Updates loader-utils to 3.2.1 due to Security Vulnerability

[boroth]

Been resolving some Dependabot alerts in another repo, and ran into an issue with react-refresh-webpack-plugin needing to be updated to the newer version of loader-utils. This just updates the loader-utils package, but I'm also open to doing some additional yarn updating/auditing if people are interested in that.

Tests seem to be passing, just need to run a build and see if it's all good to go 👍🏾

[codesandbox[bot]]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders
Open Preview

[boroth]

I guess this fix may only work on Webpack 5, not sure what the standard way of handling that is in this project.

I wouldn't be opposed to trying to get react-refresh-webpack-plugin to a 1.0.0 version with Node 16+ and Webpack 5+ if y'all are up for it.

[pmmmwh]

I guess this fix may only work on Webpack 5, not sure what the standard way of handling that is in this project.

I wouldn't be opposed to trying to get react-refresh-webpack-plugin to a 1.0.0 version with Node 16+ and Webpack 5+ if y'all are up for it.

I'll look a bit into if it's possible to have both supported and resolve the vulnerability. In any case I don't think we're really using the code path that is reported, but it's nonetheless good to be on a version where this doesn't warn.

[pmmmwh]

Will be fixed in v0.6.0.