Version 1.2.0 of eslint-config-developit brings significant updates to its linting dependencies, enhancing code quality and compatibility checks for JavaScript projects. Key improvements focus on incorporating newer versions of ESLint plugins, which address modern JavaScript features and best practices. Babel-eslint is updated to ^10.1.0 for improved Babel integration. The "eslint-plugin-compat" is bumped to ^3.5.1 for enhanced browser compatibility checking, while "eslint-plugin-jest" jumps to ^23.8.2, providing better support for Jest testing frameworks including new assertions and features from Jest. Moreover, "eslint-plugin-mocha" is revised to ^6.3.0, offering improved Mocha testing support with new rules and capabilities.
Notably, the update includes a newer developer dependency on ESLint itself, moving to ^6.8.0, allowing developers to take advantage of the latest ESLint features and bug fixes. In comparison to the previous version 1.1.1, which used older versions of these plugins and eslint, this upgrade ensures better alignment with current web development standards and tooling. Therefore, users upgrading to 1.2.0 gain access to more robust, up-to-date linting rules, enhancing code maintainability and reducing potential runtime errors. The peerDependencies update from "eslint":">=4" to "eslint":">=5" signals the need for a more recent ESLint installation. This upgrade is essential for projects targeting modern browsers and Node.js environments and is a major improvement over the older release.
All the vulnerabilities related to the version 1.2.0 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
