You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@expo/plist version 0.0.18 package which is by default being used in expo-cli is dependent on a potential security-vulnerable version of xmldom which is "@xmldom/xmldom" "~0.7.0"
Please specify your device/emulator/simulator platform, model and version
Android 10
Error output
No response
Reproducible demo or steps to reproduce from a blank project
We got a notification from GitHub that one of the packages which is "@xmldom/xmldom" "~0.7.0" we are using is potentially vulnerable so as we checked its being used via @expo/plist here is a patched version of @xmldom/xmldom@^0.8.3 please update dependencies for @expo/plist
Summary
@expo/plistversion0.0.18package which is by default being used inexpo-cliis dependent on a potential security-vulnerable version ofxmldomwhich is"@xmldom/xmldom" "~0.7.0"Environment
expo-env-info 1.0.5 environment info:
System:
OS: Windows 10 10.0.25217
Binaries:
Node: 16.13.2 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.19 - C:\Program Files\nodejs\yarn.CMD
npm: 8.19.1 - C:\Program Files\nodejs\npm.CMD
IDEs:
Android Studio: AI-212.5712.43.2112.8609683
npmPackages:
expo: ~45.0.0 => 45.0.6
react: 17.0.2 => 17.0.2
react-dom: 17.0.2 => 17.0.2
react-native: 0.68.2 => 0.68.2
react-native-web: 0.17.7 => 0.17.7
Expo Workflow: managed
Please specify your device/emulator/simulator platform, model and version
Android 10
Error output
No response
Reproducible demo or steps to reproduce from a blank project
We got a notification from GitHub that one of the packages which is
"@xmldom/xmldom" "~0.7.0"we are using is potentially vulnerable so as we checked its being used via@expo/plisthere is a patched version of@xmldom/xmldom@^0.8.3please update dependencies for@expo/plist