search

skygate / skyexpo-matchmaking

The matchmaking app for skyexpo AI 2020
http://skyexpo.hal.skygate.io/
0 stars 0 forks source link

Bump pillow from 6.2.1 to 7.0.0 in /backend #81

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps pillow from 6.2.1 to 7.0.0.

Release notes

Sourced from pillow's releases.

7.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/7.0.0.html

6.2.2

https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html

Changelog

Sourced from pillow's changelog.

7.0.0 (2020-01-02)

  • Drop support for EOL Python 2.7 #4109 [hugovk, radarhere, jdufresne]
  • Fix rounding error on RGB to L conversion #4320 [homm]
  • Exif writing fixes: Rational boundaries and signed/unsigned types #3980 [kkopachev, radarhere]
  • Allow loading of WMF images at a given DPI #4311 [radarhere]
  • Added reduce operation #4251 [homm]
  • Raise ValueError for io.StringIO in Image.open #4302 [radarhere, hugovk]
  • Fix thumbnail geometry when DCT scaling is used #4231 [homm, radarhere]
  • Use default DPI when exif provides invalid x_resolution #4147 [beipang2, radarhere]
  • Change default resize resampling filter from NEAREST to BICUBIC #4255 [homm]
  • Fixed black lines on upscaled images with the BOX filter #4278 [homm]
  • Better thumbnail aspect ratio preservation #4256 [homm]
  • Add La mode packing and unpacking #4248 [homm]
  • Include tests in coverage reports #4173 [hugovk]
  • Handle broken Photoshop data #4239 [radarhere]
  • Raise a specific exception if no data is found for an MPO frame #4240 [radarhere]
  • Fix Unicode support for PyPy #4145 [nulano]
  • Added UnidentifiedImageError #4182 [radarhere, hugovk]
  • Remove deprecated __version__ from plugins #4197 [hugovk, radarhere]
  • Fixed freeing unallocated pointer when resizing with height too large #4116 [radarhere]
  • Copy info in Image.transform #4128 [radarhere]
  • Corrected DdsImagePlugin setting info gamma #4171 [radarhere]
  • Depends: Update libtiff to 4.1.0 #4195, Tk Tcl to 8.6.10 #4229, libimagequant to 2.12.6 #4318 [radarhere]
  • Improve handling of file resources #3577 [jdufresne]
  • Removed CI testing of Fedora 29 #4165 [hugovk]
  • Added pypy3 to tox envlist #4137 [jdufresne]
  • Drop support for EOL PyQt4 and PySide #4108 [hugovk, radarhere]
  • Removed deprecated setting of TIFF image sizes #4114 [radarhere]
  • Removed deprecated PILLOW_VERSION #4107 [hugovk]
  • Changed default frombuffer raw decoder args #1730 [radarhere]

6.2.2 (2020-01-02)

  • This is the last Pillow release to support Python 2.7 #3642
  • Overflow checks for realloc for tiff decoding. CVE TBD [wiredfool, radarhere]
  • Catch SGI buffer overrun. CVE TBD [radarhere]
  • Catch PCX P mode buffer overrun. CVE TBD [radarhere]
  • Catch FLI buffer overrun. CVE TBD [radarhere]
  • Raise an error for an invalid number of bands in FPX image. CVE-2019-19911 [wiredfool, radarhere]
Commits
  • 1cecf08 Release notes for 6.2.2
  • 37b1974 7.0.0 version bump
  • afc93b0 Added release notes [ci skip]
  • b9c6854 Overflow checks for realloc for tiff decoding
  • be44f0d Catch SGI buffer overruns
  • 8f0c8f7 Catch PCX P mode buffer overrun
  • c40bc25 Catch FLI buffer overrun
  • 138bd71 Raise an error for an invalid number of bands in FPX image
  • ac4b708 Merge pull request #4327 from radarhere/releasenotes
  • 2f508d4 Added security notes [ci skip]
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)