Bump mpdf/mpdf from 8.0.15 to 8.1.1

[dependabot]

Bumps mpdf/mpdf from 8.0.15 to 8.1.1.

Release notes

Sourced from mpdf/mpdf's releases.

Version 8.1.0 released

Version 8.1.0 contains cleanups, fixes, a few code refactorings most importantly leading to a new experimental feature of internal services container.

Note: as this is an experimental feature, key names and interface names for container services can and will change in future versions.

Container

A new optional parameter has been added to the Mpdf class constructor. It expects an instance of \Mpdf\Container\ContainerInterface (which is compatible and in mPDF 10.0 will be replaced by proper PSR-11 ContainerInterface), which can now override two internal services: HTTP client, and local filesystem resource loader.

HTTP Client

The Mpdf\Http\ClientInterface, also compatible with and planned to be upgraded to PSR-7 HTTP Client, can be used by the httpClient key of the passed Container and used to restrict remote HTTP calls, implementing HTTP requests cache, altering incoming responses etc. With a simple bridge, it can be used to leverage already used HTTP client in an existing application, such as Guzzle or Symfony HTTP Client.

By default, a simple implementation based on curl (if available) or sockets (as a fallback) is used.

Local filesystem content loader

The simple Mpdf\File\LocalContentLoaderInterface is used to load local content. Custom implementation by the container key localContentLoader can implement restrictions for certain directories of the filesystem to prevent outside HTML code loading unwanted files. Default implementation uses a simple file_get_contents call.

Unwanted stream wrappers are handled for all local and remote content fetches in an encapsulating internal service.

Support our work

Thank you for any work you put into mPDF - refactorings, bug fixes, new feature requests.

We also welcome any donation.

Yaaay! 22 million (!) downloads 🎉!

Hope number of downloads will keep rising!

Changelog

Sourced from mpdf/mpdf's changelog.

mPDF 8.1.x

New features

• Service container for internal services
• Set /Lang entry for better accessibility when document language is available (@​cuongmits, #1418)
• More verbose helper methods for Output: OutputBinaryData, OutputHttpInline, OutputHttpDownload, OutputFile

Bugfixes

• Better exception message about fonts with MarkGlyphSets (Fix for #1408)
• Updated Garuda font with fixed "k" character (Fix for #1440)
• Testing and suppressing PNG file conversion errors
• Prevent hyphenation of urls starting with https and e-mail addresses (@​HKandulla, #1634)
• Colorspace restrictor reads mode from Mpdf and works again (Fix for #1094)

mPDF 8.0.x

• Ability to customize User-Agent header in the HTTP requests sent by cURL (@​samuelecat, #1229)
• Add Page Number Myanmar Language Support (@​MinKyawNyunt, #1201)
• new Mpdf\Exception\FontException extending base MpdfException was introduced and is thrown on Font manipulation
• A bit cleaner exception messages for font-related errors
• Use atomic cache writing. (@​PATROMO, #1186)
• Fix: "Undefined index: group" when calling MultiCell when using font without OTL data (@​Kekos, #1213, #941)
• Add C128RAW barcode type to create any barcode (ex: subtype change in middle of barcode) (#1124)
• Add proxy support to curl
• Fixed date and time format in the informations dictionary (#1083, @​peterdevpl)
• Checking allowed stream wrappers in CssManager
• PHP 7.4 support (until final 7.4 release with composer --ignore-platform-reqs)
• Improve debugging of remote content issues (@​ribeirobreno)
• Added exposeVersion configuration variable allowing to hide mPDF version from Producer tag and HTTP headers
• Added the check for JPEG SOF header 0xFF 0xC1 (extended) (@​jamiejones85)
• Allows setting none as zoom mode in SetDisplayMode method, so that OpenAction is not written (#602)
• Allowed image stream whitelist to be customised (#1005, thanks @​jakejackson)
• Fixed parsing of top-left-bottom-right CSS rules with !important (#1009)
• Fixed skipping ordered list numbering with page-break-inside: avoid (#339)
• Compound classes selector support, like .one.two or div.message.special (#538, @​peterdevpl)
• Fixed CMYK colors in text-shadow (#1115, @​lexilya)
• Skip non supported wrappers when resolving paths (#1204, @​MarkVaughn)
• Fixed SVGs using a style tag, has styles ignored ( Requires ext-dom ) (#450, @​antman3351)
• Allows {nb}, {nbpg}, {PAGENO} and {DATE ...} substitution in body (#172 and #267, @​Dasc3er)
• Cache now creates a dedicated subdirectory /mpdf.
• It is possible to disable automatic cache cleanup with cacheCleanupInterval config variable
• PHP 8.0 is supported since 8.0.10 (#1263)
• Fix: First header of named page is added twice (@​antman3351, #1320)

... (truncated)

Commits

• e511e89 Release v8.1.1
• e397ed9 Fix processing SVG data uri images through server (Closes #1644)
• 40b37ce Bump version constant
• 84a5568 Release v8.1.0
• a76e4fd Initialize variable in _dochecks method
• cc1759f Setting Lang entry for better accessibility (Closes #1418)
• b526a32 Update changelog for 8.1.x
• ba3a9bd Better exception message about fonts with MarkGlyphSets (Closes #1408)
• 10c4705 Update Garuda font with fixed "k" character (Closes #1440)
• a1c3f4a Initialize OTL level correctly (Closes #1285)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #29.