I'm thinking about including this project in our repo, but notice on install several security warnings from npm:

This makes me wonder if the library is maintained - or maybe needs help maintaining?

This makes me wonder if the library is maintained

Somewhat maintained? If a human checks that a dependency update makes sense, and doesn’t break anything, there should be nothing standing in the way of doing a new release here.

Awesome. I will look into upgrading lodash. It's pretty heavily used, but I guess it could be broken up in smaller steps.

Maybe swapping out with some modern js?

What is the oldest version of node that the library should support?

I’m not sure, at least as far as our team is concerned it’s Node.js 12.4.0. The .travis.yml tells another story, so doing a major version bump might make sense anyway?

A agree, a major version bump would make sense. At least supporting Node.js 12, maybe even just jump directly to v14?

@addaleax I started a PR #137 to update lodash, I tought it would be easy 😅

But after replacing deprecated functions with the new ones, I still get a bunch of errors on the unit tests. Do you have a moment to look at it - or maybe just some advice where the issue could be?

A agree, a major version bump would make sense. At least supporting Node.js 12, maybe even just jump directly to v14?

So, since we’re currently still bound to use Node.js 12, I don’t think our team would accept a bump to Node.js 14 directly :)

Roger - the PR for that is #136, and seems to work fine, also in CI ✅ Ready to merge 😊