Skip to content


Choose a tag to compare
@wojtekmaj wojtekmaj released this 29 May 11:41
· 21 commits to main since this release

See Upgrade guide from version 8.x to 9.x.

This version updates PDF.js to 4.3.136, fixing GHSA-wgrm-67xf-hhpq for good. React-PDF v8.0.2 and v7.7.3 have already included a mitigation of the issue and thus were not affected by this vulnerability, but caused automatic security alerts due to the outdated PDF.js version.

❗️ = breaking change

What's new?

  • Updated PDF.js to 4.3.136.
    • Optimizations for CPU and memory usage
    • Performance improvements
    • Image rendering improvements
    • Text selection improvements
    • Accessibility improvements
    • Font conversion improvements
    • Handling of corrupted documents
  • Improved Turbopack compatibility.

What's changed?

  • ❗️ PDF.js worker extension has been changed from .js to .mjs.
  • ❗ PDF.js is now an ESM module.
    • In particular, you may encounter issues running unit tests using Jest. Consider migrating to Vitest.
    • Next.js also have issues with ESM Workers, but a working configuration is already known - see Upgrade guide and updated samples.
  • ❗️ Removed deprecated svg renderMode.
  • ❗️ Dropped support for older browsers and Node.js versions. In particular, you may need Promise.withResolvers polyfill when running Node.js versions older than 22.0.0.