Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump itext7 from 8.0.1 to 8.0.2 #278

Merged
merged 1 commit into from
Jan 29, 2024
Merged

Bump itext7 from 8.0.1 to 8.0.2 #278

merged 1 commit into from
Jan 29, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 29, 2024

Bumps itext7 from 8.0.1 to 8.0.2.

Release notes

Sourced from itext7's releases.

iText Core/Community 8.0.2

Just in time for Halloween, here's a new release of your favorite open-source PDF library for Java and .NET. There's nothing spooky about: iText Core version 8.0.2 and the updated iText Suite add-ons in this release though! Let's take a closer look.

PDF/A-4 support

First and foremost, we've extended iText Core's support for the creation and validation of PDF/A compliant documents to include the latest PDF/A-4 standard. PDF/A-4 is based on the PDF 2.0 specification, unlike the previous PDF/A-3 standard which was based on PDF 1.7. This means it allows some of the new features of PDF 2.0, such as page-level output intents for accurate color interpretation, an updated Unicode version, and improvements to Tagged PDF.

The a ("Accessibility"), u ("Unicode") and b ("Basic") conformance levels in earlier variants of PDF/A have been replaced by two new profiles: e and f. The PDF/UA format now exists for Universal Accessibility, and Unicode is now a requirement in PDF/A-4 for text encoding rather than a specific conformance level. Therefore, the base PDF/A-4 specification replaces the b and u conformance levels.

PDF/A-4e (Engineering) replaces the old PDF/E standard for technical documents, and supports Rich Media and 3D annotations, PDF/A4f allows any type of file to be embedded, similar to PDF/A-3, and builds upon PDFs existing container format capabilities.

In addition, PDF/A-4 has better support for the archiving of fillable forms than PDF/A3, since non-static content is now allowed in the form of JavaScript. Therefore, information about interactive forms can be both stored and archived.

Plus, it simplifies the handling of digital signatures. Which leads us nicely into:

Digital signing

We continue the digital signature revolution we introduced with iText Core version 8.0 with a significant improvement which allows signing to be performed in several steps, rather than as a single operation. This can be especially useful to facilitate concurrency and manage resources efficiently in batch operations. The new deferred signing API already allowed this to some degree, although it required users to manually implement IExternalSignatureContainer themselves -- which is no longer necessary.

There's also a nice improvement for the appearance of digital signatures. Now, the generation of the appearance of signature form fields is delegated to the layout module rather than being manually implemented in the PdfSignatureAppearance class, enabling completely customizable appearances. This means the old layer-based approach is outdated, and has been deprecated.

In relation to a pull request, we added support for signing with the SM2/SM3 algorithms which are becoming more commonplace in China. This didn't quite make it into the 8.0.2 release, however it is available in the latest SNAPSHOT release. You can find an example in the above pull request which is a neat demonstration of how you can take advantage of the algorithm-agnostic signing and validation from the 8.0.1 release.

In addition, with this release we're introducing a new higher level API for signing with PAdES. We're still working on the finer details so it's not quite ready for prime-time yet. However, it's fully-functional so you use it for testing, and get a sneak peak at how it simplifies the digital signing process. Stay tuned for future releases to see further strides in digital signing.

Annotation flattening

There are some nice changes to annotation flattening, where we've implemented a high-level API to simplify and enable easy customization of annotation flattening. You can either tell iText to flatten all annotations with just two lines of code, or if you prefer you can define specific types of annotation to be flattened. The power is now at your fingertips.

Bug fixes and miscellaneous

There's also some miscellaneous improvements and fixes for the layout module relating to table row and cell properties, as well as fixes for a potential infinite loop with tables. We've also fixed an issue where a maliciously crafted PDF with a huge number of pages and empty data structures could cause an out of memory error. Now iText will avoid such issues by more intelligently allocating memory for documents like this.

New Features

PDF/A-4 family support

  • Introduced higher level signing API
  • High-level API for annotation flattening

Improvements

  • Create default implementation for IExternalSignatureContainer
  • Signature appearance improvements

Bug Fixes

  • KeepTogether property set on table might lead to infinite loop
  • PDF with Missing Dict Causes Exception
  • Incorrect processing of table cells with large rowspan occupying more than one page
  • Row span doesn't carry the Cell color to next page
Commits
  • 9b86c94 [RELEASE] iText 8.0.2
  • d0e8649 [RELEASE] 8.0.2
  • f87cac1 Check font glyphs for existence
  • b41dec2 Fix PdfName limit and tag structure version for pdf/a-4
  • c4f4bb0 Add missing copyright headers
  • 965956a Finalize PdfPadesSigner API
  • 3053355 Check and replace JP2 files and add license information
  • 253e942 Add tests for advanced signing operations
  • 20691c0 Introducing a default PKCS7 based External signature container
  • d302517 Use PdfCatalog#getOutlines methods instead of PdfAChecker implementation to p...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump itext7 from 8.0.1 to 8.0.2
0ba9eed 
Bumps [itext7](https://github.com/itext/itext7-dotnet) from 8.0.1 to 8.0.2.
- [Release notes](https://github.com/itext/itext7-dotnet/releases)
- [Commits](itext/itext-dotnet@8.0.1...8.0.2)

---
updated-dependencies:
- dependency-name: itext7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 29, 2024
@Somfic Somfic merged commit 061a4a6 into main Jan 29, 2024
4 of 6 checks passed
@dependabot dependabot bot deleted the dependabot/nuget/itext7-8.0.2 branch January 29, 2024 19:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Somfic