We should all be using dependency cooldowns

We should all be using dependency cooldowns

Articles
Use dependency cooldowns (for example Dependabot or Renovate) to block most open source supply chain attacks by delaying new releases several days.