[Snyk] Security upgrade jscodeshift from 0.6.2 to 17.0.0

[HenriWilliams]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• packages/react-native-codegen/package.json
• packages/react-native-codegen/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Infinite loop SNYK-JS-BRACEEXPANSION-15789759	99

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[HenriWilliams]

This is a massive upgrade from v0.6.2 to v17.0.0, representing nearly the entire history of the project. This update introduces significant breaking changes that will require developers to review and likely rewrite existing codemod transform scripts.

Key Breaking Changes:

• Parser and AST Modernization: The most significant change over this version span is the move from a legacy Babel 5-compatible parser to modern parsers (like Babylon/Babel 7+). Transforms written for the v0.6.x era expect an outdated Abstract Syntax Tree (AST) structure. These scripts will almost certainly fail and must be updated to work with the modern AST generated for ES2015+ JavaScript syntax.
• Node.js Version Requirement: Version 17.0.0 explicitly requires Node.js v16 or newer. Environments running older Node.js versions must be upgraded.
• Dependency Overhaul: Numerous outdated dependencies were removed and replaced in v17.0.0. While this is a positive change, the evolution of underlying dependencies like recast and ast-types over this time frame means that internal APIs your transforms might have relied on may have changed.

Recommendation: This is a high-risk migration. Developers must audit, test, and likely rewrite all existing jscodeshift transform scripts to ensure compatibility with modern JavaScript AST structures and the new Node.js version requirement.

Source: GitHub Releases

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.