Eslint-plugin-import, a tool ensuring sanity in your JavaScript import statements, released version 1.0.3 shortly after 1.0.2, both versions sharing a similar core. Both versions are designed to work seamlessly with ESLint version 2.x. The core dependencies, including doctrine and babel-runtime, remain consistent, suggesting that the fundamental parsing and runtime support hasn't changed. The developer dependencies are also largely similar, indicating a stable development environment utilizing tools like Chai for testing, Glob for file matching, and Gulp for task automation.
However, a closer look reveals differences in release timing. Version 1.0.3 was released on February 26, 2016, at 12:47:03.144Z, while version 1.0.2 came out earlier that same day at 11:21:32.074Z. This suggests the update in version 1.0.3 was addressing a bug fix or a minor enhancement discovered shortly after the initial 1.0.2 release, without implying any significant new features or breaking changes. For developers, the fact that the core dependencies and dev dependencies are entirely similar indicates that migrating between these two versions should be seamless. Because they occurred so close in time it's possible version 1.0.3 adressed a small bug within version 1.0.2 and users are encouraged to use the latest stable release.
The are not vulnerabilities for the version 1.0.3 of the package eslint-plugin-import
