Copied text does not inject bitcoin mining malware three months after I paste it.
Neither does a dependency you don't update, though, which is isomorphic to copied code you never update.
alt Hacker News
Neither does a dependency you don't update, though, which is isomorphic to copied code you never update.