[Snyk] Upgrade react-scripts from 3.4.1 to 5.0.1

[GregBrimble]

Snyk has created this PR to upgrade react-scripts from 3.4.1 to 5.0.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 20 versions ahead of your current version.

• The recommended version was released 3 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-AJV-584908	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	405	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	405	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	405	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	405	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	405	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	405	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	405	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	405	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	405	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	405	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	405	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	405	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	405	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	405	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	405	Proof of Concept
	Improper Handling of Unexpected Data Type SNYK-JS-ONHEADERS-10773729	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	405	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577916	405	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577917	405	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577918	405	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-8172694	405	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-8187303	405	Proof of Concept
	Information Exposure SNYK-JS-ELLIPTIC-8720086	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	405	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	405	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	405	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	405	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	405	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	405	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	405	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIMECOREJS3-9397696	405	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	405	Proof of Concept
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	405	No Known Exploit
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	405	Proof of Concept
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	405	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	405	Proof of Concept
	Function Call With Incorrect Argument Type SNYK-JS-CIPHERBASE-12084814	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	405	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	405	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	405	Proof of Concept
	Generation of Predictable Numbers or Identifiers SNYK-JS-PBKDF2-10495496	405	Proof of Concept
	Generation of Predictable Numbers or Identifiers SNYK-JS-PBKDF2-10495498	405	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	405	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	405	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	405	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	405	No Known Exploit
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	405	No Known Exploit
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	405	No Known Exploit
	Code Injection SNYK-JS-LODASHTEMPLATE-1088054	405	Proof of Concept
	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	405	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339	405	No Known Exploit
	Prototype Pollution SNYK-JS-NODEFORGE-598677	405	Proof of Concept
	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	405	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	405	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXYMIDDLEWARE-8229906	405	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	405	Proof of Concept
	Command Injection SNYK-JS-REACTDEVUTILS-1083268	405	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	405	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	405	No Known Exploit
	Open Redirect SNYK-JS-NODEFORGE-2330875	405	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-2331908	405	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337	405	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341	405	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	405	No Known Exploit
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	405	No Known Exploit
	Cross-site Scripting SNYK-JS-SEND-7926862	405	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	405	No Known Exploit
	Function Call With Incorrect Argument Type SNYK-JS-SHAJS-12089400	405	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	405	Proof of Concept
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	405	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	405	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	405	Proof of Concept
	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	405	No Known Exploit
	Improper Input Validation SNYK-JS-URLPARSE-2407770	405	Proof of Concept
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	405	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	405	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	405	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	405	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	405	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	405	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	405	Proof of Concept
	Symlink Attack SNYK-JS-TMP-11501554	405	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	405	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	405	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	405	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	405	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	405	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	405	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-WEBPACK-7840298	405	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	405	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	405	Proof of Concept

Release notes

Package name: react-scripts

• 5.0.1 - 2022-04-12
  

  5.0.1 (2022-04-12)

  Create React App 5.0.1 is a maintenance release that improves compatibility with React 18. We've also updated our templates to use createRoot and relaxed our check for older versions of Create React App.

  Migrating from 5.0.0 to 5.0.1

  Inside any created project that has not been ejected, run:

  npm install --save --save-exact [email protected]
  

  or

  yarn add --exact [email protected]
  

  🐛 Bug Fix

  • react-scripts
    • #12245 fix: webpack noise printed only if error or warning (@ Andrew47)
  • create-react-app
    • #11915 Warn when not using the latest version of create-react-app but do not exit (@ iansu)
  • react-dev-utils
    • #11640 Ensure posix compliant joins for urls in middleware (@ psiservices-justin-sullard)

  💅 Enhancement

  • cra-template-typescript, cra-template, react-scripts
    • #12220 Update templates to use React 18 createRoot (@ kyletsang)
  • cra-template-typescript, cra-template
    • #12223 chore: upgrade rtl version to support react 18 (@ MatanBobi)
  • eslint-config-react-app
    • #11622 updated deprecated rules (@ wisammechano)

  📝 Documentation

  • #11594 Fix a typo in deployment.md (@ fishmandev)
  • #11805 docs: Changelog 5.0.0 (@ jafin)
  • #11757 prevent both npm and yarn commands from being copied (@ mubarakn)

  🏠 Internal

  • #11985 Ignore docs when publishing (@ iansu)

  Committers: 11

  • Andrew Burnie (@ Andrew47)
  • Clément Vannicatte (@ shortcuts)
  • Dmitriy Fishman (@ fishmandev)
  • Dmitry Vinnik (@ dmitryvinn)
  • Ian Sutherland (@ iansu)
  • Jason Finch (@ jafin)
  • Kyle Tsang (@ kyletsang)
  • Matan Borenkraout (@ MatanBobi)
  • Wisam Naji (@ wisammechano)
  • @ mubarakn
  • @ psiservices-justin-sullard
• 5.0.0 - 2021-12-14
• 5.0.0-next.60 - 2021-12-14
• 5.0.0-next.58 - 2021-12-08
• 5.0.0-next.47 - 2021-10-04
• 5.0.0-next.37 - 2021-09-01
• 5.0.0-next.31 - 2021-08-04
• 4.0.3 - 2021-02-22
• 4.0.2 - 2021-02-03
• 4.0.1 - 2020-11-23
• 4.0.0 - 2020-10-23
• 4.0.0-next.117 - 2020-10-23
• 4.0.0-next.116 - 2020-10-23
• 4.0.0-next.98 - 2020-09-16
• 4.0.0-next.96 - 2020-09-16
• 4.0.0-next.77 - 2020-08-05
• 4.0.0-next.64 - 2020-07-30
• 3.4.4 - 2020-10-20
• 3.4.3 - 2020-08-12
• 3.4.2 - 2020-08-11
• 3.4.1 - 2020-03-21

from react-scripts GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs