Skip to content

Comments

Bump sharp from 0.28.3 to 0.30.5#424

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/sharp-0.30.5
Closed

Bump sharp from 0.28.3 to 0.30.5#424
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/sharp-0.30.5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 24, 2022

Bumps sharp from 0.28.3 to 0.30.5.

Changelog

Sourced from sharp's changelog.

v0.30.5 - 23rd May 2022

v0.30.4 - 18th April 2022

  • Increase control over sensitivity to invalid images via failOn, deprecate failOnError (equivalent to failOn: 'warning').

  • Ensure create input image has correct bit depth and colour space. #3139

  • Add support for TypedArray input with byteOffset and length. #3146 @​codepage949

  • Improve error message when attempting to render SVG input greater than 32767x32767. #3167

  • Add missing file name to 'Input file is missing' error message. #3178 @​Brodan

v0.30.3 - 14th March 2022

  • Allow sharpen options to be provided more consistently as an Object. #2561

  • Expose x1, y2 and y3 parameters of sharpen operation. #2935

  • Prevent double unpremultiply with some composite blend modes (regression in 0.30.2). #3118

v0.30.2 - 2nd March 2022

  • Improve performance and accuracy when compositing multiple images. #2286

  • Expand pkgconfig search path for wider BSD support. #3106

... (truncated)

Commits
  • db654de Release v0.30.5
  • a6aeef6 Install: pass PKG_CONFIG_PATH via env rather than substitution
  • 7bf6cbd Docs: correct links to libvips documentation
  • 04c31b3 Install: warn about filesystem owner running npm v8+ as root
  • ee9cdb6 Bump deps
  • 8960eb8 Docs: changelog entry for #3218
  • 54d9dc4 Fix rotate-then-extract for EXIF orientation 2 (#3218)
  • 51b4a7c Add support for --libc flag to improve cross-platform install (#3160)
  • 5b03579 Docs: more details about concurrency, parallelism, threads
  • 58c2af3 Docs: improve output format info for toBuffer
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump sharp from 0.28.3 to 0.30.5
613a07e 
Bumps [sharp](https://github.com/lovell/sharp) from 0.28.3 to 0.30.5.
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md)
- [Commits](lovell/sharp@v0.28.3...v0.30.5)

---
updated-dependencies:
- dependency-name: sharp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 24, 2022
@dependabot dependabot bot requested a review from canyener May 24, 2022 03:01
@dependabot dependabot bot mentioned this pull request May 24, 2022
Closed
@sonarqubecloud
Copy link

sonarqubecloud bot commented May 24, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github May 31, 2022

Superseded by #425.

@dependabot dependabot bot closed this May 31, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/sharp-0.30.5 branch May 31, 2022 03:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@canyener canyener Awaiting requested review from canyener

Assignees

@canyener canyener

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@canyener