But “big supply chain” will tell you that you must do it this way. Don’t you dare to copy paste that function into your library. Or don’t you dare to use “unsafe” yourself. You’re not qualified enough to write unsafe code, let the platform abstraction architects do that. Otherwise someone will slap you. There are entire companies who are making a living of supplying you with the tools needed to deal with your dependency mess. In the name of security, we’re pushed to having dependencies and keeping them up to date, despite most of those dependencies being the primary source of security problems.
Before my exposure to node_modules I felt like the java ecosystem was pretty neat and tidy with package definitions. I don’t know that there’s a reversal of this trend.
Quote Citation: Armin Ronacher, “Build It Yourself | Armin Ronacher’s Thoughts and Writings”, 2025-01-24, https://lucumr.pocoo.org/2025/1/24/build-it-yourself/