[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-GETOBJECT-1054932	No	No Known Exploit
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: grunt

The new version differs by 32 commits.

• 6f49017 1.3.0
• faab6be Merge pull request #1720 from gruntjs/update-changelog-deps
• 520fedb Update Changelog and legacy-util dependency
• 7e669ac Merge pull request #1719 from gruntjs/yaml-refactor
• e350cea Switch to use `safeLoad` for loading YML files via `file.readYAML`.
• 7125f49 Merge pull request #1718 from gruntjs/legacy-log-bumo
• 00d5907 Bump legacy-log
• 3b75085 1.2.1
• ae11839 Changelog update
• 9d23cb6 Merge pull request #1715 from sibiraj-s/remove-path-is-absolute
• e789b1f Remove path-is-absolute dependency
• 27bc5d9 Merge pull request #1714 from gruntjs/release-1.2.0
• 64a3cf4 Release v1.2.0
• 0d23eff Merge pull request #1570 from bhldev/feature-options-keys
• ee70306 Merge pull request #1697 from philz/1696
• 05c0634 Merge pull request #1712 from gruntjs/fix-lint
• cdd1c19 fix lint in file.js
• bc168e3 Merge pull request #1283 from greglittlefield-wf/recognize-relative-links
• 5f16b5a Merge pull request #1675 from STRML/remove-coffeescript
• 58f80ae Merge pull request #1677 from micellius/monorepo-support
• 1f61427 Add CODE_OF_CONDUCT.md
• 4c6fcd9 Merge pull request #1709 from NotMoni/patch-1
• 169d496 add link to license
• 288ea76 add license link

See the full diff

Package name: stylelint

The new version differs by 159 commits.

• cf2f45f 13.7.0
• 797cc84 Prepare 13.7.0
• fb4287c Prepare changelog
• d725b88 Update dependencies
• 9401f56 Update CHANGELOG.md
• 2b7e8ad Deprecate *-blacklist/*-requirelist/*-whitelist (#4892)
• 181f3d9 Fix some path / glob problems (#4867)
• 3cfc658 Update CHANGELOG.md
• 0a17b64 Add a reportDescriptionlessDisables flag (#4907)
• 5446be2 Fix CHANGELOG.md format via Prettier (#4910)
• 260e743 Fix callbacks in tests (#4903)
• d0a150e Update CHANGELOG.md
• 2c4d77f Fix false positives for trailing combinator in selector-combinator-space-after (#4878)
• e2da124 Add coc-stylelint (#4901)
• fd1875d Update CHANGELOG.md
• e124033 Add support for *.cjs config files (#4905)
• 858dcd5 Add a reportDisables secondary option (#4897)
• 40e60ce Support multi-line disable descriptions (#4895)
• 03f494d faster levenshtein (#4874)
• a5b8277 Update CHANGELOG.md
• 9e1edfa Fix TypeError for custom properties fallback in length-zero-no-unit (#4860)
• 1e52251 Update CHANGELOG.md
• 53f5c18 Add autofix to *-no-vendor rules (#4859)
• 23c0e81 Bump @ stylelint/postcss-css-in-js from 0.37.1 to 0.37.2 (#4888)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic