[Snyk] Upgrade sharp from 0.30.6 to 0.33.0 #1508

filiptronicek · 2023-12-23T14:43:21Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade sharp from 0.30.6 to 0.33.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 22 versions ahead of your current version.
The recommended version was released 24 days ago, on 2023-11-29.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Heap-based Buffer Overflow SNYK-JS-SHARP-5922108	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Mature

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade sharp from 0.30.6 to 0.33.0. See this package in npm: See this project in Snyk: https://app.snyk.io/org/interclip/project/326c8dbc-f3b8-46f4-a8b5-df6e63dc8d4b?utm_source=github&utm_medium=referral&page=upgrade-pr

github-actions · 2023-12-23T14:43:35Z

`yarn.lock` changes

Summary

Status	Count
	20
	4
	1
	23

Click to toggle table visibility

Name	Previous	Current
`@emnapi/runtime`	-	0.44.0
`@img/sharp-darwin-arm64`	-	0.33.1
`@img/sharp-darwin-x64`	-	0.33.1
`@img/sharp-libvips-darwin-arm64`	-	1.0.0
`@img/sharp-libvips-darwin-x64`	-	1.0.0
`@img/sharp-libvips-linux-arm`	-	1.0.0
`@img/sharp-libvips-linux-arm64`	-	1.0.0
`@img/sharp-libvips-linux-s390x`	-	1.0.0
`@img/sharp-libvips-linux-x64`	-	1.0.0
`@img/sharp-libvips-linuxmusl-arm64`	-	1.0.0
`@img/sharp-libvips-linuxmusl-x64`	-	1.0.0
`@img/sharp-linux-arm`	-	0.33.1
`@img/sharp-linux-arm64`	-	0.33.1
`@img/sharp-linux-s390x`	-	0.33.1
`@img/sharp-linux-x64`	-	0.33.1
`@img/sharp-linuxmusl-arm64`	-	0.33.1
`@img/sharp-linuxmusl-x64`	-	0.33.1
`@img/sharp-wasm32`	-	0.33.1
`@img/sharp-win32-ia32`	-	0.33.1
`@img/sharp-win32-x64`	-	0.33.1
`aproba`	1.2.0	-
`are-we-there-yet`	1.1.7	-
`code-point-at`	1.1.0	-
`console-control-strings`	1.1.0	-
`deep-extend`	0.6.0	-
`delegates`	1.0.0	-
`detect-libc`	2.0.1	2.0.2
`expand-template`	2.0.3	-
`fs-constants`	1.0.0	-
`gauge`	2.7.4	-
`github-from-package`	0.0.0	-
`has-unicode`	2.0.1	-
`ini`	1.3.8	-
`napi-build-utils`	1.0.2	-
`node-abi`	3.5.0	-
`node-addon-api`	5.0.0	2.0.2
`npmlog`	4.1.2	-
`number-is-nan`	1.0.1	-
`prebuild-install`	7.1.0	-
`process-nextick-args`	2.0.1	-
`rc`	1.2.8	-
`semver`	7.3.7	7.5.4
`set-blocking`	2.0.0	-
`sharp`	0.30.6	0.33.1
`string_decoder`	1.1.1	1.3.0
`tar-fs`	2.1.1	-
`tar-stream`	2.2.0	-
`wide-align`	1.1.5	-

vercel bot had a problem deploying to Preview December 23, 2023 14:44 Failure

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade sharp from 0.30.6 to 0.33.0 #1508

[Snyk] Upgrade sharp from 0.30.6 to 0.33.0 #1508

filiptronicek commented Dec 23, 2023

github-actions bot commented Dec 23, 2023

[Snyk] Upgrade sharp from 0.30.6 to 0.33.0 #1508

Are you sure you want to change the base?

[Snyk] Upgrade sharp from 0.30.6 to 0.33.0 #1508

Conversation

filiptronicek commented Dec 23, 2023

Snyk has created this PR to upgrade sharp from 0.30.6 to 0.33.0.

github-actions bot commented Dec 23, 2023

yarn.lock changes

Summary

`yarn.lock` changes