Skip to content
Browse files

Build/Test Tools: Fork and Update `grunt-replace`

The version of grunt replace that is bundled in core is using an outdated version of lodash that is bringing 2 low, 3 high, and 1 critical issue. This package is currently abandoned. There is a community forked version, but that is also harboring some similar security issues.

This switches to a fork by @whyisjake and causes no change to the build.

See #48203.
Fixes #48217.
Props whyisjake, netweb for testing.

git-svn-id: 602fd350-edb4-49c9-b593-d223f7449a82
  • Loading branch information...
aaronjorbin committed Oct 5, 2019
1 parent 04293be commit 269c8baa33e2fd6a96cbd86fbf758af748dadb9c
Showing with 30 additions and 38 deletions.
  1. +29 −37 package-lock.json
  2. +1 −1 package.json

Some generated files are not rendered by default. Learn more.

@@ -41,7 +41,7 @@
"grunt-legacy-util": "^1.1.1",
"grunt-patch-wordpress": "~2.0.0",
"grunt-postcss": "~0.9.0",
"grunt-replace": "~1.0.1",
"grunt-replace-lts": "~1.1.0",
"grunt-rtlcss": "~2.0.1",
"grunt-sass": "~3.0.2",
"grunt-webpack": "^3.1.3",

0 comments on commit 269c8ba

Please sign in to comment.
You can’t perform that action at this time.