Release 0.23.0-preview0

[fintelia]

The next branch has accumulated a bunch of changes that improve various aspects of the library, but require a major version bump. We should release a preview version of the crate soon so that we can test them.

Are there any remaining patches we should wait on before a first preview release?

[HeroicKatora]

Of those outstanding PRs that should go into next:

• Fixes #1058. Migrated to ImageError from std::io::Error #1066 is a consistency change, partially necessary to start working on error types
• Less in root #1062 is rather small in scope, but with definitive impact on crate users. I'd rather put it into the first preview to set clearer expectations.
• Bump tiff version for next #1081 for improved compile times and dependency minimization

Other changes seem less consquential.

• Error clean up #928 is an ambitious work but needs time to find the correct set of variants anyways. It's not highly critical.
• Flif decoding support implemented #930, DXT: Fix alpha handling #1060 show that we might want to dedicate some thought into making the ImageFormat enum non-exhaustive, potentially other types as well. However, that's not decided and delaying it until a finalized 0.23 seems just fine.
• Fix potential overflow in GIF decoding #1036 likewise will not likely affect too many users
• No tracking issue but we would want to update some dependencies. That would mean ensuring that there aren't any issues blocking us from doing so. However, that's no breaking concern for the preview release.

CI indicates the branch is theoretically ready

[CryZe]

image seems to use tiff 0.3.1 at the moment. It seems tiff 0.4.0 just got released. Will that also go into 0.23.0 of image? The reason why I'm asking is that tiff 0.3.1 seems to be the only crate pulling syn <1.0 into my dependency tree, which slows down compile times significantly.

[nox]

Any ETA for 0.23?

[Shnatsel]

I'd like to point out that while #1036 is not that critical in and of itself, it blocks further fuzzing. So it may be preventing discovery of other failure conditions on crafted inputs - panics, memory exhaustion, infinite loops, etc.

[nox]

Seems like the biggest blocker is now #928.

[Manishearth]

Could we perhaps have a patch release on 0.22 that uses the newer tiff (so that others can use the new num_derive and thus syn)? Duplicated syn dependencies really slow down build times

[nox]

tiff is exposed from the public API which is why we are waiting on 0.23, AFAIK.

[Manishearth]

Ah, makes sense.