> Now that junk tech debt is suddenly rated “AAA”.
I think by "suddenly", the author is saying it doesn't make sense for the same code to have a better debt rating when vendored than it did before. But that's only looking at the value of the code itself, which misses the most important part of the total value proposition.
When a maintainer vendors code in, the maintainer owns that code now. If you're an active maintainer vendoring in code from a dead project, you are increasing the value of that code because now there is an active human who may respond to issues, review pull requests, and fix bugs.
By another analogy, giving a neglected pet to a new owner increases the value of the pet because it will be better taken care of, healthier, live longer, etc.
Only for those who use the dependency indirectly. This will likely see very few eyes to find bugs. The maintainer will also have a ramp up in having to deal with a large, unfamiliar code base that will be a hindrance to implementing fixes or reviewing them.
Yes, it places a burden on the maintainer, but that's exactly why it increases the value of the code. That burden is the maintainer providing that value.
I think by "suddenly", the author is saying it doesn't make sense for the same code to have a better debt rating when vendored than it did before. But that's only looking at the value of the code itself, which misses the most important part of the total value proposition.
When a maintainer vendors code in, the maintainer owns that code now. If you're an active maintainer vendoring in code from a dead project, you are increasing the value of that code because now there is an active human who may respond to issues, review pull requests, and fix bugs.
By another analogy, giving a neglected pet to a new owner increases the value of the pet because it will be better taken care of, healthier, live longer, etc.