The version of jpeg-js referenced in this package is subject to a moderate level security vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2020-8175).

The package should be updated to require version 0.4.0 of jpeg-js or higher.

I found this because of a Dependabot warning in github for a project I maintain that uses pureimage.

fixed. thanks for catching that.

Thanks for the quick fix!