alt Hacker NewsBecause that's precisely what is needed: an easy way to ship dependency malware like npn, pip, cargo, etc.
Like it or not, having a little bit of friction prevents pulling in packages with thousands of transitive dependencies.
Because that's precisely what is needed: an easy way to ship dependency malware like npn, pip, cargo, etc.
Like it or not, having a little bit of friction prevents pulling in packages with thousands of transitive dependencies.