But presumably, you only include dependencies that you trust and those dependencies themselves do their trusting more strictly than you. Trust is built on vetting, signatures and reputation.
That is, at least what we do, in theory. In practice, we cross fingers and let the LLM pick dependencies, are satisfied if it just works and we either update our deps frequently or infrequently.
But presumably, you only include dependencies that you trust and those dependencies themselves do their trusting more strictly than you. Trust is built on vetting, signatures and reputation.
That is, at least what we do, in theory. In practice, we cross fingers and let the LLM pick dependencies, are satisfied if it just works and we either update our deps frequently or infrequently.
> Trust is built on vetting, signatures and reputation.
https://news.ycombinator.com/item?id=47017833
Well, now with an irony, but sadly, of course.
Would red hat be considered a trusted/reputable vendor?
The problem is that node.js doesn't have a good standard library so one must rely on external packages to build even basic apps.
Can you tell us what exactly is missing? A network api? Process execution? IO? Math?