andrei_bancos
Reputation: 69
React js app - high severity vulnerability - immer
- After installed react-router-dom.
- I saw that I had a vulnerability.
- exactly that:
I didn't find much useful information for solve. Has anyone ever encountered this problem?
Upvotes: 3
Views: 2082
Answers (2)
zerocewl
Reputation: 12804
As a temp workaround until the third party packages update their dependencies to the newest immerjs version (>=8.0.1) you can use yarn resolutions to use the specified fixed immer version >=8.0.1:
updates in the package.json
"devDependencies": {
"immer": "8.0.1",
},
"resolutions": {
"immer": "8.0.1"
}
NOTE: Don't forget to run yarn install after these changes.
A npm equivalent is maybe npm-force-resolutions.
Upvotes: 1
Javier Carreño
Reputation: 1
-Find immer into package-lock.json
-Update version to 8.0.1
-Remove node_modules
-run script npm i
-Enjoy
Upvotes: 0
Related Questions
- Npm vulnerabilities can't be fixed
- couldn't deploy the app because of vulnerabilities need manual review
- Cannot find module 'immer' from 'node_modules/use-immer/dist/use-immer.js'?
- Create-react-app 137 vulnerabilities (123 moderate, 13 high, 1 critical)
- Npm audit critical fix immer <=9.0.5
- Vulnerabilities with create-react-app React Js
- My React App has unfixable High Severity warnings, how do I fix this?
- Prototype Pollution - npm vulnerability can't be fixed?
- found 40 vulnerabilities (7 low, 31 moderate, 1 high, 1 critical)
- React.js SPA security issues