Skip to content

Bump file-type and jimp#42

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-4e9bdbaf90
Open

Bump file-type and jimp#42
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-4e9bdbaf90

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 10, 2026
edited
Loading

Bumps file-type to 21.3.4 and updates ancestor dependency jimp. These dependencies need to be updated together.

Updates file-type from 16.5.4 to 21.3.4

Release notes

Sourced from file-type's releases.

v21.3.4

  • Harden parser more aec20a0

sindresorhus/file-type@v21.3.3...v21.3.4

v21.3.3

  • Harden parser c48c90b 135f91b

sindresorhus/file-type@v21.3.2...v21.3.3

v21.3.2

  • Fix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v) a155cd7
  • Fix bound recursive BOM and ID3 detection 370ed91

sindresorhus/file-type@v21.3.1...v21.3.2

v21.3.1

sindresorhus/file-type@v21.3.0...v21.3.1

v21.3.0

  • Add support for Mach-O Universal (aka "Fat") binaries and additional architectures (#779) d223491

sindresorhus/file-type@v21.2.0...v21.3.0

v21.2.0

  • Add support for SPSS data files (#787) 889f638
  • Add support for JMP (#784) 093dba0

sindresorhus/file-type@v21.1.1...v21.2.0

v21.1.1

  • Fix handling of partial Gunzip file (#783) 710e053

sindresorhus/file-type@v21.1.0...v21.1.1

... (truncated)

Commits

Updates jimp from 0.22.12 to 1.6.1

Release notes

Sourced from jimp's releases.

v1.6.1

🎉 This release contains work from new contributors! 🎉

Thanks for all your work!

❤️ Denys Kashkovskyi (@​Kashkovsky)

❤️ Viki (@​vikiboss)

🐛 Bug Fix

⚠️ Pushed to main

📝 Documentation

Authors: 3

v1.6.0

Release Notes

Add support for image decoder options (#1336)

Can now have options for the underlying image codecs

CleanShot 2024-09-07 at 15 26 41

🚀 Enhancement

  • @jimp/core, @jimp/types, @jimp/js-bmp, @jimp/js-jpeg, @jimp/js-png

⚠️ Pushed to main

... (truncated)

Changelog

Sourced from jimp's changelog.

v1.6.1 (Tue Apr 07 2026)

🎉 This release contains work from new contributors! 🎉

Thanks for all your work!

❤️ Denys Kashkovskyi (@​Kashkovsky)

❤️ Viki (@​vikiboss)

🐛 Bug Fix

⚠️ Pushed to main

📝 Documentation

Authors: 3

v1.5.0 (Mon Sep 09 2024)

Release Notes

Add support for image decoder options (#1336)

Can now have options for the underlying image codecs

CleanShot 2024-09-07 at 15 26 41

🚀 Enhancement

  • @jimp/core, @jimp/types, @jimp/js-bmp, @jimp/js-jpeg, @jimp/js-png

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 10, 2026
@dependabot
Bump file-type and jimp
e007bca 
Bumps [file-type](https://github.com/sindresorhus/file-type) to 21.3.4 and updates ancestor dependency [jimp](https://github.com/jimp-dev/jimp). These dependencies need to be updated together.


Updates `file-type` from 16.5.4 to 21.3.4
- [Release notes](https://github.com/sindresorhus/file-type/releases)
- [Commits](sindresorhus/file-type@v16.5.4...v21.3.4)

Updates `jimp` from 0.22.12 to 1.6.1
- [Release notes](https://github.com/jimp-dev/jimp/releases)
- [Changelog](https://github.com/jimp-dev/jimp/blob/v1.6.1/CHANGELOG.md)
- [Commits](jimp-dev/jimp@v0.22.12...v1.6.1)

---
updated-dependencies:
- dependency-name: file-type
  dependency-version: 21.3.4
  dependency-type: indirect
- dependency-name: jimp
  dependency-version: 1.6.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-4e9bdbaf90 branch from c2e430e to e007bca Compare May 2, 2026 20:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants