Fix security issue in developer tools breaking the build

[tanx]

The build is currently breaking due to a vuln in our development tools: https://travis-ci.org/lightninglabs/lightning-app/jobs/452958355#L857-L871

=== npm audit security report ===                        
                                                                                
# Run  npm install react-scripts@2.1.1  to resolve 1 vulnerability
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Missing Origin Validation                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ webpack-dev-server                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ react-scripts                                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ react-scripts > webpack-dev-server                           │
├───────────────┼─���────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/725                       │
└───────────────┴──────────────────────────────────────────────────────────────┘

[valentinewallace]

I think this is new problem, hopefully this stack overflow question gets traction.

[tanx]

I tried to resolve the issue. But we'd have to upgrade to react-scripts@2.x.x and that breaks the build. Haven't been able to get it to work yet. I created an issue here facebook/create-react-app#5777

[Waseemrajashaik]

solution for this issue please ???

[tanx]

The vulnerability is apparently that an adversary could see your source code when running webpack-dev-server. For an open source project like ours not a critical issue. But we'll definitely fix this when we upgrade create-react-app..

[Waseemrajashaik]

Thanks, @tanx. waiting for the fix 😄