In your application, each dependency has a maintainer. Each maintainer has a direct path into your application.

If you have five dependencies, you trust five maintainers. If you have 1000 dependencies, you trust 1000 maintainers. Which is more likely to burn you?

Β· Web Β· 2 Β· 7 Β· 10

I blogged about all of this years ago and the song remains the same. Every developer needs to learn this lesson.

πŸ”ͺ Kill your Dependencies πŸ”ͺ

@mperham you probably meant "each dependency probably has a maintainer" πŸ˜†

Sign in to participate in the conversation

Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.