[Pywikibot-commits] [Gerrit] pywikibot/core[master]: [setup] Update Pillow requirements

Wed, 22 Jan 2020 12:18:08 -0800 

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/553858 )

Change subject: [setup] Update Pillow requirements
......................................................................

[setup] Update Pillow requirements

- Python 2.7 requires Pillow < 7.0.0 and 6.2.1 is the last release
  for this Python version
- Python 3.4 needs Pillow < 6.0.0 but a vulnerability was found;
  this probably leads to Python 3.4 to be deprecated soon.
- Pillow 6.2.0 or above must be used due to this vulnerability
  mentioned above
- Python 3.8 requires Pillow >= 6.2.1; therefore recommed this
  Pillow for others than 3.4 and 2.7

Bug: T239539
Change-Id: I8a4a1fa9be53a78c7d348fca076875d3e5ad320d
---
M requirements.txt
M setup.py
2 files changed, 5 insertions(+), 5 deletions(-)

Approvals:
  Dvorapa: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/requirements.txt b/requirements.txt
index c666b1e..456576b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -41,9 +41,9 @@
 python-stdnum

 # GUI
-Pillow < 7.0.0 ; python_version < '3'
+Pillow < 7.0.0, >= 6.2.0 ; python_version < '3'
 Pillow < 6.0.0 ; python_version == '3.4'
-Pillow ; python_version >= '3.5'
+Pillow >= 6.2.1 ; python_version >= '3.5'

 # core pagegenerators
 google >= 1.7
diff --git a/setup.py b/setup.py
index de86399..5b9acee 100644
--- a/setup.py
+++ b/setup.py
@@ -42,9 +42,9 @@
     'Google': ['google>=1.7'],
     'mwparserfromhell': ['mwparserfromhell>=0.3.3'],
     'Tkinter': [
-        'Pillow<7.0.0;python_version<"3"',
-        'Pillow<6.0.0;python_version=="3.4"',
-        'Pillow;python_version>="3.5"',
+        'Pillow<7.0.0,>=6.2.0;python_version<"3"',
+        'Pillow<6.0.0;python_version=="3.4"',  # vulnerability found
+        'Pillow>=6.2.1;python_version>="3.5"',  # 6.2.1 required for PY 3.8
     ],
     'security': [
         'requests[security]'

--
To view, visit https://gerrit.wikimedia.org/r/553858
To unsubscribe, or for help writing mail filters, visit 
https://gerrit.wikimedia.org/r/settings

Gerrit-Project: pywikibot/core
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I8a4a1fa9be53a78c7d348fca076875d3e5ad320d
Gerrit-Change-Number: 553858
Gerrit-PatchSet: 2
Gerrit-Owner: Xqt <[email protected]>
Gerrit-Reviewer: Dvorapa <[email protected]>
Gerrit-Reviewer: jenkins-bot (75)

_______________________________________________
Pywikibot-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/pywikibot-commits

Reply via email to