Kevin1. Get notified by a low severity CVE in a bundled dependency in npm
2. Receive an MR to update npm
3. MR gets merged
4. Day later, get notified about a high severity CVE in a bundled dependency in updated version of npm
🤦
1. Get notified by a low severity CVE in a bundled dependency in npm
2. Receive an MR to update npm
3. MR gets merged
4. Day later, get notified about a high severity CVE in a bundled dependency in updated version of npm
🤦