* Upgrades for NodeJS from 8.11.3 to 8.17.0 and for NPM from 5.6.0 to 6.13=
..4 have merged to mozilla-central.
* Everyone is encouraged to run `mach bootstrap` to upgrade the toolchain o=
n their machine.
* The main security fix that we=E2=80=99re concerned with is in npm, so I=
=E2=80=99ve also set 6.13.4 as the minimum acceptable npm version that mach=
commands will allow. This means that running mach `mach eslint =E2=80=94s=
etup` will abort until you upgrade your npm (i.e. you run `mach bootstrap`=
, in most cases).
https://bugzilla.mozilla.org/show_bug.cgi?id=3D1604295 has more details.