Skip to content

Bump the nuget group with 5 updates#246

Merged
christiaanderidder merged 2 commits into
mainfrom
dependabot/nuget/nuget-2ecb6ba2ff
Jul 18, 2026
Merged

Bump the nuget group with 5 updates#246
christiaanderidder merged 2 commits into
mainfrom
dependabot/nuget/nuget-2ecb6ba2ff

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 18, 2026

Copy link
Copy Markdown
Contributor

Updated Magick.NET-Q16-AnyCPU from 14.14.0 to 14.15.0.

Release notes

Sourced from Magick.NET-Q16-AnyCPU's releases.

14.15.0

What's Changed

  • Add PingAsync to MagickImage and MagickImageCollection (#​2032).
  • Added ImportIndexedPixels to MagickImage (#​2040)

Related changes in ImageMagick since the last release of Magick.NET:

  • Stack Overflow in MVG decoder due to missing depth check (GHSA-mx48-2qq3-23hf)
  • Heap Buffer Overflow in ImageMagick MVG decoder (GHSA-wx47-rm3x-jx6p)
  • Policy Bypass due to an incomplete fix of CVE-2026-49219 (GHSA-56m6-8q75-f2rw)
  • Infinite Loop in connected-components when providing invalid arguments (GHSA-qhmf-7fc4-8q3h)
  • Heap Buffer Over-Write in JP2 encoder when due to incorrect handling of arguments (GHSA-c4v7-w88g-m6c4)
  • Policy Bypass in concatenate operation due to missing checks (GHSA-82mp-vp5c-9pf7)
  • Use-After-Free in crafted 8BIM when identifying an image (GHSA-ff5c-8x9r-8qcw)
  • Information Disclosure in MNG decoder because allocated memory is left unchanged (GHSA-8g53-9m3c-69xg)
  • Heap Buffer Over-Read in XCF decoder due to integer conversion overflow (GHSA-pjxj-pchx-4c3m)
  • Heap Buffer Over-Write in morphology operation when an invalid kernel is provided (GHSA-7rgw-xg25-prjm)
  • Heap Buffer Over-Read in BGR decoder due to mising end-of-file check (GHSA-7rgw-xg25-prjm)
  • Heap Buffer Over-Write in fx operation (GHSA-422r-8c97-xcg4)
  • Integer Overflow in JNX decoder causes heap buffer over-write when processing extremely large files on 32-bit builds (GHSA-h22j-f9xw-xjjm)

Library updates:

  • ImageMagick 7.1.2-27 (2026-07-05)
  • libde265 1.1.1 (2026-06-03)
  • openexr 3.4.13 (2026-06-19)
  • libffi 3.6.0 (2026-06-20)
  • fontconfig 2.18.1 (2026-06-02)
  • gdk-pixbuf 2.44.7 (2026-06-27)
  • harfbuzz 14.2.1 (2026-06-02)
  • libheif 1.23.1 (2026-06-26)
  • libjxl 0.12.0 (2026-07-01)
  • openjph 0.30.1 (2026-06-22)
  • libtiff 4.7.2 (2026-06-26)

Full Changelog: dlemstra/Magick.NET@14.14.0...14.15.0

Commits viewable in compare view.

Updated QuestPDF from 2026.7.0 to 2026.7.1.

Release notes

Sourced from QuestPDF's releases.

2026.7.1

Improved performance

PDF generation is now significantly faster. The Skia native dependency has been recompiled with speed-oriented optimizations (favoring performance over binary size) and with SIMD instructions enabled.

The impact depends on document content and platform. For example, generating image-heavy documents that require image rescaling can be several times faster on Windows x64 🎉

Note: this change slightly increases the size of the native dependency by around 20%.


Continuous performance monitoring

We have also built a solid foundation for measuring library performance going forward. A new GitHub Actions workflow benchmarks QuestPDF across all supported operating systems, processor architectures, and .NET releases.

This infrastructure helps us ensure that performance remains stable and consistent across all platforms, and allows us to detect regressions early — before they ever reach a release.

Commits viewable in compare view.

Updated TUnit from 1.58.0 to 1.61.0.

Release notes

Sourced from TUnit's releases.

1.61.0

What's Changed

Other Changes

Dependencies

Full Changelog: thomhurst/TUnit@v1.60.0...v1.61.0

1.60.0

What's Changed

Other Changes

Dependencies

Full Changelog: thomhurst/TUnit@v1.59.0...v1.60.0

1.59.0

What's Changed

Other Changes

Dependencies

Full Changelog: thomhurst/TUnit@v1.58.0...v1.59.0

Commits viewable in compare view.

Updated Verify.QuestPDF from 2.6.0 to 2.7.0.

Release notes

Sourced from Verify.QuestPDF's releases.

2.7.0

  • #​463 Skip GeneratePdf when the pdf target is excluded

Commits viewable in compare view.

Updated Verify.TUnit from 31.23.0 to 31.25.0.

Release notes

Sourced from Verify.TUnit's releases.

31.25.0

  • #​1758 UseProjectRelative + SourceFileRelativeDirectory
  • #​1800 Add mirror source structure for verified files

31.24.3

  • #​1799 Better line ending failure diagnostics

31.24.2

  • #​1794 Normalize scrubbed-to-empty text to emptyString
  • #​1798 Bump package references

31.24.1

31.24.0

  • #​1789 Add ExcludeTargets with converter-side IsTargetExcluded check

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps Magick.NET-Q16-AnyCPU from 14.14.0 to 14.15.0
Bumps QuestPDF from 2026.7.0 to 2026.7.1
Bumps TUnit from 1.58.0 to 1.61.0
Bumps Verify.QuestPDF from 2.6.0 to 2.7.0
Bumps Verify.TUnit from 31.23.0 to 31.25.0

---
updated-dependencies:
- dependency-name: Magick.NET-Q16-AnyCPU
  dependency-version: 14.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: QuestPDF
  dependency-version: 2026.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget
- dependency-name: TUnit
  dependency-version: 1.61.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: Verify.QuestPDF
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: Verify.TUnit
  dependency-version: 31.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Jul 18, 2026
@github-actions

Copy link
Copy Markdown

✅ TUnit Test Results — 1 suite

34 tests across 1 suite in 1.1s94.1% passed

✅ 32 passed · ⏭️ 2 skipped

Suite Tests ⏭️ Duration
QuestPDF.Markdown.Tests 34 32 0 2 1.1s

📄 Combined HTML report: /home/runner/work/_temp/tunit-aggregate/run-29639925222-1-build/merged-report.html — upload it as an artifact to keep it after the job.


🟢 QuestPDF.Markdown.Tests (.NETCoreApp,Version=v10.0)

✓  Passed✘  Failed↷  Skipped∑  Total⧗  Elapsed
322341s

@github-actions

Copy link
Copy Markdown

Summary

Summary
Generated on: 07/18/2026 - 09:55:34
Parser: Cobertura
Assemblies: 1
Classes: 13
Files: 13
Line coverage: 90.8% (519 of 571)
Covered lines: 519
Uncovered lines: 52
Coverable lines: 571
Total lines: 1080
Branch coverage: 80% (140 of 175)
Covered branches: 140
Total branches: 175
Method coverage: Feature is only available for sponsors
Tag: 562_29639925222

Coverage

QuestPDF.Markdown - 90.8%
Name Line Branch
QuestPDF.Markdown 90.8% 80%
QuestPDF.Markdown.Compatibility.CompatibilityShims 55.5%
QuestPDF.Markdown.Compatibility.ExceptionHelper 75% 50%
QuestPDF.Markdown.Extensions.TableCellExtensions 65% 50%
QuestPDF.Markdown.Extensions.TextExtensions 45.4% 14.2%
QuestPDF.Markdown.Helpers.PathHelpers 100% 87.5%
QuestPDF.Markdown.MarkdownExtensions 90% 100%
QuestPDF.Markdown.MarkdownRenderer 91.9% 85.4%
QuestPDF.Markdown.MarkdownRendererOptions 100% 75%
QuestPDF.Markdown.ParsedMarkdownDocument 98.7% 91.6%
QuestPDF.Markdown.Parsing.TemplateExtension 50%
QuestPDF.Markdown.Parsing.TemplateInline 100%
QuestPDF.Markdown.Parsing.TemplateParser 91.6% 62.5%
QuestPDF.Markdown.TextProperties 100%

@christiaanderidder
christiaanderidder merged commit 8e85fdf into main Jul 18, 2026
2 checks passed
@christiaanderidder
christiaanderidder deleted the dependabot/nuget/nuget-2ecb6ba2ff branch July 18, 2026 09:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .net code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant