Skip to content

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 10, 2025

This PR contains the following updates:

Package Change Age Confidence
sharp (source, changelog) 0.34.2 -> 0.34.4 age confidence

Release Notes

lovell/sharp (sharp)

v0.34.4

Compare Source

  • Upgrade to libvips v8.17.2 for upstream bug fixes.

  • Ensure TIFF subifd and OpenSlide level input options are respected (regression in 0.34.3).

  • Ensure autoOrient occurs before non-90 angle rotation.
    #​4425

  • Ensure autoOrient removes existing metadata after shrink-on-load.
    #​4431

  • TypeScript: Ensure KernelEnum includes linear.
    #​4441
    @​BayanBennett

  • Ensure unlimited flag is passed upstream when reading TIFF images.
    #​4446

  • Support Electron memory cage when reading XMP metadata (regression in 0.34.3).
    #​4451

  • Add sharp-libvips rpath for yarn v5 support.
    #​4452
    @​arcanis

v0.34.3

Compare Source


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the automerge label Jul 10, 2025
@netlify
Copy link

netlify bot commented Jul 10, 2025

Deploy Preview for documentation-ngl ready!

Name Link
🔨 Latest commit 12764f8
🔍 Latest deploy log https://app.netlify.com/projects/documentation-ngl/deploys/68f7b7768b640e000895f439
😎 Deploy Preview https://deploy-preview-79--documentation-ngl.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@socket-security
Copy link

socket-security bot commented Jul 10, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedsharp@​0.34.2 ⏵ 0.34.492100100 +188100

View full report

@socket-security
Copy link

socket-security bot commented Jul 10, 2025

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Block Medium
[email protected] has Install scripts.

Install script: install

Source: node install/check.js

From: package-lock.jsonnpm/[email protected]

ℹ Read more on: This package | This alert | What is an install script?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@mergeable
Copy link

mergeable bot commented Jul 10, 2025

Thanks for creating a pull request! A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.

@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch from c96d834 to fcb9ce9 Compare August 1, 2025 03:15
@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch from fcb9ce9 to 6d7d5de Compare August 20, 2025 02:07
@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch from 6d7d5de to 55faf5b Compare August 31, 2025 11:19
@renovate renovate bot changed the title Update dependency sharp to v0.34.3 Update dependency sharp to v0.34.4 Sep 19, 2025
@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch 2 times, most recently from c8e3a1c to c926dbe Compare September 25, 2025 20:54
@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch from c926dbe to a2e8d75 Compare October 1, 2025 01:43
@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch from a2e8d75 to e8b1fd9 Compare October 20, 2025 17:55
@renovate renovate bot force-pushed the renovate/sharp-0.x-lockfile branch from e8b1fd9 to 12764f8 Compare October 21, 2025 16:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants