5 Jun
2019
5 Jun
'19
9:32 p.m.
On 2019-06-05 11:27:09 -0500 (-0500), Ben Nemec wrote:
Agreed. There's probably an argument that we should cap bandit on stable branches anyway, but it would save us a lot of tedious patches if we just hope bandit doesn't break us again. :-) [...]
Oh, yes, I think capping on stable is probably a fine idea regardless (we should be doing that anyway for all our static analyzers on principle). What I meant is that it would likely render those updates no longer urgent. -- Jeremy Stanley