react-native-branch-deep-linking-attribution
react-native-branch-deep-linking-attribution copied to clipboard
[Snyk] Upgrade react-native from 0.62.2 to 0.68.2
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade react-native from 0.62.2 to 0.68.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 55 versions ahead of your current version.
- The recommended version was released 2 months ago, on 2022-05-09.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
---|---|---|---|
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Prototype Pollution SNYK-JS-ASYNC-2441827 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Use After Free SNYK-JS-HERMESENGINE-1309667 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Out-of-Bounds SNYK-JS-HERMESENGINE-1727253 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Prototype Pollution SNYK-JS-PLIST-2405644 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-REACTNATIVE-1298632 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Prototype Pollution SNYK-JS-Y18N-1021887 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Cross-site Scripting (XSS) SNYK-JS-HERMESENGINE-1015406 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Denial of Service (DoS) SNYK-JS-HERMESENGINE-2342071 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Prototype Pollution SNYK-JS-HERMESENGINE-608850 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Denial of Service (DoS) SNYK-JS-HERMESENGINE-629268 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Out-of-Bounds SNYK-JS-HERMESENGINE-629748 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Information Exposure SNYK-JS-NODEFETCH-2342118 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Denial of Service SNYK-JS-NODEFETCH-674311 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Information Exposure SNYK-JS-NODEFETCH-2342118 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Denial of Service SNYK-JS-NODEFETCH-674311 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
Proof of Concept |
![]() |
XML External Entity (XXE) Injection SNYK-JS-XMLDOM-1084960 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
![]() |
Improper Input Validation SNYK-JS-XMLDOM-1534562 |
482/1000 Why? Proof of Concept exploit, CVSS 7.5 |
No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: react-native
-
0.68.2 - 2022-05-09
Changed
- Bump used version of react-native-codegen to 0.0.17 (dfda480a98 by @ cortinico)
- Bump react-native-codegen to 0.0.17 (a5ddc2e165 by @ cortinico)
Fixed
Android specific
- Working around Long paths limitation on Windows (62ef6f5fa1 by @ mganandraj)
You can participate in the conversation on the status of this release in this discussion
To help you upgrade to this version, you can use the upgrade helper
⚛️
You can find the whole changelog history in the changelog.md file.
- 0.68.1 - 2022-04-13
- 0.68.0 - 2022-03-30
- 0.68.0-rc.4 - 2022-03-25
- 0.68.0-rc.3 - 2022-03-17
- 0.68.0-rc.2 - 2022-02-24
- 0.68.0-rc.1 - 2022-02-03
- 0.68.0-rc.0 - 2022-01-28
- 0.67.4 - 2022-03-18
- 0.67.3 - 2022-02-22
- 0.67.2 - 2022-01-31
- 0.67.1 - 2022-01-20
- 0.67.0 - 2022-01-18
- 0.67.0-rc.6 - 2021-12-14
- 0.67.0-rc.5 - 2021-12-06
- 0.67.0-rc.4 - 2021-11-30
- 0.67.0-rc.3 - 2021-11-05
- 0.67.0-rc.2 - 2021-10-25
- 0.67.0-rc.1 - 2021-10-22
- 0.67.0-rc.0 - 2021-10-16
- 0.66.4 - 2021-12-09
- 0.66.3 - 2021-11-10
- 0.66.2 - 2021-11-04
- 0.66.1 - 2021-10-15
- 0.66.0 - 2021-10-01
- 0.66.0-rc.4 - 2021-09-24
- 0.66.0-rc.3 - 2021-09-17
- 0.66.0-rc.2 - 2021-09-10
- 0.66.0-rc.1 - 2021-09-01
- 0.66.0-rc.0 - 2021-08-27
- 0.65.2 - 2021-11-04
- 0.65.1 - 2021-08-19
- 0.65.0 - 2021-08-17
- 0.65.0-rc.4 - 2021-08-11
- 0.65.0-rc.3 - 2021-07-23
- 0.65.0-rc.2 - 2021-06-18
- 0.65.0-rc.1 - 2021-06-17
- 0.65.0-rc.0 - 2021-06-09
- 0.64.3 - 2021-11-04
- 0.64.2 - 2021-06-03
- 0.64.1 - 2021-05-05
- 0.64.0 - 2021-03-12
- 0.64.0-rc.4 - 2021-03-01
- 0.64.0-rc.3 - 2021-02-05
- 0.64.0-rc.2 - 2020-12-18
- 0.64.0-rc.1 - 2020-11-25
- 0.64.0-rc.0 - 2020-11-23
- 0.63.4 - 2020-11-30
- 0.63.3 - 2020-09-29
- 0.63.2 - 2020-07-22
- 0.63.1 - 2020-07-14
- 0.63.0 - 2020-07-08
- 0.63.0-rc.1 - 2020-05-04
- 0.63.0-rc.0 - 2020-04-16
- 0.62.3 - 2021-05-05
- 0.62.2 - 2020-04-08
Commit messages
Package name: react-native
- 72e1eda [0.68.2] Bump version numbers
- dfda480 Bump used version of react-native-codegen to 0.0.17
- a5ddc2e Bump react-native-codegen to 0.0.17
- 62ef6f5 [Main][Windows] Working around Long paths limitation on Windows (#33707)
- b5f1b26 [0.68.1] Bump version numbers
- 48113b5 Merge pull request #33628 from fortmarek/fix/yarn-lock-gradle-plugin
- faaf256 Update yarn.lock with the new react-native-gradle-plugin version
- 387ee70 Use NDK 23 only for Windows users. (#33611)
- 3fd3fe0 react-native-gradle-plugin should not depend on react-native-codegen NPM package
- fdd7848 Replaced windowsAwareYarn with windowsAwareCommandLine for node calls (#33530)
- 1f48b7b Bump React Native Gradle plugin to 0.0.6 (#33581)
- 6268836 Improve support for Android users on M1 machine (#33588)
- 9efcaff Pin use-subscription to < 1.6.0 (#33541)
- 8400590 Template: Specify abiFilters if enableSeparateBuildPerCPUArchitecture is not set.
- a5c44e6 Fix dynamic_cast (RTTI) by adding key function to ShadowNodeWrapper and related classes (#33500)
- 44ee801 Merge pull request #33582 from mganandraj/NewArchWinBuild
- 5a8033d Fix for building new architecture sources on Windows
- 51f5ea1 [0.68.0] Bump version numbers
- a4a6e23 [0.68.0-rc.4] Bump version numbers
- e645629 Enable SonarKit and Flipper in React-Core (#33499)
- b3f19d7 [0.68.0-rc.3] Bump version numbers
- cb28a26 Bump Flipper-Glog to 0.5.0.4
- 4163386 fix(ios, flipper): update flipper sub-pods to support macCatalyst (#33406)
- ccd1708 Re-apply: Consider relative to pwd installation root when looking for files in rn module via cocoapods (#33427)
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
Needs a lot of other related changes also to be done as part of the upgrade : https://react-native-community.github.io/upgrade-helper/?from=0.62.2&to=0.68.2 and thoroughly tested.
Rejecting until we perform other required changes as @JagadeeshKaricherla-branch mentioned.