[reportlab-users] pillow patch
Claude Paroz
claude at 2xlibre.net
Wed May 11 05:17:59 EDT 2022
Le 11.05.22 à 10:18, Robin Becker a écrit :
> On 08/05/2022 09:47, Claude Paroz wrote:
>> Le 28.02.22 à 13:55, Claude Paroz a écrit :
>>> Le 18.02.22 à 14:37, Claude Paroz a écrit :
>>>> Hi,
>>>>
>>>> As far as I can see, pillow is a required dependency of ReportLab,
>>>> so the attached patch simplifies some parts of the code to account
>>>> for that.
>>>> I also upped the pillow minimal version as versions before 9.0.0
>>>> have known security vulnerabilities.
>>>
>>> Attached is the same patch rebased after another conflicting patch
>>> was applied to main source tree.
>>
>> Is that patch still considered, or is it a bad idea?
>>
>> Claude
>
> I tried the latst version of the patch and it applies cleanly to
> reportlab. However, when I run our full tests I see this
>
>
> File
> "/home/robin/devel/reportlab/.py310/lib/python3.10/site-packages/svglib/svglib.py",
> line 38, in <module>
> from reportlab.lib.utils import haveImages
> ImportError: cannot import name 'haveImages' from 'reportlab.lib.utils'
> (/home/robin/devel/reportlab/reportlab/lib/utils.py)
> !!!!! terminating early because of errors
>
> so it seems that svglib has a reference directly to haveImages; I see
> this in svglib 1.2.1.
>
> If we are just assuming haveImages is true I can just add that to utils.py
Yes, I think we can keep haveImages and simply return True. Good catch!
For svglib, I created:
https://github.com/deeplook/svglib/pull/337
Claude
--
www.2xlibre.net
More information about the reportlab-users
mailing list