update eslint to stop whining about vulnerability

charlierudolph / dependency-lint

Lints NPM dependencies and devDependencies

MIT License

14 stars 6 forks source link

update eslint to stop whining about vulnerability #52

Closed mjhm closed 5 years ago

mjhm commented 5 years ago

@charlierudolph Just updating eslint because it has a dependency on js-yaml which had a DoS security vulnerability. (https://github.com/eslint/eslint/commit/afe3d25f8afb88caee43f7202d0eb96f33a92a6b)

And of course this trickles down into all dependencies.

charlierudolph commented 5 years ago

Thanks for the PR. Did this in another branch as had to stop supporting Node 6 (as babel appears to believe it is no longer supported even though end of life is at the end of the month)

charlierudolph commented 5 years ago

v6.0.0 released with eslint updated