Eslint-plugin-node versions 3.0.1 and 3.0.2, both authored by Toru Nagashima, provide additional ESLint rules specifically tailored for Node.js development. The core functionality remains consistent between the two versions, focusing on enhancing code quality and adherence to best practices within Node.js environments. Key features delivered by both versions revolve around linting Node.js specific code, helping developers catch potential errors and enforce coding standards. The dependencies, including crucial packages such as "ignore," "minimatch," "object-assign," "resolve," and "semver," are all identical between the two versions, ensuring consistent dependency management and expected behavior. Similarly, the development dependencies, encompassing tools like "codecov," "eslint," "eslint-config-mysticatea," "mocha," and "nyc," suggest a commitment to code quality, testing, and coverage in both versions.
The notable difference between version 3.0.1 and 3.0.2 lies in the release date. Version 3.0.2 was released shortly after 3.0.1, suggesting that version 3.0.2 likely contains minor bug fixes or very specific updates without significant changes in functionality. For developers already using version 3.0.1, upgrading to 3.0.2 is likely a low-risk move that introduces small bugfixes. Both versions maintain peer dependency with ESLint versions >= 2.0.0, so both are compatible with all the latest versions of ESLint.
All the vulnerabilities related to the version 3.0.2 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
