Bump sharp and @11ty/eleventy-img #72

dependabot · 2024-05-05T02:31:03Z

Bumps sharp to 0.33.3 and updates ancestor dependency @11ty/eleventy-img. These dependencies need to be updated together.

Updates sharp from 0.30.7 to 0.33.3

Changelog

Sourced from sharp's changelog.

v0.33.3 - 23rd March 2024

Upgrade to libvips v8.15.2 for upstream bug fixes.

Ensure keepIccProfile retains P3 and CMYK input profiles. #3906 #4008

Ensure text.wrap property can accept word-char as value. #4028 @yolopunk

Ensure clone takes a deep copy of existing options. #4029

Add bitdepth option to heif output (prebuilt binaries support 8-bit only). #4036 @mertalev

v0.33.2 - 12th January 2024

Upgrade to libvips v8.15.1 for upstream bug fixes.

TypeScript: add definition for keepMetadata. #3914 @abhi0498

Ensure extend operation stays sequential when copying (regression in 0.32.0). #3928

Improve error handling for unsupported multi-page rotation. #3940

v0.33.1 - 17th December 2023

Add support for Yarn Plug'n'Play filesystem layout. #3888

Emit warning when attempting to use invalid ICC profiles. #3895

Ensure VIPS_NOVECTOR environment variable is respected. #3897 @icetee

v0.33.0 - 29th November 2023

Drop support for Node.js 14 and 16, now requires Node.js ^18.17.0 or >= 20.3.0

Prebuilt binaries distributed via npm registry and installed via package manager.

... (truncated)

Commits

55466f1 Release v0.33.3
ede8217 Prerelease v0.33.3-rc.0
2689fb4 Bump deps
eaf31a5 Docs: changelog and credit for #4036
aa1bbcb Guard heif bitdepth property for prebuilt binaries
3c26080 Add bitdepth option to heif output (#4036)
dc07fd4 Upgrade to libvips v8.15.2
7bc74fe Ensure clone takes deep copy of options #4029
c5f318e Docs: add changelog and credit for #4028
8fbb1cd Ensure text.wrap property can accept word-char as value (#4028)
Additional commits viewable in compare view

Updates @11ty/eleventy-img from 1.1.0 to 4.0.2

Release notes

Sourced from @11ty/eleventy-img's releases.

Eleventy Image v4.0.0

Full Milestone: https://github.com/11ty/eleventy-img/milestone/20?closed=1 Full Changelog: 11ty/eleventy-img@v3.1.8...v4.0.0

Install / Upgrade
npm install @11ty/eleventy-img@latest
What's Changed

BREAKING Node.js minimum is now 18+.

Adds fixOrientation option (default: false) to rotate images to ensure correct orientation by @nosecreek in 11ty/eleventy-img#158

Adds minimumThreshold (default: 1.25) option to ensure original size is included if smaller than largest specified width by threshold amount, help from @JaredReisinger in 11ty/eleventy-img#190

Adds new Eleventy Transform plugin (compatible with Eleventy v3.0.0-alpha.5 or newer) for zero-configuration image optimization #208

Fix incorrectly large reported height for animated gifs by @Gyanreyer in 11ty/eleventy-img#182

Make gif eligible for lowest priority source by @GHF in 11ty/eleventy-img#195

Bake input orientation into output image by @GHF in 11ty/eleventy-img#194

Use srcset and sizes on img element in picture by @adamwolf in 11ty/eleventy-img#191

Create directories on demand when writing images to disk by @danburzo in 11ty/eleventy-img#176

New Contributors

@Gyanreyer

@nosecreek

@GHF

@adamwolf

@JaredReisinger

@danburzo

Eleventy Image v3.1.8: svgShortCircuit: "size"

Full Changelog: 11ty/eleventy-img@v3.1.0...v3.1.8

Adds support for the new svgShortCircuit: "size" option (with svgCompressionSize: "br" to use Brotli compressed sizes for comparison).

Read more: Eleventy Image: Options for SVG

Eleventy Image v3.1.1: sharp upgrade

Full Changelog: 11ty/eleventy-img@v3.1.0...v3.1.1 Milestone: https://github.com/11ty/eleventy-img/milestone/19?closed=1

🚨 Important if you’re using this package with untrusted images. Upgrades sharp version for libwebp vulnerability fix, see lovell/sharp#3798

Read way more detail on the WebP 0-day.

Eleventy Image v3.1.0: WebC component, sharp upgrade

Full Changelog: 11ty/eleventy-img@v3.0.0...v3.1.0 Milestone: https://github.com/11ty/eleventy-img/milestone/18?closed=1

Release Notes

Adds <eleventy-image> WebC component, now on the docs: https://www.11ty.dev/docs/plugins/image/#webc

... (truncated)

Commits

d9723c5 CI
3443ed6 Upgrade eslint
0dcdc9f Eslint fixes
ee44866 v4.0.2
3327556 Explicit require target
4c62cfc Small refactor
d29b521 v4.0.1
9ed57b7 Fix issue with default attributes removed after use. #208
e89e0c1 Breaking: bump Node minimum to 18. Fixes #209
4b1f4b0 Revert "Downgrade ava to 5.x temporarily so we don’t have to change the Node ...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [sharp](https://github.com/lovell/sharp) to 0.33.3 and updates ancestor dependency [@11ty/eleventy-img](https://github.com/11ty/eleventy-img). These dependencies need to be updated together. Updates `sharp` from 0.30.7 to 0.33.3 - [Release notes](https://github.com/lovell/sharp/releases) - [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md) - [Commits](lovell/sharp@v0.30.7...v0.33.3) Updates `@11ty/eleventy-img` from 1.1.0 to 4.0.2 - [Release notes](https://github.com/11ty/eleventy-img/releases) - [Commits](11ty/eleventy-img@v1.1.0...v4.0.2) --- updated-dependencies: - dependency-name: sharp dependency-type: indirect - dependency-name: "@11ty/eleventy-img" dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label May 5, 2024

afnizarnur merged commit e05113d into main May 5, 2024

afnizarnur deleted the dependabot/npm_and_yarn/multi-f2a6e69e61 branch May 5, 2024 02:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump sharp and @11ty/eleventy-img #72

Bump sharp and @11ty/eleventy-img #72

dependabot bot commented on behalf of github May 5, 2024

Bump sharp and @11ty/eleventy-img #72

Bump sharp and @11ty/eleventy-img #72

Conversation

dependabot bot commented on behalf of github May 5, 2024

v0.33.3 - 23rd March 2024

v0.33.2 - 12th January 2024

v0.33.1 - 17th December 2023

v0.33.0 - 29th November 2023

Eleventy Image v4.0.0

Install / Upgrade

What's Changed

New Contributors

Eleventy Image v3.1.8: svgShortCircuit: "size"

Eleventy Image v3.1.1: sharp upgrade

Eleventy Image v3.1.0: WebC component, sharp upgrade

Release Notes

Eleventy Image v3.1.8: `svgShortCircuit: "size"`

Eleventy Image v3.1.1: `sharp` upgrade

Eleventy Image v3.1.0: WebC component, `sharp` upgrade