Dompdf 2.0.0 Released

[erikn69]

Describe the bug
Dompdf 2.0.0 Released and support is needed, it addresses multiple security vulnerabilities

Additional context
https://github.com/dompdf/dompdf/releases/tag/v2.0.0

The release addresses the following announced vulnerabilities:

Vulnerability	References	Type	Severity
Improper Restriction of XML External Entity Reference	#2564	Information Disclosure	TBD
Deserialization of Untrusted Data	#2564	Remote Code Execution	Critical
External Control of File Name or Path	#2564	Information Disclosure	TBD
Server-Side Request Forgery	#2564	Information Disclosure	TBD

[barryvdh]

Yeah can you test 2.0.0-beta2? https://github.com/barryvdh/laravel-dompdf/releases

[erikn69]

@barryvdh It works for me without problems, the breaking changes did not affect me

• Callback signature change: callbacks should now accept three individual arguments (Frame, Canvas, FontMetrics)
• Canvas::page_* methods are executed immediately rather than during output generation and should be called after rendering the document
• Cpdf::polygon method signature changed, no longer accepts the number of points

[angeljqv]

It is working, thanks

[PaolaRuby]

It is working, thanks

+1

[erikn69]

@barryvdh maybe on V2 we can change name of Pdf facade for match with the main class PDF(it is confusing for new devs)

laravel-dompdf/src/Facade/Pdf.php

Line 25 in 9d629cf

class Pdf extends IlluminateFacade

laravel-dompdf/src/PDF.php

Line 22 in 9d629cf

class PDF

laravel-dompdf/composer.json

Line 42 in 9d629cf

"PDF": "Barryvdh\\DomPDF\\Facade\\Pdf"

From #886

laravel-dompdf/readme.md

Lines 45 to 47 in 9d629cf

	use Barryvdh\DomPDF\Facade\Pdf;
	$pdf = PDF::loadView('pdf.invoice', $data);

Also we can remove old deprecated facade #897

laravel-dompdf/src/Facade.php

Lines 7 to 10 in 9d629cf

	/**
	* @deprecated use \Barryvdh\DomPDF\Facade\Pdf instead
	*/
	class Facade extends PdfFacade

[barryvdh]

Renamed to Pdf, seems to be not a breaking change: #899

[barryvdh]

Hmm it is breaking, so maybe just add them both and deprecate the old style PDF? Bit annoying to have to change all your aliases otherwise..

[fredsal]

It is working, thanks

+1