Snyk has created this PR to upgrade react-native from 0.59.8 to 0.66.3.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 65 versions ahead of your current version.
The recommended version was released a month ago, on 2021-11-10.
Commit generated codegen files as a temporary workaround for devX issue with yarn install removing codegen assets. Proper fix coming in later. (5f7deb5 by @ kelset)
You can participate in the conversation on the status of this release at this discussion.
To help you upgrade to this version, you can use the upgrade helper⚛️
Snyk has created this PR to upgrade react-native from 0.59.8 to 0.66.3.
The recommended version fixes:
SNYK-JS-TMPL-1583443
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TAR-1579155
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TAR-1579152
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TAR-1579147
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TAR-1536531
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TAR-1536528
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-SETVALUE-450213
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-SETVALUE-1540541
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-SETVALUE-450213
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-SETVALUE-1540541
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-REACTNATIVE-1298632
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-MIXINDEEP-450212
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-MERGE-1042987
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-MERGE-1040469
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-INI-1048974
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
npm:mem:20180117
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-XMLDOM-1534562
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-XMLDOM-1084960
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-NODENOTIFIER-1035794
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-HOSTEDGITINFO-1088355
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-GLOBPARENT-1016905
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
npm:braces:20180219
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TAR-1536758
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-KINDOF-537849
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: react-native
-
0.66.3 - 2021-11-10
- Rename deprecated
- Revert changes in Jest preprocessor to fix tests in external projects (142090a5f3fa7 by @ rubennorte)
-
0.66.2 - 2021-11-04
- Compare the LogBoxData ignorePatterns with the right code (a950634 by @ wiseqingyang)
- [iOS] Fix logbox window capturing touch events (72ea0e1 by @ paddlefish)
- Commit generated codegen files as a temporary workaround for devX issue with
-
0.66.1 - 2021-10-15
-
0.66.0 - 2021-10-01
-
0.66.0-rc.4 - 2021-09-24
-
0.66.0-rc.3 - 2021-09-17
-
0.66.0-rc.2 - 2021-09-10
-
0.66.0-rc.1 - 2021-09-01
-
0.66.0-rc.0 - 2021-08-27
-
0.65.2 - 2021-11-04
-
0.65.1 - 2021-08-19
-
0.65.0 - 2021-08-17
-
0.65.0-rc.4 - 2021-08-11
-
0.65.0-rc.3 - 2021-07-23
-
0.65.0-rc.2 - 2021-06-18
-
0.65.0-rc.1 - 2021-06-17
-
0.65.0-rc.0 - 2021-06-09
-
0.64.3 - 2021-11-04
-
0.64.2 - 2021-06-03
-
0.64.1 - 2021-05-05
-
0.64.0 - 2021-03-12
-
0.64.0-rc.4 - 2021-03-01
-
0.64.0-rc.3 - 2021-02-05
-
0.64.0-rc.2 - 2020-12-18
-
0.64.0-rc.1 - 2020-11-25
-
0.64.0-rc.0 - 2020-11-23
-
0.63.4 - 2020-11-30
-
0.63.3 - 2020-09-29
-
0.63.2 - 2020-07-22
-
0.63.1 - 2020-07-14
-
0.63.0 - 2020-07-08
-
0.63.0-rc.1 - 2020-05-04
-
0.63.0-rc.0 - 2020-04-16
