Oh so if that package is transferred to a malicious person and you upgrade a patch or minor version, what happens then?
That's good, but sometimes other projects will be transferred to someone that says they will contribute to it and they will plant malicious code in, similar to what happened with event-stream
I'm not dismissing it, React official docs is. I appreciate the hard work that went into it, but as I said some of the pull requests haven't been merged in over 6 months and it seems to have generally less support.
I personally used it in my projects but as we need to ensure we keep only third party libraries that are strictly supported and maintained I can't use or recommend this one anymore and I feel the blog creator should at least provide a few options to the users that might not have the full picture.
Also, don't be rude. I don't know you and your victimism is uncalled for.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.