KenBurns Image Effect for React Native Applications

Related tags

Effect react-native-kenburns-view
Overview

react-native-kenburns-view

react-native-kenburns-view is released under the ISC license. Current npm package version. Follow @nHiRanZ

KenBurns Image Effect for React Native. Based on Image Component Image Component. Version: 4.1.0

Tested on React Native 0.62.2 iOS and Android.

Installation

Note: Requires React Timeout. If it's not available, install it from the command below.

$ npm i react-timeout --save

The proceed to install the library

$ npm i react-native-kenburns-view --save

Demo/Example

kenburns view demo

Go to react-native-kenburns-view/example/KenBurnsExample to view the example.

Usage

<BurnsImage tension={4} friction={50} imageWidth={200} imageHeight={100} sourceUri={require(./images/kenburnsimage.jpg)} placeholderSource={require( './images/placeholder.jpg')}>
</BurnsImage>

API (props)

Prop Description
tension int Tension Value.
friction int Friction Value.
imageWidth int Image Width.
imageHeight int Image Height.
sourceUri URI String Image URL.
placeholderSource URI String Placeholder Image URL (Possibly a Local Image).
autoStart boolean Autostarts the animation.

npm

Link: react-native-kenburns-view on npm

License

ISC License

Feedback

Email: [email protected] Twitter: nHiRanZ on Twitter

Comments
  • Unhandled JS Exception: Cannot read property 'systemShouldAdvance' of undefined

    Unhandled JS Exception: Cannot read property 'systemShouldAdvance' of undefined

    Running into this error

    Error

    It seems to be occurring when the parent component is still mounted but the KenBurnsImage component isn't currently being displayed. This is all within a <Modal>

    Code

    <Modal
  animationType={'slide'}
  transparent={true}
  visible={this.props.workoutStore.starting && !this.props.workoutStore.remote}
  onRequestClose={this.props.workoutStore.cancel}
  onDismiss={this.props.workoutStore.ready}
>
  <View style={{flex: 1}}>
  ...
    <KenBurnsImage
      tension={4}
      friction={25}
      imageWidth={Dimensions.get('window').width}
      imageHeight={Dimensions.get('window').height}
      placeholderSource={require('../../../img/landing.png')}
      sourceUri={require('../../../img/landing.png')}
    />
  ...
  </View>
</Modal>

    Environment

    | software | version | ---------------- | ------- | react-navigation | 2.17.0 | react-native | 0.57 | node | 9.11.2 | yarn | 1.7.0

    opened by barnesheaton 2
  • build(deps): bump plist from 3.0.1 to 3.0.4 in /example/KenBurnsExample

    build(deps): bump plist from 3.0.1 to 3.0.4 in /example/KenBurnsExample

    Bumps plist from 3.0.1 to 3.0.4.

    Changelog

    Sourced from plist's changelog.

    3.0.4 / 2021-08-27

    3.0.3 / 2021-08-04

    • update xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)
    • remove flaky saucelabs teseting badge (Mike Reinstein)

    3.0.2 / 2021-03-25

    • update xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)
    • update saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)
    • remove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump react-native from 0.62.0 to 0.62.3 in /example/KenBurnsExample

    build(deps): bump react-native from 0.62.0 to 0.62.3 in /example/KenBurnsExample

    Bumps react-native from 0.62.0 to 0.62.3.

    Release notes

    Sourced from react-native's releases.

    v0.62.3

    This patch release is specifically targetted towards Xcode 12.5. The changes done are tailored to unblock developers still relying on v0.62 of RN.

    Aside from bumping your version from 0.62.2 to 0.62.3, please make sure to add this line to your podfile (or modify it if you already had it):

    use_flipper!('Flipper' => '0.75.1', 'Flipper-Folly' => '2.5.3', 'Flipper-RSocket' => '1.3.1')

    After which, do all the classic necessary cleans (node_modules, caches, pod folders, etc)(react-native-clean-project is your ally) then do yarn install and a pod install --repo-update (if pod install fails on an error about a Flipper package, just remove the relevant lines from the podfile.lock and run the pod install again).

    The only other commit picked & released along the Xcode 12.5 fixes is:

    • Update validateBaseUrl to use latest regex (commit) which fixes CVE-2020-1920, GHSL-2020-293.

    To help you upgrade to this version, you can use the upgrade helper ⚛️

    You can find the whole changelog history over at react-native-releases.

    v0.62.2

    This release fixes a few minor issues that were reported by the community. You can view the complete changelog here.

    You can participate in the conversation for the next patch release in the dedicated issue.

    To help you upgrade to this version, you can use the new upgrade helper ⚛️

    You can find the whole changelog history over at react-native-releases.

    v0.62.1

    This release fixes a YellowBox regression in v0.62.0 where the Flipper network inspector causes YellowBox to crash the app due to using base64 images.

    You can view the complete changelog here.

    You can participate in the conversation for the next patch release in the dedicated issue.

    To help you upgrade to this version, you can use the new upgrade helper ⚛️

    You can find the whole changelog history over at react-native-releases.

    Changelog

    Sourced from react-native's changelog.

    v0.62.3

    Security

    Fixed

    iOS specific

    v0.62.2

    Fixed

    iOS specific

    v0.62.1

    Fixed

    • Bump CLI to 4.5.1 to improve DX (eac56b9749 by @​alloy)
    • Fix a YellowBox regression in v0.62.0 where the Flipper network inspector causes YellowBox to crash the app due to using base64 images. (227aa96bb2 by @​rickhanlonii)

    Android specific

    iOS specific

    Changed

    Commits
    • 83425fa [0.62.3] Bump version numbers
    • c6f4611 [local] change autolink to match requirements for FlipperFolly working with X...
    • c4ea556 [local] change podfile to rely on the autolink-ios rb file
    • ca09ae8 Update validateBaseUrl to use latest regex
    • 166a5dd Get ReactiveNative compiled with Clang 10 (#28362)
    • 158b558 [local] update detox to work on Xcode 12
    • b9944e5 [0.62.2] Bump version numbers
    • f89c509 Make Vibration.vibrate compatible with TurboModules (#27951)
    • 8858d87 Exclude all FlipperKit transitive dependencies from iOS Release builds (#28504)
    • 4fd9c9d Fix Appearance module when using Chrome Debugger
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump bl from 4.0.2 to 4.1.0 in /example/KenBurnsExample

    build(deps): bump bl from 4.0.2 to 4.1.0 in /example/KenBurnsExample

    ⚠️ Dependabot is rebasing this PR ⚠️

    Rebasing might not happen immediately, so don't worry if this takes some time.

    Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

    Bumps bl from 4.0.2 to 4.1.0.

    Release notes

    Sourced from bl's releases.

    v4.0.3

    Fix unintialized memory access

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Upgrade react native of example to 0.22.2 and add Android support

    Upgrade react native of example to 0.22.2 and add Android support

    Hi there,

    By the way, nice work !

    I just upgraded the example to react native 0.22.2 and add Android support.

    Tested on both OS, they work like a charm.

    opened by charpeni 1
  • build(deps): bump normalize-url from 4.5.0 to 4.5.1 in /example/KenBurnsExample

    build(deps): bump normalize-url from 4.5.0 to 4.5.1 in /example/KenBurnsExample

    Bumps normalize-url from 4.5.0 to 4.5.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • [Snyk] Security upgrade snyk from 1.425.4 to 1.685.0

    [Snyk] Security upgrade snyk from 1.425.4 to 1.685.0

    Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

    merge advice

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • example/KenBurnsExample/package.json
      • example/KenBurnsExample/package-lock.json

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Issue | Breaking Change | Exploit Maturity :-------------------------:|:-------------------------|:-------------------------|:------------------------- high severity | Command Injection
    SNYK-JS-SSH2-1656673 | No | No Known Exploit

    Commit messages
    Package name: snyk The new version differs by 250 commits.
    • 4cc1a94 Merge pull request #2105 from snyk/feat/webpack
    • 7737f75 Merge pull request #2181 from snyk/test/migrate-old-snyk-format
    • 418e6ad Merge pull request #2180 from snyk/test/migrate-is-docker
    • 95631e7 test: migrate is-docker to jest
    • babe22a test: migrate old-snyk-format to jest
    • e22e94f feat: Snyk CLI is bundled with Webpack
    • dd46c19 Merge pull request #2175 from snyk/fix/snyk-protect-multiple
    • e7c314f Merge pull request #2178 from snyk/test/server-close
    • 5e824c0 fix(protect): skip previously patched files
    • ca2177a fix(protect): catch and log unexpected errors
    • c9ddb44 chore(protect): move api url warnings to stderr
    • e8fed38 refactor(protect): move stdout logs to top level
    • 55e88f9 Merge pull request #2177 from snyk/test/set-jest-acceptance-timeout
    • 1522c5f test: server.close uses callbacks, not promises
    • 13dce51 test: increase timeout for slow oauth test
    • 65c35be Merge pull request #2172 from snyk/chore/no-run-test-on-master
    • a1e3992 chore: don't run tests on master
    • 20feb67 Merge pull request #2165 from snyk/chore/dont-wait-for-regression-tests
    • f50bca7 Merge pull request #2167 from snyk/refactor/replace-cc-parser-with-split-functions
    • 1ed7d11 refactor: replace cc parser with split functions
    • 707801d Merge pull request #2166 from snyk/fix/support_quotes_in_poetry_toml
    • dc6b784 Merge pull request #2163 from snyk/chore/remove-store-test-results
    • 7973015 fix: support quoted keys in inline tables
    • 18f0d2a Merge pull request #2164 from snyk/chore/upgrade-snyk-nuget-plugin

    See the full diff

    Check the changes in this PR to ensure they won't cause issues with your project.

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    opened by snyk-bot 0
  • [Snyk] Security upgrade react-native from 0.62.0 to 0.65.0

    [Snyk] Security upgrade react-native from 0.62.0 to 0.65.0

    Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

    merge advice

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • example/KenBurnsExample/package.json
      • example/KenBurnsExample/package-lock.json

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- high severity | 661/1000
    Why? Recently disclosed, Has a fix available, CVSS 7.5 | Out-of-Bounds
    SNYK-JS-HERMESENGINE-1727253 | No | No Known Exploit

    (*) Note that the real score may have changed since the PR was raised.

    Commit messages
    Package name: react-native The new version differs by 250 commits.
    • 7473ce1 [0.65.0] Bump version numbers
    • 5f0b805 [0.65.0-rc.4] Bump version numbers
    • 83d9b9b [LOCAL] yarn lock update
    • e775957 Revert "fix: Move react-native-codegen to be a direct dependency of react-native (fix for 0.65-stable)"
    • 5f7deb5 [LOCAL] reintroduce generated codegen files
    • c0df3e0 [LOCAL] autogenerated files
    • 54fbe0d - Bump CLI to ^6.0.0 (#31971)
    • 5efad92 Codegen: Always prepare filesystem
    • dfd324e Extend codegen script to take library name, output dir arguments
    • 1b7f95b Reorganize codegen script for clarity
    • 041365e fix: codegen - project paths with spaces (#31141)
    • 98e1734 fix: Move react-native-codegen to be a direct dependency of react-native (fix for 0.65-stable)
    • e8d725a [0.65.0-rc.3] Bump version numbers
    • e40f582 fix(deps): bump metro to 0.66.2 + dedup (#31886)
    • e53745e Bump Flipper + Bump hermes (#31872)
    • 4476fbc Allow PlatformColor to work with RCTView border colors (#29728)
    • 49253dc Fix support for blobs larger than 64 KB on Android (#31789)
    • 626d25c Android: upgrading to OkHttp from 4.9.0 to 4.9.1 to fix java.lang.NullPointerException: bio == null crash (#31822)
    • db7aa7b [0.65.0-rc.2] Bump version numbers
    • 121a6a4 Fix Android build sequencing
    • ba4424f Revert "Revert "bump buildToolsVersion to 30.0.2 (#31627)""
    • be9a669 Revert "Revert "Gradle 6.9, Android Gradle Plugin 4.2.1 (#31593)""
    • 0e08b25 [0.65.0-rc.1] Bump version numbers
    • ca5b943 [LOCAL] lock files update for 065 branch

    See the full diff

    Check the changes in this PR to ensure they won't cause issues with your project.

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    opened by snyk-bot 0
  • [Snyk] Fix for 1 vulnerabilities

    [Snyk] Fix for 1 vulnerabilities

    Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • example/KenBurnsExample/package.json
      • example/KenBurnsExample/package-lock.json

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- high severity | 768/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
    SNYK-JS-ANSIREGEX-1583908 | No | Proof of Concept

    (*) Note that the real score may have changed since the PR was raised.

    Commit messages
    Package name: react-native The new version differs by 250 commits.
    • ace025d [0.64.0] Bump version numbers
    • 728d55a Fixing the git attrs for all the people and all the files and all future 🙌
    • 8a6ac1f chore: Update React.podspec to require cocoapods >= 1.10.1
    • 138fdbc fix: restore refresh control fix
    • 7f3f80f Fix RefreshControl layout when removed from window (#31024)
    • 1aa4f47 [0.64.0-rc.4] Bump version numbers
    • 48a97d7 chore: fix conflict in Podfile.lock
    • e7e4b00 fix: disable fabric
    • 14db556 fix: React Native CodeGen integration for 0.64-stable (#31027)
    • 4b68734 Generalize node search logic
    • 7159bcb Update flipper in RNTester and template (#31010)
    • e846740 [0.64.0-rc.3] Bump version numbers
    • c023a40 chore: bump codegen script
    • 7004cac Invoke `node` directly in generate-specs.sh (#30781)
    • 5ada078 Make codegen more reliable on iOS (#30792)
    • 937ced3 Optionally override codegen script defaults via envvars
    • e5888de Add use_react_native_codegen!
    • 0636c45 Use Fabric builds in iOS tests (#30639)
    • 224c85a Update iOS Fabric-related files to compile on OSS (#29810)
    • 7ec38b9 Avoid eating clicks/taps into ScrollView when using physical keyboard (#30374)
    • 052447c Remove dependency on Folly in TurboModuleUtils.h (#30672)
    • 70ba9ac Expose the testID to black-box testing frameworks on Android (#29610)
    • 1eb7d4a [0.64.0-rc.2] Bump version numbers
    • 4481d09 Fix infinite loop in KeyboardAvoidingView

    See the full diff

    Package name: snyk The new version differs by 250 commits.
    • 3f52bdc Merge pull request #1669 from snyk/fix/dont-fail-on-request-big-payload
    • 47e106e fix: don't fail on request's big payload
    • 1228b55 Merge pull request #1624 from snyk/chore/cli-alert-improvement
    • fccd907 Merge pull request #1666 from snyk/chore/bump-cpp-test-timeout
    • 6772a3e Merge pull request #1649 from snyk/chore/deps-update
    • 89a7767 chore: update dependencies
    • eaf4915 test: wrap pagerduty await in try-catch, remove condition
    • 0576431 test: add pagerduty, check if test is running before attemmpting rerun
    • a08a938 chore: bump flaky cpp test timeout
    • ebb8dd7 Merge pull request #1656 from snyk/feat/protect-prime-time
    • 69cd590 test: fix flakey json output test
    • 3021bb2 Merge pull request #1663 from snyk/fix/upgrade-snyk-gradle-plugin
    • a988600 Merge pull request #1654 from snyk/feat/iac-experimental-terraform-support
    • b455497 feat: iac experimental tf support
    • 4848b7e chore: run tests in packages in CI
    • 3e7e99e feat: implement snyk protect
    • bb233f1 chore: enable prettier formatting in packages
    • fe0183d test: enable jest testing in snyk-protect workspace
    • 40ec817 test: test fixture for snyk protect
    • 7dfd3ea Merge pull request #1661 from snyk/test/fix-flake-with-dev-count-analysis
    • 02c99b8 test: remove tests previously migrated to jest
    • e203fd1 test: set timeout in beforeAll
    • d42f6d9 fix: update snyk-gradle-plugin to 3.13.2
    • 8cd9fbf Merge pull request #1662 from snyk/test/add-longer-timeouts

    See the full diff

    Check the changes in this PR to ensure they won't cause issues with your project.

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    opened by snyk-bot 0
  • [Snyk] Security upgrade snyk from 1.316.1 to 1.685.0

    [Snyk] Security upgrade snyk from 1.316.1 to 1.685.0

    Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

    merge advice

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • example/KenBurnsExample/package.json
      • example/KenBurnsExample/package-lock.json

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- high severity | 768/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
    SNYK-JS-ANSIREGEX-1583908 | No | Proof of Concept

    (*) Note that the real score may have changed since the PR was raised.

    Commit messages
    Package name: snyk The new version differs by 250 commits.
    • 4cc1a94 Merge pull request #2105 from snyk/feat/webpack
    • 7737f75 Merge pull request #2181 from snyk/test/migrate-old-snyk-format
    • 418e6ad Merge pull request #2180 from snyk/test/migrate-is-docker
    • 95631e7 test: migrate is-docker to jest
    • babe22a test: migrate old-snyk-format to jest
    • e22e94f feat: Snyk CLI is bundled with Webpack
    • dd46c19 Merge pull request #2175 from snyk/fix/snyk-protect-multiple
    • e7c314f Merge pull request #2178 from snyk/test/server-close
    • 5e824c0 fix(protect): skip previously patched files
    • ca2177a fix(protect): catch and log unexpected errors
    • c9ddb44 chore(protect): move api url warnings to stderr
    • e8fed38 refactor(protect): move stdout logs to top level
    • 55e88f9 Merge pull request #2177 from snyk/test/set-jest-acceptance-timeout
    • 1522c5f test: server.close uses callbacks, not promises
    • 13dce51 test: increase timeout for slow oauth test
    • 65c35be Merge pull request #2172 from snyk/chore/no-run-test-on-master
    • a1e3992 chore: don't run tests on master
    • 20feb67 Merge pull request #2165 from snyk/chore/dont-wait-for-regression-tests
    • f50bca7 Merge pull request #2167 from snyk/refactor/replace-cc-parser-with-split-functions
    • 1ed7d11 refactor: replace cc parser with split functions
    • 707801d Merge pull request #2166 from snyk/fix/support_quotes_in_poetry_toml
    • dc6b784 Merge pull request #2163 from snyk/chore/remove-store-test-results
    • 7973015 fix: support quoted keys in inline tables
    • 18f0d2a Merge pull request #2164 from snyk/chore/upgrade-snyk-nuget-plugin

    See the full diff

    Check the changes in this PR to ensure they won't cause issues with your project.

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    opened by snyk-bot 0
  • [Snyk] Security upgrade snyk from 1.316.1 to 1.518.0

    [Snyk] Security upgrade snyk from 1.316.1 to 1.518.0

    Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

    merge advice

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • example/KenBurnsExample/package.json
      • example/KenBurnsExample/package-lock.json

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- high severity | 798/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.1 | Remote Code Execution (RCE)
    SNYK-JS-PACRESOLVER-1564857 | No | Proof of Concept

    (*) Note that the real score may have changed since the PR was raised.

    Commit messages
    Package name: snyk The new version differs by 250 commits.
    • 8987918 Merge pull request #1781 from snyk/fix/replace-proxy
    • eec11b7 test: raise timeout for snyk protect tests hitting real Snyk API
    • 8045ceb test: update proxy tests for the new proxy global-agent
    • 0d0c76a feat: support lowercase http_proxy envvars
    • e597846 test(proxy): acceptance test for Proxy envvar settings
    • 6d67579 fix: replace vulnerable proxy dependency
    • 1449c57 Merge pull request #1707 from snyk/feat/snyk-fix
    • 3d872fb test: assert exact errors for unsupported
    • 5ebd685 Merge pull request #1777 from snyk/feat/fix-with-version-provenance
    • 17e3431 Merge pull request #1778 from snyk/feat/dont-force-https
    • fdd7f1a docs: update SNYK_HTTP_PROTOCOL_UPGRADE description
    • 165b4b9 feat: introduce envvar to control HTTP-HTTPS upgrade behavior
    • 77e6665 chore: lerna release with exact version
    • f14819f Merge pull request #1760 from snyk/feat/support-critical-in-sarif
    • b286418 feat: v1 support for previously fixed reqs.txt
    • 0384020 feat: basic pip fix -r support
    • f94c558 feat: include pins optionally
    • 66ca77a feat: do not skip files with -r directive
    • bc44f9a refactor: fix individual reqs manifest
    • 6e84322 feat: fix individual file with provenance
    • 9ed99f3 Merge pull request #1764 from snyk/feat/update-code-client
    • c92599b Merge pull request #1774 from snyk/refactor/change-binaries-release-script
    • ca508ac test: smoke test for `snyk fix`
    • c68c7da feat: add @ snyk/fix as a dep

    See the full diff

    Check the changes in this PR to ensure they won't cause issues with your project.

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    opened by snyk-bot 0
  • build(deps): bump json5 and jest in /example/KenBurnsExample

    build(deps): bump json5 and jest in /example/KenBurnsExample

    Bumps json5 to 2.2.2 and updates ancestor dependency jest. These dependencies need to be updated together.

    Updates json5 from 2.1.3 to 2.2.2

    Release notes

    Sourced from json5's releases.

    v2.2.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
    Changelog

    Sourced from json5's changelog.

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
    Commits
    • 14f8cb1 2.2.2
    • 10cc7ca docs: update CHANGELOG for v2.2.2
    • 7774c10 fix: add proto to objects and arrays
    • edde30a Readme: slight tweak to intro
    • 97286f8 Improve example in readme
    • d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
    • 910ce25 docs: fix spelling of Aseem
    • 2aab4dd test: require tap as t in cli tests
    • 6d42686 test: remove mocha syntax from tests
    • 4798b9d docs: update installation and usage for modules
    • Additional commits viewable in compare view

    Updates jest from 23.5.0 to 29.3.1

    Release notes

    Sourced from jest's releases.

    v29.3.1

    Fixes

    • [jest-config] Do not warn about preset in ProjectConfig #13583

    Performance

    • [jest-transform] Defer creation of cache directory #13420

    v29.3.0

    Features

    • [jest-runtime] Support WebAssembly (Wasm) imports in ESM modules (#13505)

    Fixes

    • [jest-config] Add config validation for projects option (#13565)
    • [jest-mock] Treat cjs modules as objects so they can be mocked (#13513)
    • [jest-worker] Throw an error instead of hanging when jest workers terminate unexpectedly (#13566)

    Chore & Maintenance

    • [@jest/transform] Update convert-source-map (#13509)
    • [docs] Mention toStrictEqual in UsingMatchers docs. (#13560)

    New Contributors

    Full Changelog: https://github.com/facebook/jest/compare/v29.2.2...v29.3.0

    v29.2.2

    Fixes

    • [@jest/test-sequencer] Make sure sharding does not produce empty groups (#13476)
    • [jest-circus] Test marked as todo are shown as todo when inside a focussed describe (#13504)
    • [jest-mock] Ensure mock resolved and rejected values are promises from correct realm (#13503)
    • [jest-snapshot] Don't highlight passing asymmetric property matchers in snapshot diff (#13480)

    Chore & Maintenance

    • [docs] Update link to Jest 28 upgrade guide in error message (#13483)
    • [jest-runner, jest-watcher] Update emittery (#13490)

    New Contributors

    ... (truncated)

    Changelog

    Sourced from jest's changelog.

    29.3.1

    Fixes

    • [jest-config] Do not warn about preset in ProjectConfig (#13583)

    Performance

    • [jest-transform] Defer creation of cache directory (#13420)

    29.3.0

    Features

    • [jest-runtime] Support WebAssembly (Wasm) imports in ESM modules (#13505)

    Fixes

    • [jest-config] Add config validation for projects option (#13565)
    • [jest-mock] Treat cjs modules as objects so they can be mocked (#13513)
    • [jest-worker] Throw an error instead of hanging when jest workers terminate unexpectedly (#13566)

    Chore & Maintenance

    • [@jest/transform] Update convert-source-map (#13509)
    • [docs] Mention toStrictEqual in UsingMatchers docs. (#13560)

    29.2.2

    Fixes

    • [@jest/test-sequencer] Make sure sharding does not produce empty groups (#13476)
    • [jest-circus] Test marked as todo are shown as todo when inside a focussed describe (#13504)
    • [jest-mock] Ensure mock resolved and rejected values are promises from correct realm (#13503)
    • [jest-snapshot] Don't highlight passing asymmetric property matchers in snapshot diff (#13480)

    Chore & Maintenance

    • [docs] Update link to Jest 28 upgrade guide in error message (#13483)
    • [jest-runner, jest-watcher] Update emittery (#13490)

    29.2.1

    Features

    • [@jest/globals, jest-mock] Add jest.Spied* utility types (#13440)

    Fixes

    • [jest-environment-node] make globalThis.performance writable for Node 19 and fake timers (#13467)

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by simenb, a new releaser for jest since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 in /example/KenBurnsExample

    build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 in /example/KenBurnsExample

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • [Snyk] Security upgrade snyk from 1.425.4 to 1.1064.0

    [Snyk] Security upgrade snyk from 1.425.4 to 1.1064.0

    This PR was automatically created by Snyk using the credentials of a real user.


    Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • example/KenBurnsExample/package.json
      • example/KenBurnsExample/package-lock.json

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYK-3038622 | No | Proof of Concept medium severity | 576/1000
    Why? Recently disclosed, Has a fix available, CVSS 5.8 | Code Injection
    SNYK-JS-SNYK-3111871 | No | No Known Exploit medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYKDOCKERPLUGIN-3039679 | No | Proof of Concept medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYKGRADLEPLUGIN-3038624 | No | Proof of Concept medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYKMVNPLUGIN-3038623 | No | Proof of Concept medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYKPYTHONPLUGIN-3039677 | No | Proof of Concept medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYKSBTPLUGIN-3038626 | No | Proof of Concept medium severity | 643/1000
    Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5 | Command Injection
    SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625 | No | Proof of Concept

    (*) Note that the real score may have changed since the PR was raised.

    Check the changes in this PR to ensure they won't cause issues with your project.

    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    Learn how to fix vulnerabilities with free interactive lessons:

    🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

    opened by nHiRanZ 0
  • build(deps): bump xmldom and plist in /example/KenBurnsExample

    build(deps): bump xmldom and plist in /example/KenBurnsExample

    Removes xmldom. It's no longer used after updating ancestor dependency plist. These dependencies need to be updated together.

    Removes xmldom

    Updates plist from 3.0.1 to 3.0.6

    Changelog

    Sourced from plist's changelog.

    3.0.5 / 2022-03-23

    • [96e2303d05] Prototype Pollution using .parse() #114 (mario-canva)
    • update browserify from 16 to 17

    3.0.4 / 2021-08-27

    3.0.3 / 2021-08-04

    • update xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)
    • remove flaky saucelabs teseting badge (Mike Reinstein)

    3.0.2 / 2021-03-25

    • update xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)
    • update saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)
    • remove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)
    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump snyk from 1.425.4 to 1.996.0 in /example/KenBurnsExample

    build(deps): bump snyk from 1.425.4 to 1.996.0 in /example/KenBurnsExample

    Bumps snyk from 1.425.4 to 1.996.0.

    Release notes

    Sourced from snyk's releases.

    v1.996.0

    1.996.0 (2022-09-01)

    Bug Fixes

    • bump golang plugin version (8893f81)

    Features

    v1.995.0

    1.995.0 (2022-08-31)

    Bug Fixes

    • matching configurations error on gradle version catalog (20dcdae)

    v1.994.0

    1.994.0 (2022-08-31)

    Bug Fixes

    Features

    • add custom severities to iac test config (9d86574)
    • add ignore count in the experimental version of iac test (d390ca2)
    • Added support for depth-detection (8cf1815)

    v1.993.0

    1.993.0 (2022-08-29)

    Features

    v1.992.0

    1.992.0 (2022-08-25)

    Bug Fixes

    ... (truncated)

    Commits
    • f614f80 Merge pull request #3803 from snyk/fix/bump-golang-plugin-version
    • d779654 Merge pull request #3620 from snyk/chore/cliv2_support_alpine
    • 8893f81 fix: bump golang plugin version
    • d2fd088 Merge pull request #3792 from snyk/feat/add-var-file-support
    • 544b0f1 Merge pull request #3800 from snyk/chore/capsule-doesnt-exist
    • 537372d feat: add --var-file support
    • 581ebb8 chore: handle GOOS alpine in Makefile
    • 424289d chore: remove code ownership from Capsule
    • 9717d2a Merge pull request #3793 from snyk/fix/bump-gradle-plugin-version
    • 20dcdae fix: matching configurations error on gradle version catalog
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by snyk-admin, a new releaser for snyk since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump snyk-go-plugin and snyk in /example/KenBurnsExample

    build(deps): bump snyk-go-plugin and snyk in /example/KenBurnsExample

    Removes snyk-go-plugin. It's no longer used after updating ancestor dependency snyk. These dependencies need to be updated together.

    Removes snyk-go-plugin

    Updates snyk from 1.425.4 to 1.1024.0

    Release notes

    Sourced from snyk's releases.

    v1.1024.0

    1.1024.0 (2022-10-06)

    v1.1023.0

    1.1023.0 (2022-10-06)

    Bug Fixes

    • Ignored issues count displays "undefined" (962df51)

    v1.1022.0

    1.1022.0 (2022-10-05)

    Bug Fixes

    • do not check stderr output in IaC smoke tests (55cbba0)

    Features

    • use short link to the Integrated IaC docs (8fd823d)

    v1.1021.0

    1.1021.0 (2022-10-04)

    Bug Fixes

    • remove gradle matching config error (401c0f0)

    Features

    • add flag to exclude app vulnerabilities (5d704e2)
    • print warning message on app-vulns enablement (9216c49)

    v1.1020.0

    1.1020.0 (2022-10-03)

    v1.1019.0

    1.1019.0 (2022-09-30)

    Bug Fixes

    • use @​snyk/child-process package without shell (2d8845d)

    ... (truncated)

    Commits
    • 9b48446 Merge pull request #4111 from snyk/feat/snyk-iac-debug-log
    • 85bfd82 chore: Add debug log for local bundle
    • 7533751 Merge pull request #4064 from snyk/docs/automatic-gitbook-update
    • 61c983d Merge pull request #4110 from snyk/fix/undefined-ignored-issues-count
    • 962df51 fix: Ignored issues count displays "undefined"
    • 29bb68b docs: synchronizing help from snyk/user-docs
    • b0c0789 Merge pull request #4106 from snyk/feat/use-short-integrated-iac-link
    • 8fd823d feat: use short link to the Integrated IaC docs
    • e9b88b9 Merge pull request #4043 from snyk/fix/iac-smoke-stderr
    • 0f54465 Merge pull request #3874 from snyk/feat/no-app-vulns
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by snyk-admin, a new releaser for snyk since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(0.0.1)
Owner
Nimila Hiranya Samarasinghe
Software Engineer. Geek. Social Media Enthusiast.
Nimila Hiranya Samarasinghe
GitHub
A subtle tilt effect for images. The idea is to move and rotate semi-transparent copies with the same background image in order to create a subtle motion or depth effect.

Image Tilt Effect A subtle tilt effect for images. The idea is to move and rotate semi-transparent copies with the same background image in order to c

Codrops 571 Nov 21, 2022
Liquideffect - Javascript Library for creating liquid effect on image and RGB effect on mouse direction.

LiquidEffect Javascript Library for creating liquid effect on image and RGB effect on mouse direction. Demo https://liquideffect.netlify.app/ Dependen

Rohail 8 May 6, 2022
A simple yet powerful native javascript plugin for a cool typewriter effect.

TypewriterJS v2 NPM Repository JSFiddle Example Emoji Example CDN You can use the CDN version of this plugin for fast and easy setup. <script src="htt

Tameem Safi 1.8k Jan 4, 2023
Native typewriter effect, without compromises or dependencies.

T-Writer.js Native typewriter effect, without compromises or dependencies. See a demo for ideas/examples. Why Creating a custom typewriter effect can

Christopher Cavalea 508 Dec 1, 2022
Background image segment effect as seen on [Filippo Bello's Portfolio](http://www.filippobello.com/portfolio).

Segment Effect Background image segment effect as seen on Filippo Bello's Portfolio. Article on Codrops Demo License Integrate or build upon it for fr

Codrops 526 Nov 29, 2022
Switch the background-image with using effect.

jQuery.BgSwitcher Switch the background image with using effect. Demo http://rewish.github.io/jquery-bgswitcher/ Usage <div class="box"> <p>Lorem ip

rewish 195 Dec 30, 2022
Pure CSS Image Hover Effect Library

imagehover.css A Scaleable & Light Image Hover CSS Library Imagehover.css is a lovingly crafted CSS library allowing you to easily implement scaleable

Ciaran Walsh 1.8k Dec 21, 2022
A sticky image effect for a slideshow inspired by ultanoir's website.

How to Create a Sticky Image Effect with Three.js A sticky image effect for a slideshow inspired by ultanoir's project showcase slideshow. Article on

Daniel Velasquez 198 Nov 18, 2022
A full image reveal effect with fancy thumbnail sliding.

Full Image Reveal Effect A full image reveal effect with fancy thumbnail sliding. Article on Codrops Demo Credits Images from Unsplash.com TweenMax by

Codrops 155 Dec 19, 2022
A tutorial on how to create a thumbnail grid with an expanding image preview similar to the effect seen on Google Images.

Thumbnail Grid with Expanding Preview A tutorial on how to create a thumbnail grid with an expanding image preview similar to the effect seen on Googl

Codrops 353 Jan 4, 2023
A speedy motion transition effect for an image slideshow.

Motion Transition Effect A speedy motion transition effect for an image slideshow. Inspired by Ping Pong Slow Motion. Article on Codrops Demo Credits

Codrops 51 Jul 5, 2022
A mouse particle effect react component

react-mouse-particles A mouse particle effect react component A very fun react library that can be used to create mouse particle effects, which are as

lindelof 92 Dec 17, 2022
👓 Parallax tilt hover effect for React JS - tilt.js

React.js - Tilt.js React version of tilt.js Demo https://vx-demo.now.sh/gallery Install yarn: yarn add react-tilt npm: npm install --save react-tilt U

Jon 340 Dec 23, 2022
A Snow Effect component for React.

react-snowstorm A Snow Effect component for React. Uses Snowstorm under the hood. Live Demo : http://burakcan.github.io/react-snowstorm Getting Starte

Burak Can 225 Aug 31, 2022
Add a water ripple effect to your background using WebGL.

jQuery Ripples Plugin By the powers of WebGL, add a layer of water to your HTML elements which will ripple by cursor interaction! Important: this plug

Pim Schreurs 976 Dec 30, 2022
A decorative website background effect where SVG shapes morph and transform on scroll.

Morphing Background Shapes A decorative website background effect where SVG shapes morph and transform on scroll. Article on Codrops Demo This demo is

Codrops 351 Dec 26, 2022
Recreation of the background scale hover effect seen on the DDD Hotel website using CSS clip paths.

Background Scale Hover Effect Recreation of the background scale hover effect seen on the DDD Hotel menu using CSS clip paths. Article on Codrops Demo

Codrops 98 Dec 6, 2022
A motion hover effect for a background grid of images.

Image Grid Motion Effect A motion hover effect for a background grid of images. Article on Codrops Demo Installation Install dependencies: npm install

Codrops 118 Dec 31, 2022
fixed-background-effect

Fixed Background Effect A simple template that takes advantage of the background-attachment CSS property to create a fixed background effect. Article

CodyHouse 50 Oct 28, 2022