Safety and integrity of packages is (or should be) a valid concern. This accident happened before 90% of internet was malicious:
<https://qz.com/646467/how-one-programmer-broke-the-internet-by-deleting-a-tiny-piece-of-code> More recently, browser plugins are being turned malicious after becoming famous. Same mechanism could be utilized in nimble packages: <https://thehackernews.com/2023/12/new-report-unveiling-threat-of.html> IMO, this is one of the main reasons against shrinking the standard library - increased chance of malicious code while having zero mechanism to protect nimble users from malicious packages. I
