26 Feb
2020
26 Feb
'20
11:45 p.m.
On Mon, Feb 24, 2020 at 3:42 AM Alexander Grund via Boost
I'd fear the same. Common usage of Boost is: Install specific version and stick to it until absolutely required to upgrade.
Note that this problem already exists, because of Boost.Beast, which has security implications. I have already fixed one security-related problem. The solution here is not to avoid Boost but to make sure that we have a workflow in place which allows Boost to be hotfixed (we have that already). As for users being lazy, there is no solution for that other than to remind them. Lazy users is not a problem for us to solve, nor is it something that should guide our development path. Thanks