[CVE] Resolves grunt to 1.5.3 #1580
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Addresses CVE-2022-1537 Issue: opensearch-project#1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com>
kavilla
force-pushed
the
avillk/bump_grunt
branch
from
55edb91
to
2e4a4cd
Compare
kavilla
added
backport 2.x
backport 2.0
v2.0.0
cve
|
Do we want to bump the defined dependencies? OpenSearch-Dashboards/package.json Line 374 in 0afba22 |
Good point. I'd rather go this route otherwise I won't backport to 2.0. Plus they have compatible with version |
Yeah agreed, just wanted to make sure we considered that. |
tmarkley
approved these changes
May 11, 2022
ashwin-pc
approved these changes
May 13, 2022
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
May 13, 2022
Addresses CVE-2022-1537 Issue: #1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com> (cherry picked from commit 1792662)
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
May 13, 2022
Addresses CVE-2022-1537 Issue: #1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com> (cherry picked from commit 1792662)
tmarkley
pushed a commit
that referenced
this pull request
May 17, 2022
Addresses CVE-2022-1537 Issue: #1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com> (cherry picked from commit 1792662)
tmarkley
pushed a commit
that referenced
this pull request
May 17, 2022
Addresses CVE-2022-1537 Issue: #1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com> (cherry picked from commit 1792662)
kavilla
added a commit
to kavilla/OpenSearch-Dashboards-1
that referenced
this pull request
Jun 8, 2022
Addresses CVE-2022-1537 Issue: opensearch-project#1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com>
kavilla
added a commit
to kavilla/OpenSearch-Dashboards-1
that referenced
this pull request
Jun 16, 2022
Addresses CVE-2022-1537 Issue: opensearch-project#1579 Signed-off-by: Kawika Avilla <kavilla414@gmail.com>
ananzh
added a commit
to ananzh/OpenSearch-Dashboards
that referenced
this pull request
Mar 29, 2023
Main bump grunt via this PR: opensearch-project#1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Signed-off-by: Anan Zhuang <ananzh@amazon.com>
ananzh
added a commit
to ananzh/OpenSearch-Dashboards
that referenced
this pull request
Mar 29, 2023
Main bump grunt via this PR: opensearch-project#1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Signed-off-by: Anan Zhuang <ananzh@amazon.com>
ananzh
added a commit
to ananzh/OpenSearch-Dashboards
that referenced
this pull request
Mar 29, 2023
Main bump grunt via this PR: opensearch-project#1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: opensearch-project#1579 opensearch-project#1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com>
8 tasks
ananzh
added a commit
to ananzh/OpenSearch-Dashboards
that referenced
this pull request
Mar 29, 2023
Main bump grunt via this PR: opensearch-project#1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: opensearch-project#1579 opensearch-project#1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com>
ananzh
added a commit
to ananzh/OpenSearch-Dashboards
that referenced
this pull request
Mar 29, 2023
Main bump grunt via this PR: opensearch-project#1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: opensearch-project#1579 opensearch-project#1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com>
ananzh
added a commit
to ananzh/OpenSearch-Dashboards
that referenced
this pull request
Mar 30, 2023
Main bump grunt via this PR: opensearch-project#1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: opensearch-project#1579 opensearch-project#1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com>
joshuarrrr
added a commit
that referenced
this pull request
Mar 31, 2023
) Main bump grunt via this PR: #1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: #1579 #1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com> Co-authored-by: Josh Romero <rmerqg@amazon.com>
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Jun 28, 2023
) Main bump grunt via this PR: #1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: #1579 #1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com> Co-authored-by: Josh Romero <rmerqg@amazon.com> (cherry picked from commit 65deacb) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md
ashwin-pc
pushed a commit
that referenced
this pull request
Jun 30, 2023
) (#4435) Main bump grunt via this PR: #1580 In 1.x, bump grunt is different because v1.5.3 requires node>=8 and no breaking changes. This is the latest version with no node conflicts. grunt requires node>=16 sincev1.6.0 . Therefore, we should be very specific and limit the bump range. Issue Resolve: #1579 #1450 Signed-off-by: Anan Zhuang <ananzh@amazon.com> Co-authored-by: Josh Romero <rmerqg@amazon.com> (cherry picked from commit 65deacb) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Addresses CVE-2022-1537
Signed-off-by: Kawika Avilla kavilla414@gmail.com
Issues Resolved
#1579
Check List
yarn test:jestyarn test:jest_integrationyarn test:ftr