Scheduled monthly dependency update for May

[pyup-bot]

Update numpy from 1.18.2 to 1.22.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/numpy
• Homepage: https://www.numpy.org

Update Pillow from 7.1.0 to 9.1.0.

Changelog

9.1.0

------------------

- Add support for multiple component transformation to JPEG2000 5500
[scaramallion, radarhere, hugovk]

- Fix loading FriBiDi on Alpine 6165
[nulano]

- Added setting for converting GIF P frames to RGB 6150
[radarhere]

- Allow 1 mode images to be inverted 6034
[radarhere]

- Raise ValueError when trying to save empty JPEG 6159
[radarhere]

- Always save TIFF with contiguous planar configuration 5973
[radarhere]

- Connected discontiguous polygon corners 5980
[radarhere]

- Ensure Tkinter hook is activated for getimage() 6032
[radarhere]

- Use screencapture arguments to crop on macOS 6152
[radarhere]

- Do not mark L mode JPEG as 1 bit in PDF 6151
[radarhere]

- Added support for reading I;16R TIFF images 6132
[radarhere]

- If an error occurs after creating a file, remove the file 6134
[radarhere]

- Fixed calling DisplayViewer or XVViewer without a title 6136
[radarhere]

- Retain RGBA transparency when saving multiple GIF frames 6128
[radarhere]

- Save additional ICO frames with other bit depths if supplied 6122
[radarhere]

- Handle EXIF data truncated to just the header 6124
[radarhere]

- Added support for reading BMP images with RLE8 compression 6102
[radarhere]

- Support Python distributions where _tkinter is compiled in 6006
[lukegb]

- Added support for PPM arbitrary maxval 6119
[radarhere]

- Added BigTIFF reading 6097
[radarhere]

- When converting, clip I;16 to be unsigned, not signed 6112
[radarhere]

- Fixed loading L mode GIF with transparency 6086
[radarhere]

- Improved handling of PPM header 5121
[Piolie, radarhere]

- Reset size when seeking away from "Large Thumbnail" MPO frame 6101
[radarhere]

- Replace requirements.txt with extras 6072
[hugovk, radarhere]

- Added PyEncoder and support BLP saving 6069
[radarhere]

- Handle TGA images with packets that cross scan lines 6087
[radarhere]

- Added FITS reading 6056
[radarhere, hugovk]

- Added rawmode argument to Image.getpalette() 6061
[radarhere]

- Fixed BUFR, GRIB and HDF5 stub saving 6071
[radarhere]

- Do not automatically remove temporary ImageShow files on Unix 6045
[radarhere]

- Correctly read JPEG compressed BLP images 4685
[Meithal, radarhere]

- Merged _MODE_CONV typ into ImageMode as typestr 6057
[radarhere]

- Consider palette size when converting and in getpalette() 6060
[radarhere]

- Added enums 5954
[radarhere]

- Ensure image is opaque after converting P to PA with RGB palette 6052
[radarhere]

- Attach RGBA palettes from putpalette() when suitable 6054
[radarhere]

- Added get_photoshop_blocks() to parse Photoshop TIFF tag 6030
[radarhere]

- Drop excess values in BITSPERSAMPLE 6041
[mikhail-iurkov]

- Added unpacker from RGBA;15 to RGB 6031
[radarhere]

- Enable arm64 for MSVC on Windows 5811
[gaborkertesz-linaro, gaborkertesz]

- Keep IPython/Jupyter text/plain output stable 5891
[shamrin, radarhere]

- Raise an error when performing a negative crop 5972
[radarhere, hugovk]

- Deprecated show_file "file" argument in favour of "path" 5959
[radarhere]

- Fixed SPIDER images for use with Bio-formats library 5956
[radarhere]

- Ensure duplicated file pointer is closed 5946
[radarhere]

- Added specific error if path coordinate type is incorrect 5942
[radarhere]

- Return an empty bytestring from tobytes() for an empty image 5938
[radarhere]

- Remove readonly from Image.__eq__ 5930
[hugovk]

9.0.1

------------------

- In show_file, use os.remove to remove temporary images. CVE-2022-24303 6010
[radarhere, hugovk]

- Restrict builtins within lambdas for ImageMath.eval. CVE-2022-22817 6009
[radarhere]

9.0.0

------------------

- Restrict builtins for ImageMath.eval(). CVE-2022-22817 5923
[radarhere]

- Ensure JpegImagePlugin stops at the end of a truncated file 5921
[radarhere]

- Fixed ImagePath.Path array handling. CVE-2022-22815, CVE-2022-22816 5920
[radarhere]

- Remove consecutive duplicate tiles that only differ by their offset 5919
[radarhere]

- Improved I;16 operations on big endian 5901
[radarhere]

- Limit quantized palette to number of colors 5879
[radarhere]

- Fixed palette index for zeroed color in FASTOCTREE quantize 5869
[radarhere]

- When saving RGBA to GIF, make use of first transparent palette entry 5859
[radarhere]

- Pass SAMPLEFORMAT to libtiff 5848
[radarhere]

- Added rounding when converting P and PA 5824
[radarhere]

- Improved putdata() documentation and data handling 5910
[radarhere]

- Exclude carriage return in PDF regex to help prevent ReDoS 5912
[hugovk]

- Fixed freeing pointer in ImageDraw.Outline.transform 5909
[radarhere]

- Added ImageShow support for xdg-open 5897
[m-shinder, radarhere]

- Support 16-bit grayscale ImageQt conversion 5856
[cmbruns, radarhere]

- Convert subsequent GIF frames to RGB or RGBA 5857
[radarhere]

- Do not prematurely return in ImageFile when saving to stdout 5665
[infmagic2047, radarhere]

- Added support for top right and bottom right TGA orientations 5829
[radarhere]

- Corrected ICNS file length in header 5845
[radarhere]

- Block tile TIFF tags when saving 5839
[radarhere]

- Added line width argument to polygon 5694
[radarhere]

- Do not redeclare class each time when converting to NumPy 5844
[radarhere]

- Only prevent repeated polygon pixels when drawing with transparency 5835
[radarhere]

- Add support for pickling TrueType fonts 5826
[hugovk, radarhere]

- Only prefer command line tools SDK on macOS over default MacOSX SDK 5828
[radarhere]

- Drop support for soon-EOL Python 3.6 5768
[hugovk, nulano, radarhere]

- Fix compilation on 64-bit Termux 5793
[landfillbaby]

- Use title for display in ImageShow 5788
[radarhere]

- Remove support for FreeType 2.7 and older 5777
[hugovk, radarhere]

- Fix for PyQt6 5775
[hugovk, radarhere]

- Removed deprecated PILLOW_VERSION, Image.show command parameter, Image._showxv and ImageFile.raise_ioerror 5776
[radarhere]

8.4.0

------------------

- Prefer global transparency in GIF when replacing with background color 5756
[radarhere]

- Added "exif" keyword argument to TIFF saving 5575
[radarhere]

- Copy Python palette to new image in quantize() 5696
[radarhere]

- Read ICO AND mask from end 5667
[radarhere]

- Actually check the framesize in FliDecode.c 5659
[wiredfool]

- Determine JPEG2000 mode purely from ihdr header box 5654
[radarhere]

- Fixed using info dictionary when writing multiple APNG frames 5611
[radarhere]

- Allow saving 1 and L mode TIFF with PhotometricInterpretation 0 5655
[radarhere]

- For GIF save_all with palette, do not include palette with each frame 5603
[radarhere]

- Keep transparency when converting from P to LA or PA 5606
[radarhere]

- Copy palette to new image in transform() 5647
[radarhere]

- Added "transparency" argument to EpsImagePlugin load() 5620
[radarhere]

- Corrected pathlib.Path detection when saving 5633
[radarhere]

- Added WalImageFile class 5618
[radarhere]

- Consider I;16 pixel size when drawing text 5598
[radarhere]

- If default conversion from P is RGB with transparency, convert to RGBA 5594
[radarhere]

- Speed up rotating square images by 90 or 270 degrees 5646
[radarhere]

- Add support for reading DPI information from JPEG2000 images
[rogermb, radarhere]

- Catch TypeError from corrupted DPI value in EXIF 5639
[homm, radarhere]

