Address npm vulnerabilities (digital-asset#9978)

Nothing sensible we can do about ws than force a newer version. It’s pulled in via transitive deps that don’t have newer versions yet. For glob-parent we can do something more sensible by bumping grunt-browserify. changelog_begin changelog_end
TuranDev · Jun 14, 2021 · 85667af · 85667af
1 parent d7d6e37
commit 85667af
Show file tree

Hide file tree

Showing 2 changed files with 353 additions and 223 deletions.
diff --git a/package.json b/package.json
@@ -17,7 +17,7 @@
     "express-session": "^1.15.6",
     "grunt": "^1.4.0",
     "grunt-banner": "0.6.0",
-    "grunt-browserify": "5.3.0",
+    "grunt-browserify": "6.0.0",
     "grunt-cli": "^1.4.2",
     "grunt-contrib-clean": "2.0.0",
     "grunt-contrib-connect": "2.0.0",
@@ -37,5 +37,8 @@
   "devDependencies": {
     "@bazel/hide-bazel-files": "1.7.0",
     "@bazel/typescript": "3.4.2"
+  },
+  "resolutions": {
+      "ws": "^7.4.6"
   }
 }