Oddbean new post about | logout
 That feeling when you get a vulnerability report for a software library used in your project and the suggested remediation is "none" because no one has patched the vulnerability.

Second place is when the suggested remediation is "none" because other software dependencies have conflicts that prevent you from updating to a patched version.