You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
I am encountering a persistent vulnerability issue with react-scripts related to the nth-check package. Despite making multiple attempts to update the dependencies manually and exploring various resolutions, the vulnerability warning remains.
NPM Audit Output:
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - GHSA-rp65-9cf3-cjxr
fix available via npm audit fix --force
Will install react-scripts@2.1.3, which is a breaking change
node_modules/react-scripts/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/react-scripts/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/react-scripts/node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/react-scripts/node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/react-scripts/node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
node_modules/react-scripts
Steps to Reproduce:
Updated to the latest version of react-scripts.
Ran npm audit, revealing the vulnerability issue related to nth-check.
Attempted to manually update dependencies and force resolutions.
Checked again with npm audit, but the vulnerability warning persisted.
Expected Behavior:
The dependencies, especially nth-check, should be up-to-date, ensuring no vulnerabilities when executing npm audit.
Additional Context:
I made attempts to resolve this by updating individual packages and also using the npm-force-resolutions package. Unfortunately, the vulnerability continues to persist.
Seeking guidance or a potential fix for this vulnerability. Thank you for your assistance!
The text was updated successfully, but these errors were encountered:
Environment:
Description:
I am encountering a persistent vulnerability issue with
react-scripts
related to thenth-check
package. Despite making multiple attempts to update the dependencies manually and exploring various resolutions, the vulnerability warning remains.NPM Audit Output:
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - GHSA-rp65-9cf3-cjxr
fix available via npm audit fix --force
Will install react-scripts@2.1.3, which is a breaking change
node_modules/react-scripts/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/react-scripts/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/react-scripts/node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/react-scripts/node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/react-scripts/node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
node_modules/react-scripts
Steps to Reproduce:
react-scripts
.npm audit
, revealing the vulnerability issue related tonth-check
.npm audit
, but the vulnerability warning persisted.Expected Behavior:
The dependencies, especially
nth-check
, should be up-to-date, ensuring no vulnerabilities when executingnpm audit
.Additional Context:
I made attempts to resolve this by updating individual packages and also using the
npm-force-resolutions
package. Unfortunately, the vulnerability continues to persist.Seeking guidance or a potential fix for this vulnerability. Thank you for your assistance!
The text was updated successfully, but these errors were encountered: