Eslint-config-rem provides a shareable ESLint configuration tailored for projects using the "rem" unit. Comparing versions 4.0.0 and 3.2.2 reveals important shifts for developers. Version 4.0.0 represents a simplification: it sheds direct dependencies on eslint-config-prettier, eslint-plugin-prettier, and prettier itself. This suggests a move towards a more focused ESLint configuration, likely relying on other tools or project-specific setups for code formatting concerns previously handled by Prettier. The core functionality for linting Markdown files via eslint-plugin-markdown remains consistent between versions.
A key consideration is the update of development dependencies. Version 4.0.0 utilizes eslint^4.14.0 and eslint-config-xo^0.19.0, whereas version 3.2.2 used eslint^3.19.0 and eslint-config-xo^0.18.1. This indicates an upgrade to newer versions of ESLint and XO's configuration, potentially incorporating new linting rules and best practices.
Developers should carefully evaluate this change. If your project heavily relies on Prettier integration within eslint-config-rem, version 3.2.2 ensures that workflow, while version 4.0.0 encourages handling code formatting separately potentially providing more flexibility and control in project setup although migrating might require some work for compatibility. Choosing the right version depends on your project’s code formatting strategy and desired level of ESLint rule enforcement. Both versions are MIT licensed, encouraging open use.
All the vulnerabilities related to the version 4.0.0 of the package
Regular Expression Denial of Service in trim
All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
