WordPress.org

Make WordPress Core

Changeset 46403 for trunk/package.json


Ignore:
Timestamp:
10/05/2019 01:47:52 PM (6 weeks ago)
Author:
jorbin
Message:

Build/Test Tools: Fork and Update grunt-replace

The version of grunt replace that is bundled in core is using an outdated version of lodash that is bringing 2 low, 3 high, and 1 critical issue. This package is currently abandoned. There is a community forked version, but that is also harboring some similar security issues.

This switches to a fork by @whyisjake and causes no change to the build.

See #48203.
Fixes #48217.
Props whyisjake, netweb for testing.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/package.json

    r46364 r46403  
    4242        "grunt-patch-wordpress": "~2.0.0",
    4343        "grunt-postcss": "~0.9.0",
    44         "grunt-replace": "~1.0.1",
     44        "grunt-replace-lts": "~1.1.0",
    4545        "grunt-rtlcss": "~2.0.1",
    4646        "grunt-sass": "~3.0.2",
Note: See TracChangeset for help on using the changeset viewer.