Comment by oooyay

This got me thinking if any of my side projects or work projects that are in maintenance mode could qualify as "cold blooded". Conceptually, they can - I have many projects written in Go, Typescript, and Python where I could cache my dependencies (or at least the SHAs) and do what this is implying. The problem is that it stops being useful beyond proving the concept. In reality, all my projects have a slow churn that usually has to do with vulnerability updates. Maybe more aptly put, "Can I take this Go repository off the shelf, rebuild the binary, and let it run?"; the answer is of course - assuming HTML and web standards haven't changed too much. The problem is that then some old vulnerability could be immediately used against it. The assumption I also made, that HTML and web standards haven't changed too much, will almost assuredly be falsey. They may have not have changed enough to be breaking, but they'll have certainly changed to some degree; the same can be said for anyone that's developed desktop applications for any OS. The one constant is change. Either side of that coin seems to be a losing proposition.