Bump the all-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the all-dependencies group with 6 updates in the / directory:

Package	From	To
com.google.cloud:google-cloud-bom	0.223.0	0.224.0
org.jsoup:jsoup	1.17.2	1.18.1
at.datenwort.openhtmltopdf:openhtmltopdf-core	pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830	1.1.4
at.datenwort.openhtmltopdf:openhtmltopdf-pdfbox	pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830	1.1.4
at.datenwort.openhtmltopdf:openhtmltopdf-svg-support	pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830	1.1.4
org.apache.maven.plugins:maven-surefire-plugin	3.3.0	3.3.1

Updates com.google.cloud:google-cloud-bom from 0.223.0 to 0.224.0

Commits

• See full diff in compare view

Updates org.jsoup:jsoup from 1.17.2 to 1.18.1

Release notes

Sourced from org.jsoup:jsoup's releases.

jsoup-1.18.1

https://jsoup.org/news/release-1.18.1

Improvements

• Stream Parser: A StreamParser provides a progressive parse of its input. As each Element is completed, it is emitted via a Stream or Iterator interface. Elements returned will be complete with all their children, and an (empty) next sibling, if applicable. Elements (or their children) may be removed from the DOM during the parse, for e.g. to conserve memory, providing a mechanism to parse an input document that would otherwise be too large to fit into memory, yet still providing a DOM interface to the document and its elements. Additionally, the parser provides a selectFirst(String query) / selectNext(String query), which will run the parser until a hit is found, at which point the parse is suspended. It can be resumed via another select() call, or via the stream() or iterator() methods. 2096
• Download Progress: added a Response Progress event interface, which reports progress and URLs are downloaded (and parsed). Supported on both a session and a single connection level. 2164, 656
• Added Path accepting parse methods: Jsoup.parse(Path), Jsoup.parse(path, charsetName, baseUri, parser), etc. 2055
• Updated the button tag configuration to include a space between multiple button elements in the Element.text() method. 2105
• Added support for the ns|* all elements in namespace Selector. 1811
• When normalising attribute names during serialization, invalid characters are now replaced with _, vs being stripped. This should make the process clearer, and generally prevent an invalid attribute name being coerced unexpectedly. 2143

Changes

• Removed previously deprecated internal classes and methods. 2094
• Build change: the built jar's OSGi manifest no longer imports itself. 2158

Bug Fixes

• When tracking source positions, if the first node was a TextNode, its position was incorrectly set to -1. 2106
• When connecting (or redirecting) to URLs with characters such as {, } in the path, a Malformed URL exception would be thrown (if in development), or the URL might otherwise not be escaped correctly (if in production). The URL encoding process has been improved to handle these characters correctly. 2142
• When using W3CDom with a custom output Document, a Null Pointer Exception would be thrown. 2114
• The :has() selector did not match correctly when using sibling combinators (like e.g.: h1:has(+h2)). 2137
• The :empty selector incorrectly matched elements that started with a blank text node and were followed by non-empty nodes, due to an incorrect short-circuit. 2130
• Element.cssSelector() would fail with "Did not find balanced marker" when building a selector for elements that had a ( or [ in their class names. And selectors with those characters escaped would not match as expected. 2146
• Updated Entities.escape(string) to make the escaped text suitable for both text nodes and attributes (previously was only for text nodes). This does not impact the output of Element.html() which correctly applies a minimal escape depending on if the use will be for text data or in a quoted

... (truncated)

Changelog

Sourced from org.jsoup:jsoup's changelog.

1.18.1 (Pending)

Improvements

• Stream Parser: A StreamParser provides a progressive parse of its input. As each Element is completed, it is emitted via a Stream or Iterator interface. Elements returned will be complete with all their children, and an (empty) next sibling, if applicable. Elements (or their children) may be removed from the DOM during the parse, for e.g. to conserve memory, providing a mechanism to parse an input document that would otherwise be too large to fit into memory, yet still providing a DOM interface to the document and its elements. Additionally, the parser provides a selectFirst(String query) / selectNext(String query), which will run the parser until a hit is found, at which point the parse is suspended. It can be resumed via another select() call, or via the stream() or iterator() methods. 2096
• Download Progress: added a Response Progress event interface, which reports progress and URLs are downloaded (and parsed). Supported on both a session and a single connection level. 2164, 656
• Added Path accepting parse methods: Jsoup.parse(Path), Jsoup.parse(path, charsetName, baseUri, parser), etc. 2055
• Updated the button tag configuration to include a space between multiple button elements in the Element.text() method. 2105
• Added support for the ns|* all elements in namespace Selector. 1811
• When normalising attribute names during serialization, invalid characters are now replaced with _, vs being stripped. This should make the process clearer, and generally prevent an invalid attribute name being coerced unexpectedly. 2143

Changes

• Removed previously deprecated internal classes and methods. 2094
• Build change: the built jar's OSGi manifest no longer imports itself. 2158

Bug Fixes

• When tracking source positions, if the first node was a TextNode, its position was incorrectly set to -1. 2106
• When connecting (or redirecting) to URLs with characters such as {, } in the path, a Malformed URL exception would be thrown (if in development), or the URL might otherwise not be escaped correctly (if in production). The URL encoding process has been improved to handle these characters correctly. 2142
• When using W3CDom with a custom output Document, a Null Pointer Exception would be thrown. 2114
• The :has() selector did not match correctly when using sibling combinators (like e.g.: h1:has(+h2)). 2137
• The :empty selector incorrectly matched elements that started with a blank text node and were followed by non-empty nodes, due to an incorrect short-circuit. 2130
• Element.cssSelector() would fail with "Did not find balanced marker" when building a selector for elements that had a ( or [ in their class names. And selectors with those characters escaped would not match as expected. 2146
• Updated Entities.escape(string) to make the escaped text suitable for both text nodes and attributes (previously was only for text nodes). This does not impact the output of Element.html() which correctly applies a minimal escape depending on if the use will be for text data or in a quoted attribute. 1278

... (truncated)

Commits

• 19e8539 [maven-release-plugin] prepare release jsoup-1.18.1
• c8b6f2e Progress javadoc tweaks
• 6cbe7e4 Replace attribute invalid characters with _, vs stripping
• 68f6f9c Bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 (#2168)
• 6423e65 Relaxed the multi-thread w/o newRequest test
• 6c55f01 Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.23 to 1.24 (#2167)
• e1bfee9 Shh
• b4b3fd1 Added test of partial fetch in Stream Parser
• 9ba6dc7 Make Entities.escape(string) suitable for both text and attributes
• a0537c7 Handle escaped characters in consumeSubQuery
• Additional commits viewable in compare view

Updates at.datenwort.openhtmltopdf:openhtmltopdf-core from pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830 to 1.1.4

Changelog

Sourced from at.datenwort.openhtmltopdf:openhtmltopdf-core's changelog.

CHANGELOG

head - 1.0.11-SNAPSHOT

• See commit log.

1.0.10 (2021-September-13)

NOTE: After this release the old slow renderer will be deleted. Fast mode has been the default (since 1.0.5) so you only have to check your code if you are calling the useSlowMode method which will be removed.

• #551 SECURITY Fix near-infinite loop for very deeply nested content with page-break-inside: avoid constraint. Thanks for persisting @​swillis12 and debugging @​syjer.
• #729 SECURITY Upgrade xmlgraphics-commons (used in SVG rendering) to avoid CVE. Thanks @​electrofLy.
• #711 Footnote support (beta). See footnote documentation on wiki. Thanks for requesting @​a-leithner and @​slumki.
• #761 CSS property to disable bevels on borders to prevent ugly anti-aliasing effects, especially on table cells. See -fs-border-rendering property on wiki. Thanks for providing sample @​gandboy91.
• #103 Output exception class name and message by default for log messages with an associated exception.
• #711 (mixed) Better boxing for ::before and ::after content. Should now be able to define a border around pseudo content correctly.
• #738 Support for additional elements in PDF/UA including art, part, sect, section, caption and blockquote. Thanks @​AndreasJacobsen.
• #736 New example of using a dom mutator to implement unsupported content such as font tag attributes. Thanks for requesting @​mgabhishek06kodur.
• #707 Fix regression where PDF/UA documents that weren't also PDF/A compliant were missing Dublin Core metadata. Thanks @​mgm-rwagner, @​syjer.
• #732 Allow table element to be positioned. Thanks @​fcorneli.
• #727 Allow the use of an initial page number for page and pages counters. Thanks for PR @​fanthos.

1.0.9 (2021-June-18)

SECURITY RELEASE: This release will be brought forward due to security releases of the PDFBOX and Batik dependencies.

• #722 Upgrade PDFBOX (to 2.0.24) - avoids CVEs in earlier versions and PDFBoxGraphics2D. Thanks a lot @​rototor.
• #678 Upgrade Batik Version to 1.14 (CVE-2020-11987) - Again it is strongly advised to avoid untrusted SVG and XML. Thanks @​rototor.
• #716 Replace rogue println calls with log calls. Thanks @​syjer for PR, @​tfo for reporting.
• #708 Allow shape-rendering SVG CSS property. Thanks @​syjer for PR, @​RAlfoeldi for reporting.
• #703 Remove calls to deprecated method calls in JRE standard library. May change XML reader class. Implemented by @​danfickle.
• #702 Set timeouts for default HTTP/HTTPS handlers. Thanks for reporting @​gengzi.
• 162228 Put links to raster images in SVGs through the URL resolver.
• #694 Fix incorrect B3 paper size. Thanks @​lfintalan for reporting with line number!
• ab48fd Do not log a missing font more than once.

NOTE: PDFBOX CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.8 (2021-March-22)

SECURITY RELEASE

• #675 Update PDFBOX to 2.0.23 to avoid CVEs. Thanks for reporting @​Samuel3.

NOTE: These CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.7 (2021-March-19)

• #650 Support for multiple background images on the one element. Thanks for requesting @​baedorf.
• #669 Support fallback fonts. Thanks for requesting @​asu2 and assisting @​draco1023.
• #640 Implement file embeds via the download attribute on links. Thanks for original PR @​syjer and for requesting @​lindamarieb and @​vader.
• #666 API to get the bottom-most y position of rendered content to be able to position follow on content with other tools. Thanks for extensive reviewing of PR @​stechio and for request by @​DSW-AK.

... (truncated)

Commits

• See full diff in compare view

Updates at.datenwort.openhtmltopdf:openhtmltopdf-pdfbox from pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830 to 1.1.4

Changelog

Sourced from at.datenwort.openhtmltopdf:openhtmltopdf-pdfbox's changelog.

CHANGELOG

head - 1.0.11-SNAPSHOT

• See commit log.

1.0.10 (2021-September-13)

NOTE: After this release the old slow renderer will be deleted. Fast mode has been the default (since 1.0.5) so you only have to check your code if you are calling the useSlowMode method which will be removed.

• #551 SECURITY Fix near-infinite loop for very deeply nested content with page-break-inside: avoid constraint. Thanks for persisting @​swillis12 and debugging @​syjer.
• #729 SECURITY Upgrade xmlgraphics-commons (used in SVG rendering) to avoid CVE. Thanks @​electrofLy.
• #711 Footnote support (beta). See footnote documentation on wiki. Thanks for requesting @​a-leithner and @​slumki.
• #761 CSS property to disable bevels on borders to prevent ugly anti-aliasing effects, especially on table cells. See -fs-border-rendering property on wiki. Thanks for providing sample @​gandboy91.
• #103 Output exception class name and message by default for log messages with an associated exception.
• #711 (mixed) Better boxing for ::before and ::after content. Should now be able to define a border around pseudo content correctly.
• #738 Support for additional elements in PDF/UA including art, part, sect, section, caption and blockquote. Thanks @​AndreasJacobsen.
• #736 New example of using a dom mutator to implement unsupported content such as font tag attributes. Thanks for requesting @​mgabhishek06kodur.
• #707 Fix regression where PDF/UA documents that weren't also PDF/A compliant were missing Dublin Core metadata. Thanks @​mgm-rwagner, @​syjer.
• #732 Allow table element to be positioned. Thanks @​fcorneli.
• #727 Allow the use of an initial page number for page and pages counters. Thanks for PR @​fanthos.

1.0.9 (2021-June-18)

SECURITY RELEASE: This release will be brought forward due to security releases of the PDFBOX and Batik dependencies.

• #722 Upgrade PDFBOX (to 2.0.24) - avoids CVEs in earlier versions and PDFBoxGraphics2D. Thanks a lot @​rototor.
• #678 Upgrade Batik Version to 1.14 (CVE-2020-11987) - Again it is strongly advised to avoid untrusted SVG and XML. Thanks @​rototor.
• #716 Replace rogue println calls with log calls. Thanks @​syjer for PR, @​tfo for reporting.
• #708 Allow shape-rendering SVG CSS property. Thanks @​syjer for PR, @​RAlfoeldi for reporting.
• #703 Remove calls to deprecated method calls in JRE standard library. May change XML reader class. Implemented by @​danfickle.
• #702 Set timeouts for default HTTP/HTTPS handlers. Thanks for reporting @​gengzi.
• 162228 Put links to raster images in SVGs through the URL resolver.
• #694 Fix incorrect B3 paper size. Thanks @​lfintalan for reporting with line number!
• ab48fd Do not log a missing font more than once.

NOTE: PDFBOX CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.8 (2021-March-22)

SECURITY RELEASE

• #675 Update PDFBOX to 2.0.23 to avoid CVEs. Thanks for reporting @​Samuel3.

NOTE: These CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.7 (2021-March-19)

• #650 Support for multiple background images on the one element. Thanks for requesting @​baedorf.
• #669 Support fallback fonts. Thanks for requesting @​asu2 and assisting @​draco1023.
• #640 Implement file embeds via the download attribute on links. Thanks for original PR @​syjer and for requesting @​lindamarieb and @​vader.
• #666 API to get the bottom-most y position of rendered content to be able to position follow on content with other tools. Thanks for extensive reviewing of PR @​stechio and for request by @​DSW-AK.

... (truncated)

Commits

• See full diff in compare view

Updates at.datenwort.openhtmltopdf:openhtmltopdf-svg-support from pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830 to 1.1.4

Changelog

Sourced from at.datenwort.openhtmltopdf:openhtmltopdf-svg-support's changelog.

CHANGELOG

head - 1.0.11-SNAPSHOT

• See commit log.

1.0.10 (2021-September-13)

NOTE: After this release the old slow renderer will be deleted. Fast mode has been the default (since 1.0.5) so you only have to check your code if you are calling the useSlowMode method which will be removed.

• #551 SECURITY Fix near-infinite loop for very deeply nested content with page-break-inside: avoid constraint. Thanks for persisting @​swillis12 and debugging @​syjer.
• #729 SECURITY Upgrade xmlgraphics-commons (used in SVG rendering) to avoid CVE. Thanks @​electrofLy.
• #711 Footnote support (beta). See footnote documentation on wiki. Thanks for requesting @​a-leithner and @​slumki.
• #761 CSS property to disable bevels on borders to prevent ugly anti-aliasing effects, especially on table cells. See -fs-border-rendering property on wiki. Thanks for providing sample @​gandboy91.
• #103 Output exception class name and message by default for log messages with an associated exception.
• #711 (mixed) Better boxing for ::before and ::after content. Should now be able to define a border around pseudo content correctly.
• #738 Support for additional elements in PDF/UA including art, part, sect, section, caption and blockquote. Thanks @​AndreasJacobsen.
• #736 New example of using a dom mutator to implement unsupported content such as font tag attributes. Thanks for requesting @​mgabhishek06kodur.
• #707 Fix regression where PDF/UA documents that weren't also PDF/A compliant were missing Dublin Core metadata. Thanks @​mgm-rwagner, @​syjer.
• #732 Allow table element to be positioned. Thanks @​fcorneli.
• #727 Allow the use of an initial page number for page and pages counters. Thanks for PR @​fanthos.

1.0.9 (2021-June-18)

SECURITY RELEASE: This release will be brought forward due to security releases of the PDFBOX and Batik dependencies.

• #722 Upgrade PDFBOX (to 2.0.24) - avoids CVEs in earlier versions and PDFBoxGraphics2D. Thanks a lot @​rototor.
• #678 Upgrade Batik Version to 1.14 (CVE-2020-11987) - Again it is strongly advised to avoid untrusted SVG and XML. Thanks @​rototor.
• #716 Replace rogue println calls with log calls. Thanks @​syjer for PR, @​tfo for reporting.
• #708 Allow shape-rendering SVG CSS property. Thanks @​syjer for PR, @​RAlfoeldi for reporting.
• #703 Remove calls to deprecated method calls in JRE standard library. May change XML reader class. Implemented by @​danfickle.
• #702 Set timeouts for default HTTP/HTTPS handlers. Thanks for reporting @​gengzi.
• 162228 Put links to raster images in SVGs through the URL resolver.
• #694 Fix incorrect B3 paper size. Thanks @​lfintalan for reporting with line number!
• ab48fd Do not log a missing font more than once.

NOTE: PDFBOX CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.8 (2021-March-22)

SECURITY RELEASE

• #675 Update PDFBOX to 2.0.23 to avoid CVEs. Thanks for reporting @​Samuel3.

NOTE: These CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.7 (2021-March-19)

• #650 Support for multiple background images on the one element. Thanks for requesting @​baedorf.
• #669 Support fallback fonts. Thanks for requesting @​asu2 and assisting @​draco1023.
• #640 Implement file embeds via the download attribute on links. Thanks for original PR @​syjer and for requesting @​lindamarieb and @​vader.
• #666 API to get the bottom-most y position of rendered content to be able to position follow on content with other tools. Thanks for extensive reviewing of PR @​stechio and for request by @​DSW-AK.

... (truncated)

Commits

• See full diff in compare view

Updates at.datenwort.openhtmltopdf:openhtmltopdf-pdfbox from pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830 to 1.1.4

Changelog

Sourced from at.datenwort.openhtmltopdf:openhtmltopdf-pdfbox's changelog.

CHANGELOG

head - 1.0.11-SNAPSHOT

• See commit log.

1.0.10 (2021-September-13)

NOTE: After this release the old slow renderer will be deleted. Fast mode has been the default (since 1.0.5) so you only have to check your code if you are calling the useSlowMode method which will be removed.

• #551 SECURITY Fix near-infinite loop for very deeply nested content with page-break-inside: avoid constraint. Thanks for persisting @​swillis12 and debugging @​syjer.
• #729 SECURITY Upgrade xmlgraphics-commons (used in SVG rendering) to avoid CVE. Thanks @​electrofLy.
• #711 Footnote support (beta). See footnote documentation on wiki. Thanks for requesting @​a-leithner and @​slumki.
• #761 CSS property to disable bevels on borders to prevent ugly anti-aliasing effects, especially on table cells. See -fs-border-rendering property on wiki. Thanks for providing sample @​gandboy91.
• #103 Output exception class name and message by default for log messages with an associated exception.
• #711 (mixed) Better boxing for ::before and ::after content. Should now be able to define a border around pseudo content correctly.
• #738 Support for additional elements in PDF/UA including art, part, sect, section, caption and blockquote. Thanks @​AndreasJacobsen.
• #736 New example of using a dom mutator to implement unsupported content such as font tag attributes. Thanks for requesting @​mgabhishek06kodur.
• #707 Fix regression where PDF/UA documents that weren't also PDF/A compliant were missing Dublin Core metadata. Thanks @​mgm-rwagner, @​syjer.
• #732 Allow table element to be positioned. Thanks @​fcorneli.
• #727 Allow the use of an initial page number for page and pages counters. Thanks for PR @​fanthos.

1.0.9 (2021-June-18)

SECURITY RELEASE: This release will be brought forward due to security releases of the PDFBOX and Batik dependencies.

• #722 Upgrade PDFBOX (to 2.0.24) - avoids CVEs in earlier versions and PDFBoxGraphics2D. Thanks a lot @​rototor.
• #678 Upgrade Batik Version to 1.14 (CVE-2020-11987) - Again it is strongly advised to avoid untrusted SVG and XML. Thanks @​rototor.
• #716 Replace rogue println calls with log calls. Thanks @​syjer for PR, @​tfo for reporting.
• #708 Allow shape-rendering SVG CSS property. Thanks @​syjer for PR, @​RAlfoeldi for reporting.
• #703 Remove calls to deprecated method calls in JRE standard library. May change XML reader class. Implemented by @​danfickle.
• #702 Set timeouts for default HTTP/HTTPS handlers. Thanks for reporting @​gengzi.
• 162228 Put links to raster images in SVGs through the URL resolver.
• #694 Fix incorrect B3 paper size. Thanks @​lfintalan for reporting with line number!
• ab48fd Do not log a missing font more than once.

NOTE: PDFBOX CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.8 (2021-March-22)

SECURITY RELEASE

• #675 Update PDFBOX to 2.0.23 to avoid CVEs. Thanks for reporting @​Samuel3.

NOTE: These CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.7 (2021-March-19)

• #650 Support for multiple background images on the one element. Thanks for requesting @​baedorf.
• #669 Support fallback fonts. Thanks for requesting @​asu2 and assisting @​draco1023.
• #640 Implement file embeds via the download attribute on links. Thanks for original PR @​syjer and for requesting @​lindamarieb and @​vader.
• #666 API to get the bottom-most y position of rendered content to be able to position follow on content with other tools. Thanks for extensive reviewing of PR @​stechio and for request by @​DSW-AK.

... (truncated)

Commits

• See full diff in compare view

Updates at.datenwort.openhtmltopdf:openhtmltopdf-svg-support from pdfbox2-65c2c5010f84b2daa5821971c9c68cd330463830 to 1.1.4

Changelog

Sourced from at.datenwort.openhtmltopdf:openhtmltopdf-svg-support's changelog.

CHANGELOG

head - 1.0.11-SNAPSHOT

• See commit log.

1.0.10 (2021-September-13)

NOTE: After this release the old slow renderer will be deleted. Fast mode has been the default (since 1.0.5) so you only have to check your code if you are calling the useSlowMode method which will be removed.

• #551 SECURITY Fix near-infinite loop for very deeply nested content with page-break-inside: avoid constraint. Thanks for persisting @​swillis12 and debugging @​syjer.
• #729 SECURITY Upgrade xmlgraphics-commons (used in SVG rendering) to avoid CVE. Thanks @​electrofLy.
• #711 Footnote support (beta). See footnote documentation on wiki. Thanks for requesting @​a-leithner and @​slumki.
• #761 CSS property to disable bevels on borders to prevent ugly anti-aliasing effects, especially on table cells. See -fs-border-rendering property on wiki. Thanks for providing sample @​gandboy91.
• #103 Output exception class name and message by default for log messages with an associated exception.
• #711 (mixed) Better boxing for ::before and ::after content. Should now be able to define a border around pseudo content correctly.
• #738 Support for additional elements in PDF/UA including art, part, sect, section, caption and blockquote. Thanks @​AndreasJacobsen.
• #736 New example of using a dom mutator to implement unsupported content such as font tag attributes. Thanks for requesting @​mgabhishek06kodur.
• #707 Fix regression where PDF/UA documents that weren't also PDF/A compliant were missing Dublin Core metadata. Thanks @​mgm-rwagner, @​syjer.
• #732 Allow table element to be positioned. Thanks @​fcorneli.
• #727 Allow the use of an initial page number for page and pages counters. Thanks for PR @​fanthos.

1.0.9 (2021-June-18)

SECURITY RELEASE: This release will be brought forward due to security releases of the PDFBOX and Batik dependencies.

• #722 Upgrade PDFBOX (to 2.0.24) - avoids CVEs in earlier versions and PDFBoxGraphics2D. Thanks a lot @​rototor.
• #678 Upgrade Batik Version to 1.14 (CVE-2020-11987) - Again it is strongly advised to avoid untrusted SVG and XML. Thanks @​rototor.
• #716 Replace rogue println calls with log calls. Thanks @​syjer for PR, @​tfo for reporting.
• #708 Allow shape-rendering SVG CSS property. Thanks @​syjer for PR, @​RAlfoeldi for reporting.
• #703 Remove calls to deprecated method calls in JRE standard library. May change XML reader class. Implemented by @​danfickle.
• #702 Set timeouts for default HTTP/HTTPS handlers. Thanks for reporting @​gengzi.
• 162228 Put links to raster images in SVGs through the URL resolver.
• #694 Fix incorrect B3 paper size. Thanks @​lfintalan for reporting with line number!
• ab48fd Do not log a missing font more than once.

NOTE: PDFBOX CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.8 (2021-March-22)

SECURITY RELEASE

• #675 Update PDFBOX to 2.0.23 to avoid CVEs. Thanks for reporting @​Samuel3.

NOTE: These CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.

1.0.7 (2021-March-19)

• #650 Support for multiple background images on the one element. Thanks for requesting @​baedorf.
• #669 Support fallback fonts. Thanks for requesting @​asu2 and assisting @​draco1023.
• #640 Implement file embeds via the download attribute on links. Thanks for original PR @​syjer and for requesting @​lindamarieb and @​vader.
• #666 API to get the bottom-most y position of rendered content to be able to position follow on content with other tools. Thanks for extensive reviewing of PR @​stechio and for request by @​DSW-AK.

... (truncated)

Commits

• See full diff in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1

Commits

• 7e45620 [maven-release-plugin] prepare release surefire-3.3.1
• 561b4ca [SUREFIRE-2250] Surefire Test Report Schema properties element is not consist...
• 6aaea8a [SUREFIRE-1360] Ability to disable properties for successfully passed tests
• c17b92b Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.23 to 1.24
• 748d9dc Fix typos
• f8092e9 Improve time units
• c670335 [SUREFIRE-1934] Ability to disable system-out/system-err for successfully pas...
• bce1b39 Improve docs of linkXRef
• 3c49ebd Bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0
• 6ff0f83 [SUREFIRE-2242] Plain test report does not include names of the skipped tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.