kylefang/create-react-app
1
0
Fork 0
mirror of https://github.com/zhigang1992/create-react-app.git synced 2026-04-01 22:38:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add a note about fixed vulnerability in 1.0.8

Browse Source
This commit is contained in:
Dan Abramov
2017-06-28 18:19:19 +01:00
committed by GitHub
parent 7796c94d79
commit 76ad76e313
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@@ -165,6 +165,8 @@ or
yarn add --dev --exact react-scripts@1.0.8
```
**If you previously used `HTTPS=true` environment variable in development**, make sure you aren't affected by a now-fixed vulnerability in Webpack by [visiting this page](http://badcert.mike.works/). You can read more about the vulnerability [here](https://medium.com/@mikenorth/webpack-preact-cli-vulnerability-961572624c54).
You may optionally then move `react-scripts` from `devDependencies` to `dependencies` since thats how well structure newly created projects. It is not necessary though.
If you left the service worker integration enabled and didnt change how it works, you can replace `src/registerServiceWorker.js` with [this updated version](https://raw.githubusercontent.com/facebookincubator/create-react-app/895c475d3fc218c65dcac9a3ef3f2c0ea746a1ed/packages/react-scripts/template/src/registerServiceWorker.js).