[Snyk] Security upgrade react-native from 0.57.4 to 0.60.0 - Githubissues

maherzaidoune / GiftedChat_Video

a demo for https://npmjs.com/package/react-native-gifted-chat-video-support

6 stars 2 forks source link

[Snyk] Security upgrade react-native from 0.57.4 to 0.60.0 #3

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept

Commit messages

Package name: react-native

The new version differs by 250 commits.

769e35b [0.60.0] Bump version numbers
35aeb8c [LOCAL] bump CLI
8fdecf3 - Publish `react-native.config.js` (#25436)
ff9855c Check if mCurrentActivity is set according to LifecycleState (#23336)
8a43321 [0.60.0-rc.3] Bump version numbers
db1d60f bump jsc dep
93c8318 bump CLI rc
9837d24 Fix some languages wrapped texts are cut off on android (#25306)
b68966e Use CALayers to draw text (#24387)
99bc31c Fix regression of improper assets copy (revert #24518 #24778) (#25363)
c36c481 bump fresco to 2.0.0, supports AndroidX (#25358)
13f4fa0 custom fontWeight numeric values for Text on Android (#25341)
9792f2c [0.60.0-rc.2] Bump version numbers
53cec2d [LOCAL] bump version in template to match repo
b4f3d4b Move scheduler to dependencies
e741488 Implement changes to enable native modules auto linking (#24506)
bf4ee6f Bump CLI to 2.0.0-rc.2 (#25241)
cecba01 Removed autoresizing mask for modal host container view (#25150)
06fffc2 [0.60.0-rc.1] Bump version numbers
5ecc87b bump versions to match the requirements
7082c3e re-add the hasteImpl
39ce412 Bump CLI to 2.0.0-rc.0 (#25175)
00c7cf3 Fix: RefreshControl in FlatList makes borderWidth not working (#24411)
a916dd6 Android Fix for 9145: No longer hard code build port (#23616)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic