Lower score in "up-to-date dependencies" if direct dependency is "discontinued" #1445

sigurdm · 2025-03-03T10:53:51Z

Depending on a discontinued package is not healthy for the ecosystem in the long run

It could be seen as equivalent to not allowing the latest version of a dependency in your constraint.

Rexios80 · 2025-03-03T12:21:30Z

I'm not sure about this. It's possible for a package to be marked as "discontinued" and still be fully functional.

sigurdm · 2025-03-03T15:42:14Z

I'm not sure about this. It's possible for a package to be marked as "discontinued" and still be fully functional.

(opinions:)

While this is true, it is not healthy in the long run.

Several things are potentially fully functional (such as having false positive warnings, not allowing the latest version of a dependency),

We still want package authors to react to these and move the ecosystem forwards.

sigurdm mentioned this issue Mar 3, 2025

Detect and reward packages that are wasm compatible #1324

Open

sigurdm mentioned this issue Mar 4, 2025

Lower score for packages with discontinued dependencies #1447

Merged

sigurdm closed this as completed in #1447 Mar 10, 2025

Provide feedback