Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all dependencies #1717

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Update all dependencies #1717

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 7, 2023
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/checkout action digest 8ade135 -> 11bd719
actions/download-artifact action major v3 -> v4 age adoption passing confidence
actions/setup-python action major v4 -> v5 age adoption passing confidence
actions/upload-artifact action major v3 -> v4 age adoption passing confidence
fontMath patch ==0.9.3 -> ==0.9.4 age adoption passing confidence
fontTools minor ==4.43.0 -> ==4.55.0 age adoption passing confidence
github/codeql-action action major v2 -> v3 age adoption passing confidence
lxml (source, changelog) major ==4.9.3 -> ==5.3.0 age adoption passing confidence
pypa/cibuildwheel action patch v2.21.1 -> v2.21.3 age adoption passing confidence
softprops/action-gh-release action major v1 -> v2 age adoption passing confidence
ufoProcessor minor ==1.9.0 -> ==1.13.2 age adoption passing confidence
ufonormalizer patch ==0.6.1 -> ==0.6.2 age adoption passing confidence

Release Notes

actions/download-artifact (actions/download-artifact)

v4

Compare Source

actions/setup-python (actions/setup-python)

v5

Compare Source

actions/upload-artifact (actions/upload-artifact)

v4

Compare Source

robotools/fontMath (fontMath)

v0.9.4

Compare Source

What's Changed

New Contributors

Full Changelog: robotools/fontMath@0.9.3...0.9.4

fonttools/fonttools (fontTools)

v4.55.0

Compare Source

  • [cffLib.specializer] Adjust stack use calculation (#​3689)
  • [varLib] Lets not add mac names if the rest of name doesn't have them (#​3688)
  • [ttLib.reorderGlyphs] Update CFF table charstrings and charset (#​3682)
  • [cffLib.specializer] Add cmdline to specialize a CFF2 font (#​3675, #​3679)
  • [CFF2] Lift uint16 VariationStore.length limitation (#​3674)
  • [subset] consider variation selectors subsetting cmap14 (#​3672)
  • [varLib.interpolatable] Support CFF2 fonts (#​3670)
  • Set isfinal to true in XML parser for proper resource cleanup (#​3669)
  • [removeOverlaps] Fix CFF CharString width (#​3659)
  • [glyf] Add optimizeSize option (#​3657)
  • Python 3.13 support (#​3656)
  • [TupleVariation] Optimize for loading speed, not size (#​3650, #​3653)

v4.54.1

Compare Source

What's Changed

  • [unicodedata] Update to Unicode 16
  • [subset] Escape \ in doc string

New Contributors

Full Changelog: fonttools/fonttools@4.54.0...4.54.1

v4.54.0

Compare Source

v4.53.1

Compare Source

4.53.1

  • [feaLib] Improve the sharing of inline chained lookups (#​3559)
  • [otlLib] Correct the calculation of OS/2.usMaxContext with reversed chaining contextual single substitutions (#​3569)
  • [misc.visitor] Visitors search the inheritance chain of objects they are visiting (#​3581)

v4.53.0

Compare Source

v4.52.4

Compare Source

  • [varLib.cff] Restore and deprecate convertCFFtoCFF2 that was removed in 4.52.0 release as it is used by downstream projects (#​3535).

v4.52.3

Compare Source

Fixed a small syntax error in the reStructuredText-formatted NEWS.rst file which caused the upload to PyPI to fail for 4.52.2. No other code changes.

v4.52.1

Compare Source

Fixed a small syntax error in the reStructuredText-formatted NEWS.rst file which caused the upload to PyPI to fail for 4.52.0.
No other code changes.

v4.51.0

Compare Source

  • [ttLib] Optimization on loading aux fields (#​3464).
  • [ttFont] Add reorderGlyphs (#​3468).

v4.50.0

Compare Source

v4.49.0

Compare Source

  • [otlLib] Add API for building MATH table (#​3446)

v4.48.1

Compare Source

  • Fixed uploading wheels to PyPI, no code changes since v4.48.0.

v4.47.2

Compare Source

Minor release to fix uploading wheels to PyPI.

v4.47.0

Compare Source

  • [varLib.models] New API for VariationModel: getMasterScalars and interpolateFromValuesAndScalars.
  • [varLib.interpolatable] Various bugfixes and rendering improvements. In particular, add a Summary page in the front, and an Index and Table-of-Contents in the back. Change the page size to Letter.
  • [Docs/designspaceLib] Defined a new public.fontInfo lib key, not used anywhere yet (#​3358).

v4.46.0

Compare Source

  • [featureVars] Allow to register the same set of substitution rules to multiple features. The addFeatureVariations function can now take a list of featureTags; similarly, the lib key 'com.github.fonttools.varLib.featureVarsFeatureTag' can now take a comma-separateed string of feature tags (e.g. "salt,ss01") instead of a single tag (#​3360).
  • [featureVars] Don't overwrite GSUB FeatureVariations, but append new records to it for features which are not already there. But raise VarLibError if the feature tag already has feature variations associated with it (#​3363).
  • [varLib] Added addGSUBFeatureVariations function to add GSUB Feature Variations to an existing variable font from rules defined in a DesignSpace document (#​3362).
  • [varLib.interpolatable] Various bugfixes and rendering improvements. In particular, a new test for "underweight" glyphs. The new test reports quite a few false-positives though. Please send feedback.

v4.45.1

Compare Source

  • [varLib.interpolatable] Various bugfixes and improvements, better reporting, reduced false positives.
  • [ttGlyphSet] Added option to not recalculate glyf bounds (#​3348).

v4.45.0

Compare Source

  • [varLib.interpolator] Vastly improved algorithms. Also available now is --pdf and --html options to generate a PDF or HTML report of the interpolation issues.
    The PDF/HTML report showcases the problematic masters, the interpolated broken glyph, as well as the proposed fixed version.

v4.44.3

Compare Source

  • [subset] Only prune codepage ranges for OS/2.version >= 1, ignore otherwise (#​3334).
  • [instancer] Ensure hhea vertical metrics stay in sync with OS/2 ones after instancing MVAR table containing 'hasc', 'hdsc' or 'hlgp' tags (#​3297).

v4.44.1

Compare Source

  • [feaLib] Ensure variable mark anchors are deep-copied while building since they get modified in-place and later reused (#​3330).
  • [OS/2|subset] Added method to recalcCodePageRanges to OS/2 table class; added --prune-codepage-ranges to fonttools subset command (#​3328, #​2607).

NOTE: this release was "yanked" from PyPI because it introduced a regression: https://github.com/fonttools/fonttools/issues/3334

v4.44.0

Compare Source

  • [instancer] Recalc OS/2 AvgCharWidth after instancing if default changes (#​3317).
  • [otlLib] Make ClassDefBuilder class order match varLib.merger's, i.e. large classes first, then glyph lexicographic order (#​3321, #​3324).
  • [instancer] Allow not specifying any of min:default:max values and let be filled up with fvar's values (#​3322, #​3323).
  • [instancer] When running --update-name-table ignore axes that have no STAT axis values (#​3318, #​3319).
  • [Debg] When dumping to ttx, write the embedded JSON as multi-line string with indentation (92cbfee).
  • [varStore] Handle > 65535 items per encoding by splitting VarData subtable (#​3310).
  • [subset] Handle null-offsets in MarkLigPos subtables.
  • [subset] Keep East Asian spacing fatures vhal, halt, chws, vchw by default (#​3305).
  • [instancer.solver] Fixed case where axisDef < lower and upper < axisMax (#​3304).
  • [glyf] Speed up compilation, mostly around recalcBounds (#​3301).
  • [varLib.interpolatable] Speed it up when working on variable fonts, plus various micro-optimizations (#​3300).
  • Require unicodedata2 >= 15.1.0 when installed with 'unicode' extra, contains UCD 15.1.

v4.43.1

Compare Source

  • [EBDT] Fixed TypeError exception in _reverseBytes method triggered when dumping some bitmap fonts with ttx -z bitwise option (#​3162).
  • [v/hhea] Fixed UnboundLocalError exception in recalc method when no vmtx or hmtx tables are present (#​3290).
  • [bezierTools] Fixed incorrectly typed cython local variable leading to TypeError when calling calcQuadraticArcLength (#​3288).
  • [feaLib/otlLib] Better error message when building Coverage table with missing glyph (#​3286).
github/codeql-action (github/codeql-action)

v3

Compare Source

lxml/lxml (lxml)

v5.3.0

Compare Source

==================

Features added

  • GH#421: Nested CDATA sections are no longer rejected but split on output
    to represent ]]> correctly.
    Patch by Gertjan Klein.

Bugs fixed

  • LP#2060160: Attribute values serialised differently in xmlfile.element() and xmlfile.write().

  • LP#2058177: The ISO-Schematron implementation could fail on unknown prefixes.
    Patch by David Lakin.

Other changes

  • LP#2067707: The strip_cdata option in HTMLParser() turned out to be useless and is now deprecated.

  • Binary wheels use the library versions libxml2 2.12.9 and libxslt 1.1.42.

  • Windows binary wheels use the library versions libxml2 2.11.8 and libxslt 1.1.39.

  • Built with Cython 3.0.11.

v5.2.2

Compare Source

==================

Bugs fixed

  • GH#417: The test_feed_parser test could fail if lxml_html_clean was not installed.
    It is now skipped in that case.

  • LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to
    "core2", without SSE 4.2.

  • If libxml2 uses iconv, the compile time version is available as etree.ICONV_COMPILED_VERSION.

v5.2.1

Compare Source

==================

Bugs fixed

  • LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to
    "core2", but with SSE 4.2 enabled.

  • LP#2059977: Element.iterfind("//absolute_path") failed with a SyntaxError
    where it should have issued a warning.

  • GH#416: The documentation build was using the non-standard which command.
    Patch by Michał Górny.

v5.2.0

Compare Source

==================

Other changes

  • LP#1958539: The lxml.html.clean implementation suffered from several (only if used)
    security issues in the past and was now extracted into a separate library:

    https://github.com/fedora-python/lxml_html_clean

    Projects that use lxml without "lxml.html.clean" will not notice any difference,
    except that they won't have potentially vulnerable code installed.
    The module is available as an "extra" setuptools dependency "lxml[html_clean]",
    so that Projects that need "lxml.html.clean" will need to switch their requirements
    from "lxml" to "lxml[html_clean]", or install the new library themselves.

  • The minimum CPU architecture for the Linux x86 binary wheels was upgraded to
    "sandybridge" (launched 2011), and glibc 2.28 / gcc 12 (manylinux_2_28) wheels were added.

  • Built with Cython 3.0.10.

v5.1.1

Compare Source

==================

Bugs fixed

  • LP#2048920: iterlinks() in lxml.html rejected bytes input in 5.1.0.

  • High source line numbers from the parser are no longer truncated
    (up to a C long) when using libxml2 2.11 or later.

Other changes

  • GH#407: A compatibility test was adapted to recent expat versions.
    Patch by Miro Hrončok.

  • Binary wheels use the library versions libxml2 2.12.6 and libxslt 1.1.39.

  • Windows binary wheels use the library versions libxml2 2.11.7 and libxslt 1.1.39.

  • Built with Cython 3.0.9.

v5.1.0

Compare Source

==================

Features added

  • Parsing ASCII strings is slightly faster.

Bugs fixed

  • GH#349: The HTML Cleaner() interpreted an accidentally provided string parameter
    for the host_whitelist as list of characters and silently failed to reject any hosts.
    Passing a non-collection is now rejected.

Other changes

  • Support for Python 2.7 and Python versions < 3.6 was removed.

  • The wheel build was migrated to use cibuildwheel.
    Patch by Primož Godec.

v5.0.2

Compare Source

==================

Other changes

  • GH#407: A compatibility test was adapted to recent expat versions.
    Patch by Miro Hrončok.

  • Binary wheels use the library versions libxml2 2.12.6 and libxslt 1.1.39.

  • Built with Cython 3.0.9.

v5.0.1

Compare Source

==================

Bugs fixed

  • LP#2046208: Parsing non-BMP Python Unicode strings could fail on macOS.

  • LP#2044225: When incrementally parsing broken HTML, reporting start events on
    missing structural tags failed and could lead to subsequent exceptions.

  • LP#2045435: Some (not all) issues with stricter C compilers were resolved.

  • The binary wheels in the 5.0.0 release did not validate cleanly (but installed ok).

.. _latest_release:

v5.0.0

Compare Source

==================

Features added

  • Character escaping in C14N2 serialisation now uses a single pass over the text
    instead of searching for each unescaped character separately.

  • Early support for Python 3.13a2 was added.

Bugs fixed

  • LP#1976304: The Element.addnext() method previously inserted the new element
    before existing tail text. The tail text of both sibling elements now stays on
    the respective elements.

  • LP#1980767, GH#379: TreeBuilder.close() could fail with a TypeError after
    parsing incorrect input. Original patch by Enrico Minack.

  • Element.itertext(with_tail=False) returned the tail text of comments and
    processing instructions, despite the explicit option.

  • GH#370: A crash with recent libxml2 2.11.x versions was resolved.
    Patch by Michael Schlenker.

  • A compile problem with recent libxml2 2.12.x versions was resolved.

  • The internal exception handling in C callbacks was improved for Cython 3.0.

  • The exception declarations of xmlInputReadCallback, xmlInputCloseCallback,
    xmlOutputWriteCallback and xmlOutputCloseCallback in tree.pxd were
    corrected to prevent running Python code or calling into the C-API with a live
    exception set.

  • GH#385: The long deprecated unittest.m̀akeSuite() function is no longer used.
    Patch by Miro Hrončok.

  • LP#1522052: A file-system specific test is now optional and should no longer fail
    on systems that don't support it.

  • GH#392: Some tests were adapted for libxml2 2.13.
    Patch by Nick Wellnhofer.

  • Contains all fixes from lxml 4.9.4.

Other changes

  • LP#1742885: lxml no longer expands external entities (XXE) by default to prevent
    the security risk of loading arbitrary files and URLs. If this feature is needed,
    it can be enabled in a backwards compatible way by using a parser with the option
    resolve_entities=True. The new default is resolve_entities='internal'.

  • With libxml2 2.10.4 and later (as provided by the lxml 5.0 binary wheels),
    parsing HTML tags with "prefixes" no longer builds a namespace dictionary
    in nsmap but considers the prefix:name string the actual tag name.
    With older libxml2 versions, since 2.9.11, the prefix was removed. Before
    that, the prefix was parsed as XML prefix.

    lxml 5.0 does not try to hide this difference but now changes the ElementPath
    implementation to let element.find("part1:part2") search for the tag
    part1:part2 in documents parsed as HTML, instead of looking only for part2.

  • LP#2024343: The validation of the schema file itself is now optional in the
    ISO-Schematron implementation. This was done because some lxml distributions
    discard the RNG validation schema file due to licensing issues. The validation
    can now always be disabled with Schematron(..., validate_schema=False).
    It is enabled by default if available and disabled otherwise. The module
    constant lxml.isoschematron.schematron_schema_valid_supported can be used
    to detect whether schema file validation is available.

  • Some redundant and long deprecated methods were removed:
    parser.setElementClassLookup(),
    xslt_transform.apply(),
    xpath.evaluate().

  • Some incorrect declarations were removed from python.pxd. In general, this file
    should not be used by external Cython code. Use the C-API declarations provided by
    Cython itself instead.

  • Binary wheels use the library versions libxml2 2.12.3 and libxslt 1.1.39.

  • Built with Cython 3.0.7, updated to follow recent changes in Cython 3.1-dev.

v4.9.4

Compare Source

==================

Bugs fixed

  • LP#2046398: Inserting/replacing an ancestor into a node's children could loop indefinitely.

  • LP#1980767, GH#379: TreeBuilder.close() could fail with a TypeError after
    parsing incorrect input. Original patch by Enrico Minack.

  • LP#1522052: A file-system specific test is now optional and should no longer fail
    on systems that don't support it.

Other changes

  • Wheels include zlib 1.3, libxml2 2.10.3 and libxslt 1.1.39
    (zlib 1.2.12, libxml2 2.10.3 and libxslt 1.1.37 on Windows).

  • Built with Cython 0.29.37.

pypa/cibuildwheel (pypa/cibuildwheel)

v2.21.3

Compare Source

  • 🛠 Update CPython 3.13 to 3.13.0 final release (#​2032)
  • 📚 Docs updates and tidy ups (#​2035)

v2.21.2

Compare Source

  • ✨ Adds support for building 32-bit armv7l wheels on musllinux. On a Linux system with emulation set up, set CIBW_ARCHS to armv7l to try it out if you're interested! (#​2017)
  • 🐛 Fix Linux Podman builds on some systems (#​2016)
  • ✨ Adds official support for running on Python 3.13 (#​2026)
  • 🛠 Update CPython 3.13 to 3.13.0rc3 (#​2029)

Note: the default manylinux image is scheduled to change from manylinux2014 to manylinux_2_28 in a cibuildwheel release on or after 6th May 2025 - you can set the value now to avoid getting upgraded if you want. (#​1992)

softprops/action-gh-release (softprops/action-gh-release)

v2

Compare Source

LettError/ufoProcessor (ufoProcessor)

v1.13.2: Fixes

Compare Source

  • Provide access to addLocationLabel and addLocationLabelDescriptor. These are already present in the FontTools DesignspaceLib.

  • Add a method startLog to be called when we want to see the log after starting without debug.

  • Fixes an issue with locationToDescriptiveString: check if the discrete location is None

  • self.loadFonts() added to generateUFOs(), makeInstance, makeOneInstance, makeFontProportions, makeOneGlyph, makeOneInfo, makeOneKerning. Because it is not always clear whether the fonts were indeed loaded. I acknowledge this is a small overhead, but it seems justified by the time spent in confusion if it is not called.

  • Round the instance kerning data when asked.

  • Respect the glyphnames listed in font.lib public.skipExportGlyphs when making UFO. This creates a mechanism to remove specific glyphs from output, to allow test fonts to be made from designspaces that contain incomplete, unfinished glyphs.

  • Version upped to 1.13.2.

v1.13.1

Compare Source

v1.13.0

Compare Source

New format for tag number to facilitate workflows.

unified-font-object/ufoNormalizer (ufonormalizer)

v0.6.2

Compare Source

What's Changed

Full Changelog: unified-font-object/ufoNormalizer@0.6.1...0.6.2

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 894137b to 0cee7c7 Compare November 7, 2023 00:12
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 08c6204 to 0489443 Compare November 20, 2023 18:46
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 0438c54 to 2f6fbb4 Compare December 6, 2023 13:50
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from b1255e4 to f024744 Compare December 19, 2023 21:18
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 2fdad22 to c5ce1eb Compare January 11, 2024 12:07
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 09ffc7d to 58fe601 Compare January 31, 2024 01:17
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from ebe70c8 to 8f9a060 Compare February 10, 2024 21:01
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 62af0c5 to e6befb9 Compare March 15, 2024 18:26
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from fa21a22 to 154fcd8 Compare April 2, 2024 22:13
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from e2bfed1 to c4ea3a0 Compare May 24, 2024 18:21
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 6c45fd4 to 274a4af Compare May 31, 2024 17:04
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 4db1d3e to 9f8b496 Compare June 13, 2024 16:50
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from d4406e4 to fd6afdb Compare July 5, 2024 16:03
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 29b829e to 0bcbcd0 Compare July 30, 2024 22:04
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 7f24eab to 4a67c4e Compare August 10, 2024 20:14
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 1d09fe5 to cb79bb7 Compare September 17, 2024 01:19
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from adea11e to 55c6cfb Compare September 24, 2024 16:48
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 403f121 to ed64abe Compare October 7, 2024 19:58
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 7917b89 to bcf8c6b Compare November 4, 2024 23:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants