Bump mpdf/mpdf from 7.1.0 to 8.1.6

[dependabot]

Bumps mpdf/mpdf from 7.1.0 to 8.1.6.

Release notes

Sourced from mpdf/mpdf's releases.

Version 8.1.0 released

Version 8.1.0 contains cleanups, fixes, a few code refactorings most importantly leading to a new experimental feature of internal services container.

Note: as this is an experimental feature, key names and interface names for container services can and will change in future versions.

Container

A new optional parameter has been added to the Mpdf class constructor. It expects an instance of \Mpdf\Container\ContainerInterface (which is compatible and in mPDF 10.0 will be replaced by proper PSR-11 ContainerInterface), which can now override two internal services: HTTP client, and local filesystem resource loader.

HTTP Client

The Mpdf\Http\ClientInterface, also compatible with and planned to be upgraded to PSR-7 HTTP Client, can be used by the httpClient key of the passed Container and used to restrict remote HTTP calls, implementing HTTP requests cache, altering incoming responses etc. With a simple bridge, it can be used to leverage already used HTTP client in an existing application, such as Guzzle or Symfony HTTP Client.

By default, a simple implementation based on curl (if available) or sockets (as a fallback) is used.

Local filesystem content loader

The simple Mpdf\File\LocalContentLoaderInterface is used to load local content. Custom implementation by the container key localContentLoader can implement restrictions for certain directories of the filesystem to prevent outside HTML code loading unwanted files. Default implementation uses a simple file_get_contents call.

Unwanted stream wrappers are handled for all local and remote content fetches in an encapsulating internal service.

Support our work

Thank you for any work you put into mPDF - refactorings, bug fixes, new feature requests.

We also welcome any donation.

Yaaay! 22 million (!) downloads 🎉!

Hope number of downloads will keep rising!

Version 8.0.0 released

Version 8.0.0 contains code cleanups, a few minor fixes and features, and most importantly bump of internal dependency of the FPDI library to version 2.

This introduces a few breaking changes.

Method SetImportUse has been removed and ImportPage changed case to importPage and has a new signature:

public function importPage($pageNumber, $box = PageBoundaries::CROP_BOX, $groupXObject = true)

---

Library generating QR codes has been split to a separate package mpdf/qrcode. This reduced package size by about 6 MB. The library will raise an exception hinting to install the package with composer when needed and not present.

---

Complete changeset can be found in changelog and commit history.

... (truncated)

Changelog

Sourced from mpdf/mpdf's changelog.

mPDF 8.2.x

New features

• Watermark text can now be colored using \Mpdf\Watermark DTO. \Mpdf\WatermarkImage DTO for images. (#1876)

mPDF 8.1.x

New features

• Service container for internal services
• Set /Lang entry for better accessibility when document language is available (@​cuongmits, #1418)
• More verbose helper methods for Output: OutputBinaryData, OutputHttpInline, OutputHttpDownload, OutputFile (since v8.1.2)
• Set font-size to auto in textarea and input in active forms to resize the font-size (@​ChrisB9, #1721)
• PHP 8.2 support in mPDF 8.1.3
• Added support for psr/log v3 without dropping v2. (@​markdorison, @​apotek, @​greg-1-anderson, #1857)

Bugfixes

• Better exception message about fonts with MarkGlyphSets (Fix for #1408)
• Updated Garuda font with fixed "k" character (Fix for #1440)
• Testing and suppressing PNG file conversion errors
• Prevent hyphenation of urls starting with https and e-mail addresses (@​HKandulla, #1634)
• Colorspace restrictor reads mode from Mpdf and works again (Fix for #1094)
• Prevent exception when multiple columns wrap to next page
• Update default curlUserAgent configuration variable from Firefox 13 to 108

mPDF 8.0.x

• Ability to customize User-Agent header in the HTTP requests sent by cURL (@​samuelecat, #1229)
• Add Page Number Myanmar Language Support (@​MinKyawNyunt, #1201)
• new Mpdf\Exception\FontException extending base MpdfException was introduced and is thrown on Font manipulation
• A bit cleaner exception messages for font-related errors
• Use atomic cache writing. (@​PATROMO, #1186)
• Fix: "Undefined index: group" when calling MultiCell when using font without OTL data (@​Kekos, #1213, #941)
• Add C128RAW barcode type to create any barcode (ex: subtype change in middle of barcode) (#1124)
• Add proxy support to curl
• Fixed date and time format in the informations dictionary (#1083, @​peterdevpl)
• Checking allowed stream wrappers in CssManager
• PHP 7.4 support (until final 7.4 release with composer --ignore-platform-reqs)
• Improve debugging of remote content issues (@​ribeirobreno)
• Added exposeVersion configuration variable allowing to hide mPDF version from Producer tag and HTTP headers
• Added the check for JPEG SOF header 0xFF 0xC1 (extended) (@​jamiejones85)
• Allows setting none as zoom mode in SetDisplayMode method, so that OpenAction is not written (#602)
• Allowed image stream whitelist to be customised (#1005, thanks @​jakejackson)

... (truncated)

Commits

• 146c7c1 Release v8.1.6
• 465e6a8 Added support for psr/log v3 without dropping v2.
• 1feff2a Remove php-http/message-factory from deps
• 637ef4d Bump version constant
• c264ce2 Release v8.1.5
• 267bf15 Use actions/checkout@v3
• 865bca6 Fix PageBox missing keys on page-break avoid (Closes #1844, #1847)
• 53b600f Move hyphenation hyphen to another line when the line ends with another hyphe...
• b3d038d More concise PHP version support table in readme
• ef90b4c Ignore css variables in ColorConverter (Closes #1795)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.