> Previous versions of the package (`^0.2.0`) are vulnerable to major performance defects that behave as DOS in the extension host. Upgrade to `^1.1.0` **ASAP** to prevent this.

If you have discovered a security vulnerability, please email me ASAP.

My email is as recorded in the `author.email` field of `package.json`.