This aport doesn't meet generally known quality requirements and should never have been accepted to the aports.
- The aport sources are not immutable, the build is not reproducible - installs dependencies from npmjs.com without at least enforcing the lock file ('npm ci' should be used).
- Includes even dev/build dependencies (node_modules) in the package.
- Includes multiple prebuilt binaries (node_modules/utf-8-validate/prebuilds).
- Includes intermediate build files (*.o in node_modules/detect-character-encoding/build/Release/obj.target/icui18n/vendor/icu/i18n/).
- Includes tons of redundant and unnecessary files, such as source files for transpiled JS files and compiled native code, type declaration files, readmes, build scripts, dot files and so on.
- The package license is incomplete, it doesn't consider node_modules.
- The aport was last updated ~1.5 years ago.
- 'npm audit' found 6 critical and 9 high vulnerabilities.
Points 2-5 are responsible for the enormous package size (it's full of bloat).