Krinkle
commented
2 months ago There does not appear to be any audit warning on a clean install of grunt-cli@1.3.x nor grunt-cli@1.4.2.
I suggest using npm audit fix, or removing your package-lock.json file and re-running npm install. If you still see it, make sure you are using "grunt-cli": "~1.4.2" or "grunt": "~1.6.1" in your package.json file.
GitHub reports that the version of lodash found in the dependency tree of grunt-cli is vulnerable. Please update, or even remove, the affected dependencies in order to resolve the alerts.