Skip to content

Commit

Permalink
chore: upgrade @jimp to v0.22 for security
Browse files Browse the repository at this point in the history
@jimp v0.16 has an open [security vulnerability](GHSA-x565-32qp-m3vf)
due to the usage of a dependency "phin". Upgrading to v0.22 will remove that dependency
  • Loading branch information
colingm committed Dec 17, 2024
1 parent 87c3006 commit 63514bf
Show file tree
Hide file tree
Showing 2 changed files with 91 additions and 226 deletions.
6 changes: 3 additions & 3 deletions packages/vibrant-image-node/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,9 @@
"homepage": "https://github.com/akfish/node-vibrant",
"license": "MIT",
"dependencies": {
"@jimp/custom": "^0.16.1",
"@jimp/plugin-resize": "^0.16.1",
"@jimp/types": "^0.16.1",
"@jimp/custom": "^0.22.12",
"@jimp/plugin-resize": "^0.22.12",
"@jimp/types": "^0.22.12",
"@vibrant/image": "^4.0.0-alpha.4"
},
"devDependencies": {
Expand Down
Loading

0 comments on commit 63514bf

Please sign in to comment.