Babel-eslint: Please update eslint-scope

Created on 12 Jul 2018  路  8Comments  路  Source: babel/babel-eslint

Hi,

About an hour ago [email protected] has been released. This is a hacked version which steals the npm credentials and sends them to remote server.

Relevant discussion:
https://github.com/eslint/eslint-scope/issues/39

Please update to eslint-scope 4.0.0 or pin the version to 3.7.1 since there is not going to be any patch release.

Cheers,
Andrej

Most helpful comment

We (the ESLint team) are working on unpublishing 3.7.2 (it was not published by us, some of our credentials must have been compromised).

As @pronebird noted, we don't plan on publishing anything in the 3.7.x line, so you could pin to 3.7.1 if you're not ready to consume 4.0.0.

Apologies for the inconvenience.

All 8 comments

We (the ESLint team) are working on unpublishing 3.7.2 (it was not published by us, some of our credentials must have been compromised).

As @pronebird noted, we don't plan on publishing anything in the 3.7.x line, so you could pin to 3.7.1 if you're not ready to consume 4.0.0.

Apologies for the inconvenience.

I created #657 to expedite the process. Hopefully that helps.

It will still need a package version bump to make the change public though.

@neverendingqs you probably mean #657. Thanks for this! 馃憤

Dang just woke up, I think we need this for the 8.x branch then as well?

@hzoo not sure if you already use 4.0 in 8.x branch or not. If anything below then yes. On the other side, 3.7.2 has already been unpublished so it may be a little too late :)

Yeah might as well I guess. Did 8.2.6 and 9.0.0-beta.3

@hzoo fun times 馃槃

lol, ya I'm tired.

For reference/resolution: https://twitter.com/geteslint/status/1017509669701603328

Was this page helpful?
0 / 5 - 0 ratings