Question about sync cadence and security updates with Microsoft’s node-pty

[chirag-bruno]

Hi there,

First off, thank you for maintaining lydell/node-pty. It is a great project and really lifts the burden of compiling and maintaining the full toolchain for Microsoft’s version. We appreciate the work that has gone into keeping it working so smoothly.

I had a quick question about update cadence, particularly around security patches.
If a security vulnerability were discovered and fixed in the upstream Microsoft node-pty package, how quickly would those fixes typically be merged or ported into lydell/node-pty?

Understanding that would help us plan how to handle dependency monitoring and patching on our end.

Thanks again for all your work maintaining this package.

[lydell]

If a security vulnerability were discovered and fixed in the upstream Microsoft node-pty package, how quickly would those fixes typically be merged or ported into lydell/node-pty?

If that’s something you’re worried about, you should not use my package. I can’t say anything about how quick that would be.