In your application, each dependency has a maintainer. Each maintainer has a direct path into your application.
If you have five dependencies, you trust five maintainers. If you have 1000 dependencies, you trust 1000 maintainers. Which is more likely to burn you?
I blogged about all of this years ago and the song remains the same. Every developer needs to learn this lesson.
🔪 Kill your Dependencies 🔪
@mperham you probably meant "each dependency probably has a maintainer" 😆
Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.