Op wo 7 dec. 2016 om 21:46 schreef Piotr Popieluch <piotr1212@gmail.com>:

Op wo 7 dec. 2016 10:02 schreef Christopher <ctubbsii@fedoraproject.org>:
Is there an alternative or workaround for packages which require this fix? There's a potential XSS vulnerability in jquery I'd like to patch... but can't if I can't get a successful build. If the fix cannot be backported to F24, can grunt be downgraded to the last working version in F24?

I think the issue was that grunt was not compatible with the updated lodash. Updating grunt makes more sense than downgrading lodash.

Following packages need to be updated:
nodejs-figures
nodejs-maxmin
nodejs-grunt
nodejs-grunt-cli
nodejs-grunt-legacy-log
nodejs-grunt-legacy-log-utils
nodejs-grunt-legacy-util

Some more packages needed updates. I think I got everything built and created all needed buildroot overrides.

js-jquery1 scratch build succeeds now, please check if you can build the update now:
koji.fedoraproject.org/koji/taskinfo?taskID=16847838