From 5c19b841a45f2b2501023ae28a219ebf2e09753d Mon Sep 17 00:00:00 2001
From: admin-token-bot <36773031+admin-token-bot@users.noreply.github.com>
Date: Wed, 30 Nov 2022 09:39:18 -0500
Subject: [PATCH] [Snyk] Upgrade react-scripts from 5.0.0 to 5.0.1 (#2319)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

<h3>Snyk has created this PR to upgrade react-scripts from 5.0.0 to
5.0.1.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **7 months ago**, on 2022-04-12.

The recommended version fixes:

Severity | Issue | PriorityScore (*) | Exploit Maturity |

:-------------------------:|:-------------------------|-------------------------|:-------------------------
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-NWSAPI-2841516](https://snyk.io/vuln/SNYK-JS-NWSAPI-2841516) |
**446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-MINIMATCH-3050818](https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818)
| **446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **446/1000** <br/> **Why?** Recently disclosed, CVSS 7.5 | No Known
Exploit

(*) Note that the real score may have changed since the PR was raised.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>react-scripts</b></summary>
    <ul>
      <li>
<b>5.0.1</b> - <a
href="https://snyk.io/redirect/github/facebook/create-react-app/releases/tag/v5.0.1">2022-04-12</a></br><h2>5.0.1
(2022-04-12)</h2>
<p>Create React App 5.0.1 is a maintenance release that improves
compatibility with React 18. We've also updated our templates to use
<code>createRoot</code> and relaxed our check for older versions of
Create React App.</p>
<h1>Migrating from 5.0.0 to 5.0.1</h1>
<p>Inside any created project that has not been ejected, run:</p>
<div class="snippet-clipboard-content notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="npm install --save
--save-exact react-scripts@5.0.1"><pre class="notranslate"><code>npm
install --save --save-exact react-scripts@5.0.1
</code></pre></div>
<p>or</p>
<div class="snippet-clipboard-content notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="yarn add --exact
react-scripts@5.0.1"><pre class="notranslate"><code>yarn add --exact
react-scripts@5.0.1
</code></pre></div>
<h4><g-emoji class="g-emoji" alias="bug"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f41b.png">🐛</g-emoji>
Bug Fix</h4>
<ul>
<li><code>react-scripts</code>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/12245"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/12245/hovercard">#12245</a>
fix: webpack noise printed only if error or warning (<a
href="https://snyk.io/redirect/github/Andrew47">@ Andrew47</a>)</li>
</ul>
</li>
<li><code>create-react-app</code>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11915"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11915/hovercard">#11915</a>
Warn when not using the latest version of create-react-app but do not
exit (<a href="https://snyk.io/redirect/github/iansu">@ iansu</a>)</li>
</ul>
</li>
<li><code>react-dev-utils</code>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11640"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11640/hovercard">#11640</a>
Ensure posix compliant joins for urls in middleware (<a
href="https://snyk.io/redirect/github/psiservices-justin-sullard">@
psiservices-justin-sullard</a>)</li>
</ul>
</li>
</ul>
<h4><g-emoji class="g-emoji" alias="nail_care"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f485.png">💅</g-emoji>
Enhancement</h4>
<ul>
<li><code>cra-template-typescript</code>, <code>cra-template</code>,
<code>react-scripts</code>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/12220"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/12220/hovercard">#12220</a>
Update templates to use React 18 <code>createRoot</code> (<a
href="https://snyk.io/redirect/github/kyletsang">@ kyletsang</a>)</li>
</ul>
</li>
<li><code>cra-template-typescript</code>, <code>cra-template</code>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/12223"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/12223/hovercard">#12223</a>
chore: upgrade rtl version to support react 18 (<a
href="https://snyk.io/redirect/github/MatanBobi">@ MatanBobi</a>)</li>
</ul>
</li>
<li><code>eslint-config-react-app</code>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11622"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11622/hovercard">#11622</a>
updated deprecated rules (<a
href="https://snyk.io/redirect/github/wisammechano">@
wisammechano</a>)</li>
</ul>
</li>
</ul>
<h4><g-emoji class="g-emoji" alias="memo"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f4dd.png">📝</g-emoji>
Documentation</h4>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11594"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11594/hovercard">#11594</a>
Fix a typo in deployment.md (<a
href="https://snyk.io/redirect/github/fishmandev">@ fishmandev</a>)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11805"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11805/hovercard">#11805</a>
docs: Changelog 5.0.0 (<a href="https://snyk.io/redirect/github/jafin">@
jafin</a>)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11757"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11757/hovercard">#11757</a>
prevent both npm and yarn commands from being copied (<a
href="https://snyk.io/redirect/github/mubarakn">@ mubarakn</a>)</li>
</ul>
<h4><g-emoji class="g-emoji" alias="house"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f3e0.png">🏠</g-emoji>
Internal</h4>
<ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/pull/11985"
data-hovercard-type="pull_request"
data-hovercard-url="/facebook/create-react-app/pull/11985/hovercard">#11985</a>
Ignore docs when publishing (<a
href="https://snyk.io/redirect/github/iansu">@ iansu</a>)</li>
</ul>
<h4>Committers: 11</h4>
<ul>
<li>Andrew Burnie (<a href="https://snyk.io/redirect/github/Andrew47">@
Andrew47</a>)</li>
<li>Clément Vannicatte (<a
href="https://snyk.io/redirect/github/shortcuts">@ shortcuts</a>)</li>
<li>Dmitriy Fishman (<a
href="https://snyk.io/redirect/github/fishmandev">@ fishmandev</a>)</li>
<li>Dmitry Vinnik (<a
href="https://snyk.io/redirect/github/dmitryvinn">@ dmitryvinn</a>)</li>
<li>Ian Sutherland (<a href="https://snyk.io/redirect/github/iansu">@
iansu</a>)</li>
<li>Jason Finch (<a href="https://snyk.io/redirect/github/jafin">@
jafin</a>)</li>
<li>Kyle Tsang (<a href="https://snyk.io/redirect/github/kyletsang">@
kyletsang</a>)</li>
<li>Matan Borenkraout (<a
href="https://snyk.io/redirect/github/MatanBobi">@ MatanBobi</a>)</li>
<li>Wisam Naji (<a href="https://snyk.io/redirect/github/wisammechano">@
wisammechano</a>)</li>
<li><a href="https://snyk.io/redirect/github/mubarakn">@
mubarakn</a></li>
<li><a
href="https://snyk.io/redirect/github/psiservices-justin-sullard">@
psiservices-justin-sullard</a></li>
</ul>
      </li>
      <li>
<b>5.0.0</b> - <a
href="https://snyk.io/redirect/github/facebook/create-react-app/releases/tag/v5.0.0">2021-12-14</a></br><a
href="https://snyk.io/redirect/github/facebook/create-react-app/releases/tag/v5.0.0">
Read more </a>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/facebook/create-react-app/releases">react-scripts
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>react-scripts</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/19fa58d527ae74f2b6baa0867463eea1d290f9a5">19fa58d</a>
Publish</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/6fb4f977b7522c6a1632ec9133af30f5df3afb09">6fb4f97</a>
Prepare 5.0.1 release</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/9802941ff049a28da2682801bc182a29761b71f4">9802941</a>
fix: webpack noise printed only if error or warning (#12245)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/2eef1d0a1db2e84cdcd6e7ca941c85a48cc7cc65">2eef1d0</a>
Update templates to use React 18 &#x60;createRoot&#x60; (#12220)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/213b6a2050ece9e3a68c4fc46150866174aa4e0f">213b6a2</a>
chore: upgrade rtl version to support react 18 (#12223)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/67b48688081d8ee3562b8ac1bf6ae6d44112745a">67b4868</a>
docs: update Algolia credentials (#12151)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/efc3581e075ee049179029c982c5a10d0d2a3300">efc3581</a>
Update lockfile</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/52d643170b8871b40eb72dbb9f781924dc2cb19c">52d6431</a>
Warn when not using the latest version of create-react-app but do not
exit (#11915)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/fd8c5f7b1b1d19d10d24cc2f9fdfc110585dc030">fd8c5f7</a>
docs: add homepage banner in support of Ukraine (#12113)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/428ddb683193e548043a4a7edac73d2857386a4c">428ddb6</a>
Ignore docs when publishing (#11985)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/a422bf227cf5294a34d68696664e9568a152fd8f">a422bf2</a>
Ensure posix compliant joins for urls in middleware (#11640)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/63ae6dd5b9b491c081a673a4a57131a86b259a73">63ae6dd</a>
updated deprecated rules (#11622)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/255822ff2d6199801733d7a66729c094f0430913">255822f</a>
Fix a typo in deployment.md (#11594)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/d73c2f24053da5272d4286049e27adcd767c1c8a">d73c2f2</a>
docs: Changelog 5.0.0 (#11805)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/b2f9ee371d1c7f3d82b37990f4bcedb63bcd4115">b2f9ee3</a>
prevent both npm and yarn commands from being copied (#11757)</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/0c72a329a4e703de5e99d20290dde8f6ac179168">0c72a32</a>
Add docusaurus to workspaces, update lockfile</li>
<li><a
href="https://snyk.io/redirect/github/facebook/create-react-app/commit/9673858a3715287c40aef9e800c431c7d45c05a2">9673858</a>
Update CONTRIBUTING.md</li>
    </ul>

<a
href="https://snyk.io/redirect/github/facebook/create-react-app/compare/221e511730ca51c036c6954a9d2ee7659ff860f9...19fa58d527ae74f2b6baa0867463eea1d290f9a5">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJjMDAyMWQ5Yi03Mjk0LTQxMTgtYmFjNS0zZjEwYjA3MTMzZjEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImMwMDIxZDliLTcyOTQtNDExOC1iYWM1LTNmMTBiMDcxMzNmMSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?pkg&#x3D;react-scripts&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"c0021d9b-7294-4118-bac5-3f10b07133f1","prPublicId":"c0021d9b-7294-4118-bac5-3f10b07133f1","dependencies":[{"name":"react-scripts","from":"5.0.0","to":"5.0.1"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"9043c51f-3f0d-45c6-8455-b658274f2872","env":"prod","prType":"upgrade","vulns":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-NWSAPI-2841516","SNYK-JS-MINIMATCH-3050818","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3105943"],"issuesToFix":[{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":446,"priorityScoreFactors":[{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":446,"priorityScoreFactors":[{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-NWSAPI-2841516","severity":"medium","title":"Denial
of Service
(DoS)","exploitMaturity":"no-known-exploit","priorityScore":310,"priorityScoreFactors":[{"type":"cvssScore","label":"6.2","score":310}]},{"issueId":"SNYK-JS-MINIMATCH-3050818","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":336,"priorityScoreFactors":[{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":336,"priorityScoreFactors":[{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":336,"priorityScoreFactors":[{"type":"freshness","label":true,"score":71},{"type":"cvssScore","label":"5.3","score":265}]}],"upgrade":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-NWSAPI-2841516","SNYK-JS-MINIMATCH-3050818","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3105943"],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2022-04-12T17:33:23.210Z"},"templateVariants":["priorityScore"],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[446,446,310,265,336,336,336]})
--->

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 examples/web/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/web/package.json b/examples/web/package.json
index 6b28296393..8f9ef67c69 100644
--- a/examples/web/package.json
+++ b/examples/web/package.json
@@ -16,7 +16,7 @@
     "graphql-tag": "^2.12.6",
     "react": "^17.0.2",
     "react-dom": "^17.0.2",
-    "react-scripts": "5.0.0",
+    "react-scripts": "5.0.1",
     "react-test-renderer": "^17.0.2",
     "realm-web": "^1.7.0",
     "typescript": "^4.5.5",