Fork
mcandre opened this issue · 1 comments
mcandre commented
Given this repository has not been updated in quite some time, and has open security vulnerabilities, I propose that we follow an Apache-compatible license and publish an updated fork to npm as a separate package.
mcandre commented
After waiting for a week for a response to the security reports, I went ahead and started up a "jsfmt2" project.
https://github.com/mcandre/jsfmt2
It's not 100% npm audit passing, but it's a lot better than it was. The few remaining CVE's are rated "Low", in a dependency that hasn't seen much maintenance. (Shall we fork this as well?)