grunt-tight-sprite icon indicating copy to clipboard operation
grunt-tight-sprite copied to clipboard

Published 20 hours ago verified publisher icon uhop

[Snyk] Upgrade canvas from 2.6.1 to 2.7.0

Open snyk-bot opened this issue 4 years ago • 0 comments

Snyk has created this PR to upgrade canvas from 2.6.1 to 2.7.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 3 months ago, on 2021-03-01.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-INI-1048974		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: canvas from canvas GitHub release notes
Commit messages
Package name: canvas
  • 58bc728 v2.7.0
  • e8ad788 Switch prebuild trigger to manual
  • bf5126b bug: remove non-standard behavior
  • 4ce04af Speed up `fillStyle=` and `strokeStyle=`
  • 0d9ca88 Move prebuilds to GitHub Actions
  • fe186e5 Bump node-pre-gyp to v0.15.0
  • 3e80556 Fix .complete for errored images
  • f13efc7 added fixes to CHANGELOG
  • 97b169e fix include path for cairo
  • 565693a Update Changelog
  • 6e024b5 Remove linebreaks after #ifdefs
  • 57d919a Move getSafeBufSize() under #ifdef HAVE_JPEG, removes compiler warning of unused function removal
  • 4af2efd Fix to compile without JPEG library.
  • 9cd9aa3 Merge pull request #1583 from zbjornson/zb/ci-libjpeg
  • dc1db18 use libjpeg-dev in Linux CI
  • abfc713 Fix signed/unsigned comparison warning
  • 89f7607 Add -Wno-cast-function-type to suppress GCC8 warnings
  • 4c7f7ee Switch CI to GitHub actions
  • 6ff5eea Add rsvgVersion to exports
  • 2e9ea73 Fix assertion failure when using VSCode debugger to inspect Image proto (#1550)
  • c025143 Updating Types (#1509)
  • 98a5141 Add Node.js v13 to CI
  • 37d556c Merge pull request #1508 from JTBrinkmann/patch-1
  • da0bc07 update Readme.md (fix "Upgrading from 2.x")

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

snyk-bot avatar May 18 '21 03:05 snyk-bot