Eslint-plugin-import version 1.5.0 introduces no changes in the core dependencies compared to the previous stable version, 1.4.0. Both versions rely on the same fundamental packages for import resolution and static analysis, like es6-map, es6-set, doctrine, es6-symbol, object-assign, and eslint-import-resolver-node. Similarly, the developer dependencies, crucial for contributing to and testing the plugin, remain consistent, including tools like chai for assertions, glob for file matching, gulp for task automation, mocha for test running, and various Babel presets and plugins for transpilation.
The peer dependency on eslint version 2.x is also unchanged, indicating that the core compatibility requirements for the plugin haven't shifted. Essentially, upgrading from 1.4.0 to 1.5.0 offers no upgrade path for crucial dependencies or peer dependencies. This suggests that the changes are primarily focused on bug fixes, internal refactoring, or minor feature enhancements that do not necessitate alterations to the plugin's core dependency stack or peer dependency such as eslint. Developers can likely upgrade with confidence, expecting a seamless transition without breaking changes related to the plugin's dependencies. The consistent use of eslint-import-resolver-node and eslint-import-resolver-webpack via file paths within the project indicates a focus on internal resolver management.
The are not vulnerabilities for the version 1.5.0 of the package eslint-plugin-import
