chore(deps): update pillow requirement from >=10.3.0 to >=12.2.0 in /apps/server by dependabot[bot] · Pull Request #407 · hessius/MeticAI

dependabot · 2026-04-28T00:28:16Z

Updates the requirements on pillow to permit the latest version.

Release notes

12.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html

Documentation

Update 12.2.0 release notes #9522 [@hugovk]

Add loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm #9482 [@bitplane]

Update Python versions #9515 [@radarhere]

Jeffrey A. Clark -> Jeffrey 'Alex' Clark #9513 [@aclark4life]

Add release notes for #9394, #9419 and #9456 #9467 [@radarhere]

Add Amiga Workbench .info loader to 3rd party plugins list #9459 [@bitplane]

Merge PFM documentation into PPM #9434 [@radarhere]

Update macOS tested Pillow versions #9431 [@radarhere]

Fix CVE number #9430 [@hugovk]

Dependencies

Update xz to 5.8.3 #9523 [@radarhere]

Update libjpeg-turbo to 3.1.4.1 #9507 [@radarhere]

Update libpng to 1.6.56 #9499 [@radarhere]

Update freetype to 2.14.3 #9485 [@radarhere]

Updated libavif to 1.4.1 #9479 [@radarhere]

Updated harfbuzz to 13.2.1 #9461 [@radarhere]

Update Ghostscript to 10.7.0 #9469 [@radarhere]

Update harfbuzz to 13.0.1 #9453 [@radarhere]

Update libavif to 1.4.0 #9460 [@radarhere]

Update freetype to 2.14.2 #9449 [@radarhere]

Update actions/download-artifact action to v8 #9451 [@renovate[bot]]

Updated libpng to 1.6.55 #9425 [@radarhere]

Testing

Cleanup .spider extension in the same test where it is added #9517 [@radarhere]

Run tests in parallel via tox for 3.5x speedup #9516 [@hugovk]

Enable colour in CI logs #9486 [@hugovk]

Update Ghostscript to 10.7.0 #9469 [@radarhere]

Simplify TGA test code #9477 [@radarhere]

Update tests to check for ValueError when encoding an empty image #9464 [@radarhere]

Upgrade CI from macos-15-intel to macos-26-intel #9454 [@hugovk]

Add check-case-conflict hook #9446 [@radarhere]

Specify platform when pulling docker image #9440 [@radarhere]

GHA: Cache libavif and webp builds for Ubuntu #9437 [@hugovk]

Update macOS tested Pillow versions #9431 [@radarhere]

Other changes

Check calloc return value #9527 [@radarhere]

Check all allocs in the Arrow tree #9488 [@wiredfool]

Reject non-numeric elements inside list coords #9526 [@hugovk]

Move variable declaration inside define #9525 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

Changelog (Pillow)

11.1.0 and newer

See GitHub Releases:

https://github.com/python-pillow/Pillow/releases

11.0.0 (2024-10-15)

Update licence to MIT-CMU #8460 [hugovk]

Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

Do not close provided file handles with libtiff when saving #8458 [radarhere]

Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

Use transparency when combining P frames from APNGs #8443 [radarhere]

Support all resampling filters when resizing I;16* images #8422 [radarhere]

Free memory on early return #8413 [radarhere]

Cast int before potentially exceeding INT_MAX #8402 [radarhere]

... (truncated)

Commits

3c41c09 12.2.0 version bump
cdaa29e Check calloc return value (#9527)
585b2f5 Check calloc return value
ecf011e Check all allocs in the Arrow tree (#9488)
cf6de8c Reject non-numeric elements inside list coords (#9526)
ffdcede Update 12.2.0 release notes (#9522)
7929d77 Added security release notes (#149)
c4f7aa5 Added security release notes
22cdb5f Move variable declaration inside define (#9525)
fc15b3b Resize tall images vertically first (#9524)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [pillow](https://github.com/python-pillow/Pillow) to permit the latest version. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.3.0...12.2.0) --- updated-dependencies: - dependency-name: pillow dependency-version: 12.2.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Backend (Python): - fastapi 0.136.0 → 0.136.1 - pillow >=10.3.0 → >=12.2.0 - pillow-heif >=0.18.0 → >=1.3.0 - zstandard >=0.22.0 → >=0.25.0 - pytest-timeout >=2.3.1 → >=2.4.0 Frontend (production): - react-hook-form 7.73.1 → 7.74.0 - lucide-react 1.8.0 → 1.11.0 - i18next 26.0.6 → 26.0.8 - i18next-http-backend 3.0.5 → 3.0.6 - react-i18next 17.0.4 → 17.0.6 Frontend (dev): - @vitest/browser-playwright 4.1.4 → 4.1.5 - @vitest/coverage-v8 4.1.4 → 4.1.5 - @vitest/ui 4.1.4 → 4.1.5 - typescript-eslint 8.59.0 → 8.59.1 - vite 8.0.9 → 8.0.10 - vitest 4.1.4 → 4.1.5 Closes #403, closes #404, closes #405, closes #406, closes #407, closes #408, closes #409, closes #410, closes #411 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

hessius · 2026-05-02T05:59:18Z

Superseded — dependency bumped in version/2.4.0 (commit d9305a3).

dependabot · 2026-05-02T05:59:20Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 28, 2026

hessius closed this May 2, 2026

dependabot Bot deleted the dependabot/pip/apps/server/pillow-gte-12.2.0 branch May 2, 2026 05:59

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update pillow requirement from >=10.3.0 to >=12.2.0 in /apps/server#407

chore(deps): update pillow requirement from >=10.3.0 to >=12.2.0 in /apps/server#407
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/apps/server/pillow-gte-12.2.0

dependabot Bot commented on behalf of github Apr 28, 2026

Uh oh!

hessius commented May 2, 2026

Uh oh!

dependabot Bot commented on behalf of github May 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 28, 2026

12.2.0

Documentation

Dependencies

Testing

Other changes

Changelog (Pillow)

11.1.0 and newer

11.0.0 (2024-10-15)

Uh oh!

hessius commented May 2, 2026

Uh oh!

dependabot Bot commented on behalf of github May 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant