create-react-microservice
create-react-microservice copied to clipboard
ImmoweltGroup
TASK: Update dependency react-dev-utils to v11 [SECURITY]
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| react-dev-utils | 5.0.3 -> 11.0.4 |
GitHub Vulnerability Alerts
CVE-2021-24033
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoked with user-provided values (ie: by custom code) is there the potential for command injection. If you're consuming it from react-scripts then this issue does not affect you.
Release Notes
facebook/create-react-app (react-dev-utils)
v11.0.3
v11.0.2
v11.0.1
v11.0.0
v10.2.1
v10.2.0
v10.1.0
v10.0.0
v9.1.0
v9.0.4
v9.0.3
v9.0.2
v9.0.1
v9.0.0
v8.0.0
v7.0.5
v7.0.4
v7.0.3
v7.0.2
v7.0.1
v7.0.0
v6.1.1
v6.0.4
v6.0.3
v6.0.2
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}