Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump phpoffice/phpspreadsheet from 1.0.0 to 1.8.2 #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Nov 20, 2019

Bumps phpoffice/phpspreadsheet from 1.0.0 to 1.8.2.

Release notes

Sourced from phpoffice/phpspreadsheet's releases.

1.8.2

Fixed

  • Uncaught error when opening ods file and properties aren't defined - #1047
  • Xlsx Reader Cell datavalidations bug - #1052

1.8.1

Fixed

  • Allow nullable theme for Xlsx Style Reader class - #1043

1.8.0

Security Fix (CVE-2019-12331)

  • Detect double-encoded xml in the Security scanner, and reject as suspicious.

  • This change also broadens the scope of the libxml_disable_entity_loader setting when reading XML-based formats, so that it is enabled while the xml is being parsed and not simply while it is loaded.
    On some versions of PHP, this can cause problems because it is not thread-safe, and can affect other PHP scripts running on the same server. This flag is set to true when instantiating a loader, and back to its original setting when the Reader is no longer in scope, or manually unset.

  • Provide a check to identify whether libxml_disable_entity_loader is thread-safe or not.

    XmlScanner::threadSafeLibxmlDisableEntityLoaderAvailability()

  • Provide an option to disable the libxml_disable_entity_loader call through settings. This is not recommended as it reduces the security of the XML-based readers, and should only be used if you understand the consequences and have no other choice.

Added

  • Added support for the SWITCH function - #963 and #983
  • Add accounting number format style #974

Fixed

  • Whitelist tsv extension when opening CSV files #429
  • Fix a SUMIF warning with some versions of PHP when having different length of arrays provided as input #873
  • Fix incorrectly handled backslash-escaped space characters in number format

1.7.0

Added

  • Added support for inline styles in Html reader (borders, alignment, width, height)
  • QuotedText cells no longer treated as formulae if the content begins with a =
  • Clean handling for DDE in formulae

Fixed

  • Fix handling for escaped enclosures and new lines in CSV Separator Inference
  • Fix MATCH an error was appearing when comparing strings against 0 (always true)
  • Fix wrong calculation of highest column with specified row #700
  • Fix VLOOKUP
  • Fix return type hint

1.6.0

Added

... (truncated)
Changelog

Sourced from phpoffice/phpspreadsheet's changelog.

Changelog for PHPExcel

This is the historic changelog of the project when it was still called PHPExcel.
It exists only for historical purposes and versions mentioned here should not be
confused with PhpSpreadsheet versions.

[1.8.1] - 2015-04-30

Bugfixes

General

  • Remove cells cleanly when calling RemoveRow() or RemoveColumn() - @​MarkBaker
  • Small performance improvement for autosize columns - @​MarkBaker
  • Change the getter/setter for zeroHeight to camel case - @​frost-nzcr4 #379
  • DefaultValueBinder is too much aggressive when converting string to numeric - @​MarkBaker #394
  • Default precalculate formulas to false for writers - @​MarkBaker
  • Set default Cyclic Reference behaviour to 1 to eliminate exception when using a single cyclic iteration in formulae - @​MarkBaker

Features

  • Some Excel writer libraries erroneously use Codepage 21010 for UTF-16LE - @​MarkBaker #396
  • Methods to manage most of the existing options for Chart Axis, Major Grid-lines and Minor Grid-lines - @​WiktrzGE #404
  • ODS read/write comments in the cell - @​frost-nzcr4 #403
  • Additional Mac CJK codepage definitions - @​CQD #389
  • Update Worksheet.php getStyleByColumnAndRow() to allow a range of cells rather than just a single cell - @​bolovincev #269
  • New methods added for testing cell status within merge groups - @​MarkBaker
  • Handling merge cells in HTML Reader - @cifren/MBaker #205
  • Helper to convert basic HTML markup to a Rich Text object - @​MarkBaker
  • Improved Iterators - @​MarkBaker
    • New Column Iterator
    • Support for row and column ranges
    • Improved handling for next/prev
... (truncated)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 20, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants