[Snyk] Fix for 10 vulnerabilities

[eseite47]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	No	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	No	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-INI-1048974	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHSET-1320032	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	Yes	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Authorization Bypass Through User-Controlled Key SNYK-JS-PARSEPATH-2936439	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: expo

The new version differs by 250 commits.

• b9d655c Publish packages
• 562ea45 Update Podfile.lock [skip ci]
• 33ff38a [ios] Update usage string for location [skip ci]
• a2cc87a [build-properties] add missing enableProguardInReleaseBuilds property (#17361)
• 01d7660 fix(cli): add missing `--platform` flag to `export` command (#17338)
• 3797e29 feat(cli): add `run:ios` command (#16662)
• 06ade67 [cli] Add CI info to telemtry (#17284)
• 22652ed chore(cli): deduplicate asMock helper function (#17294)
• d0c5f7f fix(cli): clean up emulator process (#17273)
• 93b56ef fix(cli): prevent autocomplete from crashing (#17271)
• 8eaf8c4 [ios] Fix compilation issues in iOS shell apps (#17357)
• 7a2e413 [android] Fix more FLAG_MUTABLE exception in PendingIntent (#17333)
• 43674b0 [notifications] handle SCHEDULE_EXACT_ALARM for android 12 (#17334)
• 68940da [android][apple-authentication] Resolve RN 65 warning from NativeEventEmitter (#17343)
• fff31e1 [android] backport #17280 expo-av changes to sdk 45 versioned code (#17349)
• 2a8f9e6 [av][android] Fix crashes caused by accessing `ExoPlayer` from the wrong thread (#17280)
• 9a9835c [expo][keep-awake] Fix `Unable to deactivate keep awake` warnings (#17319)
• 4cb9822 [build-properties] Fix android build failure (#17321)
• 6a62fea [build-properties] Introduce build-properties config-plugin (#17106)
• ac245d3 [ios] Migrate react-native-safe-area-context to separate vendored pod (#17354)
• 62821c4 Publish packages
• eca3009 [dev-client] Rebuild js
• 37d9088 [menu][ios] Try to fix crashes connected with reloads (#17336)
• 0a31878 [menu][Android] Fix crashes when the app was launched from a deep link and the react-native-reanimated were installed (#17282)

See the full diff

Package name: snyk

The new version differs by 250 commits.

• 4cc1a94 Merge pull request #2105 from snyk/feat/webpack
• 7737f75 Merge pull request #2181 from snyk/test/migrate-old-snyk-format
• 418e6ad Merge pull request #2180 from snyk/test/migrate-is-docker
• 95631e7 test: migrate is-docker to jest
• babe22a test: migrate old-snyk-format to jest
• e22e94f feat: Snyk CLI is bundled with Webpack
• dd46c19 Merge pull request #2175 from snyk/fix/snyk-protect-multiple
• e7c314f Merge pull request #2178 from snyk/test/server-close
• 5e824c0 fix(protect): skip previously patched files
• ca2177a fix(protect): catch and log unexpected errors
• c9ddb44 chore(protect): move api url warnings to stderr
• e8fed38 refactor(protect): move stdout logs to top level
• 55e88f9 Merge pull request #2177 from snyk/test/set-jest-acceptance-timeout
• 1522c5f test: server.close uses callbacks, not promises
• 13dce51 test: increase timeout for slow oauth test
• 65c35be Merge pull request #2172 from snyk/chore/no-run-test-on-master
• a1e3992 chore: don't run tests on master
• 20feb67 Merge pull request #2165 from snyk/chore/dont-wait-for-regression-tests
• f50bca7 Merge pull request #2167 from snyk/refactor/replace-cc-parser-with-split-functions
• 1ed7d11 refactor: replace cc parser with split functions
• 707801d Merge pull request #2166 from snyk/fix/support_quotes_in_poetry_toml
• dc6b784 Merge pull request #2163 from snyk/chore/remove-store-test-results
• 7973015 fix: support quoted keys in inline tables
• 18f0d2a Merge pull request #2164 from snyk/chore/upgrade-snyk-nuget-plugin

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Open Redirect
🦉 Prototype Pollution