If a CVE with severity >= 7.0 is found, shell-dep refuses to install and exits with a detailed error. You can override with --hot-allow-risky , but that’s strongly discouraged.
Upgrading is straightforward, but because of the cache and lockfile changes, do not do this on a Friday afternoon without testing.
The "hot" aspect also ties into , which are governed by Shell’s Health, Safety, Security, and Environment (HSSE) Control Framework.
If a CVE with severity >= 7.0 is found, shell-dep refuses to install and exits with a detailed error. You can override with --hot-allow-risky , but that’s strongly discouraged.
Upgrading is straightforward, but because of the cache and lockfile changes, do not do this on a Friday afternoon without testing. shell dep version 46 hot
The "hot" aspect also ties into , which are governed by Shell’s Health, Safety, Security, and Environment (HSSE) Control Framework. If a CVE with severity >= 7