chore(deps): update dependency react-dev-utils to v11 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
react-dev-utils	4.2.1 -> 11.0.4

GitHub Vulnerability Alerts

CVE-2021-24033

react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoked with user-provided values (ie: by custom code) is there the potential for command injection. If you're consuming it from react-scripts then this issue does not affect you.

---

Release Notes

facebook/create-react-app

v11.0.3

Compare Source

v11.0.2

Compare Source

v11.0.1

Compare Source

v11.0.0

Compare Source

v10.2.1

Compare Source

v10.2.0

Compare Source

v10.1.0

Compare Source

v10.0.0

Compare Source

v9.1.0

Compare Source

v9.0.4

Compare Source

v9.0.3

Compare Source

v9.0.2

Compare Source

v9.0.1

Compare Source

v9.0.0

Compare Source

v8.0.0

Compare Source

v7.0.5

Compare Source

v7.0.4

Compare Source

v7.0.3

Compare Source

v7.0.2

Compare Source

v7.0.1

Compare Source

v7.0.0

Compare Source

v6.1.1

Compare Source

v6.0.4

Compare Source

v6.0.3

Compare Source

v6.0.2

Compare Source

v5.0.1

Compare Source

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@5.0.1

or

yarn add --exact react-scripts@5.0.1

🐛 Bug Fix

• react-scripts
  • #​12245 fix: webpack noise printed only if error or warning (@​Andrew47)
• create-react-app
  • #​11915 Warn when not using the latest version of create-react-app but do not exit (@​iansu)
• react-dev-utils
  • #​11640 Ensure posix compliant joins for urls in middleware (@​psiservices-justin-sullard)

💅 Enhancement

• cra-template-typescript, cra-template, react-scripts
  • #​12220 Update templates to use React 18 createRoot (@​kyletsang)
• cra-template-typescript, cra-template
  • #​12223 chore: upgrade rtl version to support react 18 (@​MatanBobi)
• eslint-config-react-app
  • #​11622 updated deprecated rules (@​wisammechano)

📝 Documentation

• #​11594 Fix a typo in deployment.md (@​fishmandev)
• #​11805 docs: Changelog 5.0.0 (@​jafin)
• #​11757 prevent both npm and yarn commands from being copied (@​mubarakn)

🏠 Internal

• #​11985 Ignore docs when publishing (@​iansu)

Committers: 11

• Andrew Burnie (@​Andrew47)
• Clément Vannicatte (@​shortcuts)
• Dmitriy Fishman (@​fishmandev)
• Dmitry Vinnik (@​dmitryvinn)
• Ian Sutherland (@​iansu)
• Jason Finch (@​jafin)
• Kyle Tsang (@​kyletsang)
• Matan Borenkraout (@​MatanBobi)
• Wisam Naji (@​wisammechano)
• @​mubarakn
• @​psiservices-justin-sullard

5.0.0 (2021-12-14)

Create React App 5.0 is a major release with several new features and the latest version of all major dependencies.

Thanks to all the maintainers and contributors who worked so hard on this release! 🙌

v5.0.0

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@5.0.1

or

yarn add --exact react-scripts@5.0.1

🐛 Bug Fix

• react-scripts
  • #​12245 fix: webpack noise printed only if error or warning (@​Andrew47)
• create-react-app
  • #​11915 Warn when not using the latest version of create-react-app but do not exit (@​iansu)
• react-dev-utils
  • #​11640 Ensure posix compliant joins for urls in middleware (@​psiservices-justin-sullard)

💅 Enhancement

• cra-template-typescript, cra-template, react-scripts
  • #​12220 Update templates to use React 18 createRoot (@​kyletsang)
• cra-template-typescript, cra-template
  • #​12223 chore: upgrade rtl version to support react 18 (@​MatanBobi)
• eslint-config-react-app
  • #​11622 updated deprecated rules (@​wisammechano)

📝 Documentation

• #​11594 Fix a typo in deployment.md (@​fishmandev)
• #​11805 docs: Changelog 5.0.0 (@​jafin)
• #​11757 prevent both npm and yarn commands from being copied (@​mubarakn)

🏠 Internal

• #​11985 Ignore docs when publishing (@​iansu)

Committers: 11

• Andrew Burnie (@​Andrew47)
• Clément Vannicatte (@​shortcuts)
• Dmitriy Fishman (@​fishmandev)
• Dmitry Vinnik (@​dmitryvinn)
• Ian Sutherland (@​iansu)
• Jason Finch (@​jafin)
• Kyle Tsang (@​kyletsang)
• Matan Borenkraout (@​MatanBobi)
• Wisam Naji (@​wisammechano)
• @​mubarakn
• @​psiservices-justin-sullard

5.0.0 (2021-12-14)

Create React App 5.0 is a major release with several new features and the latest version of all major dependencies.

Thanks to all the maintainers and contributors who worked so hard on this release! 🙌

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.