I've worked in plenty of javascript shops and unfortunately its not so far off the mark. Its quite common to see JS projects with thousands of transitive dependencies. I've seen the same in python too.
It's funny how Py has less of this reputation just because the package manager is so broken that you might have a hard time adding so many deps in the first place. (Maybe fixed with uv, but that's relatively new and not default.)
I've worked in plenty of javascript shops and unfortunately its not so far off the mark. Its quite common to see JS projects with thousands of transitive dependencies. I've seen the same in python too.
It's funny how Py has less of this reputation just because the package manager is so broken that you might have a hard time adding so many deps in the first place. (Maybe fixed with uv, but that's relatively new and not default.)
Until you start doing SBOM and seeing what developers are pulling out in the field.
I'm not so sure about that.
I've watched developers judge dependencies by GH stars, and "shiny" quotient.
On a completely unrelated tangent, I remember reading about a "GH Stars as a Service" outfit. I don't see any way that could be abused, though.../s