[GHSA-x565-32qp-m3vf] Bump jimp to remove phin dependency

[AMoo-Miki]

[GHSA-x565-32qp-m3vf] Bump jimp to remove phin dependency

jimp@0.22.0 removed all the code that used phin.

load-bmfont, a nested dependency of jimp imports phin but that is a functionality we don't use as we don't import AngleCode bitmap fonts. With an arbitrarily bump of phin, this commit avoids including an offending version in the dev-deps.

Changelog

Check List

• All tests pass
  • yarn test:jest
  • yarn test:jest_integration
• New functionality includes testing.
• New functionality has been documented.
• Update CHANGELOG.md
• Commits are signed per the DCO using --signoff

[github-actions]

ℹ️ Manual Changeset Creation Reminder

Please ensure manual commit for changeset file 6977.yml under folder changelogs/fragments to complete this PR.

If you want to use the available OpenSearch Changeset Bot App to avoid manual creation of changeset file you can install it in your forked repository following this link.

For more information about formatting of changeset files, please visit OpenSearch Auto Changeset and Release Notes Tool.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 67.45%. Comparing base (7eaab64) to head (cf4d4ff).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #6977   +/-   ##
=======================================
  Coverage   67.44%   67.45%           
=======================================
  Files        3442     3442           
  Lines       67816    67816           
  Branches    11027    11027           
=======================================
+ Hits        45740    45742    +2     
+ Misses      19409    19408    -1     
+ Partials     2667     2666    -1     

Flag	Coverage Δ
Linux_1	33.08% <ø> (ø)
Linux_2	55.11% <ø> (ø)
Linux_3	45.20% <ø> (+<0.01%)	⬆️
Linux_4	34.86% <ø> (ø)
Windows_1	33.10% <ø> (ø)
Windows_2	55.06% <ø> (ø)
Windows_3	45.21% <ø> (ø)
Windows_4	34.86% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[ananzh]

jimp 0.22.12 is still using phin 2.9.1 right? 😃

[virajsanghvi]

jimp 0.22.12 is still using phin 2.9.1 right? 😃

Does look like it:

└─ jimp@0.22.12
  ├─ @jimp/plugins@0.22.12
   │  ├─ @jimp/plugin-print@0.22.12
   │  │  ├─ load-bmfont@1.4.1
   │  │  │  ├─ phin@2.9.3

[AMoo-Miki]

jimp@0.22.0 removed all the code that used phin.

load-bmfont, a nested dependency of jimp imports phin but that is a functionality we don't use as we don't import AngleCode bitmap fonts. I will just arbitrarily bump phin to not include an offending version down our dev-deps.

[ananzh]

a nested dependency of jimp imports phin but that is a functionality we don't use as we don't import AngleCode bitmap fonts. I will just arbitra

Cool.

[opensearch-trigger-bot]

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch-Dashboards/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch-Dashboards/backport-2.x
# Create a new branch
git switch --create backport/backport-6977-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 54cd2d0f920fc25210339bd66256235a32ef6cce
# Push it to GitHub
git push --set-upstream origin backport/backport-6977-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch-Dashboards/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-6977-to-2.x.