[Tip#45] The more dependencies your project has, the higher your risk of supply-chain attack is, and the less you're aware of what code is actually running...
About a year and a half ago, I began doing exactly this.
So glad I did. I’d pick a package, isolate the part I was utilizing and figure out how to write my own functionality.
It wasn’t as daunting as I expected. And I found that digging through a packages code exposed me to different ways to code things up; time spent reading code is never wasted.
Security Tip: Replace Simple Dependencies
About a year and a half ago, I began doing exactly this.
So glad I did. I’d pick a package, isolate the part I was utilizing and figure out how to write my own functionality.
It wasn’t as daunting as I expected. And I found that digging through a packages code exposed me to different ways to code things up; time spent reading code is never wasted.