|
|
|
|
|
|
by Hackbraten
1509 days ago
|
|
|
Except that unlike React, COBOL doesn’t bring along 10000 dependencies written by 5000 different authors, randomly abandoned a few months later but teeming with unpatched vulnerabilities. Sure, somehow I’m going to find React developers 15 years from now to maintain my line-of-business React app but how secure will it be? One could argue that I can rewrite the framework-dependent parts. But rewrites cost money, too. I love new stuff but I still think that, depending on the app, it may make good economic sense to plan ahead for it to be useful after a decade or two. |
|
|
https://www.npmjs.com/package/react
Maybe I'm missing something but npm suggests it's only one dependency, which also only had one dependency.
I get that create_react_app pulls in a ton of dependencies, but React itself is not a culprit of dependency hell.