Upgrading vulnerable component- css-what@3.4.2 in react-scripts@5.0.0 #12119
Unanswered
im-deepakk
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello All - react-scripts@5.0.0 has a dependency on @svgr/webpack@5.5.0 which has the vulnerable component like css-what and nth-check. Was wondering if there is plan to upgrade @svgr/webpack@5.5.0 to @svgr/webpack@6.*
https://security.snyk.io/vuln/SNYK-JS-CSSWHAT-1298035
+-- react-scripts@5.0.0
| +-- @svgr/webpack@5.5.0
| |
-- @svgr/plugin-svgo@5.5.0 | |
-- svgo@1.3.2| |
-- css-select@2.1.0 | |
-- css-what@3.4.2Beta Was this translation helpful? Give feedback.
All reactions