Similar to minimumReleaseAge in pnpm, it might be good to have a similar flag in multitool, so that, when a release has just been posted, it won't get added immediately, but only after it's been out for a few days, during which time hopefully someone will notice if it has some kind of serious vulnerability, or was pushed by a malicious actor who got control of the author's account. What do you think?
Similar to minimumReleaseAge in pnpm, it might be good to have a similar flag in multitool, so that, when a release has just been posted, it won't get added immediately, but only after it's been out for a few days, during which time hopefully someone will notice if it has some kind of serious vulnerability, or was pushed by a malicious actor who got control of the author's account. What do you think?