Security vulnerability in jspdf dependency

[stephen-risk-first]

An issue has been reported in jspdf: GHSA-f8cm-6447-x5h2

This can be resolved by upgrading the version of the jspdf dependency to 4.0.0, which reportedly includes no other breaking changes other than the changes made to fix the vulnerability.

[FeBe95]

Relevant PR by @dependabot:

• build(deps): bump jspdf from 3.0.3 to 4.0.0 #868

[MatthewBunker]

Do we have a idea of when this dependency change will be made @FeBe95 @stephen-risk-first @eKoopmans?

[eKoopmans]

Just checking the jspdf update now, will merge soon.

[eKoopmans]

Also worth pointing out - the reported vulnerability only affects the node.js builds of jspdf, which are not used by html2pdf.js, so it should be safe on current versions. But I will update regardless.

[eKoopmans]

Okay, jspdf is updated in v0.13.0.