The Bitwarden security team identified and contained a malicious package that was briefly distributed through the npm delivery path for @bitwarden/cli@2026.4.0 between 5:57 PM and 7:30 PM (ET) on April 22, 2026, in connection with a broader Checkmarx supply chain incident. Was I affected? If you use the Bitwarden command line interface and deploy using NPM, and downloaded the CLI between 5:57p ET and 7:30p ET on April 22, 2026, you may be affected. See remediation steps below. If you do not u...
Unless there’s some super important thing I need in the latest release, if my shit works and there’s no security vulnerability, im in no rush to update.
I update after I feel all the early adopters have worked out all the bugs for me.
Pretty much with anything ya.
Unless there’s some super important thing I need in the latest release, if my shit works and there’s no security vulnerability, im in no rush to update.
That is a genuinely good strategy.