Skip to content

Bump afdko from 4.0.3 to 5.0.1#351

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/afdko-5.0.1
Open

Bump afdko from 4.0.3 to 5.0.1#351
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/afdko-5.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Copy link
Copy Markdown
Contributor

Bumps afdko from 4.0.3 to 5.0.1.

Release notes

Sourced from afdko's releases.

5.0.1

Release Notes

5.0.0

Release Notes

Changelog

Sourced from afdko's changelog.

5.0.1 (released 2026-05-18)

  • [otfautohint/otfstemhist] Fix "No module named 'typing_extensions'" failure on Python 3.10 (#1828)
  • [spot] Fix U+00A9 (copyright) rendering as U+FFFD in name table output (#1828)
  • [build] Fix STRCPY_S macro to avoid format-security error (#1830)
  • [addfeatures tests] Fix variable font test files; add comprehensive test coverage (#1832)
  • [README] Remove outdated macOS Python installation note (#1836)

5.0.0 (released 2026-03-22)

Major restructuring: Unified command interface, massive C++ modernization, and build system overhaul

This is a major release with extensive architectural changes including a substantial C→C++ conversion. While we have worked to maintain compatibility, with this much change there are likely to be regressions. Users not in a position to thoroughly verify their output may want to wait for 5.0.1 or 5.0.2 before upgrading.

Summary of Command and Interface Changes

Unified Command Interface

  • New primary interface: All AFDKO tools are now accessed through afdko <command> syntax
    afdko makeotf -r
    afdko tx -dump font.otf
    afdko spot -Proof font.otf
  • Deprecated wrappers: Individual command wrappers (e.g., makeotf, tx, spot) are deprecated with gradual rollout:

makeotfexe → addfeatures Transition

  • Variable Font Support: addfeatures, which replaces makeotfexe, supports more direct building of variable fonts:
  • Workflow changes: For direct invocation, you may now need to build a CFF table first using tx
    • tx has been enhanced with features previously exclusive to makeotfexe, including GlyphOrderAndAliasDB support

Other Changes

Major C/C++ Port

  • C → C++ conversion: Overall codebase is now 49% C++ vs 4% C++ in v4.0

... (truncated)

Commits
  • cef990e Release 5.0.1
  • 586d0f6 Update NEWS.md for 5.0.1 release (#1837)
  • 91f6af6 Remove outdated macOS Python installation note from README (#1836)
  • cd16e5e Fix variable font test files and add comprehensive test coverage (#1832)
  • dee0d52 Fix STRCPY_S macro to avoid format-security error (#1830)
  • 547ac97 Update Python version requirements and fix deprecations (#1826)
  • d11932f Merge pull request #1828 from adobe-type-tools/fix-typing-extensions-and-spot...
  • 60b11e9 Fix mypy compatibility for Self imports
  • a5095c3 Fix two bugs: missing typing_extensions dependency and spot isprint locale issue
  • 7bc9e01 Simplify Recent News section in README
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [afdko](https://github.com/adobe-type-tools/afdko) from 4.0.3 to 5.0.1.
- [Release notes](https://github.com/adobe-type-tools/afdko/releases)
- [Changelog](https://github.com/adobe-type-tools/afdko/blob/develop/NEWS.md)
- [Commits](adobe-type-tools/afdko@4.0.3...5.0.1)

---
updated-dependencies:
- dependency-name: afdko
  dependency-version: 5.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 19, 2026
@github-actions

Copy link
Copy Markdown

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

requirements.txt

PackageVersionLicenseIssue Type
afdko5.0.1NullUnknown License

setup.py

PackageVersionLicenseIssue Type
afdko5.0.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
pip/afdko 5.0.1 UnknownUnknown
pip/afdko 5.0.1 UnknownUnknown

Scanned Files

  • requirements.txt
  • setup.py

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants