Upgrade react-script to pull in newer version of node-forge to fix security related issues

awslabs / aws-api-gateway-developer-portal

A Serverless Developer Portal for easily publishing and cataloging APIs

Apache License 2.0

924 stars 399 forks source link

Upgrade react-script to pull in newer version of node-forge to fix security related issues #552

Closed DroolingPanda closed 2 years ago

DroolingPanda commented 2 years ago

Issue #, if available:

Description of changes: Fix security issues related to node-forge. node-forge is a dependency pulled in by react-scripts, the security fix is in node-forge v1.3.0 which is available in react-scripts v5.0.0. Also includes other medium security fixes run by npm audit fix

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.