Commit Graph

11 Commits

Author SHA1 Message Date
Luna Wei
07a159f279 Bump minimum version of activesupport for CVE-2023-38037 (#42023)
Summary:
Bump activesupport to minimum 6.1.7.5 CVE-2023-38037. More details https://github.com/advisories/GHSA-cr5q-6q9f-rq6q

Updated the gemfile and then ran `bundle install` at the root

## Changelog:

[IOS] [SECURITY] - Bump activesupport to minimum 6.1.7.5 CVE-2023-38037.

Pull Request resolved: https://github.com/facebook/react-native/pull/42023

Reviewed By: cipolleschi

Differential Revision: D52346223

Pulled By: lunaleaps

fbshipit-source-id: f8141048b68cde9c58eb23ee2d41cb4a6becb6ef
2023-12-21 10:08:28 -08:00
Oskar Kwaśniewski
b955fc2a8d chore: update RNTester Cocoapods to 1.13 (#41248)
Summary:
This PR updates the internal version of cocoapods to 1.13, template already uses this version. I've also removed the root folder Gemfile as it's not necessary anymore.

## Changelog:

[INTERNAL] [CHANGED] - Update RNTester Cocoapods to 1.13

Pull Request resolved: https://github.com/facebook/react-native/pull/41248

Test Plan:
Check if cocoapods installs correctly by running:

1. `bundle install`
2. `bundle exec pod install`

Reviewed By: dmytrorykun

Differential Revision: D50972135

Pulled By: cipolleschi

fbshipit-source-id: b7d6a4671e641b7b8f50242a3374f623e023daf4
2023-11-03 07:35:22 -07:00
Riccardo Cipolleschi
475b835e43 Add Hermes Xcode integration test to GH Actions (#41187)
Summary:
After disabling the E2E tests, we lost a test that was verifying that Hermes works well with the latest version of React Native for iOS
This change introduce this test back in GH actions

## Changelog:
[Internal] Add tests for Hermes-Xcode integration to GH Actions

Pull Request resolved: https://github.com/facebook/react-native/pull/41187

Test Plan: CI is green 🤞

Reviewed By: NickGerleman

Differential Revision: D50737860

Pulled By: cipolleschi

fbshipit-source-id: f4bc09be879af7aba0ca42f1b7e407a5d5dc0986
2023-10-31 09:37:24 -07:00
Dmitry Rykun
62c4da1421 Bump activesupport to 6.1.7.3 to address CVE-2023-28120 (#36803)
Summary:
Pull Request resolved: https://github.com/facebook/react-native/pull/36803

Changelog:
[Internal][Changed] - Bump activesupport to 6.1.7.3 to address CVE-2023-28120

Reviewed By: christophpurrer

Differential Revision: D44673150

fbshipit-source-id: 3df10132c7da2d22956edb7193db963cdf0b5f54
2023-04-04 12:49:17 -07:00
Riccardo Cipolleschi
f264fe12df Bump Xcode to 14.2.0 in circleCI (#36388)
Summary:
In CricleCI we are still using Xcode 14.0.1.
This version will be removed from CircleCI this Thursday, so we have to update it.

## Changelog
[Internal] - Bump xcode in CircleCI to 14.2.0

Pull Request resolved: https://github.com/facebook/react-native/pull/36388

Test Plan: CircleCI should be Green

Reviewed By: dmytrorykun

Differential Revision: D43873750

Pulled By: cipolleschi

fbshipit-source-id: 8b796c0961647fce103d2659036bf5f9037fe90a
2023-03-07 08:45:22 -08:00
Nicola Corti
69f11cbc1a Bump activesupport to 6.1.7.1 to address CVE-2023-22796
Summary:
Just got a report that we depend on `activesupport` 6.1.7 which is marked as vulnerable
as per CVE-2023-22796
https://github.com/advisories/GHSA-j6gc-792m-qgm2

I'm adding a dep on >= 6.1.7.1 in the Gemfile.

Changelog:
[Internal] [Changed] - Bump activesupport to 6.1.7.1 to address CVE-2023-22796

Reviewed By: yungsters

Differential Revision: D43117034

fbshipit-source-id: 2c925754ca32257c9523d5bd68d6cf3bb3eb31e3
2023-02-08 11:23:08 -08:00
Ruslan Shestopalyuk
58220b9c9a Fix RNTester iOS build
Summary:
[Changelog][Internal]

This appears to be a regression from https://github.com/facebook/yoga/pull/1195

The `yoga/internal/experiments.cpp` was removed, but the corresponding Pod cache wasn't updated, which made the RNTester iOS to start fail.

Reviewed By: christophpurrer

Differential Revision: D42268322

fbshipit-source-id: 8db1118787ed41cde10babe6845f6d05a8f86bc2
2022-12-29 04:55:50 -08:00
Tim Yung
6cd388432d RN: Upgrade CocoaPods Dependencies
Summary:
Upgrades CocoaPods' transitive dependencies to address a security vulnerability.

Changelog:
[Internal]

Reviewed By: hramos

Differential Revision: D39935249

fbshipit-source-id: 7fafcbfbe2e4d60a75de8554bd230c4d78e64032
2022-09-29 17:02:46 -07:00
Danilo Bürger
2c87b7466e Bump ruby to 2.7.5 (#33485)
Summary:
This bumps ruby to the latest 2.7.x versions which includes bug fixes and 3 CVEs (https://www.ruby-lang.org/en/news/2021/11/24/ruby-2-7-5-released/)

## Changelog

[iOS] [Changed] - Bump ruby to 2.7.5

Pull Request resolved: https://github.com/facebook/react-native/pull/33485

Test Plan: no test plan, should just pass tests.

Reviewed By: cortinico

Differential Revision: D35116757

Pulled By: GijsWeterings

fbshipit-source-id: a8e96bfcc6086b70dac21aee24bae46fe6b072bb
2022-04-12 07:59:52 -07:00
Gustavo Sverzut Barbieri
1e6add1a43 iOS Ruby Updates (#32456)
Summary:
Fix the `scripts/update-ruby.sh` so it always use the correct [bundle config](https://bundler.io/man/bundle-config.1.html#DESCRIPTION). In the current version it wasn't using the correct configuration inside the `template/` directory, resulting in incorrect platform for `template/Gemfile.lock`.

While at that, update the gems to their latest version:
- ethon 0.14.0 -> 0.15.0
- json 0.5.1 -> 0.6.0
- zeitwerk 2.4.2 -> 2.5.1
- bundler 2.2.28 -> 2.2.29

## Changelog

No changelog

Pull Request resolved: https://github.com/facebook/react-native/pull/32456

Test Plan:
Run `bump-oss-version.js` and see `template/Gemfile.lock` lists `ruby` as the `PLATFORM` (no diff in that line).

## References
 - e18cf90d71 (r58230816)

Reviewed By: yungsters

Differential Revision: D31841524

Pulled By: charlesbdudley

fbshipit-source-id: 695c245fcb344c866afed45f747e04233e5c91e4
2021-10-21 15:58:18 -07:00
Gustavo Sverzut Barbieri
57aa70c06c Introduce Gemfile, ruby-version (#32303)
Summary:
Implement par of the discussion https://github.com/react-native-community/discussions-and-proposals/discussions/411, except the `.nvmrc` part, this includes:
 - Setting `.ruby-version` in the main project and also `template/`
 - Fixing the CocoaPods version with a project-level `Gemfile` and also `template/Gemfile`
 - Using all `pod` executions from `bundle exec pod`, using the determined version
 - Script to manage and update the ruby version

## Changelog

[iOS] [Added] - Gemfile with CocoaPods 1.11 and ruby-version (2.7.4)

Pull Request resolved: https://github.com/facebook/react-native/pull/32303

Test Plan: Build for iOS and run all CircleCI tests to see if nothing changed

Reviewed By: RSNara

Differential Revision: D31344686

Pulled By: fkgozali

fbshipit-source-id: 25c63131ca9b16d3cf6341019548e0d63bdcaefe
2021-10-01 21:22:26 -07:00