mirror of
https://github.com/zebrajr/react.git
synced 2026-01-15 12:15:22 +00:00
3730b40e9b
## Summary There was an attempt to upgrade `ip` to 2.0.1 to mitigate CVE in https://github.com/facebook/react/pull/29725#issuecomment-2150389616, but there actually another one CVE in version `2.0.1`. Instead, migrate to `internal-ip`, which similarly small package that we can use Note: not upgrading to version 7+, because they are pure ESM. ## How did you test this change? Validated that standalone version of RDT works and connects to the app.
34 lines
680 B
JSON
34 lines
680 B
JSON
{
|
|
"name": "react-devtools",
|
|
"version": "5.2.0",
|
|
"description": "Use react-devtools outside of the browser",
|
|
"license": "MIT",
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "https://github.com/facebook/react.git",
|
|
"directory": "packages/react-devtools"
|
|
},
|
|
"bin": {
|
|
"react-devtools": "./bin.js"
|
|
},
|
|
"files": [
|
|
"bin.js",
|
|
"app.html",
|
|
"app.js",
|
|
"index.js",
|
|
"icons",
|
|
"preload.js"
|
|
],
|
|
"scripts": {
|
|
"start": "node bin.js"
|
|
},
|
|
"dependencies": {
|
|
"cross-spawn": "^5.0.1",
|
|
"electron": "^23.1.2",
|
|
"internal-ip": "^6.2.0",
|
|
"minimist": "^1.2.3",
|
|
"react-devtools-core": "5.2.0",
|
|
"update-notifier": "^2.1.0"
|
|
}
|
|
}
|