[Snyk] Upgrade @11ty/eleventy-img from 3.1.0 to 3.1.8

[lwojcik]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @11ty/eleventy-img from 3.1.0 to 3.1.8.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **7 versions** ahead of your current version. - The recommended version was released **3 months ago**, on 2023-11-01.

Release notes

Package name: @11ty/eleventy-img

• 3.1.8 - 2023-11-01
  

  Full Changelog: v3.1.0...v3.1.8

  Adds support for the new svgShortCircuit: "size" option (with svgCompressionSize: "br" to use Brotli compressed sizes for comparison).

  Read more: Eleventy Image: Options for SVG

    </li>
    <li>
      <b>3.1.7</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.7">2023-11-01</a></br>No content.
    </li>
    <li>
      <b>3.1.6</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.6">2023-10-27</a></br>No content.
    </li>
    <li>
      <b>3.1.5</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.5">2023-10-26</a></br>No content.
    </li>
    <li>
      <b>3.1.3</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.3">2023-10-26</a></br>No content.
    </li>
    <li>
      <b>3.1.2</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.2">2023-10-26</a></br>No content.
    </li>
    <li>
      <b>3.1.1</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.1">2023-09-22</a></br><p><strong>Full Changelog</strong>: <a class="commit-link" href="https://snyk.io/redirect/github/11ty/eleventy-img/compare/v3.1.0...v3.1.1"><tt>v3.1.0...v3.1.1</tt></a><br>

  Milestone: https://github.com/11ty/eleventy-img/milestone/19?closed=1

  • 🚨 Important if you’re using this package with untrusted images. Upgrades sharp version for libwebp vulnerability fix, see lovell/sharp#3798

  Read way more detail on the WebP 0-day.

    </li>
    <li>
      <b>3.1.0</b> - <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases/tag/v3.1.0">2023-03-29</a></br><p><strong>Full Changelog</strong>: <a class="commit-link" href="https://snyk.io/redirect/github/11ty/eleventy-img/compare/v3.0.0...v3.1.0"><tt>v3.0.0...v3.1.0</tt></a><br>

  Milestone: https://github.com/11ty/eleventy-img/milestone/18?closed=1

  Release Notes

  • Adds <eleventy-image> WebC component, now on the docs: https://www.11ty.dev/docs/plugins/image/#webc
    • Joins the growing list of official Eleventy WebC components: https://www.11ty.dev/docs/languages/webc/#official-webc-components
    • This component requires WebC v0.10.1 or newer.
  • Upgrades sharp to v0.32 #178 https://sharp.pixelplumbing.com/changelog#v032---flow
  • Update minimal Node requirement in readme. by @ solution-loisir in #174

    </li>
  </ul>
  from <a href="https://snyk.io/redirect/github/11ty/eleventy-img/releases">@11ty/eleventy-img GitHub release notes</a>

Commit messages

Package name: @11ty/eleventy-img

• 46fe087 v3.1.8
• 982c33f Missing brotli compression size with cached image.
• 109e029 v3.1.7
• 47b43a4 Option to transform SVG `size` properties to reflect brotli compression sizes
• e2c7219 v3.1.6
• de80434 If the SVG is small enough, don’t use any raster images.
• 1610350 v3.1.5
• b823819 Don’t remove SVG!
• a55f36c v3.1.4
• d6dc01b Improvement replaces large rasters with SVG.
• bc4cc13 v3.1.3
• a65ede7 Do not reorder formats when using svgShortCircuit: "size"
• 579974b v3.1.2
• e621832 Update dep
• db7d4ce Adds svgShortCircuit: "size" option to ignore raster images when they are larger than the SVG.
• a2eb5d0 v3.1.1
• e18647f Add Node 20 to CI
• 9658574 Update deps
• 28f6037 Refactor
• 4230c50 Fix tabs
• 322c281 Adds webc highlighter stuff for github
• 640cafe <eleventy-image> automated tests.

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
eleventy-bliss	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Feb 15, 2024 2:16am