Update dependency dompdf/dompdf to v3

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
dompdf/dompdf	^2.0 -> ^3.0

---

Release Notes

dompdf/dompdf (dompdf/dompdf)

v3.0.1: Dompdf 3.0.1

Compare Source

What's Changed

• Improves PHP 8.4 compatibility in https://github.com/dompdf/dompdf/pull/3556, https://github.com/dompdf/dompdf/pull/3558
• Fixes stylesheet parsing issues https://github.com/dompdf/dompdf/pull/3491
  • Modifies internal handling of data-URIs to prevent parsing failures
  • Improves CSS declaration boundary (semi-colon) detection
• Improves CPDF validation of selected font in https://github.com/dompdf/dompdf/pull/3415

3.0.x Highlights

• Adds support for CSS variables (custom properties)
• Adds support for CSS math functions (calc, max, round, etc.)
• Updates the font matching logic to select the appropriate character-supporting font from the styled font families

Full Changelog: dompdf/dompdf@v3.0.0...v3.0.1

---

Requirements

Dompdf 3.0.x requires the following:

• PHP 7.1 or greater
  • MBString
  • GD (for image processing)
• masterminds/html5
• dompdf/php-font-lib
• dompdf/php-svg-lib

For full requirements and recommendations see the requirements page on the wiki.

We would like to extend our gratitude to the community members who helped make this release possible.

Download Instructions

The dompdf team recommends that you use Composer for easier dependency management.

If you're not yet using Composer you can download a packaged release of dompdf which includes all the files you need to use the library. Click the link labeled "dompdf_3-0-1.zip" for the packaged release. The download options labeled "Source code" are auto-generated by github and do not include all the dependencies.

v3.0.0: Dompdf 3.0.0

Compare Source

Release Highlights

• Adds support for CSS variables (custom properties)
• Adds support for CSS math functions (calc, max, round, etc.)
• Updates the font matching logic to select the appropriate character-supporting font from the styled font families

Additional Changes

• Improves stylesheet handling, including
  • enhanced regular expressions used during stylesheet parsing
  • enhanced media query handling that
    • supports media queries with more than one condition
    • expands logical operators support (not, or)
    • expands media query logic for at-import rules
  • improved value parsing related to case sensitivity
  • improved CSS function parsing and handling
• Improves table border rendering
• Improves automatic counter reset
• Improves compatibility with PDFLib version 10
• Improves security through
  • new "allowedRemoteHosts" option to restrict which remote hosts can be requested
  • new "artifactPathValidation" option to provide a mechanism for validating artifact paths (log file, temp directories, etc.)
  • SVG file reference recursion
• Adds support for rendering unknown input element types
• Fixes IMagick extension temporary directory usage
• Fixes transparency after transform when using the Cpdf backend

The full list of new features and addressed issues can be found in the release milestone. View all changes since the previous release in the commit history.

We would like to extend our gratitude to the community members who helped make this release possible.

---

Requirements

Dompdf 3.0.x requires the following:

• PHP 7.1 or greater
  • MBString
  • GD (for image processing)
• masterminds/html5
• dompdf/php-font-lib
• dompdf/php-svg-lib

For full requirements and recommendations see the requirements page on the wiki.

Download Instructions

The dompdf team recommends that you use Composer for easier dependency management.

If you're not yet using Composer you can download a packaged release of dompdf which includes all the files you need to use the library. Click the link labeled "dompdf_3-0-0.zip" for the packaged release. The download options labeled "Source code" are auto-generated by github and do not include all the dependencies.

v2.0.8: Dompdf 2.0.8

Compare Source

Change highlights since 2.0.7

This release:

• Addresses potential deprecation notice in artifact path validation

2.0.x highlights

• Modifies callback and page_script/page_text handling
• Switches the HTML5 parser to Masterminds/HTML5
• Improves CSS property parsing and representation
• Switches installed fonts and font metrics cache file format to JSON

View all changes since the previous release in the commit history.

We would like to extend our gratitude to the community members who helped make this release possible.

Requirements

Dompdf 2.0.8 requires the following:

• PHP 7.1 or greater
• html5-php v2.0.0 or greater
• php-font-lib v0.5.4 or greater
• php-svg-lib v0.3.3 or greater

Note that some dependencies may have further dependencies (notably php-svg-lib requires sabberworm/php-css-parser).

Additionally, the following are recommended for optimal use:

• GD (for image processing)
• allow_url_fopen set to true or the curl PHP extension (for retrieving stylesheets, images, etc via http)

For full requirements and recommendations see the requirements page on the wiki.

Download Instructions

The dompdf team recommends that you use Composer for easier dependency management.

If you're not yet using Composer you can download a packaged release of dompdf which includes all the files you need to use the library. Click the link labeled "dompdf_2-0-8.zip" for the packaged release. The download options labeled "Source code" are auto-generated by github and do not include all the dependencies.

v2.0.7: Dompdf 2.0.7

Compare Source

Change highlights since 2.0.5

This release:

• Addresses a PHP compatibility issue in the GD back end
• Adds Options class support for validating artifact paths. The default validation does not accept paths that utilize the PHAR protocol.
• Bumps the minimum version of SvgLib to 0.5.2.

2.0.x highlights

• Modifies callback and page_script/page_text handling
• Switches the HTML5 parser to Masterminds/HTML5
• Improves CSS property parsing and representation
• Switches installed fonts and font metrics cache file format to JSON

View all changes since the previous release in the commit history.

We would like to extend our gratitude to the community members who helped make this release possible.

Requirements

Dompdf 2.0.7 requires the following:

• PHP 7.1 or greater
• html5-php v2.0.0 or greater
• php-font-lib v0.5.4 or greater
• php-svg-lib v0.3.3 or greater

Note that some dependencies may have further dependencies (notably php-svg-lib requires sabberworm/php-css-parser).

Additionally, the following are recommended for optimal use:

• GD (for image processing)
• allow_url_fopen set to true or the curl PHP extension (for retrieving stylesheets, images, etc via http)

For full requirements and recommendations see the requirements page on the wiki.

Download Instructions

The dompdf team recommends that you use Composer for easier dependency management.

If you're not yet using Composer you can download a packaged release of dompdf which includes all the files you need to use the library. Click the link labeled "dompdf_2-0-7.zip" for the packaged release. The download options labeled "Source code" are auto-generated by github and do not include all the dependencies.

v2.0.5

Compare Source

v2.0.4: Dompdf 2.0.4

Compare Source

Change highlights since 2.0.3

This release addresses the following announced vulnerability:

Vulnerability	References	Type	Severity
Possible DoS caused by infinite recursion when validating SVG images	GHSA-3qx2-6f78-w2j2	Resource Exhaustion	Moderate

2.0.x highlights

• Modifies callback and page_script/page_text handling
• Switches the HTML5 parser to Masterminds/HTML5
• Improves CSS property parsing and representation
• Switches installed fonts and font metrics cache file format to JSON

View all changes since the previous release in the commit history.

We would like to extend our gratitude to the community members who helped make this release possible.

Requirements

Dompdf 2.0.4 requires the following:

• PHP 7.1 or greater
• html5-php v2.0.0 or greater
• php-font-lib v0.5.4 or greater
• php-svg-lib v0.3.3 or greater

Note that some dependencies may have further dependencies (notably php-svg-lib requires sabberworm/php-css-parser).

Additionally, the following are recommended for optimal use:

• GD (for image processing)
• allow_url_fopen set to true or the curl PHP extension (for retrieving stylesheets, images, etc via http)

For full requirements and recommendations see the requirements page on the wiki.

Download Instructions

The dompdf team recommends that you use Composer for easier dependency management.

If you're not yet using Composer you can download a packaged release of dompdf which includes all the files you need to use the library. Click the link labeled "dompdf_2-0-4.zip" for the packaged release. The download options labeled "Source code" are auto-generated by github and do not include all the dependencies.

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: composer.lock

Command failed: composer update dompdf/dompdf:3.0.1 --with-dependencies --ignore-platform-req='ext-*' --ignore-platform-req='lib-*' --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - laravel/framework is locked to version v9.52.16 and an update of this package was not requested.
    - laravel/framework v9.52.16 requires league/commonmark ^2.2.1 -> satisfiable by league/commonmark[2.4.1].
    - league/commonmark 2.4.1 requires league/config ^1.1.1 -> satisfiable by league/config[v1.2.0].
    - league/config v1.2.0 requires nette/schema ^1.2 -> satisfiable by nette/schema[v1.2.5].
    - nette/schema v1.2.5 requires php 7.1 - 8.3 -> your php version (8.4.1) does not satisfy that requirement.