I know you're not accepting new pull requests, but this is security-related and a very small change.
The underscore dependency is pinned to version 1.12.1 in package.json. ~This version has a security vulnerability that I can't resolve by upgrading underscore in my application, because geojsonhint pins an exact version.~
I was going to change it to specify a version range (^1.12.1), but then I realized that underscore is not actually used, so this removes it entirely. The tests pass.
EDIT: The vulnerability is actually in the version of underscore specified in the jsonlint-lines dependency.
I know you're not accepting new pull requests, but this is security-related and a very small change.
The
underscore
dependency is pinned to version1.12.1
in package.json. ~This version has a security vulnerability that I can't resolve by upgrading underscore in my application, because geojsonhint pins an exact version.~I was going to change it to specify a version range (
^1.12.1
), but then I realized that underscore is not actually used, so this removes it entirely. The tests pass.EDIT: The vulnerability is actually in the version of underscore specified in the
jsonlint-lines
dependency.