[Snyk] Upgrade sharp from 0.28.3 to 0.30.7

[snyk-bot]

Snyk has created this PR to upgrade sharp from 0.28.3 to 0.30.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 12 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2022-06-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-SIMPLEGET-2361683	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	547/1000 Why? Proof of Concept exploit, CVSS 8.8	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHARP-2848109	547/1000 Why? Proof of Concept exploit, CVSS 8.8	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sharp

• 0.30.7 - 2022-06-22
  No content.
• 0.30.6 - 2022-05-30
  No content.
• 0.30.5 - 2022-05-23
  No content.
• 0.30.4 - 2022-04-18
  No content.
• 0.30.3 - 2022-03-14
  No content.
• 0.30.2 - 2022-03-02
  No content.
• 0.30.1 - 2022-02-09
  No content.
• 0.30.0 - 2022-02-01
  No content.
• 0.29.3 - 2021-11-14
  No content.
• 0.29.2 - 2021-10-21
  No content.
• 0.29.1 - 2021-09-07
• 0.29.0 - 2021-08-17
• 0.28.3 - 2021-05-24

from sharp GitHub release notes

Commit messages

Package name: sharp

• e40a881 Release v0.30.7
• c1b13ad Bump deps
• 29e0989 Docs: add examples of custom binary locations
• 853a203 Install: add help for possible worker thread problem #3268
• 8bb30d7 Docs: changelog and credit #3261 #3267
• a333b87 Prevent upsampling via libwebp (#3267)
• 4662527 Allow WebP encoding effort of 0 (#3261)
• b10d8f8 Docs: add example of multi-arch within same install tree
• f903e14 Docs: clarify wording of resize background option
• a757185 Ensure composite can tile with outside resize #3227
• 4d82331 docs(input): correct getNormalSize with EXIF orientation example (#3241)
• b91875d Release v0.30.6
• a0568ec Allow values for limitInputPixels larger than 32-bit #3238
• 48e3ea5 Ensure brew-installed vips can be detected #3239
• 93b2905 Docs: changelog and credit for #3160
• db654de Release v0.30.5
• a6aeef6 Install: pass `PKG_CONFIG_PATH` via env rather than substitution
• 7bf6cbd Docs: correct links to libvips documentation
• 04c31b3 Install: warn about filesystem owner running npm v8+ as root
• ee9cdb6 Bump deps
• 8960eb8 Docs: changelog entry for #3218
• 54d9dc4 Fix rotate-then-extract for EXIF orientation 2 (#3218)
• 51b4a7c Add support for --libc flag to improve cross-platform install (#3160)
• 5b03579 Docs: more details about concurrency, parallelism, threads

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs