[Snyk] Security upgrade react-native from 0.75.3 to 0.85.0#21
[Snyk] Security upgrade react-native from 0.75.3 to 0.85.0#21revan-zhang wants to merge 1 commit into
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
| "dependencies": { | ||
| "react": "18.3.1", | ||
| "react-native": "0.75.3" | ||
| "react-native": "0.85.0" |
There was a problem hiding this comment.
🔴 react-native upgraded to 0.85.0 but @react-native/ devDependencies left at 0.75.3*
The react-native dependency was bumped from 0.75.3 to 0.85.0, but the @react-native/babel-preset, @react-native/metro-config, and @react-native/typescript-config devDependencies at example/package.json:21-23 are still pinned to 0.75.3. These packages are part of the React Native monorepo and are versioned in lock-step with the main react-native package. Using 0.75.3 versions of the tooling packages with react-native@0.85.0 will cause build failures or runtime incompatibilities due to API/configuration changes across 10 minor versions.
Prompt for agents
The react-native dependency in example/package.json was bumped to 0.85.0, but the @react-native/babel-preset, @react-native/metro-config, and @react-native/typescript-config devDependencies (lines 21-23) are still at 0.75.3. These packages are versioned in lock-step with react-native and must be updated to match. Additionally, react-native 0.85.0 may require a newer version of React (likely React 19.x instead of the current 18.3.1 on line 14). All of these dependencies should be updated together to maintain compatibility. Check the react-native 0.85.0 release notes or its peer dependency requirements to determine the correct versions for all related packages.
Was this helpful? React with 👍 or 👎 to provide feedback.
Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.
Snyk changed the following file(s):
example/package.jsonVulnerabilities that will be fixed with an upgrade:
SNYK-JS-INFLIGHT-6095116
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.