bin-wrapper is not maintained, can we depend on something else?

[peterbe]

👋 I'm new to this project and don't know much about the community behind it. But I'm concerned about security vulnerability reports coming from deep dependencies. In particular semver-regex

This is how it gets used:

❯ npm ls semver-regex
...
└─┬ [email protected]
  └─┬ [email protected]
    └─┬ [email protected]
      └─┬ [email protected]
        └─┬ [email protected]
          └─┬ [email protected]
            └── [email protected]

Poking around, it seems the buck stops with bin-wrapper. Last commit on that repo was November 2018.

Can we omit/replace bin-wrapper and use something more maintained?