Vulnerability to track resulting from eslint-plugin-import dependency

[silverbackdan]

In case there is a major semver in the eslint-plugin-import I wanted to raise this so we can track the progress and ensure that this dependency vulnerability is resolved.

See: import-js/eslint-plugin-import#2632

The result is that we are using a version of json5 with a high vulnerability. <2.2.2

[silverbackdan]

For now overrides will resolve this in anybody's package.json:

"overrides": {
    "@nuxtjs/eslint-config-typescript": {
      "@nuxtjs/eslint-config": {
        "eslint-plugin-import": {
          "tsconfig-paths": {
            "json5": "^2.2.2"
          }
        }
      }
    }
  }

[atinux]

Is it still relevant with the new @nuxt/eslint-config ?