Skip to content

chore(deps): update pypdf requirement from >=6.12.0 to >=6.13.3 in /backend#144

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/backend/pypdf-gte-6.13.3
Closed

chore(deps): update pypdf requirement from >=6.12.0 to >=6.13.3 in /backend#144
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/backend/pypdf-gte-6.13.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on pypdf to permit the latest version.

Release notes

Sourced from pypdf's releases.

Version 6.13.3, 2026-06-17

What's new

Security (SEC)

Performance Improvements (PI)

Robustness (ROB)

Maintenance (MAINT)

Full Changelog

Changelog

Sourced from pypdf's changelog.

Version 6.13.3, 2026-06-17

Security (SEC)

  • Apply MAX_DECLARED_STREAM_LENGTH to streams without length as well (#3871)

Performance Improvements (PI)

  • Avoid per-pixel getpixel loop for 1-bit indexed images (#3854)

Robustness (ROB)

  • Several fixes

Maintenance (MAINT)

  • Make mypy assert messages consistent (#3849)

Full Changelog

Version 6.13.2, 2026-06-10

Security (SEC)

  • Detect multi-hop cyclic /Pages trees in _flatten to prevent SIGSEGV (#3847)

Robustness (ROB)

  • Fix UnboundLocalError in _read_standard_xref_table on a malformed entry (#3841)
  • Raise PdfStreamError on non-hexadecimal bytes in hex readers (#3832)

Full Changelog

Version 6.13.1, 2026-06-08

Security (SEC)

  • Prevent infinite loops when processing threads/articles (#3839)

Full Changelog

Version 6.13.0, 2026-06-05

Security (SEC)

  • Avoid infinite loops for outlines and text extraction (#3830)

New Features (ENH)

  • Add Japanese predefined CMaps (#3800)
  • Font: Collect all character widths, not only those that can be unicode mapped (#3798)

Robustness (ROB)

  • Recover a corrupt trailing startxref pointer (closes #3238) (#3826)
  • Handle /Pages node without /Kids during flattening (#3825)
  • Accept inline image EI marker at the end of a content stream (#3827)

Maintenance (MAINT)

  • Type the always-raising deprecation helpers as NoReturn (#3819)

... (truncated)

Commits
  • 9aa05e7 REL: 6.13.3
  • bbd083d SEC: Apply MAX_DECLARED_STREAM_LENGTH to streams without length as well (#3871)
  • d5cd266 ROB: Guard text operators against missing operands in extract_text (#3861)
  • 82f1f90 ROB: Tolerate malformed /Limits in index2label (#3858)
  • 0276a6f PI: Avoid per-pixel getpixel loop for 1-bit indexed images (#3854)
  • 41a9c3c MAINT: Make mypy assert messages consistent (#3849)
  • d1bba60 MAINT: Increase readability of PdfDocCommon (#3834)
  • 53b6fbc DEV: Bump codecov/codecov-action from 6.0.1 to 7.0.0 (#3859)
  • e07c223 MAINT: Enforce G004 (no f-strings in logging) (#3845)
  • 5270f76 ROB: Guard zero unitsPerEm in from_truetype_font_file (#3846)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): update pypdf requirement in /backend
d0d2e33 
Updates the requirements on [pypdf](https://github.com/py-pdf/pypdf) to permit the latest version.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](py-pdf/pypdf@6.12.0...6.13.3)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.13.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 22, 2026
@dependabot dependabot Bot requested a review from vasu-devs as a code owner June 22, 2026 06:28
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 22, 2026
@dependabot dependabot Bot mentioned this pull request Jun 22, 2026
Closed
@vercel

vercel Bot commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
just-hire-me Ready Ready Preview, Comment Jun 22, 2026 6:28am

@vasu-devs vasu-devs mentioned this pull request Jun 22, 2026
Merged
@vasu-devs

vasu-devs commented Jun 22, 2026

Copy link
Copy Markdown
Owner

Superseded by #145 — all dependencies were brought to today's latest (2026-06-22) in one resolved update, now merged to main. This bump is included. Closing.

@vasu-devs vasu-devs closed this Jun 22, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/pip/backend/pypdf-gte-6.13.3 branch June 22, 2026 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vasu-devs vasu-devs Awaiting requested review from vasu-devs vasu-devs is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vasu-devs