[Snyk] Upgrade pdfjs-dist from 2.9.359 to 2.16.105

[ZeroXClem]

Snyk has created this PR to upgrade pdfjs-dist from 2.9.359 to 2.16.105.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.

• The recommended version was released on 2 years ago.

Release notes

Package name: pdfjs-dist

• 2.16.105 - 2022-08-28
  

  This release features bugfixes and accessibility improvements for the new experimental editor mode in the viewer as introduced in the previous release.

  Changes since v2.15.349:

  #15252 Bump versions in pdfjs.config
  #15251 Ignore too small page-canvases in PDFThumbnailView.setImage
  #15253 [api-minor] Update the minimum supported Safari version
  #15263 Always set a border-radius for RadioButton annotations (issue 15262)
  #15264 [Editor] Add some telemetry to know how often the editing features are used (bug 1782254)
  #15268 Fix a typo in firefox print service (bug 1777693)
  #15271 Skip unknown fields when calculating a value in using AFSimple_Calculate
  #15267 [Annotation] Add a div containing the text of a FreeText annotation (bug 1780375)
  #15274 [Editor] A pasted FreeText editor was missing when printing/saving
  #15275 [Editor] Remove some a11y properties only useful when a FreeText editor is edited
  #15282 Enable the ESLint prefer-spread rule
  #15261 Don't include images/toolbarButton-editorInk.svg in the gulp components build (issue 15260)
  #15281 Remove mozCurrentTransform/mozCurrentTransformInverse usage
  #15283 [api-minor] Sort PopupAnnotations already on the worker-thread (PR 11535 follow-up)
  #15284 Update packages and translations
  #15287 [Editor] Remove use of innerHtml
  #15290 Fix OTS issue with empty index (#15289)
  #15295 [Editing] Disable buttons until the first page is rendered
  #15296 Move the reset-calls to occur last in the toolbar-constructors
  #15297 [Editor] Avoid creation of an editor on "wrong" clicks
  #15298 [Editor] Ensure an ink editor has the minimal required size after having been pasted
  #15279 Remove the extensions/firefox/README.mozilla file (bug 1778567 follow-up)
  #15299 Add official support for passing ArrayBuffer-data to getDocument (issue 15269)
  #15237 [Annotations] Add some aria-owns in the text layer to link to annotations (bug 1780375)
  #15307 [Annotation] Add an aria role comment for FreeText annotations
  #15309 Remove the remaining closure in the src/core/function.js file
  #15306 Only compile Type3 glyphs when Path2D is supported
  #15300 [GENERIC viewer] Export some viewer constants in the default viewer (issue 15294)
  #15311 Don't add aria-owns attributes for non-existent elements (PR 15237 follow-up)
  #15310 Remove the remaining closures in the src/core/cff_parser.js file
  #15313 Move binarySearchFirstItem back to the web/-folder (PR 15237 follow-up)
  #15319 Refresh the viewer if the window resolution changes (bug 1784850)
  #15318 A couple of small PDFWorker changes
  #15315 Remove the remaining closures in the src/core/type1_parser.js file
  #15325 Ignoring "resize" events during printing (issue 15324)
  #15327 Correctly mimic the proper event-format in AnnotationElement._setDefaultPropertiesFromJS (bug 1785218)
  #15329 [api-minor][Annotations] charLimit === 0 means unlimited (bug 1782564)
  #15338 Update packages and translations
  #15332 [api-minor] Add the Babel targets-option to avoid transpiling code for unsupported browsers
  #15335 Ensure that we don't try to re-open, or update the password-callback, when the password dialog is already open
  #15348 [editor] Change the focus-outline to blue (bug 1787296)
  #15347 Update types in PDFPageViewOptions to properly declare optional parameters
  #15355 Always focus the viewerContainer when entering PresentationMode (bug 1787456)
  #15344 Enable the unicorn/prefer-array-find ESLint plugin rule
  #15343 Use AbortController unconditionally with the Fetch API
  #15341 Improve handling of the "Cancel"-button in the password dialog
  #15346 [api-minor] Deprecate the imageLayer functionality
  #15351 [api-minor][editor] Indicate, in the title, if the document has been edited (bug 1785854)
  #15349 [editor] Remove the editorNone toolbar button (bug 1787295)
  #15356 Update the Node.js atob/btoa compatibility info

• 2.15.349 - 2022-07-31
  

  This release features rendering quality improvements and a new experimental editor mode in the viewer, providing users with basic PDF editing functionality such as inserting annotations.

  Changes since v2.14.305:

  #14919 Bump versions in pdfjs.config
  #14920 Update packages and translations
  #14921 Adjust the heuristics for handling of incomplete path operators (issue 14917)
  #14898 [api-minor] Use a CSS transform to update the progress bar instead of changing the width (bug 1768481)
  #14945 Allow to have float numbers when getting image information in reftest-analyzer
  #14947 Twitter should be capitalized.
  #14929 Display background when printing or saving a text widget (issue #14928)
  #14926 Remove the sourceEventType from the viewer (bug 1757771 follow-up)
  #14948 Set 'dropEffect' based on 'effectAllowed' for drag-and-drop in the viewer (issue 14942)
  #14950 [JS] Format all the fields if any when the document is open (bug 1766987)
  #14955 Skip bogus d1 operators in Type3-glyphs (issue 14953)
  #14957 Introduce a viewer constant for document.documentElement.style
  #14959 Support custom pageColors in the thumbnails (PR 14874)
  #14965 Support Hangul syllables when searching some text (bug 1771477)
  #14936 Set the text fields font size based on their height
  #14966 Use globalThis for webpack's output.globalObject instead of this
  #14963 Handle CSS-comments correctly in the preprocess-function (PR 14886 follow-up)
  #14964 Ensure that the contentDispositionFilename is always respected, when setting the document title (PR 13014 follow-up)
  #14962 Improve the PDFSidebar implementation
  #14967 Update packages and translations
  #14968 A small memory-usage improvement for PDF documents opened from TypedArray-data
  #14980 Handle CSS-comments better in the preprocess-function (PR 14963 follow-up)
  #14976 [editor] Add a FreeText editor (#14970)
  #14988 Remove mention of gulp singlefile-command from examples/node/getinfo.js
  #14985 [editor] A couple of small FreeText-related fixes (PR 14976 follow-up)
  #14984 Bundle the <dialog> polyfill-CSS in the GENERIC legacy/-viewer (PR 14710 follow-up)
  #14991 [editor] Disable the editor-buttons in XFA documents
  #14992 Lookup image-data correctly in paintImageMaskXObjectGroup (issue 14990)
  #14993 [editor] Update the AnnotationStorage.hash-getter to support editing
  #14994 Conditionally bundle gulp image_decoders-specific code in src/core/jbig2.js (PR 9729 follow-up)
  #14998 Reset all the canvas states after rendering each annotations (#14105)
  #15000 Outline fields which are required (bug 1724918)
  #15001 Set "presentation" role for page canvases (issue 14437)
  #15003 Change the name of the generated pdf.sandbox.external for mozilla-central
  #14978 [editor] Add support for saving a newly added FreeText
  #15008 Polyfill Array.prototype.at with core-js (PR 14976 follow-up)
  #15011 Fix a couple of old review comments
  #15013 Render PopupAnnotations even if they have missing or empty /Rect-entries (issue 15012, PR 14439 follow-up)
  #14989 [editor] Add an Ink editor
  #15006 [editor] Add support for saving newly added Ink
  #15019 Revert "Change the name of the generated pdf.sandbox.external for mozilla-central"
  #15015 Extend TextLayerRenderParameters.container type to include HTMLElement.
  #15020 Add an empty entry in combo list when nothing is selected (bug 1773680)
  #15014 Enable the unicorn/prefer-at ESLint plugin rule (PR 15008 follow-up)
  #15018 Expose TextLayerRenderTask in the TypeScript definitions (issue 15016, PR 14013 follow-up)
  #15022 Tweak the editorNone icon to circumvent the "duplicated files"-check
  #15026 [api-minor] Stop using the beginAnnotations/endAnnotations operators (PR 14998 follow-up)
  #15027 Remove superfluous trailing arguments from parseFloat-calls (PR 14978 follow-up)
  #15029 Enable the unicorn/prefer-dom-node-append ESLint plugin rule
  #15023 Enable the unicorn/prefer-array-flat and unicorn/prefer-array-flat-map ESLint plugin rules
  #15028 [api-minor] Update the minimum supported browsers/environments
  #15030 Update packages and translations
  #15031 Enable the unicorn/prefer-modern-dom-apis ESLint plugin rule
  #15034 Extend getGlyphMapForStandardFonts with some Hebrew entries (issue 15033)
  #15046 Add basic support for non-embedded ArialUnicodeMS fonts (issue 15044)
  #15050 [Editor] - Add the ability to directly draw after selecting ink tool
  #15051 Fix "Good Beginner Bugs" link
  #15054 [JS] Hide field borders and buttons (#15053)
  #15035 Use modern DOM methods a bit more (PR 15031 follow-up)
  #15048 Only define the renderer-option in the GENERIC viewer
  #15052 Simplify setting the defaultUrl-option in the CHROME viewer (PR 12470 follow-up)
  #15057 Replace element ids with custom attributes for Widget-annotations (issue 15056)
  #15036 [api-minor] Get rid of CSS transform on each annotation in the annotation layer
  #15058 [api-minor] Remove the "baseviewerinit" event since it's unused (PR 14324 follow-up)
  #15059 Reduce unnecessary usage of Array.prototype.concat()
  #15065 Popup trigger area must filled its parent (fix #15063)
  #15064 Avoid having overflowing sections (#15036 follow-up)
  #15062 Simplify the newRefs computation in the "SaveDocument"-handler in the worker-thread
  #15071 Add an outline around popup trigger areas in ref-tests
  #15074 Only activate ink editor if none is selected
  #15069 Ensure that the annotationLayer has the correct dimensions (PR 15036 follow-up)
  #15075 [editor] Support disabling of editing when pdfjs.enablePermissions is set (issue 15049)
  #15060 Rotate annotations based on the MK::R value (bug 1675139)
  #15047 [Editor] Add support for printing newly added Ink annotations
  #15076 Enable the prefer-array-index-of ESLint plugin rule
  #15081 Fix (obvious) typo in typedef-import of IPDFXfaLayerFactory (PR 14373 follow-up)
  #15082 [Editor] Add support for printing newly added FreeText annotations
  #15089 Correctly order added annotations when saving or printing
  #15043 [api-minor] Introduce a PrintAnnotationStorage with frozen serializable data
  #15093 [JS] Update siblings when a field is updated after a calculation (#15092)
  #15097 Fix unit test (#15093 follow-up)
  #15095 Add (basic) support for Optional Content in Annotations
  #15101 Use the built components/pdf_viewer.css file in the reference tests
  #15099 Remove element ids from the layersView in the sidebar
  #15100 chore: Included githubactions in the dependabot config
  #15103 chore: Set permissions for GitHub actions
  #15088 Support rotating editor layer
  #15104 Update translations and dependencies to the most recent versions
  #15105 Always flush the current item with MarkedContent stuff when getting text (#15094)
  #15039 [editor] Add some UI elements in order to set font size & color, and ink thickness & color
  #15113 [editor] Introduce a proper annotationEditorMode option/preference (PR 15075 follow-up)
  #15111 Add a visible page border in HCM (bug 1776914)
  

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.