[Snyk] Security upgrade react-native-reanimated from 1.13.3 to 2.3.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[norbertschuler]

This needs some more work to get to run again. Maybe we rewrite the code and omit it? This module and react-native-snap-carousel for which no update exists make us still import node-fetch in a vunerable version:

$ npm audit
# npm audit report

node-fetch  <=2.6.6
Severity: high
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor - https://github.com/advisories/GHSA-r683-j2x4-v87g
The `size` option isn't honored after following a redirect in node-fetch - https://github.com/advisories/GHSA-w7rc-rwvf-8q5r
fix available via `npm audit fix --force`
Will install react-native-reanimated@2.8.0, which is a breaking change
node_modules/isomorphic-fetch/node_modules/node-fetch
  isomorphic-fetch  2.0.0 - 2.2.1
  Depends on vulnerable versions of node-fetch
  node_modules/isomorphic-fetch
    fbjs  0.7.0 - 1.0.0
    Depends on vulnerable versions of isomorphic-fetch
    node_modules/react-addons-shallow-compare/node_modules/fbjs
    node_modules/react-native-reanimated/node_modules/fbjs
      react-addons-shallow-compare  15.4.2 - 15.6.2 || >=16.0.0-alpha
      Depends on vulnerable versions of fbjs
      node_modules/react-addons-shallow-compare
        react-native-snap-carousel  >=1.4.0
        Depends on vulnerable versions of react-addons-shallow-compare
        node_modules/react-native-snap-carousel
      react-native-reanimated  1.7.1 - 2.0.0-rc.3
      Depends on vulnerable versions of fbjs
      node_modules/react-native-reanimated

6 high severity vulnerabilities

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication