Suppose you have to deal with vulnerability findings reported by some automated tools that seem to scan JavaScript projects's dependency lists and compare them against some CVE database. Suppose it seems as if there's a lot more of this work in JavaScript projects than in Rust projects. There m...

Source: [Hacker News](https://news.ycombinator.com/item?id=48917666)

Sponsored