Update file-type dependency to v21+ (GHSA-5v7r-6r5c-r473)

## Summary

`@jimp/core@1.6.0` depends on `file-type@^16.0.0`, which is affected by [GHSA-5v7r-6r5c-r473](https://github.com/advisories/GHSA-5v7r-6r5c-r473) — an infinite loop in the ASF parser on malformed input with a zero-size sub-header.

The vulnerability affects all `file-type` versions `>=13.0.0 <21.3.1`. The fix requires updating to `>=21.3.1`.

## Affected code

In `@jimp/core/src/index.ts`:
```typescript
import fileType from "file-type/core.js";
// ...
const mime = await fileType.fromBuffer(actualBuffer);
```

## Required changes

The `file-type` v21 API replaced the default export with named exports:

```diff
- import fileType from "file-type/core.js";
+ import { fileTypeFromBuffer } from "file-type/core.js";
// ...
- const mime = await fileType.fromBuffer(actualBuffer);
+ const mime = await fileTypeFromBuffer(actualBuffer);
```

And update `package.json`:
```diff
- "file-type": "^16.0.0"
+ "file-type": "^21.3.1"
```

## Workaround

Consumers can apply a pnpm patch to `@jimp/core` and override the dependency:
```json
{
  "pnpm": {
    "overrides": {
      "@jimp/core>file-type": "21.3.1"
    }
  }
}
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update file-type dependency to v21+ (GHSA-5v7r-6r5c-r473) #1399

Summary

Affected code

Required changes

Workaround

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Update file-type dependency to v21+ (GHSA-5v7r-6r5c-r473) #1399

Description

Summary

Affected code

Required changes

Workaround

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions