Node.js Package: commander ≤ 8.3.0 - End of Life Notification (EOL)

[matt-senseye]

d3-dsv has a dependency on commander 7 which has been marked as end of life.

Our project has a dependency on d3 which in turn pulls in d3-dsv. Our vulnerability management tool is reporting this as a "critical" priority alert but I'm unable to action it because d3-dsv does not seem to have had any maintenance updates for quite a long time (last release was Jun 5, 2021).

Either updating or replacing commander would be beneficial in order to avoid reliance on an EOL package.