fix docker merge

use libreoffice for pdfa
Homepage hotfix (#2894 )
2025-02-07 12:55:39 +00:00 · 2025-02-06 15:55:22 +00:00 · 2025-02-06 10:38:14 +00:00 · 2025-02-04 21:04:49 +00:00 · 2025-02-04 21:01:41 +00:00 · 2025-02-04 20:58:06 +00:00
242 changed files with 19890 additions and 14323 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,2 +1,2 @@
 # All PRs to V1 must be approved by Frooodle
-* @Frooodle @reecebrowne @Ludy87 @DarioGii
+* @Frooodle @reecebrowne @Ludy87 @DarioGii @ConnorYoh
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,15 +1,34 @@
-# Description
+# Description of Changes
-Please provide a summary of the changes, including relevant motivation and context.
+Please provide a summary of the changes, including:
 - What was changed
 - Why the change was made
 - Any challenges encountered
 Closes #(issue_number)
 ---
 ## Checklist
 ### General
 - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
 - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable)
 - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable)
 - [ ] I have performed a self-review of my own code
 - [ ] I have attached images of the change if it is UI based
 - [ ] I have commented my code, particularly in hard-to-understand areas
 - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
 - [ ] My changes generate no new warnings
 ### Documentation
 - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed)
 - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
 ### UI Changes (if applicable)
 - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR)
 ### Testing (if applicable)
 - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details.
--- a/.github/release.yml
+++ b/.github/release.yml
@@ -1,10 +1,4 @@
 changelog:
  exclude:
    labels:
      - Documentation
      - Test
      - Github
  categories:
    - title: Bug Fixes
      labels:
--- a/.github/scripts/check_duplicates.py
+++ b/.github/scripts/check_duplicates.py
@@ -1,51 +0,0 @@
 import sys
 def find_duplicate_keys(file_path):
    """
    Finds duplicate keys in a properties file and returns their occurrences.
    This function reads a properties file, identifies any keys that occur more than
    once, and returns a dictionary with these keys and the line numbers of their occurrences.
    Parameters:
    file_path (str): The path to the properties file to be checked.
    Returns:
    dict: A dictionary where each key is a duplicated key in the file, and the value is a list
          of line numbers where the key occurs.
    """
    with open(file_path, "r", encoding="utf-8") as file:
        lines = file.readlines()
    keys = {}
    duplicates = {}
    for line_number, line in enumerate(lines, start=1):
        line = line.strip()
        if line and not line.startswith("#") and "=" in line:
            key = line.split("=", 1)[0].strip()
            if key in keys:
                # If the key already exists, add the current line number
                duplicates.setdefault(key, []).append(line_number)
                # Also add the first instance of the key if not already done
                if keys[key] not in duplicates[key]:
                    duplicates[key].insert(0, keys[key])
            else:
                # Store the line number of the first instance of the key
                keys[key] = line_number
    return duplicates
 if __name__ == "__main__":
    failed = False
    for ar in sys.argv[1:]:
        duplicates = find_duplicate_keys(ar)
        if duplicates:
            for key, lines in duplicates.items():
                lines_str = ", ".join(map(str, lines))
                print(f"{key} duplicated in {ar} on lines {lines_str}")
                failed = True
    if failed:
        sys.exit(1)
--- a/.github/scripts/check_language_properties.py
+++ b/.github/scripts/check_language_properties.py
@@ -11,6 +11,8 @@ adjusting the format.
 Usage:
    python check_language_properties.py --reference-file <path_to_reference_file> --branch <branch_name> [--actor <actor_name>] [--files <list_of_changed_files>]
 """
 # Sample for Windows:
 # python .github/scripts/check_language_properties.py --reference-file src\main\resources\messages_en_GB.properties --branch "" --files src\main\resources\messages_de_DE.properties src\main\resources\messages_uk_UA.properties
 import copy
 import glob
@@ -19,25 +21,60 @@ import argparse
 import re
 def find_duplicate_keys(file_path):
    """
    Identifies duplicate keys in a .properties file.
    :param file_path: Path to the .properties file.
    :return: List of tuples (key, first_occurrence_line, duplicate_line).
    """
    keys = {}
    duplicates = []
    with open(file_path, "r", encoding="utf-8") as file:
        for line_number, line in enumerate(file, start=1):
            stripped_line = line.strip()
            # Skip empty lines and comments
            if not stripped_line or stripped_line.startswith("#"):
                continue
            # Split the line into key and value
            if "=" in stripped_line:
                key, _ = stripped_line.split("=", 1)
                key = key.strip()
                # Check if the key already exists
                if key in keys:
                    duplicates.append((key, keys[key], line_number))
                else:
                    keys[key] = line_number
    return duplicates
 # Maximum size for properties files (e.g., 200 KB)
 MAX_FILE_SIZE = 200 * 1024
 def parse_properties_file(file_path):
-    """Parses a .properties file and returns a list of objects (including comments, empty lines, and line numbers)."""
+    """
    Parses a .properties file and returns a structured list of its contents.
    :param file_path: Path to the .properties file.
    :return: List of dictionaries representing each line in the file.
    """
    properties_list = []
    with open(file_path, "r", encoding="utf-8") as file:
        for line_number, line in enumerate(file, start=1):
            stripped_line = line.strip()
-            # Empty lines
+            # Handle empty lines
            if not stripped_line:
                properties_list.append(
                    {"line_number": line_number, "type": "empty", "content": ""}
                )
                continue
-            # Comments
+            # Handle comments
            if stripped_line.startswith("#"):
                properties_list.append(
                    {
@@ -48,7 +85,7 @@ def parse_properties_file(file_path):
                )
                continue
-            # Key-value pairs
+            # Handle key-value pairs
            match = re.match(r"^([^=]+)=(.*)$", line)
            if match:
                key, value = match.groups()
@@ -65,9 +102,14 @@ def parse_properties_file(file_path):
 def write_json_file(file_path, updated_properties):
    """
    Writes updated properties back to the file in their original format.
    :param file_path: Path to the .properties file.
    :param updated_properties: List of updated properties to write.
    """
    updated_lines = {entry["line_number"]: entry for entry in updated_properties}
-    # Sort by line numbers and retain comments and empty lines
+    # Sort lines by their numbers and retain comments and empty lines
    all_lines = sorted(set(updated_lines.keys()))
    original_format = []
@@ -86,8 +128,8 @@ def write_json_file(file_path, updated_properties):
            # Replace entries with those from the current JSON
            original_format.append(entry)
-    # Write back in the original format
+    # Write the updated content back to the file
-    with open(file_path, "w", encoding="utf-8") as file:
+    with open(file_path, "w", encoding="utf-8", newline="\n") as file:
        for entry in original_format:
            if entry["type"] == "comment":
                file.write(f"{entry['content']}\n")
@@ -98,6 +140,12 @@ def write_json_file(file_path, updated_properties):
 def update_missing_keys(reference_file, file_list, branch=""):
    """
    Updates missing keys in the translation files based on the reference file.
    :param reference_file: Path to the reference .properties file.
    :param file_list: List of translation files to update.
    :param branch: Branch where the files are located.
