-
So bored and tired of "security exploits" being reported against my project when the reporter hasn't given any actual thought to what they're reporting, but instead relying on either code scanning or the npm audit report (which is mostly useless from experience).On twitter.com
♻️ 1 Retweets
❤️ 14 Favorites
Mood -8 🙁
-
Over the last 5+ years, only once was there are real vulnerability (which required updating a dependency of nodemon). The rest, thus far, have been a waste of time (and nearly all copy-and-paste security reports).Permalink On twitter.com
♻️ 1 Retweets
❤️ 8 Favorites
Mood -3 🙁