Skip to content

Bump fonttools from 4.58.0 to 4.58.1#1157

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/fonttools-4.58.1
May 29, 2025
Merged

Bump fonttools from 4.58.0 to 4.58.1#1157
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/fonttools-4.58.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 29, 2025

Bumps fonttools from 4.58.0 to 4.58.1.

Release notes

Sourced from fonttools's releases.

4.58.1

  • [varLib] Make sure that fvar named instances only reuse name ID 2 or 17 if they are at the default location across all axes, to match OT spec requirement (#3831).
  • [feaLib] Improve single substitution promotion to multiple/ligature substitutions, fixing a few bugs as well (#3849).
  • [loggingTools] Make Timer._time a static method that doesn't take self, makes it easier to override (#3836).
  • [featureVars] Use None for empty ConditionSet, which translates to a null offset in the compiled table (#3850).
  • [feaLib] Raise an error on conflicting ligature substitution rules instead of silently taking the last one (#3835).
  • Add typing annotations to T2CharStringPen (#3837).
  • [feaLib] Add single substitutions that were promoted to multiple or ligature substitutions to aalt feature (#3847).
  • [featureVars] Create a default LangSys in a ScriptRecord if missing when adding feature variations to existing GSUB later in the build (#3838).
  • [symfont] Added a main().
  • [cffLib.specializer] Fix rmoveto merging when blends used (#3839, #3840).
  • [pyftmerge] Add support for cmap format 14 in the merge tool (#3830).
  • [varLib.instancer/cff2] Fix vsindex of Private dicts when instantiating (#3828, #3232).
  • Update text file read to use UTF-8 with optional BOM so it works with e.g. Windows Notepad.exe (#3824).
  • [varLib] Ensure that instances only reuse name ID 2 or 17 if they are at the default location across all axes (#3831).
  • [varLib] Create a dflt LangSys in a ScriptRecord when adding variations later, to fix an avoidable crash in an edge case (#3838).
Changelog

Sourced from fonttools's changelog.

4.58.1 (released 2025-05-28)

  • [varLib] Make sure that fvar named instances only reuse name ID 2 or 17 if they are at the default location across all axes, to match OT spec requirement (#3831).
  • [feaLib] Improve single substitution promotion to multiple/ligature substitutions, fixing a few bugs as well (#3849).
  • [loggingTools] Make Timer._time a static method that doesn't take self, makes it easier to override (#3836).
  • [featureVars] Use None for empty ConditionSet, which translates to a null offset in the compiled table (#3850).
  • [feaLib] Raise an error on conflicting ligature substitution rules instead of silently taking the last one (#3835).
  • Add typing annotations to T2CharStringPen (#3837).
  • [feaLib] Add single substitutions that were promoted to multiple or ligature substitutions to aalt feature (#3847).
  • [featureVars] Create a default LangSys in a ScriptRecord if missing when adding feature variations to existing GSUB later in the build (#3838).
  • [symfont] Added a main().
  • [cffLib.specializer] Fix rmoveto merging when blends used (#3839, #3840).
  • [pyftmerge] Add support for cmap format 14 in the merge tool (#3830).
  • [varLib.instancer/cff2] Fix vsindex of Private dicts when instantiating (#3828, #3232).
  • Update text file read to use UTF-8 with optional BOM so it works with e.g. Windows Notepad.exe (#3824).
  • [varLib] Ensure that instances only reuse name ID 2 or 17 if they are at the default location across all axes (#3831).
  • [varLib] Create a dflt LangSys in a ScriptRecord when adding variations later, to fix an avoidable crash in an edge case (#3838).
Commits
  • ad9e68b Release 4.58.1
  • a48f5d9 Update NEWS.rst
  • a228454 [loggingTools] make Timer._time a static method that doesn't take self
  • 5531feb Merge pull request #3831 from fonttools/reuse-name-id-2-and-17-only-when-defa...
  • e8925b4 Merge pull request #3849 from fonttools/bug3846
  • 403c7ca don't call addMultilingualName twice; try to find else add
  • 509ca62 [feaLib] Improve single substitution promotion
  • ad964a1 Merge pull request #3836 from sminnee/fix/freezegun-conflict
  • 4fc7dcf Small fixup of typing annotations
  • 6d452ea Merge pull request #3850 from fonttools/null-empty-condset
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump fonttools from 4.58.0 to 4.58.1
d8b3206 
Bumps [fonttools](https://github.com/fonttools/fonttools) from 4.58.0 to 4.58.1.
- [Release notes](https://github.com/fonttools/fonttools/releases)
- [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst)
- [Commits](fonttools/fonttools@4.58.0...4.58.1)

---
updated-dependencies:
- dependency-name: fonttools
  dependency-version: 4.58.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 29, 2025
@github-actions github-actions Bot enabled auto-merge (squash) May 29, 2025 03:02
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 29, 2025

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 5 0 0 0.12s
✅ COPYPASTE jscpd yes no no 4.1s
✅ JSON prettier 2 0 0 0 0.36s
✅ JSON v8r 2 0 0 2.23s
✅ MARKDOWN markdownlint 1 0 0 0 0.6s
✅ MARKDOWN markdown-link-check 1 0 0 1.51s
✅ MARKDOWN markdown-table-formatter 1 0 0 0 0.22s
✅ PYTHON bandit 244 0 0 2.91s
✅ PYTHON black 244 0 0 0 3.36s
✅ PYTHON flake8 244 0 0 1.48s
✅ PYTHON isort 244 0 0 0 0.49s
✅ PYTHON mypy 244 0 0 4.43s
✅ PYTHON pylint 244 0 0 66.93s
✅ PYTHON ruff 244 0 0 0 0.03s
✅ REPOSITORY checkov yes no no 12.68s
✅ REPOSITORY gitleaks yes no no 2.12s
✅ REPOSITORY git_diff yes no no 0.0s
✅ REPOSITORY grype yes no no 22.5s
✅ REPOSITORY secretlint yes no no 3.18s
✅ REPOSITORY syft yes no no 1.27s
✅ REPOSITORY trivy-sbom yes no no 0.13s
✅ REPOSITORY trufflehog yes no no 14.8s
✅ YAML prettier 9 0 0 0 0.68s
✅ YAML v8r 9 0 0 5.21s
✅ YAML yamllint 9 0 0 0.45s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by OX Security

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 29, 2025

Test Results

    3 files      3 suites   58m 5s ⏱️
  449 tests   449 ✅   0 💤 0 ❌
1 347 runs  1 121 ✅ 226 💤 0 ❌

Results for commit d8b3206.

@github-actions github-actions Bot merged commit e6843a3 into main May 29, 2025
8 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/fonttools-4.58.1 branch May 29, 2025 03:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants