.4 anymore. I check most of my Makefiles with them to update wrong deps.
nacozarina 1 days ago [-]
it’s cache-invalidation in different clothes, it will always be a pain in the tucus
direwolf20 1 days ago [-]
Dependency tracking for security is like any other security work: the purpose is to create the perception of security, not actual security. You can sell the perception of security. You can't sell actual security. That's why every other corporation has a WAF now that doesn't block attacks but does block legitimate traffic, and how Cloudflare managed to create the world's biggest MITM without a single crime.