[wp-trac] [WordPress Trac] #48217: Fork and Update `grunt-replace`
WordPress Trac
noreply at wordpress.org
Sat Oct 5 13:48:03 UTC 2019
#48217: Fork and Update `grunt-replace`
------------------------------+---------------------
Reporter: whyisjake | Owner: jorbin
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 5.3
Component: Build/Test Tools | Version:
Severity: normal | Resolution: fixed
Keywords: has-patch commit | Focuses:
------------------------------+---------------------
Changes (by jorbin):
* owner: (none) => jorbin
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"46403" 46403]:
{{{
#!CommitTicketReference repository="" revision="46403"
Build/Test Tools: Fork and Update `grunt-replace`
The version of grunt replace that is bundled in core is using an outdated
version of lodash that is bringing 2 low, 3 high, and 1 critical issue.
This package is currently abandoned. There is a community forked version,
but that is also harboring some similar security issues.
This switches to a fork by @whyisjake and causes no change to the build.
See #48203.
Fixes #48217.
Props whyisjake, netweb for testing.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/48217#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list