Bump pillow from 8.0.0 to 10.2.0 in /requirements/testing

[dependabot]

User description

Bumps pillow from 8.0.0 to 10.2.0.

Release notes

Sourced from pillow's releases.

10.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.2.0.html

Changes

• Add keep_rgb option when saving JPEG to prevent conversion of RGB colorspace #7553 [@​bgilbert]
• Trim negative glyph offsets in ImageFont.getmask() #7672 [@​nulano]
• Removed unnecessary "pragma: no cover" #7668 [@​radarhere]
• Trim glyph size in ImageFont.getmask() #7669 [@​radarhere]
• Fix loading IPTC images and update test #7667 [@​nulano]
• Allow uncompressed TIFF images to be saved in chunks #7650 [@​radarhere]
• Concatenate multiple JPEG EXIF markers #7496 [@​radarhere]
• Changed IPTC tile tuple to match other plugins #7661 [@​radarhere]
• Do not assign new fp attribute when exiting context manager #7566 [@​radarhere]
• Support arbitrary masks for uncompressed RGB DDS images #7589 [@​radarhere]
• Support setting ROWSPERSTRIP tag #7654 [@​radarhere]
• Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask() #7662 [@​radarhere]
• Optimise ImageColor using functools.lru_cache #7657 [@​hugovk]
• Restricted environment keys for ImageMath.eval() #7655 [@​radarhere]
• Optimise ImageMode.getmode using functools.lru_cache #7641 [@​hugovk]
• Added trusted PyPI publishing #7616 [@​radarhere]
• Compile FriBiDi for Windows ARM64 #7629 [@​nulano]
• Fix incorrect color blending for overlapping glyphs #7497 [@​ZachNagengast]
• Add .git-blame-ignore-revs file #7528 [@​akx]
• Attempt memory mapping when tile args is a string #7565 [@​radarhere]
• Fill identical pixels with transparency in subsequent frames when saving GIF #7568 [@​radarhere]
• Removed unnecessary string length check #7560 [@​radarhere]
• Determine mask mode in Python instead of C #7548 [@​radarhere]
• Corrected duration when combining multiple GIF frames into single frame #7521 [@​radarhere]
• Handle disposing GIF background from outside palette #7515 [@​radarhere]
• Seek past the data when skipping a PSD layer #7483 [@​radarhere]
• ImageMath: Inline isinstance check #7623 [@​hugovk]
• Update actions/upload-artifact action to v4 #7619 [@​radarhere]
• Import plugins relative to the module #7576 [@​deliangyang]
• Translate encoder error codes to strings; deprecate ImageFile.raise_oserror() #7609 [@​bgilbert]
• Updated readthedocs to latest version of Python #7611 [@​radarhere]
• Support reading BC4U and DX10 BC1 images #6486 [@​REDxEYE]
• Optimize ImageStat.Stat.extrema #7593 [@​florath]
• Handle pathlib.Path in FreeTypeFont #7578 [@​radarhere]
• Use list comprehensions to create transformed lists #7597 [@​hugovk]
• Added support for reading DX10 BC4 DDS images #7603 [@​sambvfx]
• Optimized ImageStat.Stat.count #7599 [@​florath]
• Moved error from truetype() to FreeTypeFont #7587 [@​radarhere]
• Correct PDF palette size when saving #7555 [@​radarhere]
• Fixed closing file pointer with olefile 0.47 #7594 [@​radarhere]
• ruff: Minor optimizations of list comprehensions, x in set, etc. #7524 [@​cclauss]
• Build Windows wheels using cibuildwheel #7580 [@​nulano]
• Raise ValueError when TrueType font size is zero or less #7584 [@​akx]
• Install cibuildwheel from requirements file #7581 [@​hugovk]

... (truncated)

Changelog

Sourced from pillow's changelog.

10.2.0 (2024-01-02)

• Add keep_rgb option when saving JPEG to prevent conversion of RGB colorspace #7553 [bgilbert, radarhere]

• Trim glyph size in ImageFont.getmask() #7669, #7672 [radarhere, nulano]

• Deprecate IptcImagePlugin helpers #7664 [nulano, hugovk, radarhere]

• Allow uncompressed TIFF images to be saved in chunks #7650 [radarhere]

• Concatenate multiple JPEG EXIF markers #7496 [radarhere]

• Changed IPTC tile tuple to match other plugins #7661 [radarhere]

• Do not assign new fp attribute when exiting context manager #7566 [radarhere]

• Support arbitrary masks for uncompressed RGB DDS images #7589 [radarhere, akx]

• Support setting ROWSPERSTRIP tag #7654 [radarhere]

• Apply ImageFont.MAX_STRING_LENGTH to ImageFont.getmask() #7662 [radarhere]

• Optimise ImageColor using functools.lru_cache #7657 [hugovk]

• Restricted environment keys for ImageMath.eval() #7655 [wiredfool, radarhere]

• Optimise ImageMode.getmode using functools.lru_cache #7641 [hugovk, radarhere]

• Fix incorrect color blending for overlapping glyphs #7497 [ZachNagengast, nulano, radarhere]

• Attempt memory mapping when tile args is a string #7565 [radarhere]

• Fill identical pixels with transparency in subsequent frames when saving GIF #7568 [radarhere]

... (truncated)

Commits

• 6956d0b 10.2.0 version bump
• 31c8dac Merge pull request #7675 from python-pillow/pre-commit-ci-update-config
• 40a3f91 Merge pull request #7674 from nulano/url-example
• cb41b0c [pre-commit.ci] pre-commit autoupdate
• de62b25 fix image url in "Reading from URL" example
• 7c526a6 Update CHANGES.rst [ci skip]
• d93a5ad Merge pull request #7553 from bgilbert/jpeg-rgb
• aed764f Update CHANGES.rst [ci skip]
• f8df530 Merge pull request #7672 from nulano/imagefont-negative-crop
• 24e9485 Merge pull request #7671 from radarhere/imagetransform
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Type

Enhancement

---

Description

• This PR updates the version of the pillow dependency from 8.0.0 to 10.2.0 in the requirements/testing/minver.txt file.
• The new version of pillow brings several enhancements and bug fixes which can potentially improve the performance and stability of the application.

---

Changes walkthrough

	Relevant files
Dependencies	minver.txt Update pillow dependency version                                                                  requirements/testing/minver.txt Updated the version of the pillow dependency from 8.0.0 to 10.2.0. +1/-1

---

✨ Usage guide:

---

Overview:
The describe tool scans the PR code changes, and generates a description for the PR - title, type, summary, walkthrough and labels. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

When commenting, to edit configurations related to the describe tool (pr_description section), use the following template:

/describe --pr_description.some_config1=... --pr_description.some_config2=...

With a configuration file, use the following template:

[pr_description]
some_config1=...
some_config2=...

Enabling\disabling automation When you first install the app, the default mode for the describe tool is: pr_commands = ["/describe --pr_description.add_original_user_description=true" "--pr_description.keep_original_user_title=true", ...] meaning the describe tool will run automatically on every PR, will keep the original title, and will add the original user description above the generated description. Markers are an alternative way to control the generated description, to give maximal control to the user. If you set: pr_commands = ["/describe --pr_description.use_description_markers=true", ...] the tool will replace every marker of the form pr_agent:marker_name in the PR description with the relevant content, where marker_name is one of the following: type: the PR type. summary: the PR summary. walkthrough: the PR walkthrough. Note that when markers are enabled, if the original PR description does not contain any markers, the tool will not alter the description at all.

Custom labels The default labels of the describe tool are quite generic: [Bug fix, Tests, Enhancement, Documentation, Other]. If you specify custom labels in the repo's labels page or via configuration file, you can get tailored labels for your use cases. Examples for custom labels: Main topic:performance - pr_agent:The main topic of this PR is performance New endpoint - pr_agent:A new endpoint was added in this PR SQL query - pr_agent:A new SQL query was added in this PR Dockerfile changes - pr_agent:The PR contains changes in the Dockerfile ... The list above is eclectic, and aims to give an idea of different possibilities. Define custom labels that are relevant for your repo and use cases. Note that Labels are not mutually exclusive, so you can add multiple label categories. Make sure to provide proper title, and a detailed and well-phrased description for each label, so the tool will know when to suggest it.

Utilizing extra instructions The describe tool can be configured with extra instructions, to guide the model to a feedback tailored to the needs of your project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Notice that the general structure of the description is fixed, and cannot be changed. Extra instructions can change the content or style of each sub-section of the PR description. Examples for extra instructions: [pr_description] extra_instructions=""" - The PR title should be in the format: '<PR type>: <title>' - The title should be short and concise (up to 10 words) - ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the describe usage page for a comprehensive guide on using this tool.

[senior-dev-bot]

Hi there! 👋 Thanks for opening a PR. 🎉 To get the most out of Senior Dev, please sign up in our Web App, connect your GitHub account, and add/join your organization LangMers. After that, you will receive code reviews beginning on your next opened PR. 🚀

[codiumai-pr-agent-free]

PR Description updated to latest commit (fdfb2e3)

[codiumai-pr-agent-free]

PR Analysis

• 🎯 Main theme: This PR is about updating the version of the 'pillow' library from 8.0.0 to 10.2.0 in the testing requirements.
• 📝 PR summary: The PR updates the 'pillow' library version in the testing requirements. The update includes several changes and bug fixes as mentioned in the release notes of the 'pillow' library. The PR is generated by the dependabot, which is a bot for updating dependencies.
• 📌 Type of PR: Enhancement
• 🧪 Relevant tests added: No
• ⏱️ Estimated effort to review [1-5]: 1, because the PR only changes the version of a library in the requirements file, which is a straightforward change.
• 🔒 Security concerns: No

PR Feedback

💡 General suggestions: It's good to keep dependencies up to date, but it's also important to ensure that the new version doesn't break any existing functionality. It would be beneficial to include a brief explanation of the testing done to confirm compatibility with the new version.

---

✨ Usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.
When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

Utilizing extra instructions The review tool can be configured with extra instructions, which can be used to guide the model to a feedback tailored to the needs of your project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify the relevant sub-tool, and the relevant aspects of the PR that you want to emphasize. Examples for extra instructions: [pr_reviewer] # /review # extra_instructions=""" In the code feedback section, emphasize the following: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

How to enable\disable automation When you first install PR-Agent app, the default mode for the review tool is: pr_commands = ["/review", ...] meaning the review tool will run automatically on every PR, with the default configuration. Edit this field to enable/disable the tool, or to change the used configurations

About the 'Code feedback' section The review tool provides several type of feedbacks, one of them is code suggestions. If you are interested only in the code suggestions, it is recommended to use the improve feature instead, since it dedicated only to code suggestions, and usually gives better results. Use the review tool if you want to get a more comprehensive feedback, which includes code suggestions as well.

Auto-labels The review tool can auto-generate two specific types of labels for a PR: a possible security issue label, that detects possible security issues (enable_review_labels_security flag) a Review effort [1-5]: x label, where x is the estimated effort to review the PR (enable_review_labels_effort flag)

Extra sub-tools The review tool provides a collection of possible feedbacks about a PR. It is recommended to review the possible options, and choose the ones relevant for your use case. Some of the feature that are disabled by default are quite useful, and should be considered for enabling. For example: require_score_review, require_soc2_review, enable_review_labels_effort, and more.

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the review usage page for a comprehensive guide on using this tool.

[dryrunsecurity]

Contextual Security Analysis

As DryRun Security performs checks, we’ll summarize them here. You can always dive into the detailed results in the section below for checks.

Status	DryRun Security Check
✅	AI-powered Sensitive Function Check
✅	Configured Sensitive Files Check
✅	AI-powered Sensitive Files Check

Chat with your AI-powered Security Buddy by typing @dryrunsecurity followed by your question into a comment.
Example: @dryrunsecurity What are common security issues with web application cookies?

Install and configure more repositories at DryRun Security

[codiumai-pr-agent-free]

PR Code Suggestions

No suggestions found to improve this PR.

---

✨ Usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.
When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

Enabling\disabling automation When you first install the app, the default mode for the improve tool is: pr_commands = ["/improve --pr_code_suggestions.summarize=true", ...] meaning the improve tool will run automatically on every PR, with summarization enabled. Delete this line to disable the tool from running automatically.

Utilizing extra instructions Extra instructions are very important for the improve tool, since they enable to guide the model to suggestions that are more relevant to the specific needs of the project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify relevant aspects that you want the model to focus on. Examples for extra instructions: [pr_code_suggestions] # /improve # extra_instructions=""" Emphasize the following aspects: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

A note on code suggestions quality While the current AI for code is getting better and better (GPT-4), it's not flawless. Not all the suggestions will be perfect, and a user should not accept all of them automatically. Suggestions are not meant to be simplistic. Instead, they aim to give deep feedback and raise questions, ideas and thoughts to the user, who can then use his judgment, experience, and understanding of the code base. Recommended to use the 'extra_instructions' field to guide the model to suggestions that are more relevant to the specific needs of the project. Best quality will be obtained by using 'improve --extended' mode.

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the improve usage page for a more comprehensive guide on using this tool.

[dependabot]

Superseded by #4.