[pdimitar]

Interesting, thanks for sharing your anecdote. Upvoted.

I am openly admitting I don't care. Such libraries are in a huge demand and every programming language ecosystem gains them quite early. So to me the risk of malicious code in them is negligibly small.

[latexr]

To me it’s not just the risk of malicious code, but also convenience. For example, if I’m using a scripted language and sharing it in some form with users, I don’t want to have to worry about keeping the library updated, and fight with the package manager, and ship extraneous files, and…

[pdimitar]

Ah, I don't work with scripting languages though. I understand the difference in usages. Your use-case is quite valid.