This package currently uses pouchdb v6, and we should upgrade to pouch v7. v6 is not maintained and has some vulnerabilities.
The main change is that the websql driver is not packaged by default anymore. We shouldn't need it — the only known use case for it is a page running in an iframe on safari mobile, so an intent for example. But no app does this at the moment.
That said, the websql driver can be added as a separate dependency, and that would probably be the safest way to upgrade.
When we do this, we should also switch to the browser-only version of pouch — it's significantly lighter.
This package currently uses pouchdb v6, and we should upgrade to pouch v7. v6 is not maintained and has some vulnerabilities.
The main change is that the websql driver is not packaged by default anymore. We shouldn't need it — the only known use case for it is a page running in an iframe on safari mobile, so an intent for example. But no app does this at the moment.
That said, the websql driver can be added as a separate dependency, and that would probably be the safest way to upgrade.
When we do this, we should also switch to the browser-only version of pouch — it's significantly lighter.