Scheduled weekly dependency update for week 11

[pyup-bot]

Update fonttools[lxml,ufo] from 4.61.1 to 4.62.1.

Changelog

4.62.1

----------------------------

- [feaLib] Extend contextual rule merging to all rule types: single subst, GSUB/GPOS
named lookups, ignore rules, and chained alternate subst (4061).

4.62.0

----------------------------

- [diff] Add new ``fonttools diff`` command for comparing font files, imported from the
``fdiff`` project and heavily reworked (1190, 4007, 4009, 4011, 4013, 4019).
- [feaLib] Fix ``VariableScalar`` interpolation bug with non-linear avar mappings. Also
decouple ``VariableScalar`` from compiled fonts, allowing it to work with designspace data
before compilation (3938, 4054).
- [feaLib] Fix ``VariableScalar`` axis ordering and iterative delta rounding to match fontc
behavior (4053).
- [feaLib] Merge chained multi subst rules with same context into a single subtable instead of
emitting one subtable per glyph (4016, 4058).
- [feaLib] Pass location to ``ConditionsetStatement`` to fix glyphsLib round-tripping
(fontra/fontra-glyphs130, 4057).
- [feaLib] Write ``0xFFFF`` instead of ``0`` for missing nameIDs in ``cv`` feature params
(4010, 4012).
- [cmap] Fix ``CmapSubtable.__lt__()`` ``TypeError`` on Python 3 when subtables share the
same encoding record, and add compile-time validation for unique encoding records (4035,
4055).
- [svgLib] Skip non-element XML nodes (comments, processing instructions) when drawing SVG
paths (4042, 4043).
- [glifLib] Fix regression reading glyph outlines when ``glyphObject=None`` (4030, 4031).
- [pointPen] Fix ``SegmentToPointPen`` edge case: only remove a duplicate final point on
``closePath()`` if it is an on-curve point (4014, 4015).
- [cffLib] **SECURITY** Replace ``eval()`` with ``safeEval()`` in ``parseBlendList()`` to
prevent arbitrary code execution from crafted TTX files (4039, 4040).
- [ttLib] Remove defunct Adobe SING Glyphlet tables (``META``, ``SING``, ``GMAP``, ``GPKG``)
(4044).
- [varLib.interpolatable] Various bugfixes: fix swapped nodeTypes assignment, duplicate
kink-detector condition, typos, CFF2 vsindex parsing, glyph existence check, and plot
helpers (4046).
- [varLib.models] Fix ``getSubModel`` not forwarding ``extrapolate``/``axisRanges``; check
location uniqueness after stripping zeros (4047).
- [varLib] Fix ``--variable-fonts`` filter in ``build_many``; remove dead code and fix
comments (4048).
- [avar] Preserve existing name table in build; keep ``unbuild`` return types consistent;
validate ``map`` CLI coordinates (4051).
- [cu2qu/qu2cu] Add input validation: reject non-positive tolerances, validate curve inputs
and list lengths (4052).
- [colorLib] Raise a clear ``ColorLibError`` when base glyphs are missing from glyphMap,
instead of a confusing ``KeyError`` (4041).
- [glyf] Remove unnecessary ``fvar`` table dependency (4017).
- [fvar/trak] Remove unnecessary ``name`` table dependency (4018).
- [ufoLib] Relax guideline validation to follow the updated spec (3537, 3553).
- [ttFont] Fix ``saveXML`` regression with empty table lists, clarify docstring (4025, 4026,
4056).
- [setup.py] Link ``libm`` for Cython extensions using math functions (4028, 4029).
- Add typing annotations for ``DSIG``, ``DefaultTable``, ``ttProgram`` (4033).

Links

• PyPI: https://pypi.org/project/fonttools
• Changelog: https://data.safetycli.com/changelogs/fonttools/
• Repo: http://github.com/fonttools/fonttools