Skip to content

chore(deps): bump image from 0.24.9 to 0.25.9#30

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/image-0.25.9
Closed

chore(deps): bump image from 0.24.9 to 0.25.9#30
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/image-0.25.9

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 6, 2025
edited
Loading

Bumps image from 0.24.9 to 0.25.9.

Changelog

Sourced from image's changelog.

Version 0.25.9

Features:

  • Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (#2567, #2634, #2644)
  • Support reading IPTC metadata from PNG and JPG files (#2611)
  • Support reading ICC profile from GIF files (#2644)
  • Allow setting a specific DEFLATE compression level when writing PNG (#2583)
  • Initial support for 16-bit CMYK TIFF files (#2588)
  • Allow extracting the alpha channel of a Pixel in a generic way (#2638)

Structural changes:

  • EXR format decoding now only uses multi-threading via Rayon when the rayon feature is enabled (#2643)
  • Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x
  • pnm: parse integers in PBM/PGM/PPM headers without allocations (#2620)
  • Replace doc_auto_cfg with doc_cfg (#2637)

Bug fixes:

  • Do not encode empty JPEG images (#2624)
  • tga: reject empty images (#2614)
  • tga: fix orientation flip for color mapped images (#2607)
  • tga: adjust colormap lookup to match tga 2.0 spec (#2608)

Version 0.25.8

Re-release of 0.25.7

Fixes:

  • Reverted a signature change to load_from_memory that lead to large scale type inference breakage despite being technically compatible.
  • Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.

Version 0.25.7 (yanked)

Features:

  • Added an API for external image format implementations to register themselves as decoders for a specific format in image (#2372)
  • Added CICP awarenes via moxcms to support color spaces (#2531). The support for transforming is limited for now and will be gradually expanded.
  • You can now embed Exif metadata when writing JPEG, PNG and WebP images (#2537, #2539)
  • Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (#2484)
  • Serde support for more types (#2445)
  • PNM encoder now supports writing 16-bit images (#2431)

Structural changes:

  • Increased MSRV to 1.85.0 (from 1.78.0)

API improvements:

  • save, save_with_format, write_to and write_with_encoder methods on DynamicImage now automatically convert the pixel format when necessary instead of returning an error (#2501)
  • Added DynamicImage::has_alpha() convenience method
  • Implemented TryFrom<ExtendedColorType> for ColorType (#2444)
  • Added const HAS_ALPHA to trait Pixel
  • Unified the error for unsupported encoder colors (#2543)

... (truncated)

Commits
  • 5ceb6af Merge pull request #2640 from Shnatsel/release-v0.25.9
  • 282d7b3 Merge pull request #2646 from oligamiq/main
  • 5412aee Amend the note in accordance with the advice of 197g.
  • 4e8a4ed Clarify default features in README and add usage note
  • ca8fa52 Merge pull request #2644 from image-rs/gif-0.14
  • d9bc8fe mention GIF 0.14 changes
  • 053220a Provide gif's XMP and ICC metadata
  • 2ec20b3 Prepare codec with gif@0.14
  • 31939fa Mention EXR rayon change
  • c7f68be Merge pull request #2643 from Shnatsel/really-optional-rayon
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Dependency updates from Dependabot quarantine Dependency in quarantine period labels Dec 6, 2025
@coderabbitai
Copy link

coderabbitai bot commented Dec 6, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor

github-actions bot commented Dec 6, 2025

🛡️ Dependency Sentinel Check

This dependency update has been received and will follow the Git-Core Protocol lifecycle:

📋 Quarantine Protocol (14 Days)

Phase Status Date
🔬 Quarantine Start NOW 2025-12-06
🧠 AI Analysis 🔄 Pending -
🔍 Community Monitoring 🔄 Active -
🎓 Graduation ⏳ Scheduled 2025-12-20

🤖 AI Analysis Queue

The following AI agents will analyze this update:

  • Gemini 3 Pro - Risk assessment, breaking changes
  • CodeRabbit - Code patterns, best practices
  • Copilot - Final meta-analysis (post-bots)

⚠️ Architecture Check

Before adoption, this update will be validated against:

  • .✨/ARCHITECTURE.md - Critical decisions
  • docs/agent-docs/RESEARCH_STACK_CONTEXT.md - Living context

📖 Protocol Reference

Dependency Quarantine Rule: Versions < 2 weeks old are in quarantine. Never use bleeding-edge dependencies in production.

Managed by Git-Core Protocol Dependency Sentinel

@dependabot
chore(deps): bump image from 0.24.9 to 0.25.9
4a831df 
Bumps [image](https://github.com/image-rs/image) from 0.24.9 to 0.25.9.
- [Changelog](https://github.com/image-rs/image/blob/main/CHANGES.md)
- [Commits](image-rs/image@v0.24.9...v0.25.9)

---
updated-dependencies:
- dependency-name: image
  dependency-version: 0.25.9
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/image-0.25.9 branch from 947154d to 4a831df Compare December 8, 2025 02:51
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 8, 2025

Dependabot can't parse your Cargo.toml. Because of this, Dependabot cannot update this pull request.

@iberi22 iberi22 closed this Dec 8, 2025
@iberi22 iberi22 deleted the dependabot/cargo/image-0.25.9 branch December 8, 2025 07:39
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 8, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Dependency updates from Dependabot quarantine Dependency in quarantine period

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@iberi22