Every dependency you add is a supply chain attack waiting to happen

by benhoyt | View on Hacker News