It's been some 3 years since this became obsolete.
The editToken key of mw.users.tokens has been replaced by csrfToken since 298cf413dbc3fa4e (MediaWiki 1.27, released 2016).
The primary user of it, mediawiki.api was already migrated in the same commit. This means code using mw.Api#getToken('edit') will continue to work and is already using the new csrfToken key underneath.
What we need to migrate still is anything that uses editToken directly via mw.user.tokens.
Let's update whatever is using this in tarballed/WMF extensions and remove it from the payload.