npm deprecate versions prior to v7?

[broofa]

This comment has me thinking we should do this:

npm deprecate uuid<7 "Pre-v7 versions of this library may use Math.random() \
in certain circumstances, which is known to be problematic.  Please upgrade to a \
more recent version.  See https://v8.dev/blog/math-random for details."

[ctavan]

I don’t know exactly what consequences this will have. But in principle this sounds very good to me!

[LinusU]

I think the only consequence would be a warning printed when running npm install?

I'm all for this 👍

[broofa]

Done. For the record, here's the command I ran:

npm deprecate uuid@"<7" "Please upgrade `uuid` to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details."

You can verify by going to https://www.npmjs.com/package/uuid and clicking the "Versions" tab, then selecting the "☑️ show deprecated versions" box to see which versions are / aren't deprecated.