It has a downstream dep of `electron`, whose current version has a security vulnerability. We're not using `tape-run` at all, so it should just be removed from `package.json`.