Require 14 days to pass before pulling in general dependency updates to help mitigate upstream supply chain attacks.