Bump itext7 from 7.2.3 to 7.2.5

[dependabot]

Bumps itext7 from 7.2.3 to 7.2.5.

Release notes

Sourced from itext7's releases.

iText Core/Community 7.2.5

Happy 2023 everyone! Thanks to our regular quarterly release schedule, the start of a new year also means you can expect a new release of your favorite open-source PDF library: iText Core 7.2.5!

That's not all though, since if you read our blog you'll know that a brand-new version of iText is in the works. iText 8 is coming, and our development team are hard at work adding new features and revising the API to make it even more intuitive for developers. You can learn about some of the things we have planned in our release blog, but customers can get a sneak-peak by checking out the 8.0 snapshots from our Artifactory. Things could still break or change in the API before release though, so be warned!

As for iText Core 7.2.5 though we've still got plenty of neat stuff to talk about, so let's get right into it.

A change in the way documents are opened means you should see a significant performance increase when opening or processing PDFs. In addition, we’ve improved Core’s resilience when dealing with PDFs with incorrect or malformed cross reference (xref) tables. Previous versions would already do a pretty good job of rebuilding invalid xrefs when opening a document. However, issues could still be encountered when a trailer containing references to an object was located before the actual object’s location, for example in linearized PDFs with corrupted xrefs. Cases like these should now be resolved.

The wrapping of text elements inside Paragraph objects has been improved to fix problems with spaces at the beginning or end of lines. See the example linked below for more information.

Support for TIFF images has been updated and extended to include more CCITT compression types. Images using the T.4 compression standard are now supported in Core.

Finally, a bug relating to merging documents has been resolved. In previous versions, layers with identical names would be discarded when merging with UseSmartMode(), even when the layers were assigned to different pages in the document.

iText Core/Community 7.2.4

As the last quarter of 2022 rolls around, it’s time for our final release of the year for iText 7 Core. While there’s nothing quite as big to announce as the Android reference implementation from last time, we do have a few cool new things in iText 7.2.4 to tell you about. There’s a nice convenience method improvement for creating tagged PDFs, plus a couple of changes relating to default color spaces for PDF/A documents, and for PDF/A detection in the sign module.

Let’s talk about the changes to PDF tagging first. We noticed that when you apply iText's tagging defaults to somewhat advanced layouts, it could result in rather convoluted tag structures. You could remedy such issues by calling getAccessibilityProperties().setRole(null) on the layout element(s) that don't have semantic value, which attaches all children of the layout element to the element's parent for tagging purposes. However, this was a little inconvenient since invoking setRole(...) is not chainable with regards to the underlying layout element, since it operates on AccessibilityProperties instead of on the layout node itself. This meant that to use this feature, you would need to create an intermediate variable to hold the layout element you wish to be "tag-neutral". To improve things, we’ve added a chainable setNeutralRole() method which can be implemented at the layout element level instead, which is a much more elegant solution.

As for the change to PDF/A default color spaces, ISO 19005-2 6.2.4.3 states that when rendering colors specified in DeviceRGB or DeviceCMYK, and where no matching device independent default color space has been set, conforming readers should use the profile in the file’s PDF/A OutputIntent dictionary as the source color space. Previous versions of iText were not aware when some content was drawn using the color space set by default, and so we’ve now added a check for the Default Color Space in our PdfAChecker mechanism.

In addition, we’ve made an improvement to the sign module relating to the detection and initialization of PDF/A documents. In previous versions of iText 7 Core, we did not check if the given document was a PDF or a PDF/A document. This prevented the PdfSigner from initializing the document as a PdfADocument if it was required. Now the PdfSigner class will check to see if a document claims PDF/A conformance, and treat it accordingly. Note that this does count as a breaking change, so see the example linked below to learn more.

We have also fixed a bug where BBox values for table cells would be inaccurate, leading to text clipping issues. See the example linked below for more information about this fix.

Improvements

• PDF/A: Add check for Default Color Space
• Implement chainable API to neutralize tagging on specific layout elements
• Implement PDF Type 0 (Sampled) Functions (chapter 7.10.2 of 32000-1_2008)
• In the method ImagePdfBytesInfo.decodeTiffAndPngBytes when the colorspace is a separation color space don't throw an exception but recalculate the image pixels to the alternate colorspace of the separation color
• Update CMap files in font-asian package

Bugs

• Smart mode copying merges GoTo actions with different explicit destinations into a single PDF object
• PdfDocument.copyPagesTo was creating corrupt PDFs when there was a button widget whose action is to jump to another page within the same document
• When merging using UseSmartMode() layers with identical names were discarded
• Result of text extraction differs from the original document text for CJK fonts (Identity-H/V encoding)
• table.createRendererSubTree() is producing an incorrect height calculation for the occupied area BBox. If we set the cell height to the calculated value, then text is being clipped on the final output

Commits

• f6098a4 [RELEASE] iText 7 7.2.5
• e86cbb2 [RELEASE] 7.2.5
• fb41272 Update copyright notice to 2023
• 2602afc Add more CCITT 3 tests
• 1357e5b Add test for corrupt CCITT tif image.
• 227d753 Update CCITT EOL handling to cope with fill.
• a9036ae Split flex container renderer
• 284d6a7 Discard FORCED_PLACEMENT property of a block renderer after some child is ren...
• 7fa0001 Fix Zip Bomb attack security hotspot
• 139848a Correctly rebuild cross refrence table when trailer is before objects
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information