The security maintenance of the ten lines of code I have read and copied into my code is the same as the ten lines of code next to it, that I have written myself.
It can't be the same. The package is public, so you get some benefit of other people reviewing and your tools notifying you of issues.
Or do you really mean you ignore all that info?
The security maintenance of the ten lines of code I have read and copied into my code is the same as the ten lines of code next to it, that I have written myself.
It can't be the same. The package is public, so you get some benefit of other people reviewing and your tools notifying you of issues. Or do you really mean you ignore all that info?
Does left-pad have security updates? You may as well ask what's the security update solution for Stack Overflow answers.
Does every single small package have a guaranteed security profile of left-pad?