Skip to content
This repository has been archived by the owner on Jan 20, 2024. It is now read-only.

[Snyk] Security upgrade expo from 44.0.6 to 50.0.0 #475

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade expo from 44.0.6 to 50.0.0 #475

wants to merge 1 commit into from

Conversation

filiptronicek
Copy link
Member

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@github-actions GitHub Actions
Copy link

yarn.lock changes

Summary

Status Count
ADDED 160
UPDATED 174
DOWNGRADED 1
REMOVED 3
Click to toggle table visibility
Name Status Previous Current
@0no-co/graphql.web ADDED - 1.0.4
@ampproject/remapping UPDATED 2.1.2 2.2.1
@babel/code-frame UPDATED 7.16.7 7.23.5
@babel/compat-data UPDATED 7.17.0 7.23.5
@babel/core UPDATED 7.17.4 7.23.7
@babel/generator UPDATED 7.17.3 7.23.6
@babel/helper-annotate-as-pure UPDATED 7.16.7 7.22.5
@babel/helper-builder-binary-assignment-operator-visitor UPDATED 7.15.4 7.22.15
@babel/helper-compilation-targets UPDATED 7.16.7 7.23.6
@babel/helper-create-class-features-plugin UPDATED 7.17.1 7.23.7
@babel/helper-create-regexp-features-plugin UPDATED 7.14.5 7.22.15
@babel/helper-define-polyfill-provider UPDATED 0.2.3 0.5.0
@babel/helper-environment-visitor UPDATED 7.16.7 7.22.20
@babel/helper-function-name UPDATED 7.16.7 7.23.0
@babel/helper-hoist-variables UPDATED 7.16.7 7.22.5
@babel/helper-member-expression-to-functions UPDATED 7.16.7 7.23.0
@babel/helper-module-imports UPDATED 7.16.7 7.22.15
@babel/helper-module-transforms UPDATED 7.16.7 7.23.3
@babel/helper-optimise-call-expression UPDATED 7.16.7 7.22.5
@babel/helper-plugin-utils UPDATED 7.16.7 7.22.5
@babel/helper-remap-async-to-generator UPDATED 7.15.4 7.22.20
@babel/helper-replace-supers UPDATED 7.16.7 7.22.20
@babel/helper-simple-access UPDATED 7.16.7 7.22.5
@babel/helper-skip-transparent-expression-wrappers UPDATED 7.16.0 7.22.5
@babel/helper-split-export-declaration UPDATED 7.16.7 7.22.6
@babel/helper-string-parser ADDED - 7.23.4
@babel/helper-validator-identifier UPDATED 7.16.7 7.22.20
@babel/helper-validator-option UPDATED 7.16.7 7.23.5
@babel/helper-wrap-function UPDATED 7.15.4 7.22.20
@babel/helpers UPDATED 7.17.2 7.23.8
@babel/highlight UPDATED 7.16.10 7.23.4
@babel/parser UPDATED 7.17.3 7.23.6
@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression ADDED - 7.23.3
@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining UPDATED 7.15.4 7.23.3
@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly ADDED - 7.23.7
@babel/plugin-proposal-class-properties UPDATED 7.14.5 7.18.6
@babel/plugin-proposal-nullish-coalescing-operator UPDATED 7.14.5 7.18.6
@babel/plugin-proposal-object-rest-spread UPDATED 7.15.6 7.20.7
@babel/plugin-proposal-optional-chaining UPDATED 7.14.5 7.21.0
@babel/plugin-proposal-private-property-in-object UPDATED 7.15.4 7.21.0-placeholder-for-preset-env.2
@babel/plugin-syntax-flow UPDATED 7.16.0 7.23.3
@babel/plugin-syntax-import-assertions ADDED - 7.23.3
@babel/plugin-syntax-import-attributes ADDED - 7.23.3
@babel/plugin-syntax-jsx UPDATED 7.14.5 7.23.3
@babel/plugin-syntax-typescript UPDATED 7.16.7 7.23.3
@babel/plugin-syntax-unicode-sets-regex ADDED - 7.18.6
@babel/plugin-transform-arrow-functions UPDATED 7.14.5 7.23.3
@babel/plugin-transform-async-generator-functions ADDED - 7.23.7
@babel/plugin-transform-async-to-generator UPDATED 7.14.5 7.23.3
@babel/plugin-transform-block-scoped-functions UPDATED 7.14.5 7.23.3
@babel/plugin-transform-block-scoping UPDATED 7.15.3 7.23.4
@babel/plugin-transform-class-properties ADDED - 7.23.3
@babel/plugin-transform-class-static-block ADDED - 7.23.4
@babel/plugin-transform-classes UPDATED 7.15.4 7.23.8
@babel/plugin-transform-computed-properties UPDATED 7.14.5 7.23.3
@babel/plugin-transform-destructuring UPDATED 7.14.7 7.23.3
@babel/plugin-transform-dotall-regex UPDATED 7.14.5 7.23.3
@babel/plugin-transform-duplicate-keys UPDATED 7.14.5 7.23.3
@babel/plugin-transform-dynamic-import ADDED - 7.23.4
@babel/plugin-transform-exponentiation-operator UPDATED 7.14.5 7.23.3
@babel/plugin-transform-export-namespace-from ADDED - 7.23.4
@babel/plugin-transform-flow-strip-types UPDATED 7.16.0 7.23.3
@babel/plugin-transform-for-of UPDATED 7.15.4 7.23.6
@babel/plugin-transform-function-name UPDATED 7.14.5 7.23.3
@babel/plugin-transform-json-strings ADDED - 7.23.4
@babel/plugin-transform-literals UPDATED 7.14.5 7.23.3
@babel/plugin-transform-logical-assignment-operators ADDED - 7.23.4
@babel/plugin-transform-member-expression-literals UPDATED 7.14.5 7.23.3
@babel/plugin-transform-modules-amd UPDATED 7.14.5 7.23.3
@babel/plugin-transform-modules-commonjs UPDATED 7.15.4 7.23.3
@babel/plugin-transform-modules-systemjs UPDATED 7.15.4 7.23.3
@babel/plugin-transform-modules-umd UPDATED 7.14.5 7.23.3
@babel/plugin-transform-named-capturing-groups-regex UPDATED 7.14.9 7.22.5
@babel/plugin-transform-new-target UPDATED 7.14.5 7.23.3
@babel/plugin-transform-nullish-coalescing-operator ADDED - 7.23.4
@babel/plugin-transform-numeric-separator ADDED - 7.23.4
@babel/plugin-transform-object-rest-spread ADDED - 7.23.4
@babel/plugin-transform-object-super UPDATED 7.14.5 7.23.3
@babel/plugin-transform-optional-catch-binding ADDED - 7.23.4
@babel/plugin-transform-optional-chaining ADDED - 7.23.4
@babel/plugin-transform-parameters UPDATED 7.15.4 7.23.3
@babel/plugin-transform-private-methods ADDED - 7.23.3
@babel/plugin-transform-private-property-in-object ADDED - 7.23.4
@babel/plugin-transform-property-literals UPDATED 7.14.5 7.23.3
@babel/plugin-transform-react-display-name UPDATED 7.12.13 7.23.3
@babel/plugin-transform-react-jsx UPDATED 7.14.9 7.23.4
@babel/plugin-transform-react-jsx-development ADDED - 7.22.5
@babel/plugin-transform-react-pure-annotations ADDED - 7.23.3
@babel/plugin-transform-regenerator UPDATED 7.14.5 7.23.3
@babel/plugin-transform-reserved-words UPDATED 7.14.5 7.23.3
@babel/plugin-transform-shorthand-properties UPDATED 7.14.5 7.23.3
@babel/plugin-transform-spread UPDATED 7.15.8 7.23.3
@babel/plugin-transform-sticky-regex UPDATED 7.14.5 7.23.3
@babel/plugin-transform-template-literals UPDATED 7.14.5 7.23.3
@babel/plugin-transform-typeof-symbol UPDATED 7.14.5 7.23.3
@babel/plugin-transform-typescript UPDATED 7.16.8 7.23.6
@babel/plugin-transform-unicode-escapes UPDATED 7.14.5 7.23.3
@babel/plugin-transform-unicode-property-regex ADDED - 7.23.3
@babel/plugin-transform-unicode-regex UPDATED 7.14.5 7.23.3
@babel/plugin-transform-unicode-sets-regex ADDED - 7.23.3
@babel/preset-env UPDATED 7.15.8 7.23.8
@babel/preset-flow UPDATED 7.16.0 7.23.3
@babel/preset-modules UPDATED 0.1.4 0.1.6-no-external-plugins
@babel/preset-react ADDED - 7.23.3
@babel/register UPDATED 7.13.16 7.23.7
@babel/regjsgen ADDED - 0.8.0
@babel/runtime UPDATED 7.15.4 7.23.8
@babel/template UPDATED 7.16.7 7.22.15
@babel/traverse UPDATED 7.17.3 7.23.7
@babel/types UPDATED 7.17.0 7.23.6
@expo/bunyan ADDED - 4.0.0
@expo/cli ADDED - 0.17.1
@expo/code-signing-certificates ADDED - 0.0.5
@expo/config UPDATED 6.0.18 8.5.4
@expo/config-plugins UPDATED 4.0.18 7.8.4
@expo/config-types UPDATED 44.0.0 50.0.0
@expo/devcert ADDED - 1.1.0
@expo/env ADDED - 0.2.1
@expo/fingerprint ADDED - 0.6.0
@expo/image-utils UPDATED 0.3.18 0.4.1
@expo/json-file UPDATED 8.2.34 8.3.0
@expo/metro-config UPDATED 0.2.8 0.17.3
@expo/osascript ADDED - 2.1.0
@expo/package-manager ADDED - 1.4.2
@expo/plist UPDATED 0.0.17 0.1.0
@expo/prebuild-config UPDATED 3.0.18 6.7.3
@expo/rudder-sdk-node ADDED - 1.1.1
@expo/spawn-async UPDATED 1.5.0 1.7.2
@expo/vector-icons UPDATED 12.0.5 14.0.0
@expo/xcpretty ADDED - 4.3.1
@gar/promisify ADDED - 1.1.3
@graphql-typed-document-node/core ADDED - 3.2.0
@isaacs/ttlcache ADDED - 1.4.1
@jridgewell/gen-mapping ADDED - 0.3.3
@jridgewell/resolve-uri UPDATED 3.0.5 3.1.1
@jridgewell/set-array ADDED - 1.1.2
@jridgewell/sourcemap-codec UPDATED 1.4.11 1.4.15
@jridgewell/trace-mapping UPDATED 0.3.4 0.3.21
@npmcli/fs ADDED - 1.1.1
@npmcli/move-file ADDED - 1.1.2
@react-native/assets-registry ADDED - 0.73.1
@react-native/babel-plugin-codegen ADDED - 0.73.2
@react-native/babel-preset ADDED - 0.73.19
@react-native/codegen ADDED - 0.73.2
@react-native/debugger-frontend ADDED - 0.73.3
@react-native/dev-middleware ADDED - 0.73.7
@segment/loosely-validate-event ADDED - 2.0.0
@urql/core ADDED - 2.3.6
@urql/exchange-retry ADDED - 0.3.0
@xmldom/xmldom UPDATED 0.7.5 0.7.13
accepts UPDATED 1.3.7 1.3.8
aggregate-error ADDED - 3.1.0
application-config-path ADDED - 0.1.1
arg ADDED - 5.0.2
array-union ADDED - 2.1.0
ast-types UPDATED 0.14.2 0.15.2
babel-plugin-polyfill-corejs2 UPDATED 0.2.2 0.4.8
babel-plugin-polyfill-corejs3 UPDATED 0.2.5 0.8.7
babel-plugin-polyfill-regenerator UPDATED 0.2.2 0.5.5
babel-plugin-react-native-web UPDATED 0.17.5 0.18.12
babel-plugin-transform-flow-enums ADDED - 0.0.2
babel-preset-expo UPDATED 9.0.2 10.0.1
babel-preset-fbjs UPDATED 3.3.0 3.4.0
better-opn ADDED - 3.0.2
bplist-parser UPDATED 0.2.0 0.3.2
browserslist UPDATED 4.18.1 4.22.2
buffer ADDED - 5.7.1
builtins ADDED - 1.0.3
cacache ADDED - 15.3.0
caniuse-lite UPDATED 1.0.30001282 1.0.30001579
charenc ADDED - 0.0.2
chownr ADDED - 2.0.0
chrome-launcher ADDED - 0.15.2
chromium-edge-launcher ADDED - 1.0.0
ci-info UPDATED 3.2.0 3.9.0
clean-stack ADDED - 2.2.0
clone UPDATED 1.0.4 2.1.2
compare-versions REMOVED 3.6.0 -
component-type ADDED - 1.2.2
convert-source-map UPDATED 1.7.0 2.0.0
core-js-compat UPDATED 3.18.3 3.35.0
crypt ADDED - 0.0.2
crypto-random-string UPDATED 1.0.0 2.0.0
dag-map ADDED - 1.0.2
debug UPDATED 4.3.2 4.3.4
deep-extend ADDED - 0.6.0
default-gateway ADDED - 4.2.0
define-lazy-prop ADDED - 2.0.0
del ADDED - 6.1.1
depd UPDATED 1.1.2 2.0.0
destroy UPDATED 1.0.4 1.2.0
detect-libc ADDED - 1.0.3
dir-glob ADDED - 3.0.1
dotenv ADDED - 16.0.3
dotenv-expand ADDED - 10.0.0
electron-to-chromium UPDATED 1.3.904 1.4.637
env-editor ADDED - 0.4.2
eol ADDED - 0.9.1
exec-async ADDED - 2.2.0
expo UPDATED 44.0.6 50.0.1
expo-asset UPDATED 8.4.6 9.0.2
expo-constants UPDATED 13.0.2 15.4.5
expo-error-recovery REMOVED 3.0.5 -
expo-file-system UPDATED 13.1.4 16.0.4
expo-font UPDATED 10.0.5 11.10.2
expo-keep-awake UPDATED 10.0.2 12.8.2
expo-modules-autolinking UPDATED 0.5.5 1.10.1
expo-modules-core UPDATED 0.6.5 1.11.7
fast-glob UPDATED 3.2.6 3.3.2
fbemitter UPDATED 2.1.1 3.0.0
fetch-retry ADDED - 4.1.1
find-yarn-workspace-root ADDED - 2.0.0
flow-parser UPDATED 0.121.0 0.206.0
freeport-async ADDED - 2.0.0
fs-minipass ADDED - 2.1.0
function-bind UPDATED 1.1.1 1.1.2
get-port ADDED - 3.2.0
glob UPDATED 7.2.0 7.2.3
globby ADDED - 11.1.0
graphql ADDED - 15.8.0
graphql-tag ADDED - 2.12.6
hasown ADDED - 2.0.0
hosted-git-info ADDED - 3.0.8
http-errors UPDATED 1.7.3 2.0.0
https-proxy-agent UPDATED 5.0.0 5.0.1
ieee754 ADDED - 1.2.1
indent-string ADDED - 4.0.0
infer-owner ADDED - 1.0.4
ini ADDED - 1.3.8
internal-ip ADDED - 4.3.0
ip-regex ADDED - 2.1.0
ipaddr.js ADDED - 1.9.1
is-core-module UPDATED 2.8.1 2.13.1
is-docker ADDED - 2.2.1
is-invalid-path ADDED - 0.1.0
is-path-cwd ADDED - 2.2.0
is-path-inside ADDED - 3.0.3
is-valid-path ADDED - 0.1.1
is-wsl UPDATED 1.1.0 2.2.0
join-component ADDED - 1.1.0
jsc-safe-url ADDED - 0.2.4
jscodeshift UPDATED 0.11.0 0.14.0
json-schema-deref-sync ADDED - 0.13.0
json5 UPDATED 2.2.0 2.2.3
lighthouse-logger ADDED - 1.4.2
lightningcss ADDED - 1.19.0
lightningcss-darwin-arm64 ADDED - 1.19.0
lightningcss-darwin-x64 ADDED - 1.19.0
lightningcss-linux-arm-gnueabihf ADDED - 1.19.0
lightningcss-linux-arm64-gnu ADDED - 1.19.0
lightningcss-linux-arm64-musl ADDED - 1.19.0
lightningcss-linux-x64-gnu ADDED - 1.19.0
lightningcss-linux-x64-musl ADDED - 1.19.0
lightningcss-win32-x64-msvc ADDED - 1.19.0
marky ADDED - 1.2.5
md5 ADDED - 2.3.0
md5hex ADDED - 1.0.0
memory-cache ADDED - 0.2.0
mime-db UPDATED 1.51.0 1.52.0
mime-types UPDATED 2.1.34 2.1.35
minimist UPDATED 1.2.5 1.2.8
minipass ADDED - 5.0.0
minipass-collect ADDED - 1.0.2
minipass-flush ADDED - 1.0.5
minipass-pipeline ADDED - 1.2.4
minizlib ADDED - 2.1.2
mkdirp UPDATED 0.5.5 1.0.4
ms UPDATED 2.1.2 2.1.3
mv ADDED - 2.1.1
nanoid UPDATED 3.3.1 3.3.7
ncp ADDED - 2.0.0
negotiator UPDATED 0.6.2 0.6.3
nested-error-stacks ADDED - 2.0.1
node-forge ADDED - 1.3.1
node-releases UPDATED 2.0.1 2.0.14
npm-package-arg ADDED - 7.0.0
on-finished UPDATED 2.3.0 2.4.1
open UPDATED 6.4.0 8.4.2
os-homedir ADDED - 1.0.2
osenv ADDED - 0.1.5
p-map ADDED - 4.0.0
password-prompt ADDED - 1.1.3
path-browserify REMOVED 1.0.1 -
path-type ADDED - 4.0.0
pirates UPDATED 4.0.5 4.0.6
postcss ADDED - 8.4.33
pretty-bytes ADDED - 5.6.0
progress ADDED - 2.0.3
promise-inflight ADDED - 1.0.1
qrcode-terminal ADDED - 0.11.0
rc ADDED - 1.2.8
react-refresh UPDATED 0.4.3 0.14.0
recast UPDATED 0.20.5 0.21.5
regenerate-unicode-properties UPDATED 8.2.0 10.1.1
regenerator-runtime UPDATED 0.13.7 0.14.1
regenerator-transform UPDATED 0.14.5 0.15.2
regexpu-core UPDATED 4.7.1 5.3.2
regjsparser UPDATED 0.6.9 0.9.1
remove-trailing-slash ADDED - 0.1.1
requireg ADDED - 0.2.2
resolve.exports UPDATED 1.1.0 2.0.2
safe-json-stringify ADDED - 1.2.0
semver UPDATED 7.3.5 7.5.4
send UPDATED 0.17.1 0.18.0
setprototypeof UPDATED 1.1.1 1.2.0
slugify UPDATED 1.5.1 1.6.6
source-map-js ADDED - 1.0.2
split ADDED - 1.0.1
ssri ADDED - 8.0.1
statuses UPDATED 1.5.0 2.0.1
structured-headers ADDED - 0.4.1
sucrase UPDATED 3.20.3 3.34.0
sudo-prompt DOWNGRADED 9.2.1 9.1.1
tar ADDED - 6.2.0
temp UPDATED 0.8.3 0.8.4
temp-dir UPDATED 1.0.0 2.0.0
tempy UPDATED 0.3.0 0.7.1
through ADDED - 2.3.8
tmp ADDED - 0.0.33
toidentifier UPDATED 1.0.0 1.0.1
traverse ADDED - 0.6.8
tslib UPDATED 2.3.1 2.6.2
unicode-canonical-property-names-ecmascript UPDATED 1.0.4 2.0.0
unicode-match-property-ecmascript UPDATED 1.0.4 2.0.0
unicode-match-property-value-ecmascript UPDATED 1.2.0 2.1.0
unicode-property-aliases-ecmascript UPDATED 1.1.0 2.1.0
unique-filename ADDED - 1.1.1
unique-slug ADDED - 2.0.2
unique-string UPDATED 1.0.0 2.0.0
update-browserslist-db ADDED - 1.0.13
url-join ADDED - 4.0.0
uuid UPDATED 7.0.3 8.3.2
valid-url ADDED - 1.0.9
validate-npm-package-name ADDED - 3.0.0
whatwg-url-without-unicode ADDED - 8.0.0-3
wonka ADDED - 6.3.4
ws UPDATED 7.4.6 8.16.0
xml2js UPDATED 0.4.23 0.6.0

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@filiptronicek @snyk-bot