Chore(deps): bump the swift-dependencies group with 3 updates

[dependabot]

Bumps the swift-dependencies group with 3 updates: github.com/airbnb/lottie-spm, github.com/fingerprintjs/fingerprintjs-ios and github.com/getsentry/sentry-cocoa.

Updates github.com/airbnb/lottie-spm from 4.5.2 to 4.6.0

Release notes

Sourced from github.com/airbnb/lottie-spm's releases.

4.6.0

What's Changed

• Handle task cancellation when loading animation by @​mihai8804858 in airbnb/lottie-ios#2595
• Invoke animationDidLoad on next run loop by @​miguel-jimenez-0529 in airbnb/lottie-ios#2603
• Fix: isAnimationPlaying is false when backgroundBehavior is continuePlaying by @​sunnysideupdowntown in airbnb/lottie-ios#2598
• Division by zero in LottieAnimationHelpers causes crash by @​afrederick1 in airbnb/lottie-ios#2599
• Add LottieURLSession protocol to allow disabling network requests by @​jqsilver in airbnb/lottie-ios#2627
• Dynamic Text Color & Stroke Support by @​ciss1995 in airbnb/lottie-ios#2633

Version Compatibility

Lottie now requires Xcode 16 / Swift 6.0 or later. Our version support policy is that Lottie supports the minimum version that is permitted by Apple for submissions to the App Store.

Full Changelog: airbnb/lottie-ios@4.5.2...4.6.0

Commits

• 69faaef Update binary XCFramework to Lottie 4.6.0 (#31)
• See full diff in compare view

Updates github.com/fingerprintjs/fingerprintjs-ios from 1.6.0 to 1.7.0

Release notes

Sourced from github.com/fingerprintjs/fingerprintjs-ios's releases.

1.7.0

What's changed

• Added batteryLevel and isLowPowerModeEnabled signals.

[!NOTE] batteryLevel is available on iOS only, i.e. tvOS is not supported.

Full Changelog: 1.6.0...1.7.0

Commits

• f31f75d Merge pull request #59 from fingerprintjs/update-pod-version
• d370797 Podspec version 1.7.0
• a81e851 Merge pull request #58 from fingerprintjs/add-battery-level-and-low-power-mode
• 10041ad Add battery level and whether low power mode is enabled to DeviceInfo
• See full diff in compare view

Updates github.com/getsentry/sentry-cocoa from 8.57.0 to 9.10.0

Release notes

Sourced from github.com/getsentry/sentry-cocoa's releases.

9.10.0

Features

• Prevent cross-organization trace continuation (#7705)
  • By default, the SDK now extracts the organization ID from the DSN (e.g. o123.ingest.sentry.io) and compares it with the sentry-org_id value in incoming baggage headers. When the two differ, the SDK starts a fresh trace instead of continuing the foreign one. This guards against accidentally linking traces across organizations.
  • New option strictTraceContinuation (default false): when enabled, both the SDK's org ID and the incoming baggage org ID must be present and match for a trace to be continued. Traces with a missing org ID on either side are rejected.
  • New option orgId: allows explicitly setting the organization ID for self-hosted and Relay setups where it cannot be extracted from the DSN.

Fixes

• Scope clipOut masking to active clip bounds (#7780)
• Fix AOT interop with managed .NET runtimes (#6193)

9.9.0

Features

• Add attachAllThreads option to SentryOptions to attach full stack traces for all threads to captured events (#7764)
• Add per-call attachAllThreads parameter to capture(event:), capture(error:), capture(exception:), and capture(message:) to override the global option for specific calls (#7767)

Improvements

• Align app lifecycle breadcrumb state values with in_foreground/is_active app context (#7703)
  • Breaking: Update any beforeBreadcrumb filters or dashboard queries matching on the old state values:
    • iOS/tvOS/visionOS
      • didBecomeActive state changed from foreground to active
    • macOS
      • didBecomeActive state changed from foreground to active
      • willResignActive state changed from background to inactive

Fixes

• Copy incoming tags dict to prevent crash (#7763)
• Per-instance unmaskView propagates to child views (#7733)
  • Warning: If you relied on children of an unmasked view still being individually redacted, verify your Session Replay redaction after updating. An explicit maskView(_:) on a descendant still takes precedence.
• Move SessionTracker file I/O off the main thread (#7704)

9.8.0

Features

• Add SentrySDK.lastRunStatus to distinguish unknown, no-crash and crash (#7469)

Fixes

• Make SentryBreadcrumb thread-safe to prevent crashes in addBreadcrumb (#7665)

9.7.0

Features

• Show feedback form on device shake (#7579)
  • Enable via config.useShakeGesture = true in SentryUserFeedbackConfiguration

... (truncated)

Commits

• 3a22ecd release: 9.10.0
• 9f9a858 fix: AOT interop with managed .NET runtimes (#6193)
• bab8d5e chore(deps): bump addressable from 2.8.9 to 2.9.0 (#7783)
• 58ed80b chore(deps): Update clang-format version (#7782)
• 2f28877 fix(replay): Scope clipOut masking to active clip bounds (#7780)
• 4c2c80d feat: Implement strict trace continuation (#7705)
• a47ad66 chore(deps): bump mikepenz/action-junit-report from 6.3.1 to 6.4.0 (#7773)
• 506a1b6 chore(deps): bump ruby/setup-ruby from 1.298.0 to 1.299.0 (#7772)
• 2a92b24 chore(deps): bump fastlane-plugin-sentry from 2.5.0 to 2.5.1 (#7771)
• b3846b7 Merge branch 'release/9.9.0'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

🔍 Semgrep Security Scan Results

✅ No security findings detected by p/security-audit ruleset.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml