[Snyk] Upgrade react-scripts from 3.2.0 to 3.4.4

[projectsmahendra]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-scripts from 3.2.0 to 3.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 11 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2020-10-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	590/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	590/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	590/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6056521	590/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	590/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	590/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	590/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	590/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	590/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	590/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-scripts

• 3.4.4 - 2020-10-20
• 3.4.3 - 2020-08-12
• 3.4.2 - 2020-08-11
• 3.4.1 - 2020-03-21
• 3.4.0 - 2020-02-14
• 3.3.1 - 2020-01-31
• 3.3.0 - 2019-12-05
• 3.3.0-next.80 - 2019-12-04
• 3.3.0-next.62 - 2019-11-14
• 3.3.0-next.39 - 2019-10-24
• 3.3.0-next.38 - 2019-10-24
• 3.2.0 - 2019-10-03

from react-scripts GitHub release notes

Commit messages

Package name: react-scripts

• d2f813f Publish
• 7641a3c Prepare 3.4.1 release
• d5b527f Update to Babel 7.9 (#8681)
• 6adb82a Add React.StrictMode to default templates (#8558)
• a452ddc Bump dependencies (#8620)
• 3f699fd Fix proxying API request docs (#8515)
• 4d26208 Use native ESLint behaviour when extending (#8276)
• 8ba0ccb Whitelist main in template.json (#8539)
• 7d3b72c Update template example in docs (#8561)
• 2030ee1 Fix optional chaining and nullish coalescing support (#8526)
• 038e6fa Widen eslint-config-react-app peer dependency versions (#7790)
• 7e6d6cd Closes webpack dev server and exits process on "end" stdin (#7203)
• af926d5 Bump pnp-webpack-plugin (#8509)
• 8b0dd54 Publish
• 5ccee88 Prepare 3.4.0 release
• e579de1 Downgrade style-loader to v0.23.1 due to CSS modules hot reload… (#8378)
• 4784997 Correct webpack name casing (#8475)
• 589b41a update open to v7.0.2 (#8459)
• 865ea05 fix(typescriptFormatter): use chalk@2 constructor (#8450)
• d45823c fix(react-scripts): do not redirect served path if request may proxy (#8442)
• eb8e7be Downgrade chalk for ie 11 support (#8439)
• 767aa18 Fixes unchecked access to 'deploy' script on build (#8292)
• cd2469e Fix navbar line break in header (#8437)
• 687c4eb Change arrow functions to function declarations (#8412)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs