grunt icon indicating copy to clipboard operation
grunt copied to clipboard

Published 20 hours ago verified publisher icon gruntjs

underscore.string vulnerability

Open shades3002 opened this issue 6 years ago • 2 comments

grunt -> grunt-legacy-util ->

Upgrade underscore.string to version 3.3.5 or later. For example:

"dependencies": { "underscore.string": ">=3.3.5" }

shades3002 avatar Jul 08 '19 12:07 shades3002

This issue should be created at grunt-legacy-util repo. It can't be done in this repo

ydegtyar avatar Oct 27 '20 17:10 ydegtyar

grunt 1.3.0 uses grunt-legacy-util ~2.0.0, which uses underscore.string ~3.3.5. This issue should be closed. (cc: @vladikoff)

silviuburceadev avatar Mar 19 '21 11:03 silviuburceadev

Duplicate of https://github.com/gruntjs/grunt/issues/1664.

Krinkle avatar Jun 10 '24 00:06 Krinkle