[Snyk] Upgrade: react, , , , eas-cli, expo, expo-status-bar, mongodb, mongoose, react-native, react-native-reanimated, react-native-safe-area-context, react-native-screens, react-native-svg, tailwindcss #188

arenault-pass · 2024-09-20T10:20:22Z

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

react
from 18.2.0 to 18.3.1 | 385 versions ahead of your current version | 5 months ago
on 2024-04-26
@react-native-async-storage/async-storage
from 1.23.1 to 1.24.0 | 1 version ahead of your current version | 2 months ago
on 2024-07-12
@react-navigation/native
from 6.1.10 to 6.1.18 | 8 versions ahead of your current version | 2 months ago
on 2024-07-16
@react-navigation/native-stack
from 6.9.17 to 6.11.0 | 12 versions ahead of your current version | 2 months ago
on 2024-07-25
eas-cli
from 7.3.0 to 7.8.5 | 12 versions ahead of your current version | 5 months ago
on 2024-04-26
expo
from 50.0.15 to 50.0.20 | 5 versions ahead of your current version | a month ago
on 2024-08-08
expo-status-bar
from 1.6.0 to 1.12.1 | 9 versions ahead of your current version | 5 months ago
on 2024-04-23
mongodb
from 6.3.0 to 6.8.0 | 87 versions ahead of your current version | 3 months ago
on 2024-06-27
mongoose
from 8.2.0 to 8.6.0 | 23 versions ahead of your current version | 23 days ago
on 2024-08-28
react-native
from 0.72.10 to 0.75.2 | 429 versions ahead of your current version | a month ago
on 2024-08-20
react-native-reanimated
from 3.3.0 to 3.15.1 | 445 versions ahead of your current version | 23 days ago
on 2024-08-28
react-native-safe-area-context
from 4.6.3 to 4.10.9 | 24 versions ahead of your current version | a month ago
on 2024-08-15
react-native-screens
from 3.22.1 to 3.34.0 | 16 versions ahead of your current version | a month ago
on 2024-08-05
react-native-svg
from 13.9.0 to 13.14.1 | 6 versions ahead of your current version | 4 months ago
on 2024-05-15
tailwindcss
from 3.3.2 to 3.4.10 | 16 versions ahead of your current version | a month ago
on 2024-08-13

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	646	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-FASTXMLPARSER-7573289	646	No Known Exploit
Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	646	Proof of Concept
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	646	No Known Exploit

Release notes

Package name: react

18.3.1 - 2024-04-26
- Export act from react f1338f
18.3.0 - 2024-04-25
This release is identical to 18.2 but adds warnings for deprecated APIs and other changes that are needed for React 19.

Read the React 19 Upgrade Guide for more info.

React
- Allow writing to this.refs to support string ref codemod 909071
- Warn for deprecated findDOMNode outside StrictMode c3b283
- Warn for deprecated test-utils methods d4ea75
- Warn for deprecated Legacy Context outside StrictMode 415ee0
- Warn for deprecated string refs outside StrictMode #25383
- Warn for deprecated defaultProps for function components #25699
- Warn when spreading key #25697
- Warn when using act from test-utils d4ea75
React DOM
- Warn for deprecated unmountComponentAtNode 8a015b
- Warn for deprecated renderToStaticNodeStream #28874
18.3.0-next-fecc288b7-20221025 - 2022-10-25
18.3.0-next-fccf3a9fb-20230213 - 2023-02-14
18.3.0-next-fabef7a6b-20221215 - 2022-12-16
18.3.0-next-fa4314841-20230502 - 2023-05-03
18.3.0-next-f828bad38-20230313 - 2023-03-13
18.3.0-next-f0efa1164-20220901 - 2022-09-02
18.3.0-next-f0534ae94-20221202 - 2022-12-05
18.3.0-next-efc6a08e9-20220923 - 2022-09-23
18.3.0-next-ee8509801-20230117 - 2023-01-17
18.3.0-next-edbfc6399-20221128 - 2022-11-29
18.3.0-next-ed545ae3d-20230425 - 2023-04-25
18.3.0-next-e98225485-20221129 - 2022-11-30
18.3.0-next-e7c5af45c-20221023 - 2022-10-24
18.3.0-next-e6a062bd2-20220913 - 2022-09-13
18.3.0-next-e61fd91f5-20220630 - 2022-06-30
18.3.0-next-e40893d09-20221005 - 2022-10-06
18.3.0-next-e225fa43a-20220711 - 2022-07-12
18.3.0-next-e1dd0a2f5-20221115 - 2022-11-16
18.3.0-next-de7d1c907-20221223 - 2022-12-26
18.3.0-next-dd5365878-20230407 - 2023-04-07
18.3.0-next-dd2d65227-20220708 - 2022-07-11
18.3.0-next-d962f35ca-20230418 - 2023-04-18
18.3.0-next-d925a8d0b-20221024 - 2022-10-24
18.3.0-next-d807eb52c-20221205 - 2022-12-06
18.3.0-next-d49e0e0be-20230302 - 2023-03-02
18.3.0-next-d1e35c703-20221110 - 2022-11-10
18.3.0-next-d1bb1c586-20220922 - 2022-09-22
18.3.0-next-d1432ba93-20220628 - 2022-06-29
18.3.0-next-cf665c4b7-20220620 - 2022-06-21
18.3.0-next-cf3932be5-20221027 - 2022-10-28
18.3.0-next-cce18e350-20221023 - 2022-10-23
18.3.0-next-cb5084d1c-20220924 - 2022-09-24
18.3.0-next-ca990e9a7-20220804 - 2022-08-05
18.3.0-next-ca2cf319f-20230223 - 2023-02-24
18.3.0-next-c8b778b7f-20220825 - 2022-08-25
18.3.0-next-c89a83695-20220923 - 2022-09-23
18.3.0-next-c8369527e-20230420 - 2023-04-21
18.3.0-next-c80e54116-20220907 - 2022-09-07
18.3.0-next-c739cef2f-20220912 - 2022-09-12
18.3.0-next-c54e3541b-20221111 - 2022-11-14
18.3.0-next-c3b18571d-20220707 - 2022-07-07
18.3.0-next-c28f313e6-20220908 - 2022-09-09
18.3.0-next-c1f5884ff-20220705 - 2022-07-05
18.3.0-next-c1d414d75-20220923 - 2022-09-23
18.3.0-next-c08d8b804-20221118 - 2022-11-21
18.3.0-next-bfb9cbd8c-20230223 - 2023-02-24
18.3.0-next-b72ed698f-20230303 - 2023-03-03
18.3.0-next-b4204ede6-20220803 - 2022-08-04
18.3.0-next-b14f8da15-20230403 - 2023-04-03
18.3.0-next-b14d7fa4b-20221209 - 2022-12-09
18.3.0-next-b0671f9ea-20230130 - 2023-01-30
18.3.0-next-afe664d9d-20220913 - 2022-09-14
18.3.0-next-ae7ad8b4c-20220927 - 2022-09-27
18.3.0-next-abbbdf4ce-20220930 - 2022-09-30
18.3.0-next-aa9988e5e-20221010 - 2022-10-10
18.3.0-next-a8c16a004-20221012 - 2022-10-13
18.3.0-next-a8875eab7-20230310 - 2023-03-10
18.3.0-next-a6bf46689-20221014 - 2022-10-14
18.3.0-next-a4bed4696-20220627 - 2022-06-28
18.3.0-next-a0619e26c-20221207 - 2022-12-07
18.3.0-next-9ff738f53-20220826 - 2022-08-29
18.3.0-next-9fcaf88d5-20220801 - 2022-08-02
18.3.0-next-9fb2469a6-20230308 - 2023-03-08
18.3.0-next-9e67e7a31-20220823 - 2022-08-23
18.3.0-next-9cdf8a99e-20221018 - 2022-10-18
18.3.0-next-9c54b29b4-20230322 - 2023-03-23
18.3.0-next-9a9da7721-20230409 - 2023-04-10
18.3.0-next-996e4c0d5-20221212 - 2022-12-12
18.3.0-next-992911981-20220718 - 2022-07-19
18.3.0-next-987292815-20221019 - 2022-10-19
18.3.0-next-975b64464-20220914 - 2022-09-15
18.3.0-next-955cad9bc-20220623 - 2022-06-24
18.3.0-next-934177598-20221022 - 2022-10-22
18.3.0-next-8e35b5060-20220706 - 2022-07-06
18.3.0-next-8e17bfd14-20230322 - 2023-03-22
18.3.0-next-8b9ac8175-20230131 - 2023-01-31
18.3.0-next-8951c5fc9-20220915 - 2022-09-16
18.3.0-next-86b0e9199-20230429 - 2023-05-01
18.3.0-next-85de6fde5-20230328 - 2023-03-29
18.3.0-next-85bb7b685-20230406 - 2023-04-06
18.3.0-next-855b77c9b-20230202 - 2023-02-03
18.3.0-next-84a0a171e-20221214 - 2022-12-15
18.3.0-next-8342a0992-20230327 - 2023-03-27
18.3.0-next-8310854ce-20230331 - 2023-03-31
18.3.0-next-81d4ee9ca-20221223 - 2022-12-23
18.3.0-next-819687279-20221208 - 2022-12-08
18.3.0-next-7f8c501f6-20230420 - 2023-04-20
18.3.0-next-7bcc68772-20220811 - 2022-08-11
18.3.0-next-7b25b961d-20220930 - 2022-09-30
18.3.0-next-7b0642bb9-20230412 - 2023-04-13
18.3.0-next-7a4336c40-20220712 - 2022-07-13
18.3.0-next-79c582981-20221021 - 2022-10-21
18.3.0-next-796d31809-20220812 - 2022-08-15
18.3.0-next-790ebc962-20230404 - 2023-04-05
