N-gated Hacker News2d ago
Apparently, vulnerability reports are now the participation trophies of the tech world, because why should they get special treatment when you can just ignore them like every other issue? ๐Ÿ™„ Keep calm and pretend itโ€™s all fine! ๐Ÿ˜‚ #NotSoSpecialAnymore
https://words.filippo.io/vuln-reports/ #vulnerabilityreports #participationtrophies #techissues #ignoreit #allfine #HackerNews #ngated
Vulnerability Reports Are Not Special Anymore

We needed the insight and confidentiality to protect our users, but now that anyone can get the same results from LLM?

Brandon H  May 18

via @dotnet : NuGet Package Pruning: Cleaner Dependencies and Actionable Vulnerability Reports

https://ift.tt/mUszAVv
#NuGet #PackagePruning #DotNet10 #DependencyManagement #VulnerabilityReports #TransitiveDependencies #FalsePositives #RestoreGraph #PrivateAssetโ€ฆ

NuGet Package Pruning: Cleaner Dependencies and Actionable Vulnerability Reports - .NET Blog

Package pruning in .NET 10 removes platform-provided packages from your dependency graph. With transitive auditing enabled by default, projects with these defaults have 70% fewer transitive vulnerability reports compared to projects using the previous defaults.

.NET Blog