- Do not close file pointer when saving SGI images 5645
[farizrahman4u, radarhere]

- Deprecate ImagePalette size parameter 5641
[radarhere, hugovk]

- Prefer command line tools SDK on macOS 5624
[radarhere]

- Added tags when saving YCbCr TIFF 5597
[radarhere]

- PSD layer count may be negative 5613
[radarhere]

- Fixed ImageOps expand with tuple border on P image 5615
[radarhere]

- Fixed error saving APNG with duplicate frames and different duration times 5609
[thak1411, radarhere]

8.3.2

------------------

- CVE-2021-23437 Raise ValueError if color specifier is too long
[hugovk, radarhere]

- Fix 6-byte OOB read in FliDecode
[wiredfool]

- Add support for Python 3.10 5569, 5570
[hugovk, radarhere]

- Ensure TIFF ``RowsPerStrip`` is multiple of 8 for JPEG compression 5588
[kmilos, radarhere]

- Updates for ``ImagePalette`` channel order 5599
[radarhere]

- Hide FriBiDi shim symbols to avoid conflict with real FriBiDi library 5651
[nulano]

8.3.1

------------------

- Catch OSError when checking if fp is sys.stdout 5585
[radarhere]

- Handle removing orientation from alternate types of EXIF data 5584
[radarhere]

- Make Image.__array__ take optional dtype argument 5572
[t-vi, radarhere]

8.3.0

------------------

- Use snprintf instead of sprintf. CVE-2021-34552 5567
[radarhere]

- Limit TIFF strip size when saving with LibTIFF 5514
[kmilos]

- Allow ICNS save on all operating systems 4526
[baletu, radarhere, newpanjing, hugovk]

- De-zigzag JPEG's DQT when loading; deprecate convert_dict_qtables 4989
[gofr, radarhere]

- Replaced xml.etree.ElementTree 5565
[radarhere]

- Moved CVE image to pillow-depends 5561
[radarhere]

- Added tag data for IFD groups 5554
[radarhere]

- Improved ImagePalette 5552
[radarhere]

- Add DDS saving 5402
[radarhere]

- Improved getxmp() 5455
[radarhere]

- Convert to float for comparison with float in IFDRational __eq__ 5412
[radarhere]

- Allow getexif() to access TIFF tag_v2 data 5416
[radarhere]

- Read FITS image mode and size 5405
[radarhere]

- Merge parallel horizontal edges in ImagingDrawPolygon 5347
[radarhere, hrdrq]

- Use transparency behind first GIF frame and when disposing to background 5557
[radarhere, zewt]

- Avoid unstable nature of qsort in Quant.c 5367
[radarhere]

- Copy palette to new images in ImageOps expand 5551
[radarhere]

- Ensure palette string matches RGB mode 5549
[radarhere]

- Do not modify EXIF of original image instance in exif_transpose() 5547
[radarhere]

- Fixed default numresolution for small JPEG2000 images 5540
[radarhere]

- Added DDS BC5 reading 5501
[radarhere]

- Raise an error if ImageDraw.textbbox is used without a TrueType font 5510
[radarhere]

- Added ICO saving in BMP format 5513
[radarhere]

- Ensure PNG seeks to end of previous chunk at start of load_end 5493
[radarhere]

- Do not allow TIFF to seek to a past frame 5473
[radarhere]

- Avoid race condition when displaying images with eog 5507
[mconst]

- Added specific error messages when ink has incorrect number of bands 5504
[radarhere]

- Allow converting an image to a numpy array to raise errors 5379
[radarhere]

- Removed DPI rounding from BMP, JPEG, PNG and WMF loading 5476, 5470
[radarhere]

- Remove spikes when drawing thin pieslices 5460
[xtsm]

- Updated default value for SAMPLESPERPIXEL TIFF tag 5452
[radarhere]

- Removed TIFF DPI rounding 5446
[radarhere, hugovk]

- Include code in WebP error 5471
[radarhere]

- Do not alter pixels outside mask when drawing text on an image with transparency 5434
[radarhere]

- Reset handle when seeking backwards in TIFF 5443
[radarhere]

- Replace sys.stdout with sys.stdout.buffer when saving 5437
[radarhere]

- Fixed UNDEFINED TIFF tag of length 0 being changed in roundtrip 5426
[radarhere]

- Fixed bug when checking FreeType2 version if it is not installed 5445
[radarhere]

- Do not round dimensions when saving PDF 5459
[radarhere]

- Added ImageOps contain() 5417
[radarhere, hugovk]

- Changed WebP default "method" value to 4 5450
[radarhere]

- Switched to saving 1-bit PDFs with DCTDecode 5430
[radarhere]

- Use bpp from ICO header 5429
[radarhere]

- Corrected JPEG APP14 transform value 5408
[radarhere]

- Changed TIFF tag 33723 length to 1 5425
[radarhere]

- Changed ImageMorph incorrect mode errors to ValueError 5414
[radarhere]

- Add EXIF tags specified in EXIF 2.32 5419
[gladiusglad]

- Treat previous contents of first GIF frame as transparent 5391
[radarhere]

- For special image modes, revert default resize resampling to NEAREST 5411
[radarhere]

- JPEG2000: Support decoding subsampled RGB and YCbCr images 4996
[nulano, radarhere]

- Stop decoding BC1 punchthrough alpha in BC2&3 4144
[jansol]

- Use zero if GIF background color index is missing 5390
[radarhere]

- Fixed ensuring that GIF previous frame was loaded 5386
[radarhere]

- Valgrind fixes 5397
[wiredfool]

- Round down the radius in rounded_rectangle 5382
[radarhere]

- Fixed reading uncompressed RGB data from DDS 5383
[radarhere]

8.2.0

------------------

- Added getxmp() method 5144
[UrielMaD, radarhere]

- Add ImageShow support for GraphicsMagick 5349
[latosha-maltba, radarhere]

- Do not load transparent pixels from subsequent GIF frames 5333
[zewt, radarhere]

- Use LZW encoding when saving GIF images 5291
[raygard]

- Set all transparent colors to be equal in quantize() 5282
[radarhere]

- Allow PixelAccess to use Python __int__ when parsing x and y 5206
[radarhere]

- Removed Image._MODEINFO 5316
[radarhere]

- Add preserve_tone option to autocontrast 5350
[elejke, radarhere]

- Fixed linear_gradient and radial_gradient I and F modes 5274
[radarhere]

- Add support for reading TIFFs with PlanarConfiguration=2 5364
[kkopachev, wiredfool, nulano]

- Deprecated categories 5351
[radarhere]

- Do not premultiply alpha when resizing with Image.NEAREST resampling 5304
[nulano]

- Dynamically link FriBiDi instead of Raqm 5062
[nulano]

- Allow fewer PNG palette entries than the bit depth maximum when saving 5330
[radarhere]

- Use duration from info dictionary when saving WebP 5338
[radarhere]

- Stop flattening EXIF IFD into getexif() 4947
[radarhere, kkopachev]

- Replaced tiff_deflate with tiff_adobe_deflate compression when saving TIFF images 5343
[radarhere]

- Save ICC profile from TIFF encoderinfo 5321
[radarhere]

- Moved RGB fix inside ImageQt class 5268
[radarhere]

- Allow alpha_composite destination to be negative 5313
[radarhere]

- Ensure file is closed if it is opened by ImageQt.ImageQt 5260
[radarhere]

- Added ImageDraw rounded_rectangle method 5208
[radarhere]

- Added IPythonViewer 5289
[radarhere, Kipkurui-mutai]

- Only draw each rectangle outline pixel once 5183
[radarhere]

- Use mmap instead of built-in Win32 mapper 5224
[radarhere, cgohlke]

- Handle PCX images with an odd stride 5214
[radarhere]

- Only read different sizes for "Large Thumbnail" MPO frames 5168
[radarhere]

- Added PyQt6 support 5258
[radarhere]

- Changed Image.open formats parameter to be case-insensitive 5250
[Piolie, radarhere]

- Deprecate Tk/Tcl 8.4, to be removed in Pillow 10 (2023-07-01) 5216
[radarhere]

- Added tk version to pilinfo 5226
[radarhere, nulano]

- Support for ignoring tests when running valgrind 5150
[wiredfool, radarhere, hugovk]

- OSS-Fuzz support 5189
[wiredfool, radarhere]

8.1.2

------------------

- Fix Memory DOS in BLP (CVE-2021-27921), ICNS (CVE-2021-27922) and ICO (CVE-2021-27923) Image Plugins
[wiredfool]

8.1.1

------------------

- Use more specific regex chars to prevent ReDoS. CVE-2021-25292
[hugovk]

- Fix OOB Read in TiffDecode.c, and check the tile validity before reading. CVE-2021-25291
[wiredfool]

- Fix negative size read in TiffDecode.c. CVE-2021-25290
[wiredfool]

- Fix OOB read in SgiRleDecode.c. CVE-2021-25293
[wiredfool]

- Incorrect error code checking in TiffDecode.c. CVE-2021-25289
[wiredfool]

- PyModule_AddObject fix for Python 3.10 5194
[radarhere]

8.1.0

------------------

- Fix TIFF OOB Write error. CVE-2020-35654 5175
[wiredfool]

- Fix for Read Overflow in PCX Decoding. CVE-2020-35653 5174
[wiredfool, radarhere]

- Fix for SGI Decode buffer overrun. CVE-2020-35655 5173
[wiredfool, radarhere]

- Fix OOB Read when saving GIF of xsize=1 5149
[wiredfool]

- Makefile updates 5159
[wiredfool, radarhere]

- Add support for PySide6 5161
[hugovk]

- Use disposal settings from previous frame in APNG 5126
[radarhere]

- Added exception explaining that _repr_png_ saves to PNG 5139
[radarhere]

- Use previous disposal method in GIF load_end 5125
[radarhere]

- Allow putpalette to accept 1024 integers to include alpha values 5089
[radarhere]

- Fix OOB Read when writing TIFF with custom Metadata 5148
[wiredfool]

- Added append_images support for ICO 4568
[ziplantil, radarhere]

- Block TIFFTAG_SUBIFD 5120
[radarhere]

- Fixed dereferencing potential null pointers 5108, 5111
[cgohlke, radarhere]

- Deprecate FreeType 2.7 5098
[hugovk, radarhere]

- Moved warning to end of execution 4965
[radarhere]

- Removed unused fromstring and tostring C methods 5026
[radarhere]

- init() if one of the formats is unrecognised 5037
[radarhere]

- Moved string_dimension CVE image to pillow-depends 4993
[radarhere]

- Support raw rgba8888 for DDS 4760
[qiankanglai]

8.0.1

------------------

- Update FreeType used in binary wheels to 2.10.4 to fix CVE-2020-15999.
[radarhere]

- Moved string_dimension image to pillow-depends 4993
[radarhere]

8.0.0

------------------

- Drop support for EOL Python 3.5 4746, 4794
[hugovk, radarhere, nulano]

- Drop support for PyPy3 < 7.2.0 4964
[nulano]

- Remove ImageCms.CmsProfile attributes deprecated since 3.2.0 4768
[hugovk, radarhere]

- Remove long-deprecated Image.py functions 4798
[hugovk, nulano, radarhere]

- Add support for 16-bit precision JPEG quantization values 4918
[gofr]

- Added reading of IFD tag type 4979
[radarhere]

- Initialize offset memory for PyImagingPhotoPut 4806
[nqbit]

- Fix TiffDecode comparison warnings 4756
[nulano]

- Docs: Add dark mode 4968
[hugovk, nulano]

- Added macOS SDK install path to library and include directories 4974
[radarhere, fxcoudert]

- Imaging.h: prevent confusion with system 4923
[ax3l, ,radarhere]

- Avoid using pkg_resources in PIL.features.pilinfo 4975
[nulano]

- Add getlength and getbbox functions for TrueType fonts 4959
[nulano, radarhere, hugovk]

- Allow tuples with one item to give single color value in getink 4927
[radarhere, nulano]

- Add support for CBDT and COLR fonts 4955
[nulano, hugovk]

- Removed OSError in favour of DecompressionBombError for BMP 4966
[radarhere]

- Implemented another ellipse drawing algorithm 4523
[xtsm, radarhere]

- Removed unused JpegImagePlugin._fixup_dict function 4957
[radarhere]

- Added reading and writing of private PNG chunks 4292
[radarhere]

- Implement anchor for TrueType fonts 4930
[nulano, hugovk]

- Fixed bug in Exif __delitem__ 4942
[radarhere]

- Fix crash in ImageTk.PhotoImage on MinGW 64-bit 4946
[nulano]

- Moved CVE images to pillow-depends 4929
[radarhere]

- Refactor font_getsize and font_render 4910
[nulano]

- Fixed loading profile with non-ASCII path on Windows 4914
[radarhere]

- Fixed effect_spread bug for zero distance 4908
[radarhere, hugovk]

- Added formats parameter to Image.open 4837
[nulano, radarhere]

- Added regular_polygon draw method 4846
[comhar]

- Raise proper TypeError in putpixel 4882
[nulano, hugovk]

- Added writing of subIFDs 4862
[radarhere]

- Fix IFDRational __eq__ bug 4888
[luphord, radarhere]

- Fixed duplicate variable name 4885
[liZe, radarhere]

- Added homebrew zlib include directory 4842
[radarhere]

- Corrected inverted PDF CMYK colors 4866
[radarhere]

- Do not try to close file pointer if file pointer is empty 4823
[radarhere]

- ImageOps.autocontrast: add mask parameter 4843
[navneeth, hugovk]

- Read EXIF data tEXt chunk into info as bytes instead of string 4828
[radarhere]

- Replaced distutils with setuptools 4797, 4809, 4814, 4817, 4829, 4890
[hugovk, radarhere]

- Add MIME type to PsdImagePlugin 4788
[samamorgan]

- Allow ImageOps.autocontrast to specify low and high cutoffs separately 4749
[millionhz, radarhere]

7.2.0

------------------

- Do not convert I;16 images when showing PNGs 4744
[radarhere]

- Fixed ICNS file pointer saving 4741
[radarhere]

- Fixed loading non-RGBA mode APNGs with dispose background 4742
[radarhere]

- Deprecated _showxv 4714
[radarhere]

- Deprecate Image.show(command="...") 4646
[nulano, hugovk, radarhere]

- Updated JPEG magic number 4707
[Cykooz, radarhere]

- Change STRIPBYTECOUNTS to LONG if necessary when saving 4626
[radarhere, hugovk]

- Write JFIF header when saving JPEG 4639
[radarhere]

- Replaced tiff_jpeg with jpeg compression when saving TIFF images 4627
[radarhere]

- Writing TIFF tags: improved BYTE, added UNDEFINED 4605
[radarhere]

- Consider transparency when pasting text on an RGBA image 4566
[radarhere]

- Added method argument to single frame WebP saving 4547
[radarhere]

- Use ImageFileDirectory_v2 in Image.Exif 4637
[radarhere]

- Corrected reading EXIF metadata without prefix 4677
[radarhere]

- Fixed drawing a jointed line with a sequence of numeric values 4580
[radarhere]

- Added support for 1-D NumPy arrays 4608
[radarhere]

- Parse orientation from XMP tags 4560
[radarhere]

- Speed up text layout by not rendering glyphs 4652
[nulano]

- Fixed ZeroDivisionError in Image.thumbnail 4625
[radarhere]

- Replaced TiffImagePlugin DEBUG with logging 4550
[radarhere]

- Fix repeatedly loading .gbr 4620
[ElinksFr, radarhere]

- JPEG: Truncate icclist instead of setting to None 4613
[homm]

- Fixes default offset for Exif 4594
[rodrigob, radarhere]

- Fixed bug when unpickling TIFF images 4565
[radarhere]

- Fix pickling WebP 4561
[hugovk, radarhere]

- Replace IOError and WindowsError aliases with OSError 4536
[hugovk, radarhere]

7.1.2

------------------

- Raise an EOFError when seeking too far in PNG 4528
[radarhere]

7.1.1

------------------

- Fix regression seeking and telling PNGs 4512 4514
[hugovk, radarhere]

Links

• PyPI: https://pypi.org/project/pillow
• Changelog: https://pyup.io/changelogs/pillow/
• Homepage: https://python-pillow.org