fix: pin Expo SDK 53 native package versions

[CheFu-code]

Summary

• Pins Expo SDK 53 native package versions that were drifting during fresh installs.
• Downgrades expo-secure-store from the incompatible SDK 56 package line to SDK 53's ~14.2.4.
• Pins React Native / gesture-handler / SVG / netinfo / lottie versions to the versions reported by expo install --check.

Root Cause

The dev build crashed with:

Failed resolution of: Lexpo/modules/kotlin/types/AnyTypeCache;

expo-secure-store@56.0.4 was compiled against a newer Expo Modules Core API than the SDK 53 app provides.

Verification

• npx expo install --check passes.
• npm ls @react-native-community/netinfo expo-haptics expo-secure-store lottie-react-native react-native react-native-gesture-handler react-native-svg --depth=0 shows SDK-compatible versions.

Local Rebuild Required

Because this changes native dependencies, install dependencies and rebuild the dev client:

npm install --legacy-peer-deps
adb uninstall com.chefuinc.chefuacademy
npx expo run:android
npm start

Summary by CodeRabbit

• Chores
  • Updated and optimized dependency versions to improve compatibility and stability.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates version specifiers for eight React Native dependencies in package.json. Most notably, four packages (netinfo, lottie-react-native, react-native, react-native-svg) are pinned to exact versions, while others (haptics, expo-secure-store, gesture-handler) are downgraded and scoped to tilde ranges. No code logic is altered.

Changes

Dependency Version Stabilization

Layer / File(s)	Summary
Network and haptics dependencies package.json	@react-native-community/netinfo is pinned to an exact version; expo-haptics is adjusted to a lower tilde-scoped version.
Core framework and animation stack package.json	react-native, lottie-react-native are pinned to exact versions; expo-secure-store and react-native-gesture-handler are downgraded and adjusted to tilde ranges.
SVG rendering module package.json	react-native-svg is pinned from a caret range to an exact version.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 Versions pinned, ranges tight,
Dependencies now stand upright!
From carets wild to exact delight,
The build shall run with steady might. 🎯

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: pinning native package versions for Expo SDK 53 compatibility, which is the core focus of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/expo-sdk53-native-versions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

package.json (1)

13-77: ⚠️ Potential issue | 🟠 Major

Add/commit a lockfile to pin Expo/RN native dependency resolutions

package-lock.json (and other common lockfiles like yarn.lock / pnpm-lock.yaml) are not present in the repo, so the dependency version specs in package.json won’t be pinned to the intended SDK 53-compatible resolved versions on fresh installs.

• Commit the lockfile for the chosen package manager (README uses npm install, so generate/commit package-lock.json)
• Ensure CI/dev uses pinned installs (npm ci / frozen-lockfile equivalent) to prevent SDK/native drift

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` around lines 13 - 77, The repo is missing a lockfile so native
Expo/React Native dependency resolutions from package.json can drift; generate
and commit a package-lock.json by running npm install (or npm ci locally after
deleting node_modules to reproduce), add package-lock.json to source control,
and update CI to use npm ci (or the project's chosen package manager with a
frozen-lockfile) to ensure SDK 53-compatible native dependency pinning and
reproducible installs (refer to package.json dependencies).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@package.json`:
- Around line 13-77: The repo is missing a lockfile so native Expo/React Native
dependency resolutions from package.json can drift; generate and commit a
package-lock.json by running npm install (or npm ci locally after deleting
node_modules to reproduce), add package-lock.json to source control, and update
CI to use npm ci (or the project's chosen package manager with a
frozen-lockfile) to ensure SDK 53-compatible native dependency pinning and
reproducible installs (refer to package.json dependencies).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 934d515c-c9ce-43e8-9ff8-abf66592d84e

📥 Commits

Reviewing files that changed from the base of the PR and between bd0775f and e333428.

📒 Files selected for processing (1)

• package.json