[Snyk] Upgrade pdfjs-dist from 4.0.269 to 4.5.136

[npanchal108]

Snyk has created this PR to upgrade pdfjs-dist from 4.0.269 to 4.5.136.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Arbitrary Code Injection SNYK-JS-PDFJSDIST-6810403	761	Proof of Concept

Release notes

Package name: pdfjs-dist

• 4.5.136 - 2024-07-27
  

  This release contains improvements for the annotation editor, font rendering, image rendering and the viewer.

  Changes since v4.4.168

  • Bump the stable version in pdfjs.config by @ timvandermeij in #18359
  • [Editor] Take into account the page translation when computing the quadpoints when saving an highlight by @ calixteman in #18361
  • [api-minor][Editor] When switching to editing mode, redraw pages containing editable annotations (bug 1883884) by @ calixteman in #18134
  • Bump library version to 4.5 by @ calixteman in #18365
  • [Editor] Make sure everything is cleaned up when we switch to annotation editor mode by @ calixteman in #18366
  • [api-minor] Remove the deprecated renderTextLayer and updateTextLayer functions (PR 18104 follow-up) by @ Snuffleupagus in #18349
  • Use vertical variant of a char when it's in a missing vertical font (bug 1905623) by @ calixteman in #18369
  • [Firefox] Generate a PDF.js default-prefs file that can be used directly in mozilla-central (bug 1905864) by @ Snuffleupagus in #15209
  • Update dependencies and translations to the most recent versions by @ timvandermeij in #18367
  • Make sure the editor is visible before getting its rect by @ calixteman in #18374
  • Fix the integration tests related to printing by @ calixteman in #18383
  • [Editor] Remove the option enableStamp by @ calixteman in #18389
  • Move the internal API/Worker isEditing-state into RenderingIntentFlag by @ Snuffleupagus in #18387
  • Remove the renderForms parameter from the Annotation getOperatorList methods by @ Snuffleupagus in #18394
  • Check the relevant parameters inside of the mustBeViewedWhenEditing method by @ Snuffleupagus in #18393
  • [Editor] Avoid to query ML engine several times for the same image by @ calixteman in #18380
  • Allow to change the toolbar height when changing the pref toolbar.density in Firefox (bug 1171799) by @ calixteman in #18397
  • Fix the "must check that charLimit is correctly set" scripting integration test by @ timvandermeij in #18399
  • [Editor] Change the enableML pref for enableAltText (bug 1905923) by @ calixteman in #18398
  • Fix orphaned browser processes due to uncaught exceptions in the tests by @ timvandermeij in #18401
  • Move the "updatedPreference" event listener registration by @ Snuffleupagus in #18402
  • Fix the "caches image resources at the document/page level as expected (issue 11878)" unit test by @ timvandermeij in #18404
  • Handle toUnicode cMaps that omit leading zeros in hex encoded UTF-16 (issue 18099) by @ alexcat3 in #18390
  • Introduce a waitForScripting helper function and use it in all scripting integration tests by @ timvandermeij in #18405
  • Use BiDi protocol for Chrome tests by @ calixteman in #17962
  • Re-factor BasePreferences to essentially be a wrapper around AppOptions by @ Snuffleupagus in #18413
  • [Editor] Wait for 'pagerendered' to switch to editing mode by @ calixteman in #18418
  • Fix ensureMinFontSizeComputed calculation if <body> is a flex container by @ razh in #18416
  • Allow e.g. /FitH destinations without additional parameter (bug 1907000) by @ Snuffleupagus in #18421
  • Also update the width/unicode data when replacing missing glyphs in non-embedded Type1 fonts (issue 18059) by @ Snuffleupagus in #18412
  • [Editor] Update the freetext annotation dictionary instead of creating a new one when updating an existing freetext by @ calixteman in #18419
  • Create absolute filter-URLs when needed in DOMFilterFactory (issue 18406) by @ Snuffleupagus in #18417
  • Remove the remaining zoomDisabledTimeout usage (issue 17727) by @ Snuffleupagus in #18423
  • [Editor] Make editor toolbars usable whatever their z-index (bug 1879104) by @ calixteman in #18425
  • [Editor] Disable existing highlights when drawing a new one (bug 1879035) by @ calixteman in #18424
  • Update dependencies to the most recent versions and update the JS/CSS files for the new Prettier/Stylelint versions by @ timvandermeij in #18432
  • Disable network connections to Contile for the tests by @ timvandermeij in #18433
  • Remove obsolete pdfjs-dist code from the Gulpfile by @ timvandermeij in #18434
  • [Editor] Add an option to use the new 'add an image' flow (bug 1907207) by @ calixteman in #18429
  • Fix DOMFilterFactory.#createUrl in MOZCENTRAL builds (18417 PR follow-up) by @ Snuffleupagus in #18430
  • [Editor] When in non-editing mode, add a new editor only once the editing mode has switched by @ calixteman in #18440
  • [api-minor] Remove Outliner from the official API by @ Snuffleupagus in #18441
  • Remove active smask when restoring the initial canvas state by @ calixteman in #18445
  • Add the possibility to change some pdfjs preferences from the viewer (bug 1908483) by @ calixteman in #18449
  • Allow /XYZ destinations without zoom parameter (issue 18408) by @ Snuffleupagus in #18453
  • Include additional data when fetching browser preferences in the PDF Viewer (bug 1908401) by @ Snuffleupagus in #18448
  • [Editor] Allow to change a preference from the editor UI manager by @ calixteman in #18454
  • Load the image-to-text model when opening the pdf viewer in Firefox (bug 1908938) by @ calixteman in #18461
  • Reduce a tiny bit of duplication in PDFViewerApplication.setTitleUsingUrl by @ Snuffleupagus in #18464
  • Re-factor the code to remove all uses of PDFViewerApplication.downloadComplete by @ Snuffleupagus in #18463
  • Add more validation when setting AppOptions (PR 18413 follow-up) by @ Snuffleupagus in #18450
  • Move the Preferences initialization as early as possible by @ Snuffleupagus in #18470
  • Introduce some Map-usage in the AppOptions by @ Snuffleupagus in #18469
  • Add a pref containing the url for the sumo page about alt text (bug 1909097) by @ calixteman in #18471
  • Disable system fonts on Android (issue 18210) by @ Snuffleupagus in #18465
  • Add the possibility to delete a model (bug 1908939) by @ calixteman in #18472
  • Fallback on DeviceGray when a colorspace cannot be parsed by @ calixteman in #18468
  • Remove the unused AppOptions.remove method by @ Snuffleupagus in #18475
  • Use a transparent color when setting fill/stroke colors in a pattern context but with no colorspace by @ calixteman in #18467
  • Re-factor how the "docBaseUrl" API-option is set in the viewer by @ Snuffleupagus in #18476
  • Add better support for AppOptions with multiple types (PR 18465 follow-up) by @ Snuffleupagus in #18480
  • Add a pref to know if the alt-text must be automatically generated (bug 1909310) by @ calixteman in #18484
  • Remove the streamqueue dependency by @ timvandermeij in #18483
  • Replace the GENERIC-only "locale" with "localeProperties" in AppOptions by @ Snuffleupagus in #18486
  • [Editor] Correctly save a non-ascii alt text by @ calixteman in #18493
  • Consistently dispatch events, if needed, when setting AppOptions by @ Snuffleupagus in #18495
• 4.4.168 - 2024-07-01
  

  This release contains improvements for annotations, annotation editing, font conversion, image decoding, performance, scripting, text selection, test/release infrastructure and the viewer.

  Changes since v4.3.136

  • Bump the stable version in pdfjs.config by @ timvandermeij in #18182
  • Update dependencies and translations to the most recent versions by @ timvandermeij in #18183
  • [api-minor] Simplify how the list of points are structured by @ calixteman in #18163
  • Bump library version to 4.4 by @ calixteman in #18192
  • Disconnect the resize observer and remove scroll listener when unbinding window events by @ calixteman in #18193
  • Switch to page-scrolling mode when the pdf has more than 10000 pages (bug 1895050) by @ calixteman in #18189
  • Upgrade gulp to version 5.0.0 by @ timvandermeij in #18197
  • Decompress when it's possible images in using DecompressionStream by @ calixteman in #18167
  • Fix decoding of JPX images having an alpha channel by @ calixteman in #18204
  • Change openjpeg.js license from Apache 2 to BSD 2-clause by @ calixteman in #18205
  • Change DownloadManager.download to use Uint8Array-data by @ Snuffleupagus in #18216
  • Inline the #finishRendering helper in TextLayerBuilder.prototype.render by @ Snuffleupagus in #18217
  • [Editor] Support dragging & dropping images on a pdf (bug 1900907) by @ calixteman in #18214
  • Update our OpenJPEG decoder in order to fix a malloc failure due to big image (bug 1901253) by @ calixteman in #18219
  • Don't display annotations with a PMD (barcode stuff) entry (bug 1899804) by @ calixteman in #18228
  • Update dependencies and translations to the most recent versions by @ timvandermeij in #18231
  • Add an option to enable/disable hardware acceleration (bug 1902012) by @ calixteman in #18238
  • Remove the DownloadManager.downloadUrl method by @ Snuffleupagus in #18236
  • Display a wait cursor when saving by @ calixteman in #18243
  • Fix an query with an empty selector in integration tests by @ calixteman in #18246
  • Improve how the wait-cursor is toggled when copying all text by @ Snuffleupagus in #18244
  • Improve date parsing in the js sandbox by @ calixteman in #18234
  • Don't recommend installing gulp-cli globally in the README and on the website by @ timvandermeij in #18247
  • Replace Wintersmith with Metalsmith by @ timvandermeij in #18248
  • Include the generated API documentation directly on the API page by @ timvandermeij in #18251
  • Improve some old code in the src/display/api.js file by @ Snuffleupagus in #18250
  • Compute correctly the unitsPerEm value from the fontMatrix when converting a font (bug 1539074) by @ calixteman in