I think this is a big issue in the opensource ecosystem.<p>It's hard to reason about the security implications of pulling in a dependency to your project.<p>There is not enough documentation about what OS features a library requires and what behavior should be considered as an anomaly.<p>Why is software hardening not an established practice?