Security News > 2022 > January > npm dependency is breaking some React apps today — here's the fix
The cause has been traced down to a dependency used by create-react-app, the latest version of which is breaking developers' apps.
Create React App is an open source project produced by Facebook and made available on both GitHub and npm to help developers build single-page React applications fast.
Software engineer John Athanasiou and front-end developer Ronald Groot Jebbink have been joined by many GitHub users who reported problems building their create-react-app builds into today.
With over 7,000 npm projects depending on Mini CSS Extract Plugin, the project receives 10 million weekly downloads on average on the npm registry.
Note, Facebook's Create React App may not be the only prominent application to be impacted by the new dependency version.
Although not malicious in nature, this incident follows last week's news of popular 'colors' and 'faker' npm dependencies breaking thousands of software projects after their developer had corrupted them.