[Snyk] Upgrade sharp from 0.28.3 to 0.31.0

[snyk-bot]

Snyk has created this PR to upgrade sharp from 0.28.3 to 0.31.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 13 versions ahead of your current version.
• The recommended version was released 22 days ago, on 2022-09-05.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-SIMPLEGET-2361683	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHARP-2848109	547/1000 Why? Proof of Concept exploit, CVSS 8.8	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sharp

• 0.31.0 - 2022-09-05
  No content.
• 0.30.7 - 2022-06-22
  No content.
• 0.30.6 - 2022-05-30
  No content.
• 0.30.5 - 2022-05-23
  No content.
• 0.30.4 - 2022-04-18
  No content.
• 0.30.3 - 2022-03-14
  No content.
• 0.30.2 - 2022-03-02
  No content.
• 0.30.1 - 2022-02-09
  No content.
• 0.30.0 - 2022-02-01
  No content.
• 0.29.3 - 2021-11-14
  No content.
• 0.29.2 - 2021-10-21
• 0.29.1 - 2021-09-07
• 0.29.0 - 2021-08-17
• 0.28.3 - 2021-05-24

from sharp GitHub release notes

Commit messages

Package name: sharp

• f7b29d7 CI: ensure prebuilds use Node API version 7
• 0b80618 Release v0.31.0
• c1393da Expose unlimited option for HEIF input
• 31c1cfb Docs: add note about GIF optimisation
• afc35c2 Docs: update benchmark results for libvips v8.13.1
• 6eb2add Docs: refresh for 5cdb2b8
• 5cdb2b8 Upgrade to libvips v8.13.1
• 1eb66c0 Tests: relax truncated PNG test assertion
• 55c4d88 Improve normalise op with use of histogram #200
• 9a54a03 Tests: ensure truncated PNG test handles possible race
• f510956 Standardise approach for string to enum conversion
• 953a948 Tests: run benchmarks in container via Docker
• 0e3bd46 Docs: clarify that metadata respects page/pages
• 4b38f56 Docs: add avif and heif examples
• 0fe857c Docs: move serverless-esbuild to bundlers section
• 1bf06bd Docs: add info for serverless-esbuild users (#3235)
• 6e3f4c3 Docs: changelog for #3332
• 8583eb1 Tests: update leak suppressions for latest versions
• c3a852e Add trim option to provide a specific background colour (#3332)
• 3a44748 Ensure PNG bitdepth can be set for non-palette output #3322
• e1bc867 Docs: clarify composite operation ordering
• a618ce7 Ensure image is unpremultiplied before composite #3334
• a44168c Docs: changelog and credit for #3303
• 74e3f73 Expand linear operation to allow use of per-channel arrays #3303

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs