When a one-line fix triggers thousands of PRs, something's off A Go library maintainer has urged developers to turn off GitHub's Dependabot, arguing that false positives from the dependency-scanning ...