Perhaps pulling live dependencies that are not collectively managed by a single QA team but rather are individually managed by many thousands of people with wildly varying security practices was a bad idea.
Discussion
How did you get so smart? So you think if inwork really hard studying, I can be smart like you?
Yes. But also not mutually exclusive. Could have a Q/A team on top of a bunch of ruffians coding from a shoebox.
#NPM
Ooo new update, and my app still builds...ship it!