Poisoned event-stream dependency #35
Description
This is regarding dominictarr/event-stream#116
save@2.3.2 depends on event-stream@^3.3.4. This has the potential to resolve its dependency on flatmap-stream@^0.1.0 to a version that included the malware.
The dependency version should probably be locked down to 3.3.4 at this time.