From edb548a1d94a905e5331038e34a2f0d9a1b2c4fb Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 28 Jan 2026 05:49:01 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index 71983e0e16790..7662ed6e67d18 100644
--- a/package.json
+++ b/package.json
@@ -101,14 +101,14 @@
     "dom-serializer": "^0.2.2",
     "domhandler": "^4.3.0",
     "expensify-common": "git+ssh://git@github.com/Expensify/expensify-common.git#4a61536649cbfe49236a35bc7542b5dfd0767e4a",
-    "expo": "^50.0.3",
+    "expo": "^53.0.0",
     "expo-image": "1.10.1",
     "fbjs": "^3.0.2",
     "htmlparser2": "^7.2.0",
     "idb-keyval": "^6.2.1",
     "jest-expo": "50.0.1",
     "jest-when": "^3.5.2",
-    "lodash": "4.17.21",
+    "lodash": "4.17.23",
     "lottie-react-native": "6.4.1",
     "mapbox-gl": "^2.15.0",
     "onfido-sdk-ui": "13.6.1",
@@ -165,7 +165,7 @@
     "react-native-web": "^0.19.9",
     "react-native-web-linear-gradient": "^1.1.2",
     "react-native-webview": "13.6.3",
-    "react-pdf": "7.3.3",
+    "react-pdf": "9.1.0",
     "react-plaid-link": "3.3.2",
     "react-web-config": "^1.0.0",
     "react-webcam": "^7.1.1",