-
0.62.3 - 2021-05-05
-
0.62.2 - 2020-04-08
-
0.62.1 - 2020-04-03
-
0.62.0 - 2020-03-26
-
0.62.0-rc.5 - 2020-03-07
-
0.62.0-rc.4 - 2020-03-06
-
0.62.0-rc.3 - 2020-02-25
-
0.62.0-rc.2 - 2020-02-13
-
0.62.0-rc.1 - 2020-01-21
-
0.62.0-rc.0 - 2019-12-18
-
0.61.5 - 2019-11-23
-
0.61.4 - 2019-11-04
-
0.61.3 - 2019-10-29
-
0.61.2 - 2019-10-02
-
0.61.1 - 2019-09-25
-
0.61.0 - 2019-09-24
-
0.61.0-rc.3 - 2019-09-10
-
0.61.0-rc.2 - 2019-09-04
-
0.61.0-rc.0 - 2019-08-27
-
0.60.6 - 2019-09-24
-
0.60.5 - 2019-08-13
-
0.60.4 - 2019-07-18
-
0.60.3 - 2019-07-11
-
0.60.2 - 2019-07-11
-
0.60.1 - 2019-07-11
-
0.60.0 - 2019-07-03
-
0.60.0-rc.3 - 2019-06-28
-
0.60.0-rc.2 - 2019-06-20
-
0.60.0-rc.1 - 2019-06-10
-
0.60.0-rc.0 - 2019-05-30
-
0.59.10 - 2019-07-02
-
0.59.9 - 2019-06-05
-
0.59.8 - 2019-05-08
from react-native GitHub release notesThis release contains a set of improvements to the script we use for npm releases; aside from it:
Keyboard.removeEventListenertoKeyboard.removeListener. (8880c09076 by @ yungsters)You can participate in the conversation on the status of this release at this discussion.
To help you upgrade to this version, you can use the upgrade helper⚛️
You can find the whole changelog history in the changelog.md file.
0.66.2 is out with some fixes:
Fixed
yarn installremoving codegen assets. Proper fix coming in later. (5f7deb5 by @ kelset)You can participate in the conversation on the status of this release at this discussion.
To help you upgrade to this version, you can use the upgrade helper⚛️
You can find the whole changelog history in the changelog.md file.
[0.65.2] Bump version numbers
0.64.3 is out with a pick of Android Appearance API support (e94f9fa7 by @ mrbrentkelly)
If you have concerns or follow-up, please start or contribute to a relevant 0.64.3 discussion here
To help you upgrade to this version, you can use the upgrade helper⚛️
You can find the whole changelog history in the changelog.md file.
Commit messages
Package name: react-native
- 3b5e446 [0.66.3] Bump version numbers
- 0981564 RN: Rename `Keyboard.remove{Event =>}Listener`
- 142090a Revert changes in RN preprocessor
- f35369e Fix npm latest tag issue when releasing patches (#32543)
- 85f1450 Clean up publish-npm.js and use parseVersion
- 8a67aaa Extract version parsing from release script
- d08397a bump-oss-version: Add -v / --to-version argument and use it when bumping nightly releases (now at 20:00 UTC)
- 6c19dc3 [0.66.2] Bump version numbers
- 11644d7 Hide the logbox window explicitly. New behavior in iOS SDK appears to… (#32435)
- 9d601e4 fix: compare the LogBoxData ignorePatterns with the right code (#31977)
- 7382f55 [LOCAL] reintroduce generated codegen files
- d48ed4a [0.66.1] Bump version numbers
- 80e5abd Fix Android border positioning regression (#32398)
- e94f9fa Addressing various issues with the Appearance API (#28823) (#29106)
- bd01f16 Fix: find-node.sh location in react-native-xcode.sh script (#32227)
- 09a21f0 [0.66.0] Bump version numbers
- d47fd4a [0.66.0-rc.4] Bump version numbers
- a6a983d OSS: bump-oss-version -- update Podfile.lock later in the flow
- ef280d6 [LOCAL] Port react-native-codegen new .gitignore from main
- 9967318 OSS: update Podfile.lock automatically when bumping release version
- 6b014e8 Don’t hard-code CocoaPods’s sandbox path (#32243)
- ab50c6e [0.66.0-rc.3] Bump version numbers
- dc453da Update rn-tester Podfile.lock to prepare for 0.66.0-rc.3
- 8b6d7fd Link RCT-Folly against libc++abi
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs