ES6 incompatible with older versions of Node - breaking Mocha build

[brimtown]

Hi @deiga ! Thanks for responding to the recent vulnerability concern, and for stepping up as a maintainer of growl.

Mocha has a dependency on growl 1.9.2, and I've put up a PR here to bump growl to 1.10.2. I'm not sure that this is the only issue, but the introduction of ES6 into growl breaks Mocha's compatibility with older versions of Node. We're trying to determine how best to move forward, and I was curious how set you are in the decision to use ES6 in growl?

ES6 in growl seems to imply that Mocha would need to drop support for older versions of Node, or that it would need to remove growl as a dependency. I wanted to get your thoughts on how you envision growl moving forward, and whether ES6 is here to stay in growl.

[deiga]

Hi @brimtown . I'm quite sure that only the ES6 changes breaks compatibility with older versions of Node. I chose this path as any Node version below 4.x is a security issue and it doesn't make any sense to support them further. (Especially since you're wanting to upgrade growl version because of a security vulnerability)

The Node team stopped pushing security updates for 0.12.x and 0.10.x last year and urge people to upgrade to any of the active versions (https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/)

Of course if you deem it absolutely necessary to mocha then I can consider forking a version which fixes the security issue in growl, but it would just seem a bit paradoxical, don't you think? :)

[nickkolok]

Publishing v1.9.3 on NPM would be enough, wouldn't it?