Update tools/package.json dependencies, remove imagemin-zopfli (#35406)
imagemin-zopfli brings a lot of [vulnerable dependencies](https://github.com/go-gitea/gitea/security/dependabot) and it is unmaintained. The removal brings a size increase to these images, but I think ultimately this size does not matter enough. I verified this passes `pnpm audit` now.
This commit is contained in:
silverwind
+5
-6
@@ -5,18 +5,17 @@
|
||||
"type": "module",
|
||||
"private": true,
|
||||
"dependencies": {
|
||||
"fabric": "^6.0.0",
|
||||
"imagemin-zopfli": "^7.0.0",
|
||||
"svgo": "^3.0.0",
|
||||
"fast-glob": "^3.0.0"
|
||||
"fabric": "^6.7.1",
|
||||
"svgo": "^4.0.0",
|
||||
"fast-glob": "^3.3.3"
|
||||
},
|
||||
"optionalDependencies": {
|
||||
"canvas": "^3.2.0"
|
||||
},
|
||||
"pnpm": {
|
||||
"onlyBuiltDependencies": ["canvas", "zopflipng-bin"],
|
||||
"onlyBuiltDependencies": ["canvas"],
|
||||
"overrides": {
|
||||
"canvas": "3.2.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user