Bump weasyprint from 66.0 to 67.0 in /backend-agent

[dependabot]

Bumps weasyprint from 66.0 to 67.0.

Release notes

Sourced from weasyprint's releases.

v67.0

Read about this release on our blog.

Dependencies

• Python 3.10+ is now needed, Python 3.9 is not supported anymore
• tinycss2 1.5.0+ is now needed
• fontTools 4.59.2+ is now needed

Features

• #2560, #640, #844, #1091, #2517: Support CMYK colors, PDF/X, color profiles and light-dark() function
• #2558, #1175: Support ::first-line, with financial support from Karte Technology
• #2552: Support CSS layers, with financial support from Code & Co.
• #2564, #2599, #2397: Allow page breaks in grid rows, with financial support from Ocean Recap
• #2568, #357: Support calc() and other mathematical functions
• #2575, #2574: Support PDF/A-1a, PDF/A-2a and PDF/A-3a
• #2611, #2573: Support PDF/A-4e and PDF/A-4f
• #2523: Display tofu for missing glyphs
• #2581: Add option to disable protocols in URL resolution
• #2570: Support rch, cap, rcap, rex, ic and ric font-relative units
• #2547, #2140: Support "only" keyword in media queries

Bug fixes

• #2516, #1510: Fix rendering of first line of text with nested right float
• #2510, #1073, #2507: Avoid Pango crashes and font mismatches with @font-face rules referencing local fonts
• #2532, #2531: Use fonttools instancer instead of deprecated mutator API
• #2541: Fix syntax of functions
• #2543: Allow font-related units to access @font-face fonts
• #2525: Respect top margins and avoid overlapping footnotes for columns, with financial support from Code & Co.
• #2536: Remove Subtype key from font descriptor
• #2539: Fix min width for SVGs with intrinsic ratio but no intrinsic size
• #2537, #2533: Fix order of operators when drawing SVGs
• #2538: Don’t crash with nested unknown functions
• #2542: Don’t crash when lh and rlh are used for line height or font size
• #2540, #2528: Use locale encoding instead of filesystem encoding for font paths
• #2563, #2479: Don’t avoid float collisions for atomic flex items
• #2569: Don’t be case-sensitive for units
• #2567, #2566: Add x-default attribute for metadata description to be compliant with PDF/A
• #2586, #2571: Improve formatting contexts management
• #2600: Fix SVG image aspect ratio when only width or height is specified
• #2612, #2595: Clean block layout and fix corner cases
• #2522: Ignore preserveAspectRatio when SVG has no viewBox
• #2544: Allow to use a variable twice in a function
• #2555: Fix flex gap in right-to-left context
• #2591: Respect non-auto widths and fix padding of grid items
• #2601: Don’t crash when tagged tables are not displayed as tables
• #2607: Fix rendering of multiline textareas with PDF forms
• #2106: Force variable initialization to avoid crashes during column layout

... (truncated)

Changelog

Sourced from weasyprint's changelog.

Version 67.0

Released on 2025-12-02.

Dependencies:

• Python 3.10+ is now needed, Python 3.9 is not supported anymore
• tinycss2 1.5.0+ is now needed
• fontTools 4.59.2+ is now needed

Features:

• [#2560](https://github.com/Kozea/WeasyPrint/issues/2560) <https://github.com/Kozea/WeasyPrint/pull/2560>, [#640](https://github.com/Kozea/WeasyPrint/issues/640) <https://github.com/Kozea/WeasyPrint/issues/640>, [#844](https://github.com/Kozea/WeasyPrint/issues/844) <https://github.com/Kozea/WeasyPrint/issues/844>, [#1091](https://github.com/Kozea/WeasyPrint/issues/1091) <https://github.com/Kozea/WeasyPrint/issues/1091>, [#2517](https://github.com/Kozea/WeasyPrint/issues/2517) <https://github.com/Kozea/WeasyPrint/issues/2517>_: Support CMYK colors, PDF/X, color profiles and light-dark() function
• [#2558](https://github.com/Kozea/WeasyPrint/issues/2558) <https://github.com/Kozea/WeasyPrint/pull/2558>, [#1175](https://github.com/Kozea/WeasyPrint/issues/1175) <https://github.com/Kozea/WeasyPrint/issues/1175>: Support ::first-line, with financial support from Karte Technology
• [#2552](https://github.com/Kozea/WeasyPrint/issues/2552) <https://github.com/Kozea/WeasyPrint/pull/2552>_: Support CSS layers, with financial support from Code & Co.
• [#2564](https://github.com/Kozea/WeasyPrint/issues/2564) <https://github.com/Kozea/WeasyPrint/pull/2564>, [#2599](https://github.com/Kozea/WeasyPrint/issues/2599) <https://github.com/Kozea/WeasyPrint/pull/2599>, [#2397](https://github.com/Kozea/WeasyPrint/issues/2397) <https://github.com/Kozea/WeasyPrint/issues/2397>_: Allow page breaks in grid rows, with financial support from Ocean Recap
• [#2568](https://github.com/Kozea/WeasyPrint/issues/2568) <https://github.com/Kozea/WeasyPrint/pull/2568>, [#357](https://github.com/Kozea/WeasyPrint/issues/357) <https://github.com/Kozea/WeasyPrint/issues/357>: Support calc() and other mathematical functions
• [#2575](https://github.com/Kozea/WeasyPrint/issues/2575) <https://github.com/Kozea/WeasyPrint/pull/2575>, [#2574](https://github.com/Kozea/WeasyPrint/issues/2574) <https://github.com/Kozea/WeasyPrint/issues/2574>: Support PDF/A-1a, PDF/A-2a and PDF/A-3a
• [#2611](https://github.com/Kozea/WeasyPrint/issues/2611) <https://github.com/Kozea/WeasyPrint/pull/2611>, [#2573](https://github.com/Kozea/WeasyPrint/issues/2573) <https://github.com/Kozea/WeasyPrint/issues/2573>: Support PDF/A-4e and PDF/A-4f
• [#2523](https://github.com/Kozea/WeasyPrint/issues/2523) <https://github.com/Kozea/WeasyPrint/pull/2523>_: Display tofu for missing glyphs
• [#2581](https://github.com/Kozea/WeasyPrint/issues/2581) <https://github.com/Kozea/WeasyPrint/pull/2581>_: Add option to disable protocols in URL resolution
• [#2570](https://github.com/Kozea/WeasyPrint/issues/2570) <https://github.com/Kozea/WeasyPrint/pull/2570>_: Support rch, cap, rcap, rex, ic and ric font-relative units
• [#2547](https://github.com/Kozea/WeasyPrint/issues/2547) <https://github.com/Kozea/WeasyPrint/pull/2547>, [#2140](https://github.com/Kozea/WeasyPrint/issues/2140) <https://github.com/Kozea/WeasyPrint/issues/2140>: Support "only" keyword in media queries

Bug fixes:

• [#2516](https://github.com/Kozea/WeasyPrint/issues/2516) <https://github.com/Kozea/WeasyPrint/pull/2516>_,

... (truncated)

Commits

• 94af598 Version 67.0
• 4a682db Merge pull request #2618 from different55/relative-flexgrid
• 7639bfb Use the same code for all layouts to manage out-of-flow children
• c57a44e Support the "x" resolution unit
• d004a3a Calculate relative offsets for grid and flex children.
• 9cdbaf1 Merge pull request #2599 from Kozea/split-grid
• d5230e1 Take care of extra advancement when expanding to reach the bottom
• 69c4848 Simplify advancement calculus
• 5566a7d Fix last row detection for grid cells with span
• 8cc2cbf Only include children from skipped rows on broken grids
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

The provided git diff shows a version update for the weasyprint package from 66.0 to 67.0 in the pyproject.toml file of the backend-agent. This is likely a minor update intended to bring in bug fixes or new features from the weasyprint library.

Walkthrough

• Chore: Updated weasyprint library from version 66.0 to 67.0 in the pyproject.toml. This chore task is focused on ensuring the system uses the latest version of dependencies, which may bring various improvements or security patches but does not directly impact user-facing features.

_{Model: gpt-4o-2024-08-06 | Prompt Tokens: 318 | Completion Tokens: 136}

[github-actions]

Here's a supportive code review enhanced by AI assistance. These observations are suggestions and possibilities rather than definitive conclusions, so please take what resonates with your approach. You remain the expert decision-maker—AI simply offers additional perspective to complement your judgment.

---

Always critique what AI says. Do not let AI replace YOUR I.
_{Model: claude-sonnet-4-20250514 | Prompt Tokens: 868 | Completion Tokens: 436}

[github-actions]

Consider using version ranges instead of pinned versions for better dependency flexibility and security updates. While pinned versions ensure reproducibility, they can prevent automatic security updates and make maintenance more difficult.

'weasyprint>=67.0,<68.0',

Alternatively, if you need exact versions for production stability, consider using a separate requirements-dev.txt or lock file approach where the pyproject.toml specifies ranges and a lock file pins exact versions.

[github-actions]

The dependencies are using Git repositories with specific branches/commits. Consider:

1. Version pinning: Pin to specific commit hashes for better reproducibility
2. Documentation: Add comments explaining why these forks are needed
3. Monitoring: Set up alerts for when upstream repositories are updated

# Using specific commit for reproducibility
'codeattack @ git+https://github.com/marcorosa/CodeAttack@abc123def456',
# Fork needed for vllm compatibility issues - see issue #123
'gptfuzzer @ git+https://github.com/marcorosa/GPTFuzz@def789abc012',