[mort96]

I believe it actually has a lot more to do with the tools than some "mindset" in the community. You don't see this sort of thing in C++ really, because deep trees of transitive dependencies are painful. While Rust... has pretty much the exact same package management style as Node, so it doesn't surprise me that it has similar results.

[cmrdporcupine]

Worth pointing out that Java also has automatic transitive-dep package mgmt courtesy Maven & friends, or at least has had since the mid 00xs. And while it does have some amount of dependency explosion it's not this bad.

Why? Because a) Maven central is moderated better b) Maven has <exclusions> to override crap if necessary. c) The JRE includes a much richer standard library that doesn't force you to rely on 3rd party deps for things like random number generation or HTTP calls.