Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> A competent developer could whip up a more axios-like library with fetch in a day easily.

Then you would have created just an axios clone. AKA re-inventing the wheel. The issue isn't the library itself, but rather the fact that it's popular and provided a large enough attack surface.

You can actually just clone the axios package and use it as is from your private repo and you would not have been affected.



You would have created a smaller axios that only does what you needed it to. Even better


Absolutely.


I think we're entering an era where "re-inventing the wheel" is actually a completely valid defensive posture. The cost is so low relative to the reduction in risk.


> AKA re-inventing the wheel.

The wheel is the native fetch API, nobody needs to reinvent it.

All you'd do in that scenario is make your own hubcap to put on top.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: