[Snyk] Upgrade react-scripts from 3.3.0 to 3.4.4

[snyk-bot]

Snyk has created this PR to upgrade react-scripts from 3.3.0 to 3.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-10-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-598677	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-HAPIHOEK-548452	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-DOTPROP-543489	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-scripts

• 3.4.4 - 2020-10-20
• 3.4.3 - 2020-08-12
• 3.4.2 - 2020-08-11
• 3.4.1 - 2020-03-21
• 3.4.0 - 2020-02-14
• 3.3.1 - 2020-01-31
• 3.3.0 - 2019-12-05

from react-scripts GitHub release notes

Commit messages

Package name: react-scripts

• d2f813f Publish
• 7641a3c Prepare 3.4.1 release
• d5b527f Update to Babel 7.9 (ACW not working centreon/centreon-archived#8681)
• 6adb82a Add React.StrictMode to default templates (enh(host configuration): Added new methods to manage the host configuration centreon/centreon-archived#8558)
• a452ddc Bump dependencies (fix(upgrade): use the final URL for the release notes centreon/centreon-archived#8620)
• 3f699fd Fix proxying API request docs (enh(secu): update composer dependencies centreon/centreon-archived#8515)
• 4d26208 Use native ESLint behaviour when extending (MON-4737 enh(core): split gorgone configuration in different files centreon/centreon-archived#8276)
• 8ba0ccb Whitelist main in template.json (Update prerequisites.rst centreon/centreon-archived#8539)
• 7d3b72c Update template example in docs (fix(ui): allow to order events view by duration centreon/centreon-archived#8561)
• 2030ee1 Fix optional chaining and nullish coalescing support (feat(api): Add details_endpoint property to resource list endpoint centreon/centreon-archived#8526)
• 038e6fa Widen eslint-config-react-app peer dependency versions (Multiple "CURLCOOKIE" file in /tmp dir centreon/centreon-archived#7790)
• 7e6d6cd Closes webpack dev server and exits process on "end" stdin (enh(doc): describe directory of XML files for partitioning centreon/centreon-archived#7203)
• af926d5 Bump pnp-webpack-plugin (Actions based on ACL not available in custom view more actions menu (Schedule immediate check for host) centreon/centreon-archived#8509)
• 8b0dd54 Publish
• 5ccee88 Prepare 3.4.0 release
• e579de1 Downgrade style-loader to v0.23.1 due to CSS modules hot reload… (fix(doc): fix scrollbar issue in API documentation centreon/centreon-archived#8378)
• 4784997 Correct webpack name casing (Mon 4791 bulk actions ack downtime centreon/centreon-archived#8475)
• 589b41a update open to v7.0.2 (fix(UI): Poller and Remote server wizard render looks broken centreon/centreon-archived#8459)
• 865ea05 fix(typescriptFormatter): use chalk@2 constructor (fix(config): fix gorgone config generation for poller not using remote as proxy centreon/centreon-archived#8450)
• d45823c fix(react-scripts): do not redirect served path if request may proxy (feat(api): Shorter syntax for search request on resources centreon/centreon-archived#8442)
• eb8e7be Downgrade chalk for ie 11 support (enh(anomalydetection): add lua parameters from options table centreon/centreon-archived#8439)
• 767aa18 Fixes unchecked access to 'deploy' script on build (Export clapi duplicates contacts centreon/centreon-archived#8292)
• cd2469e Fix navbar line break in header (fix(api): Resource::list return empty list if the regex is not valid centreon/centreon-archived#8437)
• 687c4eb Change arrow functions to function declarations (fix(api): fix options retrieval issue centreon/centreon-archived#8412)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs