sharp - npm Package Compare versions
+1
-5
@@ -22,3 +22,3 @@ // Copyright 2013 Lovell Fuller and others. | ||
| * | ||
| * The use of `rotate` implies the removal of the EXIF `Orientation` tag, if any. | ||
| * The use of `rotate` without an angle will remove the EXIF `Orientation` tag, if any. | ||
| * | ||
@@ -87,4 +87,2 @@ * Only one rotation can occur per pipeline. | ||
| * | ||
| * The use of `flip` implies the removal of the EXIF `Orientation` tag, if any. | ||
| * | ||
| * This operation does not work correctly with multi-page images. | ||
@@ -107,4 +105,2 @@ * | ||
| * | ||
| * The use of `flop` implies the removal of the EXIF `Orientation` tag, if any. | ||
| * | ||
| * @example | ||
@@ -111,0 +107,0 @@ * const output = await sharp(input).flop().toBuffer(); |
+3
-2
@@ -165,4 +165,4 @@ // Copyright 2013 Lovell Fuller and others. | ||
| * Include all metadata (EXIF, XMP, IPTC) from the input image in the output image. | ||
| * This will also convert to and add a web-friendly sRGB ICC profile unless a custom | ||
| * output profile is provided. | ||
| * This will also convert to and add a web-friendly sRGB ICC profile if appropriate, | ||
| * unless a custom output profile is provided. | ||
| * | ||
@@ -1050,2 +1050,3 @@ * The default behaviour, when `withMetadata` is not used, is to convert to the device-independent | ||
| * @param {string} [options.depth='uchar'] - bit depth, one of: char, uchar (default), short, ushort, int, uint, float, complex, double, dpcomplex | ||
| * @returns {Sharp} | ||
| * @throws {Error} Invalid options | ||
@@ -1052,0 +1053,0 @@ */ |
+15
-15
| { | ||
| "name": "sharp", | ||
| "description": "High performance Node.js image processing, the fastest module to resize JPEG, PNG, WebP, GIF, AVIF and TIFF images", | ||
| "version": "0.32.5", | ||
| "version": "0.32.6", | ||
| "author": "Lovell Fuller <npm@lovell.info>", | ||
@@ -156,21 +156,21 @@ "homepage": "https://github.com/lovell/sharp", | ||
| "nyc": "^15.1.0", | ||
| "prebuild": "lovell/prebuild#add-nodejs-20-drop-nodejs-10-and-12", | ||
| "prebuild": "^12.0.0", | ||
| "semistandard": "^16.0.1", | ||
| "tsd": "^0.28.1" | ||
| "tsd": "^0.29.0" | ||
| }, | ||
| "license": "Apache-2.0", | ||
| "config": { | ||
| "libvips": "8.14.4", | ||
| "libvips": "8.14.5", | ||
| "integrity": { | ||
| "darwin-arm64v8": "sha512-jZt5+ZBQzdloop9z/XlOAy8jHxD+ZGt3J8YUm1g3njjjKmZ/RmM9r6QAeLLILe67ATHaaAtmCil37fDc400OrQ==", | ||
| "darwin-x64": "sha512-Mhpr8n8CjrU+u5K9YLucmkCgwtJGexECLOZejPfqM8CiOMerowR0wJTuSt9WTOtb9qGOL/ndybfrymsw+YH8PA==", | ||
| "linux-arm64v8": "sha512-k2PiOOv8amzS4m5jc4Vceozv8h041IoyHL/1s0Rj290jg3w6BUJL3V+TLwKUPM35i7rV5rm14gtnGZ7qKENdmA==", | ||
| "linux-armv6": "sha512-CuPTo50owR8P+BCCcWk1tF4qB3XSAaHeaIzSanJM/v9zBZfUfMGI0OLv+ByyHCL3BE2CbGXaSXhuEVw2JQ08Sw==", | ||
| "linux-armv7": "sha512-CvD6fMy9PkZk1m2UPTWDcFfcD4qFA3RALyAWIih8ftOY9ksI3Y4uz6c0ML+ixBl0hqQK3WEg6+ac5TGDjZbbYA==", | ||
| "linux-x64": "sha512-vqoV61ka2hBYQ5582nQlyUcVPtItu927mng9RUU9nyO4Wt50z9nNT/pfcYEfF2jkBNW9JaiMaj6bENHgxA6mMg==", | ||
| "linuxmusl-arm64v8": "sha512-iCyl0y/qxdvgGidsYn11R8d4TEcU92uYHtYI8FSHyUobZw/9i2y3189PUTQ/fw44oqaBzTR3p9NF2eP6aLT9gQ==", | ||
| "linuxmusl-x64": "sha512-qj7IUqWUqCtxECpgNp4E1NcIbsNe1ujzBuJcnnQot7GZOuPUhI5N6ZUhozmh6LfbGFdBZpPc/JFh1eDZ0IEpbQ==", | ||
| "win32-arm64v8": "sha512-VRi7fpE9Kb3xQGcNmPPTJnWGAEUMq+YOq9abpaIIB2r3Ax327/7wHS7o2ezD6zQKdxIX6gODC5io/hReIJ9Jnw==", | ||
| "win32-ia32": "sha512-EnvtU7Q6+pjl5/Y1/UngCFDM2CSqpYWVDwY03ilUKSuqTeDKTJYyus0rJ+n6p4nmdjJlVdhYlkvpy8kkEAtDHg==", | ||
| "win32-x64": "sha512-fCl/KQuSijVYC8hULWbff8Mfuh3vjjdz4j5p73VgdLP6aZUrHctbhBvEIe0aQ8HpmcGdBnATX5pXUQ4GDl3mwQ==" | ||
| "darwin-arm64v8": "sha512-1QZzICfCJd4wAO0P6qmYI5e5VFMt9iCE4QgefI8VMMbdSzjIXA9L/ARN6pkMQPZ3h20Y9RtJ2W1skgCsvCIccw==", | ||
| "darwin-x64": "sha512-sMIKMYXsdU9FlIfztj6Kt/SfHlhlDpP0Ups7ftVFqwjaszmYmpI9y/d/q3mLb4jrzuSiSUEislSWCwBnW7MPTw==", | ||
| "linux-arm64v8": "sha512-CD8owELzkDumaom+O3jJ8fKamILAQdj+//KK/VNcHK3sngUcFpdjx36C8okwbux9sml/T7GTB/gzpvReDrAejQ==", | ||
| "linux-armv6": "sha512-wk6IPHatDFVWKJy7lI1TJezHGHPQut1wF2bwx256KlZwXUQU3fcVcMpV1zxXjgLFewHq2+uhyMkoSGBPahWzlA==", | ||
| "linux-armv7": "sha512-HEZC9KYtkmBK5rUR2MqBhrVarnQVZ/TwLUeLkKq0XuoM2pc/eXI6N0Fh5NGEFwdXI2XE8g1ySf+OYS6DDi+xCQ==", | ||
| "linux-x64": "sha512-SlFWrITSW5XVUkaFPQOySAaSGXnhkGJCj8X2wGYYta9hk5piZldQyMp4zwy0z6UeRu1qKTKtZvmq28W3Gnh9xA==", | ||
| "linuxmusl-arm64v8": "sha512-ga9iX7WUva3sG/VsKkOD318InLlCfPIztvzCZKZ2/+izQXRbQi8VoXWMHgEN4KHACv45FTl7mJ/8CRqUzhS8wQ==", | ||
| "linuxmusl-x64": "sha512-yeaHnpfee1hrZLok2l4eFceHzlfq8gN3QOu0R4Mh8iMK5O5vAUu97bdtxeZZeJJvHw8tfh2/msGi0qysxKN8bw==", | ||
| "win32-arm64v8": "sha512-kR91hy9w1+GEXK56hLh51+hBCBo7T+ijM4Slkmvb/2PsYZySq5H7s61n99iDYl6kTJP2y9sW5Xcvm3uuXDaDgg==", | ||
| "win32-ia32": "sha512-HrnofEbzHNpHJ0vVnjsTj5yfgVdcqdWshXuwFO2zc8xlEjA83BvXZ0lVj9MxPxkxJ2ta+/UlLr+CFzc5bOceMw==", | ||
| "win32-x64": "sha512-BwKckinJZ0Fu/EcunqiLPwOLEBWp4xf8GV7nvmVuKKz5f6B+GxoA2k9aa2wueqv4r4RJVgV/aWXZWFKOIjre/Q==" | ||
| }, | ||
@@ -177,0 +177,0 @@ "runtime": "napi", |
+2
-2
@@ -18,4 +18,4 @@ // Copyright 2013 Lovell Fuller and others. | ||
| (VIPS_MAJOR_VERSION == 8 && VIPS_MINOR_VERSION < 14) || \ | ||
| (VIPS_MAJOR_VERSION == 8 && VIPS_MINOR_VERSION == 14 && VIPS_MICRO_VERSION < 4) | ||
| #error "libvips version 8.14.4+ is required - please see https://sharp.pixelplumbing.com/install" | ||
| (VIPS_MAJOR_VERSION == 8 && VIPS_MINOR_VERSION == 14 && VIPS_MICRO_VERSION < 5) | ||
| #error "libvips version 8.14.5+ is required - please see https://sharp.pixelplumbing.com/install" | ||
| #endif | ||
@@ -22,0 +22,0 @@ |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 11 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 11 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
609870
0.24%- Lines of code
6830
0.6%Worsened metrics
- Number of low supply chain risk alerts
44
2.33%