[zzzcpan]

In the end it all comes down to reviewing code you have to trust. It's just that it's too much for most code, so there has to be something that makes potentially insecure code explicit and dealt with on use and the rest of the code usable without having to trust it.

[ChrisCinelli]

Reviewing code mitigates a lot the risk but it does not solve everything (ex: vulnerabilities hidden in plain sight).

It also implies that you are compiling everything from source code or you trust the distribution channel of the binaries.

And you do it every time there is an update that you want to use. And you have a system that promptly alert you of vulnerabilities in libraries you use.

Unless you have a handful of modules that are already self contained, it is not practical for most teams.