|
|
|
|
|
|
by qbasic_forever
1402 days ago
|
|
|
IMHO it's a feature and not a bug that if you import a dependency you also have to carefully review and approve (or add) its dependencies to your application. The entire reason node is a mess of supply chain issues and problems, and is almost like nuclear waste in some professional orgs (i.e. impossible to use because of unclear and unknown licensing concerns, ownership, etc. across thousands of dependencies) is from the ease at which long and complex dependency chains are pulled into a single npm install. |
|
|