search

mi-squared / alive-and-well

Custom OpenEMR 5.0.1 for Alive and Well with added column for "employer" in encoutner report
GNU General Public License v3.0
0 stars 0 forks source link

Bump phpoffice/phpspreadsheet from 1.0.0 to 1.8.0 #16

Open dependabot[bot] opened 3 years ago

dependabot[bot] commented 3 years ago

Bumps phpoffice/phpspreadsheet from 1.0.0 to 1.8.0.

Release notes

Sourced from phpoffice/phpspreadsheet's releases.

1.8.0

Security Fix (CVE-2019-12331)

  • Detect double-encoded xml in the Security scanner, and reject as suspicious.

  • This change also broadens the scope of the libxml_disable_entity_loader setting when reading XML-based formats, so that it is enabled while the xml is being parsed and not simply while it is loaded. On some versions of PHP, this can cause problems because it is not thread-safe, and can affect other PHP scripts running on the same server. This flag is set to true when instantiating a loader, and back to its original setting when the Reader is no longer in scope, or manually unset.

  • Provide a check to identify whether libxml_disable_entity_loader is thread-safe or not.

    XmlScanner::threadSafeLibxmlDisableEntityLoaderAvailability()

  • Provide an option to disable the libxml_disable_entity_loader call through settings. This is not recommended as it reduces the security of the XML-based readers, and should only be used if you understand the consequences and have no other choice.

Added

  • Added support for the SWITCH function - #963 and #983
  • Add accounting number format style #974

Fixed

  • Whitelist tsv extension when opening CSV files #429
  • Fix a SUMIF warning with some versions of PHP when having different length of arrays provided as input #873
  • Fix incorrectly handled backslash-escaped space characters in number format

1.7.0

Added

  • Added support for inline styles in Html reader (borders, alignment, width, height)
  • QuotedText cells no longer treated as formulae if the content begins with a =
  • Clean handling for DDE in formulae

Fixed

  • Fix handling for escaped enclosures and new lines in CSV Separator Inference
  • Fix MATCH an error was appearing when comparing strings against 0 (always true)
  • Fix wrong calculation of highest column with specified row #700
  • Fix VLOOKUP
  • Fix return type hint

1.6.0

Added

  • Refactored Matrix Functions to use external Matrix library
  • Possibility to specify custom colors of values for pie and donut charts - #768

Fixed

  • Improve XLSX parsing speed if no readFilter is applied - #772
  • Fix column names if read filter calls in XLSX reader skip columns - #777
  • Fix LOOKUP function which was breaking on edge cases - #796
  • Fix VLOOKUP with exact matches - #809
  • Support COUNTIFS multiple arguments - #830

... (truncated)

Changelog

Sourced from phpoffice/phpspreadsheet's changelog.

[1.8.0] - 2014-03-02

Bugfixes

Features

General

  • Adding support for macros, Ribbon in Excel 2007 - @LWol #252
  • Remove array_shift in ReferenceHelper::insertNewBefore improves column or row delete speed - @cdhutch [CodePlex #20055](https://phpexcel.codeplex.com/workitem/20055)
  • Improve stock chart handling and rendering, with help from Swashata Ghosh - @MarkBaker
  • Fix to calculation properties for Excel2007 so that the opening application will only recalculate on load if it's actually required - @MarkBaker
  • Modified Excel2007 Writer to default preCalculateFormulas to false - @MarkBaker
    • Note that autosize columns will still recalculate affected formulae internally- Functionality to getHighestRow() for a specified column, and getHighestColumn() for a specified row - @dresenhista #242
  • Modify PHPExcel_Reader_Excel2007 to use zipClass from PHPExcel_Settings::getZipClass() - @adamriyadi #247
    • This allows the use of PCLZip when reading for people that don't have access to ZipArchive

Security

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mi-squared/alive-and-well/network/alerts).