fix: update react-scripts to 3.0.1

[jsjoeio]

Problem

I didn't realize till after the fact there's a security vulnerability due to some lodash issues in the babel dependencies. react-scripts v3.0.1 fixes those.

Approach

I first tested it by using create-react-hook then manually upgrading react-scripts in both the root and the example and it seemed to work. I also tested starting the example with the SKIP_PREFLIGHT_CHECK=true in the .env commented out to see if I could fix all the errors.

Solution

I was able to do so by updating the following dependencies:

• react-scripts@3.0.0 => 3.0.1
• babel-eslint@10.0.0 => 10.0.1
• eslint@5.6.0 => 5.16.0

I tested this locally and everything seems to be working (tested default template with npm).

Notes

My thought is to still leave the .env in there just in case (doesn't hurt, right?).

Thoughts? 👍

P.S. - here is the demo code for the egghead course :) I'm going to be doing a livestream on Friday at 3pm MST.

[Hermanya]

Good catch! Thank you for upgrading these. Create-react-hook@2.6.18 is now up.

Regarding the .env, I think it's okay to leave it in 😄

Good luck on your live stream 👍

[Hermanya]

@jsjoeio I have recently read this thread facebook/react#15791 (comment) and over there Ryan Florence makes a point against the idea behind use-click-outside.

[jsjoeio]

@Hermanya thanks for meeting this so quickly and fixing the lock file!

And thanks for tagging me on that! Looks like I may need to rewrite some of the course material. I really appreciate you sharing that. Cheers!