Latest version stills installs htmlhint 0.9.13 which installs also minimatch 0.3.0 with vulnerabilities

[juansaab]

Describe the bug
When I install the latest version of the module I got a warning of security vulnerability

npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

To Reproduce
Steps to reproduce the behavior:

1. Run `npm install htmlhint-loader --save-dev
2. Error appears

Expected behavior
Install the latest version of htmlhint which already uses the correr minimatch package

Screenshots

[codingpierogi]

This is affecting me as well...are there any plans to release an update? I see the Synk PR was merged into master over a year ago but I don't see a corresponding NPM release?

[camiblanch]

I am also wondering about when this package will be updated to resolve security vulnerabilities.

[camiblanch]

@mattlewis92 It's been a few months since my last comment. Are there plans to update this repo in the near future?