chore(deps)(deps-dev): bump pdfjs-dist from 5.7.284 to 6.1.200#102
chore(deps)(deps-dev): bump pdfjs-dist from 5.7.284 to 6.1.200#102dependabot[bot] wants to merge 1 commit into
Conversation
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9937917f2f
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| axios@>=1.0.0 <1.16.0: '>=1.16.0' | ||
| uuid: '>=14.0.0' | ||
| pdfjs-dist: 5.7.284 | ||
| pdfjs-dist: 6.1.200 |
There was a problem hiding this comment.
Sync the pdfjs override in the manifest
In this commit the lockfile override is updated to 6.1.200, but the committed root package.json still has pnpm.overrides.pdfjs-dist pinned to 5.7.284 at line 94. Since .github/workflows/ci.yml and security.yml run pnpm install --frozen-lockfile, and the pnpm docs say frozen installs fail when the lockfile is out of sync with the manifest, clean CI installs will fail until the root override is bumped or this lockfile entry is reverted.
Useful? React with 👍 / 👎.
| '@qrcommunication/gigapdf-lib': | ||
| specifier: latest | ||
| version: 0.106.0 | ||
| version: 0.108.0 |
There was a problem hiding this comment.
Avoid bundling an unrelated engine upgrade
This pdfjs dev-dependency bump also changes the production @qrcommunication/gigapdf-lib resolution from 0.106.0 to 0.108.0 for packages/pdf-engine (and the same drift appears in packages/canvas) even though neither manifest changed that dependency. Merging this PR would therefore deploy a different native PDF engine along with the pdfjs update, so any parse/render behavior changes from 0.108.0 become part of this release without review; please revert this lockfile drift or split it into its own dependency update.
Useful? React with 👍 / 👎.
Bumps [pdfjs-dist](https://github.com/mozilla/pdf.js) from 5.7.284 to 6.1.200. - [Release notes](https://github.com/mozilla/pdf.js/releases) - [Commits](mozilla/pdf.js@v5.7.284...v6.1.200) --- updated-dependencies: - dependency-name: pdfjs-dist dependency-version: 6.1.200 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
9937917 to
4b19163
Compare
Bumps pdfjs-dist from 5.7.284 to 6.1.200.
Release notes
Sourced from pdfjs-dist's releases.
... (truncated)
Commits
6353aceMerge pull request #21508 from Snuffleupagus/optional-chaining-not-lengthb7b3a4cUse more optional chaining in thesrc/andweb/folders8bdd159Merge pull request #21505 from Snuffleupagus/StructTreeRoot-rm-init195226eMerge pull request #21500 from calixteman/bug2050191d852613Merge pull request #21487 from calixteman/issue173338232440Inline theinitmethod in theStructTreeRootconstructor86ffd68Merge pull request #21504 from nicolo-ribaudo/move-selection-styles5d81fe5Move SVG text selection styles to pdf_viewer.cssa1953e7Merge pull request #21502 from Snuffleupagus/issue17906-test-formsbeb332aChangeissue17906to test "forms" rendering