[Snyk] Security upgrade react-native from 0.63.2 to 0.69.12

[revan-zhang]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• Example/package.json
• Example/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Inefficient Algorithmic Complexity SNYK-JS-SHELLQUOTE-17457810	710

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[revan-zhang]

Upgrading from React Native 0.63.2 to 0.69.12 is a major undertaking with significant breaking changes across multiple versions. This is not a simple version bump and will require significant developer effort, including code refactoring, dependency updates, and native project configuration changes.

Key Breaking Changes & Required Actions:

• React 18 & New Architecture:

  • Version 0.69 is the first to support React 18, which is enabled by default.
  • Version 0.68 introduced opt-in support for the New Architecture (Fabric Renderer and TurboModules). While optional, many libraries are moving to support it, which may require your project to adapt.

• Environment & Build Tooling:

  • Node.js: The minimum required Node.js version was raised to 12 in v0.64 and then to 14 in v0.68.
  • iOS: Support for iOS 11.0 is deprecated; version 12.4+ is now required. Xcode 12 and CocoaPods 1.10.0 became required in v0.64.
  • Android: The Android Gradle Plugin was updated, requiring JDK 11 for builds starting in v0.68. JCenter was removed as a repository in v0.65.

• API & Component Removals:

  • ViewPropTypes was removed, which may cause crashes in older third-party libraries.
  • console.disableYellowBox has been removed.
  • DatePickerAndroid was removed in v0.67.
  • Picker and PickerIOS were removed in v0.66 and moved to a community package.
  • The link and unlink commands were removed from the React Native CLI in favor of autolinking.

• Hermes JavaScript Engine:

  • Hermes support was added for iOS (opt-in) in v0.64.
  • Starting with v0.69, a compatible version of Hermes is bundled directly with React Native to reduce version conflicts.

Recommendation: This upgrade should be treated as a major project. Developers must use the React Native Upgrade Helper tool to see the full diff of changes required for native project files (Android and iOS). A gradual upgrade, one version at a time, is highly recommended to isolate and fix breaking changes incrementally. Expect to spend significant time updating third-party libraries to versions compatible with React Native 0.69 and addressing the numerous API and build configuration changes.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[revan-zhang]

⛔ Snyk checks have failed. 5 issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (5)
⛔	Open Source Security	0	3	2	0	5 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	react-native@​0.63.2 ⏵ 0.69.12		+16		+50

View full report