Skip to content

Commit

Permalink
[CVE-2022-1537][CVE-2022-0436][1.x]bump grunt from 1.4.1 to 1.5.3 (#3723
Browse files Browse the repository at this point in the history
) (#4435)

Main bump grunt via this PR:
 #1580

In 1.x, bump grunt is different because v1.5.3 requires node>=8
and no breaking changes. This is the latest version with no node
conflicts.  grunt requires node>=16 sincev1.6.0 . Therefore, we
should be very specific and limit the bump range.

Issue Resolve:
#1579
#1450

Signed-off-by: Anan Zhuang <ananzh@amazon.com>
Co-authored-by: Josh Romero <rmerqg@amazon.com>
(cherry picked from commit 65deacb)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

# Conflicts:
#	CHANGELOG.md

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
  • Loading branch information
1 parent 82d8632 commit 982c83b
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -9603,7 +9603,7 @@ findup-sync@^4.0.0:
findup-sync@~0.3.0:
version "0.3.0"
resolved "https://registry.yarnpkg.com/findup-sync/-/findup-sync-0.3.0.tgz#37930aa5d816b777c03445e1966cc6790a4c0b16"
integrity sha1-N5MKpdgWt3fANEXhlmzGeQpMCxY=
integrity sha512-z8Nrwhi6wzxNMIbxlrTzuUW6KWuKkogZ/7OdDVq+0+kxn77KUH1nipx8iU6suqkHqc4y6n7a9A8IpmxY/pTjWg==
dependencies:
glob "~5.0.0"

Expand Down Expand Up @@ -10219,7 +10219,7 @@ glob@^7.0.0, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, gl
glob@~5.0.0:
version "5.0.15"
resolved "https://registry.yarnpkg.com/glob/-/glob-5.0.15.tgz#1bc936b9e02f4a603fcc222ecf7633d30b8b93b1"
integrity sha1-G8k2ueAvSmA/zCIuz3Yz0wuLk7E=
integrity sha512-c9IPMazfRITpmAAKi22dK1VKxGDX9ehhqfABDriL/lzO92xcUKEJPQHrVA/2YHSNFB4iFlykVmWvwo48nr3OxA==
dependencies:
inflight "^1.0.4"
inherits "2"
Expand Down

0 comments on commit 982c83b

Please sign in to comment.