[Snyk] Upgrade jpeg-js from 0.1.2 to 0.4.4 #1

snyk-bot · 2023-04-16T00:41:43Z

Snyk has created this PR to upgrade jpeg-js from 0.1.2 to 0.4.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 14 versions ahead of your current version.
The recommended version was released 10 months ago, on 2022-06-07.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-JPEGJS-2859218	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JPEGJS-570039	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: jpeg-js

0.4.4 - 2022-06-07

v0.4.4 (2022-06-07)
- feat: add comment tag encoding (#87) (13e1ffa), closes #87
- fix: validate sampling factors (#106) (9ccd35f), closes #106
- fix(decoder): rethrow a more helpful error if Buffer is undefined (#93) (b58cc11), closes #93
- chore(ci): migrate to github actions (#86) (417e8e2), closes #86
- chore(deps): bump y18n from 4.0.0 to 4.0.3 (#98) (2c90858), closes #98
- chore(deps): bump ws from 7.2.3 to 7.4.6 (#91) (fd73289), closes #91
- chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#90) (9449a8b), closes #90
- chore(deps): bump lodash from 4.17.15 to 4.17.21 (#89) (ffdc4a4), closes #89
0.4.3 - 2021-01-11

v0.4.3 (2021-01-11)
- fix: handle 0x00E1 / 0x00E0 segments from Pixel phones (#84) (a2d7ed9), closes #84
0.4.2 - 2020-08-24

v0.4.2 (2020-08-24)
- feat(decoder): add FFDC marker support (#79) (5e8ec27), closes #79
- fix: avoid new Buffer usage (#73) (49be0e4), closes #73
- fix(types): add comments property to decode output (#72) (ca27601), closes #72
0.4.1 - 2020-06-27

v0.4.1 (2020-06-27)
- feat(decoder): add comment support (#71) (d2323c1), closes #71
0.4.0 - 2020-04-23

v0.4.0 (2020-04-23)
- feat: add memory and resolution limits (135705b)
- feat: expose exif buffers (#47) (d3e272a), closes #47
- feat: support browser usage (#55) (7e7e2dc), closes #55
- feat(decode): add tolerantDecoding option (#57) (69f6415), closes #57
- fix: enable tolerantDecoding by default (5d3277f)
- fix: don’t fail if scan contains trailing bytes (#66) (cfeb1c7), closes #66
- docs: update README for breaking changes (78408c6)
- refactor: use spread for decode options (a2c93e0)
- chore: update typedefs for 0.4.0 (a2f7080)
- chore: add vscode to ignores (238a7fe)
- chore: track version in tags only (cbc1244)
- chore: drop support for node versions <8 (21ef116)
- chore: switch to jest (1731741)
- chore: switch to yarn (0a750c0)
BREAKING CHANGE
- drop decode boolean second argument, options must be an object
- images larger than 100 megapixels or requiring more than 512MB of memory to decode will throw unless maxMemoryInMB and maxResolutionInMP options are increased
- no longer support node versions before 8 LTS
0.3.7 - 2020-02-15
v0.3.7
0.3.6 - 2019-08-07
0.3.5 - 2019-04-30
0.3.4 - 2018-03-30
0.3.3 - 2017-06-30
0.3.3
0.3.2 - 2017-06-27
0.3.2
0.3.1 - 2017-06-27
0.3.1
0.3.0 - 2017-06-27
0.3.0
0.2.0 - 2016-06-05
0.1.2 - 2016-04-21