Previous versions of the package (^0.2.0) are vulnerable to major performance defects that behave as DOS in the extension host. Upgrade to ^1.1.0 ASAP to prevent this.

If you have discovered a security vulnerability, please email me ASAP.

My email is as recorded in the author.email field of package.json.