[Snyk] Security upgrade expo from 50.0.4 to 51.0.8

[melvin-bot]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: expo

The new version differs by 250 commits.

• d6515f1 Publish packages
• 307cf34 Update yarn.lock
• 27cf58c [packages] Bump dependencies
• 613b62c fix(cli): resolve real path of entry file for `export:embed` ([HOLD for payment 2023-10-23][$500] Chat - App refocuses on composer even when RHN is open #28926)
• cf47931 fix(cli): parse npm view tarball objects instead of strings ([HOLD for payment 2023-10-16] [HOLD for payment 2023-10-13] Task - No-entry mouse sign is displayed when hovering over 'Chevron' icon options displayed on 'Confirm task' page #28919)
• db2a6d6 [notifications][iOS] Add support for `interruptionLevel` ([$500] Distance IOU - Address field is focused after tapping Cancel on Delete confirmation #28921)
• 722e5a4 [updates] fix fingerprint policy start error on debug build ([HOLD] Osp/reboot emulator on e2e tests #28912)
• e168ecf [docs] Update video.mdx (Fix map preview not extended to full view #28922)
• 8c6a639 [cli] update `cacache` dependency (Fix #28322)
• 014faf7 [ios][camera] Correct orientation when taking landscape pictures ([HOLD for payment 2023-10-23] [HOLD for payment 2023-10-23] [HOLD for payment 2023-10-20] [HOLD for payment 2023-10-20] [$500] Can click on the space on the right to change the default skin tone #28917)
• 9e0fd00 [workspace] Update blog link (feat: Upgrade VisionCamera to V3 #28914)
• ce82d01 [ios][camera] Prevent crash when rendered on the simulator ([HOLD for payment 2023-10-30] Distance IOU - Map preview is not extended to full view on RHP #28911)
• 2cf0578 [docs] Add a link to alternate methods to enable developer mode (Fix load more message skeletons aren't showing #28905)
• dfab420 [templates] Publish latest [skip ci]
• ec256db Publish packages
• 82b5a4a Publish packages
• ccc44e9 [tools] Assigning SDK tags also on the main branch (Bump Onyx to 1.0.100 #28894)
• 7777f63 [launcher][Android] Remove unnecessary reload when opening backgrounded app from icon (Fix/28347 Navaigate back when reloading in scan receipt  #28893)
• 8e9717b [image-picker][Android] Add support for granular permissions (Fix/27776 Workspace - WS invite page keeps loading in offline if no members present #28897)
• bdf1688 [docs] Add explanation about using `--template` option in Get started tutorial ([NoQA] Access the report action safely in notification logic #28880)
• 6da4825 [fingerprint] introduce fingerprint.config.js support ([$500] Edit private note form doesn't submit by enter key #28860)
• 55e4ad4 [expo-notifications][Android] Get notification responses when app in background or not running (Deploy Checklist: New Expensify 2023-10-05 #28883)
• 5d32712 [keep-awake] Stop useKeepAwake calls deactivating each other by default. ([HOLD for payment 2023-12-04] [SMARTSCAN] MEDIUM: Allow users to re-download receipt if upload fails #28884)
• 1a9913d [av][web] Fix should `shouldCorrectPitch` not working on web ([HOLD - pending convo][ECARD] HIGH: Transactions - Update Admin Pay Button Copy in ReportPreview/MoneyReportHeader #28837)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[melvin-bot]

This is a Snyk issue. Snyk is a tool that automatically tracks our repositories' dependencies and reports associated security vulnerabilities. It also automatically create PRs to fix these vulnerabilities.

    C+: Please follow these steps to test the linked PR before running through the reviewer checklist:
    - [ ] The first step is to understand the PR: what dependency is it upgrading, for which vulnerability, how it impacts our product & end users.
    - [ ] If the issue is not worth fixing, please add your reasoning in the issue and have the internal engineer review it.
    - [ ] Check the change log (which should be included in the PR description) to see all changes. We want to identify any breaking changes. If it is a minor version bump, it's unlikely that there are any breaking changes.
    - [ ] Test our feature(s) that make use of this package. If it does not work, we should understand what broke it. It is also a good idea to check our main flows to make sure they are not broken that you can add in the checklist screenshots/videos.

[melvin-bot]

Triggered auto assignment to Contributor Plus for review of internal employee PR - @sobitneupane (Internal)

[sobitneupane]

@bondydaa Looks like this issue is related to this PR. Should we close this issue?

[melvin-bot]

This issue has not been updated in over 15 days. @sobitneupane eroding to Monthly issue.

P.S. Is everyone reading this sure this is really a near-term priority? Be brave: if you disagree, go ahead and close it out. If someone disagrees, they'll reopen it, and if they don't: one less thing to do!

[melvin-bot]

@sobitneupane, this Monthly task hasn't been acted upon in 6 weeks; closing.

If you disagree, feel encouraged to reopen it -- but pick your least important issue to close instead.