Right, and because you haven't done that you have no idea how insecure your code is. Tough luck if someone breaks your code via some dependency you didn't audit - you get blamed.

Have you ever written any code? What you are suggesting is totally unfeasible in all but the most paranoid applications.

I write code and write that from experience. I cannot audit everything, and i've been burned more than once for not doing so.