Comment on PNG has been updated for the first time in 22 years — new spec supports HDR and animation
Tetsuo@jlai.lu 2 days agoI’m probably gonna be massively downvoted for saying the forbidden word but I asked AI to do a summary with references of the forward and backward compatibility of PNG’s new version:
!
Based on recent search results, the new PNG specification (Third Edition) and its reference library (libpng) maintain strong backward compatibility while introducing modern features. Here’s a detailed compatibility analysis:
🔄 1. Backward Compatibility (Viewing Old PNGs with New Lib)
- Full Support: The new libpng (1.6.49+) and PNG Third Edition fully support legacy PNG files. Existing PNGs (conforming to the 2003/2004 spec) will render correctly without changes .
- Implementation Stability: Libpng’s API evolution (e.g., hiding
png_struct
/png_info
internals since 1.5.0) ensures older apps usingpng_get_*
/png_set_*
functions remain compatible. Direct struct access, deprecated since 1.4.x, may break in libpng 2.0.x (C99-only) . - Security Enhancements: Critical vulnerabilities (e.g., CVE-2019-7317 in
png_image_free()
) were patched in libpng 1.6.37+, making the new lib safer for decoding old files .
⚠️ 2. Forward Compatibility (Viewing New PNGs with Old Lib)
- Basic Support: Older libpng versions (pre-1.6.37) can decode new PNGs if they avoid new features. Core chunks like
IHDR
orIDAT
remain unchanged . - New Feature Limitations:
- HDR Imagery: Requires libpng 1.6.45+ and apps supporting the
mDCv
chunk. Older libs ignore HDR data, falling back to SDR, which may cause color inaccuracies . - APNG Animation: Officially standardized in PNG Third Edition. Older libs (e.g., <1.6) treat APNG as static images, showing only the first frame .
- EXIF Metadata: New
eXIf
chunks are ignored by legacy decoders, losing metadata like GPS or copyright info .
- HDR Imagery: Requires libpng 1.6.45+ and apps supporting the
- Security Risks: Older libs (e.g., ≤1.6.36) contain unpatched vulnerabilities (e.g., CVE-2015-8126). Parsing malicious new PNGs could exploit these flaws .
📊 Compatibility Summary
Scenario | Compatibility | Key Considerations |
---|---|---|
Old PNG → New Lib | ✅ Excellent | Legacy files work flawlessly; security improved. |
New PNG → Old Lib | ⚠️ Partial | Basic rendering works, but HDR/APNG/EXIF ignored. Security risks in unpatched versions. |
New Features | 🔧 Conditional | Requires updated apps (e.g., Photoshop, browsers) and OS support . |
🔧 3. Implementation and Industry Adoption
- Broad Support: Major browsers (Chrome, Safari, Firefox), OSs (iOS, macOS), and tools (Photoshop, DaVinci Resolve) already support the new spec .
- Progressive Enhancement: New features like HDR use optional chunks, ensuring graceful degradation in older software .
- Future-Proofing: Work on PNG Fourth Edition (HDR/SDR interoperability) and Fifth Edition (better compression) is underway .
💎 Conclusion
- Upgrade Recommended: New libpng (1.6.49+) ensures security and full compatibility with legacy files.
- Test Workflows: Verify critical tools handle new features (e.g., APNG animation in browsers).
- Fallbacks for Old Systems: For environments stuck with outdated libs, convert new PNGs to legacy format (e.g., strip HDR/APNG) .
For developers: Use png_get_valid(png_ptr, info_ptr, PNG_INFO_mDCv)
to check HDR support and provide fallbacks .
!<
Artisian@lemmy.world 2 days ago
downvoters: is it wrong?
hardware26@discuss.tchncs.de 2 days ago
I don’t know. If the poster couldn’t be bothered to fact-check, why would I? It is just safer to assume that it is misinformation.
Tetsuo@jlai.lu 2 days ago
If you prefer to know nothing about PNG compatibility rather than something that might be true about PNG. That’s fine but definitely not my approach.
Also, as I said to another commenter. Critical thinking is not some tool you decide to use on some comments and not others. An AI answer on some topics is actually more likely to be correct than an answer by a human being. And it’s not some stuff I was told by an AI guru it’s what researchers are evaluating in many universities. Ask an human to complete various tasks and then ask the AI model and compare scientifically the data. And it turns out there is task where the AI outperforms the human pretty much all the time.
YET on this particular task the assumption is that it’s bullshit and it’s just downvoted. Now I would have posted the same data myself and for some reason I would not see a single downvote. The same data represented differently completely change the likelihood of it being accurate. Even though at the end of the day you shouldn’t trust blindly neither a comment from an human or an AI output.
Honestly, I’m saddened to see people already rejecting completely the technology instead of trying to understand what it’s good at and what it’s bad at and most importantly experiencing it themselves.
I wanted to know what was generative AI worth so I read about it and tried it locally with open source software. Now I know how to spot images that are AI generated, I know what’s difficult for this tech and what is not. I think that’s a much healthier attitude than blindly rejecting any and all AI outputs.
AstaKask@lemmy.cafe 2 days ago
You put way too much trust in AI. AI is seldom right. It is however very good at sounding like it knows what it’s talking about. It’s like a conservative podcaster.
kungen@feddit.nu 2 days ago
Considering it named CVE-2019-7317, which was fixed in April 2019, it’s already hallucinating and not worth reading further into it.
Tetsuo@jlai.lu 2 days ago
As you can see it’s irrelevant apparently. If it’s AI generated it will be downvoted.
null@slrpnk.net 2 days ago
It’s not irrelevant, it’s that you don’t actually know.
If you started your comment by saying “This is something I completely made up and may or may not be correct” and then posted the same thing, you should expect the same result.
Tetsuo@jlai.lu 2 days ago
I did check some of the references.
What I dont understand is why you would perceive this content as more trustworthy if I didn’t say it’s AI.
Nobody should trust blindly some anonymous comment on a forum. I have to check what the AI blurbs out but you can just gobble the comment of some stranger without exercising yourself some critical thinking?
As long as I’m transparent on the source and especially since I did check some of it to be sure it’s not some kind of hallucination…
There shouldn’t be any difference of trust between some random comment on a social network and what some AI model thinks on a subject.
Also it’s not like this is some important topic with societal implications. It’s just a technical question that I had (and still doesn’t) that doesn’t mandate researching. None of my work depends on that lib. So before my comment there was no information on compatibility. Now there is but you have to look at it critically and decide if you want to verify or trust it.
That’s why I regret this kind of stubborn downvoting where people just assume the worse instead of checking the actual data.
Sometime I really wonder if I’m the only one supposed to check my data? Aren’t everybody here capable of verifying the AI output if they think it’s worth the time and effort?
Basically, downvoting here is choosing “no information” rather than “information I have to verify because it’s AI generated”.