Recent Commits to jsPDF:master (7)

Bump tmp, inquirer and karma (#3945)

Bumps [tmp](https://github.com/raszi/node-tmp) to 0.2.5 and updates ancestor dependencies [tmp](https://github.com/raszi/node-tmp), [inquirer](https://github.com/SBoudrias/Inquirer.js) and [karma](https://github.com/karma-runner/karma). These dependencies need to be updated together.


Updates `tmp` from 0.2.1 to 0.2.5
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.1...v0.2.5)

Updates `inquirer` from 6.5.2 to 13.2.1
- [Release notes](https://github.com/SBoudrias/Inquirer.js/releases)
- [Commits](https://github.com/SBoudrias/Inquirer.js/compare/inquirer@6.5.2...inquirer@13.2.1)

Updates `karma` from 5.1.0 to 6.4.4
- [Release notes](https://github.com/karma-runner/karma/releases)
- [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md)
- [Commits](https://github.com/karma-runner/karma/compare/v5.1.0...v6.4.4)

---
updated-dependencies:
- dependency-name: tmp
  dependency-version: 0.2.5
  dependency-type: indirect
- dependency-name: inquirer
  dependency-version: 13.2.1
  dependency-type: direct:development
- dependency-name: karma
  dependency-version: 6.4.4
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

29/01/2026 6:57

Bump sha.js from 2.4.11 to 2.4.12 (#3946)

Bump sha.js from 2.4.11 to 2.4.12 (#3946)

Bumps [sha.js](https://github.com/crypto-browserify/sha.js) from 2.4.11 to 2.4.12.
- [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12)

---
updated-dependencies:
- dependency-name: sha.js
  dependency-version: 2.4.12
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

29/01/2026 6:18

Bump vite from 5.4.20 to 5.4.21 in /examples/vite (#3949)

Bump vite from 5.4.20 to 5.4.21 in /examples/vite (#3949)

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.4.20 to 5.4.21.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 5.4.21
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

29/01/2026 6:14

Bump cipher-base from 1.0.4 to 1.0.7 (#3942)

Bump cipher-base from 1.0.4 to 1.0.7 (#3942)

Bumps [cipher-base](https://github.com/crypto-browserify/cipher-base) from 1.0.4 to 1.0.7.
- [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7)

---
updated-dependencies:
- dependency-name: cipher-base
  dependency-version: 1.0.7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

29/01/2026 6:11

Bump lodash from 4.17.21 to 4.17.23 (#3943)

Bump lodash from 4.17.21 to 4.17.23 (#3943)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

29/01/2026 5:58

fix: upgrade dompurify from 3.3.0 to 3.3.1 (#3948)

fix: upgrade dompurify from 3.3.0 to 3.3.1 (#3948)

Snyk has created this PR to upgrade dompurify from 3.3.0 to 3.3.1.

See this package in npm:
dompurify

See this project in Snyk:
https://app.snyk.io/org/mrrio/project/50515eb1-b03b-4f42-9f17-cce1a33d5d1a?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

22/01/2026 9:51

fix: upgrade dompurify from 3.2.4 to 3.3.0 (#3928)

fix: upgrade dompurify from 3.2.4 to 3.3.0 (#3928)

Snyk has created this PR to upgrade dompurify from 3.2.4 to 3.3.0.

See this package in npm:
dompurify

See this project in Snyk:
https://app.snyk.io/org/mrrio/project/50515eb1-b03b-4f42-9f17-cce1a33d5d1a?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

18/12/2025 7:31

4.0.0

4.0.0

18/12/2025 7:06

restrict file system access in node build (#3931)

restrict file system access in node build (#3931)

 - add jsPDF.allowFsRead property as fs read whitelist
 - read files only if node --permission flag or allowFsRead are enabled

19/11/2025 10:32

3.0.4

3.0.4

19/11/2025 8:19

Fix Incorrect Typing for Margins in the TableConfig Interface Definit…

Maito1794

Fix Incorrect Typing for Margins in the TableConfig Interface Definition (#3816)

---------

Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

12/11/2025 11:02

chore: bump checkout, setup-node, and stale actions (#3907)

josephyi

chore: bump checkout, setup-node, and stale actions (#3907)

Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

12/11/2025 11:00

Fix: Context2d font regex too restrictive ( #3904 ) (#3906)

Opineppes

Fix: Context2d font regex too restrictive ( #3904 ) (#3906)

---------

Co-authored-by: quentin.legrand <quentin.legrand@peoplbrain.com>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

28/10/2025 7:14

Do not add pages dynamically unless autoPaging is enabled (#3915)

anmiles

Do not add pages dynamically unless autoPaging is enabled (#3915)

16/10/2025 8:59

add package.json exports field (#3903)

tishajain25

add package.json exports field (#3903)

07/10/2025 7:25

Fix API.internal.pages not being updated when restoring a RenderTarge…

Opineppes

Fix API.internal.pages not being updated when restoring a RenderTarget ( #3898 ) (#3899)

Co-authored-by: quentin.legrand <quentin.legrand@peoplbrain.com>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

07/10/2025 4:59

fix font list cache invalidation issue in context2d module (#3891)

srikanth-s2003

fix font list cache invalidation issue in context2d module (#3891)

Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

07/10/2025 4:49

remove duplicate function "ga" in webp decoder (#3902)

jvdp

remove duplicate function "ga" in webp decoder (#3902)

06/10/2025 8:32

fix: cell function now properly accepts align parameter (#3896)

vishal-rathod-07

fix: cell function now properly accepts align parameter (#3896)

Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

06/10/2025 7:25

Fix typos and linguistic errors in documentation (#3897)

survivant

Fix typos and linguistic errors in documentation (#3897)

02/10/2025 8:47

fix: upgrade @babel/runtime from 7.28.3 to 7.28.4 (#3895)

fix: upgrade @babel/runtime from 7.28.3 to 7.28.4 (#3895)

Snyk has created this PR to upgrade @babel/runtime from 7.28.3 to 7.28.4.

See this package in npm:
@babel/runtime

See this project in Snyk:
https://app.snyk.io/org/mrrio/project/50515eb1-b03b-4f42-9f17-cce1a33d5d1a?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

18/09/2025 5:08

3.0.3

3.0.3

18/09/2025 4:58

fix regressions in PNG encoding that were introduced in 3.0.2 (#3887)

fix regressions in PNG encoding that were introduced in 3.0.2 (#3887)

- fix compression of other than 8-bit images
- fix soft mask for other than 8-bit images
- fix potential byte order issue for 16-bit images
- fix writing an empty mask (error) for indexed images without transparency

16/09/2025 8:59

fix scaling of form object bounding boxes (#3888)

fix scaling of form object bounding boxes (#3888)

01/09/2025 8:56

Fix division by zero when calculating word spacing (#3879)

alxndr-pggm

Fix division by zero when calculating word spacing (#3879)

Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

26/08/2025 8:57

3.0.2

3.0.2

26/08/2025 8:40

Fix parsing corrupt PNG images in the addImage method (#3880)

Fix parsing corrupt PNG images in the addImage method (#3880)

- remove atob and btoa dependencies and use native implementations for node build, as well
- replace built-in PNG parser with the fast-png 3rd party dependency
- consistently support 16bit color spaces
- fix compression being applied with compression="NONE" in some cases

25/08/2025 6:33

Correct the millimeter unit conversion constant in docs (#3872)

WardenDrew

Correct the millimeter unit conversion constant in docs (#3872)

21/08/2025 8:45

fix: upgrade @babel/runtime from 7.26.7 to 7.26.9 (#3847)

fix: upgrade @babel/runtime from 7.26.7 to 7.26.9 (#3847)

Snyk has created this PR to upgrade @babel/runtime from 7.26.7 to 7.26.9.

See this package in npm:
@babel/runtime

See this project in Snyk:
https://app.snyk.io/org/mrrio/project/50515eb1-b03b-4f42-9f17-cce1a33d5d1a?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

17/03/2025 11:25

3.0.1

3.0.1

17/03/2025 11:08

fix: upgrade @babel/runtime from 7.26.0 to 7.26.7 (#3832)

fix: upgrade @babel/runtime from 7.26.0 to 7.26.7 (#3832)

Snyk has created this PR to upgrade @babel/runtime from 7.26.0 to 7.26.7.

See this package in npm:
@babel/runtime

See this project in Snyk:
https://app.snyk.io/org/mrrio/project/50515eb1-b03b-4f42-9f17-cce1a33d5d1a?utm_source=github&utm_medium=referral&page=upgrade-pr

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

17/03/2025 11:06

improve performance of data url parsing in addimage (#3843)

improve performance of data url parsing in addimage (#3843)

- fix a ReDoS vulnerability

17/03/2025 10:12

don't use saucelabs in CI to be able to correctly run CI for PRs

don't use saucelabs in CI to be able to correctly run CI for PRs

17/03/2025 5:43

Upgrade canvg from 3.0.6 to 3.0.11 (#3836)

ninooppgeorge

Upgrade canvg from 3.0.6 to 3.0.11 (#3836)

19/02/2025 6:33

3.0.0

3.0.0

19/02/2025 6:19

fix(sec): remove MSIE support to allow upgrading to vuln-free `dompur…

hainenber

fix(sec): remove MSIE support to allow upgrading to vuln-free `dompurify` v3 (#3827)

* fix(sec): remove MSIE support to allow upgrading to vuln-free `dompurify` v3

Signed-off-by: hainenber <dotronghai96@gmail.com>

* feat: remove all IE11 verifiers in `src` and `examples`

Signed-off-by: hainenber <dotronghai96@gmail.com>

* chore(ci): remove IE11 as browser testing target

Signed-off-by: hainenber <dotronghai96@gmail.com>

* chore: remove obsolete isOldIE verifiers

Signed-off-by: hainenber <dotronghai96@gmail.com>

* chore(ci): remove IE as browser testing target in Karma's common config

Signed-off-by: hainenber <dotronghai96@gmail.com>

---------

Signed-off-by: hainenber <dotronghai96@gmail.com>
Co-authored-by: Lukas Holländer <lukas.hollaender@yworks.com>

19/02/2025 5:52

Bump rollup from 2.21.0 to 2.79.2 (#3826)

Bump rollup from 2.21.0 to 2.79.2 (#3826)

Bumps [rollup](https://github.com/rollup/rollup) from 2.21.0 to 2.79.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.21.0...v2.79.2)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

18/02/2025 10:20

fix: upgrade @babel/runtime from 7.25.6 to 7.26.0 (#3822)