How to ensure to stay up to date with the bugs of the Open Source Repos? I have been using tons of Open Source Repos in my projects. But I always struggled to make sure that I am up-to-date with the bug reports. I am not interested in a thorough analysis of the repo. Just tell me if there is a new bug reported for the functions/modules/packages that I am presently using. How do you work on this problem? Do you have any useful tools you can refer to?

Well, I guess this is one "advantage" of micro-sized NPM modules that contain a single function (hi, left-pad). Any issues opened on the repo likely apply to the parts of the library you're using, since there's only one part! Sigh.

That's a good point @Shubhadeep Roychowdhury...while npm does a good job of making it easy to stay up to date on a package wide level, there's not a more grandular thing available that I'm aware of

@Breck Yunits Thanks. Tree Shaking can be nice, and npm does a good job at some of the part of the problem. But, for an example, I am principally working in Python. Now imagine a scenario, I am using Pandas and some functions from it. If someone declares a bug (it may not always be in issue tracker either, let's say someone just wrote a blog post about it and shared it in HN or something) How do I keep myself updated with that? How do I make sure that before I ship the next version of my code I, at least, looked into the problem and understood what it is and how it may affect me... I did not find any general purpose tool for this. Do you know any?

If we had more fine-grained repositories, you could potentially see the true dependency tree of every external dependency. you could do something like tree shake every method call, then hash the resulting tree with something like sha-1....then if someone were to report a bug on anything in that tree, the things that are affected could get notified

me neither 😞 I don't know of anything that helps me with that