It works for things you can automate. For example, at Microsoft they have some kind of dependency bot such as when you have newtonsoft installed but have version < 13.0.1 and don't upgrade within such and such time frame, your M1 gets dinged. This is a very simple fix that takes like five minutes of work if that.
But I don't know if things are straight forward with machine learning.
If the recommendations are blanket,
And there is a way to automate checks,
It could work.
Main thing is there should be trust between teams.
This can't be an adversarial power play.
But I don't know if things are straight forward with machine learning. If the recommendations are blanket, And there is a way to automate checks, It could work. Main thing is there should be trust between teams. This can't be an adversarial power play.
https://github.com/advisories/GHSA-5crp-9r3c-p9vr