the difference is in the part where you don't have a lock file yet (new dependen... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

arccy on March 31, 2022 | parent | context | favorite | on: How Go mitigates supply chain attacks

the difference is in the part where you don't have a lock file yet (new dependency, upgrades), and need to choose versions for those.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact