We should all be using dependency cooldowns

November 28, 2025

Use dependency cooldowns (for example Dependabot or Renovate) to block most open source supply chain attacks by delaying new releases several days.

Featured Sponsor

Support the community and reach thousands of Django developers

Weekly Newsletter

Get the latest Django news, articles, and projects delivered to your inbox every week. Curated by Jeff Triplett & William Vincent.

No spam, ever. Unsubscribe anytime.