#6600 closed enhancement (fixed)
Update grunt-contrib-uglify to 0.9.2
Reported by: | netweb | Owned by: | djpaul |
---|---|---|---|
Milestone: | 2.4 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Build/Test Tools | Keywords: | has-patch commit |
Cc: |
Description
Via #WP33533
Updated grunt-contrib-uglify
version 0.9.2
includes an update to UglifyJS, which fixes a bug that can cause logic bugs to be introduced into minified JS.
Ref: https://zyan.scripts.mit.edu/blog/backdooring-js/
Update grunt-contrib-uglify
to v0.9.2
Changelog: https://github.com/gruntjs/grunt-contrib-uglify/compare/v0.9.1...v0.9.2
UglifyJS Changelog: https://github.com/mishoo/UglifyJS2/compare/v2.4.23...v2.4.24
Note: BuddyPress' current compiled/minified JS is not affected, tested via comparing JS files in /build
before and after.
In 10228: