Closed dependabot[bot] closed 1 year ago
coveralls
commented
1 year ago Coverage remained the same at 92.929% when pulling 31b21514e42a7dde365ace4af79651fa63168884 on dependabot/npm_and_yarn/jpeg-js-and-jimp/jpeg-0.4.4 into dd4fdd967dd93f0a1bc6ceb76735be5215a3ce59 on main.
codeclimate[bot]
commented
1 year ago Code Climate has analyzed commit 31b21514 and detected 0 issues on this pull request.
The test coverage on the diff in this pull request is 100.0% (50% is the threshold).
This pull request will bring the total coverage in the repository to 97.3% (0.0% change).
View more on Code Climate.
Bumps jpeg-js and @jimp/jpeg. These dependencies needed to be updated together. Updates
jpeg-jsfrom 0.4.2 to 0.4.4Release notes
Sourced from jpeg-js's releases.
Commits
9ccd35ffix: validate sampling factors (#106)b58cc11fix(decoder): rethrow a more helpful error if Buffer is undefined (#93)2c90858chore(deps): bump y18n from 4.0.0 to 4.0.3 (#98)fd73289chore(deps): bump ws from 7.2.3 to 7.4.6 (#91)9449a8bchore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#90)ffdc4a4chore(deps): bump lodash from 4.17.15 to 4.17.21 (#89)13e1ffafeat: add comment tag encoding (#87)417e8e2chore(ci): migrate to github actions (#86)a2d7ed9fix: handle 0x00E1 / 0x00E0 segments from Pixel phones (#84)Updates
@jimp/jpegfrom 0.16.1 to 0.16.2Release notes
Sourced from
@jimp/jpeg's releases.Changelog
Sourced from
@jimp/jpeg's changelog.Commits
e4d6af0Bump version to: v0.16.2 [skip ci]29ac957Update CHANGELOG.md [skip ci]dad05faBump jpeg-js over 0.4.4 to avoid cve-2022-25851 (#1093)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/victorperin/qr-scanner-cli/network/alerts).