I found that the print_pdf_dompdf.module
doesn't list a minimum version, yet it has been historically the most-suggested PDF tool to integrate with. Given that PHP 5.6 and 7.0 are reaching EOL at the end of 2018, older releases will no longer be considered secure. Therefore it's a good idea to suggest a minimum version for installation.
My suggestion is 0.8.2 for the following reasons:
- Full compatibility for PHP 7.1+ was only completed as of 0.8.1
- 0.8.2 is the latest version and has been available since 26-Nov-2017 (and 0.8.1 was only released 6 days prior).
- As of 0.8.0, complete installation packages have been available from the releases page which makes installation easier.
Here's the list of releases so you can make your own decision:
https://github.com/dompdf/dompdf/releases
Comment | File | Size | Author |
---|---|---|---|
#6 | print-dompdf_update-3011256-6.patch | 4.31 KB | hargobind |
Comments
Comment #2
hargobindBumping this to Major because of the nearing deadline of PHP 5.6 and 7.0 reaching EOL.
Since we don't want to encourage people to use outdated versions, and there's no need to keep old code, this patch removes all integration with versions 0.6.2 and prior.
Alternatively, if you decide that ripping out all the <= 0.6 code is too aggressive right now, then you can just commit the change to the README file and the minimum version line in print_pdf_dompdf.module.
Details about changes:
Comment #3
hargobindRemoved the change in the previous patch to "Auto-configure the PDF tool settings" in (print_pdf.admin.inc). I hadn't realized that it was also tied to the "tool_dirs" setting in
hook_pdf_tool_info()
. (I thought it was mainly referring to dompdf 6.x's use of "dompdf_config.inc.php".)Comment #4
jcnventura CreditAttribution: jcnventura at Wunder commentedDon't break the module for users of obsolete versions. This module will not get a 7.x-3.x release, and removing support for those versions is a major BC break.
Comment #5
hargobindGood point. I hadn't considered breaking changes.
Having the minimum version will display an error in the Status Report for older versions and will encourage users to update. But do you think that's enough, or should there be a separate/more specific warning telling users that Dompdf prior to 8.2 is at-risk because of PHP 7.0 and lower reaching EOL?
Changes in this patch:
README.txt
-- Includes a note about upgrading from Dompdf <= 0.6 to >= 0.7, and a link to "Securing your installation".print_pdf_dompdf.admin.inc
-- Includes a note that the Unicode Mode option is unnecessary in 0.7+ since unicode is always enabled.print_pdf_dompdf.module
-- Minimum version added.Comment #6
hargobindReadding the "Suggested version" paragraph in README.txt since users may not otherwise know the min version until they install the module and look at the Status Report.
Comment #7
jcnventura CreditAttribution: jcnventura at 1xINTERNET commentedComment #9
jcnventura CreditAttribution: jcnventura at 1xINTERNET commentedThanks!