tl;dr or ts;cr (too stupid can't read) : Someone at eslint was compromised, this downloads something that gave the attacker your .npmrc, which contains some info, especially if you publish to NPM.
They've revoked tokens, it should be resolved. Just use the latest version.