Hacker News new | past | comments | ask | show | jobs | submit login

I use urllib.request to avoid having a dependency in little scripts, but I can't say I think that requests is a big supply chain risk.



It may not be the request package itself but a sub dependency. It only has a few from looking at the repo but something like flask can have a lot (especially with the plugins) and that’s a mainstream and well supported library




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: