This repository has been archived by the owner on Jul 17, 2023. It is now read-only.
fix(deps): update dependency react-native to ^0.64.0 [security] #1037
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/npm-react-native-vulnerability
branch
3 times, most recently
from
6e57e32 to
d5f747c
Compare
renovate
bot
force-pushed
the
renovate/npm-react-native-vulnerability
branch
from
d5f747c to
1e74cdc
Compare
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Renovate Ignore NotificationBecause you closed this PR without merging, Renovate will ignore this update (^0.64.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^0.63.0->^0.64.0GitHub Vulnerability Alerts
CVE-2020-1920
A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.
Release Notes
facebook/react-native
v0.64.1Compare Source
This patch release is specifically targetted towards fixing iOS build problems in Xcode 12.5. If it doesn't help, please refer to this issue.
Aside from bumping your version from 0.64.0 to 0.64.1, please check your podfile.lock and make sure that Flipper is on 0.75 or higher, and Flipper-Folly is 2.5.3 or higher; if not, add this line to your podfile (or modify it if you already had it):
After which, do all the classic necessary cleans (node_modules, caches, pod folders, etc)(react-native-clean-project is your ally) then do
yarn installand apod install --repo-update(if pod install fails on an error about a Flipper package, just remove the relevant lines from the podfile.lock and run the pod install again).The only other commit picked & released along the Xcode 12.5 fixes is:
You can participate in the conversation on the status of this release at this issue.
To help you upgrade to this version, you can use the upgrade helper ⚛️
You can find the whole changelog history over at
react-native-releases.v0.64.0Compare Source
0.64 stable is here 🎉
Thanks to everyone who contributed and helped to get this together, everyone worked really hard and we hope you are as excited as we are 🤗
Some of the most important highlights of this version:
Among many others - please refer to the blog post for more details.
You can participate in the conversation on the status of this release at this issue.
You can upgrade to this version using the upgrade helper webtool ⚛️
And if you are having trouble, please refer to the new Upgrade Support repository by our awesome community.
You can find the whole changelog history over at
react-native-releases.v0.63.4Compare Source
This release fixes a series of issues reported by the community over the last few months: you can find the full changelog here.
You can participate in the conversation for the next patch release in the dedicated issue.
To help you upgrade to this version, you can use the new upgrade helper ⚛️
You can find the whole changelog history over at
react-native-releases.v0.63.3Compare Source
This release fixes a series of issues reported by the community over the last few months: you can find the full changelog here.
While in this patch release there's already a commit towards focusing compatibility with Xcode 12, if you are having troubles please refer to this issue https://github.com/facebook/react-native/issues/29984 and the workaround described there.
You can participate in the conversation for the next patch release in the dedicated issue.
To help you upgrade to this version, you can use the new upgrade helper ⚛️
You can find the whole changelog history over at
react-native-releases.v0.63.2Compare Source
This release fixes a few minor issues that were reported by the community. While we're working on changelog, you can view the list of commits here.
You can participate in the conversation for the next patch release in the dedicated issue.
To help you upgrade to this version, you can use the new upgrade helper ⚛️
You can find the whole changelog history over at
react-native-releases.v0.63.1Compare Source
This release fixes a few minor issues that were reported by the community. While we're working on changelog, you can view the list of commits here.
You can participate in the conversation for the next patch release in the dedicated issue.
To help you upgrade to this version, you can use the new upgrade helper ⚛️
You can find the whole changelog history over at
react-native-releases.Configuration
📅 Schedule: "" (UTC).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.