From 29f10ad9483df3f1e74816319fccbe2d8b394c58 Mon Sep 17 00:00:00 2001
From: marco <marco@glints.com>
Date: Thu, 9 Sep 2021 10:09:55 +0800
Subject: [PATCH] Force immer resolution to ^9.0.6

This is following up on a vulnerability reported here:
https://github.com/glints-dev/glints-aries/security/dependabot/yarn.lock/immer/open

See the related discussion here:
https://github.com/facebook/create-react-app/issues/10411

From what I found online, this issue is quite irrelevant:
https://github.com/facebook/create-react-app/issues/10411#issuecomment-781399779
---
 package.json | 3 +++
 yarn.lock    | 8 ++++----
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 62e561fde..af5fad767 100644
--- a/package.json
+++ b/package.json
@@ -142,5 +142,8 @@
   },
   "optionalDependencies": {
     "@glints/poppins": "^1.0.2"
+  },
+  "resolutions": {
+    "immer": "^9.0.6"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index 5669aff86..f060be9e4 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -8819,10 +8819,10 @@ ignore@^5.0.6, ignore@^5.1.4:
   resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.1.8.tgz#f150a8b50a34289b33e22f5889abd4d8016f0e57"
   integrity sha512-BMpfD7PpiETpBl/A6S498BaIJ6Y/ABT93ETbby2fP00v4EbvPBXWEoaR1UBPKs3iR53pJY7EtZk5KACI57i1Uw==
 
-immer@8.0.1:
-  version "8.0.1"
-  resolved "https://registry.yarnpkg.com/immer/-/immer-8.0.1.tgz#9c73db683e2b3975c424fb0572af5889877ae656"
-  integrity sha512-aqXhGP7//Gui2+UrEtvxZxSquQVXTpZ7KDxfCcKAF3Vysvw0CViVaW9RZ1j1xlIYqaaaipBoqdqeibkc18PNvA==
+immer@8.0.1, immer@^9.0.6:
+  version "9.0.6"
+  resolved "https://registry.yarnpkg.com/immer/-/immer-9.0.6.tgz#7a96bf2674d06c8143e327cbf73539388ddf1a73"
+  integrity sha512-G95ivKpy+EvVAnAab4fVa4YGYn24J1SpEktnJX7JJ45Bd7xqME/SCplFzYFmTbrkwZbQ4xJK1xMTUYBkN6pWsQ==
 
 immutable@^4.0.0-rc.9:
   version "4.0.0-rc.12"