Skip to content

[Snyk] Fix for 1 vulnerabilities#571

Open
sivashanmukh wants to merge 1 commit intodevelopfrom
snyk-fix-b4f0d2a833cb45e8b944ae68e8793ff2
Open

[Snyk] Fix for 1 vulnerabilities#571
sivashanmukh wants to merge 1 commit intodevelopfrom
snyk-fix-b4f0d2a833cb45e8b944ae68e8793ff2

Conversation

@sivashanmukh
Copy link

@sivashanmukh sivashanmukh commented Feb 12, 2026

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • apps/example/package.json
  • apps/example/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		   535  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@snyk-bot
fix: apps/example/package.json & apps/example/package-lock.json to re…
b646cd2 
…duce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
@sivashanmukh sivashanmukh requested a review from a team as a code owner February 12, 2026 03:58
@coderabbitai
Copy link

coderabbitai bot commented Feb 12, 2026

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (1)
  • chore(release)

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch snyk-fix-b4f0d2a833cb45e8b944ae68e8793ff2

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sivashanmukh
Copy link
Author

sivashanmukh commented Feb 12, 2026

Merge Risk: High

This is a HIGH risk upgrade involving a significant jump across multiple major versions of React Native. The upgrade mandates a migration to the New Architecture (Fabric/TurboModules) and introduces numerous breaking changes that require developer action.

react-native 0.79.7 → 0.84.0

This upgrade spans several major releases, with the most critical changes being:

Architectural Changes:

  • New Architecture is Mandatory: Starting from v0.82, the legacy bridge architecture has been completely removed. Your application and all its native dependencies must be migrated to the New Architecture before you can upgrade past v0.81.
  • Legacy Architecture Frozen: In v0.80, the legacy architecture was frozen, meaning it stopped receiving updates or bug fixes.

Breaking API & Component Changes:

  • Node.js Requirement: v0.84 requires a minimum Node.js version of v22.11.
  • Deep Imports Deprecated: As of v0.80, deep imports from internal paths (e.g., react-native/Libraries/...) are deprecated. All imports should be updated to be top-level (e.g., import { Alert } from 'react-native').
  • <SafeAreaView> Deprecated: This component is deprecated in v0.81 in favor of libraries like react-native-safe-area-context to better support Android's new edge-to-edge display requirement.
  • InteractionManager Deprecated: In v0.82, InteractionManager was deprecated and no longer respects interaction handles.
  • CxxModule Removed: As part of the final cleanup of the old architecture, CxxModule and related APIs were removed in v0.84.

Behavioral and Environment Changes:

  • Unhandled Promises are Fatal: Since v0.82, unhandled promise rejections are treated as fatal exceptions rather than warnings.
  • Android Edge-to-Edge:

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 12, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sivashanmukh @snyk-bot

Comments