Skip to content

Endor Labs Version Upgrade: Bump react-native from 0.51.0 to 1000.0.0#77

Open
endor-labs-pro-staging[bot] wants to merge 1 commit into
masterfrom
endorlabs-fe3e/npm_and_yarn/dot-/react-native-1000.0.0
Open

Endor Labs Version Upgrade: Bump react-native from 0.51.0 to 1000.0.0#77
endor-labs-pro-staging[bot] wants to merge 1 commit into
masterfrom
endorlabs-fe3e/npm_and_yarn/dot-/react-native-1000.0.0

endorlabs: bump react-native from 0.51.0 to 1000.0.0

07445c5
Select commit
Loading
Failed to load commit list.
Endor Labs Pro - staging / Endor Labs Automated Scan succeeded Jul 3, 2026 in 3m 27s

Details

Warning Findings

Severity Dependency Description
⛔ Critical @react-native-community/cli-server-api GHSA-399j-vxmf-hjvr: @react-native-community/cli has arbitrary OS command injection
⛔ Critical @react-native-community/cli-server-api GHSA-399j-vxmf-hjvr: @react-native-community/cli has arbitrary OS command injection
🔴 High accepts [MALWARE] Test Malware : Malicious code in accepts@1.3.8 (npm)
🔴 High ip GHSA-2p57-rm9w-gvfp: ip SSRF improper categorization in isPublic
🟠 Medium glob License Compliance Violation for Dependency glob@7.2.3
🟠 Medium fast-xml-parser GHSA-gh4j-gqv2-49f6: fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters
🟠 Medium node-forge License Compliance Violation for Dependency node-forge@1.4.0
🔵 Low log-symbols Dependency log-symbols@4.1.0 With Low Activity Score
🔵 Low locate-path Dependency locate-path@5.0.0 With Low Activity Score
🔵 Low import-fresh Dependency import-fresh@2.0.0 With Low Activity Score
🔵 Low ansi-fragments Dependency ansi-fragments@0.2.1 With Very Low Popularity Score
🔵 Low jsc-safe-url Dependency jsc-safe-url@0.2.4 With Very Low Popularity Score
🔵 Low unicode-property-aliases-ecmascript Dependency unicode-property-aliases-ecmascript@2.2.0 With Very Low Popularity Score
🔵 Low shebang-regex Dependency shebang-regex@3.0.0 With Low Activity Score
🔵 Low make-dir Dependency make-dir@2.1.0 With Low Activity Score
🔵 Low p-locate Dependency p-locate@5.0.0 With Low Activity Score
🔵 Low unicode-match-property-ecmascript Dependency unicode-match-property-ecmascript@2.0.0 With Very Low Popularity Score
🔵 Low npm-run-path Dependency npm-run-path@4.0.1 With Low Activity Score
🔵 Low escape-string-regexp Dependency escape-string-regexp@2.0.0 With Low Activity Score
🔵 Low kleur Dependency kleur@3.0.3 With Low Activity Score
🔵 Low is-wsl Dependency is-wsl@1.1.0 With Low Activity Score
🔵 Low resolve-from Dependency resolve-from@3.0.0 With Low Activity Score
🔵 Low sudo-prompt Dependency sudo-prompt@9.2.1 With Very Low Activity Score
🔵 Low unicode-match-property-value-ecmascript Dependency unicode-match-property-value-ecmascript@2.2.1 With Very Low Popularity Score
🔵 Low cli-cursor Dependency cli-cursor@3.1.0 With Low Activity Score
🔵 Low p-locate Dependency p-locate@3.0.0 With Low Activity Score
🔵 Low path-key Dependency path-key@3.1.1 With Low Activity Score
🔵 Low supports-preserve-symlinks-flag Dependency supports-preserve-symlinks-flag@1.0.0 With Very Low Popularity Score
🔵 Low is-wsl Dependency is-wsl@2.2.0 With Low Activity Score
🔵 Low escape-string-regexp Dependency escape-string-regexp@4.0.0 With Low Activity Score
🔵 Low has-flag Dependency has-flag@4.0.0 With Low Activity Score
🔵 Low restore-cursor Dependency restore-cursor@3.1.0 With Low Activity Score
🔵 Low caller-path Dependency caller-path@2.0.0 With Low Activity Score
🔵 Low babel-plugin-react-transform Dependency babel-plugin-react-transform@2.0.2 With Very Low Activity Score
🔵 Low buffer-from Dependency buffer-from@1.1.2 With Low Activity Score
🔵 Low locate-path Dependency locate-path@3.0.0 With Low Activity Score
🔵 Low onetime Dependency onetime@5.1.2 With Low Activity Score
🔵 Low p-locate Dependency p-locate@4.1.0 With Low Activity Score
🔵 Low locate-path Dependency locate-path@6.0.0 With Low Activity Score
🔵 Low @sinclair/typebox Dependency @sinclair/typebox@0.27.10 With Very Low Popularity Score