Skip to content

deps(deps): Bump pillow from 12.1.1 to 12.3.0#2

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pillow-12.2.0
Open

deps(deps): Bump pillow from 12.1.1 to 12.3.0#2
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pillow-12.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown

Bumps pillow from 12.1.1 to 12.3.0.

Release notes

Sourced from pillow's releases.

12.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.3.0.html

Removals

Documentation

Dependencies

Testing

... (truncated)

Commits
  • bb1d8e8 12.3.0 version bump
  • e63fc48 Add release notes for SBOM and performance improvements (#9747)
  • 13b701b Add release notes for #9679
  • 5564ca7 List methods
  • a0920fd Speed up ImageChops operations (#9738)
  • 07e9a6c Speed up Image.filter() (#9736)
  • a94578c Speed up Image.getchannel(), Image.merge(), Image.putalpha() and `Image...
  • 53e02c4 Speed up Image.fill(), Image.linear_gradient() and `Image.radial_gradient...
  • af03747 Speed up Image.resample() (#9739)
  • 5c9ca56 Speed up alpha_composite, matrix, negative, quantize (#9740)
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

exbuf added a commit that referenced this pull request Jul 2, 2026
inaccurate --on-match claim on --watch composition

Two things in one commit — the second was uncovered while writing
the first, so they need to land together for the README to stay
factually correct.

1. **--on-match accuracy fix (README).** The "How these compose"
   section added in e8d10fd claimed --watch could pair with
   --on-match ("--on-match CMD for a live pattern sentinel").
   Verified against the code: --watch returns from run_watch()
   at cli.py:1586, BEFORE the on-match hook code around line 871.
   peekdocs/watcher.py has zero on_match references. --on-match
   is a batch-search hook (one hook per invocation); --watch's
   notification channel is the stdout NDJSON stream. Rewrites
   composition #1 to reflect that, with an explicit note calling
   out the difference so future readers don't fall into the
   same trap.

2. **Worked examples cross-linked from all three README
   compositions.** Compositions #2 (provenance audit) and #3
   (scheduled pattern scan) already had worked examples in
   USER_GUIDE.md (audit engagement provenance, line 1496; nightly
   source-tree watch, line 1419). Added cross-links in the
   README so readers don't have to hunt for them.

3. **New worked example: real-time pattern monitoring with
   --watch.** Composition #1 had no worked example — the
   "nightly source-tree watch" one uses cron, not the --watch
   flag. Added a full walkthrough in USER_GUIDE.md right after
   the audit engagement one:

     - Domain-neutral scenario (docs team hygiene watch — TODO
       markers, deprecated feature names, internal-only URLs).
       Deliberately not a compliance / credential scanning
       framing.
     - Setup: build regex collection in GUI.
     - Command: --watch --regex-collection piped to a shell
       loop that fires osascript display notifications.
     - Accurate NDJSON output shape (7 fields, verified against
       peekdocs/watcher.py's docstring).
     - Variations: Slack webhook, log-to-disk, jq prefilter.
     - Six gotchas: --on-match doesn't fire in --watch, Ctrl-C
       clean shutdown, refuse-to-run-as-root, --allow-system-paths
       warning, no delete events, noisy folders.
     - What this is not: pre-commit hook substitute.

4. USER_GUIDE TOC entry added for the new worked example.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
exbuf added a commit that referenced this pull request Jul 2, 2026
adopters see themselves first; drop artificial "Home user"
identity segregation

The list opened with **Home user** (least likely PyPI/GitHub
discoverer) and buried the technical roles most likely to reach
peekdocs through Python-packaging channels at positions #10–12
(AI/ML engineer, Engineer, Developer / programmer). A first-time
visitor arriving from a GitHub search for "python document
search cli" scrolled past four non-technical bullets before
seeing themselves.

Also, having **Home user** as one bullet among "Office worker /
Developer / Sysadmin" implicitly framed the other 12 bullets as
NOT home users — contradicting the "entirely on your own
computer" opening. peekdocs is local-only; every user IS a
home user.

**Reordered** so tech-heavy adopters land at the top:

  1. Developer / programmer     (was #12)
  2. Sysadmin                   (was #6)
  3. AI/ML engineer             (was #10)
  4. IT consultant              (was #4, expanded)
  5. Data researcher            (was #9)
  6. Engineer                   (was #11)
  7. Documentation team         (was #7)
  8. Auditor or review          (was #5)
  9. Researcher                 (was #8)
  10. Small business owner      (was #3, absorbed the Home-user
                                 tax-search scenario as a
                                 "Personal side" note)
  11. Office worker             (was #2)

**Dropped two bullets:**

  - **Home user** — the "everybody is a home user" framing now
    lives in the section's opening paragraph ("entirely on your
    own computer"), applying to every bullet rather than being
    one bullet's identity. The tax-search scenario is folded
    into Small business owner as a "Personal side" note so no
    concrete example is lost.

  - **Email archives** — was a file type, not a role. Odd one
    out in a role-shaped list. Already covered by the intro's
    file-type enumeration (Word, PDF, Excel, email, scanned
    documents, archives, and 100+ more).

**Enhanced two one-liners:**

  - **Sysadmin** was "Search 20 GB of log files for a request ID
    across mixed archives." Added the `.gz`/`.bz2`/`.zip`/`.tar`
    detail (read natively without unpacking) and the --watch
    NDJSON streaming detail for pipeline integration.

  - **IT consultant** was "Search a folder of client documents
    for a set of terms." Added the standalone-binary-on-USB
    workflow (--output-dir back to the USB, --no-index for zero
    artifacts) and a cross-link to the Portable / consulting
    use section added earlier this session (fc9fd98).

All other bullets keep their descriptions verbatim — only their
position in the list changed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Bumps [pillow](https://github.com/python-pillow/Pillow) from 12.1.1 to 12.3.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@12.1.1...12.3.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-version: 12.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title deps(deps): Bump pillow from 12.1.1 to 12.2.0 deps(deps): Bump pillow from 12.1.1 to 12.3.0 Jul 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/pillow-12.2.0 branch from c0ebd1a to 883ed03 Compare July 7, 2026 19:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants