Skip to content

Commit

Permalink
fix: Resolve react-scripts-related vulnerability by applying package …
Browse files Browse the repository at this point in the history 
…overrides

- Moved `react-scripts` to `devDependencies` to mitigate dependency conflict with `nth-check`.
- Applied overrides to update `nth-check` to a non-vulnerable version (>=2.0.2).
- Updated `postcss` to match the required version (>=8.4.31) in `react-scripts`.
- Adjusted package-lock.json to remove old references to vulnerable packages.

Ref: facebook/create-react-app#11174
  • Loading branch information
@do0ori
do0ori committed Oct 6, 2024
1 parent 605d523 commit 81a3043
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 34 deletions.
32 changes: 0 additions & 32 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 10 additions & 2 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,11 +52,19 @@
"eslint-plugin-react": "^7.37.0",
"eslint-plugin-tailwindcss": "^3.17.4",
"globals": "^15.9.0",
"postcss": ">=8.4.31",
"postcss": "^8.4.47",
"prettier": "^3.3.3",
"prettier-plugin-tailwindcss": "^0.6.8",
"tailwindcss": "^3.4.13",
"typescript-eslint": "^8.7.0"
},
"homepage": "http://do0ori.github.io/visual-timer"
"homepage": "http://do0ori.github.io/visual-timer",
"overrides": {
"svgo": {
"nth-check": ">=2.0.2"
},
"react-scripts": {
"postcss": ">=8.4.31"
}
}
}

0 comments on commit 81a3043

Please sign in to comment.