Bump Newtonsoft.Json and itext7

[dependabot]

Bumps Newtonsoft.Json and itext7. These dependencies needed to be updated together.
Updates Newtonsoft.Json from 13.0.3 to 13.0.1

Commits

• ae9fe44 Remove compiler package and update sourcelink (#2498)
• 8ef6621 Remove prerelease for 13.0.1
• 11331f5 Update SDK to 5.0.200 (#2495)
• c7e8abc Update to 13.0.1-beta2
• 1745d7c Fix JTokenWriter when writing comment to an object (#2493)
• 583eb12 Fix missing error when deserializing JToken with a contract type mismatch (#2...
• b6dc05b Change MaxDepth default to 64 (#2473)
• 15525f1 Fix JsonWriter.WriteToken to allow null with string token (#2472)
• 926d2f0 Enable embed untracked sources (#2471)
• 0a56633 Fixes #2372 - variable typos (#2465)
• Additional commits viewable in compare view

Updates itext7 from 8.0.4 to 9.0.0

Release notes

Sourced from itext7's releases.

iText Core/Community 9.0.0

For this Q4 release, we’re pleased to announce a new major version of iText. iText Core version 9.0 introduces significant new features, support for new specifications, and revised APIs to delight developers.

We’ve added support for the ISO/TS 320003 and 320004 standards, enabling even more secure PDF documents. Also on the list is the finalized digital signature validation module, along with a new API to easily get layers used in a page, and improved PDF/UA signing.

NOTE: Since iText 9.0 is a major release version, it naturally means a break in compatibility with iText 8. As the developers among you will appreciate, this is necessary to make quality-of-life improvements and reduce our technical debt.

However, thanks to the solid foundations laid with iText 7 and 8 there are few major API differences in iText 9. The iText Knowledge Base has extensive documentation on the breaking changes to ease the migration of existing projects from earlier versions.

New ISO Standards Support

First and foremost, iText Core version 9.0 incorporates support for the very latest ISO PDF document security standards. ISO/TS 32003 adds AES-GCM encryption to the PDF 2.0 specification, allowing documents to be protected with high-performance, yet extremely secure encryption.

ISO/TS 32004 introduces an integrity protection mechanism for encrypted PDFs, using a Message Authentication Code (MAC) to ensure authenticity. To fully understand what this means for securing PDF documents, we highly recommend reading two great articles on the PDF Association site: ISO 32004: an overview and the follow-up MACs vs. signatures in PDF which go into detail on this subject.

Digital Signature Validation Module

On the subject of PDF digital signatures, we’re also proud to present the finalized version of our dedicated validation module. This forms an integral piece of iText’s enhanced digital signing capabilities introduced with iText 8.

The aim is to provide simpler, more extensive API methods to not just sign PDF documents, but also validate the digital signatures within them – whether iText created them or not. Since you can validate multiple document revisions as well as certificate chains, iText can now be your Swiss Army knife for digital signatures, as well as PDF creation and manipulation.

This release enables you to only validate a single signature in a document, as opposed to all signatures. In addition, the signature validator will now work for encrypted documents.

API Improvements

There are also major refinements to iText’s API. These include streamlining PDF/A and PDF/UA creation and conformance to simplify the process. We’ve also developed a new API to identify the layers used in a page. This will help to find which Optional Content Groups (OCGs) belong to which page in a document.

Signing of PDF/UA documents has been improved. When creating a signature form field iText will now take into account if an alternative description is set in the accessibility properties of the signature appearance. Additionally, if you forget to set a font for the signature appearance this will now result in a conformance exception, rather than a property error.

Further improvements have been made to the rebuilding of invalid cross-reference (xref) tables in corrupt documents. When iText encounters and resolves such errors in non-strict mode, specific information on the cause will now be provided.

Adding to the recent addition of RSASSA-PSS encryption support for .NET, this release now allows it to be supported in FIPS mode.

Along with that is improved font selection and general handling, performance enhancements, and much more. iText has a reputation amongst Java and .NET developers for its speed and ease of use, and we’re ensuring that remains the case in the future.

Make sure to check out the Breaking Changes if you’re migrating from a previous version of iText.

Pull Requests

Once again, we’d like to thank Matthias Valvekens for another pull request submission. This relates to Unicode, and adds support for platform 0 encoding 3 in the Truetype and OpenType character map table. This is used in some fonts shipped with macOS, among other places.

Bug Fixes and Miscellaneous

For content extraction, we fixed a bug in the RegexBasedLocationExtractionStrategy API (Java/.NET) . It now produces better results by default when processing multiple pages.

We fixed an edge-case bug in Certificate Revocation List validation. When a CRL response existed, but its issuer was neither trusted, nor self-signed, it could result in a stack overflow error.

In addition, a fix was made to SVG rendering to honor dy attributes in parent text attributes.

Other Stuff

... (truncated)

Commits

• 99dacf9 [RELEASE] iText 9.0.0
• 5e6f04c [RELEASE] 9.0.0
• 52792d5 Make 'floatMultiplier' in ClipperBridge non-static configuration
• 2b2ca05 Move all logic from PdfA/UaDocuments to pluggalbe mechanisms into PdfDocument
• a7c25b0 Support encrypted documents in SignatureValidator
• 58de35d Support MAC integrity protection for different signing modes
• 25f51c2 Timestamp reference files for supporting MAC integrity protection for differe...
• 2ededc9 Add missing javadocs
• 3e7b63a Refactor com.itextpdf.kernel.events mechanism
• 74fd7e5 Fix cyclic references handling in struct tree parent
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.