Package versions fyi

[I-keep-trying]

Hi, I am so happy to find this course and repo! I just started it but so far, it's exactly what I need, thank you for making it free. :)

I just wanted to give you a heads up: When I cloned & installed the package as it is now, with the versions you have now, npm gave me a vulnerability report with some high severity issues. That's not uncommon, and usually easy to fix by just updating the versions of the individual packages; however, I learned that updating react-router and react-router-dom to the latest version (5.1.2) breaks the app.

I tested rolling back versions of everything until I found that you can still get rid of the vulnerability warnings by updating react, react-dom, and react-redux, (to be fair, I'm not sure if redux has to be updated in order to avoid the warning) but keeping react-router and react-router-dom at the previous version (4.3.1), and the app still works.

So my version of your app package.json that works, and has no warnings, looks like this:

  "dependencies": {
    "auth0-js": "^9.11.3",
    "axios": "^0.19.0",
    "history": "^4.10.1",
    "react": "^16.12.0",
    "react-dom": "^16.12.0",
    "react-redux": "^6.0.0",
    "react-router": "^4.3.1",
    "react-router-dom": "^4.3.1",
    "react-scripts": "3.2.0",
    "redux": "^4.0.4"
  },
  "devDependencies": {
    "redux-devtools-extension": "^2.13.7"
  },

Just thought you'd like to know.