Skip to content

Bump sharp, gatsby, gatsby-plugin-feed, gatsby-plugin-image, gatsby-plugin-manifest, gatsby-plugin-page-creator, gatsby-plugin-sharp, gatsby-remark-images and gatsby-transformer-sharp #8943

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump sharp, gatsby, gatsby-plugin-feed, gatsby-plugin-image, gatsby-plugin-manifest, gatsby-plugin-page-creator, gatsby-plugin-sharp, gatsby-remark-images and gatsby-transformer-sharp #8943

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 17, 2024
edited
Loading

Bumps sharp to 0.32.6 and updates ancestor dependencies sharp, gatsby, gatsby-plugin-feed, gatsby-plugin-image, gatsby-plugin-manifest, gatsby-plugin-page-creator, gatsby-plugin-sharp, gatsby-remark-images and gatsby-transformer-sharp. These dependencies need to be updated together.

Updates sharp from 0.30.7 to 0.32.6

Changelog

Sourced from sharp's changelog.

v0.32.6 - 18th September 2023

  • Upgrade to libvips v8.14.5 for upstream bug fixes.

  • Ensure composite tile images are fully decoded (regression in 0.32.0). #3767

  • Ensure withMetadata can add ICC profiles to RGB16 output. #3773

  • Ensure withMetadata does not reduce 16-bit images to 8-bit (regression in 0.32.5). #3773

  • TypeScript: Add definitions for block and unblock. #3799 @​ldrick

v0.32.5 - 15th August 2023

  • Upgrade to libvips v8.14.4 for upstream bug fixes.

  • TypeScript: Add missing WebpPresetEnum to definitions. #3748 @​pilotso11

  • Ensure compilation using musl v1.2.4. #3755 @​kleisauke

  • Ensure resize with a fit of inside respects 90/270 degree rotation. #3756

  • TypeScript: Ensure minSize property of WebpOptions is boolean. #3758 @​sho-xizz

  • Ensure withMetadata adds default sRGB profile. #3761

v0.32.4 - 21st July 2023

  • Upgrade to libvips v8.14.3 for upstream bug fixes.

  • Expose ability to (un)block low-level libvips operations by name.

  • Prebuilt binaries: restore support for tile-based output. #3581

v0.32.3 - 14th July 2023

... (truncated)

Commits

Updates gatsby from 4.25.4 to 5.13.4

Release notes

Sourced from gatsby's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Commits
  • 8f0f7c5 chore(release): Publish
  • edaf016 fix(gatsby-adapter-netlify): handler generation on windows (#38900) (#38929)
  • b0960f5 chore(release): Publish
  • 07761d4 chore(gatsby-source-wordpress): upgrade file-type (#38861) (#38863)
  • 85f6c90 fix(gatsby-source-wordpress): only diff wpgraphql schema if the user opts in ...
  • b4ce9e6 chore(release): Publish
  • c50e8f2 fix: add missing fs method rewrites to handle fetchRemoteFile in dsg/ssr engi...
  • d328fd8 perf: use must-revalidate cache-control header as common and only create head...
  • b24134d chore(release): Publish
  • c74745c fix(gatsby): support builtin modules prefixed with node: on build-html (#...
  • Additional commits viewable in compare view

Updates gatsby-plugin-feed from 4.25.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-feed's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-feed's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-feed

5.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-feed

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-feed

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-feed

5.12.1 (2023-10-09)

Note: Version bump only for package gatsby-plugin-feed

5.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-feed

5.11.0 (2023-06-15)

🧾 Release notes

Chores

5.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-feed

5.9.0 (2023-04-18)

🧾 Release notes

Bug Fixes

... (truncated)

Commits

Updates gatsby-plugin-image from 2.25.0 to 3.13.1

Release notes

Sourced from gatsby-plugin-image's releases.

v3.13 (August 2021 #3)

Welcome to [email protected] release (August 2021 #3)

Key highlights of this release:

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v3.12 (August 2021 #2)

Welcome to [email protected] release (August 2021 #2)

Key highlights of this release:

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v3.11 (August 2021 #1)

Welcome to [email protected] release (August 2021 #1)

Key highlights of this release:

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

... (truncated)

Changelog

Sourced from gatsby-plugin-image's changelog.

3.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-image

3.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-image

3.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-image

3.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-image

3.12.1 (2023-10-09)

Note: Version bump only for package gatsby-plugin-image

3.12.0 (2023-08-24)

🧾 Release notes

Features

Bug Fixes

3.11.0 (2023-06-15)

🧾 Release notes

Bug Fixes

Chores

3.10.0 (2023-05-16)

🧾 Release notes

... (truncated)

Commits

Updates gatsby-plugin-manifest from 4.25.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-manifest's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-manifest's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-manifest

5.13.0 (2023-12-18)

🧾 Release notes

Chores

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-manifest

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-manifest

5.12.1 (2023-10-09)

Chores

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

5.11.0 (2023-06-15)

🧾 Release notes

Chores

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

... (truncated)

Commits

Updates gatsby-plugin-page-creator from 4.25.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-page-creator's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-page-creator's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-page-creator

5.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-page-creator

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-page-creator

5.12.1 (2023-10-09)

Note: Version bump only for package gatsby-plugin-page-creator

5.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-page-creator

5.9.0 (2023-04-18)

🧾 Release notes

Bug Fixes

5.8.0 (2023-03-21)

... (truncated)

Commits

Updates gatsby-plugin-sharp from 4.25.0 to 5.13.1

Release notes

Sourced from gatsby-plugin-sharp's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to [email protected] release (August 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to [email protected] release (June 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to [email protected] release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to [email protected] release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-plugin-sharp's changelog.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-sharp

5.13.0 (2023-12-18)

🧾 Release notes

Chores

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-sharp

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-sharp

5.12.1 (2023-10-09)

Chores

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

5.11.0 (2023-06-15)

🧾 Release notes

Chores

5.10.0 (2023-05-16)

🧾 Release notes

Bug Fixes

... (truncated)

Commits

Updates gatsby-remark-images from 6.25.0 to 7.13.1

Changelog

Sourced from gatsby-remark-images's changelog.

7.13.1 (2024-01-23)

Note: Version bump only for package gatsby-remark-images

7.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-remark-images

7.12.3 (2023-10-26)

Note: Version bump only for package gatsby-remark-images

7.12.2 (2023-10-20)

Note: Version bump only for package gatsby-remark-images

7.12.1 (2023-10-09)

Note: Version bump only for package gatsby-remark-images

7.12.0 (2023-08-24)

🧾 Release notes

Note: Version bump only for package gatsby-remark-images

7.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-remark-images

7.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-remark-images

7.9.0 (2023-04-18)

🧾 Release notes

Note: Version bump only for package gatsby-remark-images

7.8.0 (2023-03-21)

🧾 Release notes

... (truncated)

Commits

Updates gatsby-transformer-sharp from 4.25.0 to 5.13.1

Release notes

Sourced from gatsby-transformer-sharp's releases.

v5.13.0

Welcome to [email protected] release (December 2023 #1)

Key highlight of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any

@dependabot dependabot bot requested a review from a team as a code owner April 17, 2024 21:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file Site: JavaScript Pull requests that update Javascript code labels Apr 17, 2024
@guardrails GuardRails
Copy link

guardrails bot commented Apr 17, 2024
edited
Loading

⚠️ We detected 8 security issues in this pull request:

Vulnerable Libraries (8)
Severity Details
High pkg:npm/[email protected] upgrade to: > 5.13.1
High pkg:npm/[email protected] upgrade to: > 5.13.1
High pkg:npm/[email protected] upgrade to: > 5.13.1
High pkg:npm/[email protected] upgrade to: > 7.13.1
High pkg:npm/[email protected] upgrade to: > 5.13.4
High pkg:npm/[email protected] upgrade to: > 5.13.1
High pkg:npm/[email protected] upgrade to: > 5.13.1
High pkg:npm/[email protected] upgrade to: > 3.13.1

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

rachelwhitton
rachelwhitton requested changes Apr 19, 2024
View reviewed changes
Copy link
Member

@rachelwhitton rachelwhitton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gatsby major upgrade will require a much larger effort, this should not be merged as-is

@rachelwhitton rachelwhitton self-assigned this Apr 23, 2024
@dependabot
Bump sharp, gatsby, gatsby-plugin-feed, gatsby-plugin-image, gatsby-p…
8ec29bd 
…lugin-manifest, gatsby-plugin-page-creator, gatsby-plugin-sharp, gatsby-remark-images and gatsby-transformer-sharp

Bumps [sharp](https://github.com/lovell/sharp) to 0.32.6 and updates ancestor dependencies [sharp](https://github.com/lovell/sharp), [gatsby](https://github.com/gatsbyjs/gatsby), [gatsby-plugin-feed](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-feed), [gatsby-plugin-image](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-image), [gatsby-plugin-manifest](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-manifest), [gatsby-plugin-page-creator](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-page-creator), [gatsby-plugin-sharp](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-sharp), [gatsby-remark-images](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-remark-images) and [gatsby-transformer-sharp](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-transformer-sharp). These dependencies need to be updated together.


Updates `sharp` from 0.30.7 to 0.32.6
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md)
- [Commits](lovell/sharp@v0.30.7...v0.32.6)

Updates `gatsby` from 4.25.4 to 5.13.4
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/compare/[email protected]@5.13.4)

Updates `gatsby-plugin-feed` from 4.25.0 to 5.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-feed/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-feed)

Updates `gatsby-plugin-image` from 2.25.0 to 3.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-image/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-image)

Updates `gatsby-plugin-manifest` from 4.25.0 to 5.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-manifest/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-manifest)

Updates `gatsby-plugin-page-creator` from 4.25.0 to 5.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-page-creator/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-page-creator)

Updates `gatsby-plugin-sharp` from 4.25.0 to 5.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-sharp/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-plugin-sharp)

Updates `gatsby-remark-images` from 6.25.0 to 7.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-remark-images/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-remark-images)

Updates `gatsby-transformer-sharp` from 4.25.0 to 5.13.1
- [Release notes](https://github.com/gatsbyjs/gatsby/releases)
- [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-transformer-sharp/CHANGELOG.md)
- [Commits](https://github.com/gatsbyjs/gatsby/commits/[email protected]/packages/gatsby-transformer-sharp)

---
updated-dependencies:
- dependency-name: sharp
  dependency-type: indirect
- dependency-name: gatsby
  dependency-type: direct:production
- dependency-name: gatsby-plugin-feed
  dependency-type: direct:production
- dependency-name: gatsby-plugin-image
  dependency-type: direct:production
- dependency-name: gatsby-plugin-manifest
  dependency-type: direct:production
- dependency-name: gatsby-plugin-page-creator
  dependency-type: direct:production
- dependency-name: gatsby-plugin-sharp
  dependency-type: direct:production
- dependency-name: gatsby-remark-images
  dependency-type: direct:production
- dependency-name: gatsby-transformer-sharp
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-a1157f384e branch from 15da7e1 to 8ec29bd Compare April 23, 2024 18:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rachelwhitton rachelwhitton rachelwhitton requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@jazzsequence jazzsequence

Labels
dependencies Pull requests that update a dependency file Site: JavaScript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rachelwhitton @jazzsequence