xeol-io
Check is a package is very old (abondoned)
What would you like to be added: The EOL life checker to take into account packages which have been abandoned, making them unmaintained. This means no activity on Github, and no releases for a long time. Including the ability to what constitutes unmaintained would be a plus.
Why is this needed: If a package was last released in 2017 and its 2024 now, how likely is it that this package is unmaintained? I'd say very likely. We found out we used two packages like this. Being notified of unmaintained packages proactively is better than reactively.
Using unmaintained packages, whose github page is not archived, poses the same risk as those packages that are archived. I'd say that if a package has not had a release in > 5 years, I would call it unmaintained. Of course, this is a personal rule, and having the ability to custom these preferences would be even better.
👍 definitely agree with most points here
Though I feel like its something that should be disabled by default. Because it is not entirely factual. For example, a project with 0 dependencies that hasnt been updated in 5 years could be an entirely valid package!
So the length of time to consider a package unmaintained is inversely related to the number of dependencies it has.
