Eslint-plugin-node versions 4.2.0 and 4.1.0 offer additional ESLint rules tailored for Node.js development, enhancing code quality and consistency. Both versions share the same core dependencies, including "ignore," "minimatch," "object-assign," "resolve," and "semver," ensuring consistent file matching, object handling, module resolution, and version management capabilities. Similarly, the development dependencies remain identical, providing the necessary tools for testing, linting, and coverage reporting, such as "@types/*" packages for type definitions, "codecov" for coverage reports, "eslint" and "eslint-config-mysticatea" for linting, "mocha" for testing, "nyc" for coverage, and utilities like "opener," "rimraf," and "shelljs." The peer dependency, "eslint," remains at ">=3.1.0", indicating compatibility with existing ESLint setups.
A negligible change exists in the release date, with version 4.2.0 being published on March 6, 2017, and version 4.1.0 on February 23, 2017. While the core functionality and developer tooling appear unchanged, the update from 4.1.0 to 4.2.0 likely includes bug fixes, performance improvements, or minor rule adjustments not reflected in the dependency lists. Developers should consult the official changelog or release notes for a comprehensive understanding of the specific changes implemented in version 4.2.0. The package, licensed under MIT, remains under the maintainership of Toru Nagashima, ensuring continued support and updates for Node.js developers leveraging ESLint for code quality.
All the vulnerabilities related to the version 4.2.0 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
