Skip to content
This repository has been archived by the owner on Jun 15, 2022. It is now read-only.

[Snyk] Security upgrade react-native from 0.10.1 to 0.16.0 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade react-native from 0.10.1 to 0.16.0 #3

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Dec 2, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • SearchBarExample/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 704/1000
Why? Has a fix available, CVSS 9.8		 Prototype Pollution
SNYK-JS-LODASH-590103		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: react-native The new version differs by 250 commits.
  • 8a9b534 Depend on 0.16.1 binaries from custom JCenter repo
  • b9a4b11 [0.16.0] Bump version numbers
  • cad4686 Rename PullToRefreshLayoutAndroid -> PullToRefreshViewAndroid
  • 49de9bd Support plugins that conform to ES6 modules
  • 147e9c3 Add for-of transform to babel configurations
  • 7a51ede Update touch handling to properly handle transformed Views
  • 0dffbf1 Use elevation to implement shadows on Android
  • b15a83a Open source SwipeRefreshLayoutAndroid
  • 3c2f0ed Add babel helpers necessary for es2015 imports
  • e5a6977 [0.16.0-rc] Bump version numbers
  • 0c2ee5d Update Android Touch events
  • e0d53e1 Fix move gesture handling.
  • e4dca7a Add JSON methods to systrace
  • 02b67d9 BridgeProfiling measure methods
  • 6b3a6e5 Unbreak open source release due to import of internal module
  • f827a51 Fixed double-callback for cached images
  • 274c5c7 Support cookies on Android
  • f57c2a9 Add GuardedResultAsyncTask
  • 5447002 remove prepare_command in podspec file
  • a97dbe0 Merge pull request #4278 from darkrishabh/showcase
  • 156b5ad Adding DareU to the Showcase
  • 16dd5d6 Add systrace markers to module require
  • 43f18ff Add infra for Prepack build option
  • aa399f0 Merge pull request #4258 from mikefowler/master

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot