Skip to content

Bump exifreader from 4.27.0 to 4.39.0#25

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/exifreader-4.39.0
Open

Bump exifreader from 4.27.0 to 4.39.0#25
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/exifreader-4.39.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 29, 2026

Copy link
Copy Markdown
Contributor

Bumps exifreader from 4.27.0 to 4.39.0.

Release notes

Sourced from exifreader's releases.

4.39.0

What's Changed

Added

  • decompress.maxDecompressedSize option to bound the size of any single decompressed metadata block (default 128 MiB). Blocks that would exceed the limit are skipped with a console.warn; remaining tags are returned as usual. By @​mattiasw. #634

Fixed

Full Changelog: mattiasw/ExifReader@v4.38.1...v4.39.0

4.38.1: Bump @​xmldom/xmldom range

What's Changed

New Contributors

Full Changelog: mattiasw/ExifReader@v4.38.0...v4.38.1

4.38.0: JPEG XL support

No release notes provided.

4.37.1: Handle truncated EXIF segment

No release notes provided.

4.37.0: Canon tags LensModel, LensType

No release notes provided.

4.36.2: Handle broken additional APP13 segment

No release notes provided.

4.36.1: Decode UTF-8 iTXT components properly when no compression is set

Thank you @​sjuxax!

4.36.0: Add includeTags / excludeTags options for filtering returned tags

No release notes provided.

4.35.0: Handle when there are multiple Exif segments

Earlier the last one was always picked. Now the one that looks valid and has tags is picked.

4.34.0: computed tag value

Each tag now has a computed property. It's an opt-in, type-aware value. This will often be the same as value except for RATIONAL/SRATIONAL and ASCII tags.

4.33.1: Support for reading only beginning of File object

... (truncated)

Changelog

Sourced from exifreader's changelog.

[4.39.0] - 2026-05-15

Added

  • decompress.maxDecompressedSize option to bound the size of any single decompressed metadata block (default 128 MiB). Blocks that would exceed the limit are skipped with a console.warn; remaining tags are returned as usual.

Fixed

  • Parse UserComment value when encoding is undefined but contains printable text.

Security

[4.38.1] - 2026-04-09

Changed

  • Bump @​xmldom/xmldom range to ^0.9.9.

[4.38.0] - 2026-04-07

Added

  • Support for JPEG XL images (Exif, XMP, MakerNote, image details).
  • decompress option for providing custom Brotli/deflate decompression functions (needed for JPEG XL in environments without native support).

[4.37.1] - 2026-04-05

Fixed

  • Handle truncated EXIF segment without crashing.

[4.37.0] - 2026-03-11

Added

  • Canon proprietary tags LensModel and LensType.

[4.36.2] - 2026-02-19

... (truncated)

Commits
  • fa7815b 4.39.0
  • 8fc1c54 Release 4.39.0
  • 5f11612 Add maxDecompressedSize option to cap decompressed metadata blocks
  • c9d88b6 Add bounds checks to ICC mluc tag parsing
  • 2b72a7c Bump the all-dependencies group with 2 updates
  • 92ced70 Bump systeminformation from 5.31.1 to 5.31.6
  • d62bd24 Bump @​babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4
  • 4d8d881 Bump fast-uri from 3.1.0 to 3.1.2
  • ae13440 Bump the all-dependencies group with 3 updates
  • d74567b Bump the all-dependencies group with 2 updates
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for exifreader since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump exifreader from 4.27.0 to 4.39.0
2566735 
Bumps [exifreader](https://github.com/mattiasw/ExifReader) from 4.27.0 to 4.39.0.
- [Release notes](https://github.com/mattiasw/ExifReader/releases)
- [Changelog](https://github.com/mattiasw/ExifReader/blob/main/CHANGELOG.md)
- [Commits](mattiasw/ExifReader@v4.27.0...v4.39.0)

---
updated-dependencies:
- dependency-name: exifreader
  dependency-version: 4.39.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 29, 2026
@vercel

vercel Bot commented May 29, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
photo-frame Ready Ready Preview, Comment May 29, 2026 7:02pm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants