Source: GitHub Blog

I automated all my dependency updates and you should too!

But it will get worse if someone finds a security vulnerability in one of those dependencies. And it’s even worse for you, if there existed a patch for months, you just haven’t heard of…