Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , , , ramda, react-native, react-native-calendars, react-native-config, react-native-screens #19

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade: , , , ramda, react-native, react-native-calendars, react-native-config, react-native-screens #19

wants to merge 1 commit into from

Conversation

Olaw2jr
Copy link
Owner

@Olaw2jr Olaw2jr commented Sep 23, 2024

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@react-native-async-storage/async-storage
from 1.23.1 to 1.24.0 | 1 version ahead of your current version | 2 months ago
on 2024-07-12
@react-navigation/native
from 6.1.17 to 6.1.18 | 1 version ahead of your current version | 2 months ago
on 2024-07-16
@react-navigation/native-stack
from 6.9.26 to 6.11.0 | 3 versions ahead of your current version | 2 months ago
on 2024-07-25
ramda
from 0.27.2 to 0.30.1 | 5 versions ahead of your current version | 4 months ago
on 2024-06-02
react-native
from 0.74.2 to 0.75.2 | 120 versions ahead of your current version | a month ago
on 2024-08-20
react-native-calendars
from 1.1305.0 to 1.1306.0 | 8 versions ahead of your current version | 2 months ago
on 2024-07-23
react-native-config
from 1.5.2 to 1.5.3 | 1 version ahead of your current version | 2 months ago
on 2024-07-30
react-native-screens
from 3.32.0 to 3.34.0 | 2 versions ahead of your current version | 2 months ago
on 2024-08-05

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 696 Proof of Concept
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 696 Proof of Concept
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 696 No Known Exploit
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		 696 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-FASTXMLPARSER-7573289		 696 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SEND-7926862		 696 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865		 696 No Known Exploit
Release notes
Package name: @react-native-async-storage/async-storage from @react-native-async-storage/async-storage GitHub release notes
Package name: @react-navigation/native
  • 6.1.18 - 2024-07-16
  • 6.1.17 - 2024-03-18
from @react-navigation/native GitHub release notes
Package name: @react-navigation/native-stack
  • 6.11.0 - 2024-07-25
  • 6.10.1 - 2024-07-16
  • 6.10.0 - 2024-07-01
  • 6.9.26 - 2024-03-18
from @react-navigation/native-stack GitHub release notes
Package name: ramda from ramda GitHub release notes
Package name: react-native
  • 0.75.2 - 2024-08-20

    Added

    Android specific

    • codegen: Add support for handling com.facebook.react.bridge.Dynamic as parameter for TurboModules (45cd81706d by @ cortinico)

    Changed

    Android specific

    • ReactRootView: Replaced mLastHeight with mVisibleViewArea.height() since mLastHeight value is not getting updated. For width we are already using mVisibleViewArea.width() (603eb94dd9 by @ shubhamguptadream11)

    Removed

    iOS specific

    Fixed

    Android specific

    Hermes dSYMS:

    You can file issues or pick requests against this release here.

    To help you upgrade to this version, you can use the Upgrade Helper ⚛️.

    View the whole changelog in the CHANGELOG.md file.

  • 0.75.1 - 2024-08-15

    v0.75.1

    Changed

    Hermes dSYMS:

    You can file issues or pick requests against this release here.

    To help you upgrade to this version, you can use the Upgrade Helper ⚛️.

    View the whole changelog in the CHANGELOG.md file.

  • 0.75.0 - 2024-08-14

    0.75 stable is out!

    This release includes over 1491 commits from 165 contributors! Thank you to all our contributors new and old! See the highlights of the release in our release blog post.

    Hermes dSYMS:

    You can file issues or pick requests against this release here.

    To help you upgrade to this version, you can use the Upgrade Helper ⚛️.

    View the whole changelog in the CHANGELOG.md file

  • 0.75.0-rc.7 - 2024-08-06

    Changed

    Hermes dSYMS:

    You can file issues or pick requests against this release here

    To help you upgrade to this version, you can use the upgrade helper ⚛️

    You can find the whole changelog history in the changelog.md file.

  • 0.75.0-rc.6 - 2024-07-29
  • 0.75.0-rc.5 - 2024-07-15
  • 0.75.0-rc.4 - 2024-07-08
  • 0.75.0-rc.3 - 2024-07-01
  • 0.75.0-rc.2 - 2024-06-26
  • 0.75.0-rc.1 - 2024-06-25
  • 0.75.0-rc.0 - 2024-06-19
  • 0.75.0-nightly-20240618-5df5ed1a8 - 2024-06-18
  • 0.75.0-nightly-20240617-9435097b1 - 2024-06-17
  • 0.75.0-nightly-20240616-2f8d4f0c2 - 2024-06-16
  • 0.75.0-nightly-20240614-8b53d41a8 - 2024-06-14
  • 0.75.0-nightly-20240613-f7aea0c8e - 2024-06-13
  • 0.75.0-nightly-20240612-fd618819c - 2024-06-12
  • 0.75.0-nightly-20240611-5b3a32142 - 2024-06-11
  • 0.75.0-nightly-20240610-ced076210 - 2024-06-10
  • 0.75.0-nightly-20240610-6937c7044 - 2024-06-10
  • 0.75.0-nightly-20240609-2483c6301 - 2024-06-09
  • 0.75.0-nightly-20240608-61de7da03 - 2024-06-08
  • 0.75.0-nightly-20240606-cf8b25ead - 2024-06-06
  • 0.75.0-nightly-20240606-4324f0874 - 2024-06-06
  • 0.75.0-nightly-20240605-a569c82eb - 2024-06-05
  • 0.75.0-nightly-20240605-TEMP - 2024-06-05
  • 0.75.0-nightly-20240604-744024be7 - 2024-06-04
  • 0.75.0-nightly-20240603-a6a7cdf0b - 2024-06-03
  • 0.75.0-nightly-20240602-033a55f7f - 2024-06-02
  • 0.75.0-nightly-20240601-033a55f7f - 2024-06-01
  • 0.75.0-nightly-20240531-c046198cc - 2024-05-31
  • 0.75.0-nightly-20240530-0bea4cd0c - 2024-05-30
  • 0.75.0-nightly-20240529-5fbebb485 - 2024-05-29
  • 0.75.0-nightly-20240528-a93a15aca - 2024-05-28
  • 0.75.0-nightly-20240527-c207708c4 - 2024-05-27
  • 0.75.0-nightly-20240525-840c31c3a - 2024-05-25
  • 0.75.0-nightly-20240524-91d12d9b9 - 2024-05-24
  • 0.75.0-nightly-20240523-1343313dc - 2024-05-23
  • 0.75.0-nightly-20240522-95de14dc5 - 2024-05-22
  • 0.75.0-nightly-20240521-644facd19 - 2024-05-21
  • 0.75.0-nightly-20240520-2a96dba07 - 2024-05-20
  • 0.75.0-nightly-20240519-93c079b92 - 2024-05-19
  • 0.75.0-nightly-20240518-93c079b92 - 2024-05-18
  • 0.75.0-nightly-20240517-044aadbaf - 2024-05-17
  • 0.75.0-nightly-20240516-1aabefc5b - 2024-05-16
  • 0.75.0-nightly-20240515-ad4c39ec9 - 2024-05-15
  • 0.75.0-nightly-20240514-734ac42d6 - 2024-05-14
  • 0.75.0-nightly-20240512-a37111a4d - 2024-05-12
  • 0.75.0-nightly-20240511-3f17c8b5f - 2024-05-11
  • 0.75.0-nightly-20240510-1db50a37d - 2024-05-10
  • 0.75.0-nightly-20240509-f4996e0b6 - 2024-05-09
  • 0.75.0-nightly-20240508-88ab1ceea - 2024-05-08
  • 0.75.0-nightly-20240507-be09d1266 - 2024-05-07
  • 0.75.0-nightly-20240506-362abb9ff - 2024-05-06
  • 0.75.0-nightly-20240503-1d2221ab4 - 2024-05-03
  • 0.75.0-nightly-20240502-88de74b2d - 2024-05-02
  • 0.75.0-nightly-20240501-90663081d - 2024-05-01
  • 0.75.0-nightly-20240430-c96c89337 - 2024-04-30
  • 0.75.0-nightly-20240429-b7de91666 - 2024-04-29
  • 0.75.0-nightly-20240428-bb2c13af5 - 2024-04-28
  • 0.75.0-nightly-20240427-e2ad6696d - 2024-04-27
  • 0.75.0-nightly-20240426-9c4ee6df0 - 2024-04-26
  • 0.75.0-nightly-20240425-2876fae8d - 2024-04-25
  • 0.75.0-nightly-20240424-132563d81 - 2024-04-24
  • 0.75.0-nightly-20240423-41f525cca - 2024-04-23
  • 0.75.0-nightly-20240422-876914be5 - 2024-04-22
  • 0.75.0-nightly-20240420-03a51da72 - 2024-04-20
  • 0.75.0-nightly-20240419-73b4d67a7 - 2024-04-19
  • 0.75.0-nightly-20240418-4fbc1f2ef - 2024-04-18
  • 0.75.0-nightly-20240417-fe9942a19 - 2024-04-17
  • 0.75.0-nightly-20240416-8c53ac607 - 2024-04-16
  • 0.75.0-nightly-20240415-e7154bdd9 - 2024-04-15
  • 0.75.0-nightly-20240414-a5eeea814 - 2024-04-14
  • 0.75.0-nightly-20240413-1b152f6ec - 2024-04-13
  • 0.75.0-nightly-20240412-b72f5e998 - 2024-04-12
  • 0.75.0-nightly-20240411-46b6453eb - 2024-04-11
  • 0.75.0-nightly-20240410-f7eaf6388 - 2024-04-10
  • 0.75.0-nightly-20240409-881c0bc89 - 2024-04-09
  • 0.75.0-nightly-20240408-eae5d9711 - 2024-04-08
  • 0.75.0-nightly-20240407-592716582 - 2024-04-07
  • 0.75.0-nightly-20240406-a05466c5b - 2024-04-06
  • 0.75.0-nightly-20240405-3f05ad6e8 - 2024-04-05
  • 0.75.0-nightly-20240404-70c3158b6 - 2024-04-04
  • 0.75.0-nightly-20240403-3559a6c58 - 2024-04-03
  • 0.75.0-nightly-20240329-3f8882116 - 2024-03-29
  • 0.75.0-nightly-20240328-af309127a - 2024-03-28
  • 0.75.0-nightly-20240327-2af1da42f - 2024-03-27
  • 0.75.0-nightly-20240325-ac714b1c3 - 2024-03-25
  • 0.75.0-nightly-20240324-4c8e253d8 - 2024-03-24
  • 0.75.0-nightly-20240323-37e362699 - 2024-03-23
  • 0.75.0-nightly-20240322-b13e9f8f7 - 2024-03-22
  • 0.75.0-nightly-20240321-7d180d712 - 2024-03-21
  • 0.75.0-nightly-20240320-0267ca0a4 - 2024-03-20
  • 0.75.0-nightly-20240319-d97741af6 - 2024-03-19
  • 0.75.0-nightly-20240318-a87fb56ef - 2024-03-18
  • 0.75.0-nightly-20240317-06dc448d8 - 2024-03-17
  • 0.75.0-nightly-20240316-06dc448d8 - 2024-03-16
  • 0.75.0-nightly-20240315-f2f62cdf5 - 2024-03-15
  • 0.75.0-nightly-20240315-e180f805e - 2024-03-15
  • 0.75.0-nightly-20240312-41b637194 - 2024-03-12
  • 0.75.0-nightly-20240311-3706bf077 - 2024-03-11
  • 0.75.0-nightly-20240310-e2157f063 - 2024-03-10
  • 0.75.0-nightly-20240309-e2157f063 - 2024-03-09
  • 0.75.0-nightly-20240308-6c28c87c4 - 2024-03-08
  • 0.75.0-nightly-20240308-208be5000 - 2024-03-08
  • 0.75.0-nightly-20240307-ff03b149e - 2024-03-07
  • 0.75.0-nightly-20240306-c645646a2 - 2024-03-06
  • 0.75.0-nightly-20240305-9aeb9f2f9 - 2024-03-05
  • 0.75.0-nightly-20240304-ec928d7a6 - 2024-03-04
  • 0.75.0-nightly-20240303-7d4778104 - 2024-03-03
  • 0.75.0-nightly-20240302-7d4778104 - 2024-03-02
  • 0.75.0-nightly-20240229-21171222e - 2024-02-29
  • 0.75.0-nightly-20240228-252ef19c8 - 2024-02-28
  • 0.75.0-nightly-20240227-8317325fb - 2024-02-27
  • 0.75.0-nightly-20240223-c7bacf610 - 2024-02-23
  • 0.75.0-nightly-20240222-2dc39c26e - 2024-02-22
  • 0.75.0-nightly-20240221-a1171f79f - 2024-02-21
  • 0.74.5 - 2024-08-05

    Fixed

    iOS specific

    Android specific

    Hermes dSYMS:

    You can file issues or pick requests against this release here.

    To help you upgrade to this version, you can use the Upgrade Helper ⚛️.

    View the whole changelog in the CHANGELOG.md file.

  • 0.74.4 - 2024-07-30
  • 0.74.3 - 2024-07-01
  • 0.74.2 - 2024-06-04
from react-native GitHub release notes
Package name: react-native-calendars from react-native-calendars GitHub release notes
Package name: react-native-config from react-native-config GitHub release notes
Package name: react-native-screens
  • 3.34.0 - 2024-08-05

    Recently released 3.33.0 introduced a crash when running on Android + Fabric + "bridgefull" combination of platform / architecture. This version introduces a fix for that crash with changes in native code, thus bumping minor version.

    What's Changed

    🐛 Bug fixes

    • Android, Fabric, bridge-mode: patch crash with context detached from activity by @ kkafar in #2276

    🔢 Miscellaneous

    • Extend logging in architecture-integrity scripts & add NativeProxy.kt to blacklist by @ kkafar in #2281
    • Aggregate updates from dependabot by @ kkafar in #2267

    Full Changelog: 3.33.0...3.34.0

  • 3.33.0 - 2024-07-31

    Minor release heavily focused on fixing existing Fabric bugs. This version also comes with compatibility with react-native@0.75 (in its current state - 0.75-rc.6) and a new prop for shadow control (details below).

    We want to give a shoutout to @ janicduplessis and every person who reported issues in our repository. This is really a big help, thanks a lot! You are the cornerstone of open source community!

    Thanks for following along! 💙

    What's Changed

    Here's more detailed information on what changes this release introduces.

    👍 Improvements

    🐛 Bug fixes

    • Android, Fabric: Fix jumping content with native header by @ kkafar in #2169
    • iOS, Fabric: Add missing logic for finding touch handler by @ kkafar in #2193
    • Android, Paper: Fix apps soft crash on exception due to detached context by @ kkafar in #2199
    • iOS: Fullscreenmodal color scheme adaptability by @ alduzy in #2211
    • Fix react-native-screens not building on visionOS by @ okwasniewski in #2210
    • Fix back button does not respect I18nManager & improve RTL handling in header by @ alduzy in #2185
    • Android, Fabric: Fix missing negation in check for mismatched frames by @ kkafar in #2214
    • Android: Fix header shadow not hidden on go back by @ alduzy in #2216
    • iOS, Paper: Fix possibility of infinite loop when swiping back in nested stack by @ kkafar in #2223
    • Fix bug with header hide prop on the screen under the modal by @ kuczi55 in #2229
    • Fix white flash on tab change when using native stack by @ alduzy in #2188
    • iOS: Fix push and pop transitions change after full screen back swipe by @ maksg in #2234
    • Fix navbar appearance customization by @ alduzy in #2237
    • Removed deprecated test that caused fabric bundle failure by @ alduzy in #2245
    • iOS, Fabric: Fix header left and right layout on fabric by @ alduzy, @ kkafar in #2248
    • Android: Comply to breaking changes in Android SDK 35 by @ kkafar in #2258
    • iOS, Fabric: Take snapshot in unmountChildComponent:index: by @ kkafar in #2261
    • iOS, Fabric: Fix flickering custom header items by @ alduzy, @ kkafar in #2247
    • iOS, Fabric: Crash while pushing n different screens at the same time by @ tboba in #2249
    • iOS, Fabric: Update HeaderConfig view controller after unmounting subviews by @ janicduplessis in #2230
    • iOS, Fabric: Fix on-interactive screen while switching between bottom-tab and native-stack navigators by @ tboba in #2260
    • Fabric: Fix not working animations on second-top screen by @ WoLewicki in #2270

    🔢 Miscellaneous

@snyk-bot
fix: upgrade multiple dependencies with Snyk
98f87dd 
Snyk has created this PR to upgrade:
  - @react-native-async-storage/async-storage from 1.23.1 to 1.24.0.
    See this package in npm: https://www.npmjs.com/package/@react-native-async-storage/async-storage
  - @react-navigation/native from 6.1.17 to 6.1.18.
    See this package in npm: https://www.npmjs.com/package/@react-navigation/native
  - @react-navigation/native-stack from 6.9.26 to 6.11.0.
    See this package in npm: https://www.npmjs.com/package/@react-navigation/native-stack
  - ramda from 0.27.2 to 0.30.1.
    See this package in npm: https://www.npmjs.com/package/ramda
  - react-native from 0.74.2 to 0.75.2.
    See this package in npm: https://www.npmjs.com/package/react-native
  - react-native-calendars from 1.1305.0 to 1.1306.0.
    See this package in npm: https://www.npmjs.com/package/react-native-calendars
  - react-native-config from 1.5.2 to 1.5.3.
    See this package in npm: https://www.npmjs.com/package/react-native-config
  - react-native-screens from 3.32.0 to 3.34.0.
    See this package in npm: https://www.npmjs.com/package/react-native-screens

See this project in Snyk:
https://app.snyk.io/org/olaw2jr/project/ba172d78-bafc-4e40-b1b0-03bd813d97c2?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Olaw2jr @snyk-bot