Vulnerability issue

[Ensaphelon]

Currently I am installing the latest version of react-secure-storage and I'm facing the following vulnerability issue:

Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install react-secure-storage@1.0.0, which is a breaking change
node_modules/react-scripts/node_modules/nth-check
  css-select  <=3.1.0
  Depends on vulnerable versions of nth-check
  node_modules/react-scripts/node_modules/css-select
    svgo  1.0.0 - 1.3.2
    Depends on vulnerable versions of css-select
    node_modules/react-scripts/node_modules/svgo
      @svgr/plugin-svgo  <=5.5.0
      Depends on vulnerable versions of svgo
      node_modules/react-scripts/node_modules/@svgr/plugin-svgo
        @svgr/webpack  4.0.0 - 5.5.0
        Depends on vulnerable versions of @svgr/plugin-svgo
        node_modules/react-scripts/node_modules/@svgr/webpack
          react-scripts  >=2.1.4
          Depends on vulnerable versions of @svgr/webpack
          node_modules/react-scripts
            react-secure-storage  <=0.0.9 || >=1.0.1
            Depends on vulnerable versions of react-scripts
            node_modules/react-secure-storage

As I understand the main problem here is that react-scripts package is declared under dependencies and not devDependencies.

[sushinpv]

This issue has been resolved in the latest release v1.0.21

[sushinpv]

If you are still getting this error even after updating the package, This is because of react-scripts version 5.0.1 on your project file