This repository has been archived by the owner on Dec 20, 2023. It is now read-only.
Set react and react-dom as peer dependencies #1
Comments
|
Great proposal, @joseph-tohdjojo I'll update it today! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In the
package.jsonfile, we are requiring react and react-dom as a dependency but this package shouldn't bring in it's own version of react if it's meant to be used with react and react-dom already. Those packages should be declared as peer dependencies. If I understand it correctly, this should reduce our bundle size as well since we wont be importing a separate version of react and react-domThis fix should also fix the security vulnerability in react-dom mentioned here: https://nvd.nist.gov/vuln/detail/CVE-2018-6341
The text was updated successfully, but these errors were encountered: