Bump pillow from 8.1.1 to 8.2.0 #93

dependabot · 2021-06-08T21:33:18Z

Bumps pillow from 8.1.1 to 8.2.0.

Release notes

8.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html

Changes

Security fixes for 8.2.0 #5377 [@hugovk]

Move getxmp() to JpegImageFile #5376 [@radarhere]

Added getxmp() method #5144 [@UrielMaD]

Compile LibTIFF with CMake on Windows #5359 [@nulano]

Add ImageShow support for GraphicsMagick #5349 [@latosha-maltba]

Tiff crash fixes in TiffDecode.c #5372 [@wiredfool]

Remove redundant check (addition to #5364) #5366 [@kkopachev]

Do not load transparent pixels from subsequent GIF frames #5333 [@radarhere]

Use LZW encoding when saving GIF images #5291 [@raygard]

Set all transparent colors to be equal in quantize() #5282 [@radarhere]

Allow PixelAccess to use Python int when parsing x and y #5206 [@radarhere]

Removed Image._MODEINFO #5316 [@radarhere]

Add preserve_tone option to autocontrast #5350 [@elejke]

Only import numpy when necessary #5323 [@radarhere]

Fixed linear_gradient and radial_gradient I and F modes #5274 [@radarhere]

Add support for reading TIFFs with PlanarConfiguration=2 #5364 [@wiredfool]

More OSS-Fuzz support #5328 [@wiredfool]

Do not premultiply alpha when resizing with Image.NEAREST resampling #5304 [@nulano]

Use quantization method attributes #5353 [@radarhere]

Dynamically link FriBiDi instead of Raqm #5062 [@nulano]

Removed build_distance_tables return value #5363 [@radarhere]

Allow fewer PNG palette entries than the bit depth maximum when saving #5330 [@radarhere]

Use duration from info dictionary when saving WebP #5338 [@radarhere]

Improved efficiency when creating GIF disposal images #5326 [@radarhere]

Stop flattening EXIF IFD into getexif() #4947 [@radarhere]

Replaced tiff_deflate with tiff_adobe_deflate compression when saving TIFF images #5343 [@radarhere]

Save ICC profile from TIFF encoderinfo #5321 [@radarhere]

Moved RGB fix inside ImageQt class #5268 [@radarhere]

Fix -Wformat error in TiffDecode #5305 [@lukegb]

Allow alpha_composite destination to be negative #5313 [@radarhere]

Ensure file is closed if it is opened by ImageQt.ImageQt #5260 [@radarhere]

Added ImageDraw rounded_rectangle method #5208 [@radarhere]

Added IPythonViewer #5289 [@radarhere]

Only draw each rectangle outline pixel once #5183 [@radarhere]

Use mmap instead of built-in Win32 mapper #5224 [@radarhere]

Handle PCX images with an odd stride #5214 [@radarhere]

Only read different sizes for "Large Thumbnail" MPO frames #5168 [@radarhere]

Dependencies

Updated harfbuzz to 2.8.0 #5334 [@radarhere]

Deprecations

... (truncated)

Changelog

Sourced from pillow's changelog.

8.2.0 (2021-04-01)

Added getxmp() method #5144 [UrielMaD, radarhere]

Add ImageShow support for GraphicsMagick #5349 [latosha-maltba, radarhere]

Do not load transparent pixels from subsequent GIF frames #5333 [zewt, radarhere]

Use LZW encoding when saving GIF images #5291 [raygard]

Set all transparent colors to be equal in quantize() #5282 [radarhere]

Allow PixelAccess to use Python int when parsing x and y #5206 [radarhere]

Removed Image._MODEINFO #5316 [radarhere]

Add preserve_tone option to autocontrast #5350 [elejke, radarhere]

Fixed linear_gradient and radial_gradient I and F modes #5274 [radarhere]

Add support for reading TIFFs with PlanarConfiguration=2 #5364 [kkopachev, wiredfool, nulano]

Deprecated categories #5351 [radarhere]

Do not premultiply alpha when resizing with Image.NEAREST resampling #5304 [nulano]

Dynamically link FriBiDi instead of Raqm #5062 [nulano]

Allow fewer PNG palette entries than the bit depth maximum when saving #5330 [radarhere]

Use duration from info dictionary when saving WebP #5338 [radarhere]

Stop flattening EXIF IFD into getexif() #4947 [radarhere, kkopachev]

... (truncated)

Commits

e0e353c 8.2.0 version bump
ee635be Merge pull request #5377 from hugovk/security-and-release-notes
694c84f Fix typo [ci skip]
8febdad Review, typos and lint
fea4196 Reorder, roughly alphabetic
496245a Fix BLP DOS -- CVE-2021-28678
22e9bee Fix DOS in PSDImagePlugin -- CVE-2021-28675
ba65f0b Fix Memory DOS in ImageFont
bb6c11f Fix FLI DOS -- CVE-2021-28676
5a5e6db Fix EPS DOS on _open -- CVE-2021-28677
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [pillow](https://github.com/python-pillow/Pillow) from 8.1.1 to 8.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/master/CHANGES.rst) - [Commits](python-pillow/Pillow@8.1.1...8.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

norkator

Tested that works as should.

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 8, 2021

dependabot bot force-pushed the dependabot/pip/pillow-8.2.0 branch 3 times, most recently from 44c4ef3 to e965432 Compare June 23, 2021 17:54

norkator force-pushed the dependabot/pip/pillow-8.2.0 branch from e965432 to ad56e4c Compare June 23, 2021 17:55

norkator approved these changes Jun 23, 2021

View reviewed changes

norkator merged commit a80d875 into master Jun 23, 2021

norkator deleted the dependabot/pip/pillow-8.2.0 branch June 23, 2021 19:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump pillow from 8.1.1 to 8.2.0 #93

Bump pillow from 8.1.1 to 8.2.0 #93

dependabot bot commented on behalf of github Jun 8, 2021 •

edited

norkator left a comment

Bump pillow from 8.1.1 to 8.2.0 #93

Bump pillow from 8.1.1 to 8.2.0 #93

Conversation

dependabot bot commented on behalf of github Jun 8, 2021 • edited

8.2.0

Changes

Dependencies

Deprecations

8.2.0 (2021-04-01)

norkator left a comment

Choose a reason for hiding this comment

dependabot bot commented on behalf of github Jun 8, 2021 •

edited