Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 1.3] [CVE-2022-1537][CVE-2022-0436][1.x]bump grunt from 1.4.1 to 1.5.3 #4435

Merged
merged 1 commit into from
Jun 30, 2023
Merged

[Backport 1.3] [CVE-2022-1537][CVE-2022-0436][1.x]bump grunt from 1.4.1 to 1.5.3 #4435

merged 1 commit into from
Jun 30, 2023

Conversation

opensearch-trigger-bot[bot]
Copy link
Contributor

Backport 65deacb from #3723.

@github-actions
[CVE-2022-1537][CVE-2022-0436][1.x]bump grunt from 1.4.1 to 1.5.3 (#3723
4081cac 
)

Main bump grunt via this PR:
 #1580

In 1.x, bump grunt is different because v1.5.3 requires node>=8
and no breaking changes. This is the latest version with no node
conflicts.  grunt requires node>=16 sincev1.6.0 . Therefore, we
should be very specific and limit the bump range.

Issue Resolve:
#1579
#1450

Signed-off-by: Anan Zhuang <[email protected]>
Co-authored-by: Josh Romero <[email protected]>
(cherry picked from commit 65deacb)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

# Conflicts:
#	CHANGELOG.md
@opensearch-trigger-bot opensearch-trigger-bot bot added the cve Security vulnerabilities detected by Dependabot or Mend label Jun 28, 2023
@opensearch-trigger-bot opensearch-trigger-bot bot added autocut Skip the changelog verification check on backports v1.3.10 labels Jun 28, 2023
@codecov
Copy link

codecov bot commented Jun 29, 2023
edited
Loading

Codecov Report

Merging #4435 (4081cac) into 1.3 (4df4639) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##              1.3    #4435   +/-   ##
=======================================
  Coverage   67.50%   67.50%           
=======================================
  Files        3044     3044           
  Lines       58692    58692           
  Branches     8902     8902           
=======================================
  Hits        39619    39619           
  Misses      16925    16925           
  Partials     2148     2148
Flag Coverage Δ
Linux 67.45% <ø> (-0.01%) ⬇️
Windows 67.45% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@ashwin-pc ashwin-pc merged commit 982c83b into 1.3 Jun 30, 2023
@github-actions github-actions bot deleted the backport/backport-3723-to-1.3 branch June 30, 2023 01:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ananzh ananzh ananzh approved these changes

@ashwin-pc ashwin-pc ashwin-pc approved these changes

@kavilla kavilla Awaiting requested review from kavilla kavilla is a code owner

@seanneumann seanneumann Awaiting requested review from seanneumann

@AMoo-Miki AMoo-Miki Awaiting requested review from AMoo-Miki AMoo-Miki is a code owner

@joshuarrrr joshuarrrr Awaiting requested review from joshuarrrr joshuarrrr is a code owner

@abbyhu2000 abbyhu2000 Awaiting requested review from abbyhu2000 abbyhu2000 is a code owner

@zengyan-amazon zengyan-amazon Awaiting requested review from zengyan-amazon zengyan-amazon is a code owner

@kristenTian kristenTian Awaiting requested review from kristenTian

@zhongnansu zhongnansu Awaiting requested review from zhongnansu zhongnansu is a code owner

@manasvinibs manasvinibs Awaiting requested review from manasvinibs manasvinibs is a code owner

@ZilongX ZilongX Awaiting requested review from ZilongX ZilongX is a code owner

@Flyingliuhub Flyingliuhub Awaiting requested review from Flyingliuhub Flyingliuhub is a code owner

Assignees
No one assigned
Labels
autocut Skip the changelog verification check on backports cve Security vulnerabilities detected by Dependabot or Mend v1.3.10 v1.3.12
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ashwin-pc @ananzh