This is the reason SBOM is an attempt to force documenting dependencies.
It will not solve everything but it helps.
Other than that, it is a reponse to one's laziness to import a full library to use only one method... it is part of my code review to always question the need for imports and (try to) weight the maintenance cost.
This is the reason SBOM is an attempt to force documenting dependencies.
It will not solve everything but it helps.
Other than that, it is a reponse to one's laziness to import a full library to use only one method... it is part of my code review to always question the need for imports and (try to) weight the maintenance cost.
[dead]