https://descope.com logo
Join Slack
Powered by
:grey_question:Sample ReactJS app in a sandbox? F...
# ask-a-descoper
t
Sample ReactJS app in a sandbox? Fast POC in flight with a meeting with our CEO at 6pm. I am in a no-low code situation and could use a quick way to wrap a 'hello world' react web app with the auth exp
g
Hey Laura! React sdk is an open source and contains a sample app under examples/app folder (you can run if from repo folder with 
npm run start
) in addiiton, more elaborated samples in https://github.com/descope-sample-apps/
❤️ 1
s
Let me know as well if you need any assistance with them. I was going to get the links to the sample apps as well.
f
@thousands-alarm-31103 if you are not living on the edge, you are wasting space! 💪🏼 🤙🏼 😅
❤️ 2
t
I'm close guys 😉
🙌 1
🗣️ Heads up — Your b2b-react-sample-app project has 7 major vulnerabilities If I attempt to update your project, I could break it. Why it matters: As an influencer buying decision, I am noting that you are offering sample projects that are not maintained. This could be viewed as a strike against adoption of the commercial grade product because it implies risk that your practices on the commercial grade product may be weak. When I am evaluating an auth provider I look for signs like this. --> Recommendation ---> Limit your sample apps to a ‘certified’ set and hold them at the same quality bar you hold your commercial grade product offering. 🔬 Zoom In 1. w3c-hr-time: The package is deprecated because modern JavaScript platforms natively support 
performance.now()
and 
performance.timeOrigin
. You should replace the use of this package with the native methods. 2. svgo: The version 1.3.2 of SVGO is no longer supported. You should upgrade to version 2.x.x to continue receiving updates and bug fixes. 3. stable: Modern JavaScript guarantees that 
Array#sort()
is a stable sort, making this library unnecessary. You can remove this package and use the native 
Array#sort()
method. 4. sourcemap-codec: This package is deprecated and replaced by the 
@jridgewell/sourcemap-codec
package. You should update your project to use the new package. 5. rollup-plugin-terser: This package is deprecated and no longer maintained. You should replace it with the 
@rollup/plugin-terser
package.
Copy code
npm WARN deprecated w3c-hr-time@1.0.2: Use your platform's native performance.now() and performance.timeOrigin.
npm WARN deprecated svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: <https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility>
npm WARN deprecated sourcemap-codec@1.4.8: Please use @jridgewell/sourcemap-codec instead
npm WARN deprecated rollup-plugin-terser@7.0.2: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-terser
Thank you for taking my feedback. 🙂
it appears your B2C project has 8
I’ve submitted gitissues for both
g
@thousands-alarm-31103 thanks a lot for the detailed feedback! We’ll make sure to address all the issue you mentioned. just FYI, we are working on some more streamlined process to identify and update deps vulnerabilities and deprecation in Descope sample apps organisation Again we would like to appreciate the detailed explanation, if you have any further feedback, we would be happy to receive it, Thanks!
t
Happy to share. I’m a product nerd and live your team’s side of the process of building a company on a technical product.
🙏 2
Getting detailed feedback with the ‘need state’ context is very hard, so I try to serve the community with actionable specific feedback tied to my journey as a customer/decision maker
👏 1
Open in Slack
PreviousNext
Powered by