Comment by agentultra
9 months ago
Definitely, it’s a trade off. Pulling in dubious dependencies can be a risk. Might be worth writing your own library or forking the dependency and vendoring it in your source.
There’s a spectrum of options here.
9 months ago
Definitely, it’s a trade off. Pulling in dubious dependencies can be a risk. Might be worth writing your own library or forking the dependency and vendoring it in your source.
There’s a spectrum of options here.
No comments yet
Contribute on Hacker News ↗