chore: upgrade dependencies with vulnerability issues (#302)

* fix: 🐛 postcss & sharp vulnerability * chore: 🤖 upgrade dotlottie-js * chore: 🤖 audit fix * chore: 🤖 update lock file * fix: 🐛 DotLottieStateMachineSchema._parse method changed --------- Co-authored-by: Afsal <[email protected]>
dotlottie · Jan 19, 2024 · 970e565 · 970e565
1 parent 3731d4f
commit 970e565
Show file tree

Hide file tree

Showing 6 changed files with 1,228 additions and 1,020 deletions.
diff --git a/apps/dotlottie-playground/package.json b/apps/dotlottie-playground/package.json
@@ -9,7 +9,7 @@
     "preview": "vite preview"
   },
   "dependencies": {
-    "@dotlottie/dotlottie-js": "0.5.2",
+    "@dotlottie/dotlottie-js": "^0.6.2",
     "@dotlottie/react-player": "workspace:^",
     "@lottiefiles/lottie-types": "^1.2.0",
     "@monaco-editor/react": "^4.5.1",

diff --git a/apps/dotlottie-playground/src/hooks/use-dotlottie.tsx b/apps/dotlottie-playground/src/hooks/use-dotlottie.tsx
@@ -117,7 +117,7 @@ export const DotLottieProvider: React.FC<{ children: ReactNode }> = ({ children
 
   const requiresValidStateMachineSchema = useCallback((stateMachine: DotLottieStateMachine) => {
     try {
-      DotLottieStateMachineSchema.parse(stateMachine);
+      DotLottieStateMachineSchema._parse(stateMachine);
     } catch (error) {
       toast('Invalid state schema. Please verify the json.', { type: 'error' });
       throw error;

diff --git a/package.json b/package.json
@@ -59,5 +59,22 @@
     "typescript": "4.7.4",
     "zx": "7.2.2"
   },
+  "pnpm": {
+    "overrides": {
+      "d3-color@<3.1.0": ">=3.1.0",
+      "@braintree/sanitize-url@<6.0.0": ">=6.0.0",
+      "@braintree/sanitize-url@<6.0.1": ">=6.0.1",
+      "mermaid@>=8.0.0 <9.1.2": ">=9.1.2",
+      "@cypress/request@<=2.88.12": ">=3.0.0",
+      "undici@<5.26.2": ">=5.26.2",
+      "zod@<=3.22.2": ">=3.22.3",
+      "next@>=0.9.9 <13.4.20-canary.13": ">=13.4.20-canary.13",
+      "minimatch@<3.0.5": ">=3.0.5",
+      "vite@>=4.4.0 <4.4.12": ">=4.4.12",
+      "@babel/traverse@<7.23.2": ">=7.23.2",
+      "semver@>=7.0.0 <7.5.2": ">=7.5.2",
+      "postcss@<8.4.31": ">=8.4.31"
+    }
+  },
   "packageManager": "[email protected]"
 }
diff --git a/packages/common/package.json b/packages/common/package.json
@@ -22,7 +22,7 @@
     "type-check": "tsc --noEmit"
   },
   "dependencies": {
-    "@dotlottie/dotlottie-js": "0.6.0",
+    "@dotlottie/dotlottie-js": "^0.6.2",
     "@lottiefiles/relottie": "1.0.0",
     "@lottiefiles/relottie-style": "0.4.3",
     "@preact/signals-core": "^1.2.3",

diff --git a/packages/react-player/package.json b/packages/react-player/package.json
@@ -41,11 +41,11 @@
     "@types/react": "^16.8.0",
     "@types/react-dom": "^16.8.0",
     "@vitejs/plugin-react": "^3.1.0",
-    "autoprefixer": "^10.4.14",
+    "autoprefixer": "^10.4.17",
     "axe-core": "^4.7.2",
     "cypress": "^12.11.0",
     "cypress-axe": "^1.4.0",
-    "postcss": "^8.4.31",
+    "postcss": "^8.4.33",
     "react": "^16.8.0",
     "react-dom": "^16.8.0",
     "react-use": "^17.4.0",