[Snyk] Security upgrade react-native from 0.42.3 to 0.69.12

[MHxGH-ServiceAccount]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• examples/SampleRN42/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	170

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

---

Note

Medium Risk
Large React Native version jump that may break the example build/runtime due to upstream breaking changes, but it’s isolated to an example app dependency update.

Overview
Upgrades the examples/SampleRN42 example app’s react-native dependency from 0.42.3 to 0.69.12 in package.json (a Snyk-driven security upgrade).

^{Written by Cursor Bugbot for commit de84b96. This will update automatically on new commits. Configure here.}

[MHxGH-ServiceAccount]

Upgrading react-native from 0.42.3 to 0.69.12 is a massive undertaking that spans years of development and multiple critical breaking changes. This is not a simple dependency bump; it is a major migration project that will require significant refactoring of native code, JavaScript, and dependencies.

Key Breaking Changes:

• AndroidX Migration (v0.60+): React Native migrated from the Android Support Library to AndroidX. All native code and third-party dependencies must also be migrated to AndroidX, as they cannot be used side-by-side. A tool called jetifier can help automate some of this for dependencies.
• Autolinking for Native Modules (v0.60+): The react-native link command has been replaced by automatic linking. Projects must be updated to remove old manual links and adopt the new autolinking mechanism for both iOS and Android.
• Core Component Extraction (v0.60+): Many components like WebView and NetInfo were removed from the core library and must now be installed from separate community packages.
• React 18 Support (v0.69+): This version introduces support for React 18 and its concurrent features, which may affect application behavior and performance.
• Bundled Hermes (v0.69+): Hermes is now the default JavaScript engine and is bundled with React Native, which can improve app startup time but may require configuration changes.
• CLI Breaking Changes (v0.69+): The react-native-cli was significantly changed, removing the link and unlink commands entirely.
• API Removals: Numerous deprecated APIs and components, such as ViewPropTypes and SegmentedComponentIOS, have been removed.

Recommendation: This upgrade cannot be performed with a simple version change. It requires a careful, step-by-step migration. Use the official React Native Upgrade Helper web tool to generate a diff between your current version and the target version. It is strongly advised to upgrade incrementally between major versions (e.g., 0.42 → 0.59, then 0.59 → 0.60, etc.) to isolate and address breaking changes systematically. This upgrade will touch almost every part of the application and requires extensive testing.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[MHxGH-ServiceAccount]

⛔ Snyk checks have failed. 4 issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (4)
⛔	Open Source Security	0	4	0	0	4 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}

[cursor]

Incompatible React version with upgraded React Native

High Severity

react-native was upgraded from 0.42.3 to 0.69.12, but react remains at 15.4.2. React Native 0.69.x declares react@18.0.0 as a peer dependency. This version mismatch will cause npm peer dependency resolution failures during install, and even if forced, the project will not function at runtime since the React Native internals rely on React 18 APIs not present in React 15. The react-test-renderer at 15.4.2 is similarly incompatible.