Request Has Been Deprecated

Now that one of the biggest NPM packages has been deprecated, what does that mean for your project?

Songtham Tung
Feb 13 · 2 min read
Photo from npm.

As of February 11, 2020, one of the biggest NPM packages — Request — has been officially deprecated.

This popular library has been around for more than a decade, with the first version released in 2009. Since then, it has received more than 16 million weekly downloads and more than 47,000 libraries are dependent on it.


Why Would the Author Stop Development?

In his own words, original author Mikeal Rogers stated:

With the emergence of modern JavaScript and newer design patterns, Rogers was faced with a tough choice:

  1. Ride the wave of change
  2. Deprecate

At first, Rogers thought he could adapt, but he ultimately chose the latter and goes on to say that “The patterns at the core of request are out of date.” Instead of surviving through the transition, the author is convinced that it’s the opposite.

Photo by Michał Parzuchowski on Unsplash.

What Does This Mean for You?

Well, a lot if you’re one of the 47,000 dependent libraries or someone who uses it. And chances are you do. Using deprecated packages is not ideal, but it doesn’t mean that you have to change now.

Request will hitherto be in maintenance mode.

According to Rogers, here’s the plan:

  • request will stop accepting new features.
  • request will stop considering breaking changes.
  • The committers who are still active will try to merge fixes in a timely fashion. No promises, though.
  • Releases will be fully automated. Any merge into master will be published.

So What Are the Alternatives?

There’s a GitHub thread dedicated to this issue.


Conclusion

JavaScript is the reigning language on GitHub.

As JavaScript continues to grow, so will the number of libraries and developers using them. If you’re currently using Request or any libraries dependent on it, speak to your team about possible replacements. Also, don’t forget to run npm audit to check the security of your project’s dependency tree and fix any vulnerabilities.

Happy coding!

Better Programming

Advice for programmers.

Thanks to Zack Shapiro

Songtham Tung

Written by

Technical Product Director @ Geddit | SF Native x BKK Resident 🇺🇲🇹🇭 | #b2b #saas #cloud

Better Programming

Advice for programmers.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade