Skip to content

chore(deps): bump lopdf from 0.36.0 to 0.40.0#8825

Merged
lifeizhou-ap merged 1 commit into
mainfrom
dependabot/cargo/lopdf-0.40.0
Apr 27, 2026
Merged

chore(deps): bump lopdf from 0.36.0 to 0.40.0#8825
lifeizhou-ap merged 1 commit into
mainfrom
dependabot/cargo/lopdf-0.40.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 24, 2026

Bumps lopdf from 0.36.0 to 0.40.0.

Release notes

Sourced from lopdf's releases.

0.39.0

What's Changed

Improvements

Fixes

Thanks a lot to the new contributors:

0.38.0

See CHANGELOG.md for details.

Thanks a lot to the new contributors:

0.37.0

See CHANGELOG.md for details.

Thanks a lot to the new contributors:

Changelog

Sourced from lopdf's changelog.

[Unreleased]

Add

  • Add LoadOptions struct with password, filter, and strict fields for extensible loading configuration
  • Add load_with_options, load_from_with_options, and load_mem_with_options methods (sync + async)

Deprecate

  • Deprecate load_filtered, load_from_with_password, load_mem_with_password in favor of _with_options variants

v0.38.0 (2025-08-26)

Add

  • Add enhanced PDF decryption support for encrypted documents with empty passwords
  • Add automatic decryption during document loading for better pdftk compatibility
  • Add raw object extraction before parsing to handle encrypted content
  • Add support for decrypting PDFs with compressed object streams
  • Add comprehensive test suite for PDF decryption functionality
  • Add assets/encrypted.pdf test file for decryption testing
  • Add examples demonstrating decryption capabilities (test_decryption.rs, verify_decryption.rs)

Enhance

  • Enhance Reader::read() to detect and handle encrypted PDFs automatically
  • Enhance document loading to attempt empty password authentication by default
  • Enhance object processing to decrypt objects after parsing
  • Enhance support for encrypted PDFs containing object streams

Fix

  • Fix encrypted object parsing by extracting raw bytes before decryption
  • Fix object stream handling in encrypted documents
  • Fix decryption workflow to match pdftk's approach

Implementation Details

  • Modified src/reader.rs to add load_encrypted_document() method
  • Added extract_raw_object() method for raw byte extraction
  • Added parse_raw_object() method for parsing extracted bytes
  • Store raw object bytes in Reader::raw_objects field for deferred decryption
  • Process compressed objects from object streams after decryption

v0.37.0 (2025-08-08)

Add

... (truncated)

Commits
  • 855e569 Release 0.40
  • 845cd3d fix(cmap): bounds-check ArrayOfHexStrings index in bfrange lookup
  • 087d3bc return Option via ok() instead of unwrap() for decode_text_string
  • dec5ec6 fix: fails to decode PDFDocEncoding-encoded Strings in metadata
  • caf963e fix: fall back to raw deflate when zlib checksum fails in encrypted PDFs
  • 1afbb11 fix: skip leading whitespace when parsing objects in ObjStm
  • dc2887a update src/reader to make clippy happy
  • 3bc6a52 fix(reader): fall back to keeping ObjStm objects not tracked by xref
  • 7ca36d7 fix(reader): use xref to resolve conflicting ObjStm entries in linearized PDFs
  • 504f09e examples: Fix slice out of bounds panic
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump lopdf from 0.36.0 to 0.40.0
f67b7cc 
Bumps [lopdf](https://github.com/J-F-Liu/lopdf) from 0.36.0 to 0.40.0.
- [Release notes](https://github.com/J-F-Liu/lopdf/releases)
- [Changelog](https://github.com/J-F-Liu/lopdf/blob/main/CHANGELOG.md)
- [Commits](J-F-Liu/lopdf@v0.36.0...v0.40.0)

---
updated-dependencies:
- dependency-name: lopdf
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Apr 24, 2026
@lifeizhou-ap lifeizhou-ap added this pull request to the merge queue Apr 27, 2026
Merged via the queue into main with commit b9dafd0 Apr 27, 2026
22 checks passed
@lifeizhou-ap lifeizhou-ap deleted the dependabot/cargo/lopdf-0.40.0 branch April 27, 2026 03:18
@github-actions github-actions Bot mentioned this pull request Apr 28, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lifeizhou-ap lifeizhou-ap lifeizhou-ap approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lifeizhou-ap