diff --git a/src/hello.chromeapp.js b/src/hello.chromeapp.js
index b252a358..3cc6ff8c 100644
--- a/src/hello.chromeapp.js
+++ b/src/hello.chromeapp.js
@@ -33,7 +33,7 @@ if (typeof chrome === 'object' && typeof chrome.identity === 'object' && chrome.
 		};
 
 		// Swap the storage method
-		var _cache = {};
+		let _cache = {};
 		chrome.storage.local.get('hello', function(r) {
 			// Update the cache
 			_cache = r.hello || {};
@@ -70,7 +70,7 @@ if (typeof chrome === 'object' && typeof chrome.identity === 'object' && chrome.
 		function _open(url, interactive) {
 
 			// Launch
-			var ref = {
+			const ref = {
 				closed: false
 			};
 
@@ -87,11 +87,11 @@ if (typeof chrome === 'object' && typeof chrome.identity === 'object' && chrome.
 				}
 
 				// Split appart the URL
-				var a = hello.utils.url(responseUrl);
+				const a = hello.utils.url(responseUrl);
 
 				// The location can be augmented in to a location object like so...
 				// We dont have window operations on the popup so lets create some
-				var _popup = {
+				const _popup = {
 					location: {
 
 						// Change the location of the popup
diff --git a/src/hello.js b/src/hello.js
index a310208e..24dc3427 100644
--- a/src/hello.js
+++ b/src/hello.js
@@ -10,7 +10,7 @@
  * @license MIT: You are free to use and modify this code for any use, on the condition that this copyright notice remains.
  */
 
-var hello = function(name) {
+const hello = function(name) {
 	return hello.use(name);
 };
 
@@ -25,7 +25,7 @@ hello.utils = {
 				Array.prototype.push.apply(r, a);
 			}
 			else if (r && (r instanceof Object || typeof r === 'object') && a && (a instanceof Object || typeof a === 'object') && r !== a) {
-				for (var x in a) {
+				for (const x in a) {
 					// Prevent prototype pollution
 					if (x === '__proto__' || x === 'constructor') {
 						continue;
@@ -114,7 +114,7 @@ hello.utils.extend(hello, {
 	use: function(service) {
 
 		// Create self, which inherits from its parent
-		var self = Object.create(this);
+		const self = Object.create(this);
 
 		// Inherit the prototype from its parent
 		self.settings = Object.create(this.settings);
@@ -137,7 +137,7 @@ hello.utils.extend(hello, {
 	// @param number timeout, timeout in seconds
 	init: function(services, options) {
 
-		var utils = this.utils;
+		const utils = this.utils;
 
 		if (!services) {
 			return this.services;
@@ -145,7 +145,7 @@ hello.utils.extend(hello, {
 
 		// Define provider credentials
 		// Reformat the ID field
-		for (var x in services) {if (services.hasOwnProperty(x)) {
+		for (const x in services) {if (services.hasOwnProperty(x)) {
 			if (typeof (services[x]) !== 'object') {
 				services[x] = {id: services[x]};
 			}
@@ -175,22 +175,22 @@ hello.utils.extend(hello, {
 	login: function() {
 
 		// Create an object which inherits its parent as the prototype and constructs a new event chain.
-		var _this = this;
-		var utils = _this.utils;
-		var error = utils.error;
-		var promise = utils.Promise();
+		const _this = this;
+		const utils = _this.utils;
+		const error = utils.error;
+		const promise = utils.Promise();
 
 		// Get parameters
-		var p = utils.args({network: 's', options: 'o', callback: 'f'}, arguments);
+		const p = utils.args({network: 's', options: 'o', callback: 'f'}, arguments);
 
 		// Local vars
-		var url;
+		let url;
 
 		// Get all the custom options and store to be appended to the querystring
-		var qs = utils.diffKey(p.options, _this.settings);
+		const qs = utils.diffKey(p.options, _this.settings);
 
 		// Merge/override options with app defaults
-		var opts = p.options = utils.merge(_this.settings, p.options || {});
+		const opts = p.options = utils.merge(_this.settings, p.options || {});
 
 		// Merge/override options with app defaults
 		opts.popup = utils.merge(_this.settings.popup, p.options.popup || {});
@@ -215,10 +215,10 @@ hello.utils.extend(hello, {
 			return promise.reject(error('invalid_network', 'The provided network was not recognized'));
 		}
 
-		var provider = _this.services[p.network];
+		const provider = _this.services[p.network];
 
 		// Create a global listener to capture events triggered out of scope
-		var callbackId = utils.globalEvent(function(obj) {
+		const callbackId = utils.globalEvent(function(obj) {
 
 			// The responseHandler returns a string, lets save this locally
 			if (obj) {
@@ -250,10 +250,10 @@ hello.utils.extend(hello, {
 			}
 		});
 
-		var redirectUri = utils.url(opts.redirect_uri).href;
+		const redirectUri = utils.url(opts.redirect_uri).href;
 
 		// May be a space-delimited list of multiple, complementary types
-		var responseType = provider.oauth.response_type || opts.response_type;
+		let responseType = provider.oauth.response_type || opts.response_type;
 
 		// Fallback to token if the module hasn't defined a grant url
 		if (/\bcode\b/.test(responseType) && !provider.oauth.grant) {
@@ -276,18 +276,18 @@ hello.utils.extend(hello, {
 		});
 
 		// Get current session for merging scopes, and for quick auth response
-		var session = utils.store(p.network);
+		const session = utils.store(p.network);
 
 		// Scopes (authentication permisions)
 		// Ensure this is a string - IE has a problem moving Arrays between windows
 		// Append the setup scope
-		var SCOPE_SPLIT = /[,\s]+/;
+		const SCOPE_SPLIT = /[,\s]+/;
 
 		// Include default scope settings (cloned).
-		var scope = _this.settings.scope ? [_this.settings.scope.toString()] : [];
+		let scope = _this.settings.scope ? [_this.settings.scope.toString()] : [];
 
 		// Extend the providers scope list with the default
-		var scopeMap = utils.merge(_this.settings.scope_map, provider.scope || {});
+		const scopeMap = utils.merge(_this.settings.scope_map, provider.scope || {});
 
 		// Add user defined scopes...
 		if (opts.scope) {
@@ -331,7 +331,7 @@ hello.utils.extend(hello, {
 
 			if (session && 'access_token' in session && session.access_token && 'expires' in session && session.expires > ((new Date()).getTime() / 1e3)) {
 				// What is different about the scopes in the session vs the scopes in the new login?
-				var diff = utils.diff((session.scope || '').split(SCOPE_SPLIT), (p.qs.state.scope || '').split(SCOPE_SPLIT));
+				const diff = utils.diff((session.scope || '').split(SCOPE_SPLIT), (p.qs.state.scope || '').split(SCOPE_SPLIT));
 				if (diff.length === 0) {
 
 					// OK trigger the callback
@@ -415,14 +415,14 @@ hello.utils.extend(hello, {
 		// Triggering popup?
 		else if (opts.display === 'popup') {
 
-			var popup = utils.popup(url, redirectUri, opts.popup);
+			const popup = utils.popup(url, redirectUri, opts.popup);
 
-			var timer = setInterval(function() {
+			const timer = setInterval(function() {
 				if (!popup || popup.closed) {
 					clearInterval(timer);
 					if (!promise.state) {
 
-						var response = error('cancelled', 'Login has been cancelled');
+						let response = error('cancelled', 'Login has been cancelled');
 
 						if (!popup) {
 							response = error('blocked', 'Popup was blocked');
@@ -452,14 +452,14 @@ hello.utils.extend(hello, {
 	// @param function callback
 	logout: function() {
 
-		var _this = this;
-		var utils = _this.utils;
-		var error = utils.error;
+		const _this = this;
+		const utils = _this.utils;
+		const error = utils.error;
 
 		// Create a new promise
-		var promise = utils.Promise();
+		const promise = utils.Promise();
 
-		var p = utils.args({name: 's', options: 'o', callback: 'f'}, arguments);
+		const p = utils.args({name: 's', options: 'o', callback: 'f'}, arguments);
 
 		p.options = p.options || {};
 
@@ -485,7 +485,7 @@ hello.utils.extend(hello, {
 		else if (p.name && p.authResponse) {
 
 			// Define the callback
-			var callback = function(opts) {
+			const callback = function(opts) {
 
 				// Remove from the store
 				utils.store(p.name, null);
@@ -495,9 +495,9 @@ hello.utils.extend(hello, {
 			};
 
 			// Run an async operation to remove the users session
-			var _opts = {};
+			const _opts = {};
 			if (p.options.force) {
-				var logout = _this.services[p.name].logout;
+				let logout = _this.services[p.name].logout;
 				if (logout) {
 					// Convert logout to URL string,
 					// If no string is returned, then this function will handle the logout async style
@@ -570,9 +570,9 @@ hello.utils.extend(hello.utils, {
 			formatFunction = formatFunction || encodeURIComponent;
 
 			// Override the items in the URL which already exist
-			for (var x in params) {
-				var str = '([\\?\\&])' + x + '=[^\\&]*';
-				var reg = new RegExp(str);
+			for (const x in params) {
+				const str = '([\\?\\&])' + x + '=[^\\&]*';
+				const reg = new RegExp(str);
 				if (url.match(reg)) {
 					url = url.replace(reg, '$1' + x + '=' + formatFunction(params[x]));
 					delete params[x];
@@ -591,9 +591,9 @@ hello.utils.extend(hello.utils, {
 	// Explode/encode the parameters of an URL string/object
 	// @param string s, string to decode
 	param: function(s, formatFunction) {
-		var b;
-		var a = {};
-		var m;
+		let b;
+		let a = {};
+		let m;
 
 		if (typeof (s) === 'string') {
 
@@ -601,7 +601,7 @@ hello.utils.extend(hello.utils, {
 
 			m = s.replace(/^[\#\?]/, '').match(/([^=\/\&]+)=([^\&]+)/g);
 			if (m) {
-				for (var i = 0; i < m.length; i++) {
+				for (let i = 0; i < m.length; i++) {
 					b = m[i].match(/([^=]+)=(.*)/);
 					a[b[1]] = formatFunction(b[2]);
 				}
@@ -613,11 +613,11 @@ hello.utils.extend(hello.utils, {
 
 			formatFunction = formatFunction || encodeURIComponent;
 
-			var o = s;
+			const o = s;
 
 			a = [];
 
-			for (var x in o) {if (o.hasOwnProperty(x)) {
+			for (const x in o) {if (o.hasOwnProperty(x)) {
 				if (o.hasOwnProperty(x)) {
 					a.push([x, o[x] === '?' ? '?' : formatFunction(o[x])].join('='));
 				}
@@ -630,12 +630,12 @@ hello.utils.extend(hello.utils, {
 	// Local storage facade
 	store: (function() {
 
-		var a = ['localStorage', 'sessionStorage'];
-		var i = -1;
-		var prefix = 'test';
+		const a = ['localStorage', 'sessionStorage'];
+		let i = -1;
+		const prefix = 'test';
 
 		// Set LocalStorage
-		var localStorage;
+		let localStorage;
 
 		while (a[++i]) {
 			try {
@@ -652,14 +652,14 @@ hello.utils.extend(hello.utils, {
 
 		if (!localStorage) {
 
-			var cache = null;
+			let cache = null;
 
 			localStorage = {
 				getItem: function(prop) {
 					prop = prop + '=';
-					var m = document.cookie.split(';');
-					for (var i = 0; i < m.length; i++) {
-						var _m = m[i].replace(/(^\s+|\s+$)/, '');
+					const m = document.cookie.split(';');
+					for (let i = 0; i < m.length; i++) {
+						const _m = m[i].replace(/(^\s+|\s+$)/, '');
 						if (_m && _m.indexOf(prop) === 0) {
 							return _m.substr(prop.length);
 						}
@@ -679,7 +679,7 @@ hello.utils.extend(hello.utils, {
 		}
 
 		function get() {
-			var json = {};
+			let json = {};
 			try {
 				json = JSON.parse(localStorage.getItem('hello')) || {};
 			}
@@ -696,7 +696,7 @@ hello.utils.extend(hello.utils, {
 		return function(name, value, days) {
 
 			// Local storage
-			var json = get();
+			const json = get();
 
 			if (name && value === undefined) {
 				return json[name] || null;
@@ -729,16 +729,16 @@ hello.utils.extend(hello.utils, {
 	// @param dom/string
 	append: function(node, attr, target) {
 
-		var n = typeof (node) === 'string' ? document.createElement(node) : node;
+		const n = typeof (node) === 'string' ? document.createElement(node) : node;
 
 		if (typeof (attr) === 'object') {
 			if ('tagName' in attr) {
 				target = attr;
 			}
 			else {
-				for (var x in attr) {if (attr.hasOwnProperty(x)) {
+				for (const x in attr) {if (attr.hasOwnProperty(x)) {
 					if (typeof (attr[x]) === 'object') {
-						for (var y in attr[x]) {if (attr[x].hasOwnProperty(y)) {
+						for (const y in attr[x]) {if (attr[x].hasOwnProperty(y)) {
 							n[x][y] = attr[x][y];
 						}}
 					}
@@ -786,7 +786,7 @@ hello.utils.extend(hello.utils, {
 	// Recursive merge two objects into one, second parameter overides the first
 	// @param a array
 	merge: function(/* Args: a, b, c, .. n */) {
-		var args = Array.prototype.slice.call(arguments);
+		const args = Array.prototype.slice.call(arguments);
 		args.unshift({});
 		return this.extend.apply(null, args);
 	},
@@ -796,10 +796,10 @@ hello.utils.extend(hello.utils, {
 	// @param a arguments
 	args: function(o, args) {
 
-		var p = {};
-		var i = 0;
-		var t = null;
-		var x = null;
+		const p = {};
+		let i = 0;
+		let t = null;
+		let x = null;
 
 		// 'x' is the first key in the list of object parameters
 		for (x in o) {if (o.hasOwnProperty(x)) {
@@ -861,7 +861,7 @@ hello.utils.extend(hello.utils, {
 
 		// Ugly shim, it works!
 		else {
-			var a = document.createElement('a');
+			const a = document.createElement('a');
 			a.href = path;
 			return a.cloneNode(false);
 		}
@@ -876,8 +876,8 @@ hello.utils.extend(hello.utils, {
 	// Get the different hash of properties unique to `a`, and not in `b`
 	diffKey: function(a, b) {
 		if (a || !b) {
-			var r = {};
-			for (var x in a) {
+			const r = {};
+			for (const x in a) {
 				// Does the property not exist?
 				if (!(x in b)) {
 					r[x] = a[x];
@@ -914,7 +914,7 @@ hello.utils.extend(hello.utils, {
 		}
 		else if (typeof (obj) === 'object') {
 			// Object
-			for (var key in obj) {
+			for (const key in obj) {
 				if (obj.hasOwnProperty(key)) {
 					return false;
 				}
@@ -934,12 +934,12 @@ hello.utils.extend(hello.utils, {
 	 */
 	Promise: (function() {
 		/*  promise states [Promises/A+ 2.1]  */
-		var STATE_PENDING = 0; /*  [Promises/A+ 2.1.1]  */
-		var STATE_FULFILLED = 1; /*  [Promises/A+ 2.1.2]  */
-		var STATE_REJECTED = 2; /*  [Promises/A+ 2.1.3]  */
+		const STATE_PENDING = 0; /*  [Promises/A+ 2.1.1]  */
+		const STATE_FULFILLED = 1; /*  [Promises/A+ 2.1.2]  */
+		const STATE_REJECTED = 2; /*  [Promises/A+ 2.1.3]  */
 
 		/*  promise object constructor  */
-		var api = function(executor) {
+		let api = function(executor) {
 			/*  optionally support non-constructor/plain-function call  */
 			if (!(this instanceof api))
 				return new api(executor);
@@ -970,8 +970,8 @@ hello.utils.extend(hello.utils, {
 
 			/*  "The then Method" [Promises/A+ 1.1, 1.2, 2.2]  */
 			then: function(onFulfilled, onRejected) {
-				var curr = this;
-				var next = new api(); /*  [Promises/A+ 2.2.7]  */
+				const curr = this;
+				const next = new api(); /*  [Promises/A+ 2.2.7]  */
 				curr.onFulfilled.push(
 					resolver(onFulfilled, next, "fulfill")); /*  [Promises/A+ 2.2.2/2.2.6]  */
 				curr.onRejected.push(
@@ -982,7 +982,7 @@ hello.utils.extend(hello.utils, {
 		};
 
 		/*  deliver an action  */
-		var deliver = function(curr, state, name, value) {
+		let deliver = function(curr, state, name, value) {
 			if (curr.state === STATE_PENDING) {
 				curr.state = state; /*  [Promises/A+ 2.1.2.1, 2.1.3.1]  */
 				curr[name] = value; /*  [Promises/A+ 2.1.2.2, 2.1.3.2]  */
@@ -992,7 +992,7 @@ hello.utils.extend(hello.utils, {
 		};
 
 		/*  execute all handlers  */
-		var execute = function(curr) {
+		const execute = function(curr) {
 			if (curr.state === STATE_FULFILLED)
 				execute_handlers(curr, "onFulfilled", curr.fulfillValue);
 			else if (curr.state === STATE_REJECTED)
@@ -1000,7 +1000,7 @@ hello.utils.extend(hello.utils, {
 		};
 
 		/*  execute particular set of handlers  */
-		var execute_handlers = function(curr, name, value) {
+		const execute_handlers = function(curr, name, value) {
 			/* global process: true */
 			/* global setImmediate: true */
 			/* global setTimeout: true */
@@ -1010,10 +1010,10 @@ hello.utils.extend(hello.utils, {
 				return;
 
 			/*  iterate over all handlers, exactly once  */
-			var handlers = curr[name];
+			const handlers = curr[name];
 			curr[name] = []; /*  [Promises/A+ 2.2.2.3, 2.2.3.3]  */
-			var func = function() {
-				for (var i = 0; i < handlers.length; i++)
+			const func = function() {
+				for (let i = 0; i < handlers.length; i++)
 					handlers[i](value); /*  [Promises/A+ 2.2.5]  */
 			};
 
@@ -1027,12 +1027,12 @@ hello.utils.extend(hello.utils, {
 		};
 
 		/*  generate a resolver function  */
-		var resolver = function(cb, next, method) {
+		const resolver = function(cb, next, method) {
 			return function(value) {
 				if (typeof cb !== "function") /*  [Promises/A+ 2.2.1, 2.2.7.3, 2.2.7.4]  */
 					next[method].call(next, value); /*  [Promises/A+ 2.2.7.3, 2.2.7.4]  */
 				else {
-					var result;
+					let result;
 					try { result = cb(value); } /*  [Promises/A+ 2.2.2.1, 2.2.3.1, 2.2.5, 3.2]  */
 					catch (e) {
 						next.reject(e); /*  [Promises/A+ 2.2.7.2]  */
@@ -1044,7 +1044,7 @@ hello.utils.extend(hello.utils, {
 		};
 
 		/*  "Promise Resolution Procedure"  */ /*  [Promises/A+ 2.3]  */
-		var resolve = function(promise, x) {
+		const resolve = function(promise, x) {
 			/*  sanity check arguments  */ /*  [Promises/A+ 2.3.1]  */
 			if (promise === x || promise.proxy === x) {
 				promise.reject(new TypeError("cannot resolve promise with itself"));
@@ -1053,7 +1053,7 @@ hello.utils.extend(hello.utils, {
 
 			/*  surgically check for a "then" method
 				(mainly to just call the "getter" of "then" only once)  */
-			var then;
+			let then;
 			if ((typeof x === "object" && x !== null) || typeof x === "function") {
 				try { then = x.then; } /*  [Promises/A+ 2.3.3.1, 3.5]  */
 				catch (e) {
@@ -1065,7 +1065,7 @@ hello.utils.extend(hello.utils, {
 			/*  handle own Thenables    [Promises/A+ 2.3.2]
 				and similar "thenables" [Promises/A+ 2.3.3]  */
 			if (typeof then === "function") {
-				var resolved = false;
+				const resolved = false;
 				try {
 					/*  call retrieved "then" method */ /*  [Promises/A+ 2.3.3.3]  */
 					then.call(x,
@@ -1106,7 +1106,7 @@ hello.utils.extend(hello.utils, {
 	// A contructor superclass for adding event menthods, on, off, emit.
 	Event: function() {
 
-		var separator = /[\s\,]+/;
+		const separator = /[\s\,]+/;
 
 		// If this doesn't support getPrototype then we can't get prototype.events of the parent
 		// So lets get the current instance events, and add those to a parent property
@@ -1125,8 +1125,8 @@ hello.utils.extend(hello.utils, {
 		this.on = function(evt, callback) {
 
 			if (callback && typeof (callback) === 'function') {
-				var a = evt.split(separator);
-				for (var i = 0; i < a.length; i++) {
+				const a = evt.split(separator);
+				for (let i = 0; i < a.length; i++) {
 
 					// Has this event already been fired on this instance?
 					this.events[a[i]] = [callback].concat(this.events[a[i]] || []);
@@ -1155,11 +1155,11 @@ hello.utils.extend(hello.utils, {
 		this.emit = function(evt /*, data, ... */) {
 
 			// Get arguments as an Array, knock off the first one
-			var args = Array.prototype.slice.call(arguments, 1);
+			const args = Array.prototype.slice.call(arguments, 1);
 			args.push(evt);
 
 			// Handler
-			var handler = function(name, index) {
+			const handler = function(name, index) {
 
 				// Replace the last property with the event name
 				args[args.length - 1] = (name === '*' ? evt : name);
@@ -1169,7 +1169,7 @@ hello.utils.extend(hello.utils, {
 			};
 
 			// Find the callbacks which match the condition and call
-			var _this = this;
+			let _this = this;
 			while (_this && _this.findEvents) {
 
 				// Find events which match
@@ -1183,8 +1183,8 @@ hello.utils.extend(hello.utils, {
 		//
 		// Easy functions
 		this.emitAfter = function() {
-			var _this = this;
-			var args = arguments;
+			const _this = this;
+			const args = arguments;
 			setTimeout(function() {
 				_this.emit.apply(_this, args);
 			}, 0);
@@ -1194,13 +1194,13 @@ hello.utils.extend(hello.utils, {
 
 		this.findEvents = function(evt, callback) {
 
-			var a = evt.split(separator);
+			const a = evt.split(separator);
 
-			for (var name in this.events) {if (this.events.hasOwnProperty(name)) {
+			for (const name in this.events) {if (this.events.hasOwnProperty(name)) {
 
 				if (a.indexOf(name) > -1) {
 
-					for (var i = 0; i < this.events[name].length; i++) {
+					for (let i = 0; i < this.events[name].length; i++) {
 
 						// Does the event handler exist?
 						if (this.events[name][i]) {
@@ -1242,28 +1242,28 @@ hello.utils.extend(hello.utils, {
 	// This has been augmented to support PhoneGap
 	popup: function(url, redirectUri, options) {
 
-		var documentElement = document.documentElement;
+		const documentElement = document.documentElement;
 
 		// Multi Screen Popup Positioning (http://stackoverflow.com/a/16861050)
 		// Credit: http://www.xtf.dk/2011/08/center-new-popup-window-even-on.html
 		// Fixes dual-screen position                         Most browsers      Firefox
 
 		if (options.height && options.top === undefined) {
-			var dualScreenTop = window.screenTop !== undefined ? window.screenTop : screen.top;
-			var height = screen.height || window.innerHeight || documentElement.clientHeight;
+			const dualScreenTop = window.screenTop !== undefined ? window.screenTop : screen.top;
+			const height = screen.height || window.innerHeight || documentElement.clientHeight;
 			options.top = parseInt((height - options.height) / 2, 10) + dualScreenTop;
 		}
 
 		if (options.width && options.left === undefined) {
-			var dualScreenLeft = window.screenLeft !== undefined ? window.screenLeft : screen.left;
-			var width = screen.width || window.innerWidth || documentElement.clientWidth;
+			const dualScreenLeft = window.screenLeft !== undefined ? window.screenLeft : screen.left;
+			const width = screen.width || window.innerWidth || documentElement.clientWidth;
 			options.left = parseInt((width - options.width) / 2, 10) + dualScreenLeft;
 		}
 
 		// Convert options into an array
-		var optionsArray = [];
+		const optionsArray = [];
 		Object.keys(options).forEach(function(name) {
-			var value = options[name];
+			const value = options[name];
 			optionsArray.push(name + (value !== null ? '=' + value : ''));
 		});
 
@@ -1280,7 +1280,7 @@ hello.utils.extend(hello.utils, {
 			url = redirectUri + '#oauth_redirect=' + encodeURIComponent(encodeURIComponent(url));
 		}
 
-		var popup = window.open(
+		const popup = window.open(
 			url,
 			'_blank',
 			optionsArray.join(',')
@@ -1296,9 +1296,9 @@ hello.utils.extend(hello.utils, {
 	// OAuth and API response handler
 	responseHandler: function(window, parent) {
 
-		var _this = this;
-		var p;
-		var location = window.location;
+		const _this = this;
+		let p;
+		const location = window.location;
 
 		// Is this an auth relay message which needs to call the proxy?
 		p = _this.param(location.search);
@@ -1307,13 +1307,13 @@ hello.utils.extend(hello.utils, {
 		if (p && p.state && (p.code || p.oauth_token)) {
 
 			try {
-				var state = JSON.parse(p.state);
+				const state = JSON.parse(p.state);
 
 				// Add this path as the redirect_uri
 				p.redirect_uri = state.redirect_uri || location.href.replace(/[\?\#].*$/, '');
 
 				// Redirect to the host
-				var path = _this.qs(state.oauth_proxy, p);
+				const path = _this.qs(state.oauth_proxy, p);
 
 
 				if (isValidUrl(path)) {
@@ -1342,13 +1342,13 @@ hello.utils.extend(hello.utils, {
 			// Remove any addition information
 			// E.g. p.state = 'facebook.page';
 			try {
-				var a = JSON.parse(p.state);
+				const a = JSON.parse(p.state);
 				_this.extend(p, a);
 			}
 			catch (e) {
-				var stateDecoded = decodeURIComponent(p.state);
+				const stateDecoded = decodeURIComponent(p.state);
 				try {
-					var b = JSON.parse(stateDecoded);
+					const b = JSON.parse(stateDecoded);
 					_this.extend(p, b);
 				}
 				catch (e) {
@@ -1390,7 +1390,7 @@ hello.utils.extend(hello.utils, {
 			else if (p.callback && p.callback in parent) {
 
 				// Trigger a function in the parent
-				var res = 'result' in p && p.result ? JSON.parse(p.result) : false;
+				const res = 'result' in p && p.result ? JSON.parse(p.result) : false;
 
 				// Trigger the callback on the parent
 				callback(parent, p.callback)(res);
@@ -1407,7 +1407,7 @@ hello.utils.extend(hello.utils, {
 		// (URI Fragments within 302 Location URI are lost over HTTPS)
 		// Loading the redirect.html before triggering the OAuth Flow seems to fix it.
 		else if ('oauth_redirect' in p) {
-			var url = decodeURIComponent(p.oauth_redirect);
+			const url = decodeURIComponent(p.oauth_redirect);
 
 			if (isValidUrl(url)) {
 				location.assign(url);
@@ -1417,7 +1417,7 @@ hello.utils.extend(hello.utils, {
 		}
 
 		function isValidUrl(url) {
-			var regexp = /^https?:/;
+			const regexp = /^https?:/;
 			return regexp.test(url)
 
 				// If `HELLOJS_REDIRECT_URL` is defined in the window context, validate that the URL matches it.
@@ -1431,8 +1431,8 @@ hello.utils.extend(hello.utils, {
 		// Trigger a callback to authenticate
 		function authCallback(obj, window, parent) {
 
-			var cb = obj.callback;
-			var network = obj.network;
+			const cb = obj.callback;
+			const network = obj.network;
 
 			// Trigger the callback on the parent
 			_this.store(network, obj);
@@ -1456,7 +1456,7 @@ hello.utils.extend(hello.utils, {
 				// Call the globalEvent function on the parent
 				// It's safer to pass back a string to the parent,
 				// Rather than an object/array (better for IE8)
-				var str = JSON.stringify(obj);
+				const str = JSON.stringify(obj);
 
 				try {
 					callback(parent, cb)(str);
@@ -1516,10 +1516,10 @@ hello.utils.Event.call(hello);
 (function(hello) {
 
 	// Monitor for a change in state and fire
-	var oldSessions = {};
+	const oldSessions = {};
 
 	// Hash of expired tokens
-	var expired = {};
+	const expired = {};
 
 	// Listen to other triggers to Auth events, use these to update this
 	hello.on('auth.login, auth.logout', function(auth) {
@@ -1530,8 +1530,8 @@ hello.utils.Event.call(hello);
 
 	(function self() {
 
-		var CURRENT_TIME = ((new Date()).getTime() / 1e3);
-		var emit = function(eventName) {
+		const CURRENT_TIME = ((new Date()).getTime() / 1e3);
+		const emit = function(eventName) {
 			hello.emit('auth.' + eventName, {
 				network: name,
 				authResponse: session
@@ -1539,7 +1539,7 @@ hello.utils.Event.call(hello);
 		};
 
 		// Loop through the services
-		for (var name in hello.services) {if (hello.services.hasOwnProperty(name)) {
+		for (const name in hello.services) {if (hello.services.hasOwnProperty(name)) {
 
 			if (!hello.services[name].id) {
 				// We haven't attached an ID so dont listen.
@@ -1548,14 +1548,14 @@ hello.utils.Event.call(hello);
 
 			// Get session
 			var session = hello.utils.store(name) || {};
-			var provider = hello.services[name];
-			var oldSess = oldSessions[name] || {};
+			const provider = hello.services[name];
+			const oldSess = oldSessions[name] || {};
 
 			// Listen for globalEvents that did not get triggered from the child
 			if (session && 'callback' in session) {
 
 				// To do remove from session object...
-				var cb = session.callback;
+				const cb = session.callback;
 				try {
 					delete session.callback;
 				}
@@ -1577,7 +1577,7 @@ hello.utils.Event.call(hello);
 
 				// If auto refresh is possible
 				// Either the browser supports
-				var refresh = provider.refresh || session.refresh_token;
+				const refresh = provider.refresh || session.refresh_token;
 
 				// Has the refresh been run recently?
 				if (refresh && (!(name in expired) || expired[name] < CURRENT_TIME)) {
@@ -1651,15 +1651,15 @@ hello.utils.Event.call(hello);
 hello.api = function() {
 
 	// Shorthand
-	var _this = this;
-	var utils = _this.utils;
-	var error = utils.error;
+	const _this = this;
+	const utils = _this.utils;
+	const error = utils.error;
 
 	// Construct a new Promise object
-	var promise = utils.Promise();
+	const promise = utils.Promise();
 
 	// Arguments
-	var p = utils.args({path: 's!', query: 'o', method: 's', data: 'o', timeout: 'i', callback: 'f'}, arguments);
+	const p = utils.args({path: 's!', query: 'o', method: 's', data: 'o', timeout: 'i', callback: 'f'}, arguments);
 
 	// Method
 	p.method = (p.method || 'get').toLowerCase();
@@ -1676,7 +1676,7 @@ hello.api = function() {
 		p.data = {};
 	}
 
-	var data = p.data = p.data || {};
+	const data = p.data = p.data || {};
 
 	// Completed event callback
 	promise.then(p.callback, p.callback);
@@ -1688,18 +1688,18 @@ hello.api = function() {
 	}
 
 	p.path = p.path.replace(/^\/+/, '');
-	var a = (p.path.split(/[\/\:]/, 2) || [])[0].toLowerCase();
+	const a = (p.path.split(/[\/\:]/, 2) || [])[0].toLowerCase();
 
 	if (a in _this.services) {
 		p.network = a;
-		var reg = new RegExp('^' + a + ':?\/?');
+		const reg = new RegExp('^' + a + ':?\/?');
 		p.path = p.path.replace(reg, '');
 	}
 
 	// Network & Provider
 	// Define the network that this request is made for
 	p.network = _this.settings.default_service = p.network || _this.settings.default_service;
-	var o = _this.services[p.network];
+	const o = _this.services[p.network];
 
 	// INVALID
 	// Is there no service by the given network name?
@@ -1745,8 +1745,8 @@ hello.api = function() {
 		p.query.access_token = p.authResponse.access_token;
 	}
 
-	var url = p.path;
-	var m;
+	let url = p.path;
+	let m;
 
 	// Store the query as options
 	// This is used to populate the request object before the data is augmented by the prewrap handlers.
@@ -1759,14 +1759,14 @@ hello.api = function() {
 
 	// URL Mapping
 	// Is there a map for the given URL?
-	var actions = o[{'delete': 'del'}[p.method] || p.method] || {};
+	const actions = o[{'delete': 'del'}[p.method] || p.method] || {};
 
 	// Extrapolate the QueryString
 	// Provide a clean path
 	// Move the querystring into the data
 	if (p.method === 'get') {
 
-		var query = url.split(/[\?#]/)[1];
+		const query = url.split(/[\?#]/)[1];
 		if (query) {
 			utils.extend(p.query, utils.param(query));
 
@@ -1817,7 +1817,7 @@ hello.api = function() {
 
 		// Format the string if it needs it
 		url = url.replace(/\@\{([a-z\_\-]+)(\|.*?)?\}/gi, function(m, key, defaults) {
-			var val = defaults ? defaults.replace(/^\|/, '') : '';
+			let val = defaults ? defaults.replace(/^\|/, '') : '';
 			if (key in p.query) {
 				val = p.query[key];
 				delete p.query[key];
@@ -1876,11 +1876,11 @@ hello.api = function() {
 			// FORMAT RESPONSE?
 			// Does self request have a corresponding formatter
 			if (o.wrap && ((p.path in o.wrap) || ('default' in o.wrap))) {
-				var wrap = (p.path in o.wrap ? p.path : 'default');
-				var time = (new Date()).getTime();
+				const wrap = (p.path in o.wrap ? p.path : 'default');
+				const time = (new Date()).getTime();
 
 				// FORMAT RESPONSE
-				var b = o.wrap[wrap](r, headers, p);
+				const b = o.wrap[wrap](r, headers, p);
 
 				// Has the response been utterly overwritten?
 				// Typically self augments the existing object.. but for those rare occassions
@@ -1921,8 +1921,8 @@ hello.utils.extend(hello.utils, {
 	// Make an HTTP request
 	request: function(p, callback) {
 
-		var _this = this;
-		var error = _this.error;
+		const _this = this;
+		const error = _this.error;
 
 		// This has to go through a POST request
 		if (!_this.isEmpty(p.data) && !('FileList' in window) && _this.hasBinary(p.data)) {
@@ -1933,7 +1933,7 @@ hello.utils.extend(hello.utils, {
 		}
 
 		// Check if the browser and service support CORS
-		var cors = this.request_cors(function() {
+		const cors = this.request_cors(function() {
 			// If it does then run this...
 			return ((p.xhr === undefined) || (p.xhr && (typeof (p.xhr) !== 'function' || p.xhr(p, p.query))));
 		});
@@ -1942,7 +1942,7 @@ hello.utils.extend(hello.utils, {
 
 			formatUrl(p, function(url) {
 
-				var x = _this.xhr(p.method, url, p.headers, p.data, callback);
+				const x = _this.xhr(p.method, url, p.headers, p.data, callback);
 				x.onprogress = p.onprogress || null;
 
 				// Windows Phone does not support xhr.upload, see #74
@@ -1958,7 +1958,7 @@ hello.utils.extend(hello.utils, {
 
 		// Clone the query object
 		// Each request modifies the query object and needs to be tared after each one.
-		var _query = p.query;
+		const _query = p.query;
 
 		p.query = _this.clone(p.query);
 
@@ -2000,7 +2000,7 @@ hello.utils.extend(hello.utils, {
 			p.query.redirect_uri = p.redirect_uri;
 			p.query.state = JSON.stringify({callback: p.callbackID});
 
-			var opts;
+			let opts;
 
 			if (typeof (p.form) === 'function') {
 
@@ -2029,7 +2029,7 @@ hello.utils.extend(hello.utils, {
 		function formatUrl(p, callback) {
 
 			// Are we signing the request?
-			var sign;
+			let sign;
 
 			// OAuth1
 			// Remove the token from the query before signing
@@ -2053,7 +2053,7 @@ hello.utils.extend(hello.utils, {
 			}
 
 			// Construct the path
-			var path = _this.qs(p.url, p.query);
+			let path = _this.qs(p.url, p.query);
 
 			// Proxy the request through a server
 			// Used for signing OAuth1
@@ -2082,7 +2082,7 @@ hello.utils.extend(hello.utils, {
 
 	// Return the type of DOM object
 	domInstance: function(type, data) {
-		var test = 'HTML' + (type || '').replace(
+		const test = 'HTML' + (type || '').replace(
 			/^[a-z]/,
 			function(m) {
 				return m.toUpperCase();
@@ -2118,8 +2118,8 @@ hello.utils.extend(hello.utils, {
 		}
 
 		// But does clone everything else.
-		var clone = {};
-		for (var x in obj) {
+		const clone = {};
+		for (const x in obj) {
 			clone[x] = this.clone(obj[x]);
 		}
 
@@ -2129,11 +2129,11 @@ hello.utils.extend(hello.utils, {
 	// XHR: uses CORS to make requests
 	xhr: function(method, url, headers, data, callback) {
 
-		var r = new XMLHttpRequest();
-		var error = this.error;
+		const r = new XMLHttpRequest();
+		const error = this.error;
 
 		// Binary?
-		var binary = false;
+		let binary = false;
 		if (method === 'blob') {
 			binary = method;
 			method = 'GET';
@@ -2143,7 +2143,7 @@ hello.utils.extend(hello.utils, {
 
 		// Xhr.responseType 'json' is not supported in any of the vendors yet.
 		r.onload = function(e) {
-			var json = r.response;
+			let json = r.response;
 			try {
 				json = JSON.parse(r.responseText);
 			}
@@ -2153,14 +2153,14 @@ hello.utils.extend(hello.utils, {
 				}
 			}
 
-			var headers = headersToJSON(r.getAllResponseHeaders());
+			const headers = headersToJSON(r.getAllResponseHeaders());
 			headers.statusCode = r.status;
 
 			callback(json || (method === 'GET' ? error('empty_response', 'Could not get resource') : {}), headers);
 		};
 
 		r.onerror = function(e) {
-			var json = r.responseText;
+			let json = r.responseText;
 			try {
 				json = JSON.parse(r.responseText);
 			}
@@ -2169,7 +2169,7 @@ hello.utils.extend(hello.utils, {
 			callback(json || error('access_denied', 'Could not get resource'));
 		};
 
-		var x;
+		let x;
 
 		// Should we add the query to the URL?
 		if (method === 'GET' || method === 'DELETE') {
@@ -2177,7 +2177,7 @@ hello.utils.extend(hello.utils, {
 		}
 		else if (data && typeof (data) !== 'string' && !(data instanceof FormData) && !(data instanceof File) && !(data instanceof Blob)) {
 			// Loop through and add formData
-			var f = new FormData();
+			const f = new FormData();
 			for (x in data) if (data.hasOwnProperty(x)) {
 				if (data[x] instanceof HTMLInputElement) {
 					if ('files' in data[x] && data[x].files.length > 0) {
@@ -2220,9 +2220,9 @@ hello.utils.extend(hello.utils, {
 
 		// Headers are returned as a string
 		function headersToJSON(s) {
-			var r = {};
-			var reg = /([a-z\-]+):\s?(.*);?/gi;
-			var m;
+			const r = {};
+			const reg = /([a-z\-]+):\s?(.*);?/gi;
+			let m;
 			while ((m = reg.exec(s))) {
 				r[m[1]] = m[2];
 			}
@@ -2237,15 +2237,15 @@ hello.utils.extend(hello.utils, {
 	// @param function callback a function to call on completion;
 	jsonp: function(url, callback, callbackID, timeout) {
 
-		var _this = this;
-		var error = _this.error;
+		const _this = this;
+		const error = _this.error;
 
 		// Change the name of the callback
-		var bool = 0;
-		var head = document.getElementsByTagName('head')[0];
-		var operaFix;
-		var result = error('server_error', 'server_error');
-		var cb = function() {
+		let bool = 0;
+		const head = document.getElementsByTagName('head')[0];
+		let operaFix;
+		let result = error('server_error', 'server_error');
+		const cb = function() {
 			if (!(bool++)) {
 				window.setTimeout(function() {
 					callback(result);
@@ -2268,7 +2268,7 @@ hello.utils.extend(hello.utils, {
 		url = url.replace(new RegExp('=\\?(&|$)'), '=' + callbackID + '$1');
 
 		// Build script tag
-		var script = _this.append('script', {
+		const script = _this.append('script', {
 			id: callbackID,
 			name: callbackID,
 			src: url,
@@ -2321,18 +2321,18 @@ hello.utils.extend(hello.utils, {
 	// @param function callback, function to execute in response
 	post: function(url, data, options, callback, callbackID, timeout) {
 
-		var _this = this;
-		var error = _this.error;
-		var doc = document;
+		const _this = this;
+		const error = _this.error;
+		const doc = document;
 
 		// This hack needs a form
-		var form = null;
-		var reenableAfterSubmit = [];
-		var newform;
-		var i = 0;
-		var x = null;
-		var bool = 0;
-		var cb = function(r) {
+		let form = null;
+		const reenableAfterSubmit = [];
+		let newform;
+		let i = 0;
+		let x = null;
+		let bool = 0;
+		const cb = function(r) {
 			if (!(bool++)) {
 				callback(r);
 			}
@@ -2343,7 +2343,7 @@ hello.utils.extend(hello.utils, {
 		_this.globalEvent(cb, callbackID);
 
 		// Build the iframe window
-		var win;
+		let win;
 		try {
 			// IE7 hack, only lets us define the name here, not later.
 			win = doc.createElement('<iframe name="' + callbackID + '">');
@@ -2424,19 +2424,19 @@ hello.utils.extend(hello.utils, {
 				newform = form;
 			}
 
-			var input;
+			let input;
 
 			// Add elements to the form if they dont exist
 			for (x in data) if (data.hasOwnProperty(x)) {
 
 				// Is this an element?
-				var el = (_this.domInstance('input', data[x]) || _this.domInstance('textArea', data[x]) || _this.domInstance('select', data[x]));
+				const el = (_this.domInstance('input', data[x]) || _this.domInstance('textArea', data[x]) || _this.domInstance('select', data[x]));
 
 				// Is this not an input element, or one that exists outside the form.
 				if (!el || data[x].form !== form) {
 
 					// Does an element have the same name?
-					var inputs = form.elements[x];
+					let inputs = form.elements[x];
 					if (input) {
 						// Remove it.
 						if (!(inputs instanceof NodeList)) {
@@ -2521,7 +2521,7 @@ hello.utils.extend(hello.utils, {
 				}
 
 				// Reenable the disabled form
-				for (var i = 0; i < reenableAfterSubmit.length; i++) {
+				for (let i = 0; i < reenableAfterSubmit.length; i++) {
 					if (reenableAfterSubmit[i]) {
 						reenableAfterSubmit[i].setAttribute('disabled', false);
 						reenableAfterSubmit[i].disabled = false;
@@ -2534,7 +2534,7 @@ hello.utils.extend(hello.utils, {
 	// Some of the providers require that only multipart is used with non-binary forms.
 	// This function checks whether the form contains binary data
 	hasBinary: function(data) {
-		for (var x in data) if (data.hasOwnProperty(x)) {
+		for (const x in data) if (data.hasOwnProperty(x)) {
 			if (this.isBinary(data[x])) {
 				return true;
 			}
@@ -2557,15 +2557,15 @@ hello.utils.extend(hello.utils, {
 
 	// Convert Data-URI to Blob string
 	toBlob: function(dataURI) {
-		var reg = /^data\:([^;,]+(\;charset=[^;,]+)?)(\;base64)?,/i;
-		var m = dataURI.match(reg);
+		const reg = /^data\:([^;,]+(\;charset=[^;,]+)?)(\;base64)?,/i;
+		const m = dataURI.match(reg);
 		if (!m) {
 			return dataURI;
 		}
 
-		var binary = atob(dataURI.replace(reg, ''));
-		var array = [];
-		for (var i = 0; i < binary.length; i++) {
+		const binary = atob(dataURI.replace(reg, ''));
+		const array = [];
+		for (let i = 0; i < binary.length; i++) {
 			array.push(binary.charCodeAt(i));
 		}
 
@@ -2579,8 +2579,8 @@ hello.utils.extend(hello.utils, {
 (function(hello) {
 
 	// Copy original function
-	var api = hello.api;
-	var utils = hello.utils;
+	const api = hello.api;
+	const utils = hello.utils;
 
 	utils.extend(utils, {
 
@@ -2588,9 +2588,9 @@ hello.utils.extend(hello.utils, {
 		// This takes a FormElement|NodeList|InputElement|MixedObjects and convers the data object to JSON.
 		dataToJSON: function(p) {
 
-			var _this = this;
-			var w = window;
-			var data = p.data;
+			const _this = this;
+			const w = window;
+			let data = p.data;
 
 			// Is data a form object
 			if (_this.domInstance('form', data)) {
@@ -2613,7 +2613,7 @@ hello.utils.extend(hello.utils, {
 			// Loop through data if it's not form data it must now be a JSON object
 			if (!('FormData' in w && data instanceof w.FormData)) {
 
-				for (var x in data) if (data.hasOwnProperty(x)) {
+				for (const x in data) if (data.hasOwnProperty(x)) {
 
 					if ('FileList' in w && data[x] instanceof w.FileList) {
 						if (data[x].length === 1) {
@@ -2642,12 +2642,12 @@ hello.utils.extend(hello.utils, {
 		// Given a list of elements extrapolate their values and return as a json object
 		nodeListToJSON: function(nodelist) {
 
-			var json = {};
+			const json = {};
 
 			// Create a data string
-			for (var i = 0; i < nodelist.length; i++) {
+			for (let i = 0; i < nodelist.length; i++) {
 
-				var input = nodelist[i];
+				const input = nodelist[i];
 
 				// If the name of the input is empty or diabled, dont add it.
 				if (input.disabled || !input.name) {
@@ -2671,7 +2671,7 @@ hello.utils.extend(hello.utils, {
 	hello.api = function() {
 
 		// Get arguments
-		var p = utils.args({path: 's!', method: 's', data: 'o', timeout: 'i', callback: 'f'}, arguments);
+		const p = utils.args({path: 's!', method: 's', data: 'o', timeout: 'i', callback: 'f'}, arguments);
 
 		// Change for into a data object
 		if (p.data) {
diff --git a/src/hello.phonegap.js b/src/hello.phonegap.js
index da9de149..ee09fe35 100644
--- a/src/hello.phonegap.js
+++ b/src/hello.phonegap.js
@@ -13,13 +13,13 @@
 	};
 
 	// Augment the popup
-	var utilPopup = hello.utils.popup;
+	const utilPopup = hello.utils.popup;
 
 	// Replace popup
 	hello.utils.popup = function(url, redirectUri, options) {
 
 		// Run the standard
-		var popup = utilPopup.call(this, url, redirectUri, options);
+		const popup = utilPopup.call(this, url, redirectUri, options);
 
 		// Create a function for reopening the popup, and assigning events to the new popup object
 		// PhoneGap support
@@ -30,14 +30,14 @@
 
 				// Get the origin of the redirect URI
 
-				var a = hello.utils.url(redirectUri);
-				var redirectUriOrigin = a.origin || (a.protocol + '//' + a.hostname);
+				const a = hello.utils.url(redirectUri);
+				const redirectUriOrigin = a.origin || (a.protocol + '//' + a.hostname);
 
 				// Listen to changes in the InAppBrowser window
 
 				popup.addEventListener('loadstart', function(e) {
 
-					var url = e.url;
+					const url = e.url;
 
 					// Is this the path, as given by the redirectUri?
 					// Check the new URL agains the redirectUriOrigin.
@@ -49,12 +49,12 @@
 					}
 
 					// Split appart the URL
-					var a = hello.utils.url(url);
+					const a = hello.utils.url(url);
 
 					// We dont have window operations on the popup so lets create some
 					// The location can be augmented in to a location object like so...
 
-					var _popup = {
+					const _popup = {
 						location: {
 							// Change the location of the popup
 							assign: function(location) {
diff --git a/src/hello.polyfill.js b/src/hello.polyfill.js
index 40189769..792d9c3b 100644
--- a/src/hello.polyfill.js
+++ b/src/hello.polyfill.js
@@ -38,7 +38,7 @@ if (!Object.keys) {
 if (!Array.prototype.indexOf) {
 	Array.prototype.indexOf = function(s) {
 
-		for (var j = 0; j < this.length; j++) {
+		for (let j = 0; j < this.length; j++) {
 			if (this[j] === s) {
 				return j;
 			}
@@ -56,14 +56,14 @@ if (!Array.prototype.forEach) {
 			throw new TypeError();
 		}
 
-		var t = Object(this);
-		var len = t.length >>> 0;
+		const t = Object(this);
+		const len = t.length >>> 0;
 		if (typeof fun !== 'function') {
 			throw new TypeError();
 		}
 
-		var thisArg = arguments.length >= 2 ? arguments[1] : void 0;
-		for (var i = 0; i < len; i++) {
+		const thisArg = arguments.length >= 2 ? arguments[1] : void 0;
+		for (let i = 0; i < len; i++) {
 			if (i in t) {
 				fun.call(thisArg, t[i], i, t);
 			}
@@ -77,7 +77,7 @@ if (!Array.prototype.forEach) {
 if (!Array.prototype.filter) {
 	Array.prototype.filter = function(fun, thisArg) {
 
-		var a = [];
+		const a = [];
 		this.forEach(function(val, i, t) {
 			if (fun.call(thisArg || void 0, val, i, t)) {
 				a.push(val);
@@ -94,7 +94,7 @@ if (!Array.prototype.map) {
 
 	Array.prototype.map = function(fun, thisArg) {
 
-		var a = [];
+		const a = [];
 		this.forEach(function(val, i, t) {
 			a.push(fun.call(thisArg || void 0, val, i, t));
 		});
@@ -135,10 +135,10 @@ if (!Function.prototype.bind) {
 
 		function C() {}
 
-		var a = [].slice;
-		var f = a.call(arguments, 1);
-		var _this = this;
-		var D = function() {
+		const a = [].slice;
+		const f = a.call(arguments, 1);
+		const _this = this;
+		const D = function() {
 			return _this.apply(this instanceof C ? this : b || window, f.concat(a.call(arguments)));
 		};
 
diff --git a/src/modules/bikeindex.js b/src/modules/bikeindex.js
index 8628b78f..c27e98ab 100644
--- a/src/modules/bikeindex.js
+++ b/src/modules/bikeindex.js
@@ -105,7 +105,7 @@
 
 	function paging(res, headers, req) {
 		if (res.data && res.data.length && headers && headers.Link) {
-			var next = headers.Link.match(/<(.*?)>;\s*rel=\"next\"/);
+			const next = headers.Link.match(/<(.*?)>;\s*rel=\"next\"/);
 			if (next) {
 				res.paging = {
 					next: next[1]
diff --git a/src/modules/dropbox.js b/src/modules/dropbox.js
index 8abc57ee..4493d75b 100644
--- a/src/modules/dropbox.js
+++ b/src/modules/dropbox.js
@@ -1,7 +1,7 @@
 (function(hello) {
 
 	// OAuth1
-	var OAuth1Settings = {
+	const OAuth1Settings = {
 		version: '1.0',
 		auth: 'https://www.dropbox.com/1/oauth/authorize',
 		request: 'https://api.dropbox.com/1/oauth/request_token',
@@ -9,7 +9,7 @@
 	};
 
 	// OAuth2 Settings
-	var OAuth2Settings = {
+	const OAuth2Settings = {
 		version: 2,
 		auth: 'https://www.dropbox.com/1/oauth2/authorize',
 		grant: 'https://api.dropbox.com/1/oauth2/token'
@@ -30,7 +30,7 @@
 
 				// Should this be run as OAuth1?
 				// If the redirect_uri is is HTTP (non-secure) then its required to revert to the OAuth1 endpoints
-				var redirect = decodeURIComponent(p.qs.redirect_uri);
+				const redirect = decodeURIComponent(p.qs.redirect_uri);
 				if (redirect.indexOf('http:') === 0 && redirect.indexOf('http://localhost/') !== 0) {
 
 					// Override the dropbox OAuth settings.
@@ -89,8 +89,8 @@
 			post: {
 				'me/files': function(p, callback) {
 
-					var path = p.data.parent;
-					var fileName = p.data.name;
+					const path = p.data.parent;
+					const fileName = p.data.name;
 
 					p.data = {
 						file: p.data.file
@@ -106,7 +106,7 @@
 
 				'me/folders': function(p, callback) {
 
-					var name = p.data.name;
+					const name = p.data.name;
 					p.data = {};
 
 					callback('fileops/create_folder?root=@{root|sandbox}&' + hello.utils.param({
@@ -129,7 +129,7 @@
 					}
 
 					o.name = o.display_name;
-					var m = o.name.split(' ');
+					const m = o.name.split(' ');
 					o.first_name = m.shift();
 					o.last_name = m.join(' ');
 					o.id = o.uid;
@@ -166,7 +166,7 @@
 				// The proxy supports allow-cross-origin-resource
 				// Alas that's the only thing we're using.
 				if (p.data && p.data.file) {
-					var file = p.data.file;
+					const file = p.data.file;
 					if (file) {
 						if (file.files) {
 							p.data = file.files[0];
@@ -213,7 +213,7 @@
 			return;
 		}
 
-		var path = (o.root !== 'app_folder' ? o.root : '') + o.path.replace(/\&/g, '%26');
+		let path = (o.root !== 'app_folder' ? o.root : '') + o.path.replace(/\&/g, '%26');
 		path = path.replace(/^\//, '');
 		if (o.thumb_exists) {
 			o.thumbnail = req.oauth_proxy + '?path=' +
diff --git a/src/modules/facebook.js b/src/modules/facebook.js
index 6e247202..bc856c59 100644
--- a/src/modules/facebook.js
+++ b/src/modules/facebook.js
@@ -1,7 +1,7 @@
 (function(hello) {
 	// For APIs, once a version is no longer usable, any calls made to it will be defaulted to the next oldest usable version.
 	// So we explicitly state it.
-	var version = 'v2.9';
+	const version = 'v2.9';
 
 	hello.init({
 
@@ -53,9 +53,9 @@
 
 			logout: function(callback, options) {
 				// Assign callback to a global handler
-				var callbackID = hello.utils.globalEvent(callback);
-				var redirect = encodeURIComponent(hello.settings.redirect_uri + '?' + hello.utils.param({callback: callbackID, result: JSON.stringify({force: true}), state: '{}'}));
-				var token = (options.authResponse || {}).access_token;
+				const callbackID = hello.utils.globalEvent(callback);
+				const redirect = encodeURIComponent(hello.settings.redirect_uri + '?' + hello.utils.param({callback: callbackID, result: JSON.stringify({force: true}), state: '{}'}));
+				const token = (options.authResponse || {}).access_token;
 				hello.utils.iframe('https://www.facebook.com/logout.php?next=' + redirect + '&access_token=' + token);
 
 				// Possible responses:
@@ -128,7 +128,7 @@
 
 			// Special requirements for handling JSONP fallback
 			jsonp: function(p, qs) {
-				var m = p.method;
+				const m = p.method;
 				if (m !== 'get' && !hello.utils.hasBinary(p.data)) {
 					p.data.method = m;
 					p.method = 'get';
@@ -149,7 +149,7 @@
 		}
 	});
 
-	var base = 'https://graph.facebook.com/';
+	const base = 'https://graph.facebook.com/';
 
 	function formatUser(o) {
 		if (o.id) {
@@ -173,10 +173,10 @@
 		}
 
 		if (o && 'data' in o) {
-			var token = req.query.access_token;
+			const token = req.query.access_token;
 
 			if (!(o.data instanceof Array)) {
-				var data = o.data;
+				const data = o.data;
 				delete o.data;
 				o.data = [data];
 			}
diff --git a/src/modules/flickr.js b/src/modules/flickr.js
index fa6516b9..4ff6de42 100644
--- a/src/modules/flickr.js
+++ b/src/modules/flickr.js
@@ -35,7 +35,7 @@
 					if (o.id) {
 						if (o.realname) {
 							o.name = o.realname._content;
-							var m = o.name.split(' ');
+							const m = o.name.split(' ');
 							o.first_name = m.shift();
 							o.last_name = m.join(' ');
 						}
@@ -90,11 +90,11 @@
 	});
 
 	function getApiUrl(method, extraParams, skipNetwork) {
-		var url = ((skipNetwork) ? '' : 'flickr:') +
+		let url = ((skipNetwork) ? '' : 'flickr:') +
 			'?method=' + method +
 			'&api_key=' + hello.services.flickr.id +
 			'&format=json';
-		for (var param in extraParams) {
+		for (const param in extraParams) {
 			if (extraParams.hasOwnProperty(param)) {
 				url += '&' + param + '=' + extraParams[param];
 			}
@@ -107,7 +107,7 @@
 	// The method 'flickr.test.login' for each api call
 
 	function withUser(cb) {
-		var auth = hello.getAuthResponse('flickr');
+		const auth = hello.getAuthResponse('flickr');
 		cb(auth && auth.user_nsid ? auth.user_nsid : null);
 	}
 
@@ -125,7 +125,7 @@
 	}
 
 	function getBuddyIcon(profile, size) {
-		var url = 'https://www.flickr.com/images/buddyicon.gif';
+		let url = 'https://www.flickr.com/images/buddyicon.gif';
 		if (profile.nsid && profile.iconserver && profile.iconfarm) {
 			url = 'https://farm' + profile.iconfarm + '.staticflickr.com/' +
 				profile.iconserver + '/' +
@@ -156,13 +156,13 @@
 
 	function formatPhotos(o) {
 		if (o.photoset || o.photos) {
-			var set = ('photoset' in o) ? 'photoset' : 'photos';
+			const set = ('photoset' in o) ? 'photoset' : 'photos';
 			o = checkResponse(o, set);
 			paging(o);
 			o.data = o.photo;
 			delete o.photo;
-			for (var i = 0; i < o.data.length; i++) {
-				var photo = o.data[i];
+			for (let i = 0; i < o.data.length; i++) {
+				const photo = o.data[i];
 				photo.name = photo.title;
 				photo.picture = createPhotoUrl(photo.id, photo.farm, photo.server, photo.secret, '');
 				photo.pictures = createPictures(photo.id, photo.farm, photo.server, photo.secret);
@@ -177,8 +177,8 @@
 	// See: https://www.flickr.com/services/api/misc.urls.html
 	function createPictures(id, farm, server, secret) {
 
-		var NO_LIMIT = 2048;
-		var sizes = [
+		const NO_LIMIT = 2048;
+		const sizes = [
 			{id: 't', max: 100},
 			{id: 'm', max: 240},
 			{id: 'n', max: 320},
@@ -224,8 +224,8 @@
 			paging(o);
 			o.data = o.contact;
 			delete o.contact;
-			for (var i = 0; i < o.data.length; i++) {
-				var item = o.data[i];
+			for (let i = 0; i < o.data.length; i++) {
+				const item = o.data[i];
 				item.id = item.nsid;
 				item.name = item.realname || item.username;
 				item.thumbnail = getBuddyIcon(item, 'm');
diff --git a/src/modules/foursquare.js b/src/modules/foursquare.js
index f9caef8b..4a9ac3ad 100644
--- a/src/modules/foursquare.js
+++ b/src/modules/foursquare.js
@@ -79,7 +79,7 @@
 	}
 
 	function formatRequest(p, qs) {
-		var token = qs.access_token;
+		const token = qs.access_token;
 		delete qs.access_token;
 		qs.oauth_token = token;
 		qs.v = 20121125;
diff --git a/src/modules/github.js b/src/modules/github.js
index 1100d7bb..488cbd4e 100644
--- a/src/modules/github.js
+++ b/src/modules/github.js
@@ -71,7 +71,7 @@
 	});
 
 	function formatError(o, headers) {
-		var code = headers ? headers.statusCode : (o && 'meta' in o && 'status' in o.meta && o.meta.status);
+		const code = headers ? headers.statusCode : (o && 'meta' in o && 'status' in o.meta && o.meta.status);
 		if ((code === 401 || code === 403)) {
 			o.error = {
 				code: 'access_denied',
@@ -90,7 +90,7 @@
 
 	function paging(res, headers, req) {
 		if (res.data && res.data.length && headers && headers.Link) {
-			var next = headers.Link.match(/<(.*?)>;\s*rel=\"next\"/);
+			const next = headers.Link.match(/<(.*?)>;\s*rel=\"next\"/);
 			if (next) {
 				res.paging = {
 					next: next[1]
diff --git a/src/modules/google.js b/src/modules/google.js
index 411133e7..a7302d6d 100644
--- a/src/modules/google.js
+++ b/src/modules/google.js
@@ -1,6 +1,6 @@
 (function(hello) {
 
-	var contactsUrl = 'https://www.google.com/m8/feeds/contacts/default/full?v=3.0&alt=json&max-results=@{limit|1000}&start-index=@{start|1}';
+	const contactsUrl = 'https://www.google.com/m8/feeds/contacts/default/full?v=3.0&alt=json&max-results=@{limit|1000}&start-index=@{start|1}';
 
 	hello.init({
 
@@ -67,7 +67,7 @@
 				'me/contacts': contactsUrl,
 				'me/albums': 'https://picasaweb.google.com/data/feed/api/user/default?alt=json&max-results=@{limit|100}&start-index=@{start|1}',
 				'me/album': function(p, callback) {
-					var key = p.query.id;
+					const key = p.query.id;
 					delete p.query.id;
 					callback(key.replace('/entry/', '/feed/'));
 				},
@@ -264,11 +264,11 @@
 
 	function formatFriends(o, headers, req) {
 		paging(o);
-		var r = [];
+		const r = [];
 		if ('feed' in o && 'entry' in o.feed) {
-			var token = req.query.access_token;
-			for (var i = 0; i < o.feed.entry.length; i++) {
-				var a = o.feed.entry[i];
+			const token = req.query.access_token;
+			for (let i = 0; i < o.feed.entry.length; i++) {
+				const a = o.feed.entry[i];
 
 				a.id = a.id.$t;
 				a.name = a.title.$t;
@@ -285,7 +285,7 @@
 
 				if (a.link) {
 
-					var pic = (a.link.length > 0) ? a.link[0].href : null;
+					let pic = (a.link.length > 0) ? a.link[0].href : null;
 					if (pic && a.link[0].gd$etag) {
 						pic += (pic.indexOf('?') > -1 ? '&' : '?') + 'access_token=' + token;
 						a.picture = pic;
@@ -309,21 +309,21 @@
 
 	function formatEntry(a) {
 
-		var group = a.media$group;
-		var photo = group.media$content.length ? group.media$content[0] : {};
-		var mediaContent = group.media$content || [];
-		var mediaThumbnail = group.media$thumbnail || [];
+		const group = a.media$group;
+		const photo = group.media$content.length ? group.media$content[0] : {};
+		const mediaContent = group.media$content || [];
+		const mediaThumbnail = group.media$thumbnail || [];
 
-		var pictures = mediaContent
+		const pictures = mediaContent
 			.concat(mediaThumbnail)
 			.map(formatImage)
 			.sort(function(a, b) {
 				return a.width - b.width;
 			});
 
-		var i = 0;
-		var _a;
-		var p = {
+		let i = 0;
+		let _a;
+		const p = {
 			id: a.id.$t,
 			name: a.title.$t,
 			description: a.summary.$t,
@@ -340,7 +340,7 @@
 		// Get feed/children
 		if ('link' in a) {
 			for (i = 0; i < a.link.length; i++) {
-				var d = a.link[i];
+				const d = a.link[i];
 				if (d.rel.match(/\#feed$/)) {
 					p.upload_location = p.files = p.photos = d.href;
 					break;
@@ -378,9 +378,9 @@
 
 		// Contacts V2
 		if ('feed' in res && res.feed.openSearch$itemsPerPage) {
-			var limit = toInt(res.feed.openSearch$itemsPerPage.$t);
-			var start = toInt(res.feed.openSearch$startIndex.$t);
-			var total = toInt(res.feed.openSearch$totalResults.$t);
+			const limit = toInt(res.feed.openSearch$itemsPerPage.$t);
+			const start = toInt(res.feed.openSearch$startIndex.$t);
+			const total = toInt(res.feed.openSearch$totalResults.$t);
 
 			if ((start + limit) < total) {
 				res.paging = {
@@ -399,18 +399,18 @@
 	function Multipart() {
 
 		// Internal body
-		var body = [];
-		var boundary = (Math.random() * 1e10).toString(32);
-		var counter = 0;
-		var lineBreak = '\r\n';
-		var delim = lineBreak + '--' + boundary;
-		var ready = function() {};
+		let body = [];
+		const boundary = (Math.random() * 1e10).toString(32);
+		let counter = 0;
+		const lineBreak = '\r\n';
+		const delim = lineBreak + '--' + boundary;
+		let ready = function() {};
 
-		var dataUri = /^data\:([^;,]+(\;charset=[^;,]+)?)(\;base64)?,/i;
+		const dataUri = /^data\:([^;,]+(\;charset=[^;,]+)?)(\;base64)?,/i;
 
 		// Add file
 		function addFile(item) {
-			var fr = new FileReader();
+			const fr = new FileReader();
 			fr.onload = function(e) {
 				addContent(btoa(e.target.result), item.type + lineBreak + 'Content-Transfer-Encoding: base64');
 			};
@@ -434,11 +434,11 @@
 				content = [content];
 			}
 
-			for (var i = 0; i < content.length; i++) {
+			for (let i = 0; i < content.length; i++) {
 
 				counter++;
 
-				var item = content[i];
+				const item = content[i];
 
 				// Is this a file?
 				// Files can be either Blobs or File types
@@ -454,7 +454,7 @@
 				// Data:[<mime type>][;charset=<charset>][;base64],<encoded data>
 				// /^data\:([^;,]+(\;charset=[^;,]+)?)(\;base64)?,/i
 				else if (typeof (item) === 'string' && item.match(dataUri)) {
-					var m = item.match(dataUri);
+					const m = item.match(dataUri);
 					addContent(item.replace(dataUri, ''), m[1] + lineBreak + 'Content-Transfer-Encoding: base64');
 				}
 
@@ -486,7 +486,7 @@
 	// POST https://developers.google.com/drive/manage-uploads
 	function uploadDrive(p, callback) {
 
-		var data = {};
+		let data = {};
 
 		// Test for DOM element
 		if (p.data &&
@@ -528,7 +528,7 @@
 
 		// Extract the file, if it exists from the data object
 		// If the File is an INPUT element lets just concern ourselves with the NodeList
-		var file;
+		let file;
 		if ('file' in p.data) {
 			file = p.data.file;
 			delete p.data.file;
@@ -552,7 +552,7 @@
 		// Set type p.data.mimeType = Object(file[0]).type || 'application/octet-stream';
 
 		// Construct a multipart message
-		var parts = new Multipart();
+		const parts = new Multipart();
 		parts.append(JSON.stringify(p.data), 'application/json');
 
 		// Read the file into a  base64 string... yep a hassle, i know
diff --git a/src/modules/instagram.js b/src/modules/instagram.js
index 5079fbcf..b95170ac 100644
--- a/src/modules/instagram.js
+++ b/src/modules/instagram.js
@@ -45,7 +45,7 @@
 
 			post: {
 				'me/like': function(p, callback) {
-					var id = p.data.id;
+					const id = p.data.id;
 					p.data = {};
 					callback('media/' + id + '/likes');
 				}
@@ -88,7 +88,7 @@
 							d.picture = d.images.standard_resolution.url;
 							d.pictures = Object.keys(d.images)
 								.map(function(key) {
-									var image = d.images[key];
+									const image = d.images[key];
 									return formatImage(image);
 								})
 								.sort(function(a, b) {
@@ -111,8 +111,8 @@
 			// So besides JSONP we're stuck with proxy
 			xhr: function(p, qs) {
 
-				var method = p.method;
-				var proxy = method !== 'get';
+				const method = p.method;
+				const proxy = method !== 'get';
 
 				if (proxy) {
 
diff --git a/src/modules/joinme.js b/src/modules/joinme.js
index 54d44bb5..b570783a 100644
--- a/src/modules/joinme.js
+++ b/src/modules/joinme.js
@@ -51,7 +51,7 @@
 				},
 
 				'meetings/start/scheduled': function(p, callback) {
-					var meetingId = p.data.meetingId;
+					const meetingId = p.data.meetingId;
 					p.data = {};
 					callback('meetings/' + meetingId + '/start');
 				},
@@ -100,9 +100,9 @@
 	});
 
 	function formatError(o, headers) {
-		var errorCode;
-		var message;
-		var details;
+		let errorCode;
+		let message;
+		let details;
 
 		if (o && ('Message' in o)) {
 			message = o.Message;
@@ -128,7 +128,7 @@
 
 	function formatRequest(p, qs) {
 		// Move the access token from the request body to the request header
-		var token = qs.access_token;
+		const token = qs.access_token;
 		delete qs.access_token;
 		p.headers.Authorization = 'Bearer ' + token;
 
diff --git a/src/modules/linkedin.js b/src/modules/linkedin.js
index 12672e4c..676a1b45 100644
--- a/src/modules/linkedin.js
+++ b/src/modules/linkedin.js
@@ -41,7 +41,7 @@
 
 				// See: https://developer.linkedin.com/documents/api-requests-json
 				'me/share': function(p, callback) {
-					var data = {
+					const data = {
 						visibility: {
 							code: 'anyone'
 						}
@@ -192,7 +192,7 @@
 
 	function like(p, callback) {
 		p.headers['x-li-format'] = 'json';
-		var id = p.data.id;
+		const id = p.data.id;
 		p.data = (p.method !== 'delete').toString();
 		p.method = 'put';
 		callback('people/~/network/updates/key=' + id + '/is-liked');
diff --git a/src/modules/soundcloud.js b/src/modules/soundcloud.js
index 78d825c1..eb445e1a 100644
--- a/src/modules/soundcloud.js
+++ b/src/modules/soundcloud.js
@@ -56,7 +56,7 @@
 
 	function formatRequest(p, qs) {
 		// Alter the querystring
-		var token = qs.access_token;
+		const token = qs.access_token;
 		delete qs.access_token;
 		qs.oauth_token = token;
 		qs['_status_code_map[302]'] = 200;
diff --git a/src/modules/spotify.js b/src/modules/spotify.js
index e8d32352..652d895c 100644
--- a/src/modules/spotify.js
+++ b/src/modules/spotify.js
@@ -54,7 +54,7 @@
 
 	// Move the access token from the request body to the request header
 	function formatRequest(p, qs) {
-		var token = qs.access_token;
+		const token = qs.access_token;
 		delete qs.access_token;
 		p.headers.Authorization = 'Bearer ' + token;
 
diff --git a/src/modules/tumblr.js b/src/modules/tumblr.js
index 5479cf3d..b8c53f3b 100644
--- a/src/modules/tumblr.js
+++ b/src/modules/tumblr.js
@@ -69,7 +69,7 @@
 				'default': function(o) {
 
 					if (o.response) {
-						var r = o.response;
+						const r = o.response;
 						if (r.posts) {
 							o.data = r.posts;
 						}
@@ -100,7 +100,7 @@
 	}
 
 	function extend(a, b) {
-		for (var x in b) {
+		for (const x in b) {
 			if (b.hasOwnProperty(x)) {
 				a[x] = b[x];
 			}
diff --git a/src/modules/twitter.js b/src/modules/twitter.js
index 829fbb17..fe74f465 100644
--- a/src/modules/twitter.js
+++ b/src/modules/twitter.js
@@ -1,6 +1,6 @@
 (function(hello) {
 
-	var base = 'https://api.twitter.com/';
+	const base = 'https://api.twitter.com/';
 
 	hello.init({
 
@@ -17,7 +17,7 @@
 			login: function(p) {
 				// Reauthenticate
 				// https://dev.twitter.com/oauth/reference/get/oauth/authenticate
-				var prefix = '?force_login=true';
+				const prefix = '?force_login=true';
 				this.oauth.auth = this.oauth.auth.replace(prefix, '') + (p.options.force ? prefix : '');
 			},
 
@@ -39,10 +39,10 @@
 			post: {
 				'me/share': function(p, callback) {
 
-					var data = p.data;
+					const data = p.data;
 					p.data = null;
 
-					var status = [];
+					const status = [];
 
 					// Change message to status
 					if (data.message) {
@@ -89,7 +89,7 @@
 
 				// See: https://dev.twitter.com/rest/reference/post/favorites/create
 				'me/like': function(p, callback) {
-					var id = p.data.id;
+					const id = p.data.id;
 					p.data = null;
 					callback('favorites/create.json?id=' + id);
 				}
@@ -100,7 +100,7 @@
 				// See: https://dev.twitter.com/rest/reference/post/favorites/destroy
 				'me/like': function(p, callback) {
 					p.method = 'post';
-					var id = p.data.id;
+					const id = p.data.id;
 					p.data = null;
 					callback('favorites/destroy.json?id=' + id);
 				}
@@ -144,7 +144,7 @@
 	function formatUser(o) {
 		if (o.id) {
 			if (o.name) {
-				var m = o.name.split(' ');
+				const m = o.name.split(' ');
 				o.first_name = m.shift();
 				o.last_name = m.join(' ');
 			}
@@ -169,7 +169,7 @@
 
 	function formatError(o) {
 		if (o.errors) {
-			var e = o.errors[0];
+			const e = o.errors[0];
 			o.error = {
 				code: 'request_failed',
 				message: e.message
diff --git a/src/modules/vimeo.js b/src/modules/vimeo.js
index d65499ba..79a4dc63 100644
--- a/src/modules/vimeo.js
+++ b/src/modules/vimeo.js
@@ -1,5 +1,5 @@
 (function(hello) {
-	var baseUrl = 'https://api.vimeo.com/';
+	const baseUrl = 'https://api.vimeo.com/';
 
 	hello.init({
 		vimeo: {
diff --git a/src/modules/vk.js b/src/modules/vk.js
index c4356437..027bbc1a 100644
--- a/src/modules/vk.js
+++ b/src/modules/vk.js
@@ -80,7 +80,7 @@
 	function formatError(o) {
 
 		if (o.error) {
-			var e = o.error;
+			const e = o.error;
 			o.error = {
 				code: e.error_code,
 				message: e.error_msg
diff --git a/src/modules/windows.js b/src/modules/windows.js
index 2dcb45ec..bea2a2d9 100644
--- a/src/modules/windows.js
+++ b/src/modules/windows.js
@@ -157,7 +157,7 @@
 
 	function formatUser(o, headers, req) {
 		if (o.id) {
-			var token = req.query.access_token;
+			const token = req.query.access_token;
 			if (o.emails) {
 				o.email = o.emails.preferred;
 			}
@@ -165,7 +165,7 @@
 			// If this is not an non-network friend
 			if (o.is_friend !== false) {
 				// Use the id of the user_id if available
-				var id = (o.user_id || o.id);
+				const id = (o.user_id || o.id);
 				o.thumbnail = o.picture = 'https://apis.live.net/v5.0/' + id + '/picture?access_token=' + token;
 			}
 		}
diff --git a/src/modules/yahoo.js b/src/modules/yahoo.js
index a70b1803..2822d024 100644
--- a/src/modules/yahoo.js
+++ b/src/modules/yahoo.js
@@ -79,7 +79,7 @@
 			o.id = o.guid;
 			o.last_name = o.familyName;
 			o.first_name = o.givenName || o.nickname;
-			var a = [];
+			const a = [];
 			if (o.first_name) {
 				a.push(o.first_name);
 			}
@@ -99,8 +99,8 @@
 	function formatFriends(o, headers, request) {
 		formatError(o);
 		paging(o, headers, request);
-		var contact;
-		var field;
+		let contact;
+		let field;
 		if (o.query && o.query.results && o.query.results.contact) {
 			o.data = o.query.results.contact;
 			delete o.query;