[Snyk] Upgrade sharp from 0.32.6 to 0.34.4

[djdiptayan1]

Snyk has created this PR to upgrade sharp from 0.32.6 to 0.34.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 36 versions ahead of your current version.

• The recommended version was released a month ago.

Release notes

Package name: sharp

• 0.34.4 - 2025-09-17
  

  • Upgrade to libvips v8.17.2 for upstream bug fixes.

  • Ensure TIFF subifd and OpenSlide level input options are respected (regression in 0.34.3).

  • Ensure autoOrient occurs before non-90 angle rotation.
    #4425

  • Ensure autoOrient removes existing metadata after shrink-on-load.
    #4431

  • TypeScript: Ensure KernelEnum includes linear.
    #4441
    @ BayanBennett

  • Ensure unlimited flag is passed upstream when reading TIFF images.
    #4446

  • Support Electron memory cage when reading XMP metadata (regression in 0.34.3).
    #4451

  • Add sharp-libvips rpath for yarn v5 support.
    #4452
    @ arcanis

• 0.34.4-rc.4 - 2025-09-17
  

  • Upgrade to libvips v8.17.2 for upstream bug fixes.

  • Ensure TIFF subifd and OpenSlide level input options are respected (regression in 0.34.3).

  • Ensure autoOrient occurs before non-90 angle rotation.
    #4425

  • Ensure autoOrient removes existing metadata after shrink-on-load.
    #4431

  • TypeScript: Ensure KernelEnum includes linear.
    #4441
    @ BayanBennett

  • Ensure unlimited flag is passed upstream when reading TIFF images.
    #4446

  • Support Electron memory cage when reading XMP metadata (regression in 0.34.3).
    #4451

  • Add sharp-libvips rpath for yarn v5 support.
    #4452
    @ arcanis

• 0.34.4-rc.3 - 2025-09-15
  

  • Upgrade to libvips v8.17.2 for upstream bug fixes.

  • Ensure autoOrient occurs before non-90 angle rotation.
    #4425

  • Ensure autoOrient removes existing metadata after shrink-on-load.
    #4431

  • TypeScript: Ensure KernelEnum includes linear.
    #4441
    @ BayanBennett

  • Ensure unlimited flag is passed upstream when reading TIFF images.
    #4446

  • Support Electron memory cage when reading XMP metadata (regression in 0.34.3).
    #4451

  • Add sharp-libvips rpath for yarn v5 support.
    #4452
    @ arcanis

• 0.34.3 - 2025-07-10
  No content.
• 0.34.3-rc.1 - 2025-07-09
  No content.
• 0.34.3-rc.0 - 2025-06-14
  No content.
• 0.34.2 - 2025-05-20
  No content.
• 0.34.2-rc.0 - 2025-05-14
• 0.34.1 - 2025-04-07
• 0.34.0 - 2025-04-04
• 0.34.0-rc.1 - 2025-04-03
• 0.34.0-rc.0 - 2025-03-16
• 0.33.5 - 2024-08-16
• 0.33.5-rc.1 - 2024-08-14
• 0.33.5-rc.0 - 2024-08-13
• 0.33.4 - 2024-05-16
• 0.33.4-rc.0 - 2024-05-16
• 0.33.3 - 2024-03-23
• 0.33.3-rc.0 - 2024-03-22
• 0.33.2 - 2024-01-12
• 0.33.2-rc.1 - 2024-01-12
• 0.33.2-rc.0 - 2024-01-11
• 0.33.1 - 2023-12-17
• 0.33.1-rc.3 - 2023-12-17
• 0.33.1-rc.2 - 2023-12-17
• 0.33.1-rc.0 - 2023-12-12
• 0.33.0 - 2023-11-29
• 0.33.0-rc.2 - 2023-11-22
• 0.33.0-alpha.11 - 2023-11-10
• 0.33.0-alpha.10 - 2023-11-04
• 0.33.0-alpha.9 - 2023-10-13
• 0.33.0-alpha.8 - 2023-10-10
• 0.33.0-alpha.7 - 2023-10-10
• 0.33.0-alpha.6 - 2023-10-09
• 0.33.0-alpha.4 - 2023-10-06
• 0.33.0-alpha.3 - 2023-10-06
• 0.32.6 - 2023-09-18

from sharp GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
gcsrm-server	Ready	Preview	Comment	Oct 19, 2025 10:24am

💡 Enable Vercel Agent with $100 free credit for automated AI reviews

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-upgrade-aba98cf8fbe433aae3d5141e8cfa3480

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR upgrades the sharp image processing library from version 0.32.6 to 0.34.4, addressing a Snyk-detected dependency update that spans 36 versions and includes various bug fixes and improvements.

Key changes:

• Upgrades sharp dependency to receive upstream bug fixes from libvips v8.17.2
• Incorporates fixes for autoOrient metadata handling and TIFF image processing
• Adds support for Yarn v5 and Electron memory cage compatibility

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}