onesignal-expo-plugin
onesignal-expo-plugin copied to clipboard
OneSignal
[WIP] Update @expo/image-utils package (resolves issue #234)
Description
One Line Summary
Addresses security vulnerability outlined in #234.
Details
Motivation
Fixes a vulnerability in underlying semver package from outdated @expo/image-utils package.
Scope
Updates @expo/image-utils from ^0.3.22 to ^0.5.1
Testing
Manual testing
(WIP - will update PR once testing is done against a live app. It appears that the affected changes only apply to Android icon generation.)
Checklist
Overview
- [x] I have filled out all REQUIRED sections above
- [x] PR does one thing
- If it is hard to explain how any codes changes are related to each other then it most likely needs to be more than one PR
- [x] Any Public API changes are explained in the PR details and conform to existing APIs
Testing
- [ ] I have personally tested this on my device, or explained why that is not possible
- [ ] I have tested this on the latest version of the plugin
- [ ] I have tested this on both Android and iOS, or explained why that is not possible
Final pass
- [x] Code is as readable as possible.
- Simplify with less code, followed by splitting up code into well named functions and variables, followed by adding comments to the code.
- [x] I have reviewed this PR myself, ensuring it meets each checklist item
- WIP (Work In Progress) is ok, but explain what is still in progress and what you would like feedback on. Start the PR title with "WIP" to indicate this.
@davidlormor can we merge this PR? We are doing a dependency resolution to override this error. Thanks!
