Skip to content

fix(deps): update npm - website - website/package.json #1131

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update npm - website - website/package.json #1131

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 31, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
axios (source) ^1.10.0 -> ^1.11.0 age confidence
eslint (source) ^9.31.0 -> ^9.34.0 age confidence
react (source) ^19.1.0 -> ^19.1.1 age confidence
react-dom (source) ^19.1.0 -> ^19.1.1 age confidence
react-player ^3.2.0 -> ^3.3.2 age confidence
react-slick (source) ^0.30.3 -> ^0.31.0 age confidence

Release Notes

axios/axios (axios)

v1.11.0

Compare Source

Bug Fixes
Contributors to this release
eslint/eslint (eslint)

v9.34.0

Compare Source

v9.33.0

Compare Source

v9.32.0

Compare Source

facebook/react (react)

v19.1.1

Compare Source

facebook/react (react-dom)

v19.1.1

Compare Source

cookpete/react-player (react-player)

v3.3.2

Compare Source

  • fix: prevent React warnings for unknown event handler properties #1970
  • docs: the demo source in README.md #1979
  • Fix: Add share URLs to TikTok pattern matching #1973
  • MIGRATING.md: Fix broken link to demo app #1969

v3.3.1

Compare Source

16 July 2025

  • fix: merge circular dependency #1964
  • chore(release): 3.3.1 26001ec

v3.3.0

Compare Source

16 July 2025

v3.2.1

Compare Source

15 July 2025

akiran/react-slick (react-slick)

v0.31.0

Compare Source

  • Fixed extra clones issue
  • Extra height of slider in vertical mode when number of slides is less than or equal to slidesToShow issue

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@netlify Netlify
Copy link

netlify bot commented Jul 31, 2025
edited
Loading

Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name Link
🔨 Latest commit b931494
🔍 Latest deploy log https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/68b1d426028a6a000818f33f

@github-actions github-actions bot added the fix label Jul 31, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 31, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 9 package(s) with unknown licenses.
See the Details below.

License Issues

website/yarn.lock

PackageVersionLicenseIssue Type
tiktok-video-element0.1.1NullUnknown License
twitch-video-element0.1.4NullUnknown License
cloudflare-video-element1.3.4NullUnknown License
dash-video-element0.1.6NullUnknown License
hls-video-element1.5.7NullUnknown License
spotify-audio-element1.0.3NullUnknown License
vimeo-video-element1.5.5NullUnknown License
wistia-video-element1.3.4NullUnknown License
youtube-video-element1.6.2NullUnknown License
Allowed Licenses: MIT, MIT-0, Apache-2.0, BSD-3-Clause, BSD-3-Clause-Clear, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, OFL-1.1, Zlib
Excluded from license check: pkg:npm/caniuse-lite

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/axios ^1.11.0 🟢 5.7
Details
CheckScoreReason
Maintained🟢 1028 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 19/22 approved changesets -- score normalized to 8
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 4security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
SAST🟢 9SAST tool detected but not run on all commits
Vulnerabilities⚠️ 046 existing vulnerabilities detected
npm/eslint ^9.34.0 🟢 6.3
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 6Found 18/28 approved changesets -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 4security policy file detected
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/react ^19.1.1 🟢 6.4
Details
CheckScoreReason
Code-Review🟢 9Found 28/30 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
License🟢 10license file detected
CII-Best-Practices⚠️ 2badge detected: InProgress
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities⚠️ 0227 existing vulnerabilities detected
npm/react-dom ^19.1.1 🟢 6.4
Details
CheckScoreReason
Code-Review🟢 9Found 28/30 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
License🟢 10license file detected
CII-Best-Practices⚠️ 2badge detected: InProgress
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities⚠️ 0227 existing vulnerabilities detected
npm/react-player ^3.3.2 🟢 4.4
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
Maintained🟢 1018 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 5dependency not pinned by hash detected -- score normalized to 5
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 64 existing vulnerabilities detected
npm/react-slick ^0.31.0 🟢 5.2
Details
CheckScoreReason
Maintained🟢 93 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 9
Dangerous-Workflow⚠️ -1no workflows found
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ -1No tokens found
Code-Review⚠️ 2Found 3/14 approved changesets -- score normalized to 2
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ -1no dependencies found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/config-helpers 0.3.1 UnknownUnknown
npm/@eslint/core 0.15.2 UnknownUnknown
npm/@eslint/js 9.34.0 🟢 6.3
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 6Found 18/28 approved changesets -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 4security policy file detected
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/@eslint/plugin-kit 0.3.5 UnknownUnknown
npm/@mux/mux-player 3.5.3 🟢 5
Details
CheckScoreReason
Code-Review🟢 6Found 16/23 approved changesets -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging🟢 10packaging workflow detected
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 014 existing vulnerabilities detected
npm/@mux/mux-player-react 3.5.3 🟢 5
Details
CheckScoreReason
Code-Review🟢 6Found 16/23 approved changesets -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging🟢 10packaging workflow detected
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 014 existing vulnerabilities detected
npm/axios 1.11.0 🟢 5.7
Details
CheckScoreReason
Maintained🟢 1028 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 19/22 approved changesets -- score normalized to 8
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 4security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
SAST🟢 9SAST tool detected but not run on all commits
Vulnerabilities⚠️ 046 existing vulnerabilities detected
npm/cloudflare-video-element 1.3.4 UnknownUnknown
npm/dash-video-element 0.1.6 UnknownUnknown
npm/eslint 9.34.0 🟢 6.3
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 6Found 18/28 approved changesets -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 4security policy file detected
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/form-data 4.0.4 🟢 5.9
Details
CheckScoreReason
Maintained🟢 1011 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 2/29 approved changesets -- score normalized to 0
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/hls-video-element 1.5.7 UnknownUnknown
npm/react 19.1.1 🟢 6.4
Details
CheckScoreReason
Code-Review🟢 9Found 28/30 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
License🟢 10license file detected
CII-Best-Practices⚠️ 2badge detected: InProgress
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities⚠️ 0227 existing vulnerabilities detected
npm/react-dom 19.1.1 🟢 6.4
Details
CheckScoreReason
Code-Review🟢 9Found 28/30 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
License🟢 10license file detected
CII-Best-Practices⚠️ 2badge detected: InProgress
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities⚠️ 0227 existing vulnerabilities detected
npm/react-player 3.3.2 🟢 4.4
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
Maintained🟢 1018 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 5dependency not pinned by hash detected -- score normalized to 5
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 64 existing vulnerabilities detected
npm/react-slick 0.31.0 🟢 5.2
Details
CheckScoreReason
Maintained🟢 93 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 9
Dangerous-Workflow⚠️ -1no workflows found
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ -1No tokens found
Code-Review⚠️ 2Found 3/14 approved changesets -- score normalized to 2
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ -1no dependencies found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/spotify-audio-element 1.0.3 UnknownUnknown
npm/tiktok-video-element 0.1.1 UnknownUnknown
npm/twitch-video-element 0.1.4 UnknownUnknown
npm/vimeo-video-element 1.5.5 UnknownUnknown
npm/wistia-video-element 1.3.4 UnknownUnknown
npm/youtube-video-element 1.6.2 UnknownUnknown

Scanned Files

  • website/package.json
  • website/yarn.lock

@codecov Codecov
Copy link

codecov bot commented Jul 31, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.76%. Comparing base (2950617) to head (b931494).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1131   +/-   ##
=======================================
  Coverage   82.76%   82.76%           
=======================================
  Files          66       66           
  Lines        2780     2780           
  Branches      332      332           
=======================================
  Hits         2301     2301           
  Misses        431      431           
  Partials       48       48

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate renovate bot force-pushed the renovate/website-manager branch 6 times, most recently from d98a715 to 3245afe Compare August 7, 2025 08:44
@renovate renovate bot force-pushed the renovate/website-manager branch 2 times, most recently from e079605 to 3b1370a Compare August 12, 2025 12:50
@renovate renovate bot force-pushed the renovate/website-manager branch 8 times, most recently from b43728e to f4efd0f Compare August 22, 2025 23:08
@renovate renovate bot force-pushed the renovate/website-manager branch 3 times, most recently from 1392680 to cb7b528 Compare August 28, 2025 12:24
@renovate renovate bot force-pushed the renovate/website-manager branch from 92a45f2 to b931494 Compare August 29, 2025 16:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants