Giter VIP home page Giter VIP logo

fastdva-core's Introduction

初始化部分

安装

npm i

调试

npm run start

  import {createStore,Provider} from './package/fastkit-dva'
  import appModels from './models/app'
  const app = createStore({})
    app.model(appModels)
    const AppView = () => {
        return (
            <Provider store={app}>
                <App/>
            </Provider>
        )
    }
这里是初始化的部分代码 �之后会与dva尽可能的保持一致 在后续版本会进行修改

##connect部分

export default connect(['app'],({app})=>({...app}))(App)

这里其余字段都与react-redux保持一致 但是首字段加了一个modelList 这个字段的作用就是为了能够更好的进行监听 �比如上面的app 也就是说 我只会监听app这个model中的state发生的变化 其他的reduce变化 不会触发这个页面的监听回调

##connect初始化监听部分

      /**
      * 初始化监听
      * 
      * @memberof Connect
      */
      initSubscribe = () =>{
          modelList.forEach((e)=>{
              this.timestamp.push(Date.parse(new Date()))
              this.store.callBackList[e][String(this.timestamp.slice(-1)[0])] = this.onStateChange
          })
      }
在这里会直接对指定modelName去添加一个callBack 并且名字使用时间戳的方式来实现 避免出现重复命名 这个时间戳将会在组件被销毁的时候被使用到

##connect组件销毁

    /**
     * 如果页面被销毁则清除掉原来的监听事件 减少计算
     * 
     * @memberof Connect
     */
    componentWillUnmount = () => {
        modelList.forEach((e)=>{
            this.timestamp.forEach((el)=>{
                if (this.store.callBackList[e][el]){
                    delete this.store.callBackList[e][el]
                }
            })
        })
    };
当组件被销毁的时候 会从当前modelName的callBack回调�中去删除属于当前页面的回调 避免下次在触发dispatch的时候 重新参与运算

##model部分

import test from '../utils/test'
export default {
    namespace : 'app',
    state : {
        num: 0
    },
    reducers : {
        add(state, {payload}) {
            return ({...state,num:state.num + 1})
        },
        reduce(state,{payload}){
            return ({...state,num:state.num - 1})
        },
        reset(state,{payload}){
            return ({...state,num:0})
        }
    },
    effects : {
        *clear({payload},{select,put,take,call}){
            yield call(test,11111)
        }
    }
}
这里的使用方式跟dva保持了一致 因为是直接使用的saga来进行的实现 所以saga的一些功能与属性都可以直接的进行使用 不会有影响

现在这个项目还不够成熟 目前的这个版本删除了中间件 下一个版本将会用redux中间件的方式去将dispatch进行合并 但是只会支持saga与router这两个 尽可能去减少项目中不必要的reduce从来提升性能吧 真的是有得必有失啊

fastdva-core's People

Contributors

fangkyi02 avatar fangkyi03 avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar

fastdva-core's Issues

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.defaults:4.2.0

Vulnerabilities

DepShield reports that this application's usage of lodash.defaults:4.2.0 results in the following vulnerability(s):


Occurrences

lodash.defaults:4.2.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ sw-precache-webpack-plugin:0.11.4
              └─ sw-precache:5.2.1
                    └─ lodash.defaults:4.2.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 9.8) Vulnerability due to usage of macaddress:0.2.8

Vulnerabilities

DepShield reports that this application's usage of macaddress:0.2.8 results in the following vulnerability(s):


Occurrences

macaddress:0.2.8 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ css-loader:0.28.7
              └─ cssnano:3.10.0
                    └─ postcss-filter-plugins:2.0.2
                          └─ uniqid:4.1.1
                                └─ macaddress:0.2.8

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of debug:2.6.8

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.8 results in the following vulnerability(s):


Occurrences

debug:2.6.8 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ tar-pack:3.4.0
                          └─ debug:2.6.8

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 6.5) Vulnerability due to usage of atob:2.0.3

Vulnerabilities

DepShield reports that this application's usage of atob:2.0.3 results in the following vulnerability(s):


Occurrences

atob:2.0.3 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ babel-jest:20.0.3
              └─ babel-plugin-istanbul:4.1.5
                    └─ test-exclude:4.2.1
                          └─ micromatch:3.1.9
                                └─ snapdragon:0.8.2
                                      └─ source-map-resolve:0.5.1
                                            └─ atob:2.0.3

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 9.8) Vulnerability due to usage of cryptiles:3.1.2

Vulnerabilities

DepShield reports that this application's usage of cryptiles:3.1.2 results in the following vulnerability(s):


Occurrences

cryptiles:3.1.2 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ jest:20.0.4
              └─ jest-cli:20.0.4
                    └─ jest-environment-jsdom:20.0.3
                          └─ jsdom:9.12.0
                                └─ request:2.85.0
                                      └─ hawk:6.0.2
                                            └─ cryptiles:3.1.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.cond:4.5.2

Vulnerabilities

DepShield reports that this application's usage of lodash.cond:4.5.2 results in the following vulnerability(s):


Occurrences

lodash.cond:4.5.2 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ eslint-plugin-import:2.8.0
              └─ lodash.cond:4.5.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of fstream:1.0.11

Vulnerabilities

DepShield reports that this application's usage of fstream:1.0.11 results in the following vulnerability(s):


Occurrences

fstream:1.0.11 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ tar:2.2.1
                          └─ fstream:1.0.11
                    └─ tar-pack:3.4.0
                          └─ fstream:1.0.11
                          └─ fstream-ignore:1.0.5
                                └─ fstream:1.0.11

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 9.8) Vulnerability due to usage of cryptiles:2.0.5

Vulnerabilities

DepShield reports that this application's usage of cryptiles:2.0.5 results in the following vulnerability(s):


Occurrences

cryptiles:2.0.5 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ hawk:3.1.3
                          └─ cryptiles:2.0.5

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of tar:2.2.1

Vulnerabilities

DepShield reports that this application's usage of tar:2.2.1 results in the following vulnerability(s):


Occurrences

tar:2.2.1 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ tar:2.2.1
                    └─ tar-pack:3.4.0
                          └─ tar:2.2.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of q:1.5.1

Vulnerabilities

DepShield reports that this application's usage of q:1.5.1 results in the following vulnerability(s):


Occurrences

q:1.5.1 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ css-loader:0.28.7
              └─ cssnano:3.10.0
                    └─ postcss-svgo:2.1.6
                          └─ svgo:0.7.2
                                └─ coa:1.0.4
                                      └─ q:1.5.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 6.1) Vulnerability due to usage of url-parse:1.2.0

Vulnerabilities

DepShield reports that this application's usage of url-parse:1.2.0 results in the following vulnerability(s):


Occurrences

url-parse:1.2.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ react-dev-utils:5.0.0
              └─ sockjs-client:1.1.4
                    └─ url-parse:1.2.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of webpack-dev-server:2.9.4

Vulnerabilities

DepShield reports that this application's usage of webpack-dev-server:2.9.4 results in the following vulnerability(s):


Occurrences

webpack-dev-server:2.9.4 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ webpack-dev-server:2.9.4

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.memoize:4.1.2

Vulnerabilities

DepShield reports that this application's usage of lodash.memoize:4.1.2 results in the following vulnerability(s):


Occurrences

lodash.memoize:4.1.2 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ css-loader:0.28.7
              └─ cssnano:3.10.0
                    └─ postcss-merge-rules:2.1.2
                          └─ caniuse-api:1.6.1
                                └─ lodash.memoize:4.1.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of stringstream:0.0.5

Vulnerabilities

DepShield reports that this application's usage of stringstream:0.0.5 results in the following vulnerability(s):


Occurrences

stringstream:0.0.5 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ request:2.81.0
                          └─ stringstream:0.0.5
        └─ jest:20.0.4
              └─ jest-cli:20.0.4
                    └─ jest-environment-jsdom:20.0.3
                          └─ jsdom:9.12.0
                                └─ request:2.85.0
                                      └─ stringstream:0.0.5

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash._reinterpolate:3.0.0

Vulnerabilities

DepShield reports that this application's usage of lodash._reinterpolate:3.0.0 results in the following vulnerability(s):


Occurrences

lodash._reinterpolate:3.0.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ sw-precache-webpack-plugin:0.11.4
              └─ sw-precache:5.2.1
                    └─ lodash.template:4.4.0
                          └─ lodash._reinterpolate:3.0.0
                          └─ lodash.templatesettings:4.1.0
                                └─ lodash._reinterpolate:3.0.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.template:4.4.0

Vulnerabilities

DepShield reports that this application's usage of lodash.template:4.4.0 results in the following vulnerability(s):


Occurrences

lodash.template:4.4.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ sw-precache-webpack-plugin:0.11.4
              └─ sw-precache:5.2.1
                    └─ lodash.template:4.4.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of sshpk:1.13.0

Vulnerabilities

DepShield reports that this application's usage of sshpk:1.13.0 results in the following vulnerability(s):


Occurrences

sshpk:1.13.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ request:2.81.0
                          └─ http-signature:1.1.1
                                └─ sshpk:1.13.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of tough-cookie:2.3.2

Vulnerabilities

DepShield reports that this application's usage of tough-cookie:2.3.2 results in the following vulnerability(s):


Occurrences

tough-cookie:2.3.2 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ request:2.81.0
                          └─ tough-cookie:2.3.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 8.2) Vulnerability due to usage of merge:1.2.0

Vulnerabilities

DepShield reports that this application's usage of merge:1.2.0 results in the following vulnerability(s):


Occurrences

merge:1.2.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ jest:20.0.4
              └─ jest-cli:20.0.4
                    └─ jest-haste-map:20.0.5
                          └─ sane:1.6.0
                                └─ exec-sh:0.2.1
                                      └─ merge:1.2.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of debug:2.6.9

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):


Occurrences

debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):

babel-cli:6.26.0
        └─ babel-core:6.26.0
              └─ babel-traverse:6.26.0
                    └─ debug:2.6.9
              └─ debug:2.6.9

react-scripts:1.1.1
        └─ babel-jest:20.0.3
              └─ babel-plugin-istanbul:4.1.5
                    └─ test-exclude:4.2.1
                          └─ micromatch:3.1.9
                                └─ extglob:2.0.4
                                      └─ expand-brackets:2.1.4
                                            └─ debug:2.6.9
                                └─ snapdragon:0.8.2
                                      └─ debug:2.6.9
        └─ eslint-plugin-import:2.8.0
              └─ debug:2.6.9
              └─ eslint-import-resolver-node:0.3.2
                    └─ debug:2.6.9
              └─ eslint-module-utils:2.1.1
                    └─ debug:2.6.9
        └─ react-dev-utils:5.0.0
              └─ detect-port-alt:1.1.5
                    └─ debug:2.6.9
              └─ sockjs-client:1.1.4
                    └─ debug:2.6.9
        └─ webpack-dev-server:2.9.4
              └─ compression:1.7.2
                    └─ debug:2.6.9
              └─ express:4.16.3
                    └─ body-parser:1.18.2
                          └─ debug:2.6.9
                    └─ debug:2.6.9
                    └─ finalhandler:1.1.1
                          └─ debug:2.6.9
                    └─ send:0.16.2
                          └─ debug:2.6.9
              └─ portfinder:1.0.13
                    └─ debug:2.6.9
              └─ serve-index:1.9.1
                    └─ debug:2.6.9
              └─ spdy:3.4.7
                    └─ debug:2.6.9
                    └─ spdy-transport:2.0.20
                          └─ debug:2.6.9

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of hoek:2.16.3

Vulnerabilities

DepShield reports that this application's usage of hoek:2.16.3 results in the following vulnerability(s):


Occurrences

hoek:2.16.3 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ hawk:3.1.3
                          └─ boom:2.10.1
                                └─ hoek:2.16.3
                          └─ hoek:2.16.3
                          └─ sntp:1.0.9
                                └─ hoek:2.16.3

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of node-forge:0.7.1

Vulnerabilities

DepShield reports that this application's usage of node-forge:0.7.1 results in the following vulnerability(s):


Occurrences

node-forge:0.7.1 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ webpack-dev-server:2.9.4
              └─ selfsigned:1.10.2
                    └─ node-forge:0.7.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.camelcase:4.3.0

Vulnerabilities

DepShield reports that this application's usage of lodash.camelcase:4.3.0 results in the following vulnerability(s):


Occurrences

lodash.camelcase:4.3.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ css-loader:0.28.7
              └─ lodash.camelcase:4.3.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 9.8) Vulnerability due to usage of lodash:4.17.5

Vulnerabilities

DepShield reports that this application's usage of lodash:4.17.5 results in the following vulnerability(s):


Occurrences

lodash:4.17.5 is a transitive dependency introduced by the following direct dependency(s):

babel-cli:6.26.0
        └─ babel-core:6.26.0
              └─ babel-generator:6.26.1
                    └─ lodash:4.17.5
              └─ babel-traverse:6.26.0
                    └─ lodash:4.17.5
              └─ babel-types:6.26.0
                    └─ lodash:4.17.5
              └─ lodash:4.17.5
        └─ babel-register:6.26.0
              └─ lodash:4.17.5
        └─ lodash:4.17.5

babel-plugin-transform-decorators-legacy:1.3.4
        └─ babel-template:6.26.0
              └─ lodash:4.17.5

babel-preset-env:1.6.1
        └─ babel-plugin-transform-es2015-block-scoping:6.26.0
              └─ lodash:4.17.5
        └─ babel-plugin-transform-es2015-classes:6.24.1
              └─ babel-helper-define-map:6.26.0
                    └─ lodash:4.17.5
        └─ babel-plugin-transform-es2015-sticky-regex:6.24.1
              └─ babel-helper-regex:6.26.0
                    └─ lodash:4.17.5

eslint:4.18.2
        └─ inquirer:3.3.0
              └─ lodash:4.17.5
        └─ lodash:4.17.5
        └─ table:4.0.2
              └─ lodash:4.17.5

react-scripts:1.1.1
        └─ eslint-plugin-flowtype:2.39.1
              └─ lodash:4.17.5
        └─ extract-text-webpack-plugin:3.0.2
              └─ async:2.6.0
                    └─ lodash:4.17.5
        └─ html-webpack-plugin:2.29.0
              └─ lodash:4.17.5
        └─ eslint:4.10.0
              └─ lodash:4.17.5
        └─ webpack-dev-server:2.9.4
              └─ http-proxy-middleware:0.17.4
                    └─ lodash:4.17.5
        └─ webpack-manifest-plugin:1.3.2
              └─ lodash:4.17.5

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.templatesettings:4.1.0

Vulnerabilities

DepShield reports that this application's usage of lodash.templatesettings:4.1.0 results in the following vulnerability(s):


Occurrences

lodash.templatesettings:4.1.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ sw-precache-webpack-plugin:0.11.4
              └─ sw-precache:5.2.1
                    └─ lodash.template:4.4.0
                          └─ lodash.templatesettings:4.1.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.uniq:4.5.0

Vulnerabilities

DepShield reports that this application's usage of lodash.uniq:4.5.0 results in the following vulnerability(s):


Occurrences

lodash.uniq:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ css-loader:0.28.7
              └─ cssnano:3.10.0
                    └─ postcss-merge-rules:2.1.2
                          └─ caniuse-api:1.6.1
                                └─ lodash.uniq:4.5.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 9.8) Vulnerability due to usage of deep-extend:0.4.2

Vulnerabilities

DepShield reports that this application's usage of deep-extend:0.4.2 results in the following vulnerability(s):


Occurrences

deep-extend:0.4.2 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ fsevents:1.1.3
              └─ node-pre-gyp:0.6.39
                    └─ rc:1.2.1
                          └─ deep-extend:0.4.2
        └─ sw-precache-webpack-plugin:0.11.4
              └─ sw-precache:5.2.1
                    └─ update-notifier:2.3.0
                          └─ latest-version:3.1.0
                                └─ package-json:4.0.1
                                      └─ registry-auth-token:3.3.2
                                            └─ rc:1.2.6
                                                  └─ deep-extend:0.4.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 6.1) Vulnerability due to usage of url-parse:1.0.5

Vulnerabilities

DepShield reports that this application's usage of url-parse:1.0.5 results in the following vulnerability(s):


Occurrences

url-parse:1.0.5 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ react-dev-utils:5.0.0
              └─ sockjs-client:1.1.4
                    └─ eventsource:0.1.6
                          └─ original:1.0.0
                                └─ url-parse:1.0.5

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of d:1.0.0

Vulnerabilities

DepShield reports that this application's usage of d:1.0.0 results in the following vulnerability(s):


Occurrences

d:1.0.0 is a transitive dependency introduced by the following direct dependency(s):

react-scripts:1.1.1
        └─ webpack:3.8.1
              └─ escope:3.6.0
                    └─ es6-map:0.1.5
                          └─ d:1.0.0
                          └─ es6-iterator:2.0.3
                                └─ d:1.0.0
                          └─ es6-set:0.1.5
                                └─ d:1.0.0
                          └─ es6-symbol:3.1.1
                                └─ d:1.0.0
                          └─ event-emitter:0.3.5
                                └─ d:1.0.0
                    └─ es6-weak-map:2.0.2
                          └─ d:1.0.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.