I am curious if there is a policy or best practice for how to handle a package update containing both a regression fix and also a fix for a new vulnerability.
If such a thing is not advisable or permissible, then is it best to handle the regression as one update and then follow-up with the new vulnerability fix as a subsequent update? Regards, -Roberto -- Roberto C. Sánchez
