Skip to content

[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
devpato wants to merge 1 commit into
base: main
Choose a base branch
from

fix: package.json & yarn.lock to reduce vulnerabilities

9c2da9b
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #29

fix: package.json & yarn.lock to reduce vulnerabilities
9c2da9b
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis required action Dec 12, 2024 in 0s

9 new issues (0 max.) of at least minor severity.

Annotations

Check failure on line 1818 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L1818 

Insecure dependency @babel/[email protected] (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)

Check warning on line 3852 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L3852 

Insecure dependency [email protected] (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)

Check failure on line 4314 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L4314 

Insecure dependency npm/[email protected] (CVE-2024-21538: cross-spawn: regular expression denial of service) (update to 7.0.5)

Check failure on line 7400 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7400 

Insecure dependency [email protected] (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)

Check failure on line 7649 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7649 

Insecure dependency [email protected] (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)

Check failure on line 7677 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7677 

Insecure dependency [email protected] (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)

Check warning on line 8741 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L8741 

Insecure dependency [email protected] (CVE-2023-44270: An issue was discovered in PostCSS before 8.4.31. The vulnerability af ...) (update to 8.4.31)

Check failure on line 9496 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L9496 

Insecure dependency [email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)

Check failure on line 9511 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L9511 

Insecure dependency [email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)
View more details on Codacy Production