Skip to content

Commit

Permalink
fix: upgrade file-type dep to fix eval security warning
Browse files Browse the repository at this point in the history
  • Loading branch information
@rxliuli
rxliuli committed Feb 19, 2025
1 parent b6b0e41 commit aec6961
Show file tree
Hide file tree
Showing 3 changed files with 89 additions and 55 deletions.
2 changes: 1 addition & 1 deletion packages/core/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
"@jimp/utils": "workspace:*",
"await-to-js": "^3.0.0",
"exif-parser": "^0.1.12",
"file-type": "^16.0.0",
"file-type": "^20.1.0",
"mime": "3"
},
"devDependencies": {
Expand Down
4 changes: 2 additions & 2 deletions packages/core/src/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { Bitmap, Format, JimpClass, Edge } from "@jimp/types";
import { cssColorToHex, scan, scanIterator } from "@jimp/utils";
import fileType from "file-type/core.js";
import { to } from "await-to-js";
import { existsSync, readFile, writeFile } from "@jimp/file-ops";
import mime from "mime/lite.js";
Expand Down Expand Up @@ -334,7 +333,8 @@ export function createJimp<
const actualBuffer =
buffer instanceof ArrayBuffer ? bufferFromArrayBuffer(buffer) : buffer;

const mime = await fileType.fromBuffer(actualBuffer);
const { fileTypeFromBuffer } = await import("file-type/core");
const mime = await fileTypeFromBuffer(actualBuffer);

if (!mime || !mime.mime) {
throw new Error("Could not find MIME for Buffer");
Expand Down
138 changes: 86 additions & 52 deletions pnpm-lock.yaml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit aec6961

Please sign in to comment.