    """
    reference_properties = parse_properties_file(reference_file)
    for file_path in file_list:
        basename_current_file = os.path.basename(os.path.join(branch, file_path))
@@ -164,8 +212,14 @@ def check_for_differences(reference_file, file_list, branch, actor):
        basename_current_file = os.path.basename(os.path.join(branch, file_path))
        if (
            basename_current_file == basename_reference_file
-            or not file_path.startswith(
+            or (
-                os.path.join("src", "main", "resources", "messages_")
+                # only local windows command
                not file_path.startswith(
                    os.path.join("", "src", "main", "resources", "messages_")
                )
                and not file_path.startswith(
                    os.path.join(os.getcwd(), "src", "main", "resources", "messages_")
                )
            )
            or not file_path.endswith(".properties")
            or not basename_current_file.startswith("messages_")
@@ -237,6 +291,24 @@ def check_for_differences(reference_file, file_list, branch, actor):
                )
        else:
            report.append("2. **Test Status:** ✅ **_Passed_**")
        if find_duplicate_keys(os.path.join(branch, file_path)):
            has_differences = True
            output = "\n".join(
                [
                    f"      - `{key}`: first at line {first}, duplicate at `line {duplicate}`"
                    for key, first, duplicate in find_duplicate_keys(
                        os.path.join(branch, file_path)
                    )
                ]
            )
            report.append("3. **Test Status:** ❌ **_Failed_**")
            report.append("  - **Issue:**")
            report.append("    - duplicate entries were found:")
            report.append(output)
        else:
            report.append("3. **Test Status:** ✅ **_Passed_**")
        report.append("")
        report.append("---")
        report.append("")
@@ -275,6 +347,12 @@ if __name__ == "__main__":
        required=True,
        help="Branch name.",
    )
    parser.add_argument(
        "--check-file",
        type=str,
        required=False,
        help="List of changed files, separated by spaces.",
    )
    parser.add_argument(
        "--files",
        nargs="+",
@@ -293,11 +371,14 @@ if __name__ == "__main__":
    file_list = args.files
    if file_list is None:
-        file_list = glob.glob(
+        if args.check_file:
-            os.path.join(
+            file_list = [args.check_file]
-                os.getcwd(), "src", "main", "resources", "messages_*.properties"
+        else:
            file_list = glob.glob(
                os.path.join(
                    os.getcwd(), "src", "main", "resources", "messages_*.properties"
                )
            )
        )
        update_missing_keys(args.reference_file, file_list)
    else:
        check_for_differences(args.reference_file, file_list, args.branch, args.actor)
--- a/.github/scripts/check_tabulator.py
+++ b/.github/scripts/check_tabulator.py
@@ -1,85 +0,0 @@
 """check_tabulator.py"""
 import argparse
 import sys
 def check_tabs(file_path):
    """
    Checks for tabs in the specified file.
    Args:
        file_path (str): The path to the file to be checked.
    Returns:
        bool: True if tabs are found, False otherwise.
    """
    with open(file_path, "r", encoding="utf-8") as file:
        content = file.read()
    if "\t" in content:
        print(f"Tab found in {file_path}")
        return True
    return False
 def replace_tabs_with_spaces(file_path, replace_with="  "):
    """
    Replaces tabs with a specified number of spaces in the file.
    Args:
        file_path (str): The path to the file where tabs will be replaced.
        replace_with (str): The character(s) to replace tabs with. Defaults to two spaces.
    """
    with open(file_path, "r", encoding="utf-8") as file:
        content = file.read()
    updated_content = content.replace("\t", replace_with)
    with open(file_path, "w", encoding="utf-8") as file:
        file.write(updated_content)
 def main():
    """
    Main function to replace tabs with spaces in the provided files.
    The replacement character and files to check are taken from command line arguments.
    """
    # Create ArgumentParser instance
    parser = argparse.ArgumentParser(
        description="Replace tabs in files with specified characters."
    )
    # Define optional argument `--replace_with`
    parser.add_argument(
        "--replace_with",
        default="  ",
        help="Character(s) to replace tabs with. Default is two spaces.",
    )
    # Define argument for file paths
    parser.add_argument("files", metavar="FILE", nargs="+", help="Files to process.")
    # Parse arguments
    args = parser.parse_args()
    # Extract replacement characters and files from the parsed arguments
    replace_with = args.replace_with
    files_checked = args.files
    error = False
    for file_path in files_checked:
        if check_tabs(file_path):
            replace_tabs_with_spaces(file_path, replace_with)
            error = True
    if error:
        print("Error: Originally found tabs in HTML files, now replaced.")
        sys.exit(1)
    sys.exit(0)
 if __name__ == "__main__":
    main()
--- a/.github/scripts/requirements_pre_commit.in
+++ b/.github/scripts/requirements_pre_commit.in
@@ -0,0 +1 @@
 pre-commit
--- a/.github/scripts/requirements_pre_commit.txt
+++ b/.github/scripts/requirements_pre_commit.txt
@@ -0,0 +1,93 @@
 #
 # This file is autogenerated by pip-compile with Python 3.10
 # by the following command:
 #
 #    pip-compile --generate-hashes --output-file='.github\scripts\requirements_pre_commit.txt' '.github\scripts\requirements_pre_commit.in'
 #
 cfgv==3.4.0 \
    --hash=sha256:b7265b1f29fd3316bfcd2b330d63d024f2bfd8bcb8b0272f8e19a504856c48f9 \
    --hash=sha256:e52591d4c5f5dead8e0f673fb16db7949d2cfb3f7da4582893288f0ded8fe560
    # via pre-commit
 distlib==0.3.9 \
    --hash=sha256:47f8c22fd27c27e25a65601af709b38e4f0a45ea4fc2e710f65755fa8caaaf87 \
    --hash=sha256:a60f20dea646b8a33f3e7772f74dc0b2d0772d2837ee1342a00645c81edf9403
    # via virtualenv
 filelock==3.16.1 \
    --hash=sha256:2082e5703d51fbf98ea75855d9d5527e33d8ff23099bec374a134febee6946b0 \
    --hash=sha256:c249fbfcd5db47e5e2d6d62198e565475ee65e4831e2561c8e313fa7eb961435
    # via virtualenv
 identify==2.6.5 \
    --hash=sha256:14181a47091eb75b337af4c23078c9d09225cd4c48929f521f3bf16b09d02566 \
    --hash=sha256:c10b33f250e5bba374fae86fb57f3adcebf1161bce7cdf92031915fd480c13bc
    # via pre-commit
 nodeenv==1.9.1 \
    --hash=sha256:6ec12890a2dab7946721edbfbcd91f3319c6ccc9aec47be7c7e6b7011ee6645f \
    --hash=sha256:ba11c9782d29c27c70ffbdda2d7415098754709be8a7056d79a737cd901155c9
    # via pre-commit
 platformdirs==4.3.6 \
    --hash=sha256:357fb2acbc885b0419afd3ce3ed34564c13c9b95c89360cd9563f73aa5e2b907 \
    --hash=sha256:73e575e1408ab8103900836b97580d5307456908a03e92031bab39e4554cc3fb
    # via virtualenv
 pre-commit==4.0.1 \
    --hash=sha256:80905ac375958c0444c65e9cebebd948b3cdb518f335a091a670a89d652139d2 \
    --hash=sha256:efde913840816312445dc98787724647c65473daefe420785f885e8ed9a06878
    # via -r .github\scripts\requirements_pre_commit.in
 pyyaml==6.0.2 \
    --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \
    --hash=sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48 \
    --hash=sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086 \
    --hash=sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e \
    --hash=sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133 \
    --hash=sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5 \
    --hash=sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484 \
    --hash=sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee \
    --hash=sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5 \
    --hash=sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68 \
    --hash=sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a \
    --hash=sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf \
    --hash=sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99 \
    --hash=sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8 \
    --hash=sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85 \
    --hash=sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19 \
    --hash=sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc \
    --hash=sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a \
    --hash=sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1 \
    --hash=sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317 \
    --hash=sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c \
    --hash=sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631 \
    --hash=sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d \
    --hash=sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652 \
    --hash=sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5 \
    --hash=sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e \
    --hash=sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b \
    --hash=sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8 \
    --hash=sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476 \
    --hash=sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706 \
    --hash=sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563 \
    --hash=sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237 \
    --hash=sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b \
    --hash=sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083 \
    --hash=sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180 \
    --hash=sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425 \
    --hash=sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e \
    --hash=sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f \
    --hash=sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725 \
    --hash=sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183 \
    --hash=sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab \
    --hash=sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774 \
    --hash=sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725 \
    --hash=sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e \
    --hash=sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5 \
    --hash=sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d \
    --hash=sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290 \
    --hash=sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44 \
    --hash=sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed \
    --hash=sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4 \
    --hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \
    --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
    --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
    # via pre-commit
 virtualenv==20.28.1 \
    --hash=sha256:412773c85d4dab0409b83ec36f7a6499e72eaf08c80e81e9576bca61831c71cb \
    --hash=sha256:5d34ab240fdb5d21549b76f9e8ff3af28252f5499fb6d6f031adac4e5a8c5329
    # via pre-commit
--- a/.github/scripts/requirements_sync_readme.in
+++ b/.github/scripts/requirements_sync_readme.in
@@ -0,0 +1 @@
 tomlkit
--- a/.github/scripts/requirements_sync_readme.txt
+++ b/.github/scripts/requirements_sync_readme.txt
@@ -0,0 +1,10 @@
 #
 # This file is autogenerated by pip-compile with Python 3.10
 # by the following command:
 #
 #    pip-compile --generate-hashes --output-file='.github\scripts\requirements_sync_readme.txt' '.github\scripts\requirements_sync_readme.in'
 #
 tomlkit==0.13.2 \
    --hash=sha256:7a974427f6e119197f670fbbbeae7bef749a6c14e793db934baefc1b5f03efde \
    --hash=sha256:fff5fe59a87295b278abd31bec92c15d9bc4a06885ab12bcea52c71119392e79
    # via -r .github\scripts\requirements_sync_readme.in
--- a/.github/workflows/PR-Demo-Comment.yml
+++ b/.github/workflows/PR-Demo-Comment.yml
@@ -27,7 +27,8 @@ jobs:
        github.event.comment.user.login == 'LaserKaspar' ||
        github.event.comment.user.login == 'sbplat' ||
        github.event.comment.user.login == 'reecebrowne' ||
-        github.event.comment.user.login == 'DarioGii'
+        github.event.comment.user.login == 'DarioGii' ||
        github.event.comment.user.login == 'ConnorYoh'
      )
    outputs:
      pr_number: ${{ steps.get-pr.outputs.pr_number }}
@@ -36,7 +37,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -81,7 +82,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -93,10 +94,10 @@ jobs:
          token: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up JDK
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
-          java-version: '17'
+          java-version: "17"
-          distribution: 'temurin'
+          distribution: "temurin"
      - name: Run Gradle Command
        run: ./gradlew clean build
@@ -119,7 +120,7 @@ jobs:
          password: ${{ secrets.DOCKER_HUB_API }}
      - name: Build and push PR-specific image
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
        with:
          context: .
