|
|
|
|
|
|
by majidazimi
1526 days ago
|
|
|
Simply because blast radius for Java is limited to a set of very high quality libraries -- in terms of code not functionality. These libraries come from Apache Foundation, Eclipse Foundation, Google, Facebook, Spring, etc. Literally every single Java application depends on something from Apache [ok I understand stuff like Log4Shell can still happen]. The same is not true for JS. The most mature libraries depend on absurdly vague libraries that no one has ever reviewed. |
|
|
It's a giant pain in the ass to publish a Java library. That's already weeding out a ton of low-effort projects. By itself, I wouldn't exactly call that a good thing, but it seems to have a silver lining...