fix(deps): update dependency framer-motion to v11.2.6

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
framer-motion	11.1.1 -> 11.2.6

---

Release Notes

framer/motion (framer-motion)

v11.2.6

Compare Source

Fixed

• Fixed optimised appear animations interrupted by layout animations triggered by a state update within useLayoutEffect.

v11.2.5

Compare Source

Fixed

• Fixing layout animations within portals. Tag motion root within portal with data-framer-portal-id attribute.

v11.2.4

Compare Source

Fixed

• Batching triggering animations with useSpring.

v11.2.3

Compare Source

Fixed

• MotionValues created with undefined can track velocity correctly.

v11.2.2

Compare Source

Fixed

• Fixed visual jump when interrupting an optimised appear animation.

v11.2.1

Compare Source

Changed

• Improved performance of resolving variants by lazy resolving current MotionValue state.

v11.2.0

Compare Source

Added

• Binary visibility interpolation i.e display: ["block", "none"] now maintains the visible state throughout the animation.

v11.1.9

Compare Source

Changed

• Reinstating async event handlers to fix issues with user code and Suspence within Framer.

v11.1.8

Compare Source

Fixed

• Animating between keyframe unit types when one keyframe is 0 and the other is an explicitly defined keyframe, e.g y: ["100%", 0].

v11.1.7

Compare Source

Changed

• Updating types for motion.div.

v11.1.6

Compare Source

Changed

• Binding stop to MainThreadAnimation

v11.1.5

Compare Source

Changed

• Exporting DOMMotionComponents.

v11.1.4

Compare Source

Fixed

• Fixing types of motion.div in certain TS5 environment configurations.

Changed

• Skip removal of existing motion value when undefined.

v11.1.3

Compare Source

Fixed

• ESM compat with CJS bundle.

v11.1.2

Compare Source

Fixed

• Ensuring transforms unset during unit conversion are restored.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
gh-dashboard-relay	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 22, 2024 11:20am

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@eslint-community/regexpp@4.10.0	None	0	431 kB	eslint-community-bot
npm/@jridgewell/resolve-uri@3.1.2	None	0	53.2 kB	jridgewell
npm/@jridgewell/set-array@1.2.1	None	0	17.9 kB	jridgewell
npm/@rushstack/eslint-patch@1.10.3	None	0	240 kB	odspnpm
npm/@types/istanbul-lib-coverage@2.0.6	None	0	5.45 kB	types
npm/@types/json-schema@7.0.15	None	0	31.7 kB	types
npm/@types/parse-json@4.0.2	None	0	2.95 kB	types
npm/@types/prop-types@15.7.12	None	0	6.71 kB	types
npm/@types/qs@6.9.15	None	0	7.34 kB	types
npm/@types/range-parser@1.2.7	None	0	4.62 kB	types
npm/@types/semver@7.5.8	None	0	23.3 kB	types
npm/@types/stack-utils@2.0.3	None	0	6.43 kB	types
npm/@types/yargs-parser@21.0.3	None	0	8.65 kB	types
npm/@webassemblyjs/helper-buffer@1.12.1	None	0	10.8 kB	xtuc
npm/ast-types-flow@0.0.8	None	0	126 kB	kyldvs
npm/big-integer@1.6.52	None	0	175 kB	peterolson
npm/binary-extensions@2.3.0	None	0	5.03 kB	sindresorhus
npm/caniuse-lite@1.0.30001620	None	0	2.05 MB	caniuse-lite
npm/case-sensitive-paths-webpack-plugin@2.4.0	None	0	25.9 kB	urthen
npm/ci-info@3.9.0	environment	0	26.1 kB	sibiraj-s
npm/cjs-module-lexer@1.3.1	None	0	139 kB	guybedford
npm/cli-spinners@2.9.2	None	0	32.1 kB	sindresorhus
npm/core-js-pure@3.37.1	environment, eval, filesystem	0	1.09 MB	zloirock
npm/crypto-random-string@2.0.0	None	0	3.93 kB	sindresorhus
npm/detect-libc@2.0.3	filesystem, shell	0	23.6 kB	lovell
npm/electron-to-chromium@1.4.774	None	0	290 kB	kilianvalkhof
npm/es-module-lexer@1.5.3	None	0	90.9 kB	guybedford
npm/escalade@3.1.2	filesystem	0	11.6 kB	lukeed
npm/eslint-visitor-keys@3.4.3	None	0	32.3 kB	eslintbot
npm/flatted@3.3.1	None	0	40.3 kB	webreflection
npm/framer-motion@11.2.6	None	0	0 B
npm/fs-monkey@1.0.6	filesystem, unsafe	0	21.3 kB	streamich
npm/fsevents@2.3.3	None	0	173 kB	pipobscure
npm/function-bind@1.1.2	None	0	31.4 kB	ljharb
npm/globalyzer@0.1.0	None	0	11.4 kB	terkelg
npm/globrex@0.1.2	None	0	14.2 kB	terkelg
npm/has-proto@1.0.3	None	0	12 kB	ljharb
npm/html-entities@2.5.2	None	0	287 kB	mdevils
npm/ignore@5.3.1	None	0	51.5 kB	kael
npm/is-map@2.0.3	None	0	20.4 kB	ljharb
npm/is-negative-zero@2.0.3	None	0	27.1 kB	ljharb
npm/is-set@2.0.3	None	0	19.7 kB	ljharb
npm/is-weakmap@2.0.2	None	0	20.6 kB	ljharb
npm/istanbul-lib-coverage@3.2.2	None	0	34.4 kB	oss-bot
npm/klona@2.0.6	None	0	23.2 kB	lukeed
npm/language-subtag-registry@0.3.23	None	0	1.54 MB	mcg
npm/minipass@7.1.1	None	0	285 kB	isaacs
npm/nanoid@3.3.7	None	0	24.4 kB	ai
npm/node-releases@2.0.14	None	0	34 kB	chicoxyzzy
npm/object-inspect@1.13.1	None	0	97.2 kB	ljharb
npm/regex-parser@2.3.0	None	0	9.48 kB	ionicabizau
npm/require-main-filename@2.0.0	None	0	3.93 kB	bcoe
npm/rfdc@1.3.1	None	0	25.2 kB	matteo.collina
npm/source-map-js@1.2.0	None	0	140 kB	7rulnik
npm/temp-dir@2.0.0	filesystem	0	3.29 kB	sindresorhus
npm/universalify@2.0.1	None	0	4.67 kB	ryanzim
npm/whatwg-fetch@3.6.20	network	0	57.4 kB	jakechampion
npm/which-module@2.0.1	None	0	4.04 kB	nexdrew
npm/y18n@4.0.3	filesystem	0	11 kB	oss-bot

🚮 Removed packages: npm/@aashutoshrathi/word-wrap@1.2.6, npm/@ampproject/remapping@2.3.0, npm/@ardatan/relay-compiler@12.0.0, npm/@ardatan/sync-fetch@0.0.1, npm/@babel/core@7.24.5, npm/@babel/helper-compilation-targets@7.23.6, npm/@babel/helper-function-name@7.23.0, npm/@babel/helper-hoist-variables@7.22.5, npm/@babel/helper-module-transforms@7.24.5, npm/@babel/helper-simple-access@7.24.5, npm/@babel/helper-split-export-declaration@7.24.5, npm/@babel/helpers@7.24.5, npm/@babel/plugin-syntax-import-assertions@7.24.1, npm/@babel/traverse@7.24.5, npm/@colors/colors@1.5.0, npm/@graphql-tools/batch-execute@8.5.22, npm/@graphql-tools/delegate@9.0.35, npm/@graphql-tools/executor-graphql-ws@0.0.14, npm/@graphql-tools/executor-http@0.1.10, npm/@graphql-tools/executor-legacy-ws@0.0.11, npm/@graphql-tools/executor@0.0.20, npm/@graphql-tools/import@6.7.18, npm/@graphql-tools/wrap@9.4.2, npm/@humanwhocodes/module-importer@1.0.1, npm/@repeaterjs/repeater@3.0.6, npm/@types/js-yaml@4.0.9, npm/@types/ws@8.5.10, npm/@whatwg-node/node-fetch@0.5.11, npm/b4a@1.6.6, npm/babel-preset-fbjs@3.4.0, npm/browserslist@4.23.0, npm/clsx@1.2.1, npm/dataloader@2.2.2, npm/dotenv@16.4.5, npm/dset@3.1.3, npm/extract-files@11.0.0, npm/fast-fifo@1.3.2, npm/fast-json-parse@1.0.3, npm/fb-watchman@2.0.2, npm/fbjs@3.0.5, npm/framer-motion@11.1.1, npm/glob@7.2.3, npm/graphql-request@6.1.0, npm/graphql-ws@5.12.1, npm/http-proxy-agent@7.0.2, npm/https-proxy-agent@7.0.4, npm/import-fresh@3.3.0, npm/isomorphic-ws@5.0.0, npm/jose@5.3.0, npm/js-yaml@4.1.0, npm/lru-cache@5.1.1, npm/minimatch@4.2.3, npm/node-fetch@2.7.0, npm/nullthrows@1.1.1, npm/p-limit@3.1.0, npm/parse-json@5.2.0, npm/ramda@0.29.0, npm/scuid@1.1.0, npm/type-fest@2.19.0, npm/untildify@4.0.0, npm/urlpattern-polyfill@10.0.0, npm/value-or-promise@1.0.12

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note
Install scripts	npm/core-js-pure@3.37.1	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/core-js-pure@3.37.1