flutter/lottie-flutter
1
0
Fork 0
mirror of https://github.com/xvrh/lottie-flutter.git synced 2025-08-06 16:39:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: flutter:v3.1.2
Branches Tags
flutter:master flutter:dependabot/github_actions/codecov/codecov-action-5.4.0 flutter:xha/cache flutter:xha/update_goldens flutter:xha/text_transform flutter:xha/example_splash flutter:xha/tests flutter:fix_github flutter:update-goldens-with-linux flutter:error_builder flutter:expression flutter:gh-pages
flutter:v3.3.1 flutter:v3.3.0 flutter:v3.2.0 flutter:v3.1.3 flutter:v3.1.2 flutter:v3.1.1 flutter:v3.1.0 flutter:v3.0.0 flutter:v3.0.0-alpha.4 flutter:v3.0.0-alpha.3 flutter:v3.0.0-alpha.2 flutter:v3.0.0-alpha.1 flutter:v2.7.0 flutter:v2.6.0 flutter:v2.5.0 flutter:v2.4.0 flutter:v2.3.2 flutter:v2.3.1 flutter:v2.3.0 flutter:v2.2.0 flutter:v2.1.0 flutter:v2.0.0 flutter:v1.4.3 flutter:v1.4.2 flutter:v1.4.1 flutter:v1.4.0 flutter:v1.3.0 flutter:v1.2.2 flutter:v1.2.1 flutter:v1.2.0 flutter:v1.1.0 flutter:v1.0.1 flutter:v1.0.0 flutter:v0.8.0-nullsafety.4 flutter:v0.8.0-nullsafety.3 flutter:v0.8.0-nullsafety.2 flutter:v0.8.0-nullsafety.1 flutter:v0.8.0-nullsafety.0 flutter:v0.7.0+1 flutter:v0.7.0 flutter:v0.6.0 flutter:v0.5.1 flutter:v0.5.0 flutter:v0.4.1 flutter:v0.4.0+1 flutter:v0.4.0 flutter:v0.3.6 flutter:v0.3.5 flutter:v0.3.4 flutter:v0.3.3 flutter:v0.3.2 flutter:v0.3.1 flutter:v0.3.0+1 flutter:v0.3.0 flutter:v0.2.2 flutter:v0.2.1 flutter:v0.2.0+1
...
compare: flutter:v3.1.3
Branches Tags
flutter:master flutter:dependabot/github_actions/codecov/codecov-action-5.4.0 flutter:xha/cache flutter:xha/update_goldens flutter:xha/text_transform flutter:xha/example_splash flutter:xha/tests flutter:fix_github flutter:update-goldens-with-linux flutter:error_builder flutter:expression flutter:gh-pages
flutter:v3.3.1 flutter:v3.3.0 flutter:v3.2.0 flutter:v3.1.3 flutter:v3.1.2 flutter:v3.1.1 flutter:v3.1.0 flutter:v3.0.0 flutter:v3.0.0-alpha.4 flutter:v3.0.0-alpha.3 flutter:v3.0.0-alpha.2 flutter:v3.0.0-alpha.1 flutter:v2.7.0 flutter:v2.6.0 flutter:v2.5.0 flutter:v2.4.0 flutter:v2.3.2 flutter:v2.3.1 flutter:v2.3.0 flutter:v2.2.0 flutter:v2.1.0 flutter:v2.0.0 flutter:v1.4.3 flutter:v1.4.2 flutter:v1.4.1 flutter:v1.4.0 flutter:v1.3.0 flutter:v1.2.2 flutter:v1.2.1 flutter:v1.2.0 flutter:v1.1.0 flutter:v1.0.1 flutter:v1.0.0 flutter:v0.8.0-nullsafety.4 flutter:v0.8.0-nullsafety.3 flutter:v0.8.0-nullsafety.2 flutter:v0.8.0-nullsafety.1 flutter:v0.8.0-nullsafety.0 flutter:v0.7.0+1 flutter:v0.7.0 flutter:v0.6.0 flutter:v0.5.1 flutter:v0.5.0 flutter:v0.4.1 flutter:v0.4.0+1 flutter:v0.4.0 flutter:v0.3.6 flutter:v0.3.5 flutter:v0.3.4 flutter:v0.3.3 flutter:v0.3.2 flutter:v0.3.1 flutter:v0.3.0+1 flutter:v0.3.0 flutter:v0.2.2 flutter:v0.2.1 flutter:v0.2.0+1

4 Commits
v3.1.2 ... v3.1.3

Author SHA1 Message Date
Xavier Hainaux
a2e40ecd08 Bump version 2024-10-14 11:10:40 +02:00
Juan Aymerich
5a725a064e Update Archive Dependency to Fix Path Traversal Vulnerability (#379) 
This pull request updates the version of the Archive dependency to
eliminate a security vulnerability related to path traversal. The new
version of the library includes fixes that prevent the exploitation of
this vulnerability, ensuring that input paths are handled securely.
Please review the update and let me know if any further adjustments are
needed.

For more information about this vulnerability, you can refer:
- https://github.com/advisories/GHSA-9v85-q87q-g4vg
- https://osv.dev/vulnerability/GHSA-9v85-q87q-g4vg

Thank you for your consideration!

Co-authored-by: Juan <jaymerich93@gmail.com>
 2024-10-09 17:04:59 +02:00
dependabot[bot]
8302c4b7e6 Bump codecov/codecov-action from 4.4.0 to 4.5.0 (#362) 2024-06-17 09:04:30 +02:00
dependabot[bot]
029cee4f0a Bump codecov/codecov-action from 4.3.1 to 4.4.0 (#352) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
4.3.1 to 4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: Clarify isPullRequestFromFork by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1411">codecov/codecov-action#1411</a></li>
<li>build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1423">codecov/codecov-action#1423</a></li>
<li>build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1421">codecov/codecov-action#1421</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1420">codecov/codecov-action#1420</a></li>
<li>feat: remove GPG and run on spawn by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1426">codecov/codecov-action#1426</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
7.8.0 to 7.9.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1428">codecov/codecov-action#1428</a></li>
<li>chore(release): 4.4.0 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1430">codecov/codecov-action#1430</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0">https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6d798873df"><code>6d79887</code></a>
chore(release): 4.4.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1430">#1430</a>)</li>
<li><a
href="37364fa731"><code>37364fa</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.8.0
to 7.9.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1428">#1428</a>)</li>
<li><a
href="2791a5c4fe"><code>2791a5c</code></a>
fix: remove GPG and run on spawn (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1426">#1426</a>)</li>
<li><a
href="b71af43c1e"><code>b71af43</code></a>
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1420">#1420</a>)</li>
<li><a
href="29f97fc54f"><code>29f97fc</code></a>
build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1421">#1421</a>)</li>
<li><a
href="645d2a5926"><code>645d2a5</code></a>
build(deps): bump actions/checkout from 4.1.4 to 4.1.5 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1423">#1423</a>)</li>
<li><a
href="f691d469fb"><code>f691d46</code></a>
chore: Clarify isPullRequestFromFork (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1411">#1411</a>)</li>
<li>See full diff in <a
href="https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.3.1&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-20 14:43:31 +02:00
3 changed files with 6 additions and 3 deletions
Expand all files Collapse all files

2
.github/workflows/coverage.yaml vendored
View File

@ -17,6 +17,6 @@ jobs:
- run: flutter test --coverage - run: flutter test --coverage
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v4.3.1 uses: codecov/codecov-action@v4.5.0
with: with:
token: ${{ secrets.CODECOV_TOKEN }} token: ${{ secrets.CODECOV_TOKEN }}

3
CHANGELOG.md
View File

@ -1,3 +1,6 @@
## 3.1.3
- Update `package:archive` dependency constraints
## 3.1.2 ## 3.1.2
- Fixes for some animations generated by lottiefiles.com - Fixes for some animations generated by lottiefiles.com

4
pubspec.yaml
View File

@ -1,6 +1,6 @@
name: lottie name: lottie
description: Render After Effects animations natively on Flutter. This package is a pure Dart implementation of a Lottie player. description: Render After Effects animations natively on Flutter. This package is a pure Dart implementation of a Lottie player.
version: 3.1.2 version: 3.1.3
repository: https://github.com/xvrh/lottie-flutter repository: https://github.com/xvrh/lottie-flutter
funding: funding:
@ -12,7 +12,7 @@ environment:
flutter: '>=3.16.0' flutter: '>=3.16.0'
dependencies: dependencies:
archive: ^3.0.0 archive: ^3.3.8
flutter: flutter:
sdk: flutter sdk: flutter
http: ^1.0.0 http: ^1.0.0