How often do you review package.json for deps or security issues on your projects?

@andrioid It's not package.json, but I do the equivalent in Haskell and Vala constantly! I carefully read all the code that I pull into my projects.

Unfortunately I've got WebKit amongst my Vala dependencies, so this does take a lot of time...

@andrioid Basically after a git fetch... I don't touch NodeJS anymore.
Sign in to participate in the conversation
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!