However, even though development teams rarely perform code reviews on third-party dependencies, such code may contain vulnerabilities - or worse, may contain code written with malicious intent!
