Trivial dependencies should be inlined. Consider leftPad or isEven.

Or these Koa deps:

- https://github.com/isaacs/inherits/blob/main/inherits.js

- https://github.com/component/toidentifier/blob/master/index....

When you're building a web server library, you need to care about supply chain attacks because you're the one exposing people to them.

Anyways, that's beside the point. Hono is what Koa should have been if Koa wasn't frozen 10 years ago: a simple `res = await handle(req)` abstraction that works everywhere including edge workers.

It was designed by cloduflare for serverless use. There's no dependency on node, as cloudflare is based on web standards, so it was designed around warper for browser-native js modules (Request, crypto, ... hence the low dependency), which is why it integrates well with bun and deno.