search

facebook / create-react-app

Set up a modern web app by running one command.
https://create-react-app.dev
MIT License
102.71k stars 26.85k forks source link

6 high severity vulnerabilities #12912

Open Abira-BS opened 1 year ago

Abira-BS commented 1 year ago

Describe the bug

when I create a New Project and install react-scripts automatically come 6 high severity vulnerabilities

Environment

npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility npm WARN deprecated rollup-plugin-terser@7.0.2: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-terser npm WARN deprecated sourcemap-codec@1.4.8: Please use @jridgewell/sourcemap-codec instead npm WARN deprecated w3c-hr-time@1.0.2: Use your platform's native performance.now() and performance.timeOrigin. npm WARN deprecated svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.

added 1380 packages, and audited 1990 packages in 40s

253 packages are looking for funding run npm fund for details

6 high-severity vulnerabilities

To address all issues, run: npm audit fix

Run npm audit for details.

Steps to reproduce

  1. I install a react-scripts in my personal project it comes a 6 high-severity vulnerabilities
  2. Then I created a demo simple project its shows the same error 6 high severity vulnerabilities

Issue n React scripts

annaaisyaNYP commented 1 year ago

its a known issue. please refer to https://github.com/facebook/create-react-app/issues/11174