fix(deps): update dependency framer-motion to v11.2.4

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
framer-motion	11.0.8 -> 11.2.4

---

Release Notes

framer/motion (framer-motion)

v11.2.4

Compare Source

Fixed

• Batching triggering animations with useSpring.

v11.2.3

Compare Source

Fixed

• MotionValues created with undefined can track velocity correctly.

v11.2.2

Compare Source

Fixed

• Fixed visual jump when interrupting an optimised appear animation.

v11.2.1

Compare Source

Changed

• Improved performance of resolving variants by lazy resolving current MotionValue state.

v11.2.0

Compare Source

Added

• Binary visibility interpolation i.e display: ["block", "none"] now maintains the visible state throughout the animation.

v11.1.9

Compare Source

Changed

• Reinstating async event handlers to fix issues with user code and Suspence within Framer.

v11.1.8

Compare Source

Fixed

• Animating between keyframe unit types when one keyframe is 0 and the other is an explicitly defined keyframe, e.g y: ["100%", 0].

v11.1.7

Compare Source

Changed

• Updating types for motion.div.

v11.1.6

Compare Source

Changed

• Binding stop to MainThreadAnimation

v11.1.5

Compare Source

Changed

• Exporting DOMMotionComponents.

v11.1.4

Compare Source

Fixed

• Fixing types of motion.div in certain TS5 environment configurations.

Changed

• Skip removal of existing motion value when undefined.

v11.1.3

Compare Source

Fixed

• ESM compat with CJS bundle.

v11.1.2

Compare Source

Fixed

• Ensuring transforms unset during unit conversion are restored.

v11.1.1

Compare Source

Changed

• Updating JSX transform.

v11.1.0

Compare Source

Changed

• TypeScript 5 upgrade.

v11.0.28

Compare Source

Fixed

• Ensure CSS var token is set as final animation keyframe.

v11.0.27

Compare Source

Fixed

• Skipping animations with duration: 0.

v11.0.26

Compare Source

Fixed

• Adding perspective() to projection transform.
• Changing scheduling of useTransform to ensure frames are up-to-date.

v11.0.25

Compare Source

Fixed

• Ensuring motion(Fragment) nodes are skipped from layout projection.

v11.0.24

Compare Source

Fixed

• Changes in style are visible once a value is no longer present in animation props.

v11.0.23

Compare Source

Fixed

• Fixed layout animations when combined with z transforms.

v11.0.22

Compare Source

Fixed

• Fixed pre-generation of no-op WAAPI animations.

v11.0.21

Compare Source

Fixed

• Fixed interrupting WAAPI spring animations.

v11.0.20

Compare Source

Fixed

• Fixed interrupting shared element animations that contain rotate or skew transforms.

v11.0.19

Compare Source

Fixed

• Fixed layout animations when combined with skew transforms.

v11.0.18

Compare Source

Fixed

• Default duration doesn't override duration: 0 WAAPI animations.
• Fix error when trying to animate unmounted element.
• Avoid resolving WAAPI animation when stopping unresolved animation.

v11.0.17

Compare Source

v11.0.16

Compare Source

Fixed

• Restored animation promise handling to match behaviour of <11.0.11.

v11.0.15

Compare Source

Fixed

• Fixed measurements when more than one transform changes unit type.

v11.0.14

Compare Source

Fixed

• Fixed animation controls in instances where keyframes resolve to be unanimatable.

v11.0.13

Compare Source

Added

• Added default value types for backgroundPositionX and backgroundPositionY.

Fixed

• Fixed height: auto animations.

v11.0.12

Compare Source

Fixed

• Updated @emotion/is-valid-prop as peer dependency.

v11.0.11

Compare Source

Changed

• Keyframes now resolved asynchronously.
• External event handlers now fired synchronously.
• CSS variables and unit conversion now supported with >2 keyframe animations.
• Removed WAAPI animation of background-color.

v11.0.10

Compare Source

Fixed

• Improved speed and stability of regexes.

v11.0.9

Compare Source

Added

• Added support for Content Security Policy (CSP) nonces via MotionConfig.

---

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
sanity-ui-storybook	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 19, 2024 2:47pm
sanity-ui-workshop	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 19, 2024 2:47pm

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@storybook/addon-docs@8.1.1	None	+1	2.23 MB	shilman
npm/@storybook/addon-essentials@8.1.1	None	0	12.7 kB	shilman
npm/@storybook/addon-interactions@8.1.1	None	0	12.8 MB	shilman
npm/@storybook/addon-links@8.1.1	None	0	19.3 kB	shilman
npm/@storybook/addon-storysource@8.1.1	None	0	1.89 MB	shilman
npm/@storybook/addon-themes@8.1.1	None	0	18.7 kB	shilman
npm/@storybook/blocks@8.1.1	eval	+1	1.74 MB	shilman
npm/@storybook/manager-api@8.1.1	environment, network	+1	1.67 MB	shilman
npm/@storybook/react-vite@8.1.1	Transitive: environment, filesystem	+4	205 kB	shilman
npm/@storybook/react@8.1.1	None	+1	1.52 MB	shilman
npm/@storybook/theming@8.1.1	environment	0	737 kB	shilman
npm/commitizen@4.3.0	eval	+4	2.16 MB	commitizen-bot
npm/cypress-real-events@1.12.0	None	0	130 kB	dmtr.kovalenko
npm/cypress@13.9.0	environment, filesystem, shell, unsafe	+9	8.98 MB	atofstryker
npm/cz-conventional-changelog@3.3.0	environment Transitive: eval, filesystem, unsafe	+12	1.92 MB	commitizen-bot
npm/eslint-plugin-boundaries@4.2.1	None	+2	138 kB	javierbrea
npm/eslint-plugin-import@2.29.1	filesystem, unsafe	+3	1.34 MB	ljharb
npm/eslint-plugin-jsx-a11y@6.8.0	None	+2	2.95 MB	ljharb
npm/eslint-plugin-prettier@5.1.3	None	0	33.9 kB	jounqin
npm/eslint-plugin-react@7.34.1	filesystem Transitive: environment	+7	1.25 MB	ljharb
npm/eslint-plugin-storybook@0.8.0	None	0	86.3 kB	yannbf
npm/eslint@8.57.0	environment, filesystem Transitive: eval	+11	4.72 MB	eslintbot
npm/framer-motion@11.2.4	environment	0	2.24 MB	popmotion
npm/http-server@14.1.1	environment, filesystem, network	+2	196 kB	thornjad
npm/husky@8.0.3	environment, filesystem, shell	0	6.44 kB	typicode
npm/jest-axe@8.0.0	Transitive: environment	+3	119 kB	nickcolley
npm/jest-environment-jsdom@29.7.0	None	0	9.21 kB	simenb
npm/jest@29.7.0	None	0	5.01 kB	simenb
npm/lint-staged@14.0.1	Transitive: environment	+2	236 kB	okonet
npm/module-alias@2.2.3	unsafe	0	16.3 kB	ilearnio
npm/npm-run-all2@5.0.2	environment	+1	156 kB	bret
npm/prettier-plugin-packagejson@2.5.0	None	0	5.55 kB	matzkoh
npm/react-dom@18.3.1	environment	0	4.51 MB	react-bot
npm/react-refractor@2.1.7	environment	0	96.1 kB	rexxars
npm/react@18.3.1	environment	0	318 kB	react-bot
npm/refractor@4.8.1	None	0	1.08 MB	wooorm
npm/rimraf@5.0.7	environment, filesystem	+2	737 kB	isaacs
npm/semantic-release@23.1.1	environment, network Transitive: filesystem, unsafe	+5	834 kB	semantic-release-bot
npm/start-server-and-test@2.0.3	environment	+1	74.6 kB	bahmutov
npm/storybook@8.1.1	None	0	1.26 kB	shilman
npm/styled-components@6.1.11	environment	0	1.76 MB	probablyup
npm/tsconfig-paths@4.2.0	environment, filesystem, unsafe	+2	506 kB	jonaskello
npm/vite-tsconfig-paths@4.3.2	filesystem Transitive: environment	+1	138 kB	aleclarson
npm/vite@5.2.11	environment, eval, filesystem, network, shell, unsafe	+1	5.85 MB	vitebot

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/cypress@13.9.0	Install script: postinstall Source: node index.js --exec install	package.json pnpm-lock.yaml

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/cypress@13.9.0