Bump ttfunk from 1.7.0 to 1.8.0

[dependabot[bot]]

Bumps ttfunk from 1.7.0 to 1.8.0.

Changelog

Sourced from ttfunk's changelog.

[1.8.0][] - 2024-03-05

Fixed

• Corrupted CFF index data

  there was a subtle bug in cff index implementation that resulted in a data corruption. in certain circumstances some items didn't get properly encoded. this happened when items were not previously accessed.

  this resulted, for instance, in missing glyphs. but only sometimes because indexes might've still contain data that shouldn't've been there. in combination with incorrect encoding (see further) this resulted in some glyphs still being rendered, sometimes even correctly.

  along with the fix a rather large api change landed. this resulted in quite a big diff.

  Alexander Mankuta

• Incorrect CFF encoding in subsets

  TTFunk used to reuse encoding from the original font. This mapping was incorrect for subset fonts which used not just a subset of glyphs but also a different encoding.

  A separate issue was that some fonts have empty CFF encoding. This incorrect mapping resulted in encoding that mapped all codes to glyph 0.

  This had impact on Prawn in particular. PDF spec explicitly says that CFF encoding is not to be used in OpenType fonts. cmap table should directly index charstrings in the CFF table. Despite this PDF renderers still use CFF encoding to retrieve glyphs. So TTFunk has to discard the original CFF encoding and supply its own.

  Alexander Mankuta

• maxp table

  The table is now correctly parsed and encoded for both TrueType and CFF-based OpenType fonts.

  Cameron Dutro, Alexander Mankuta

• Files are closed sooner

  Files were garbage collected but could stay open for longer than necessary.

  Jon Burgess

... (truncated)

Commits

• 885061e 1.8.0
• b554b0f Fix Changelog
• d7010dd Update gem metadata
• acbc53b Update gem signing
• a25adc8 Update license specifiers
• 4ad4600 Update certificate
• a1575ce Add bigdecimal dep
• 0a0d447 Update code style
• 88b7a19 Fix docs
• 44b7aca Bump minimum Ruby
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[chadlwilson]

@dependabot rebase