Fonttools

Latest version: v4.55.3

Safety actively analyzes 688896 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 20 of 37

4.4.3

Not secure
---------------------------

- [varLib] Always build ``gvar`` table for TrueType-flavored Variable Fonts,
even if it contains no variation data. The table is required according to
the OpenType spec (1855, 1857).

4.4.2

Not secure
---------------------------

- [ttx] Annotate ``LookupFlag`` in XML dump with comment explaining what bits
are set and what they mean (1850).
- [feaLib] Added more descriptive message to ``IncludedFeaNotFound`` error (1842).

4.4.1

Not secure
---------------------------

- [woff2] Skip normalizing ``glyf`` and ``loca`` tables if these are missing from
a font (e.g. in NotoColorEmoji using ``CBDT/CBLC`` tables).
- [timeTools] Use non-localized date parsing in ``timestampFromString``, to fix
error when non-English ``LC_TIME`` locale is set (1838, 1839).
- [fontBuilder] Make sure the CFF table generated by fontBuilder can be used by varLib
without having to compile and decompile the table first. This was breaking in
converting the CFF table to CFF2 due to some unset attributes (1836).

4.4.0

Not secure
---------------------------

- [colorLib] Added ``fontTools.colorLib.builder`` module, initially with ``buildCOLR``
and ``buildCPAL`` public functions. More color font formats will follow (1827).
- [fontBuilder] Added ``setupCOLR`` and ``setupCPAL`` methods (1826).
- [ttGlyphPen] Quantize ``GlyphComponent.transform`` floats to ``F2Dot14`` to fix
round-trip issue when computing bounding boxes of transformed components (1830).
- [glyf] If a component uses reference points (``firstPt`` and ``secondPt``) for
alignment (instead of X and Y offsets), compute the effective translation offset
*after* having applied any transform (1831).
- [glyf] When all glyphs have zero contours, compile ``glyf`` table data as a single
null byte in order to pass validation by OTS and Windows (1829).
- [feaLib] Parsing feature code now ensures that referenced glyph names are part of
the known glyph set, unless a glyph set was not provided.
- [varLib] When filling in the default axis value for a missing location of a source or
instance, correctly map the value forward.
- [varLib] The avar table can now contain mapping output values that are greater than
OR EQUAL to the preceeding value, as the avar specification allows this.
- [varLib] The errors of the module are now ordered hierarchically below VarLibError.
See 1821.

4.3.0

Not secure
---------------------------

- [EBLC/CBLC] Fixed incorrect padding length calculation for Format 3 IndexSubTable
(1817, 1818).
- [varLib] Fixed error when merging OTL tables and TTFonts were loaded as ``lazy=True``
(1808, 1809).
- [varLib] Allow to use master fonts containing ``CFF2`` table when building VF (1816).
- [ttLib] Make ``recalcBBoxes`` option work also with ``CFF2`` table (1816).
- [feaLib] Don't reset ``lookupflag`` in lookups defined inside feature blocks.
They will now inherit the current ``lookupflag`` of the feature. This is what
Adobe ``makeotf`` also does in this case (1815).
- [feaLib] Fixed bug with mixed single/multiple substitutions. If a single substitution
involved a glyph class, we were incorrectly using only the first glyph in the class
(1814).

4.2.5

Not secure
---------------------------

- [feaLib] Do not fail on duplicate multiple substitutions, only warn (1811).
- [subset] Optimize SinglePos subtables to Format 1 if all ValueRecords are the same
(1802).

Page 20 of 37

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.