Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
proposal: x/tools: tool to audit diffs in dependencies #33466
One of the key points from #30240 is:
This point is further developed in #30240 (comment).
Raising this issue as a placeholder for the discussion about this specific point, because this point has a life well beyond and decisions on
Please add to/edit this description as required - this is just a placeholder
Well, that would leave me with two questions:
Those are indeed pertinent questions to which I don't have answers
I guess I sit somewhere in between - I don't want my dependencies committed along with my code, but equally I'm not Big Corp enough to go all-out with my own proxy.
It's entirely possible that the tool I have in mind could use