build(deps): bump file-type and colorthief

[dependabot]

Removes file-type. It's no longer used after updating ancestor dependency colorthief. These dependencies need to be updated together.

Removes file-type

Updates colorthief from 2.6.0 to 2.7.0

Release notes

Sourced from colorthief's releases.

v.2.7.0

New features:

• Configurable pixel filtering — New options: ignoreWhite, whiteThreshold, alphaThreshold, and minSaturation let callers control which pixels are
  included in color extraction
• Options object API — getColor and getPalette now accept an options object (e.g., { colorCount: 5, quality: 10, ignoreWhite: false }) in addition to the existing positional arguments
• New browser input types — getPalette/getColor now accept HTMLCanvasElement, ImageData, and ImageBitmap in addition to HTMLImageElement
• TypeScript type definitions — Added .d.ts files for both browser (color-thief.d.ts) and Node (color-thief-node.d.ts)

Bug fixes & robustness:

• Fallback color for edge cases — New computeFallbackColor() averages all pixels when the quantizer can't produce a palette (e.g., solid-color or
  all-white images), preventing null returns
• Progressive filter relaxation — If filtering removes all pixels, filters are progressively relaxed (first allowing white, then transparent) before falling back
• Fixed variable scope leak — i in getImageData changed from implicit global to let
• Input validation — Browser version now throws descriptive errors for unloaded images, missing sources, and CORS-tainted canvases
• Null-safe palette access — All call sites now check palette for null before accessing palette[0]

Chores & tooling:

• Removed file-type dependency from Node version (unused)
• Removed dist/ from git tracking (kept in npm package via .npmignore)
• Added GitHub Actions CI workflow
• Replaced CanvasImage class with a simpler getPixelData() function
• Updated README to reflect current project setup
• Version bump to 2.7.0 across package.json and source files

Commits

• b3f8420 chore: bump version to 2.7.0
• 36d055a docs: update README to reflect current project setup
• a302f13 Merge branch 'master' into dev
• 8fc8c1e chore: remove dist from git tracking, keep in npm package
• 5c9f6ae chore: remove dist from git tracking, keep in npm package
• 0647b25 Merge pull request #276 from lokesh/dev
• 33650a2 chore: remove lint step from CI workflow
• 20176ea chore: remove eslint and related dependencies
• a51c1c3 feat: add configurable filtering, new input types, TypeScript defs, and dev t...
• ee8d29e refactor: enhance color extraction logic and update tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.