[Snyk] Security upgrade react-native from 0.42.3 to 0.69.12

[MHxGH-ServiceAccount]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• example/package.json
• example/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	170

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

---

Note

High Risk
Major react-native version jump with a large transitive dependency change-set; likely to introduce build/runtime breakages in the example app despite being a dependency-only PR.

Overview
Upgrades the example app’s react-native dependency to 0.69.12 (from 0.42.3) to address the reported ReDoS vulnerability, and refreshes example/package-lock.json with the resulting updated transitive dependency tree.

No application/runtime code changes are included; this is a dependency/lockfile-only update that may require follow-up compatibility fixes in the example project.

^{Written by Cursor Bugbot for commit db76b2c. This will update automatically on new commits. Configure here.}

[MHxGH-ServiceAccount]

Upgrading react-native from 0.42.3 to 0.69.12 is a massive undertaking that spans years of development and multiple critical breaking changes. This is not a simple dependency bump; it is a major migration project that will require significant refactoring of native code, JavaScript, and dependencies.

Key Breaking Changes:

• AndroidX Migration (v0.60+): React Native migrated from the Android Support Library to AndroidX. All native code and third-party dependencies must also be migrated to AndroidX, as they cannot be used side-by-side. A tool called jetifier can help automate some of this for dependencies.
• Autolinking for Native Modules (v0.60+): The react-native link command has been replaced by automatic linking. Projects must be updated to remove old manual links and adopt the new autolinking mechanism for both iOS and Android.
• Core Component Extraction (v0.60+): Many components like WebView and NetInfo were removed from the core library and must now be installed from separate community packages.
• React 18 Support (v0.69+): This version introduces support for React 18 and its concurrent features, which may affect application behavior and performance.
• Bundled Hermes (v0.69+): Hermes is now the default JavaScript engine and is bundled with React Native, which can improve app startup time but may require configuration changes.
• CLI Breaking Changes (v0.69+): The react-native-cli was significantly changed, removing the link and unlink commands entirely.
• API Removals: Numerous deprecated APIs and components, such as ViewPropTypes and SegmentedComponentIOS, have been removed.

Recommendation: This upgrade cannot be performed with a simple version change. It requires a careful, step-by-step migration. Use the official React Native Upgrade Helper web tool to generate a diff between your current version and the target version. It is strongly advised to upgrade incrementally between major versions (e.g., 0.42 → 0.59, then 0.59 → 0.60, etc.) to isolate and address breaking changes systematically. This upgrade will touch almost every part of the application and requires extensive testing.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[MHxGH-ServiceAccount]

⛔ Snyk checks have failed. 4 issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (4)
⛔	Open Source Security	0	4	0	0	4 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.