Even with ^ you won't get an updated version until somebody runs an install and updates the lockfile.
We have things like dependebot for this.
https://docs.github.com/en/code-security/tutorials/secure-yo...
Even with ^ you won't get an updated version until somebody runs an install and updates the lockfile.
We have things like dependebot for this.
https://docs.github.com/en/code-security/tutorials/secure-yo...