i swear, dependencies are such a fucking mess. how many times have we seen supply chain attacks in npm? way too many. you can't trust any of that shit, it's a security nightmare waiting to happen.