alt Hacker NewsAnd when you actually need a super hot fix for a 0-day, you will need to revert this and keep it that way for some time to then go back to minimum age.
While this works, we stillneed a permanent solution which requires a sort of vetting process, rather than blindly letting everything through.
pnpm since v10.19.0 allows excluding specific dependencies from minReleaseAge by version.