Kozea/WeasyPrint v69.0

on GitHub

This is a security update (CVE-2026-49452).

We strongly recommend to upgrade WeasyPrint to the latest version if you use the --presentational-hints option and render untrusted HTML with restricted CSS properties.

Read about this release on our blog.

Security

• Avoid CSS injection with HTML presentational hints.

Command-line API

• The --srgb option has been replaced by --output-intent=srgb. Other values are possible: device-cmyk for CMYK documents with no ICC profile, or the CSS identifier of a @color-profile rule.

Python API

• The output_intent string entry replaces the srgb boolean in default options.

Features

• #2357, #2700: Support logical properties
• #1194, #2702: Support viewport units
• #2686: Detect redirection loops early in URL fetcher
• #2735, #2737: Support SVG transform angle units
• #2636, #2720, #2773: Use HTML parsers for presentational hints
• #2631, #2778, #2785, #2788: Allow users to set PDF output intent

Bug fixes

• #2697, #2691: Avoid endless loops in grids
• #2709: Be less strict for gradient rasterization in tests
• #2683: Fix rendering of emojis in SVG
• #2688: Always describe font using absolute sizes
• #2676: Fix inheritance for svg/symbol tags referenced by use tags
• #2681: Add dc:description field to PDF/A metadata
• #2680: Force first grid row rendering on empty pages
• #2690: Compute units in gradients used in border background
• #2689: Cut flex elements with fixed height and overflowing children
• #2651, #2696: Fix tests on Debian
• #2698, #2699: Fix alignment of right-to-left elements with auto width and set min/max-width
• #2556: Apply presentational hints to svg tags
• #2706: Handle infinite border radii
• #2707, #2708, #2710: Get mimetypes from Python code instead of various third-party files
• #2717, #2580, #2740: Fix table break retry after padding overflow
• #2769: Add year in PDF/UA-2 metadata
• #2768: Allow SVG lists of numbers to be split on + character
• #2770: Add namespace to Document tag in PDF 2
• #2771: Never try to render SVG use tags with external sources
• #2774: Fix calc in logical
• #2791: Improve management of variables

Documentation

• #2703, #2733: Document command-line option for papersize and orientation

Contributors

• Guillaume Ayoub
• Nils K
• Rob
• Daniel Fitzpatrick
• Elango Subramani
• Lucie Anglade
• Markus Mohanty
• Tomsgu
• arjenzorgdoc

Backers and sponsors

• Spacinov
• Syslifters
• Kobalt
• Grip Angebotssoftware
• Simonsoft
• Menutech
• KontextWork
• TrainingSparkle
• Healthchecks.io
• Method B
• FieldHub
• Hammerbacher
• Yanal-Yves Fargialla
• Prothesis Dental Solutions
• Morntag
• Xavid
• Charlie S.
• PDFBolt
• Kai DeLorenzo