build(deps): bump pillow from 9.3.0 to 10.0.1#276
build(deps): bump pillow from 9.3.0 to 10.0.1#276dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.3.0 to 10.0.1. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@9.3.0...10.0.1) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
|
Pillow 10 requires Python >=3.8; iff we merge this we have to drop Python 3.7 compatibility, which is end-of-life 2023-06-27. |
|
+1 to dropping 3.7 support |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 09278be1c7
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| @@ -1,4 +1,4 @@ | |||
| Pillow==9.3.0 | |||
| Pillow==10.0.1 | |||
There was a problem hiding this comment.
This bump breaks installs on Python 3.7: the project still declares python_requires = >=3.7 and lists 3.7 in setup.cfg, but Pillow 10.x dropped Python 3.7 support (Requires-Python >=3.8). On 3.7, pip will refuse to install Pillow==10.0.1, so vncdotool can no longer be installed on a version it claims to support. Either drop 3.7 from setup.cfg or keep Pillow pinned to <10.
Useful? React with 👍 / 👎.
3 participants
Bumps pillow from 9.3.0 to 10.0.1.
Release notes
Sourced from pillow's releases.
... (truncated)
Changelog
Sourced from pillow's changelog.
... (truncated)
Commits
e34d346Updated ordera62f24010.0.1 version bumpd50250dAdded release notes for 10.0.1b4c7d4bUpdate CHANGES.rst [ci skip]730f746Updated libwebp to 1.3.2b0e2804Updated zlib to 1.36e28ed110.0.0 version bumpc827f3bMerge pull request #7246 from radarhere/deallocate39a3b1dFixed deallocating mask images8c1dc81Update CHANGES.rst [ci skip]You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.