Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump itext7 from 8.0.3 to 8.0.4 #304

Merged
merged 1 commit into from
May 14, 2024
Merged

Bump itext7 from 8.0.3 to 8.0.4 #304

merged 1 commit into from
May 14, 2024
+1 −1

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 30, 2024

Bumps itext7 from 8.0.3 to 8.0.4.

Release notes

Sourced from itext7's releases.

iText Core/Community 8.0.4

It’s time for the second release of 2024 of your favorite open-source PDF library for Java and .NET. This time the big news for iText Core version 8.0.4 is GraalVM Native Image support. Our devs have been hard at work on this feature for a while, and it’s something we’ve been pretty excited about!

In addition, we have further improved our PDF/UA support with new APIs, automated checks, and implemented the IAccessibleElement layout element for form fields.

We've also enhanced iText's digital signature validation capabilities with improved OCSP logic, and the ability to parse document revisions.

GraalVM Native Image Support

As you can see on https://www.graalvm.org/native-image/libraries-and-frameworks/, the iText Core libraries are listed as tested with this technology.

If you’re not familiar with GraalVM Native Image, it is an ahead-of-time compilation technology - meaning that rather than running on a Java Virtual Machine, the code is compiled to a binary standalone executables. The neat thing about Native Image executables is they can offer several advantages over traditional JVM implementations:

  • Resource Efficiency: They are cheaper to run, since they use a fraction of the resources required by a Java Virtual Machine.

  • Fast Startup: Native Image executables start in milliseconds.

  • Immediate Peak Performance: They deliver peak performance immediately, with no warmup.

  • Efficient Deployment: Native executables can be packaged into lightweight container images for fast and efficient deployment.

  • Reduced Attack Surface: Since they only include the code required at runtime, native executables present a reduced attack surface.

GraalVM Native Image executables are ideal for containers and cloud deployments as they are small, start very quickly, and require significantly less CPU and memory. Furthermore, with profile-guided optimization, you can make GraalVM Native Image executables even faster.

As you can imagine, this opens up a world of possibilities for iText applications and we’re looking forward to seeing what you can do with it. So, if you develop anything cool, let us know!

Improved PDF/UA creation and checks

Following on from the general checks and helper logic for PDF/A and PDF/UA creation in the previous release, we’ve introduced some additional APIs for more user-friendly PDF/UA document creation - which you can see in action in our updated PDF/UA (Java/.NET) example. In addition, metadata for form fields can now be accessed and changed using the IAccessibleElement layout element.

Not only that, we’ve also implemented a host of helpful automated checks to assist developers when generating conformant PDF/UA-1 documents. The idea is to guide developers and alert them with more descriptive exceptions if iText detects any missing tags or incorrectly tagged content.

We’ve followed the guidelines set out in the Matterhorn Protocol document, and while it is not (yet!) possible to identify all failure conditions in software alone, the additional detail in these exceptions will be a great help for developers to track down and resolve such issues.

Digital Signature Validation

Improved OCSP Validation

We’ve continued our work on the sign module by improving the logic of the OCSPVerifier class (Java/.NET). This class allows you to verify a digital certificate against one or more Online Certificate Status Protocol responses, which is useful when you want to determine the status of a certificate without requiring Certificate Revocation Lists (CRLs).

Read and Roll Back Document Revisions

We’ve added some functionality in the kernel and sign modules which enable iText to parse and gather the revisions to a signed document, and roll back to a previous version if necessary.

Bug fixes and miscellaneous

We’ve improved the tagging for interactive form fields, and fixed a bug for list boxes where an infinite loop could result if the number of items exceeded what the page size would allow. In addition, there’s a couple of font-related fixes; one where the font changed after a special character, and one for not selecting an appropriate font if the character was neither first nor significant.

Other stuff

Don’t forget that in addition to the resources on our Knowledge Base, on our GitHub you can find a ton of useful up-to-date samples in the following repos:

Java

... (truncated)

Commits
  • 5e81e0b [RELEASE] iText 8.0.4
  • 78f1884 [RELEASE] 8.0.4
  • 152028c Fix font selection in case diacritic font doesn't contain previous symbol
  • 7b73cad Fix signature size calculation in PadesTwoPhaseSigningHelper
  • 8c62694 Add missing copyright headers
  • b01fa87 Introduce SignatureValidationProperties class
  • b6ef421 Adds EnumSet and MapExtensions
  • bc8a3bc Rework font selection strategies and add a new one (char by char) and add log...
  • 4b105e0 Fix empty row elimination logic
  • 16d6743 Process SignMetaInfo to ignore multiple document creation events per one sign...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump itext7 from 8.0.3 to 8.0.4
57b3e53 
Bumps [itext7](https://github.com/itext/itext7-dotnet) from 8.0.3 to 8.0.4.
- [Release notes](https://github.com/itext/itext7-dotnet/releases)
- [Commits](itext/itext-dotnet@8.0.3...8.0.4)

---
updated-dependencies:
- dependency-name: itext7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 30, 2024
@Somfic Somfic merged commit 2cdd9f2 into main May 14, 2024
5 of 6 checks passed
@Somfic Somfic deleted the dependabot/nuget/itext7-8.0.4 branch May 14, 2024 12:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Somfic