unknown

Lodash transitions from single-maintainer model to collaborative governance under OpenJS Foundation with Sovereign Tech Agency support. The utility library, powering 9.3 million websites and 2.4 billion weekly npm downloads, will focus on sustainability rather than new features. Key initiatives include establishing a Technical Steering Committee, deprecating fragmented package variants, restoring CI systems, improving security posture with threat models and formal CVE processes, and progressively rewriting the library using native JavaScript functions. The approach mirrors the successful Express 5.0 revitalization strategy, emphasizing that open source sustainability requires active community governance and real funding.

The Future of Lodash

Ulises Gascon

<blockquote>
Our next major version will likely limit compatibility to modern Node.js versions and browsers, allowing us to use current syntax. It will be a semver major release, but the migration shouldn’t be painful for users.
</blockquote>
What a missed opportunity. In my opinion, lodash could benefit greatly from just dropping (or deprecating, then dropping) functions that are now trivially accomplished with vanilla JS. The many now basically obsolete functions make the docs bulky and promote bad practice. I want a painful migration. Force users to update to native code, away from using lodash wherever possible. That’d be in the interest of the user.

<blockquote>
Directly or indirectly, many of us depend on Lodash every time we run <code>npm i</code> in any project.
</blockquote>
Can someone provide the proof of this? I’m not seeing a lodash dependency in npm.

Wow, one of the maintainers of Express.js speaking about _.