Ah, I think I get what you're saying now. So it's not just the complexity of the build system, it's the system of dependency resolution and management across a networked multi-repository of components. That does add complexity and risk, as the left-pad incident (and others) have made well-known. Come to think of it, besides javascript with npm, what other build systems consult only a single central repository? Is having a single central repo (or at least, appearing as a single hub) simpler, or is something like Go's modules, which can pull from any number of repos, public or private, added complexity?