|
|
|
|
|
|
by lithos
1558 days ago
|
|
|
I agree here, it's insane the number of dependencies JS developers are willing to take on. A decent sized project will see tens of thousands of extra files added to it (even if a lot of it is noncode stuff like licensing). From an outsider it even looks like employability of someone goes up if they manage to add extra dependencies to a project, since they can point to their download count to a prospective employer. It's insane how much legal liability a company is at for agreeing to so many unread licenses. And how much attack surface they're exposing themselves to with their sprawling dependency chains. |
|
|