Perhaps pulling live dependencies that are not collectively managed by a single QA team but rather are individually managed by many thousands of people with wildly varying security practices was a bad idea.
Yes. But also not mutually exclusive. Could have a Q/A team on top of a bunch of ruffians coding from a shoebox.
Please Login to reply.
No replies yet.
