In the name of security, we’re pushed to having dependencies and keeping them up to date, despite most of those dependencies being the primary source of security problems.

And

The goal of code in many ways should be to be written in a way that it does not need updates. It should eventually achieve some level of stability.

From “Build it Yourself”

The other thing I increasingly see is pulling in a big library when needing a small chunk of it. Somewhat similar to:

when you end up using one function, but you compile hundreds, some alarm bell should go off