From 1afb15cdbd233619b0a3be7db228e5729f09725f Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Wed, 15 Apr 2026 09:40:26 +0300
Subject: [PATCH 1/2] CVE-2026-27903 CVE-2026-27904 CVE-2026-26996 UI: update
 grunt to 1.6.2 to address vulnerabilities

---
 openidm-ui/openidm-ui-admin/package.json   | 2 +-
 openidm-ui/openidm-ui-api/package.json     | 2 +-
 openidm-ui/openidm-ui-common/package.json  | 2 +-
 openidm-ui/openidm-ui-enduser/package.json | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/openidm-ui/openidm-ui-admin/package.json b/openidm-ui/openidm-ui-admin/package.json
index aab1e6e36f..a862a5467f 100644
--- a/openidm-ui/openidm-ui-admin/package.json
+++ b/openidm-ui/openidm-ui-admin/package.json
@@ -16,7 +16,7 @@
     "babel-preset-es2015": "^6.18.0",
     "eslint": "1.10.3",
     "eslint-formatter-warning-summary": "1.0.1",
-    "grunt": ">=1.5.3",
+    "grunt": "1.6.2",
     "grunt-babel": "6.0.0",
     "grunt-cli": "1.2.0",
     "grunt-contrib-copy": "1.0.0",
diff --git a/openidm-ui/openidm-ui-api/package.json b/openidm-ui/openidm-ui-api/package.json
index 34e70225fd..0de3d2e095 100644
--- a/openidm-ui/openidm-ui-api/package.json
+++ b/openidm-ui/openidm-ui-api/package.json
@@ -3,7 +3,7 @@
   "version": "0.0.2",
   "private": true,
   "devDependencies": {
-    "grunt": ">=1.5.3",
+    "grunt": "1.6.2",
     "grunt-cli": "1.2.0",
     "grunt-contrib-copy": "1.0.0",
     "swagger-ui-dist": "^5.17.14"
diff --git a/openidm-ui/openidm-ui-common/package.json b/openidm-ui/openidm-ui-common/package.json
index 1a7270c723..008c703cbe 100644
--- a/openidm-ui/openidm-ui-common/package.json
+++ b/openidm-ui/openidm-ui-common/package.json
@@ -13,7 +13,7 @@
     "babel-plugin-transform-es2015-template-literals": "^6.8.0",
     "eslint": "1.10.3",
     "eslint-formatter-warning-summary": "1.0.1",
-    "grunt": ">=1.5.3",
+    "grunt": "1.6.2",
     "grunt-cli": "1.2.0",
     "grunt-eslint": "17.3.2"
   }
diff --git a/openidm-ui/openidm-ui-enduser/package.json b/openidm-ui/openidm-ui-enduser/package.json
index 378d361e8d..05b562bc36 100644
--- a/openidm-ui/openidm-ui-enduser/package.json
+++ b/openidm-ui/openidm-ui-enduser/package.json
@@ -16,7 +16,7 @@
     "babel-preset-es2015": "^6.18.0",
     "eslint": "1.10.3",
     "eslint-formatter-warning-summary": "1.0.1",
-    "grunt": ">=1.5.3",
+    "grunt": "1.6.2",
     "grunt-babel": "6.0.0",
     "grunt-cli": "1.2.0",
     "grunt-contrib-copy": "1.0.0",

From 092a92669ab512b418c27a9748fe84f0eb311bf8 Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Wed, 15 Apr 2026 09:41:24 +0300
Subject: [PATCH 2/2] CVE-2026-27903 CVE-2026-27904 CVE-2026-26996 UI: update
 grunt to 1.6.2 to address vulnerabilities

---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 805240230b..d7227ca04d 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ name: Build
 
 on:
   push:
-    branches: [ 'sustaining/6.3.x','master' ]
+    branches: [ 'sustaining/6.3.x','master', 'issues/**', 'features/**' ]
   pull_request:
 jobs:
   build-maven: