Belated release notes, apologies.
Added linting support for WEBP
This release adds linting support for the WEBP format. image-lint has always been able to detect WEBP images but was not able to read the metadata to determine dimensions of the file. This has changed with this release, and image-lint now supports all checks.
Detect files with the aCropalypse vulnerability.
During the development of this release a vulnerability was discovered in the Markup app on Pixel phones (CVE-2023-21036) and a similar issue in the Windows 11 Snip & Sketch program (CVE-2023-28303) where cropped out portions of an image could be recovered.
image-lint can now detect images that have this vulnerability and will give the error "This file contains extra data at the end of the file." You can fix the image by opening and saving it in a graphics program.
Added validation for file type
Previous to v3.1.0 image-lint had only linted well supported formats, but with the addition of AVIF, JXL and now WEBP it became apparent that not everyone would want to use them right away. So in this version of image-lint you can configure a list of allowed file formats and the warning "The file type of the image is [ extension ]. It must be one of [ allowed extensions ]" will be issued.
Major dependency updates
- Bump puppeteer version to v22.12.1