npm is not ready for Node 11

[targos]

Currently, npm uses the deprecated crypto.pseudoRandomBytes API through its unique-slug dependency.

There is already a PR to fix it: npm/unique-slug#6

[addaleax]

Given that the only reason for deprecating seems to be “reducing undocumented API surface”, we should also definitely consider reverting the deprecation. Aliases are cheap and come with very little maintenance overhead.

[tniessen]

I contacted npm via twitter, their response was

I'm glad you asked about this. We can't guarantee that repo will be looked at in the near future.

So I'm in favor of downgrading the deprecation as well.