Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #26

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

fix: package.json & yarn.lock to reduce vulnerabilities

202b324
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #26

fix: package.json & yarn.lock to reduce vulnerabilities
202b324
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis required action Oct 24, 2024 in 0s

8 new issues (0 max.) of at least minor severity.

Annotations

Check failure on line 1836 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L1836

Insecure dependency @babel/traverse@7.12.17 (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)

Check warning on line 3859 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L3859

Insecure dependency browserslist@4.16.3 (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)

Check failure on line 7362 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7362

Insecure dependency loader-utils@2.0.0 (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)

Check failure on line 7606 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7606

Insecure dependency minimatch@3.0.4 (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)

Check failure on line 7634 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7634

Insecure dependency minimist@1.2.5 (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)

Check warning on line 8700 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L8700

Insecure dependency postcss@7.0.39 (CVE-2023-44270: An issue was discovered in PostCSS before 8.4.31. The vulnerability af ...) (update to 8.4.31)

Check failure on line 9446 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L9446

Insecure dependency semver@5.7.1 (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)

Check failure on line 9461 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L9461

Insecure dependency semver@7.3.4 (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)