Running ‘npm audit fix –force’ downgrades react-scripts
One of the create-react-app maintainers has announced that they cannot fix this as the vulnerabilities affect transitive dependencies, and that it should not matter. The reasoning is that the npm audit feature was built with Node apps in mind, not build tools. Vulnerabilities in the dependencies should (in most cases) not translate to vulnerabilities in … Read more