          file: ./Dockerfile
--- a/.github/workflows/PR-Demo-cleanup.yml
+++ b/.github/workflows/PR-Demo-cleanup.yml
@@ -8,8 +8,8 @@ permissions:
  contents: read
 env:
-  SERVER_IP: ${{ secrets.VPS_IP }}  # Add this to your GitHub secrets
+  SERVER_IP: ${{ secrets.VPS_IP }} # Add this to your GitHub secrets
-  CLEANUP_PERFORMED: 'false'  # Add flag to track if cleanup occurred
+  CLEANUP_PERFORMED: "false" # Add flag to track if cleanup occurred
 jobs:
  cleanup:
@@ -21,7 +21,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -34,7 +34,7 @@ jobs:
      - name: Cleanup PR deployment
        id: cleanup
        run: |
-          CLEANUP_STATUS=$(ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -T ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << 'ENDSSH'
+          ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -T ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << 'ENDSSH'
            if [ -d "/stirling/PR-${{ github.event.pull_request.number }}" ]; then
              echo "Found PR directory, proceeding with cleanup..."
@@ -57,29 +57,3 @@ jobs:
              echo "NO_CLEANUP_NEEDED"
            fi
          ENDSSH
          )
          if [[ $CLEANUP_STATUS == *"PERFORMED_CLEANUP"* ]]; then
            echo "cleanup_performed=true" >> $GITHUB_OUTPUT
          else
            echo "cleanup_performed=false" >> $GITHUB_OUTPUT
          fi
      - name: Post cleanup notice to PR
        if: steps.cleanup.outputs.cleanup_performed == 'true'
        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        with:
          script: |
            const { GITHUB_REPOSITORY } = process.env;
            const [repoOwner, repoName] = GITHUB_REPOSITORY.split('/');
            const prNumber = context.issue.number;
            const commentBody = `## 🧹 Deployment Cleanup\n\n` +
                              `The test deployment for this PR has been cleaned up.`;
            await github.rest.issues.createComment({
              owner: repoOwner,
              repo: repoName,
              issue_number: prNumber,
              body: commentBody
            });
--- a/.github/workflows/auto-labeler.yml
+++ b/.github/workflows/auto-labeler.yml
@@ -13,7 +13,7 @@ jobs:
      pull-requests: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -24,7 +24,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -32,7 +32,7 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK ${{ matrix.jdk-version }}
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: ${{ matrix.jdk-version }}
          distribution: "temurin"
@@ -49,7 +49,7 @@ jobs:
      - name: Upload Test Reports
        if: always()
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          name: test-reports-jdk-${{ matrix.jdk-version }}
          path: |
@@ -58,6 +58,35 @@ jobs:
            build/reports/problems/
          retention-days: 3
  check-licence:
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 17
        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "17"
          distribution: "adopt"
      - name: check the licenses for compatibility
        run: ./gradlew clean checkLicense
      - name: FAILED - check the licenses for compatibility
        if: failure()
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          name: dependencies-without-allowed-license.json
          path: |
            build/reports/dependency-license/dependencies-without-allowed-license.json
          retention-days: 3
  docker-compose-tests:
    # if: github.event_name == 'push' && github.ref == 'refs/heads/main' ||
    #     (github.event_name == 'pull_request' &&
@@ -77,7 +106,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -85,7 +114,7 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Java 17
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "17"
          distribution: "adopt"
@@ -95,19 +124,21 @@ jobs:
      - name: Install Docker Compose
        run: |
-          sudo curl -SL "https://github.com/docker/compose/releases/download/v2.32.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+          sudo curl -SL "https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
          sudo chmod +x /usr/local/bin/docker-compose
      - name: Set up Python
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: "3.12"
          cache: 'pip' # caching pip dependencies
      - name: Pip requirements
        run: |
-           pip install --require-hashes -r ./cucumber/requirements.txt
+          pip install --require-hashes -r ./testing/cucumber/requirements.txt
      - name: Run Docker Compose Tests
        run: |
-          chmod +x ./test.sh
+          chmod +x ./testing/test_webpages.sh
-          ./test.sh
+          chmod +x ./testing/test.sh
          ./testing/test.sh
--- a/.github/workflows/check_properties.yml
+++ b/.github/workflows/check_properties.yml
@@ -18,7 +18,7 @@ jobs:
      pull-requests: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -26,7 +26,7 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Python
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: "3.12"
@@ -58,7 +58,7 @@ jobs:
        run: |
          echo "Fetching PR changed files..."
          echo "Getting list of changed files from PR..."
-          gh pr view ${{ steps.get-pr-data.outputs.pr_number }} --json files -q ".files[].path" | grep -E '^src/main/resources/messages_[a-zA-Z_]+\.properties$' > changed_files.txt # Filter only matching property files
+          gh pr view ${{ steps.get-pr-data.outputs.pr_number }} --json files -q ".files[].path" | grep -E '^src/main/resources/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}\.properties$' > changed_files.txt # Filter only matching property files
      - name: Determine reference file test
        id: determine-file
@@ -99,7 +99,7 @@ jobs:
            // Filter for relevant files based on the PR changes
            const changedFiles = files
              .map(file => file.filename)
-              .filter(file => /^src\/main\/resources\/messages_[a-zA-Z_]+\.properties$/.test(file));
+              .filter(file => /^src\/main\/resources\/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}\.properties$/.test(file));
            console.log("Changed files:", changedFiles);
--- a/.github/workflows/codeql.yml-disabled
+++ b/.github/workflows/codeql.yml-disabled
@@ -42,7 +42,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
        with:
          egress-policy: audit
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -6,7 +6,7 @@
 # PRs introducing known-vulnerable packages will be blocked from merging.
 #
 # Source repository: https://github.com/actions/dependency-review-action
-name: 'Dependency Review'
+name: "Dependency Review"
 on: [pull_request]
 permissions:
@@ -17,11 +17,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
-      - name: 'Checkout Repository'
+      - name: "Checkout Repository"
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - name: 'Dependency Review'
+      - name: "Dependency Review"
        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
--- a/.github/workflows/licenses-update.yml
+++ b/.github/workflows/licenses-update.yml
@@ -18,23 +18,39 @@ jobs:
      pull-requests: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2
        with:
          app-id: ${{ secrets.GH_APP_ID }}
          private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
      - name: Check out code
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 17
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "17"
          distribution: "adopt"
-      - uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
-      - name: Run Gradle Command
+      - name: check the licenses for compatibility
-        run: ./gradlew clean generateLicenseReport
+        run: ./gradlew clean checkLicense
      - name: FAILED - check the licenses for compatibility
        if: failure()
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          name: dependencies-without-allowed-license.json
          path: |
            build/reports/dependency-license/dependencies-without-allowed-license.json
          retention-days: 3
      - name: Move and Rename License File
        run: |
@@ -42,8 +58,8 @@ jobs:
      - name: Set up git config
        run: |
-          git config --global user.name "github-actions[bot]"
+          git config --global user.name "stirlingbot[bot]"
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          git config --global user.email "1113334+stirlingbot[bot]@users.noreply.github.com"
      - name: Run git add
        run: |
@@ -55,32 +71,22 @@ jobs:
        if: env.CHANGES_DETECTED == 'true'
        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ steps.generate-token.outputs.token }}
          commit-message: "Update 3rd Party Licenses"
-          committer: GitHub Action <action@github.com>
+          committer: "stirlingbot[bot] <1113334+stirlingbot[bot]@users.noreply.github.com>"
-          author: GitHub Action <action@github.com>
+          author: "stirlingbot[bot] <1113334+stirlingbot[bot]@users.noreply.github.com>"
          signoff: true
          branch: update-3rd-party-licenses
          title: "Update 3rd Party Licenses"
          body: |
-            Auto-generated by [create-pull-request][1]
+            Auto-generated by StirlingBot
            [1]: https://github.com/peter-evans/create-pull-request
          labels: licenses,github-actions
          draft: false
          delete-branch: true
          sign-commits: true
-      - name: Auto approve
+      - name: Enable Pull Request Automerge
        if: steps.cpr.outputs.pull-request-operation == 'created'
-        run: gh pr review --approve "${{ steps.cpr.outputs.pull-request-number }}"
+        run: gh pr merge --squash --auto "${{ steps.cpr.outputs.pull-request-number }}"
        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
      - name: Enable auto-merge
        if: steps.cpr.outputs.pull-request-operation == 'created'
        uses: peter-evans/enable-pull-request-automerge@a660677d5469627102a1c1e11409dd063606628d # v3.0.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
          merge-method: squash # Choose the merge method: merge, squash, or rebase
--- a/.github/workflows/manage-label.yml
+++ b/.github/workflows/manage-label.yml
@@ -15,7 +15,7 @@ jobs:
      issues: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -23,7 +23,7 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Run Labeler
-        uses: crazy-max/ghaction-github-labeler@b54af0c25861143e7c8813d7cbbf46d2c341680c # v5.1.0
+        uses: crazy-max/ghaction-github-labeler@31674a3852a9074f2086abcf1c53839d466a47e7 # v5.2.0
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          yaml-file: .github/labels.yml
--- a/.github/workflows/multiOSReleases.yml
+++ b/.github/workflows/multiOSReleases.yml
@@ -9,39 +9,149 @@ permissions:
  contents: read
 jobs:
-  build-installers:
+  read_versions:
-    strategy:
+    runs-on: ubuntu-latest
-      matrix:
+    outputs:
-        include:
+      version: ${{ steps.versionNumber.outputs.versionNumber }}
-          - os: windows-latest
+      versionMac: ${{ steps.versionNumberMac.outputs.versionNumberMac }}
            platform: win
            ext: exe
         #- os: macos-latest
         #  platform: mac
         # ext: dmg
         #- os: ubuntu-latest
         #  platform: linux
         #  ext: deb
    runs-on: ${{ matrix.os }}
    permissions:
      contents: write
      packages: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      # Get version number
      - name: Get version number
        id: versionNumber
        run: |
          VERSION=$(grep "^version =" build.gradle | awk -F'"' '{print $2}')
          echo "versionNumber=$VERSION" >> $GITHUB_OUTPUT
      - name: Get version number mac
        id: versionNumberMac
        run: |
          VERSION=$(grep "^version =" build.gradle | awk -F'"' '{print $2}')
          CURRENT_YEAR=$(date +'%Y')
          IFS='.' read -r -a VERSION_PARTS <<< "$VERSION"
          MAC_VERSION="$CURRENT_YEAR.${VERSION_PARTS[1]:-0}.${VERSION_PARTS[2]:-0}"
          echo "versionNumberMac=$MAC_VERSION" >> $GITHUB_OUTPUT
  build-portable:
    needs: read_versions
    runs-on: ubuntu-latest
    strategy:
      matrix:
        enable_security: [true, false]
        include:
          - enable_security: true
            file_suffix: "-with-login"
          - enable_security: false
            file_suffix: ""
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 21
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "21"
          distribution: "temurin"
-      - uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
        with:
          gradle-version: 8.12
      - name: Generate jar (With Security=${{ matrix.enable_security }})
        run: ./gradlew clean createExe
        env:
          DOCKER_ENABLE_SECURITY: ${{ matrix.enable_security }}
          STIRLING_PDF_DESKTOP_UI: false
      - name: Rename binaries
        run: |
          mkdir ./binaries
          mv ./build/launch4j/Stirling-PDF.exe ./binaries/win-Stirling-PDF-portable-Server${{ matrix.file_suffix }}.exe
          mv ./build/libs/Stirling-PDF-${{ needs.read_versions.outputs.version }}.jar ./binaries/Stirling-PDF${{ matrix.file_suffix }}.jar
      - name: Upload build artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          retention-days: 1
          if-no-files-found: error
          name: stirling${{ matrix.file_suffix }}-binaries
          path: |
            ./binaries/*
  sign_verify-portable:
    needs: [build-portable, read_versions]
    runs-on: ubuntu-latest
    strategy:
      matrix:
        enable_security: [true, false]
        include:
          - enable_security: true
            file_suffix: "with-login-"
          - enable_security: false
            file_suffix: ""
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Download build artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        with:
          name: stirling-${{ matrix.file_suffix }}binaries
      - name: Display structure of downloaded files
        run: ls -R
      - name: Upload signed artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          retention-days: 1
          if-no-files-found: error
          name: stirling-${{ matrix.file_suffix }}signed
          path: |
            ./*
            !cosign.*
  build-installers:
    needs: read_versions
    strategy:
      matrix:
        include:
          - os: windows-latest
            platform: win-
          - os: macos-latest
            platform: mac-
          # - os: ubuntu-latest
          #   platform: linux-
    runs-on: ${{ matrix.os }}
    permissions:
      contents: write
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 21
        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "21"
          distribution: "temurin"
      - uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
        with:
          gradle-version: 8.12
@@ -52,54 +162,127 @@ jobs:
          curl -L -o wix.exe https://github.com/wixtoolset/wix3/releases/download/wix3141rtm/wix314.exe
          .\wix.exe /install /quiet
      # Install Linux dependencies
      - name: Install Linux Dependencies
        if: matrix.os == 'ubuntu-latest'
        run: |
          sudo apt-get update
          sudo apt-get install -y fakeroot rpm
      # Get version number
      - name: Get version number
        id: versionNumber
        run: echo "versionNumber=$(./gradlew printVersion --quiet | tail -1)" >> $GITHUB_OUTPUT
        shell: bash
      - name: Get version number mac
        id: versionNumberMac
        run: echo "versionNumberMac=$(./gradlew printMacVersion --quiet | tail -1)" >> $GITHUB_OUTPUT
        shell: bash
      # Build installer
      - name: Build Installer
        run: ./gradlew build jpackage -x test --info
        env:
          DOCKER_ENABLE_SECURITY: false
          STIRLING_PDF_DESKTOP_UI: true
          BROWSER_OPEN: true
      # Rename and collect artifacts based on OS
      - name: Prepare artifacts
        id: prepare
        shell: bash
        run: |
          mkdir ./binaries
          if [ "${{ matrix.os }}" = "windows-latest" ]; then
-            mv "build/jpackage/Stirling-PDF-${{ steps.versionNumber.outputs.versionNumber }}.exe" "Stirling-PDF-${{ matrix.platform }}-installer.${{ matrix.ext }}"
+            mv "./build/jpackage/Stirling-PDF-${{ needs.read_versions.outputs.version }}.exe" "./binaries/Stirling-PDF-win-installer.exe"
          elif [ "${{ matrix.os }}" = "macos-latest" ]; then
-            mv "build/jpackage/Stirling-PDF-${{ steps.versionNumberMac.outputs.versionNumberMac }}.dmg" "Stirling-PDF-${{ steps.versionNumber.outputs.versionNumber }}-${{ matrix.platform }}.${{ matrix.ext }}"
+            mv "./build/jpackage/Stirling-PDF-${{ needs.read_versions.outputs.versionMac }}.dmg" "./binaries/Stirling-PDF-mac-installer.dmg"
          else
-            mv "build/jpackage/stirling-pdf_${{ steps.versionNumber.outputs.versionNumber }}-1_amd64.deb" "Stirling-PDF-${{ steps.versionNumber.outputs.versionNumber }}-${{ matrix.platform }}.${{ matrix.ext }}"
+            mv "./build/jpackage/stirling-pdf_${{ needs.read_versions.outputs.version }}-1_amd64.deb" "./binaries/Stirling-PDF-linux-installer.deb"
          fi
-      # Upload installer as artifact for testing
+      - name: Display structure of downloaded files
-      - name: Upload Installer Artifact
+        run: ls -R ./binaries
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+
      - name: Upload build artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          name: Stirling-PDF-${{ matrix.platform }}-installer.${{ matrix.ext }}
          path: Stirling-PDF-${{ matrix.platform }}-installer.${{ matrix.ext }}
          retention-days: 1
          if-no-files-found: error
          name: ${{ matrix.platform }}binaries
          path: |
            ./binaries/*
-      - name: Upload binaries to release
+  sign_verify:
    needs: [read_versions, build-installers]
    strategy:
      matrix:
        include:
          - os: windows-latest
            platform: win-
          - os: macos-latest
            platform: mac-
          # - os: ubuntu-latest
          #   platform: linux-
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Download build artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        with:
          name: ${{ matrix.platform }}binaries
      - name: Display structure of downloaded files
        run: ls -R
      - name: Install Cosign
        if: matrix.os == 'windows-latest'
        uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
      - name: Generate key pair
        if: matrix.os == 'windows-latest'
        run: cosign generate-key-pair
      - name: Sign and generate attestations
        if: matrix.os == 'windows-latest'
        run: |
          cosign sign-blob \
            --key ./cosign.key \
            --yes \
            --output-signature ./Stirling-PDF-win-installer.exe.sig \
            ./Stirling-PDF-win-installer.exe
          cosign attest-blob \
            --predicate - \
            --key ./cosign.key \
            --yes \
            --output-attestation ./Stirling-PDF-win-installer.exe.intoto.jsonl \
            ./Stirling-PDF-win-installer.exe
          cosign verify-blob \
            --key ./cosign.pub \
            --signature ./Stirling-PDF-win-installer.exe.sig \
            ./Stirling-PDF-win-installer.exe
      - name: Display structure of downloaded files
        run: ls -R
      - name: Upload signed artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          retention-days: 1
          if-no-files-found: error
          name: ${{ matrix.platform }}signed
          path: |
            ./Stirling-PDF-${{ matrix.platform }}installer.*
            !cosign.*
  create-release:
    needs: [read_versions, sign_verify, sign_verify-portable]
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Download signed artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
      - name: Display structure of downloaded files
        run: ls -R
      - name: Upload binaries, attestations and signatures to Release and create GitHub Release
        uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0
        with:
-          files: ./Stirling-PDF-${{ matrix.platform }}-installer.${{ matrix.ext }}
+          tag_name: v${{ needs.read_versions.outputs.version }}
          generate_release_notes: true
          files: |
            ./*signed/*
--- a/.github/workflows/pre_commit.yml
+++ b/.github/workflows/pre_commit.yml
@@ -1,52 +1,77 @@
 name: Pre-commit
 on:
-  push:
+  workflow_dispatch:
-    branches: [main]
+  schedule:
    - cron: "0 0 * * 1"
 permissions:
  contents: read
 jobs:
-  update:
+  pre-commit:
    if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' }}
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2
        with:
          app-id: ${{ secrets.GH_APP_ID }}
          private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
      - name: Get GitHub App User ID
        id: get-user-id
        run: echo "user-id=$(gh api "/users/${{ steps.generate-token.outputs.app-slug }}[bot]" --jq .id)" >> $GITHUB_OUTPUT
        env:
          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
      - id: committer
        run: |
          echo "string=${{ steps.generate-token.outputs.app-slug }}[bot] <${{ steps.get-user-id.outputs.user-id }}+${{ steps.generate-token.outputs.app-slug }}[bot]@users.noreply.github.com>"  >> "$GITHUB_OUTPUT"
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
      - name: Set up Python
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: 3.12
          cache: 'pip' # caching pip dependencies
      - name: Run Pre-Commit Hooks
-        uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
+        run: |
          pip install --require-hashes -r ./.github/scripts/requirements_pre_commit.txt
      - run: pre-commit run --all-files -c .pre-commit-config.yaml
        continue-on-error: true
      - name: Set up git config
        run: |
-          git config --global user.name "github-actions[bot]"
+          git config --global user.name ${{ steps.generate-token.outputs.app-slug }}[bot]
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          git config --global user.email "${{ steps.get-user-id.outputs.user-id }}+${{ steps.generate-token.outputs.app-slug }}[bot]@users.noreply.github.com"
      - name: git add
        run: |
          git add .
-          git diff --staged --quiet || git commit -m ":file_folder: pre-commit
+          git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV
          > Made via .github/workflows/pre_commit.yml" || echo "pre-commit: no changes"
      - name: Create Pull Request
        if: env.CHANGES_DETECTED == 'true'
        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ steps.generate-token.outputs.token }}
-          commit-message: "ci: 🤖 format everything with pre-commit"
+          commit-message: ":file_folder: pre-commit"
-          committer: GitHub Action <action@github.com>
+          committer: ${{ steps.committer.outputs.string }}
-          author: GitHub Action <action@github.com>
+          author: ${{ steps.committer.outputs.string }}
          signoff: true
          branch: pre-commit
-          title: "🤖 format everything with pre-commit by <github-actions[bot]>"
+          title: "🤖 format everything with pre-commit by <${{ steps.generate-token.outputs.app-slug }}>"
          body: |
-            Auto-generated by [create-pull-request][1]
+            Auto-generated by [create-pull-request][1] with **${{ steps.generate-token.outputs.app-slug }}**
            [1]: https://github.com/peter-evans/create-pull-request
          draft: false
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@@ -18,19 +18,19 @@ jobs:
      id-token: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 17
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "17"
          distribution: "temurin"
-      - uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
        with:
          gradle-version: 8.12
@@ -43,7 +43,7 @@ jobs:
        if: github.ref == 'refs/heads/master'
        uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
        with:
-          cosign-release: 'v2.4.1'
+          cosign-release: "v2.4.1"
      - name: Set up Docker Buildx
        id: buildx
@@ -67,7 +67,7 @@ jobs:
          password: ${{ github.token }}
      - name: Set up QEMU
-        uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+        uses: docker/setup-qemu-action@53851d14592bedcffcf25ea515637cff71ef929a # v3.3.0
      - name: Convert repository owner to lowercase
        id: repoowner
@@ -89,7 +89,7 @@ jobs:
      - name: Build and push main Dockerfile
        id: build-push-regular
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
        with:
          builder: ${{ steps.buildx.outputs.name }}
          context: .
@@ -134,7 +134,7 @@ jobs:
      - name: Build and push Dockerfile-ultra-lite
        id: build-push-lite
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
        if: github.ref != 'refs/heads/main'
        with:
          context: .
@@ -165,7 +165,7 @@ jobs:
      - name: Build and push main Dockerfile fat
        id: build-push-fat
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
        if: github.ref != 'refs/heads/main'
        with:
          builder: ${{ steps.buildx.outputs.name }}
--- a/.github/workflows/releaseArtifacts.yml
+++ b/.github/workflows/releaseArtifacts.yml
@@ -9,11 +9,8 @@ permissions:
  contents: read
 jobs:
-  push:
+  build:
    runs-on: ubuntu-latest
    permissions:
      contents: write
      packages: write
    strategy:
      matrix:
        enable_security: [true, false]
@@ -22,21 +19,23 @@ jobs:
            file_suffix: "-with-login"
          - enable_security: false
            file_suffix: ""
    outputs:
      version: ${{ steps.versionNumber.outputs.versionNumber }}
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 17
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "17"
          distribution: "temurin"
-      - uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
        with:
          gradle-version: 8.12
@@ -48,38 +47,134 @@ jobs:
      - name: Get version number
        id: versionNumber
-        run: echo "versionNumber=$(./gradlew printVersion --quiet | tail -1)" >> $GITHUB_OUTPUT
+        run: |
          VERSION=$(grep "^version =" build.gradle | awk -F'"' '{print $2}')
          echo "versionNumber=$VERSION" >> $GITHUB_OUTPUT
-      - name: Rename binarie
+      - name: Rename binaries
-        run: cp ./build/launch4j/Stirling-PDF.exe ./build/launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
+        run: |
          mv ./build/launch4j/Stirling-PDF.exe ./build/launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
          mv ./build/libs/Stirling-PDF-${{ steps.versionNumber.outputs.versionNumber }}.jar ./build/libs/Stirling-PDF${{ matrix.file_suffix }}.jar
-      - name: Upload Assets binarie
+      - name: Debug build artifacts
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        run: |
          echo "Current Directory: $(pwd)"
          ls -R ./build/libs
          ls -R ./build/launch4j
      - name: Upload build artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
-          path: ./build/launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
+          name: binaries${{ matrix.file_suffix }}
-          name: Stirling-PDF-Server${{ matrix.file_suffix }}.exe
+          path: |
-          overwrite: true
+            ./build/launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.*
-          retention-days: 1
+            ./build/libs/Stirling-PDF${{ matrix.file_suffix }}.*
          if-no-files-found: error
-      - name: Upload binaries to release
+  sign_verify:
    needs: build
    runs-on: ubuntu-latest
    strategy:
      matrix:
        enable_security: [true, false]
        include:
          - enable_security: true
            file_suffix: "-with-login"
          - enable_security: false
            file_suffix: ""
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Download build artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        with:
          name: binaries${{ matrix.file_suffix }}
      - name: Display structure of downloaded files
        run: ls -R
      - name: Install Cosign
        uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
      - name: Generate key pair
        run: cosign generate-key-pair
      - name: Sign and generate attestations
        run: |
          cosign sign-blob \
            --key ./cosign.key \
            --yes \
            --output-signature ./libs/Stirling-PDF${{ matrix.file_suffix }}.jar.sig \
            ./libs/Stirling-PDF${{ matrix.file_suffix }}.jar
          cosign attest-blob \
            --predicate - \
            --key ./cosign.key \
            --yes \
            --output-attestation ./libs/Stirling-PDF${{ matrix.file_suffix }}.jar.intoto.jsonl \
            ./libs/Stirling-PDF${{ matrix.file_suffix }}.jar
          cosign verify-blob \
            --key ./cosign.pub \
            --signature ./libs/Stirling-PDF${{ matrix.file_suffix }}.jar.sig \
            ./libs/Stirling-PDF${{ matrix.file_suffix }}.jar
          cosign sign-blob \
            --key ./cosign.key \
            --yes \
            --output-signature ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe.sig \
            ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
          cosign attest-blob \
            --predicate - \
            --key ./cosign.key \
            --yes \
            --output-attestation ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe.intoto.jsonl \
            ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
          cosign verify-blob \
            --key ./cosign.pub \
            --signature ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe.sig \
            ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
      - name: Upload signed artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          name: signed${{ matrix.file_suffix }}
          path: |
            ./libs/Stirling-PDF${{ matrix.file_suffix }}.*
            ./launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.*
  release:
    needs: [build, sign_verify]
    runs-on: ubuntu-latest
    permissions:
      contents: write
    strategy:
      matrix:
        enable_security: [true, false]
        include:
          - enable_security: true
            file_suffix: "-with-login"
          - enable_security: false
            file_suffix: ""
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Download signed artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        with:
          name: signed${{ matrix.file_suffix }}
      - name: Upload binaries, attestations and signatures to Release and create GitHub Release
        uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0
        with:
-          files: ./build/launch4j/Stirling-PDF-Server${{ matrix.file_suffix }}.exe
+          tag_name: v${{ needs.build.outputs.version }}
-
+          generate_release_notes: true
-      - name: Rename jar binaries
+          files: |
-        run: cp ./build/libs/Stirling-PDF-${{ steps.versionNumber.outputs.versionNumber }}.jar ./build/libs/Stirling-PDF${{ matrix.file_suffix }}.jar
+            ./libs/Stirling-PDF*
-
+            ./launch4j/Stirling-PDF-Server*
      - name: Upload Assets jar binaries
        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
        with:
          path: ./build/libs/Stirling-PDF${{ matrix.file_suffix }}.jar
          name: Stirling-PDF${{ matrix.file_suffix }}.jar
          overwrite: true
          retention-days: 1
          if-no-files-found: error
      - name: Upload jar binaries to release
        uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0
        with:
          files: ./build/libs/Stirling-PDF${{ matrix.file_suffix }}.jar
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -10,7 +10,7 @@ on:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
-    - cron: '20 7 * * 2'
+    - cron: "20 7 * * 2"
  push:
    branches: ["main"]
 permissions: read-all
@@ -34,7 +34,7 @@ jobs:
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
@@ -66,7 +66,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
        with:
          name: SARIF file
          path: results.sarif
@@ -74,6 +74,6 @@ jobs:
      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
        with:
          sarif_file: results.sarif
--- a/.github/workflows/sonarqube.yml
+++ b/.github/workflows/sonarqube.yml
@@ -0,0 +1,64 @@
 on:
  push:
    branches:
      - master
  pull_request:
    branches: [ "main" ]
  workflow_dispatch:
 permissions:
  pull-requests: read
  actions: read
 name: Run Sonarqube
 jobs:
  sonarqube:
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0 
      - name: Set up JDK
        uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
        with:
          java-version: '17'
          distribution: 'temurin'
      - name: Build and analyze with Gradle
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          DOCKER_ENABLE_SECURITY: true
          STIRLING_PDF_DESKTOP_UI: true
        run: |
          ./gradlew clean build sonar \
            -Dsonar.projectKey=Stirling-Tools_Stirling-PDF \
            -Dsonar.organization=stirling-tools \
            -Dsonar.host.url=https://sonarcloud.io \
            -Dsonar.log.level=DEBUG \
            --info
      - name: Upload Problems Report on Failure
        if: failure()
        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: gradle-problems-report
          path: build/reports/problems/problems-report.html
          retention-days: 7
      - name: Upload Sonar Logs on Failure
        if: failure()
        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: sonar-logs
          path: |
            .scannerwork/report-task.txt
            build/sonar/
          retention-days: 7
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -16,12 +16,12 @@ jobs:
      pull-requests: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: 30 days stale issues
-        uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0
+        uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          days-before-stale: 30
@@ -37,4 +37,4 @@ jobs:
          only-issue-labels: "more-info-needed"
          days-before-pr-stale: -1 # Prevents PRs from being marked as stale
          days-before-pr-close: -1 # Prevents PRs from being closed
-          start-date: '2024-07-06T00:00:00Z'  # ISO 8601 Format
+          start-date: "2024-07-06T00:00:00Z" # ISO 8601 Format
--- a/.github/workflows/swagger.yml
+++ b/.github/workflows/swagger.yml
@@ -14,19 +14,19 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK 17
-        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: "17"
          distribution: "temurin"
-      - uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
      - name: Generate Swagger documentation
        run: ./gradlew generateOpenApiDocs
--- a/.github/workflows/sync_files.yml
+++ b/.github/workflows/sync_files.yml
@@ -1,62 +1,145 @@
 name: Sync Files
 on:
  workflow_dispatch:
  push:
    branches:
      - main
    paths:
      - "build.gradle"
      - "README.md"
      - "src/main/resources/messages_*.properties"
      - "src/main/resources/static/3rdPartyLicenses.json"
      - "scripts/ignore_translation.toml"
 permissions:
  contents: read
 jobs:
-  sync-readme:
+  read_bot_entries:
    runs-on: ubuntu-latest
-    permissions:
+    outputs:
-      contents: write
+      userName: ${{ steps.get-user-id.outputs.user_name }}
-      pull-requests: write
+      userEmail: ${{ steps.get-user-id.outputs.user_email }}
      committer: ${{ steps.committer.outputs.committer }}
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2
        with:
          app-id: ${{ secrets.GH_APP_ID }}
          private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
      - name: Get GitHub App User ID
        id: get-user-id
        run: |
          USER_NAME="${{ steps.generate-token.outputs.app-slug }}[bot]"
          USER_ID=$(gh api "/users/$USER_NAME" --jq .id)
          USER_EMAIL="$USER_ID+$USER_NAME@users.noreply.github.com"
          echo "user_name=$USER_NAME" >> "$GITHUB_OUTPUT"
          echo "user_email=$USER_EMAIL" >> "$GITHUB_OUTPUT"
          echo "user-id=$USER_ID" >> "$GITHUB_OUTPUT"
        env:
          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
      - id: committer
        run: |
          COMMITTER="${{ steps.get-user-id.outputs.user_name }} <${{ steps.get-user-id.outputs.user_email }}>"
          echo "committer=$COMMITTER" >> "$GITHUB_OUTPUT"
  sync-files:
    needs: ["read_bot_entries"]
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Generate GitHub App Token
        id: generate-token
        uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2
        with:
          app-id: ${{ vars.GH_APP_ID }}
          private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Python
-        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
        with:
          python-version: "3.12"
-      - name: Install dependencies
+          cache: 'pip' # caching pip dependencies
-        run: pip install tomlkit
+
-      - name: Sync README
+      - name: Sync translation property files
-        run: python scripts/counter_translation.py
+        run: |
          python .github/scripts/check_language_properties.py --reference-file "src/main/resources/messages_en_GB.properties" --branch main
      - name: Set up git config
        run: |
-          git config --global user.name "github-actions[bot]"
+          git config --global user.name ${{ needs.read_bot_entries.outputs.userName }}
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          git config --global user.email ${{ needs.read_bot_entries.outputs.userEmail }}
      - name: Run git add
        run: |
-          git add .
+          git add src/main/resources/messages_*.properties
-          git diff --staged --quiet || git commit -m ":memo: Sync README
+          git diff --staged --quiet || git commit -m ":memo: Sync translation files" || echo "no changes"
-          > Made via sync_files.yml" || echo "no changes"
+
      - name: Install dependencies
        run: pip install --require-hashes -r ./.github/scripts/requirements_sync_readme.txt
      - name: Sync README.md
        run: |
          python scripts/counter_translation.py
      - name: Run git add
        run: |
          git add README.md
          git diff --staged --quiet || git commit -m ":memo: Sync README.md" || echo "no changes"
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ steps.generate-token.outputs.token }}
          commit-message: Update files
-          committer: GitHub Action <action@github.com>
+          committer: ${{ needs.read_bot_entries.outputs.committer }}
-          author: GitHub Action <action@github.com>
+          author: ${{ needs.read_bot_entries.outputs.committer }}
          signoff: true
          branch: sync_readme
-          title: ":memo: Update README: Translation Progress Table"
+          title: ":globe_with_meridians: Sync Translations + Update README Progress Table"
          body: |
-            Auto-generated by [create-pull-request][1]
+            ### Description of Changes
            This Pull Request was automatically generated to synchronize updates to translation files and documentation. Below are the details of the changes made:
            #### **1. Synchronization of Translation Files**
            - Updated translation files (`messages_*.properties`) to reflect changes in the reference file `messages_en_GB.properties`.
            - Ensured consistency and synchronization across all supported language files.
            - Highlighted any missing or incomplete translations.
            #### **2. Update README.md**
            - Generated the translation progress table in `README.md`.
            - Added a summary of the current translation status for all supported languages.
            - Included up-to-date statistics on translation coverage.
            #### **Why these changes are necessary**
            - Keeps translation files aligned with the latest reference updates.
            - Ensures the documentation reflects the current translation progress.
            ---
            Auto-generated by [create-pull-request][1].
            [1]: https://github.com/peter-evans/create-pull-request
          draft: false
          delete-branch: true
-          labels: Documentation,Translation,github-actions
+          labels: github-actions
          sign-commits: true
          add-paths: |
            README.md
            src/main/resources/messages_*.properties
--- a/.github/workflows/testdriver.yml
+++ b/.github/workflows/testdriver.yml
@@ -0,0 +1,154 @@
 name: UI test with TestDriverAI
 on:
  push:
    branches: ["master", "UITest", "testdriver"]
 permissions:
  contents: read
 jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up JDK
        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
        with:
          java-version: '17'
          distribution: 'temurin'
      - name: Build with Gradle
        run: ./gradlew clean build
        env:
          DOCKER_ENABLE_SECURITY: false
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
      - name: Get version number
        id: versionNumber
        run: |
          VERSION=$(grep "^version =" build.gradle | awk -F'"' '{print $2}')
          echo "versionNumber=$VERSION" >> $GITHUB_OUTPUT
      - name: Login to Docker Hub
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          username: ${{ secrets.DOCKER_HUB_USERNAME }}
          password: ${{ secrets.DOCKER_HUB_API }}
      - name: Build and push test image
        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{ secrets.DOCKER_HUB_USERNAME }}/test:test-${{ github.sha }}
          build-args: VERSION_TAG=${{ steps.versionNumber.outputs.versionNumber }}
          platforms: linux/amd64
      - name: Set up SSH
        run: |
          mkdir -p ~/.ssh/
          echo "${{ secrets.VPS_SSH_KEY }}" > ../private.key
          sudo chmod 600 ../private.key
      - name: Deploy to VPS
        run: |
          cat > docker-compose.yml << EOF
          version: '3.3'
          services:
            stirling-pdf:
              container_name: stirling-pdf-test-${{ github.sha }}
              image: ${{ secrets.DOCKER_HUB_USERNAME }}/test:test-${{ github.sha }}
              ports:
                - "1337:8080"
              volumes:
                - /stirling/test-${{ github.sha }}/data:/usr/share/tessdata:rw
                - /stirling/test-${{ github.sha }}/config:/configs:rw
                - /stirling/test-${{ github.sha }}/logs:/logs:rw
              environment:
                DOCKER_ENABLE_SECURITY: "false"
                SECURITY_ENABLELOGIN: "false"
                SYSTEM_DEFAULTLOCALE: en-GB
                UI_APPNAME: "Stirling-PDF Test"
                UI_HOMEDESCRIPTION: "Test Deployment"
                UI_APPNAMENAVBAR: "Test"
                SYSTEM_MAXFILESIZE: "100"
                METRICS_ENABLED: "true"
                SYSTEM_GOOGLEVISIBILITY: "false"
                SYSTEM_ENABLEANALYTICS: "false"
              restart: on-failure:5
          EOF
          scp -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null docker-compose.yml ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }}:/tmp/docker-compose.yml
          ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << EOF
            mkdir -p /stirling/test-${{ github.sha }}/{data,config,logs}
            mv /tmp/docker-compose.yml /stirling/test-${{ github.sha }}/docker-compose.yml
            cd /stirling/test-${{ github.sha }}
            docker-compose pull
            docker-compose up -d
          EOF
  test:
    needs: deploy
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Run TestDriver.ai
        uses: testdriverai/action@f0d0f45fdd684db628baa843fe9313f3ca3a8aa8 #1.1.3
        with:
          key: ${{secrets.TESTDRIVER_API_KEY}}
          prerun: |
            npm install
            npm run build
            npm install dashcam-chrome --save
            Start-Process "C:/Program Files/Google/Chrome/Application/chrome.exe" -ArgumentList "--start-maximized", "--load-extension=$(pwd)/node_modules/dashcam-chrome/build", "http://${{ secrets.VPS_HOST }}:1337"
            Start-Sleep -Seconds 20
          prompt: |
            1. /run testing/testdriver/test.yml
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          FORCE_COLOR: "3"
  cleanup:
    needs: [deploy, test]
    runs-on: ubuntu-latest
    if: always()
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
        with:
          egress-policy: audit
      - name: Set up SSH
        run: |
          mkdir -p ~/.ssh/
          echo "${{ secrets.VPS_SSH_KEY }}" > ../private.key
          sudo chmod 600 ../private.key
      - name: Cleanup deployment
        run: |
          ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << EOF
            cd /stirling/test-${{ github.sha }}
            docker-compose down
            cd /stirling
            rm -rf test-${{ github.sha }}
          EOF
--- a/.github/workflows/update-translations.yml
+++ b/.github/workflows/update-translations.yml
@@ -1,72 +0,0 @@
 name: Update Translations
 on:
  push:
    branches: ["main"]
    paths:
      - "src/main/resources/messages_en_GB.properties"
 permissions:
  contents: read
 jobs:
  update-translations-main:
    if: github.event_name == 'push'
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
        with:
          egress-policy: audit
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Python
        uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
        with:
          python-version: "3.12"
      - name: Run Python script to check files
        id: run-check
        run: |
          echo "Running Python script to check files..."
