For one customer I do maintenance on a piece of software.

Building it produces about two-three dozen deprecation warnings.

The whole software stack relies on a cluster of packages that stopped receiving updates 5 years ago.

The software is not facing end-users. But it does build using NPM and not via vendored packages.

To avoid those warnings, large parts of the code need to be rewritten using a different set of packages.

That doesn't get prioritised because it works.

The software sucks in many ways, but only from the perspective of an artisan.

The customer is happy to ignore warnings as long as the software does its job.

There isn't money in fixing things that work because it got old.

The incentives for the people putting the deprecation warnings in those packages don't align with the users of those packages. Their timelines and motives are different.