downgrade regenerator-runtime due to unsafe eval usages (#1062)

This commit downgrades regenerator-runtime from ^0.13.3 (currently 0.13.7) to being pinned to exactly 0.13.1. This is because there is a change in 0.13.2 which adds back in a Function() constructor to define regenerator runtime globally. See #369 https://github.com/facebook/regenerator/commits/master/packages/regenerator-runtime T=https://yextops.zendesk.com/agent/tickets/347915 TEST=manual tested with a local apache httpd server on a searchbar only page added below line to .htaccess, which sets the CSP to the same as Syncreon also test csp with a `<meta>` tag tested both answers.js, answers.min.js, answers-modern.js, and answers-modern.min.js double checked that our code still runs correctly in ie11, for both a searchbar only page with no unsafe-eval csp, and a regular page with facets and results that allows unsafe eval
yext · Sep 9, 2020 · e1b0826 · e1b0826
1 parent b32e087
commit e1b0826
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -12,7 +12,7 @@
     "kind-of": "^6.0.3",
     "lodash.clonedeep": "^4.5.0",
     "markdown-it-for-inline": "^0.1.1",
-    "regenerator-runtime": "^0.13.3",
+    "regenerator-runtime": "0.13.1",
     "template-helpers": "^1.0.1"
   },
   "devDependencies": {