[Snyk] Upgrade react-native from 0.71.7 to 0.72.4

[leanBuildBot]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade react-native from 0.71.7 to 0.72.4.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **19 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2023-08-14. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **169/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00091, Social Trends: No, Days since published: 117, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-FASTXMLPARSER-5668858](https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-5668858) | **169/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00091, Social Trends: No, Days since published: 117, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **169/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00091, Social Trends: No, Days since published: 117, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5 | Proof of Concept | Prototype Pollution
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | **169/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00091, Social Trends: No, Days since published: 117, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: react-native

• 0.72.4 - 2023-08-14
  

  Added

  Android specific

  • Native part of fixing ANR when having an inverted FlatList on android API 33+ (6d206a3f54 by @ hannojg)
  • For targeting SDK 34 - Added RECEIVER_EXPORTED/RECEIVER_NOT_EXPORTED flag support in DevSupportManagerBase (177d97d8ea by @ apuruni)

  Changed

  • Bump cli and metro (40ea8ffcc7 by @ lunaleaps)
  • Hermes bump for hermes-2023-08-07-RNv0.72.4-813b2def12bc9df026 (e9ea926ba3 by Luna Wei)
  • Bump CLI to 11.3.6 (a3cfdf0a08 by @ szymonrybczak)

  Fixed

  • Allow string transform style in TypeScript (2558c3d4f5 by @ NickGerleman)
  • Fix missing Platform in VirtualizedList (7aa8cd55be by Luna Wei)
  • Mount react devtools overlay only when devtools are attached (03187b68e5 by @ hoxyq)

  Android specific

  • Remove option to paste rich text from Android EditText context menu (b1ceea456d by @ fabriziobertoglio1987)
  • Fixed ScrollView not responding to Keyboard events when nested inside a KeyboardAvoidingView (c616148a05 by @ andreacassani)
  • ANR when having an inverted FlatList on android API 33+ (3dd816c6b7 by @ hannojg)

  ---

  You can participate in the conversation on the status of this release in this discussion.

  ---

  To help you upgrade to this version, you can use the upgrade helper ⚛️

  ---

  You can find the whole changelog history in the changelog.md file.

• 0.72.3 - 2023-07-12
• 0.72.2 - 2023-07-11
• 0.72.1 - 2023-06-29
• 0.72.0 - 2023-06-21
• 0.72.0-rc.6 - 2023-06-13
• 0.72.0-rc.5 - 2023-06-01
• 0.72.0-rc.4 - 2023-05-31
• 0.72.0-rc.3 - 2023-05-11
• 0.72.0-rc.2 - 2023-05-04
• 0.72.0-rc.1 - 2023-04-05
• 0.72.0-rc.0 - 2023-03-20
• 0.71.14 - 2023-10-12
  

  Fixed

  iOS specific

  • Set the max version of Active support to 7.0.8 (ce39931bc2 by @ cipolleschi)
  • Xcode 15 patch (287482e57f by @ fortmarek)

  ---

  You can participate in the conversation on the status of this release in this discussion.

  ---

  To help you upgrade to this version, you can use the upgrade helper ⚛️

  ---

  You can find the whole changelog history in the changelog.md file.

• 0.71.13 - 2023-08-22
  

  Added

  Android specific

  • For targeting SDK 34 - Added RECEIVER_EXPORTED/RECEIVER_NOT_EXPORTED flag support in DevSupportManagerBase (177d97d8ea by @ apuruni)

  iOS specific

  • Added support to inline the source map via RCTBundleURLProvider
    (f7219ec02d by @ Saadnajmi)

  Fixed

  • Fix: mount devtools overlay only if react devtools are connected (b3c7a5d4cc by @ hoxyq)

  iOS specific

  • Fix onChangeText not firing when clearing the value of TextInput with multiline=true on iOS (0c9c57a9f7 by @ kkoudev)

  ---

  You can participate in the conversation on the status of this release in this discussion.

  ---

  To help you upgrade to this version, you can use the upgrade helper ⚛️

  ---

  You can find the whole changelog history in the changelog.md file.

• 0.71.12 - 2023-07-04
• 0.71.11 - 2023-06-14
• 0.71.10 - 2023-06-07
• 0.71.9 - 2023-06-07
• 0.71.8 - 2023-05-10
• 0.71.7 - 2023-04-19

from react-native GitHub release notes

Commit messages

Package name: react-native

• ff27568 [0.72.4] Bump version numbers
• fe804b8 bumped packages versions
• c7073fd Change comment in @ react-native/metro-config to trigger a release bump
• f3e7572 bumped packages versions
• 9f79218 Reorder test imports in @ react-native/virtualized-lists to trigger a release bump
• 768c960 Pass hitSlop prop into TextInput Pressability config (#38857)
• 2f6c200 [LOCAL] Fix broken Android tests for 0.72 (#38926)
• 40ea8ff Bump cli and metro (#38898)
• 5f503b8 Restore checking shadow tree commit cancellation after commit hook execution (#38715)
• 4f8c87c [LOCAL] Fabric Interop - Properly dispatch integer commands (#38527) (#38835)
• 7aa8cd5 Fix missing Platform in VirtualizedList
• e9ea926 Hermes bump for hermes-2023-08-07-RNv0.72.4-813b2def12bc9df026
• 5b45e97 Remove option to paste rich text from Android EditText context menu (#38189)
• a601b22 fix: Correctly assign the `hermes-engine` pod tag when installing pods from a different folder (#38754)
• 3350dd8 Fix Android ScrollView not responding to Keyboard events when nested inside a KeyboardAvoidingView (#38728)
• 7aed30a Fabric Interop - Also normalize direct events (#38352)
• e4429fa Add workaround fix for #35350 (#38073)
• 22c9739 Add workaround for android API 33 ANR when inverting ScrollView (#38071)
• 3cf94df For targeting SDK 34 - Added RECEIVER_EXPORTED/RECEIVER_NOT_EXPORTED flag support in DevSupportManagerBase (#38256)
• 938bd78 Allow string `transform` style in TypeScript (#37569)
• e907337 Add enterKeyHint in TextInput type declaration (#37624)
• a3cfdf0 Bump CLI to 11.3.6 (#38778)
• 03187b6 fix[AppContainer]: mount react devtools overlay only when devtools are attached (#38785)
• 79c4ec1 [LOCAL] Port CircleCI Artifact downloads to speed up release testing to 0.72 (#38553)

Compare

---

**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/justice-league-link-sdk-squad/project/e44d8ce2-f4fb-4ffa-8dd7-aac3d14979a5?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/justice-league-link-sdk-squad/project/e44d8ce2-f4fb-4ffa-8dd7-aac3d14979a5/settings/integration?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/justice-league-link-sdk-squad/project/e44d8ce2-f4fb-4ffa-8dd7-aac3d14979a5/settings/integration?pkg=react-native&utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)