package: bump all module versions

[mvidalgarcia]

Many vulnerabilities found: https://github.com/reanahub/reana-ui/security/dependabot

Two dependabot PRs

• build(deps): bump tmpl from 1.0.4 to 1.0.5 in /reana-ui #202
• build(deps): bump axios from 0.21.1 to 0.24.0 in /reana-ui #203

[mvidalgarcia]

Most of the vulnerabilities were solved, but there are still some. All of them (or almost all), are related to react-scripts version. We need to upgrade to 5.0.0 to solve them.

I had tried myself to upgrade it but yarn start is failing, so some research is needed there.

[mvidalgarcia]

It seems that craco is still not 100% compatible with create-react-app v5 and hence with react-scripts 5.0.0. I've made some progress by updating the following packages but it still fails on yarn start.

diff --git a/reana-ui/package.json b/reana-ui/package.json
index 93321c2..0edece6 100644
--- a/reana-ui/package.json
+++ b/reana-ui/package.json
@@ -16,12 +16,12 @@
     "react-minimal-pie-chart": "^8.0.1",
     "react-redux": "^7.1.1",
     "react-router-dom": "^5.1.2",
-    "react-scripts": "^4.0.0",
+    "react-scripts": "^5.0.0",
     "redux": "^4.0.4",
     "redux-devtools-extension": "^2.13.8",
     "redux-thunk": "^2.3.0",
     "semantic-ui-css": "^2.4.1",
-    "semantic-ui-react": "^0.88.2"
+    "semantic-ui-react": "^2.0.0"
   },
   "scripts": {
     "analyze": "source-map-explorer 'build/static/js/*.js'",
@@ -44,7 +44,8 @@
   },
   "devDependencies": {
     "@craco/craco": "^6.0.0",
-    "@semantic-ui-react/craco-less": "^1.2.1",
+    "@semantic-ui-react/craco-less": "^2.0.0",
+    "babel-eslint": "^10.1.0",
     "craco-alias": "^2.1.1",
     "eslint-config-prettier": "^6.5.0",
     "eslint-config-react-app": "^5.2.0",

Related issues:

• CSS import breaks webpack 5 compilation Semantic-Org/Semantic-UI-React#4287
• CSS import breaks webpack 5 compilation Semantic-Org/Semantic-UI-CSS#75