{"id":1409,"library":"cairosvg","title":"CairoSVG","description":"CairoSVG is a Python library that converts SVG files to other formats such as PNG, PDF, and EPS. It is built on top of the Cairo graphics library. The current version is 2.9.0, and it maintains a regular release cadence, including minor feature updates and critical security patches.","status":"active","version":"2.9.0","language":"en","source_language":"en","source_url":"https://github.com/Kozea/CairoSVG/","tags":["svg","converter","pdf","png","eps","graphics","cairo"],"install":[{"cmd":"pip install cairosvg","lang":"bash","label":"Install CairoSVG"},{"cmd":"sudo apt-get install libcairo2-dev # Debian/Ubuntu\nbrew install cairo # macOS\n# Other OS may require manual Cairo installation","lang":"bash","label":"Install Cairo (OS-level dependency)"}],"dependencies":[{"reason":"Python bindings for the Cairo graphics library, essential for rendering.","package":"pycairo"},{"reason":"Required for handling raster images embedded in SVGs.","package":"Pillow","optional":true}],"imports":[{"symbol":"svg2png","correct":"from cairosvg import svg2png"},{"symbol":"svg2pdf","correct":"from cairosvg import svg2pdf"},{"note":"Used for 'fixing' SVG files or converting between SVG versions.","symbol":"svg2svg","correct":"from cairosvg import svg2svg"},{"note":"EPS export was added in version 2.5.0.","symbol":"svg2eps","correct":"from cairosvg import svg2eps"}],"quickstart":{"code":"import cairosvg\nimport os\n\n# Example SVG content as a byte string\nsvg_content_bytes = b'''\n<svg width=\"200\" height=\"200\" xmlns=\"http://www.w3.org/2000/svg\">\n  <rect x=\"50\" y=\"50\" width=\"100\" height=\"100\" fill=\"red\" />\n  <circle cx=\"100\" cy=\"100\" r=\"40\" fill=\"yellow\" />\n</svg>\n'''\n\n# Convert SVG to PNG and save to a file\npng_output_path = \"output.png\"\nwith open(png_output_path, \"wb\") as f_png:\n    cairosvg.svg2png(bytestring=svg_content_bytes, write_to=f_png)\nprint(f\"SVG converted to PNG: {png_output_path}\")\n\n# Convert SVG to PDF and save to a file\npdf_output_path = \"output.pdf\"\nwith open(pdf_output_path, \"wb\") as f_pdf:\n    cairosvg.svg2pdf(bytestring=svg_content_bytes, write_to=f_pdf)\nprint(f\"SVG converted to PDF: {pdf_output_path}\")\n\n# Clean up generated files (optional)\n# os.remove(png_output_path)\n# os.remove(pdf_output_path)","lang":"python","description":"This quickstart demonstrates how to convert a simple SVG byte string to a PNG and a PDF file using `cairosvg.svg2png` and `cairosvg.svg2pdf`. The `bytestring` parameter expects bytes, and `write_to` expects a file-like object open in binary write mode."},"warnings":[{"fix":"Upgrade your Python environment to at least 3.10 or ensure your CairoSVG version is compatible with your Python version. Always check the `requires_python` field on PyPI.","message":"CairoSVG frequently drops support for older Python versions. As of 2.9.0, Python 3.9 is no longer supported, requiring Python >=3.10. Earlier versions dropped support for Python 3.5, 3.6, 3.7, and 3.8.","severity":"breaking","affected_versions":">=2.5.0"},{"fix":"For unusually large or complex documents with many `<use>` tags, use the `--unsafe` option on the command line or the `unsafe=True` parameter in conversion functions. Review your SVG structure to reduce excessive nesting if possible.","message":"To prevent denial-of-service (DoS) attacks, CairoSVG 2.9.0 introduced a hard limit of 100,000 recursively nested `<use>` tags. Documents exceeding this limit will stop rendering prematurely.","severity":"breaking","affected_versions":">=2.9.0"},{"fix":"To allow fetching external resources, use the `--unsafe` option on the command line or pass `unsafe=True` or a custom `url_fetcher` parameter to the conversion functions. Exercise caution when enabling this option with untrusted SVG sources.","message":"As of CairoSVG 2.7.0, fetching external resources (like remote images or stylesheets) from SVGs is disabled by default due to security concerns. This can lead to missing content in converted outputs if external URLs are used.","severity":"breaking","affected_versions":">=2.7.0"},{"fix":"Upgrade to CairoSVG 2.5.1 or newer immediately to mitigate ReDoS vulnerabilities. This is a critical security update.","message":"Versions prior to 2.5.1 were vulnerable to Regular Expression Denial of Service (ReDoS) attacks when processing malicious SVG files, potentially causing the process to hang indefinitely.","severity":"breaking","affected_versions":"<2.5.1"}],"env_vars":null,"last_verified":"2026-04-09T00:00:00.000Z","next_check":"2026-07-08T00:00:00.000Z"}