[Snyk-dev] Fix for 1 vulnerabilities

[lili2311]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: react-native

The new version differs by 250 commits.

• 769e35b [0.60.0] Bump version numbers
• 35aeb8c [LOCAL] bump CLI
• 8fdecf3 - Publish `react-native.config.js` (#25436)
• ff9855c Check if mCurrentActivity is set according to LifecycleState (#23336)
• 8a43321 [0.60.0-rc.3] Bump version numbers
• db1d60f bump jsc dep
• 93c8318 bump CLI rc
• 9837d24 Fix some languages wrapped texts are cut off on android (#25306)
• b68966e Use CALayers to draw text (#24387)
• 99bc31c Fix regression of improper assets copy (revert #24518 #24778) (#25363)
• c36c481 bump fresco to 2.0.0, supports AndroidX (#25358)
• 13f4fa0 custom fontWeight numeric values for Text on Android (#25341)
• 9792f2c [0.60.0-rc.2] Bump version numbers
• 53cec2d [LOCAL] bump version in template to match repo
• b4f3d4b Move scheduler to dependencies
• e741488 Implement changes to enable native modules auto linking (#24506)
• bf4ee6f Bump CLI to 2.0.0-rc.2 (#25241)
• cecba01 Removed autoresizing mask for modal host container view (#25150)
• 06fffc2 [0.60.0-rc.1] Bump version numbers
• 5ecc87b bump versions to match the requirements
• 7082c3e re-add the hasteImpl
• 39ce412 Bump CLI to 2.0.0-rc.0 (#25175)
• 00c7cf3 Fix: RefreshControl in FlatList makes borderWidth not working (#24411)
• a916dd6 Android Fix for 9145: No longer hard code build port (#23616)

See the full diff

Package name: realm

The new version differs by 250 commits.

• a3560dc Merge branch 'master' of github.com:realm/realm-js
• 5ca9a01 [10.3.0] Bump version
• 4b77fc0 [10.3.0] Bump version
• b2db888 Merge pull request Urgent: HEIC no longer uploaded as JPG on iOS RocketChat/Rocket.Chat.ReactNative#3635 from realm/kneth/cmake-and-monorepo
• 6af8ff8 [RWeb] Fix linting errors
• 3099afa ANDROID_SDK_ROOT is the new ANDROID_HOME
• b8ce8c3 Make AppClass::transport_generator initialized at const-init time ([FIX]: Fix CI build RocketChat/Rocket.Chat.ReactNative#3665)
• f3b7c9f Minor change to changelog
• 708f1f2 Upgrade to Realm Core v10.5.6
• af2037c [10.3.0-rc.1] Bump version
• fe3599d Use S3 prebuilds
• 4aa3452 Merge branch 'master' of github.com:realm/realm-js into kneth/cmake-and-monorepo
• 297f74a Use 'android' docker node
• 17a7be4 Revert "Use LTO on Android"
• 530c10a Fix compiler warnings
• 9f3b24d Use LTO on Android
• 07367b1 Fix merge conflict
• 3f43109 Fix merge conflict
• f0f8e40 Merge commit '1022dd5706ea28a79b50ab0c348259e4e4e4ae12' of github.com:realm/realm-js into kneth/cmake-and-monorepo
• a7a2626 Merge commit 'dec88548b45fcb2c0484ef5fc7b02aa8e3e13127' of github.com:realm/realm-js into kneth/cmake-and-monorepo
• 1022dd5 Mention CMake for Android NDK in README.md ([NEW] Add sorting functionality in directory page and some improvements RocketChat/Rocket.Chat.ReactNative#3653)
• dec8854 Prebuild React Native iOS binaries with cmake (Merge 4.24.0 into single-server RocketChat/Rocket.Chat.ReactNative#3649)
• e402ac4 Small fixes ([FIX] Joining and leaving messages in teams RocketChat/Rocket.Chat.ReactNative#3591)
• 6d26292 Remove delay in analytics code (Chore: Update react-native-mmkv-storage to 0.6.12 RocketChat/Rocket.Chat.ReactNative#3634)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[lili2311]

✅ This PR has been automatically closed

The security issues addressed by this pull request are no longer present in the latest project scan. All vulnerabilities this PR was created to fix have been resolved through other means (e.g., dependency updates, direct fixes, or changes in vulnerability data).

Resolved Issues

• SNYK-JS-INFLIGHT-6095116

What should I do?

No action is required. If you believe this PR was closed in error, you can reopen it and contact Snyk support.

---

This action was performed automatically by Snyk.