Bump itext7 from 9.3.0 to 9.4.0

[dependabot]

Updated itext7 from 9.3.0 to 9.4.0.

Release notes

Sourced from itext7's releases.

9.4.0

For our fourth and final iText Core release of 2025 we’re introducing advanced page resizing functionality for more effective merging and manipulation of PDF documents with varying page sizes.

We’ve also been working on extending the new EU eIDAS Trusted Lists feature to support validation against specific signature profiles.

In addition, we’ve enhanced our flex layout support within the layout module for use with the pdfHTML add-on.

Advanced Page Resizing

This release introduces advanced page resizing functionality, allowing users to merge and manipulate PDF documents with varying page sizes more effectively. This was based on a customer request who was using similar functionality in iText 5. However, the way iText 5 did this was relatively unsophisticated, and ran into problems with tagged documents and different content types.

This new implementation addresses scenarios such as scaling content between different page formats (A0, A1, US Letter, etc.), maintaining aspect ratios, and handling annotations, patterns, gradients, and form fields during resizing. The result is a more flexible and reliable toolkit for document assembly and transformation, ensuring that content integrity and layout are preserved across diverse PDF workflows.

Signature Profiles Support

This focuses on enhancing digital signature capabilities in iText Core by introducing support for signature profiles. This feature enables an easier way to ensure that digital signing and validation processes meet the regulatory and compliance requirements for specific regions. As a demonstration, we’ve updated the LotlSimpleSignatureValidation sample (Java/.NET) on GitHub to show off the new QualifiedValidator class. This determines if a given certificate/signature meets the regulatory standards to be “qualified”, which is vital for high-trust electronic transactions.

We’ve also made a change to LOTL validation reports to eliminate multiple successful validation messages during the process, along with some general improvements to LOTL caching and validation.

Extending Flex Layout Support

This release significantly improves the flex layout support in the core Layout module. Since this primarily affects pdfHTML, you’ll find more details in the release notes for pdfHTML 6.3.0.

Pull Requests

We’d like to thank IBaltaga for their suggested NotSupportedException if AreaBreak is inside a flex container fix for .NET. After investigating in more detail we decided to implement the fix in a different way, however, an exception will no longer be thrown for AreaBreaks inside flex containers.

Bug Fixes and Miscellaneous

PDF image and color depth handling has been enhanced when extracting images There are also accessibility and structure improvements in generated/tagged documents, and error messaging and recovery for malformed or edge-case PDFs is improved.

For .NET, we’ve implemented a wrapper for Asn1OutputStream which became available in version 1.0.2 of BC FIPS .NET. This improves cryptographic compatibility for FIPS workflows.

Other Stuff

As always, you can see the Changelog below to see the full rundown on what’s new in Core, and details of other improvements and bug fixes for this release.

Java

• https://github.com/itext/itext-publications-examples-java
• https://github.com/itext/itext-publications-book-java
• https://github.com/itext/itext-publications-signing-examples-java
• https://github.com/itext/itext-publications-signatures-java
• https://github.com/itext/itext-publications-highlevel-java
• https://github.com/itext/itext-publications-jumpstart-java

.NET

• https://github.com/itext/itext-publications-samples-dotnet

NOTE: If you want to create ZUGFeRD/Factur-X-e-invoices with iText Core, we have both Java and .NET code samples available targeting the current ZUGFeRD/Factur-X specification. They demonstrate how to embed the XML invoice data and add the metadata required for conformance.
... (truncated)

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[mergify]

Automatically approving dependabot