[Snyk] Security upgrade @react-native-community/cli from 1.1.0 to 7.0.1

[mikew-zegon]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json
• yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Infinite loop SNYK-JS-BRACEEXPANSION-15789759	99

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[mikew-zegon]

This is a very large major version upgrade, jumping from v1.1.0 to v7.0.1. This update encompasses several years of development and fundamental architectural changes in the React Native ecosystem. Direct upgrade is not feasible and requires a significant migration effort.

Key Breaking Changes:

• End of react-native link: The most significant change is the move from the manual react-native link command to autolinking, which was introduced in CLI v2 (for React Native 0.60+). Projects must be migrated to manage native dependencies automatically, which often requires restructuring the iOS project to use Cocoapods exclusively.
• Android Build Command Changes: The run-android command was updated. As of v4.0.0, the --appId and --appIdSuffix flags were removed and replaced with the --flavor flag to better support different build variants. This will break existing build scripts relying on the old flags.
• React Native Version Compatibility: The CLI version is tightly coupled with the React Native version. This upgrade implies moving from React Native ~0.59 to ~0.68. This involves migrating through numerous breaking API changes, including the extraction of many core components (like AsyncStorage, WebView) into separate community packages.
• Node.js Version Requirement: The minimum required version of Node.js has been increased significantly. For example, CLI v5 (for React Native 0.64) requires Node.js 12 or higher.

Recommendation: This is a HIGH risk upgrade that cannot be performed directly. The entire project must be migrated by following the official React Native upgrade guides, version by version. This is a major undertaking that involves significant code and project structure changes.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.