The context is right there, on the gitlab page. They don’t want to merge it because it would mean they have to do actual work and spend time testing it, which instead they’d prefer their customers to complain to them about the vulnerability first before doing any of that. Not my words, but theirs.
The context is right there, on the gitlab page. They don’t want to merge it because it would mean they have to do actual work and spend time testing it, which instead they’d prefer their customers to complain to them about the vulnerability first before doing any of that. Not my words, but theirs.
Waiting for a security breach to fix something, sounds crazy