This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **631/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.2 | Missing Release of Resource after Effective Lifetime [SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | Proof of Concept
 | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: expo
The new version differs by 250 commits.
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
π§ [View latest project report](https://app.snyk.io/org/kabir0x23/project/4498a641-09fb-4157-9ac3-34bf59a22676?utm_source=github&utm_medium=referral&page=fix-pr)
π [Adjust project settings](https://app.snyk.io/org/kabir0x23/project/4498a641-09fb-4157-9ac3-34bf59a22676?utm_source=github&utm_medium=referral&page=fix-pr/settings)
π [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"721dfb23-7cd9-47fb-8207-f84953fe1f56","prPublicId":"721dfb23-7cd9-47fb-8207-f84953fe1f56","dependencies":[{"name":"expo","from":"49.0.13","to":"51.0.0"}],"packageManager":"npm","projectPublicId":"4498a641-09fb-4157-9ac3-34bf59a22676","projectUrl":"https://app.snyk.io/org/kabir0x23/project/4498a641-09fb-4157-9ac3-34bf59a22676?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116","SNYK-JS-SEMVER-3247795"],"upgrade":["SNYK-JS-INFLIGHT-6095116","SNYK-JS-SEMVER-3247795"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[631,696],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
π¦ [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **631/1000****Why?** Proof of Concept exploit, Has a fix available, CVSS 6.2 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | Proof of Concept  | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: expo
The new version differs by 250 commits.- 2975b6d Publish packages
- 7995f30 Publish packages
- 2b6c5cb [docs] Fix Image blurhash syntax in placeholder prop
- a5cd2f4 [template] Add privacy_file_aggregation_enabled to the correct place
- 4d8aaab [template] Add missing comma
- 14ff547 [packages] Commit build files
- 9a1f53f [build-properties] Add field to enable/disable privacy manifest aggregation (#28646)
- 19f4c9a chore(cli): bump canary to support React 19 beta (#28592)
- 6d629fd feature(expo-build-properties): add `ios.ccacheEnabled` option to enable c++ compiler cache (#28638)
- 87efd0c Add additional config flag to allow forcing RTL on LTR locales (#28129)
- 9c8b6d4 [core][Android] Remove Kotlin warnings (#28629)
- 9782fb3 [core][Android] Add the method name to unexpected exception (#28626)
- 338477c [video][Android] Remove Kotlin warnings (#28628)
- 2ec644a [device][Android] Replace deprecated method to get rotation (#28627)
- 46dc5b3 [docs] Update new arch guide to account for fixed navigation issue
- 6df141b [docs] Fix `zulu` installation command for SDK 49 and below (#28612)
- 393ca27 [docs] Improve example in Use Bun guide (#28615)
- b142541 [iOS] Make it easier to use the new architecture in bare-expo (#28616)
- 1fcceda [core][Android] Make `defaultAppContextMock` private (#28620)
- 0adb5e6 [docs] show "Unversioned" API version in PR previews (#28588)
- 72fd8e2 [expo-go] Remove unused queries and overfetched fields (#28619)
- f57dfd1 [templates] Update to latest [skip ci]
- 2d80ee3 Publish packages
- a8060e8 Publish packages
See the full diff