|
|
|
|
|
|
by Hypergraphe
1472 days ago
|
|
|
Not only for security reasons, anybody who has ever maintained a large codebase with external dependencies for enough time knows the pain it is to handle breaking changes in the underlying libraries without breaking your own public APIs. Sometimes you even have to embed multiple versions of the library to be able to still use it's legacy elements. So yeah 100% agree that each dep should be scrutinized. |
|
|