18.3.0-next-758fc7fde-20230207 - 2023-02-08
18.3.0-next-703c67560-20230307 - 2023-03-07
18.3.0-next-7028ce745-20220907 - 2022-09-08
18.3.0-next-7002a6743-20230110 - 2023-01-11
18.3.0-next-6ff1733e6-20230225 - 2023-02-27
18.3.0-next-6fb8133ed-20221116 - 2022-11-17
18.3.0-next-6ef466c68-20220816 - 2022-08-16
18.3.0-next-6eadbe0c4-20230425 - 2023-04-26
18.3.0-next-6ddcbd4f9-20230209 - 2023-02-09
18.3.0-next-6883d7944-20221101 - 2022-11-01
18.3.0-next-67a61d5bd-20230228 - 2023-03-01
18.3.0-next-65e32e58b-20221019 - 2022-10-20
18.3.0-next-65b3449c8-20221005 - 2022-10-05
18.3.0-next-5fcf1a4b4-20221221 - 2022-12-22
18.3.0-next-5f34b051d-20220725 - 2022-07-25
18.3.0-next-5dd90c562-20230502 - 2023-05-02
18.3.0-next-5d60a0b84-20221006 - 2022-10-07
18.3.0-next-594093496-20230209 - 2023-02-09
18.3.0-next-58742c21b-20230411 - 2023-04-11
18.3.0-next-56ffca8b9-20221117 - 2022-11-18
18.3.0-next-56a3c18e5-20230314 - 2023-03-14
18.3.0-next-56389e81f-20220619 - 2022-06-20
18.3.0-next-555ece0cd-20230112 - 2023-01-12
18.3.0-next-55542bc73-20230210 - 2023-02-10
18.3.0-next-54f297a60-20221017 - 2022-10-17
18.3.0-next-5379b6123-20230105 - 2023-01-06
18.3.0-next-522f47345-20220614 - 2022-06-15
18.3.0-next-513417d69-20221007 - 2022-10-10
18.3.0-next-4fcc9184a-20230217 - 2023-02-17
18.3.0-next-4f8ffec45-20230115 - 2023-01-16
18.3.0-next-4ea063b56-20221101 - 2022-11-02
18.3.0-next-4dda96a40-20221213 - 2022-12-13
18.3.0-next-4cd788aef-20220630 - 2022-07-01
18.3.0-next-4bf2113a1-20230206 - 2023-02-06
18.3.0-next-4bd245e9e-20221104 - 2022-11-04
18.3.0-next-4a4ef2706-20230212 - 2023-02-13
18.3.0-next-49f8254d6-20220722 - 2022-07-22
18.3.0-next-49f741046-20230305 - 2023-03-06
18.3.0-next-491aec5d6-20230501 - 2023-05-01
18.3.0-next-47cf4e578-20230315 - 2023-03-15
18.3.0-next-41b4714f1-20230328 - 2023-03-28
18.3.0-next-41110021f-20230301 - 2023-03-01
18.3.0-next-3f3b46c84-20220730 - 2022-08-01
18.3.0-next-3de926449-20220927 - 2022-09-28
18.3.0-next-3ddbedd05-20220719 - 2022-07-20
18.3.0-next-3d615fc14-20220919 - 2022-09-19
18.3.0-next-3d443cad7-20220823 - 2022-08-24
18.3.0-next-3ba7add60-20221201 - 2022-12-01
18.3.0-next-3b814327e-20221014 - 2022-10-14
18.3.0-next-39a3b72c6-20230414 - 2023-04-14
18.3.0-next-3706edb81-20230308 - 2023-03-09
18.3.0-next-3554c8852-20230320 - 2023-03-20
18.3.0-next-353c30252-20221202 - 2022-12-02
18.3.0-next-338e6a967-20221004 - 2022-10-04
18.3.0-next-32baab38f-20220811 - 2022-08-12
18.3.0-next-30eb267ab-20220708 - 2022-07-08
18.3.0-next-2ef24145e-20230202 - 2023-02-03
18.3.0-next-2d80a0cd6-20221003 - 2022-10-03
18.3.0-next-2cf4352e1-20221011 - 2022-10-11
18.3.0-next-2c7dea736-20220726 - 2022-07-26
18.3.0-next-2b1fb91a5-20221220 - 2022-12-21
18.3.0-next-2ac77aab9-20221029 - 2022-10-31
18.3.0-next-28a574ea8-20221027 - 2022-10-27
18.3.0-next-2655c9354-20221121 - 2022-11-22
18.3.0-next-2619886ac-20230105 - 2023-01-05
18.3.0-next-229c86af0-20220616 - 2022-06-16
18.3.0-next-21021fb0f-20230412 - 2023-04-12
18.3.0-next-20a257c25-20220929 - 2022-09-29
18.3.0-next-1f248bdd7-20230419 - 2023-04-19
18.3.0-next-1e5245df8-20220817 - 2022-08-17
18.3.0-next-1e3e30dae-20221108 - 2022-11-08
18.3.0-next-1d3fc9c9c-20221023 - 2022-10-23
18.3.0-next-1a08f1478-20221103 - 2022-11-03
18.3.0-next-19e9a4c68-20220818 - 2022-08-18
18.3.0-next-189f70e17-20230216 - 2023-02-16
18.3.0-next-18282f881-20230428 - 2023-04-28
18.3.0-next-17e2a15be-20220808 - 2022-08-08
18.3.0-next-167853026-20220626 - 2022-06-27
18.3.0-next-1528c5ccd-20230306 - 2023-03-06
18.3.0-next-1308e49a6-20230330 - 2023-03-30
18.3.0-next-12a1d140e-20230321 - 2023-03-21
18.3.0-next-0ffc7f632-20230330 - 2023-03-30
18.3.0-next-0f4a83596-20230110 - 2023-01-10
18.3.0-next-0de3ddf56-20220825 - 2022-08-26
18.3.0-next-0cac4d54c-20220921 - 2022-09-21
18.3.0-next-0c11baa6a-20221022 - 2022-10-22
18.3.0-next-0ba4698c7-20230201 - 2023-02-01
18.3.0-next-0b974418c-20230106 - 2023-01-09
18.3.0-next-0b54e0047-20220914 - 2022-09-15
18.3.0-next-02206099a-20220714 - 2022-07-14
18.3.0-canary-feed8f3f9-20240118 - 2024-01-19
18.3.0-canary-fdc8c81e0-20230707 - 2023-07-07
18.3.0-canary-fdb368d9e-20230725 - 2023-07-26
18.3.0-canary-fda1f0b90-20230509 - 2023-05-09
18.3.0-canary-fc801116c-20230629 - 2023-06-29
18.3.0-canary-fbc9b68d6-20231123 - 2023-11-23
18.3.0-canary-fb10a2c66-20240228 - 2024-02-29
18.3.0-canary-f81c0f1ed-20230927 - 2023-09-27
18.3.0-canary-f359f9b41-20230810 - 2023-08-10
18.3.0-canary-f1039be4a-20240107 - 2024-01-08
18.3.0-canary-f0e808e5b-20240214 - 2024-02-14
18.3.0-canary-efb381bbf-20230505 - 2023-05-05
18.3.0-canary-ee68446ff-20231115 - 2023-11-15
18.3.0-canary-eb33bd747-20240312 - 2024-03-12
18.3.0-canary-ea17cc18f-20230807 - 2023-08-07
18.3.0-canary-e91142dd6-20230705 - 2023-07-06
18.3.0-canary-e61a60fac-20231011 - 2023-10-12
18.3.0-canary-e5205658f-20230913 - 2023-09-13
18.3.0-canary-e3fb7c1de-20230621 - 2023-06-21
18.3.0-canary-e373190fa-20240325 - 2024-03-25
18.3.0-canary-e1d20fc0c-20240122 - 2024-01-22
18.3.0-canary-e1ad4aa36-20230601 - 2023-06-02
18.3.0-canary-df12d7eac-20230510 - 2023-05-11
18.3.0-canary-ddff50469-20230829 - 2023-08-29
18.3.0-canary-dddfe6882-20231005 - 2023-10-05
18.3.0-canary-dd480ef92-20230822 - 2023-08-22
18.3.0-canary-db69f95e4-20231002 - 2023-10-03
18.3.0-canary-d900fadbf-20230929 - 2023-09-29
18.3.0-canary-d803f519e-20231020 - 2023-10-20
18.3.0-canary-d7a98a5e9-20230517 - 2023-05-17
18.3.0-canary-d6dcad6a8-20230914 - 2023-09-14
18.3.0-canary-d445cee60-20230718 - 2023-07-19
18.3.0-canary-d3def4793-20240208 - 2024-02-08
18.3.0-canary-d1c8cdae3-20230619 - 2023-06-20
18.3.0-canary-ce6842d8f-20230610 - 2023-06-12
18.3.0-canary-ce2bc58a9-20231102 - 2023-11-03
18.3.0-canary-cb3404a0c-20230807 - 2023-08-08
18.3.0-canary-cb2439624-20231219 - 2023-12-19
18.3.0-canary-c8deb5db6-20230622 - 2023-06-22
18.3.0-canary-c5b937576-20231219 - 2023-12-21
18.3.0-canary-c47c306a7-20231109 - 2023-11-09
18.3.0-canary-c3048aab4-20240326 - 2024-03-26
18.3.0-canary-c29ca23af-20231205 - 2023-12-05
18.3.0-canary-c17a27ef4-20231127 - 2023-11-28
18.3.0-canary-bff6be8eb-20230925 - 2023-09-26
18.3.0-canary-be67db46b-20231010 - 2023-10-10
18.3.0-canary-bbc8530ed-20230912 - 2023-09-12
18.3.0-canary-bbb9cb116-20231117 - 2023-11-17
18.3.0-canary-bb0944fe5-20240313 - 2024-03-13
18.3.0-canary-ba5e6a832-20240208 - 2024-02-09
18.3.0-canary-b9be4537c-20230905 - 2023-09-06
18.3.0-canary-b8e47d988-20231023 - 2023-10-23
18.3.0-canary-b7972822b-20230503 - 2023-05-03
18.3.0-canary-b5810163e-20230509 - 2023-05-10
18.3.0-canary-b4cdd3e89-20230823 - 2023-08-23
18.3.0-canary-b36ae8d7a-20231207 - 2023-12-07
18.3.0-canary-b30030471-20240117 - 2024-01-18
18.3.0-canary-b2d637128-20240123 - 2024-01-23
18.3.0-canary-b27725923-20230821 - 2023-08-21
18.3.0-canary-b00e27342-20230505 - 2023-05-05
18.3.0-canary-aef7ce554-20230503 - 2023-05-03
18.3.0-canary-aec521a96-20231114 - 2023-11-15
18.3.0-canary-ade82b8dd-20230816 - 2023-08-17
18.3.0-canary-ad720f36e-20240206 - 2024-02-06
18.3.0-canary-aba93acb6-20231205 - 2023-12-06
18.3.0-canary-ab31a9ed2-20230824 - 2023-08-25
18.3.0-canary-a9cc32511-20240215 - 2024-02-16
18.3.0-canary-a9985529f-20231025 - 2023-10-25
18.3.0-canary-a870b2d54-20240314 - 2024-03-14
18.3.0-canary-a6ed60a8e-20230929 - 2023-10-02
18.3.0-canary-a515d753b-20240220 - 2024-02-20
18.3.0-canary-a4939017f-20240320 - 2024-03-20
18.3.0-canary-a41957507-20231017 - 2023-10-17
18.3.0-canary-a3aae7fb0-20231208 - 2023-12-08
18.3.0-canary-a389046a5-20230512 - 2023-05-12
18.3.0-canary-a20eea251-20230809 - 2023-08-10
18.3.0-canary-a1f97589f-20230526 - 2023-05-30
18.3.0-canary-a1c62b8a7-20230627 - 2023-06-28
18.3.0-canary-a17467e7e-20231102 - 2023-11-02
18.3.0-canary-9f4fbec5f-20230717 - 2023-07-18
18.3.0-canary-9ba1bbd65-20230922 - 2023-09-22
18.3.0-canary-9b4f847d9-20230901 - 2023-09-01
18.3.0-canary-9abf6fa31-20231017 - 2023-10-17
18.3.0-canary-9a72e6227-20230525 - 2023-05-25
18.3.0-canary-997f52fbb-20230803 - 2023-08-04
18.3.0-canary-98f3f14d2-20230818 - 2023-08-18
18.3.0-canary-98b8359f6-20240223 - 2024-02-23
18.3.0-canary-971b62f47-20240129 - 2024-01-29
18.3.0-canary-966d17483-20240305 - 2024-03-05
18.3.0-canary-9617d39ec-20231018 - 2023-10-18
18.3.0-canary-95ec12839-20240205 - 2024-02-05
18.3.0-canary-953cb02f6-20230907 - 2023-09-07
18.3.0-canary-9377e1010-20230712 - 2023-07-12
18.3.0-canary-910045696-20230607 - 2023-06-07
18.3.0-canary-8ec962d82-20230623 - 2023-06-23
18.3.0-canary-8c8ee9ee6-20231026 - 2023-10-26
18.3.0-canary-8bb6ee1d3-20240125 - 2024-01-25
18.3.0-canary-88df88f94-20230613 - 2023-06-13
18.3.0-canary-88d56b8e8-20231004 - 2023-10-04
18.3.0-canary-87cb0bf18-20231129 - 2023-11-30
18.3.0-canary-8039e6d0b-20231026 - 2023-10-26
18.3.0-canary-7cd98ef2b-20230509 - 2023-05-10
18.3.0-canary-7ac5e9a60-20230508 - 2023-05-08
18.3.0-canary-77c4ac2ce-20231031 - 2023-11-01
18.3.0-canary-763612647-20240126 - 2024-01-26
18.3.0-canary-7508dcd5c-20231108 - 2023-11-08
18.3.0-canary-746890329-20231108 - 2023-11-09
18.3.0-canary-7118f5dd7-20230705 - 2023-07-05
18.3.0-canary-6f1324395-20231004 - 2023-10-04
18.3.0-canary-6db7f4209-20231021 - 2023-10-23
18.3.0-canary-6c7b41da3-20231123 - 2023-11-24
18.3.0-canary-6c3b8dbfe-20240226 - 2024-02-26
18.3.0-canary-6b3834a45-20231110 - 2023-11-10
18.3.0-canary-6aacd3fa1-20230626 - 2023-06-27
18.3.0-canary-67cc9ba87-20231016 - 2023-10-16
18.3.0-canary-670811593-20240322 - 2024-03-22
18.3.0-canary-6639ed3b3-20240111 - 2024-01-11
18.3.0-canary-640ccebb7-20231201 - 2023-12-04
18.3.0-canary-627b7abd6-20230911 - 2023-09-11
18.3.0-canary-62512bafc-20230928 - 2023-09-28
18.3.0-canary-613e6f5fc-20230616 - 2023-06-16
18.3.0-canary-60a927d04-20240113 - 2024-01-14
18.3.0-canary-5dd35968b-20231201 - 2023-12-01
18.3.0-canary-5c607369c-20240116 - 2024-01-17
18.3.0-canary-5bcade5fc-20231208 - 2023-12-08
18.3.0-canary-59831c98c-20240218 - 2024-02-19
18.3.0-canary-596827f6a-20240205 - 2024-02-05
18.3.0-canary-593ecee66-20231114 - 2023-11-14
18.3.0-canary-587ae49d7-20230720 - 2023-07-20
18.3.0-canary-56e20051c-20240311 - 2024-03-11
18.3.0-canary-546fe4681-20230713 - 2023-07-13
18.3.0-canary-546178f91-20231005 - 2023-10-05
18.3.0-canary-53ac21937-20230703 - 2023-07-03
18.3.0-canary-537228f9f-20231010 - 2023-10-11
18.3.0-canary-535c038d1-20230522 - 2023-05-23
18.3.0-canary-533fc28c1-20230810 - 2023-08-11
18.3.0-canary-5309f1028-20230517 - 2023-05-18
18.3.0-canary-52d542ad6-20231107 - 2023-11-08
18.3.0-canary-51ffd3564-20231025 - 2023-10-25
18.3.0-canary-4ddc019ac-20230614 - 2023-06-14
18.3.0-canary-4cd706566-20230512 - 2023-05-14
18.3.0-canary-4b877b6c6-20230519 - 2023-05-22
18.3.0-canary-4b84f1161-20240318 - 2024-03-19
18.3.0-canary-4b2a1115a-20240202 - 2024-02-02
18.3.0-canary-49eba0193-20230926 - 2023-09-27
18.3.0-canary-493f72b0a-20230727 - 2023-07-27
18.3.0-canary-47beb96cc-20240222 - 2024-02-22
18.3.0-canary-456d153bb-20230828 - 2023-08-28
18.3.0-canary-432b9f1d9-20231110 - 2023-11-13
18.3.0-canary-41f0e9dae-20230907 - 2023-09-08
18.3.0-canary-3ff846d10-20230724 - 2023-07-24
18.3.0-canary-3e00e58a6-20231217 - 2023-12-18
18.3.0-canary-3d9b20132-20240124 - 2024-01-24
18.3.0-canary-3c27178a2-20230920 - 2023-09-21
18.3.0-canary-3bcd2de01-20240227 - 2024-02-27
18.3.0-canary-388686f29-20230503 - 2023-05-03
18.3.0-canary-3808b01b3-20230830 - 2023-08-31
18.3.0-canary-338dddc08-20240307 - 2024-03-08
18.3.0-canary-31603f19d-20240109 - 2024-01-09
18.3.0-canary-2f8f77602-20240229 - 2024-03-01
18.3.0-canary-2e470a788-20240214 - 2024-02-15
18.3.0-canary-2cd19ed1d-20240207 - 2024-02-07
18.3.0-canary-2c338b16f-20231116 - 2023-11-16
18.3.0-canary-2bc7d336a-20240205 - 2024-02-06
18.3.0-canary-2983249dd-20231107 - 2023-11-07
18.3.0-canary-2807d781a-20230918 - 2023-09-18
18.3.0-canary-247738465-20240130 - 2024-01-30
18.3.0-canary-21a161fa3-20230609 - 2023-06-09
18.3.0-canary-2153a2966-20230628 - 2023-06-29
18.3.0-canary-20c91b653-20231018 - 2023-10-18
18.3.0-canary-201becd3d-20230808 - 2023-08-09
18.3.0-canary-1fdacbefd-20230630 - 2023-06-30
18.3.0-canary-1d5667a12-20240102 - 2024-01-03
18.3.0-canary-1cea38448-20230530 - 2023-05-31
18.3.0-canary-1b1dcb8a4-20230920 - 2023-09-20
18.3.0-canary-1a001dac6-20230812 - 2023-08-12
18.3.0-canary-16d053d59-20230506 - 2023-05-07
18.3.0-canary-151e75a12-20231010 - 2023-10-10
18.3.0-canary-14fd9630e-20240213 - 2024-02-13
18.3.0-canary-14898b6a9-20240318 - 2024-03-18
18.3.0-canary-13d0225c7-20230928 - 2023-09-28
18.3.0-canary-1219d57fc-20240201 - 2024-02-01
18.3.0-canary-0fb5b61ac-20230814 - 2023-08-15
18.3.0-canary-0e352ea01-20231109 - 2023-11-10
18.3.0-canary-0cdfef19b-20231211 - 2023-12-11
18.3.0-canary-0c6348758-20231030 - 2023-10-30
18.3.0-canary-0ac3ea471-20240111 - 2024-01-12
18.3.0-canary-0a360642d-20230711 - 2023-07-12
18.3.0-canary-09fbee89d-20231013 - 2023-10-13
18.3.0-canary-09285d5a7-20230925 - 2023-09-25
18.3.0-canary-08cd087ca-20240110 - 2024-01-10
18.3.0-canary-08a39539f-20231031 - 2023-11-01
18.3.0-canary-03d6f7cf0-20240209 - 2024-02-09
18.3.0-canary-035a41c4e-20230704 - 2023-07-04
18.3.0-canary-034130c02-20240303 - 2024-03-04
18.3.0-canary-0210f0b08-20230525 - 2023-05-26
18.3.0-canary-01ab35a9a-20240228 - 2024-02-28
18.3.0-canary-018c58c9c-20230601 - 2023-06-01
18.3.0-canary-0066e0b68-20240306 - 2024-03-06
18.2.0 - 2022-06-14
React DOM
- Provide a component stack as a second argument to onRecoverableError. (@ gnoff in #24591)
- Fix hydrating into document causing a blank page on mismatch. (@ gnoff in #24523)
- Fix false positive hydration errors with Suspense. (@ gnoff in #24480 and @ acdlite in #24532)
- Fix ignored setState in Safari when adding an iframe. (@ gaearon in #24459)
React DOM Server
- Pass information about server errors to the client. (@ salazarm and @ gnoff in #24551 and #24591)
- Allow to provide a reason when aborting the HTML stream. (@ gnoff in #24680)
- Eliminate extraneous text separators in the HTML where possible. (@ gnoff in #24630)
- Disallow complex children inside <title> elements to match the browser constraints. (@ gnoff in #24679)
- Fix buffering in some worker environments by explicitly setting highWaterMark to 0. (@ jplhomer in #24641)
Server Components (Experimental)
- Add support for useId() inside Server Components. (@ gnoff) in #24172

from react GitHub release notes

Package name: @react-native-async-storage/async-storage

1.24.0 - 2024-07-12
Minor Changes
- 8bf1526: dependencies bump and multiset type fix
1.23.1 - 2024-03-20
1.23.1 (2024-03-20)

Bug Fixes
- default-storage: Privacy manifest missing key (#1076) (c4ed1fa)

from @react-native-async-storage/async-storage GitHub release notes

Package name: @react-navigation/native

6.1.18 - 2024-07-16
6.1.17 - 2024-03-18
6.1.16 - 2024-03-12
6.1.15 - 2024-03-09
6.1.14 - 2024-02-28
6.1.13 - 2024-02-28
6.1.12 - 2024-02-24
6.1.11 - 2024-02-24
6.1.10 - 2024-02-08

from @react-navigation/native GitHub release notes

Package name: @react-navigation/native-stack

6.11.0 - 2024-07-25
6.10.1 - 2024-07-16
6.10.0 - 2024-07-01
6.9.26 - 2024-03-18
6.9.25 - 2024-03-12
6.9.24 - 2024-03-10
6.9.23 - 2024-03-09
6.9.22 - 2024-02-28
6.9.21 - 2024-02-28
6.9.20 - 2024-02-24
6.9.19 - 2024-02-24
6.9.18 - 2024-02-08
6.9.17 - 2023-11-03

from @react-navigation/native-stack GitHub release notes

Package name: eas-cli

7.8.5 - 2024-04-26
v7.8.5

🐛 Bug fixes
- Add explicit workflow arg to expo-update CLI calls. (#2340 by @ wschurman)
🧹 Chores
- Improve error message if the server returns UNAUTHORIZED_ERROR. (#2345 by @ szdziedzic)
- Fill in min expo-updates version for expo-updates CLI. (#2344 by @ wschurman)
7.8.4 - 2024-04-24
v7.8.4

🧹 Chores
- Update the list of available Android images. (#2337 by @ radoslawkrzemien)
- Make multi-select for revoking distribution certificates more readable. (#2342 by @ szdziedzic)
- Improve error message displayed when EAS CLI version doesn't satisfy minimal version required specified in eas.json. (#2341 by @ szdziedzic)
7.8.3 - 2024-04-23
v7.8.3

