Replies: 1 comment 1 reply
-
|
Ejecting is just not good enough when there is the vulnerable react-scripts. We need to npm uninstall react-scripts and then do something like install webpack, which is a hassle but now we don't have vulnerabilities anymore. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
So what you are suggesting is to go for eject and fix vulnerabilities? Also, I see https://github.com/facebook/create-react-app/blob/main/packages/react-scripts/package.json. Most of the fixes are already there in the repo, just not part of npm registered "react-scripts" |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Updation of various packages like:
Jest 27x
ansi-html
ansi-regex
browserslist
css-what
einaros/ws
glob-parent
immer
node-shell-quote
nth-check
semver-regex
set-value
sindresorhus/normalize-url
Beta Was this translation helpful? Give feedback.
All reactions