[Snyk] Security upgrade react-native from 0.20.0 to 0.69.12

[MHxGH-ServiceAccount]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• examples/SampleRN20/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Prototype Pollution SNYK-JS-IMMUTABLE-15423650	278

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

---

Note

Medium Risk
Upgrades react-native across a large major-version gap, which can easily break the SampleRN20 example app build/runtime even though the change is limited to a single dependency version bump.

Overview
Updates the examples/SampleRN20 app to use react-native@0.69.12 instead of 0.20.0, addressing the reported dependency vulnerability.

^{Written by Cursor Bugbot for commit ef4e978. This will update automatically on new commits. Configure here.}

[MHxGH-ServiceAccount]

This is a massive upgrade across approximately 49 major versions, representing a complete project migration rather than a simple dependency update. Manually upgrading by changing the version number in package.json will fail. The changes are extensive, touching every part of the project, including native build configurations, APIs, and project structure.

Recommendation: Do not attempt a manual upgrade. The only supported method is to use the official React Native Upgrade Helper. This tool generates a diff of all the file changes between your current version and the target version, which you must apply incrementally. For older or heavily customized projects, creating a new project with the target version and migrating your source code is often a safer approach.

Key Breaking Changes Include:

• Build System & Autolinking (v0.60+): The react-native link command has been removed. The ecosystem has shifted to autolinking native modules using Cocoapods on iOS and Gradle on Android. All previously linked dependencies must be unlinked and the project reconfigured to use this new system.

• AndroidX Migration (v0.60+): React Native has migrated from the Android Support Library to AndroidX. Your application and all its native dependencies must also use AndroidX, as the two systems cannot be used together.

• Core Component Extraction: Many modules have been removed from the React Native core and must be installed as separate community packages. This includes WebView, AsyncStorage, and Geolocation.

• API and PropType Removals: Numerous APIs and props have been removed or changed. For example, ViewPropTypes was removed, which will cause crashes if your dependencies have not been updated.

• React 18 Support (v0.69+): The target version introduces support for React 18 and bundles a compatible version of the Hermes JavaScript engine.

Source: React Native Upgrade Helper

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[MHxGH-ServiceAccount]

⛔ Snyk checks have failed. 2 issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (2)
⛔	Open Source Security	0	2	0	0	2 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

Start script references removed CLI path

High Severity

The start script references node_modules/react-native/local-cli/cli.js, which was removed in react-native 0.69.x. Upgrading react-native to 0.69.12 without updating this script path means npm start will fail with a "module not found" error. In react-native 0.69+, the CLI entry point moved to @react-native-community/cli.

 

[cursor]

Missing required react peer dependency for RN 0.69

High Severity

React Native 0.69 requires react (version 18) as a peer dependency, but the dependencies block doesn't include react at all. In RN 0.20, React was bundled within react-native itself, so this wasn't needed. With the upgrade to 0.69.12, the project will fail to install or run without an explicit react dependency.