🐛 Bug fixes
- Don't prompt to set android.package and ios.bundleIdentifier values when running in non-interactive mode. (#2336 by @ szdziedzic)
🧹 Chores
- Amend credential removal wording. (#2334 by @ quinlanj)
7.8.2 - 2024-04-15
v7.8.2

🐛 Bug fixes
- Fix display of errors when expo-updates CLI command fails. (#2324 by @ wschurman)
- Move credentials endpoints to paginated counterparts. (#2327 by @ quinlanj)
🧹 Chores
- Add progress bar for fetching paginated datasets. (#2326 by @ quinlanj)
7.8.1 - 2024-04-11
v7.8.1

🐛 Bug fixes
- Fix command source files URLs in autogenerated README. (#2318 by @ szdziedzic)
🧹 Chores
- Upgrade eas-build dependencies. (#2316 by @ expo-bot)
- Stop querying Build.resourceClass field. (#2320 by @ szdziedzic)
7.8.0 - 2024-04-08
v7.8.0

🎉 New features
- Add auto, sdk-50 and sdk-49 image tags. (#2298 by @ szdziedzic)
- Add --build-logger-level flag to eas build command. (#2313 by @ szdziedzic)
🧹 Chores
- Deprecate the default image tag. (#2298 by @ szdziedzic)
- Deprecate iOS images with Xcode version lower then 15. (#2298 by @ szdziedzic)
7.7.0 - 2024-04-05
v7.7.0

🎉 New features
- Generate metadata file for project archive (#2149 by @ khamilowicz)
- Add --verbose-fastlane flag to eas submit command for more robust fastlane pilot logs. (#2276 by @ khamilowicz)
- Add eas credentials:configure-build subcommand. (#2282 by @ fiberjw)
🧹 Chores
- Add info about the Xcode 15.3 image to eas.schema.json. (#2312 by @ szdziedzic)
7.6.2 - 2024-03-27
v7.6.2

🧹 Chores
- Upgrade eas-build dependencies. (#2301 by @ expo-bot)
7.6.1 - 2024-03-25
v7.6.1

🧹 Chores
- Upgrade eas-build dependencies. (#2291 by @ expo-bot)
- Fix asset limit punctuation. (#2296 by @ quinlanj)
- Upgrade eas-build dependencies. (#2293 by @ expo-bot)
7.6.0 - 2024-03-18
v7.6.0

🎉 New features
- Print uncommitted files in non-interactive mode if they fail the execution. (#2288 by @ sjchmiela)
🐛 Bug fixes
- Use a custom build config path with POSIX separator when sending data to the EAS Build server. (#2285 by @ szdziedzic)
🧹 Chores
- Upgrade eas-build dependencies. (#2277 by @ expo-bot)
- Upgrade eas-build dependencies. (#2283 by @ expo-bot)
- Bump the @ expo/apple-utils version to switch between the developer.apple.com and developer-mdn.apple.com domains when one of them doesn't work. (#2290 by @ szdziedzic)
7.5.0 - 2024-03-11
7.4.0 - 2024-03-10
7.3.0 - 2024-02-19

from eas-cli GitHub release notes

Package name: expo

50.0.20 - 2024-08-08
50.0.19 - 2024-05-25
50.0.18 - 2024-04-30
50.0.17 - 2024-04-16
50.0.16 - 2024-04-15
50.0.15 - 2024-04-08

from expo GitHub release notes

Package name: expo-status-bar

1.12.1 - 2024-04-23
1.12.0 - 2024-04-18
1.11.1 - 2023-12-19
1.11.0 - 2023-12-12
1.10.0 - 2023-11-14
1.9.0 - 2023-10-17
1.8.0 - 2023-09-15
1.7.1 - 2023-08-02
1.7.0 - 2023-07-28
1.6.0 - 2023-06-21

from expo-status-bar GitHub release notes

Package name: mongodb

6.8.0 - 2024-06-27
6.8.0 (2024-06-27)

The MongoDB Node.js team is pleased to announce version 6.8.0 of the mongodb package!

Release Notes

Add ReadConcernMajorityNotAvailableYet to retryable errors

ReadConcernMajorityNotAvailableYet (error code 134) is now a retryable read error.

ClientEncryption.createDataKey() and other helpers now support named KMS providers

KMS providers can now be associated with a name and multiple keys can be provided per-KMS provider. The following example configures a ClientEncryption object with multiple AWS keys:

const clientEncryption = new ClientEncryption(keyVaultClient, {
'aws:key1': {
accessKeyId: ...,
secretAccessKey: ...
},
'aws:key2': {
accessKeyId: ...,
secretAccessKey: ...
},

clientEncryption.createDataKey('aws:key-1', { ... });

Named KMS providers are supported for azure, AWS, KMIP, local and gcp KMS providers. Named KMS providers cannot be used if the application is using the automatic KMS provider refresh capability.

This feature requires mongodb-client-encryption>=6.0.1.

KMIP data keys now support a delegated option

When creating a KMIP data key, delegated can now be specified. If true, the KMIP provider will perform encryption / decryption of the data key locally, ensuring that the encryption key never leaves the KMIP server.
```
clientEncryption.createDataKey('kmip', { masterKey: { delegated: true } } );
```
This feature requires mongodb-client-encryption>=6.0.1.

Cursor responses are now parsed lazily 🦥

MongoDB cursors (find, aggregate, etc.) operate on batches of documents equal to batchSize. Each time the driver runs out of documents for the current batch it gets more (getMore) and returns each document one at a time through APIs like cursor.next() or for await (const doc of cursor).

Prior to this change, the Node.js driver was designed in such a way that the entire BSON response was decoded after it was received. Parsing BSON, just like parsing JSON, is a synchronous blocking operation. This means that throughout a cursor's lifetime invocations of .next() that need to fetch a new batch hold up on parsing batchSize (default 1000) documents before returning to the user.

In an effort to provide more responsiveness, the driver now decodes BSON "on demand". By operating on the layers of data returned by the server, the driver now receives a batch, and only obtains metadata like size, and if there are more documents to iterate after this batch. After that, each document is parsed out of the BSON as the cursor is iterated.

A perfect example of where this comes in handy is our beloved mongosh! 💚
```
test> db.test.find()
[
	{ _id: ObjectId('665f7fc5c9d5d52227434c65'), ... },
  ...
]
Type "it" for more
```
That Type "it" for more message would now print after parsing only the documents displayed rather than after the entire batch is parsed.

Add Signature to Github Releases

The Github release for the mongodb package now contains a detached signature file for the NPM package (named
mongodb-X.Y.Z.tgz.sig), on every major and patch release to 6.x and 5.x. To verify the signature, follow the instructions in the 'Release Integrity' section of the README.md file.

The LocalKMSProviderConfiguration's key property accepts Binary

A local KMS provider at runtime accepted a BSON Binary instance but the Typescript inaccurately only permitted Buffer and string.

Clarified cursor state properties

The cursor has a few properties that represent the current state from the perspective of the driver and server. This PR corrects an issue that never made it to a release but we would like to take the opportunity to re-highlight what each of these properties mean.
- cursor.closed - cursor.close() has been called, and there are no more documents stored in the cursor.
- cursor.killed - cursor.close() was called while the cursor still had a non-zero id, and the driver sent a killCursors command to free server-side resources...

Snyk has created this PR to upgrade: - react from 18.2.0 to 18.3.1. See this package in npm: https://www.npmjs.com/package/react - @react-native-async-storage/async-storage from 1.23.1 to 1.24.0. See this package in npm: https://www.npmjs.com/package/@react-native-async-storage/async-storage - @react-navigation/native from 6.1.10 to 6.1.18. See this package in npm: https://www.npmjs.com/package/@react-navigation/native - @react-navigation/native-stack from 6.9.17 to 6.11.0. See this package in npm: https://www.npmjs.com/package/@react-navigation/native-stack - eas-cli from 7.3.0 to 7.8.5. See this package in npm: https://www.npmjs.com/package/eas-cli - expo from 50.0.15 to 50.0.20. See this package in npm: https://www.npmjs.com/package/expo - expo-status-bar from 1.6.0 to 1.12.1. See this package in npm: https://www.npmjs.com/package/expo-status-bar - mongodb from 6.3.0 to 6.8.0. See this package in npm: https://www.npmjs.com/package/mongodb - mongoose from 8.2.0 to 8.6.0. See this package in npm: https://www.npmjs.com/package/mongoose - react-native from 0.72.10 to 0.75.2. See this package in npm: https://www.npmjs.com/package/react-native - react-native-reanimated from 3.3.0 to 3.15.1. See this package in npm: https://www.npmjs.com/package/react-native-reanimated - react-native-safe-area-context from 4.6.3 to 4.10.9. See this package in npm: https://www.npmjs.com/package/react-native-safe-area-context - react-native-screens from 3.22.1 to 3.34.0. See this package in npm: https://www.npmjs.com/package/react-native-screens - react-native-svg from 13.9.0 to 13.14.1. See this package in npm: https://www.npmjs.com/package/react-native-svg - tailwindcss from 3.3.2 to 3.4.10. See this package in npm: https://www.npmjs.com/package/tailwindcss See this project in Snyk: https://app.snyk.io/org/axelrenault92/project/597f791c-c192-46a3-91b9-565ac2ff1b69?utm_source=github&utm_medium=referral&page=upgrade-pr

arenault-pass assigned caxewsh Sep 20, 2024

caxewsh closed this Sep 20, 2024

caxewsh deleted the snyk-upgrade-9fd9102392b38494e43ad887c7f95309 branch October 12, 2024 00:51

[Snyk] Upgrade: react, , , , eas-cli, expo, expo-status-bar, mongodb, mongoose, react-native, react-native-reanimated, react-native-safe-area-context, react-native-screens, react-native-svg, tailwindcss #188

[Snyk] Upgrade: react, , , , eas-cli, expo, expo-status-bar, mongodb, mongoose, react-native, react-native-reanimated, react-native-safe-area-context, react-native-screens, react-native-svg, tailwindcss #188

Conversation

arenault-pass commented Sep 20, 2024

Snyk has created this PR to upgrade multiple dependencies.

Issues fixed by the recommended upgrade:

React

React DOM

React DOM

React DOM Server

Server Components (Experimental)

Minor Changes

1.23.1 (2024-03-20)

Bug Fixes

🐛 Bug fixes

🧹 Chores

🧹 Chores

🐛 Bug fixes

🧹 Chores

🐛 Bug fixes

🧹 Chores

🐛 Bug fixes

🧹 Chores

🎉 New features

🧹 Chores

🎉 New features

🧹 Chores

🧹 Chores

🧹 Chores

🎉 New features

🐛 Bug fixes

🧹 Chores

6.8.0 (2024-06-27)

Release Notes

Add ReadConcernMajorityNotAvailableYet to retryable errors

ClientEncryption.createDataKey() and other helpers now support named KMS providers

KMIP data keys now support a delegated option

Cursor responses are now parsed lazily 🦥

Add Signature to Github Releases

The LocalKMSProviderConfiguration's key property accepts Binary

Clarified cursor state properties

Add `ReadConcernMajorityNotAvailableYet` to retryable errors

KMIP data keys now support a `delegated` option

The `LocalKMSProviderConfiguration`'s `key` property accepts `Binary`