semver security warning

[hildjj]

semver < 7.5.2 has vulnerability due to a ReDoS. You're currently on 6.1.0.

• https://security.snyk.io/package/npm/semver
• GHSA-c2qf-rxjj-qqgw

Please take a look at #345 at the same time.

[SilPho]

If upgrading to Semver 7 isn't possible, there is a V6 backfix available under a different package name:
https://www.npmjs.com/package/@nicolo-ribaudo/semver-v6

Further discussion on backports can be found here:
npm/node-semver#564

[hildjj]

For others following this, I'm switching to https://github.com/eslint-community/eslint-plugin-n#readme wherever I can.

[voxpelli]

Yeah eslint-plugin-n is the maintained version of this module. We switched to it in eg. eslint-config-standard / standard and it is maintained by the official ESLint community organization.