|
|
|
|
|
|
by gnrl
2553 days ago
|
|
|
The line of code in that moment is read and "vetted". Same can be done for the dependency yes, but what happens if malicious code is injected later and you update your packages?
Or like the leftpad disaster where the package was deleted? There is many reasons why the copied one liner is better and many why the package manager is better. |
|
|