On February 16, 2022, all non-audit-related npm Advisory APIs will be deprecated. Historically these undocumented APIs have been used to programmatically access advisory data. If you don’t use these APIs, you don’t need to take any action at this time.
Why the change?
Earlier this year, all npm advisory APIs were updated to be powered by the GitHub Advisory Database. As part of this work, we have created a service that converts the GitHub Advisory entries into a format that is compatible with the npm CLI and other tools that rely on our audit APIs that manage POST requests.
All non-audit-related npm Advisory APIs will be deprecated as the data being served from them has been modified from the original source, the GitHub Advisory Database.
What do I need to do?
We recommend customers who wish to continue utilizing advisory data should switch to the GitHub Security Advisory GraphQL API.