Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade metro-react-native-babel-preset from 0.67.0 to 0.77.0 #57

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade metro-react-native-babel-preset from 0.67.0 to 0.77.0 #57

wants to merge 1 commit into from

Conversation

vladovello
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade metro-react-native-babel-preset from 0.67.0 to 0.77.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 43 versions ahead of your current version.

  • The recommended version was released 10 months ago, on 2023-07-06.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 786/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.3		 Proof of Concept
Prototype Pollution
SNYK-JS-JSON5-3182856		 786/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: metro-react-native-babel-preset
  • 0.77.0 - 2023-07-06
    • [Breaking]: Increase minimum Node version from 16 to 18. (ebaf27a by @ arushikesarwani94)
    • [Breaking]: Use Terser's default for comments. (#972 by @ tido64)
    • [Breaking]: Remove metro-minify-uglify from metro dependencies. (7a8fcd5 by @ robhogan)
    • [Fix]: Fixed a bug in the handling of path separators in blockList on Windows. (2eecfc7 by @ motiz88)
    • [Fix]: Protect against unsafe merging of blockList patterns with inconsistent regex flags. (c80904b by @ motiz88)
    • [Fix]: Incorrect worker resolution when multiple metro versions are installed. (6d46078 by @ robhogan)
    • [Performance]: Improve resolution performance for files outside the project root. (dc3cddf by @ robhogan)
    • [Performance]: Improved startup speed via a new file map cache format. (166477e by @ robhogan)

    NOTE: Experimental features are not covered by semver and can change at any time.

    • [Experimental]: metro-file-map: Normalize root-relative paths for cross-platform cache compatibility. (d282a08 by @ motiz88)
    • [Experimental]: Fix crash when require.context is used on a directory with infinite path expansions. (14d652f by @ robhogan)

    Full Changelog: v0.76.7...v0.77.0

  • 0.76.9 - 2024-01-30
  • 0.76.8 - 2023-08-07
  • 0.76.7 - 2023-06-21
    • [Feature]: metro-babel-transformer and metro-react-native-babel-transformer will return metadata from Babel transform results. (42fdbc2 by @ robhogan)
    • [Feature]: Expose TerminalReporter for Reporter implementations. (417e6f2 by @ colinta)
    • [Feature]: Allow client-side device identifiers in inspector proxy. (c6a94bc by @ byCedric)
    • [Fix]: EPERM file watching errors on Windows. (4b22efb by @ robhogan)

    Full Changelog: v0.76.6...v0.76.7

  • 0.76.6 - 2023-06-07
    • [Types] Update config and Server types to use broader types from connect package (d20d7c8 by @ huntie)
    • [Types] Fix TypeScript name for createConnectMiddleware export (06682f8 by @ huntie)
    • [Deprecation] Deprecate server.enhanceMiddleware option (22e85fd by @ huntie)

    NOTE: Experimental features are not covered by semver and can change at any time.

    • [Experimental] Add unstable_extraMiddleware option to runServer API (d0d5543 by @ huntie)

    Full Changelog: v0.76.5...v0.76.6

  • 0.76.5 - 2023-05-25
    • [Feature] Support URLs for both bundling and symbolication requests using //& instead of ? as a query string delimiter (bd357c8 by @ robhogan)
    • [Fix] Fix crash on a module added+modified+removed between updates (5d7305e by @ robhogan)
    • [Fix] Fix missed modification on module removed+modified+added between updates (5d7305e by @ robhogan)
    • [Fix] Emit source URLs in a format that will not be stripped by JavaScriptCore (bce6b27 by @ robhogan)
    • [Performance] Prune unmodified modules from delta updates before sending them to the client (e24c6ae by @ robhogan)

    NOTE: Experimental features are not covered by semver and can change at any time.

    • [Experimental] Fix babel/runtime issue when using Package Exports (905d773 by @ huntie)

    Full Changelog: v0.76.4...v0.76.5

  • 0.76.4 - 2023-05-10

    Full Changelog: v0.76.3...v0.76.4

  • 0.76.3 - 2023-04-24

    NOTE: Experimental features are not covered by semver and can change at any time.

    • [Experimental] Package Exports unstable_conditionNames now defaults to ['require', 'import'] (e70ceef by @ huntie)
    • [Experimental] Removed server.experimentalImportBundleSupport config option. (4ef14f9 by @ motiz88)

    Full Changelog: v0.76.2...v0.76.3

  • 0.76.2 - 2023-04-14
    • [Feature]: Added customizeStack hook to Metro's /symbolicate endpoint to allow custom frame skipping logic on a stack level. (ce266dd by @ GijsWeterings)
    • [Feature]: Re-export metro-core's Terminal from metro. (86e3f93 by @ robhogan)
    • [Feature]: Re-export metro-config's resolveConfig from metro. (cc16664 by @ robhogan)
    • [Types]: Remove dependency on @ types/babel__code-frame. (41cdc03 by @ robhogan)
    • [Types]: Remove dependency on @ types/ws. (7deb525 by @ robhogan)
    • [Types]: Fix TypeScript types entry point for metro-source-map. (3238bbc by @ huntie)
    • [Deprecated]: Deprecate ResolutionContext.getPackageForModule. (2d0a01c by @ huntie)

    NOTE: Experimental features are not covered by semver and can change at any time.

    • [Experimental]: Pass full path and query params to asyncRequire for lazy bundles. (61a30b7 by @ motiz88)
    • [Experimental]: Fix bug where Package Exports warnings may have been logged for nested node_modules path candidates. (29c77bf by @ huntie)
    • [Experimental]: Fix package.json discovery against root package specifiers for Package Exports. (b995303 by @ huntie, fixes #965 reported by @ shamilovtim)

    Full Changelog: v0.76.1...v0.76.2

  • 0.76.1 - 2023-04-03
  • 0.76.0 - 2023-03-06
  • 0.75.1 - 2023-02-22
  • 0.75.0 - 2023-02-01
  • 0.74.1 - 2023-01-20
  • 0.74.0 - 2023-01-09
  • 0.73.10 - 2023-06-07

    This is a hotfix on the 0.73.x branch.

    • [Feature] Support URLs for both bundling and symbolication requests using //& instead of ? as a query string delimiter (#994 by @ robhogan)
    • [Fix] Emit source URLs in a format that will not be stripped by JavaScriptCore (#994 by @ robhogan)

    Full Changelog: v0.73.9...v0.73.10

  • 0.73.9 - 2023-03-21
  • 0.73.8 - 2023-02-20
  • 0.73.7 - 2023-01-05
  • 0.73.6 - 2022-12-15
  • 0.73.5 - 2022-12-01
  • 0.73.4 - 2022-12-01
  • 0.73.3 - 2022-10-26
  • 0.73.2 - 2022-10-13
  • 0.73.1 - 2022-10-06
  • 0.73.0 - 2022-10-04
  • 0.72.4 - 2023-06-07

    This is a hotfix on the 0.72.x branch.

    • [Feature] Support URLs for both bundling and symbolication requests using //& instead of ? as a query string delimiter (#993 by @ robhogan)
    • [Fix] Emit source URLs in a format that will not be stripped by JavaScriptCore (#993 by @ robhogan)

    Full Changelog: v0.72.3...v0.72.4

  • 0.72.3 - 2022-09-14
  • 0.72.2 - 2022-09-05
  • 0.72.1 - 2022-08-18
  • 0.72.0 - 2022-07-28
  • 0.71.3 - 2022-07-06
  • 0.71.2 - 2022-06-27
  • 0.71.1 - 2022-06-10
  • 0.71.0 - 2022-05-23
  • 0.70.4 - 2023-06-07

    This is a hotfix on the 0.70.x branch.

    • [Feature] Support URLs for both bundling and symbolication requests using //& instead of ? as a query string delimiter. (#996 by @ robhogan)
    • [Fix] Emit source URLs in a format that will not be stripped by JavaScriptCore. (#996 by @ robhogan)

    Full Changelog: v0.70.3...v0.70.4

  • 0.70.3 - 2022-05-05
  • 0.70.2 - 2022-04-22
  • 0.70.1 - 2022-04-07
  • 0.70.0 - 2022-03-28
  • 0.69.1 - 2022-03-15
  • 0.69.0 - 2022-02-26
  • 0.68.0 - 2022-02-09
  • 0.67.0 - 2022-01-26
from metro-react-native-babel-preset GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

@snyk-bot
fix: upgrade metro-react-native-babel-preset from 0.67.0 to 0.77.0
35bd44d 
Snyk has created this PR to upgrade metro-react-native-babel-preset from 0.67.0 to 0.77.0.

See this package in npm:
metro-react-native-babel-preset

See this project in Snyk:
https://app.snyk.io/org/vladovello/project/54b973b7-8963-4088-93de-50620f701546?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@vladovello @snyk-bot