Uploaded image for project: 'ui-orders'
  1. ui-orders
  2. UIOR-932

Replace react-hot-loader - unmaintained, security (CVE-2021-44906)

    XMLWordPrintable

Details

    • ACQ Sprint 136
    • 1
    • Thunderjet
    • Morning Glory (R2 2022)

    Description

      Overview:

      react-hot-loader should be replaced because it is no longer maintained and has security issues.

      Steps to Reproduce:

      react-hot-loader hasn't been maintained since Jun 1, 2021. There are 116 open issues and 246 open pull requests as of March 22, 2022: https://github.com/gaearon/react-hot-loader

      react-hot-loader has security vulnerabilities: https://nvd.nist.gov/vuln/detail/CVE-2020-7598 , https://nvd.nist.gov/vuln/detail/CVE-2021-44906

      Steps to Fix:

      The react-hot-loader maintainers say: "Please remove React-Hot-Loader": https://github.com/gaearon/react-hot-loader#moving-towards-next-step

      The react-hot-loader maintainers advise to replace it by React Hot Refresh: https://github.com/facebook/react/issues/16604

      TestRail: Results

        Attachments

          Issue Links

            is cloned by

            Task - A task that needs to be done. UIINREACH-160 Replace react-hot-loader - unmaintained, security (CVE-2021-44906)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            is duplicated by

            Tech Debt - UIOR-951 Replace or remove react-hot-loader

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. STCOM-954 Replace react-hot-loader - unmaintained, security (CVE-2021-44906)

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. STCOR-597 Replace react-hot-loader - unmaintained, security (CVE-2021-44906)

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Umbrella - STRIPES-725 Replace react-hot-loader

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Activity

              People

                mikita_siadykh Mikita Siadykh
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases