<![CDATA[2020: the best thing you can do for security is have a bot automatically update your dependencies.]]>

<![CDATA[2020: the best thing you can do for security is have a bot automatically update your dependencies.]]>RE: https://fosstodon.org/@SocketSecurity/116321614885038368

2020: the best thing you can do for security is have a bot automatically update your dependencies.
2026: the best thing you can do for security is to tell your bot that updates dependencies to wait a day or three before updating them.

Expect more of this over the coming months as compromised credentials from previous supply chain attacks are used to mount new ones.

]]>https://board.circlewithadot.net/topic/37241f06-1288-4742-9e26-c07757779a63/2020-the-best-thing-you-can-do-for-security-is-have-a-bot-automatically-update-your-dependencies.RSS for NodeMon, 06 Apr 2026 04:04:04 GMTTue, 31 Mar 2026 05:53:03 GMT60