Deprecated packages

[alexojegu]

On a fresh install, npm shows:

npm warn deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated [email protected]: Glob versions prior to v9 are no longer supported
npm warn deprecated [email protected]: Please use another csrf package
npm warn deprecated [email protected]: Vue 2 has reached EOL and is no longer actively maintained. See https://v2.vuejs.org/eol/ for more details.

querystring: this is dependency of native-url can be replaced by web API URL, seems well supported by browsers.

inflight - glob: these are dependencies of archiver, the only breaking change from 6.0.1 to 7.0.1 seems to be "drop support for v12 node".

csurf: I understand that changing to another package may be more complicated. But a security-related package without maintenance for 4 years doesn't seem very secure.

Vue: I understand that upgrading to version 3 can be a lot of work and will require time and planning.

[robertsLando]

Hi @alexojegu and thanks for your issue. I have created #3778 to bump all deps (except vue/vuetify). Deprecated packages are not always bad if they do some really basic thing and they don't have any open security issue.