@thufie @starless kind of agreed on that, with the caveat that imo it's nicer to have separate modules (still managed by the same org/person!, still a single source of trust), so things remain independently versioned and updatable. Otherwise you end up with big monolithic kitchensink frameworks like lodash.

What you see often is that there is a whole swath of libraries being used, but they're all part of a dependency 'constellation' managed by just a few people/org anyways. The metric to look at is *never* dependency count, but the amount of parties to trust, which does not correlate linearly in the ecosystem