Refactor: Replace outdated and unmaintained dependencies

[yslpn]

Problem Description

The project utilizes several dependencies that are no longer actively maintained, with some not having been updated in 2-7 years.

Proposed Solution

Replace the following packages with modern, actively supported alternatives:

1. cli-table Latest version: 0.3.11 published 3 years ago
2. convert-source-map Latest version: 2.0.0 published 2 years ago
3. normalize-path Latest version: 3.0.0 published 7 years ago
4. pofile Latest version: 1.1.4 published 2 years ago
5. source-map Latest version: 0.7.4 published 3 years ago
6. plurals-cldr Latest version: 2.0.1 published 3 years ago
7. node-gettext Latest version: 3.0.0 published 5 years ago

Some of them, like pofile #2235 #2098, contain bugs that no one fixes. Some others contain potential vulnerabilities.

Replace or simply remove them one by one.

Alternatives Considered

Source Maps: @jridgewell/trace-mapping is the direct successor recommended by the author of the original source-map package, making it the most logical and safest choice.

Path Normalization: A dedicated package like slash could be used, but leveraging the built-in path module in Node.js is preferable as it eliminates an unnecessary dependency entirely.

Additional Context

No response

[timofei-iatsenko]

Well, maybe some libraries just do they work and don't have to be updated that often? 😀

Regarding pofile i agree, the original implementation is far from perfect and i did an attempt to rewrite it here https://github.com/timofei-iatsenko/pofile

Lingui can evaluate diffrent available libraries and if they work well and fixes current issue, then use them, otherwise we can improve my fork and pull it under lingui organization (don't want to maintain pofile fork as a person)

Regarding source-map, mozilla's implementation we use, uses WASM binary compiled from Rust code to perform a mapping. It still the fastest option on the npm for now. From very quick investigation it seems that many projects simply could not switch they code to the async to load this wasm binary hence many purely JS implementations pops out which offer sync api. There were no changes in sourcemaps standard and no blockers or critical issues in current implementation. I would rather stick with mozilla's implementation than something else.

I believe we could update libraries which has vulnerabilities, but updating something just because it's 3 years old, but still doing its function pretty well would be ineffecient spending of engineering resources.

[andrii-bodnar]

I agree with @timofei-iatsenko.

Regarding the pofile, I had the conversation with the author of this library some time ago, and got the following response:

I'm not really using pofile anymore nor do I really have the time to maintain it.
Happy to accept PR requests (if they don't break the API), but I can't really put much time into it.
At this point I'd probably recommend making a fork of the package.

So I think, we can adopt its fork under the Lingui organization if needed.