Closed mcandre closed 4 years ago
ruyadorno
commented
4 years ago hi @mcandre I did a quick maintenance work in order to bump the dependencies 😊 many thanks for helping out with that
honestly I don't think forking is necessary, I believe @millermedeiros would gladly hand out access to people genuinely interested in keeping the project (like he did to me in the past hence how I merged your PRs)
mcandre
commented
4 years ago Hi @ruyadorno,
Thank you for responding quickly! Glad to see esformatter getting the attention it needs.
Say, when can we expect the next release version to appear in NPM? Downstream projects like jsfmt would appreciate receiving these recent dependency updates.
ruyadorno
commented
4 years ago 👍 published v0.11.0 that contains all these dependency updates and a subsequent v0.11.1 that is roughly half the size in KB, since I only noticed after that first publish that the project was shipping the test folder to the npm registry all along, so that removes it.
One important thing to notice is that now the project only supports more recent versions of node (I haven't pinned exactly which version but I noticed that CI tests were broken on the ancient node@0.12 that it has configured for travis).
Given this repository has not been updated in quite some time, and has open security vulnerabilities, I propose that we follow an MIT-compatible license and publish an updated fork to npm as a separate package.