io-app
io-app copied to clipboard
pagopa
[Snyk] Security upgrade react-native from 0.67.4 to 0.69.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- yarn.lock
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
619/1000 Why? Has a fix available, CVSS 8.1 |
Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
| Warnings | |
|---|---|
| :warning: | Please include a Pivotal story or Jira ticket at the beginning of the PR title |
Example of PR titles that include pivotal stories:
- single story:
[#123456] my PR title - multiple stories:
[#123456,#123457,#123458] my PR title
Example of PR titles that include Jira tickets:
- single story:
[PROJID-123] my PR title - multiple stories:
[PROJID-1,PROJID-2,PROJID-3] my PR title
Generated by :no_entry_sign: dangerJS against 9f099f73b65765c80e4ff71cf6dc75c594f3bbf3
This pull request is stale because it has been open for 60 days with no activity. If the pull request is still valid, please update it within 14 days to keep it open or merge it, otherwise it will be closed automatically.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
