[Snyk] Fix for 9 vulnerabilities

[anniekao]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	No	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	No	Proof of Concept
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: expo

The new version differs by 250 commits.

• 4fa0497 Publish packages
• 333f239 [html-elements] Use Courier New for Code font in iOS 15 (#14816)
• 59543d5 [expo-av] fix require cycles (#14820)
• a8e5cd7 [asset] Support fromModule in Snack web environment (#14435)
• 32c4a77 [fastfile] Properly fix path to Android APK
• 68f2c75 [expo-dev-launcher] rebuild bundles on sdk-42 branch
• b60ee51 [expo-dev-client][expo-dev-launcher] fix changelog formatting
• 59c8001 [fastfile] Update APK path
• 6adda23 [fastlane] Add versionCode 160 notes
• bff752d Publish expo-modules-autolinking
• 80756c5 [autolinking] Resolve race condition when generating ExpoModulesProvider.swift (#14822)
• 21e3db7 bump @ expo/config-plugins (#14798)
• 96750b8 Publish expo-firebase-core
• e54c3de [firebase-core] Fix launch crash in ios classic build (#14811)
• 8435263 Update yarn.lock
• f66dd3c [expo] Remove firebase js sdk as bundled native module (#14805)
• c5eef50 [ios] Another fix for wrong Swift header import
• 7e18acc [expo-updates] bump @ expo/config-plugins to 4.0.2 (#14788)
• 2b6d3f7 [ios] Fix wrong name for Swift header used in shell apps
• 48beee5 [jest-expo] replace missing `fbjs-scripts` require with Jest package (#14790)
• f53480a Publish prod home
• 144ab37 Publish dev home
• 9eec09a Bump Expo Go version to 2.22.2
• 040ebfc [file-system] fix changelog

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Command Injection
🦉 Prototype Pollution