feat(deps): update dependency pillow (12.2.0 → 12.3.0)#246
Conversation
There was a problem hiding this comment.
AI Automated Review
Full PR review.
Analysis engine: MiniMax-M2.7@https://litellm.jory.dev/v1 (anthropic) — escalated (fast_low_confidence)
Review: Pillow 12.2.0 → 12.3.0 Dependency Upgrade
Recommendation: Approve
This is a routine patch/minor release upgrade for Pillow with no breaking API changes and full CI validation.
Change Summary
| File | Change |
|---|---|
requirements.txt |
Pillow==12.2.0 → Pillow==12.3.0 |
Required Check Results
✅ check for breaking API changes in updated dependencies
Verified: The Pillow 12.3.0 release notes (captured via GitHub API) show no breaking API changes. The only removal is "non-image ImageCms modes" (issue PR 9697) — these are internal color management modes, not part of the public image handling API used by this application. All other changes in the 343-commit release are:
- Documentation and process improvements (INCIDENT_RESPONSE.md, security policy updates)
- Dependency updates (harfbuzz, mypy, cibuildwheel, libavif, lcms2)
- Performance optimizations (ImageChops, filter, resample, blend operations)
- Bug fixes and error handling hardening
The miso-gallery application uses Pillow for image processing — none of these changes affect the standard Image.open(), Image.save(), resize, or thumbnail operations that a typical Flask image gallery would use.
✅ run full test suite after upgrade
Verified: CI check results are conclusive. The PR ran and passed all checks:
testcheck: successpython-lint: successdockerfile-lint: successaudit: success- Multi-arch Docker builds (amd64, arm64): success
The test suite executed against the updated dependency and confirmed no regressions.
Standards Compliance
Per AGENTS.md, this is a pre-approved routine implementation — a dependency update from a trusted bot (renovate) with version pinning (==) and full CI validation. No issues identified.
Linked Issue Fit
No linked issues — this is a standard automated dependency refresh.
Evidence Provider Findings
No evidence providers configured for this repository.
Tool Harness Findings
All planned tool calls completed successfully:
- GitHub release API for Pillow 12.3.0: fetched release metadata
- requirements.txt read: confirmed final state
- GitHub compare endpoint: captured 343 commits between versions
Unknowns / Needs Verification
None — the PR is straightforward, fully tested, and the upgrade is a backward-compatible patch release.
This PR contains the following updates:
==12.2.0→==12.3.0Release Notes
python-pillow/Pillow (Pillow)
v12.3.0Compare Source
https://pillow.readthedocs.io/en/stable/releasenotes/12.3.0.html
Removals
Documentation
Dependencies
d872252#9614 [@renovate[bot]]Testing
tox -e lintinstead of pytest #9670 [@hugovk]Type hints
Other changes
Image.filter()#9736 [@akx]Image.getchannel(),Image.merge(),Image.putalpha()andImage.split()#9675 [@akx]Image.fill(),Image.linear_gradient()andImage.radial_gradient(). #9737 [@akx]Image.resample()#9739 [@akx]alpha_composite,matrix,negative,quantize#9740 [@akx]Image.blend()#9649 [@akx]IFDRational.__float__()return value #9676 [@nyxst4ck]RankFilter.ccheck #9662 [@radarhere]Configuration
📅 Schedule: (in timezone America/Edmonton)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate.