Bump weasyprint from 57.2 to 61.2

[dependabot[bot]]

Bumps weasyprint from 57.2 to 61.2.

Release notes

Sourced from weasyprint's releases.

v61.2

This is a security update.

We strongly recommend to upgrade WeasyPrint to the latest version if you use WeasyPrint 61.0 or 61.1. Older versions are not impacted.

Security

• Always use URL fetcher for attachments

Contributors

• Guillaume Ayoub
• Ilia Novoselov

Backers and sponsors

• Spacinov
• Kobalt
• Grip Angebotssoftware
• Manuel Barkhau
• SimonSoft
• Menutech
• KontextWork
• René Fritz
• Simon Sapin
• Arcanite
• TrainingSparkle
• Healthchecks.io
• Hammerbacher
• Docraptor
• Yanal-Yvez Fargialla
• Morntag
• NBCO

v61.1

Released on 2024-02-26.

Bug fixes

• #2075: Use default value when variable is not defined
• #2070: Don’t crash when rendering SVGs with non-text a children
• Don’t crash when SVG file can’t be rendered

Documentation

• #2067: Suggest "dnf" instead of "yum" to install Fedora packages
• Improve documentation for Windows
• Fix required version of TinyCSS2

Contributors

... (truncated)

Changelog

Sourced from weasyprint's changelog.

Version 61.2

Released on 2024-03-08.

This is a security update.

We strongly recommend to upgrade WeasyPrint to the latest version if you use WeasyPrint 61.0 or 61.1. Older versions are not impacted.

Security:

• Always use URL fetcher for attachments

Contributors:

• Guillaume Ayoub
• Ilia Novoselov

Backers and sponsors:

• Spacinov
• Kobalt
• Grip Angebotssoftware
• Manuel Barkhau
• SimonSoft
• Menutech
• KontextWork
• René Fritz
• Simon Sapin
• Arcanite
• TrainingSparkle
• Healthchecks.io
• Hammerbacher
• Docraptor
• Yanal-Yvez Fargialla
• Morntag
• NBCO

Version 61.1

Released on 2024-02-26.

Bug fixes:

• [#2075](https://github.com/Kozea/WeasyPrint/issues/2075) <https://github.com/Kozea/WeasyPrint/issues/2075>_: Use default value when variable is not defined
• [#2070](https://github.com/Kozea/WeasyPrint/issues/2070) <https://github.com/Kozea/WeasyPrint/issues/2070>_:

... (truncated)

Commits

• cfd2e30 Version 61.2
• 734ee8e Use document’s url_fetcher for attachments
• 4b28713 Version 61.1
• 61fb3c9 Improve documentation for Windows
• 00b647d Don’t update tinycss2 required version yet!
• 6298754 Update required version of tinycss2
• 3469118 Fix more text-anchor cases
• 9405a84 Use default value when variable is not defined
• a42c406 Add documentation about Windows executable
• 812e194 Don’t crash when rendering SVGs with non-text a children
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #626.