[Samples] Move `react-scripts` to `devDependencies` #4023

compulim · 2021-08-12T22:28:28Z

Fixes #4017.

Changelog Entry

Resolves #4017. In samples, moved react-scripts to devDependencies, in PR #4023
Bumped all dependencies to the latest versions and sample bumps, by @compulim in PR #3996, PR #3998, and PR #4023
- Dependencies used by samples

Description

In our sample and playground, move react-scripts to devDependencies to reduce omissions on vulnerabilities, as suggested by React team.

As long as we don't npm run eject, it should be good.

Also bumping other dependencies in samples.

Design

As mentioned by React team, move react-scripts to devDependencies will reduce some omissions.

Specific Changes

Run npm install --dev react-scripts@latest on all playground and samples which based on create-react-app
In samples, bump deps to same major
- We should consider adding automated tests for samples, so it's much safer to bump to new major

~~I have added tests and executed them locally~~ (relies on CI)
I have updated CHANGELOG.md
~~I have updated documentation~~

Review Checklist

This section is for contributors to review your work.

~~Accessibility reviewed (tab order, content readability, alt text, color contrast)~~
~~Browser and platform compatibilities reviewed~~
~~CSS styles reviewed (minimal rules, no z-index)~~
~~Documents reviewed (docs, samples, live demo)~~
~~Internationalization reviewed (strings, unit formatting)~~
package.json and package-lock.json reviewed
~~Security reviewed (no data URIs, check for nonce leak)~~
~~Tests reviewed (coverage, legitimacy)~~

* Move react-scripts in samples to devDependencies * Move react-scripts to devDependencies * Bump deps on samples * Bump http-proxy-middleware * Add entry * Update entry

compulim added 5 commits August 12, 2021 21:47

Move react-scripts in samples to devDependencies

7f05cc5

Move react-scripts to devDependencies

b8c50aa

Bump deps on samples

e9bfec9

Bump http-proxy-middleware

e57a16e

Add entry

0b0e915

compulim marked this pull request as ready for review August 12, 2021 22:33

compulim requested review from a-b-r-o-w-n, beyackle, cwhitten, srinaath, tdurnford and tonyanziano as code owners August 12, 2021 22:33

Update entry

3d4cea7

compulim assigned cwhitten Aug 12, 2021

cwhitten approved these changes Aug 25, 2021

View reviewed changes

compulim merged commit 5390f5c into microsoft:main Aug 27, 2021

compulim deleted the feat-move-react-scripts branch August 27, 2021 05:12

compulim mentioned this pull request Sep 2, 2021

Bump to 4.14.1 for release #4045

Merged

11 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Samples] Move `react-scripts` to `devDependencies` #4023

[Samples] Move `react-scripts` to `devDependencies` #4023

compulim commented Aug 12, 2021 •

edited

Loading

[Samples] Move react-scripts to devDependencies #4023

[Samples] Move react-scripts to devDependencies #4023

Conversation

compulim commented Aug 12, 2021 • edited Loading

Changelog Entry

Description

Design

Specific Changes

Review Checklist

[Samples] Move `react-scripts` to `devDependencies` #4023

[Samples] Move `react-scripts` to `devDependencies` #4023

compulim commented Aug 12, 2021 •

edited

Loading