GitHub Community
How do I report that a package should be deprecated? #164078
Unanswered
timjrobinson
asked this question in
npm
Replies: 1 comment 2 replies
This comment was marked as off-topic.
This comment was marked as off-topic.
-
|
There is no way to contact NPM support through the form, they just say "please contact the package maintainer" |
Beta Was this translation helpful? Give feedback.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
There's a package "trello" https://www.npmjs.com/package/trello that hasn't been updated in 4 years, has many security vulnerabilities that were reported years ago and the author isn't maintaining or responding to them. There is another package Trello.js (https://www.npmjs.com/package/trello.js) that is up to date and has no vulnerabilities and is actively maintained.
I think the first trello should be marked as deprecated and users told to use trello.js so they don't expose themselves to security issues. But there doesn't appear to be any way to report this on the npm site.
Beta Was this translation helpful? Give feedback.
All reactions