Open snyk-bot opened 2 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-ANSIREGEX-1583908
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: sharp
The new version differs by 250 commits.- 1ff84b2 Release v0.29.3
- 97655d2 Bump deps
- d10d7b0 Docs: remove duplicate entry for mbklein (#2971)
- 2ffdae2 Docs: changelog and credit for #2952
- 342de36 Impute TIFF xres/yres from withMetadata({density})
- b33231d Ensure correct dimensions when contain 1px image #2951
- 319db21 Release v0.29.2
- d359331 Remove animation props from single page images #2890
- 7ae1513 Bump devDeps
- 648a1e0 Throw error rather than exit for invalid binaries #2931
- b9f211f Docs: changelog for #2918
- e475d9e Improve error message on Windows for version conflict (#2918)
- f37ca82 Bump deps
- 1dd4be6 Add timeout function to limit processing time
- 197d4cf Docs: changelog and credit for #2893
- 83eed86 Docs: clarify prebuilt libc support on ARMv6/v7
- bbf612c Replace use of deprecated util.inherits
- 2679bb5 Allow use of 'tif' to select TIFF output (#2893)
- 481e350 Ensure 'versions' is populated from vendored libvips
- 50c7a08 Release v0.29.1
- 9a0bb60 Bump deps
- deb5d81 Docs: changelog entries for #2878 #2879
- 916b04d Allow using speed 9 for AVIF/HEIC encoding (#2879)
- 52307fa Resolve paths before comparing input/output destination (#2878)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.