Security issues
alexbjorlig opened this issue · comments
This makes me wonder if the library is maintained
Somewhat maintained? If a human checks that a dependency update makes sense, and doesn’t break anything, there should be nothing standing in the way of doing a new release here.
Awesome. I will look into upgrading lodash. It's pretty heavily used, but I guess it could be broken up in smaller steps.
Maybe swapping out with some modern js?
What is the oldest version of node that the library should support?
I’m not sure, at least as far as our team is concerned it’s Node.js 12.4.0. The .travis.yml
tells another story, so doing a major version bump might make sense anyway?
A agree, a major version bump would make sense. At least supporting Node.js 12, maybe even just jump directly to v14?
So, since we’re currently still bound to use Node.js 12, I don’t think our team would accept a bump to Node.js 14 directly :)
Roger - the PR for that is #136, and seems to work fine, also in CI ✅ Ready to merge 😊