Skip to content

[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
devpato wants to merge 1 commit into
base: main
Choose a base branch
from

fix: package.json & yarn.lock to reduce vulnerabilities

03bfe8f
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade react-scripts from 4.0.3 to 5.0.0 #52

fix: package.json & yarn.lock to reduce vulnerabilities
03bfe8f
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis required action Feb 9, 2026 in 0s

16 new issues (0 max.) of at least severity.

Annotations

Check warning on line 434 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L434 

Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)

Check warning on line 1804 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L1804 

Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)

Check failure on line 1841 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L1841 

Insecure dependency npm/@babel/[email protected] (CVE-2023-45133: babel: arbitrary code execution) (update to 7.23.2)

Check warning on line 3894 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L3894 

Insecure dependency npm/[email protected] (CVE-2021-23364: browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)) (update to 4.16.5)

Check warning on line 4357 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L4357 

Insecure dependency npm/[email protected] (CVE-2024-21538: cross-spawn: regular expression denial of service) (update to 7.0.5)

Check warning on line 7442 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7442 

Insecure dependency npm/[email protected] (CVE-2022-37599: loader-utils: regular expression denial of service in interpolateName.js) (update to 2.0.4)

Check failure on line 7442 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7442 

Insecure dependency npm/[email protected] (CVE-2022-37601: loader-utils: prototype pollution in function parseQuery in parseQuery.js) (update to 2.0.3)

Check warning on line 7442 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7442 

Insecure dependency npm/[email protected] (CVE-2022-37603: loader-utils: Regular expression denial of service) (update to 2.0.4)

Check warning on line 7512 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7512 

Insecure dependency npm/[email protected] (CVE-2025-13465: lodash: prototype pollution in _.unset and _.omit functions) (update to 4.17.23)

Check warning on line 7691 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7691 

Insecure dependency npm/[email protected] (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)

Check failure on line 7712 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L7712 

Insecure dependency npm/[email protected] (CVE-2021-44906: minimist: prototype pollution) (update to 1.2.6)

Check warning on line 8765 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L8765 

Insecure dependency npm/[email protected] (CVE-2023-44270: PostCSS: Improper input validation in PostCSS) (update to 8.4.31)

Check warning on line 9501 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L9501 

Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 5.7.2)

Check warning on line 9516 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L9516 

Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)

Check warning on line 10668 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L10668 

Insecure dependency npm/[email protected] (CVE-2025-30359: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)

Check warning on line 10668 in yarn.lock

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

yarn.lock#L10668 

Insecure dependency npm/[email protected] (CVE-2025-30360: webpack-dev-server: webpack-dev-server information exposure) (update to 5.2.1)
View more details on Codacy Production