What do you do when a project has a vulnerable dependency and a fix is not forthcoming? Not sure what my options are...
so far my approach has been to take it offline and wait
ok, the patch has arrived. Waiting was the right choice.
"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko