Skip to content

chore(deps): bump fonttools from 4.61.1 to 4.62.0#3033

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/fonttools-4.62.0
Open

chore(deps): bump fonttools from 4.61.1 to 4.62.0#3033
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/fonttools-4.62.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps fonttools from 4.61.1 to 4.62.0.

Release notes

Sourced from fonttools's releases.

4.62.0

  • [diff] Add new fonttools diff command for comparing font files, imported from the fdiff project and heavily reworked (#1190, #4007, #4009, #4011, #4013, #4019).
  • [feaLib] Fix VariableScalar interpolation bug with non-linear avar mappings. Also decouple VariableScalar from compiled fonts, allowing it to work with designspace data before compilation (#3938, #4054).
  • [feaLib] Fix VariableScalar axis ordering and iterative delta rounding to match fontc behavior (#4053).
  • [feaLib] Merge chained multi subst rules with same context into a single subtable instead of emitting one subtable per glyph (#4016, #4058).
  • [feaLib] Pass location to ConditionsetStatementfontra/fontra-glyphs#130#4057).
  • [feaLib] Write 0xFFFF instead of 0 for missing nameIDs in cv feature params (#4010, #4012).
  • [cmap] Fix CmapSubtable.__lt__() TypeError on Python 3 when subtables share the same encoding record, and add compile-time validation for unique encoding records (#4035, #4055).
  • [svgLib] Skip non-element XML nodes (comments, processing instructions) when drawing SVG paths (#4042, #4043).
  • [glifLib] Fix regression reading glyph outlines when glyphObject=None (#4030, #4031).
  • [pointPen] Fix SegmentToPointPen edge case: only remove a duplicate final point on closePath() if it is an on-curve point (#4014, #4015).
  • [cffLib] SECURITY Replace eval() with safeEval() in parseBlendList() to prevent arbitrary code execution from crafted TTX files (#4039, #4040).
  • [ttLib] Remove defunct Adobe SING Glyphlet tables (META, SING, GMAP, GPKG) (#4044).
  • [varLib.interpolatable] Various bugfixes: fix swapped nodeTypes assignment, duplicate kink-detector condition, typos, CFF2 vsindex parsing, glyph existence check, and plot helpers (#4046).
  • [varLib.models] Fix getSubModel not forwarding extrapolate/axisRanges; check location uniqueness after stripping zeros (#4047).
  • [varLib] Fix --variable-fonts filter in build_many; remove dead code and fix comments (#4048).
  • [avar] Preserve existing name table in build; keep unbuild return types consistent; validate map CLI coordinates (#4051).
  • [cu2qu/qu2cu] Add input validation: reject non-positive tolerances, validate curve inputs and list lengths (#4052).
  • [colorLib] Raise a clear ColorLibError when base glyphs are missing from glyphMap, instead of a confusing KeyError (#4041).
  • [glyf] Remove unnecessary fvar table dependency (#4017).
  • [fvar/trak] Remove unnecessary name table dependency (#4018).
  • [ufoLib] Relax guideline validation to follow the updated spec (#3537, #3553).
  • [ttFont] Fix saveXML regression with empty table lists, clarify docstring (#4025, #4026, #4056).
  • [setup.py] Link libm for Cython extensions using math functions (#4028, #4029).
  • Add typing annotations for DSIG, DefaultTable, ttProgram (#4033).
Changelog

Sourced from fonttools's changelog.

4.62.0 (released 2026-03-09)

  • [diff] Add new fonttools diff command for comparing font files, imported from the fdiff project and heavily reworked (#1190, #4007, #4009, #4011, #4013, #4019).
  • [feaLib] Fix VariableScalar interpolation bug with non-linear avar mappings. Also decouple VariableScalar from compiled fonts, allowing it to work with designspace data before compilation (#3938, #4054).
  • [feaLib] Fix VariableScalar axis ordering and iterative delta rounding to match fontc behavior (#4053).
  • [feaLib] Merge chained multi subst rules with same context into a single subtable instead of emitting one subtable per glyph (#4016, #4058).
  • [feaLib] Pass location to ConditionsetStatement to fix glyphsLib round-tripping fontra/fontra-glyphs#130#4057).
  • [feaLib] Write 0xFFFF instead of 0 for missing nameIDs in cv feature params (#4010, #4012).
  • [cmap] Fix CmapSubtable.__lt__() TypeError on Python 3 when subtables share the same encoding record, and add compile-time validation for unique encoding records (#4035, #4055).
  • [svgLib] Skip non-element XML nodes (comments, processing instructions) when drawing SVG paths (#4042, #4043).
  • [glifLib] Fix regression reading glyph outlines when glyphObject=None (#4030, #4031).
  • [pointPen] Fix SegmentToPointPen edge case: only remove a duplicate final point on closePath() if it is an on-curve point (#4014, #4015).
  • [cffLib] SECURITY Replace eval() with safeEval() in parseBlendList() to prevent arbitrary code execution from crafted TTX files (#4039, #4040).
  • [ttLib] Remove defunct Adobe SING Glyphlet tables (META, SING, GMAP, GPKG) (#4044).
  • [varLib.interpolatable] Various bugfixes: fix swapped nodeTypes assignment, duplicate kink-detector condition, typos, CFF2 vsindex parsing, glyph existence check, and plot helpers (#4046).
  • [varLib.models] Fix getSubModel not forwarding extrapolate/axisRanges; check location uniqueness after stripping zeros (#4047).
  • [varLib] Fix --variable-fonts filter in build_many; remove dead code and fix comments (#4048).
  • [avar] Preserve existing name table in build; keep unbuild return types consistent; validate map CLI coordinates (#4051).
  • [cu2qu/qu2cu] Add input validation: reject non-positive tolerances, validate curve inputs and list lengths (#4052).
  • [colorLib] Raise a clear ColorLibError when base glyphs are missing from glyphMap, instead of a confusing KeyError (#4041).
  • [glyf] Remove unnecessary fvar table dependency (#4017).
  • [fvar/trak] Remove unnecessary name table dependency (#4018).
  • [ufoLib] Relax guideline validation to follow the updated spec (#3537, #3553).
  • [ttFont] Fix saveXML regression with empty table lists, clarify docstring (#4025, #4026, #4056).
  • [setup.py] Link libm for Cython extensions using math functions (#4028, #4029).
  • Add typing annotations for DSIG, DefaultTable, ttProgram (#4033).
Commits
  • 0aee8a7 Merge pull request #4060 from fonttools/remove-py23-pipe-test
  • ee39ede [tests] Remove obsolete py23 OpenFuncWrapperTest
  • db470c2 Revert "Bump version: 4.62.0 → 4.62.1.dev0"
  • 16c1a5c Bump version: 4.62.0 → 4.62.1.dev0
  • 10f5968 Release 4.62.0
  • 7063bfe Update NEWS.rst
  • 258ac81 Merge pull request #4041 from gregm24/Open-Source-Contribution
  • fa6b8e8 Update NEWS.rst
  • d240b29 Merge pull request #4058 from fonttools/fix-chain-context-multi-subst-subtables
  • 90cd0ad [feaLib] Merge chained multi subst rules with same context (#4016)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump fonttools from 4.61.1 to 4.62.0
90a66ba 
Bumps [fonttools](https://github.com/fonttools/fonttools) from 4.61.1 to 4.62.0.
- [Release notes](https://github.com/fonttools/fonttools/releases)
- [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst)
- [Commits](fonttools/fonttools@4.61.1...4.62.0)

---
updated-dependencies:
- dependency-name: fonttools
  dependency-version: 4.62.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants