[Snyk] Security upgrade react-native from 0.20.0 to 0.69.12

[MHxGH-ServiceAccount]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• examples/SampleRN20/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Inefficient Algorithmic Complexity SNYK-JS-MINIMATCH-15353389	170

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

---

Note

High Risk
Upgrading react-native from 0.20.0 to 0.69.12 is a major version jump and may break the SampleRN20 example app due to large React Native API/build tooling changes, despite being isolated to an example package.

Overview
Updates the examples/SampleRN20 example app dependency on react-native from 0.20.0 to 0.69.12 (Snyk-driven security upgrade), leaving other dependencies unchanged.

^{Written by Cursor Bugbot for commit 5093ec5. This will update automatically on new commits. Configure here.}

[MHxGH-ServiceAccount]

This is a massive upgrade across approximately 49 major versions, representing a complete project migration rather than a simple dependency update. Manually upgrading by changing the version number in package.json will fail. The changes are extensive, touching every part of the project, including native build configurations, APIs, and project structure.

Recommendation: Do not attempt a manual upgrade. The only supported method is to use the official React Native Upgrade Helper. This tool generates a diff of all the file changes between your current version and the target version, which you must apply incrementally. For older or heavily customized projects, creating a new project with the target version and migrating your source code is often a safer approach.

Key Breaking Changes Include:

• Build System & Autolinking (v0.60+): The react-native link command has been removed. The ecosystem has shifted to autolinking native modules using Cocoapods on iOS and Gradle on Android. All previously linked dependencies must be unlinked and the project reconfigured to use this new system.

• AndroidX Migration (v0.60+): React Native has migrated from the Android Support Library to AndroidX. Your application and all its native dependencies must also use AndroidX, as the two systems cannot be used together.

• Core Component Extraction: Many modules have been removed from the React Native core and must be installed as separate community packages. This includes WebView, AsyncStorage, and Geolocation.

• API and PropType Removals: Numerous APIs and props have been removed or changed. For example, ViewPropTypes was removed, which will cause crashes if your dependencies have not been updated.

• React 18 Support (v0.69+): The target version introduces support for React 18 and bundles a compatible version of the Hermes JavaScript engine.

Source: React Native Upgrade Helper

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[MHxGH-ServiceAccount]

⛔ Snyk checks have failed. 2 issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (2)
⛔	Open Source Security	0	2	0	0	2 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

Missing required react peer dependency for RN 0.69

High Severity

Upgrading react-native to 0.69.12 requires react version 18.0.0 as a peer dependency, but react is not listed in dependencies at all. In RN 0.20.0, React was bundled with React Native, but since RN 0.60+, react must be explicitly declared. Without it, npm install will fail or produce warnings, and the app will not run.

 

[cursor]

Start script path incompatible with RN 0.69

Medium Severity

The start script still references node node_modules/react-native/local-cli/cli.js start, which is the entry point for RN 0.20.0. Since RN 0.60+, the CLI moved to @react-native-community/cli, and the standard start script for RN 0.69 is "react-native start". This path may not exist or may not function correctly in RN 0.69.12.