Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump jsonwebtoken and react-native-scripts #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 22, 2022

Removes jsonwebtoken. It's no longer used after updating ancestor dependency react-native-scripts. These dependencies need to be updated together.

Removes jsonwebtoken

Updates react-native-scripts from 1.14.0 to 1.14.1

Changelog

Sourced from react-native-scripts's changelog.

3.0.0 (April, 2020)

Create React Native App is revived as a bare-bones npx package that can be used to start an opinionated bare-workflow universal React Native project.

2.0.1 (September 21, 2018)

This release merges Create React Native App with Expo CLI.

  • Expo CLI is a tool based on CRNA, made by the same team
  • It has all the same features, plus some additional benefits
  • Like CRNA, Expo CLI does not require an Expo user account
  • The create-react-native-app command will continue to work

The separate react-native-scripts package is now deprecated: new projects created with create-react-native-app will use Expo CLI instead of react-native-scripts. In addition to everything provided by CRNA, Expo CLI includes these extras:

  • Web-based user interface: in addition to the CLI, there's a GUI where you can view logs, launch the app on your devices or simulators, and publish updates.
  • Standalone app builds: you can build IPA and APK packages for deploying to App Store and Play Store without using Xcode or Android Studio.
  • Publishing: you can push updates to your deployed apps and optionally publish your app to Expo.io.
  • Tunnel: your physical device doesn’t need to be in the same wi-fi as your computer to be able to develop using it.
  • Optional user accounts: logging in allows listing all your projects in development in the Expo app without having to scan any QR codes and enables additional features like standalone builds. However, just like CRNA, Expo CLI can also be used without a user account.

Why are we bringing these two tools together?

  • Just one tool to learn: previously developers would start with CRNA and then switch to exp or XDE for additional features like standalone builds. Expo CLI is as easy to get started with as CRNA, but also supports everything previously offered by these separate tools.
  • Less confusing options: CRNA apps have always been loaded using the Expo app and able to use the Expo APIs in addition to the core React Native APIs. Users are sometimes confused about the differences between plain React Native, CRNA and Expo apps created with tools like exp or XDE. Installing the expo-cli package will make it clearer the additional functionality is provided by Expo.
  • Developer experience: Expo CLI is ahead of CRNA in terms of features and developer experience, and we’re continuously improving it.
  • Maintenance: having these two projects as separate codebases requires more maintenance and CRNA has previously falled behind because of this. A single codebase helps us keep it up to date and fix issues as fast as possible.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken). It's no longer used after updating ancestor dependency [react-native-scripts](https://github.com/react-community/create-react-native-app). These dependencies need to be updated together.


Removes `jsonwebtoken`

Updates `react-native-scripts` from 1.14.0 to 1.14.1
- [Release notes](https://github.com/react-community/create-react-native-app/releases)
- [Changelog](https://github.com/expo/create-react-native-app/blob/main/CHANGELOG.md)
- [Commits](https://github.com/react-community/create-react-native-app/commits)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: indirect
- dependency-name: react-native-scripts
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants