Bump pillow from 11.3.0 to 12.0.0

[dependabot]

Bumps pillow from 11.3.0 to 12.0.0.

Release notes

Sourced from pillow's releases.

12.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/12.0.0.html

Removals

• Remove support for FreeType <= 2.9.0 #9159 [@​radarhere]
• Drop support for Python 3.9 #9119 [@​hugovk]
• Remove deprecations for Pillow 12.0.0 #9053 [@​radarhere]

Deprecations

• Deprecate Image._show #9186 [@​radarhere]
• Deprecate ImageCmsProfile product_name and product_info #8995 [@​lukegb]

Documentation

• ImagingHistogramInstance can use two bands #9251 [@​radarhere]
• Update 12.0.0 release notes #9247 [@​hugovk]
• Added ImageDraw alpha channel examples #9201 [@​radarhere]
• Update Python version #9230 [@​radarhere]
• Updated macOS tested Pillow versions #9209 [@​radarhere]
• Add GitHub profile link to release notes #9197 [@​radarhere]
• Split versionadded info #9190 [@​radarhere]
• Document ImageFile.MAXBLOCK #9163 [@​radarhere]
• Updated macOS version in CI targets #9157 [@​radarhere]
• Fix typos #9135 [@​radarhere]
• Added "Colors" to concepts #9067 [@​radarhere]
• Update macOS tested Pillow versions #9068 [@​radarhere]
• Thanks, folks! #9056 [@​aclark4life]
• Setup nit: "fork" should be lowercased #9055 [@​aclark4life]

Dependencies

• Update dependency cibuildwheel to v3.2.1 #9246 [@renovate[bot]]
• [pre-commit.ci] pre-commit autoupdate #9233 [@pre-commit-ci[bot]]
• Update harfbuzz to 12.1.0 #9218 [@​radarhere]
• Update libtiff to 4.7.1 #9222 [@​radarhere]
• Update FreeType to 2.14.1 on macOS and Linux wheels #9217 [@​radarhere]
• Update dependency cibuildwheel to v3.2.0 #9219 [@renovate[bot]]
• Update Ghostscript to 10.6.0 #9202 [@​radarhere]
• Update openjpeg to 2.5.4 #9215 [@​radarhere]
• Update harfbuzz to 11.5.0 #9203 [@​radarhere]
• Update dependency mypy to v1.18.2 #9213 [@renovate[bot]]
• Update dependency mypy to v1.18.1 #9207 [@renovate[bot]]
• Update github-actions #9194 [@renovate[bot]]
• Updated harfbuzz to 11.4.5 #9150 [@​radarhere]
• Update zlib-ng to 2.2.5 #9140 [@​radarhere]
• Update raqm to 0.10.3 #9137 [@​radarhere]
• Update libjpeg-turbo to 3.1.2 #9188 [@​radarhere]
• [pre-commit.ci] pre-commit autoupdate #9180 [@pre-commit-ci[bot]]

... (truncated)

Commits

• 693df7b 12.0.0 version bump
• d175bb8 Use macos-14 for iOS arm64 simulator (#9258)
• 592b2f8 Revert "Use macos-latest for iOS arm64 simulator"
• 5dddb2c Use enums for Modes and RawModes in C (#9256)
• e7b72a3 Add ImageText (#9098)
• 864d4b6 Shift bits before making value negative (#9255)
• 994a9de Install arro3 dependencies when type checking (#9254)
• d5e1601 Improved documentation
• e533ccc Merge branch 'main' into imagetext
• 95a85dc Use snake case
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/pillow	12.0.0	🟢 7.6	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 8 Found 13/15 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices 🟢 5 badge detected: Passing License 🟢 9 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches

Scanned Files

• poetry.lock

[Tech-TTGames]

@dependabot rebase