In consideration of the challenge that @MarioArriaga92 pointed out in the November 10th, 2022 Meshery Build and Release meeting regarding weighing a decision to use latest
tags on dependent container images in various Meshery workflows vs. pinning to specific versions, one of the mechanisms for helping strike a balance is having a standing agenda item in Build and Release meeting - an agenda item for reviewing the count and posture of outstanding security vulnerabilities.
In relation to wrangling security vulnerabilities (issue #4642), the reports from vulnerability scans of Meshery by Artifact Hub could be presented and reviewed in the Build and Release meeting.