• OpenPDF 3.0.0 uses the new package name org.openpdf. The old com.lowagie is now removed from OpenPDF 3.0. This means that source code using OpenPDF must be migrated to use import statements using org.openpdf.* package.

• PDF 2.0 support in OpenPDF – This is a breaking API change:
  All version-related methods now use String instead of char as method parameters. See PdfVersion.java and PdfWriter.java. The default version is now PDF 2.0.

  About PDF 2.0:
  PDF 2.0 is the latest official version of the Portable Document Format, standardized as ISO 32000-2:2020.
  It was first published by the International Organization for Standardization (ISO) in July 2017, with a revised edition in December 2020.
  PDF 2.0 introduces improved color management, tagged PDF enhancements, advanced encryption options, and clarifies many ambiguous parts of the PDF 1.x specifications.

  📄 Read the PDF 2.0 (ISO 32000-2:2020) specification

• Added HtmlToPdfBatchUtils and PdfBatchUtils, new batch utilities built on Java 21 virtual threads. These APIs improve throughput for HTML→PDF rendering and common PDF tasks such as merge, split, watermark, and encrypt.

• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 by @dependabot[bot] in https://github.com/LibrePDF/OpenPDF/pull/1404
• Remove openpdf-core-legacy module by @andreasrosdal in https://github.com/LibrePDF/OpenPDF/pull/1406
• Rename openpdf-core by @andreasrosdal in https://github.com/LibrePDF/OpenPDF/pull/1407
• Initial PDF 2.0 support by @andreasrosdal in https://github.com/LibrePDF/OpenPDF/pull/1408
• PDF 2.0 tests by @andreasrosdal in https://github.com/LibrePDF/OpenPDF/pull/1409
• PDF 2.0 tests by @andreasrosdal in https://github.com/LibrePDF/OpenPDF/pull/1410
• Bump org.jetbrains.kotlin:kotlin-stdlib from 2.2.0 to 2.2.10 by @dependabot[bot] in https://github.com/LibrePDF/OpenPDF/pull/1412
• Bump org.jetbrains.kotlin:kotlin-maven-plugin from 2.2.0 to 2.2.10 by @dependabot[bot] in https://github.com/LibrePDF/OpenPDF/pull/1413
• Delete RtfElementInterface by @andreasrosdal in https://github.com/LibrePDF/OpenPDF/pull/1414

Full Changelog: https://github.com/LibrePDF/OpenPDF/compare/2.4.0...3.0.0

Release note 1.3.8:

1. 添加限制，server api发送消息，限制消息体不能大于64KB。
2. 添加配置敏感词是否过滤用户信息群组信息昵称等。
3. 配置文件可以设置不允许使用的用户名字群组名称群名片等。
4. server api发送消息添加参数，可以以用户权限发送消息。
5. server api添加群备注和收藏群组接口。

附件的版本有3种格式，分别是Java通用版本、Deb格式安装包和Rpm格式安装包包，可以根据平台或者自己的习惯下载其中一种软件包。另外在Github也可以下载。也可以下载我们网站上的最新版本，通用Java包，deb格式安装包和rpm格式安装包。 *** 0.42 版本增加了群成员数限制，默认为2000。如果您想修改默认值，可以在升级版本之后，修改t_setting表，把默认的大小改为您期望的。另外修改t_group表，把已经存在的群组max_member_count改成您期望的，然后重启。*** *** 0.46和0.47版本升级到0.48及以后版本时，可能会提示flyway migrate 38错误，请执行 修复脚本 进行修复。0.46和0.47版本之外的版本不会出现此问题。*** *** 0.50版本添加了是否允许客户端发送群操作通知的配置。如果您在客户端自定义群通知，需要在服务器端配置允许，没有使用自定义群操作通知的不受影响。*** *** 从0.54之前版本升级到0.54及以后版本时，会提示flyway migrate错误。因为0.54版本删除了sql脚本中默认敏感词的内容，flyway checksum失败。请执行update flyway_schema_history set checksum = 0 where script = 'V17__add_default_sensitive_word.sql';来修复。*** *** 从0.59之前的版本升级到之后的版本执行数据库升级时间比较长，请耐心等待提示运行成功，避免中途中断。 *** *** 0.62/0.63 版本有严重的问题，请使用0.64及以后版本，或者0.61版。 *** *** 从0.68 版本起添加了pc在线是否默认手机接收推送的开关，默认为开，与以前版本作用相反，请注意兼容（可以关掉与之前保持一致或者升级客户端） *** *** 从0.78 版本起把MySQL数据库中关键字都改为大小写敏感，另外生成id的方法也做了改变，只生成小写的id，避免出现id重复的问题，建议所有客户都升级 *** *** 从0.79 版本起把log4j升级到log4j2，因为log4j已经不再维护而且还有已知的漏洞，建议所有客户都升级，升级时注意更新log4j2的配置文件 *** *** 0.97版本更改了启动脚本wildfirechat.sh，如果是升级服务，请注意更新启动脚本。*** *** 1.3.8版本添加了server api发送消息的限制，限制消息体最大内容不能超过64KB，如果升级请注意业务系统发送消息大小。***

请参考附件的 release_note.md

• 5f276f0: [dotnet][rb][java][js][py] Automated Browser Version Update (#16190) (Selenium CI Bot) #16190

• d00c0a2: [rust] Update Rust dependencies to latest stable versions (Boni Garcia)
• 2e613ae: [rust] Update versions in browser download test (Boni Garcia)
• f9883e3: [rust] Use DEBUG level for WARN traces in offline mode (#15836) (Boni Garcia)
• 706495a: [py] Update docstring and comments in keys.py (#16187) (iDONi) #16187
• 61b10bc: [dotnet] [bidi] Simplify type naming of internal command parameters (#16188) (Nikolay Borisenko) #16188
• ae953fc: [py] Fix formatting (#16189) (Corey Goldberg) #16189
• e2bffeb: [dotnet] [bidi] Support WebExtension module (#15850) (Nikolay Borisenko) #15850
• 14ce3ac: [dotnet] [bidi] Propagate BiDiOptions in Connect method (Nikolay Borisenko)
• 304466e: [dotnet] [bidi] Pass the bidi options from main entry point (Nikolay Borisenko)

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.534...7.20.0-rc.535

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.533...7.20.0-rc.534

• db884e5: Update mirror info (Thu Aug 14 00:23:34 UTC 2025) (Selenium CI Bot)
• 5e512bd: [py][docs]: update dead API docs link to API reference in index.rst (#16170) (Navin Chandra) #16170
• 7881635: [dotnet][rb][java][js][py] Automated Browser Version Update (#16175) (Selenium CI Bot) #16175
• 830bc8f: Update hash of SM Windows binary (signed with EV token and manually updated in the repo) (Boni Garcia)
• 3fa33b7: Generating docs even if it is nightly (Diego Molina)
• 31e927e: Updating Rakefile to allow task receive args (Diego Molina)
• 992c1cd: [grid] close the HttpClient after the session is gone (Jörg Sautter) #16182
• 38d5d1a: Fixing workflow to update docs after release. (Diego Molina)

This patch release:

• Adds a new Maven BOM! This is useful for multi-module projects. See Issue 967.

• Allows the JwtParserBuilder to have empty nested algorithm collections, effectively disabling the parser's associated feature:

  • Emptying the zip() nested collection disables JWT decompression.
  • Emptying the sig() nested collection disables JWS mac/signature verification (i.e. all JWSs will be unsupported/rejected).
  • Emptying either the enc() or key() nested collections disables JWE decryption (i.e. all JWEs will be unsupported/rejected)

  See Issue 996.

• Fixes bug 961 where JwtParserBuilder nested collection builders were not correctly replacing algorithms with the same id.

• Ensures a JwkSet's keys collection is no longer entirely secret/redacted by default. This was an overzealous default that was unnecessarily restrictive; the keys collection itself should always be public, and each individual key within should determine which fields should be redacted when printed. See Issue 976.

• Improves performance slightly by ensuring all jjwt-api utility methods that create *Builder instances (Jwts.builder(), Jwts.parserBuilder(), Jwks.builder(), etc) no longer use reflection.

  Instead,static factories are created via reflection only once during initial jjwt-api classloading, and then *Builders are created via standard instantiation using the new operator thereafter. This also benefits certain environments that may not have ideal ClassLoader implementations (e.g. Tomcat in some cases).

  NOTE: because this changes which classes are loaded via reflection, any environments that must explicitly reference reflective class names (e.g. GraalVM applications) will need to be updated to reflect the new factory class names.

  See Issue 988.

• Upgrades the Gson dependency to 2.11.0

• Upgrades the BouncyCastle dependency to 1.78.1

• @sigpwned made their first contribution in https://github.com/jwtk/jjwt/pull/968
• @TheMrMilchmann made their first contribution in https://github.com/jwtk/jjwt/pull/979
• @atanasg made their first contribution in https://github.com/jwtk/jjwt/pull/974

Full Changelog: https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.532...7.20.0-rc.533

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.531...7.20.0-rc.532