Re: Javascript
> Much as I dislike Javascript, how is this specific to Javascript? This could have just as easily been an obscure Perl module or C library that is a dependency for something widely used.
Could hit Perl, perhaps, but in the case of C (or C++) there is no tradition of automatically pulling dependencies off the web whenever you build. Your program typically depends only on libraries that either are part of the platform, or ones that you explicitly install beforehand. In the latter case they usually come from a vendor, or (typically in Linux or BSD) from the curated and digitally signed collection of packages the distribution maintains. These mechanisms make slipping bad code in harder (Not impossible, but much harder).
Biting the hand that feeds IT
