You’ve traded supply chain vulnerability for slop vulnerability.
replyExcept your supply chain could also be slop and you have no idea (unless you’re auditing your dependencies, right?).
replyI’d take vibe coded vanilla js slop over npm dependency hell every day of the week.