Merge pull request #1364 from Open-Source-Legal/dependabot/pip/pillow-gte-12.2.0

JSv4 · web-flow · commit cd707687df23 · 2026-04-25T17:54:19.000-07:00
Update pillow requirement from &gt;=10.4.0 to &gt;=12.2.0
diff --git a/requirements/base.txt b/requirements/base.txt
@@ -1,5 +1,5 @@
 python-slugify==8.0.4  # https://github.com/un33k/python-slugify
-Pillow>=10.4.0  # https://github.com/python-pillow/Pillow
+Pillow>=12.2.0  # https://github.com/python-pillow/Pillow
 argon2-cffi==25.1.0  # https://github.com/hynek/argon2_cffi
 hiredis==3.3.1  # https://github.com/redis/hiredis-py
 redis==7.4.0  # https://github.com/redis/redis-py
diff --git a/requirements/local.txt b/requirements/local.txt
@@ -60,4 +60,4 @@ sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability
 tornado>=6.4.2 # not directly required, pinned by Snyk to avoid a vulnerability
 urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
 zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
-pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability
+pillow>=12.2.0 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/requirements/production.txt b/requirements/production.txt
@@ -26,4 +26,4 @@ sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability
 tornado>=6.4.2 # not directly required, pinned by Snyk to avoid a vulnerability
 urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
 zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
-pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability
+pillow>=12.2.0 # not directly required, pinned by Snyk to avoid a vulnerability
