[Snyk] Security upgrade react-scripts from 3.4.3 to 4.0.0

[ryanhefner]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • examples/circles/package.json
  • examples/circles/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-IMMER-1019369	Yes	Proof of Concept
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	753/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: react-scripts

The new version differs by 125 commits.

• ed95893 Publish
• 88ca4f6 Prepare 4.0.0 release
• d23d615 Update react dom in error overlay
• 95265c3 Update CHANGELOG
• 523b416 Add link to Open Collective (#9864)
• af616ab Update CHANGELOG
• 014ca01 Prepare 4.0.0 release
• 2b1161b Pass JSX runtime setting to Babel preset in Jest config (#9865)
• f2aef41 Prepare 4.0.0 alpha release
• 4bc639c Upgrade to React 17 (#9863)
• d61347d Use new JSX setting with TypeScript 4.1.0 (#9734)
• e63de79 New JSX Transform opt out (#9861)
• fe785b2 feat: Update all dependencies (#9857)
• 85ab02b feat: remove unused React imports (#9853)
• 329f392 feat: Update ESLint dependencies (#9856)
• 10fa972 feat(eslint-config-react-app): Add jest & testing-library rules (#8963)
• ed919b1 Make eslint-plugin-jest an optional peerDependency (#9670)
• 0a93e32 Fix refreshOverlayInterop module scope error (#9805)
• 7965594 Bump resolve-url-loader version (#9841)
• b1f8536 Add 3.4.4 to the changelog
• d07b7d0 Replace deprecated eslint-loader with eslint-webpack-plugin (#9751)
• 6f3e32e Upgrade Docusaurus to latest version (#9728)
• 1f2d387 fix: resolve new JSX runtime issues (#9788)
• 6a51dcd Add AVIF image support (#9611)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[coveralls]

Pull Request Test Coverage Report for Build 0be1a761-4082-41d3-b2fc-f8a248e1e46f

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 26.699%

---

Totals
Change from base Build 06f35b37-68ec-4c45-8892-04c2a663eac5:	0.0%
Covered Lines:	40
Relevant Lines:	133

---

💛 - Coveralls