I've seen plenty of university-trained software engineers leave dependencies non-updated from time to time, myself included. It's a risk-reward and "Is it worth the time?" trade-off, and often the answer is "No it's not worth the time"
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I've seen plenty of university-trained software engineers leave dependencies non-updated from time to time, myself included. It's a risk-reward and "Is it worth the time?" trade-off, and often the answer is "No it's not worth the time"