For the vulnerabilities that are related to application, they will be fixed, with high priority. For development purpose, we’ve been slacking here a bit, as it’s not as critical. Which one are you referring to?
For v1: beside the router: has a lot of issues because of its big surface, there hasn’t been any critical issue that went unaddressed (at least as far as I’m aware).
For v1 tooling, Webpack v5 is a quite an issue, and it seems like a big one to fix, this will probably take some more time until we can find our way through Webpack APIs & internal again.
For backporting, I’m not sure that we want to commit to this, maybe it will depend on the features. Do you have a particular one in mind? If it’s a general question, then maybe we can do it based on the popular community requests.
After Alpha gets more stable and ready, maybe we can afford to fix/refactor the v1 router more, but at the moment, it’s stable enough that it’s hard to justify the risk of creating more bugs via quick fixes.
If the answers above aren’t satisfying/on point, can you be more specific with the questions?