The current npm package depends on axios and some other libraries.
Since it mainly acts as a wrapper around a prebuilt binary, I’m wondering if these dependencies are strictly necessary.
For example, projects like esbuild, rolldown, and rumdl seem to keep the wrapper layer minimal and avoid extra dependencies.
And extras dependencies also may cause supply chain attack.
Would it make sense to simplify things in a similar way here?
The current npm package depends on axios and some other libraries.
Since it mainly acts as a wrapper around a prebuilt binary, I’m wondering if these dependencies are strictly necessary.
For example, projects like esbuild, rolldown, and rumdl seem to keep the wrapper layer minimal and avoid extra dependencies.
And extras dependencies also may cause supply chain attack.
Would it make sense to simplify things in a similar way here?