No update for more than 2 years, is it safe ?

There is a saying in the JavaScript world that says, if an app has not been updated for a long time, it is not safe.

Why ? mainly because it has not implemented latest security standards and dependencies are likely not to be up to date with last security patches. 

I am opening the discussion. Is it safe to use as of today, should we rely on an alternative ? 