
A Confusing Dependency (2018) - lelf
https://blog.autsoft.hu/a-confusing-dependency/
======
Reelin
> Of course you could run your own internal Maven repository for your company
> and have every project rely on that exclusively, with only carefully
> reviewed and verified packages being imported there. Most won't have time to
> be so careful about dependencies.

If true, that seems like a serious problem.

