[Snyk] Fix for 1 vulnerabilities

[jackromo888]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • templates/expo-template-tabs/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: expo

The new version differs by 250 commits.

• 07b1eeb Publish packages
• 4dd0cc2 Publish packages
• 3c0ab7d Publish @ expo/package-manager
• fb57045 [package-manager] Update description to match README
• 508d843 Revert: [expo-updates][android] Add support for version 1 of the protocol and directives and rollback to embedded update directive (Revert: [expo-updates][android] Add support for version 1 of the protocol and directives and rollback to embedded update directive expo/expo#21226)
• 82b781c [github] Use --pretty online instead of %B to ensure commit message is on one line ([github] Use --pretty online instead of %B to ensure commit message is on one line expo/expo#21224)
• c8107d5 Publish packages
• b6a9460 [autolinking] Suppress node warnings about deprecated exports mapping ([autolinking] Suppress node warnings about deprecated exports mapping expo/expo#21222)
• 3a2983e Backport react-native-screens v3.20.0 to SDK 48 code
• 2f40d87 [android] Remove scoped error recovery module
• c54c259 Backport expo-modules-core to SDK 48 and remove tests from versioned code
• ffceab2 Backport changes in expo-image and expo-gl to SDK 48
• f355232 [docs] improves the migration guide ([docs] improves the migration guide expo/expo#21159)
• 97fb1ba [expo-gl] Add support for GL_UNPACK_ALIGNMENT in pixelStorei ([expo-gl] Add support for GL_UNPACK_ALIGNMENT in pixelStorei expo/expo#21212)
• 97768e0 Publish expo-image
• 557a3ce Update lockfiles [skip ci]
• 32e281e [image][ios] Don't emit onProgress event when the asset size is unknown ([image][ios] Don't emit onProgress event when the asset size is unknown expo/expo#21215)
• ac324c0 [image][Android] Fix `You can't start or clear loads in RequestListener or Target callbacks` ([image][Android] Fix You can't start or clear loads in RequestListener or Target callbacks expo/expo#21192)
• e8386b3 [image][Android] Fix SVGs are not rendered in the release mode ([image][Android] Fix SVGs are not rendered in the release mode expo/expo#21214)
• b7a31ef [core] Fix AppDelegateSubscriber broken on ios framework mode ([core] Fix AppDelegateSubscriber broken on ios framework mode expo/expo#21206)
• 3699632 [ENG-7389][docs] update images documentation ([ENG-7389][docs] update images documentation expo/expo#21182)
• 610778d [github] Only add label if in allow list
• 10b679d [github] Fix typo in action
• c06f460 [github] Validate issues and improve bug report template ([github] Validate issues and improve bug report template expo/expo#21202)

See the full diff

Package name: expo-asset

The new version differs by 250 commits.

• e17b40b Publish expo-linking, expo-asset, expo-auth-session
• a4a37bb Publish packages
• cf45f09 [metro-config] fix hermes internalbytecode symbolication error ([metro-config] fix hermes internalbytecode symbolication error expo/expo#20432)
• d15fc80 [core] fix installing expo hostobject thread issue on ios hermes ([core] fix installing expo hostobject thread issue on ios hermes expo/expo#20506)
• c8d12e2 [ios] Bump version [skip ci]
• fdd66d5 [ios] Bump version
• 46918db [ios] Bump version for simulator build [skip ci]
• 22efedc [home] Update prod home
• eac61e1 [home] Publish dev home
• 00a5358 [home] Launch directly to classic update ([home] Launch directly to classic update expo/expo#20480)
• 6831e11 [ios] Bump version
• 8679097 [Expo Go][iOS] No remote home app loads in release builds
• 732156d [expo] update `sentry-expo` and `@ sentry/react-native` versions ([expo] update sentry-expo and @sentry/react-native versions expo/expo#20201)
• faf3d02 Publish packages
• dec4d23 [auth-session] Remove incorrectly added projectNameForProject in 01095ed
• c86764f Publish expo-av, expo-gl
• b8df999 [av][gl] Fix duplicated META-INF files ([av][gl] Fix duplicated META-INF files expo/expo#20251)
• 271f257 [android] Bump Expo Go version [skip ci]
• 81abafa [android] re-version prebuilt so libs from ndk r21 ([android] re-version prebuilt so libs from ndk r21 expo/expo#20202)
• 1c5b1b7 Publish expo-build-properties
• 27e0dfe [build-properties] fix extraProguardRules be overwritten ([build-properties] fix extraProguardRules be overwritten expo/expo#20106)
• 8875736 [modules][Android] Fixed views are not correctly initialized after reloading on Android ([modules][Android] Fixed views are not correctly initialized after reloading on Android expo/expo#20063)
• 978c740 Publish expo-camera, expo-barcode-scanner
• de35bd4 [camera][ncl] correct camera type, update NCL example ([camera][ncl] correct camera type, update NCL example expo/expo#20130)

See the full diff

Package name: expo-splash-screen

The new version differs by 250 commits.

• fa5ecca Publish packages
• e7d2fd4 [config-types] Pull in latest
• 1aa8cfd [html-elements] ts-ignore em/rem usage, string is supported on web but not by React Native StyleSheet type
• 874dc2c [modules][system-ui] Persist user selected background color ([modules][system-ui] Persist user selected background color expo/expo#22773)
• 158d691 [auth-session] Remove all auth proxy APIs ([auth-session] Remove all auth proxy APIs expo/expo#22834)
• 1df087d [docs] better sidebar title
• 1aef436 [web][location] Remove Geocoding API ([web][location] Remove Geocoding API expo/expo#22830)
• d727366 [ENG-9026][docs] better eas update file names ([ENG-9026][docs] better eas update file names expo/expo#22979)
• c941c9c [go] Improve onboarding messaging ([go] Improve onboarding messaging expo/expo#23001)
• c665858 [docs] more eas update sidebar renames ([docs] more eas update sidebar renames expo/expo#23015)
• 44a18ba Prune root changelog entries for SDK 47 and older (Prune root changelog entries for SDK 47 and older expo/expo#22999)
• 63136ba Add more banners for SDK packages (Add more banners for SDK packages expo/expo#23006)
• c65c60f [ENG-9027][docs] eas update: more categories ([ENG-9027][docs] eas update: more categories expo/expo#22980)
• e62df66 feat!(metro-config): add unstable_styles to css modules (feat!(metro-config): add unstable_styles to css modules expo/expo#23002)
• 8df9096 feat(cli): auto enable --dev-client in `npx expo start` (feat(cli): auto enable --dev-client in npx expo start expo/expo#22926)
• e32ccf9 feat(cli): improve offline support (feat(cli): improve offline support expo/expo#22961)
• 8bd24a3 feat(blur): enable blurring by default when static rendering. (feat(blur): enable blurring by default when static rendering. expo/expo#23000)
• d1e2992 [docs] eas update: better navigation titles ([docs] eas update: better navigation titles expo/expo#22978)
• 4a8d6a7 [docs] replace class component example on `battery.md` ([docs] replace class component example on battery.md expo/expo#22052)
• d73b360 [docs] Fix link with firebase example ([docs] Fix link with firebase example expo/expo#22990)
• 884edb9 [expo-localization] Fix spotless lint on expo-localization ([expo-localization] Fix spotless lint on expo-localization expo/expo#22985)
• b7d2325 [docs] Step: fix possible overflow on mobile in certain cases ([docs] Step: fix possible overflow on mobile in certain cases expo/expo#22973)
• 60ad5af [go] add network inspector support ([go] add network inspector support expo/expo#22741)
• faf0cf8 [build-properties] enable network inspector by default ([build-properties] enable network inspector by default expo/expo#22994)

See the full diff

Package name: expo-system-ui

The new version differs by 250 commits.

• eab2b09 Publish packages
• dcb8522 Sync changelogs with sdk-46 branch [skip ci]
• 546aab6 Fix RNReanimated checksum in Podfile.lock in bare-expo [skip ci]
• a382913 [docs] Update EAS Update environment-variables.mdx ([docs] Update environment-variables.mdx expo/expo#19682)
• 19acf31 [av] Rebuild type definitions ([av] Rebuild type definitions expo/expo#19680)
• 42be147 Add iOS simulator fallback for UTType (Add iOS simulator fallback for UTType expo/expo#19669)
• ce17bd9 feat(expo): drop dev container side effect (feat(expo): drop dev container side effect expo/expo#18984)
• e8437f4 [docs] Deep Linking: fix Android docs link ([docs] Fix link for Deep Linking Android expo/expo#19674)
• 9b42963 [docs][audio] update example to help users avoid disabling speaker ([docs][audio] update example to help users avoid disabling speaker expo/expo#19621)
• bfbbd41 [docs] Footer: fix edit page link ([docs] Footer: fix edit page link expo/expo#19667)
• 03cd911 [packages] unify TSConfig package version ([packages] unify TSConfig package version expo/expo#19671)
• 7cf2400 [notifications] Support android sdk 33 POST_NOTIFICATIONS permission ([notifications] Support android sdk 33 POST_NOTIFICATIONS permission expo/expo#19672)
• fd0b44f [device] Fix deviceName exception on android sdk > 31 ([device] Fix deviceName exception on android sdk > 31 expo/expo#19666)
• fc66d1b [module-scripts] use correct TSConfig package in dependencies ([module-scripts] use correct TSConfig package in dependencies expo/expo#19670)
• f8187f9 [bare-expo] Run `pod install`
• 6445b96 [docs] Home: fix layout on mobile with slow connection ([docs] Home: fix layout on mobile with slow connection expo/expo#19283)
• d2e08b4 [bare-expo][NCL] Fix search screen
• fb08e93 [create-expo-module] fix example app prebuild ([create-expo-module] fix example app prebuild expo/expo#19631)
• d86c011 [docs] fix few code blocks formatting ([docs] fix few code blocks formatting expo/expo#19668)
• 3bacd63 Update yarn.lock
• 251a692 [ENG-6183][docs] add docs on eas secret:push ([ENG-6183][docs] add docs on eas secret:push expo/expo#19618)
• 921c869 adds code signing under eas update ([docs] Adds code signing under EAS Update expo/expo#19560)
• 7d56b19 [tools] fix versioning script on ios ([tools] fix versioning script on ios expo/expo#19658)
• 0b294b9 fix(cli): skip adb when Android SDK is missing (fix(cli): skip adb when Android SDK is missing expo/expo#19593)

See the full diff

Package name: react-native

The new version differs by 250 commits.

• 7a893e4 [0.72.0] Bump version numbers
• 3863877 [LOCAL] update podfile.lock
• ec4771b [0.72.0-rc.6] Bump version numbers
• a2df07e [LOCAL] bump CLI to 11.3.2
• b2f2737 bumped packages versions
• 0817eaa Revert "fix: border width top/bottom not matching the border radius" (#37840)
• 0da7e06 Remove CallInvoker parameter from toJs method in Codegen (#37832)
• 2d15f50 Fix Android border clip check (#37828)
• 2760042 Fix loading NODE_BINARY inside Generate Legacy Components Interop (#37802)
• 8ed2cfd Add support for building with Xcode 15 (#37758)
• 73f4a78 Fixed random styling for text nodes with many children (#36656)
• dfc64d5 Fix copy / paste menu and simplify controlled text selection on Android (#37424)
• bab5bab [LOCAL] bump hermes podlock
• a98c7c6 [0.72.0-rc.5] Bump version numbers
• 7dc11bc bumped packages versions
• e11396e [0.72.0-rc.4] Bump version numbers
• 60a452b [LOCAL] Fix performance issues in Hermes when Debug
• 32327cc [LOCAL] Fix hermesc for linux (#37591)
• 52d2065 [LOCAL] Make sure Java Toolchain and source/target level is applied to all projects (#37576)
• e0c88fe [LOCAL] Fix Ruby tests
• a4aaee0 [LOCAL] Remove double definition of task wrapper after merge conflict
• 74e3803 bumped packages versions
• 7c5dc1d [LOCAL] bump metro to 0.76.5 and CLI to 11.3.1
• c43bd7a Do not use setNativeState in RuntimeScheduler::Task

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.