Skip to content

fix(deps): Update dependency sharp to ^0.34.5 #174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): Update dependency sharp to ^0.34.5 #174

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Apr 7, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
sharp (source, changelog) ^0.32.0 -> ^0.34.5 age confidence

Release Notes

lovell/sharp (sharp)

v0.34.5

Compare Source

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag.
    #​4458

  • Add support for BigTIFF output.
    #​4459
    @​throwbi

  • Improve error messaging when only warnings issued.
    #​4465

  • Simplify ICC processing when retaining input profiles.
    #​4468

v0.34.4

Compare Source

  • Upgrade to libvips v8.17.2 for upstream bug fixes.

  • Ensure TIFF subifd and OpenSlide level input options are respected (regression in 0.34.3).

  • Ensure autoOrient occurs before non-90 angle rotation.
    #​4425

  • Ensure autoOrient removes existing metadata after shrink-on-load.
    #​4431

  • TypeScript: Ensure KernelEnum includes linear.
    #​4441
    @​BayanBennett

  • Ensure unlimited flag is passed upstream when reading TIFF images.
    #​4446

  • Support Electron memory cage when reading XMP metadata (regression in 0.34.3).
    #​4451

  • Add sharp-libvips rpath for yarn v5 support.
    #​4452
    @​arcanis

v0.34.3

Compare Source

v0.34.2

Compare Source

v0.34.1

Compare Source

v0.34.0

Compare Source

v0.33.5

Compare Source

v0.33.4

Compare Source

v0.33.3

Compare Source

v0.33.2

Compare Source

v0.33.1

Compare Source

v0.33.0

Compare Source

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate using a curated preset maintained by Sanity. View repository job log here

@renovate renovate bot requested a review from a team as a code owner April 7, 2024 08:51
@renovate renovate bot force-pushed the renovate/sharp-0.x branch 3 times, most recently from 5e9da33 to 9a10846 Compare April 7, 2024 13:58
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 9a10846 to 41deab2 Compare May 30, 2024 09:06
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 41deab2 to 88fab7b Compare April 4, 2025 17:21
@renovate renovate bot changed the title fix(deps): Update dependency sharp to ^0.33.0 fix(deps): Update dependency sharp to ^0.34.0 Apr 4, 2025
@socket-security
Copy link

socket-security bot commented Apr 4, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​sharp@​0.32.6 ⏵ 0.34.592 -5100100 +192100 +31

View full report

@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 88fab7b to e2695f5 Compare May 14, 2025 10:06
@renovate renovate bot changed the title fix(deps): Update dependency sharp to ^0.34.0 fix(deps): Update dependency sharp to ^0.34.1 May 14, 2025
@renovate renovate bot changed the title fix(deps): Update dependency sharp to ^0.34.1 fix(deps): Update dependency sharp to ^0.34.2 May 20, 2025
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from e2695f5 to 34cc59a Compare May 20, 2025 14:58
@renovate renovate bot changed the title fix(deps): Update dependency sharp to ^0.34.2 fix(deps): Update dependency sharp to ^0.34.3 Jul 10, 2025
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 34cc59a to 9a59972 Compare July 10, 2025 10:04
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 9a59972 to 9b07ef2 Compare August 10, 2025 15:47
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 9b07ef2 to b848ebc Compare August 31, 2025 11:40
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from b848ebc to dd9ec6f Compare September 17, 2025 15:40
@renovate renovate bot changed the title fix(deps): Update dependency sharp to ^0.34.3 fix(deps): Update dependency sharp to ^0.34.4 Sep 17, 2025
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from dd9ec6f to 2d0dc64 Compare September 25, 2025 18:09
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 2d0dc64 to c28a6ee Compare October 21, 2025 19:57
@socket-security
Copy link

socket-security bot commented Oct 21, 2025
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn Medium
Install-time scripts: npm sharp during install

Install script: install

Source: node install/check.js || npm run build

From: package-lock.jsonnpm/[email protected]

ℹ Read more on: This package | This alert | What is an install script?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@renovate renovate bot force-pushed the renovate/sharp-0.x branch from c28a6ee to 4ff8041 Compare November 9, 2025 15:40
@renovate renovate bot changed the title fix(deps): Update dependency sharp to ^0.34.4 fix(deps): Update dependency sharp to ^0.34.5 Nov 9, 2025
@renovate renovate bot force-pushed the renovate/sharp-0.x branch from 4ff8041 to f74215f Compare November 18, 2025 23:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

🤖 bot 📦 deps

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants