Comment by simon84

This is the reason SBOM is an attempt to force documenting dependencies.

It will not solve everything but it helps.

Other than that, it is a reponse to one's laziness to import a full library to use only one method... it is part of my code review to always question the need for imports and (try to) weight the maintenance cost.