          python .github/scripts/check_language_properties.py \
            --reference-file src/main/resources/messages_en_GB.properties \
            --branch main
      - name: Set up git config
        run: |
          git config --global user.name "github-actions[bot]"
          git config --global user.email "github-actions[bot]@users.noreply.github.com"
      - name: Add translation keys
        run: |
          git add src/main/resources/messages_*.properties
          git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV
      - name: Create Pull Request
        id: cpr
        if: env.CHANGES_DETECTED == 'true'
        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          commit-message: "Update translation files"
          committer: GitHub Action <action@github.com>
          author: GitHub Action <action@github.com>
          signoff: true
          branch: update_translation_files
          title: "Update translation files"
          add-paths: |
            src/main/resources/messages_*.properties
          body: |
            Auto-generated by [create-pull-request][1]
            [1]: https://github.com/peter-evans/create-pull-request
          draft: false
          delete-branch: true
          labels: Translation,github-actions
          sign-commits: true
--- a/.gitignore
+++ b/.gitignore
@@ -14,12 +14,18 @@ local.properties
 .classpath
 .project
 version.properties
 #### Stirling-PDF Files ###
 pipeline/watchedFolders/
 pipeline/finishedFolders/
 #### Stirling-PDF Files ###
 customFiles/
 configs/
 watchedFolders/
 clientWebUI/
 !cucumber/
 !cucumber/exampleFiles/
 !cucumber/exampleFiles/example_html.zip
 exampleYmlFiles/stirling/
 # Gradle
 .gradle
@@ -111,6 +117,7 @@ watchedFolders/
 *.war
 *.nar
 *.ear
 *.zip
 *.tar.gz
 *.rar
 *.db
@@ -133,6 +140,7 @@ venv.bak/
 # VS Code
 /.vscode/**/*
 !/.vscode/settings.json
 !/.vscode/extensions.json
 # IntelliJ IDEA
 .idea/
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -6,10 +6,10 @@ repos:
        args:
          - --fix
          - --line-length=127
-        files: ^((.github/scripts|scripts)/.+)?[^/]+\.py$
+        files: ^((\.github/scripts|scripts)/.+)?[^/]+\.py$
        exclude: (split_photos.py)
      - id: ruff-format
-        files: ^((.github/scripts|scripts)/.+)?[^/]+\.py$
+        files: ^((\.github/scripts|scripts)/.+)?[^/]+\.py$
        exclude: (split_photos.py)
  - repo: https://github.com/codespell-project/codespell
    rev: v2.3.0
@@ -19,39 +19,18 @@ repos:
          - --ignore-words-list=
          - --skip="./.*,*.csv,*.json,*.ambr"
          - --quiet-level=2
-        files: \.(properties|html|css|js|py|md)$
+        files: \.(html|css|js|py|md)$
-        exclude: (.vscode|.devcontainer|src/main/resources|Dockerfile)
+        exclude: (.vscode|.devcontainer|src/main/resources|Dockerfile|.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js)
  - repo: https://github.com/gitleaks/gitleaks
    rev: v8.22.0
    hooks:
      - id: gitleaks
  - repo: https://github.com/jumanjihouse/pre-commit-hooks
    rev: 3.0.0
    hooks:
      - id: shellcheck
        files: ^.*(\.bash|\.sh|\.ksh|\.zsh)$
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v5.0.0
    hooks:
      - id: end-of-file-fixer
        files: ^.*(\.js|\.java|\.py|\.yml)$
-        exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js$)
+        exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js|\.github/workflows/.*$)
      - id: trailing-whitespace
        files: ^.*(\.js|\.java|\.py|\.yml)$
-        exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js$)
+        exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js|\.github/workflows/.*$)
  - repo: local
    hooks:
      - id: check-duplicate-properties-keys
        name: Check Duplicate Properties Keys
        entry: python .github/scripts/check_duplicates.py
        language: python
        files: ^(src)/.+\.properties$
      - id: check-html-tabs
        name: Check HTML for tabs
        description: Ensures HTML/CSS/JS files do not contain tab characters
        # args: ["--replace_with=  "]
        entry: python .github/scripts/check_tabulator.py
        language: python
        exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js$)
        files: ^.*(\.html|\.css|\.js)$
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -0,0 +1,24 @@
 {
  "recommendations": [
    "elagil.pre-commit-helper", // Support for pre-commit hooks to enforce code quality
    "josevseb.google-java-format-for-vs-code", // Google Java code formatter to follow the Google Java Style Guide
    "ms-python.black-formatter", // Python code formatter using Black
    "ms-python.flake8", // Flake8 linter for Python to enforce code quality
    "ms-python.python", // Official Microsoft Python extension with IntelliSense, debugging, and Jupyter support
    // "ms-vscode-remote.remote-containers", // Support for remote development with containers (Docker, Dev Containers)
    // "ms-vscode-remote.vscode-remote-extensionpack", // Remote Development Pack for SSH, WSL, and Containers
    "Oracle.oracle-java", // Oracle Java extension with additional features for Java development
    "redhat.java", // Java support by Red Hat with IntelliSense, debugging, and code navigation
    "shengchen.vscode-checkstyle", // Checkstyle integration for Java code quality checks
    "streetsidesoftware.code-spell-checker", // Spell checker for code to avoid typos
    "vmware.vscode-boot-dev-pack", // Developer tools for Spring Boot by VMware
    "vmware.vscode-spring-boot", // Spring Boot tools by VMware for enhanced Spring development
    "vscjava.vscode-gradle", // Gradle extension for build and automation support
    "vscjava.vscode-java-debug", // Debugging support for Java projects
    "vscjava.vscode-java-dependency", // Java dependency management within VS Code
    "vscjava.vscode-java-pack", // Java Extension Pack with essential Java tools for VS Code
    "vscjava.vscode-java-test", // Java test framework for running and debugging tests in VS Code
    "vscjava.vscode-spring-boot-dashboard", // Spring Boot dashboard for managing and visualizing Spring Boot applications
    "vscjava.vscode-spring-initializr" // Support for Spring Initializr to create new Spring projects
  ]
 }
--- a/DeveloperGuide.md
+++ b/DeveloperGuide.md
@@ -39,6 +39,16 @@ Stirling-PDF is built using:
 2. Install Docker and JDK17 if not already installed.
 3. Install a recommended Java IDE such as Eclipse, IntelliJ, or VSCode
   1. Only VSCode
      1. Open VS Code.
      2. When prompted, install the recommended extensions.
      3. Alternatively, open the command palette (`Ctrl + Shift + P` or `Cmd + Shift + P` on macOS) and run:
        ```sh
        Extensions: Show Recommended Extensions
        ```
      4. Install the required extensions from the list.
 4. Lombok Setup
 Stirling-PDF uses Lombok to reduce boilerplate code. Some IDEs, like Eclipse, don't support Lombok out of the box. To set up Lombok in your development environment:
--- a/14
+++ b/14
@@ -1,5 +1,5 @@
 # Main stage
-FROM alpine:3.20.3
+FROM alpine:3.21.2@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099
 # Copy necessary files
 COPY scripts /scripts
@@ -25,7 +25,13 @@ LABEL org.opencontainers.image.keywords="PDF, manipulation, merge, split, conver
 # Set Environment Variables
 ENV DOCKER_ENABLE_SECURITY=false \
    VERSION_TAG=$VERSION_TAG \
-    JAVA_TOOL_OPTIONS="$JAVA_TOOL_OPTIONS -XX:MaxRAMPercentage=75" \
+    JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions \
    -XX:MaxRAMPercentage=75 \
    -XX:InitiatingHeapOccupancyPercent=20 \
    -XX:+G1PeriodicGCInvokesConcurrent \
    -XX:G1PeriodicGCInterval=10000 \
    -XX:+UseStringDeduplication \
    -XX:G1PeriodicGCSystemLoadThreshold=70" \
    HOME=/home/stirlingpdfuser \
    PUID=1000 \
    PGID=1000 \
@@ -50,13 +56,15 @@ RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /et
        openssl-dev \
        openjdk21-jre \
 # Doc conversion
 		gcompat \
    	libc6-compat \
        libreoffice \
 # pdftohtml
        poppler-utils \
 # OCR MY PDF (unpaper for descew and other advanced features)
        tesseract-ocr-data-eng \
 # CV
-        py3-opencv \
+		py3-opencv \
 # python3/pip
        python3 \
        py3-pip && \
--- a/Dockerfile.fat
+++ b/Dockerfile.fat
@@ -12,7 +12,7 @@ RUN DOCKER_ENABLE_SECURITY=true \
 ./gradlew clean build
 # Main stage
-FROM alpine:3.20.3
+FROM alpine:3.21.2@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099
 # Copy necessary files
 COPY scripts /scripts
@@ -25,7 +25,13 @@ ARG VERSION_TAG
 # Set Environment Variables
 ENV DOCKER_ENABLE_SECURITY=false \
    VERSION_TAG=$VERSION_TAG \
-    JAVA_TOOL_OPTIONS="$JAVA_TOOL_OPTIONS -XX:MaxRAMPercentage=75" \
+    JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions \
    -XX:MaxRAMPercentage=75 \
    -XX:InitiatingHeapOccupancyPercent=20 \
    -XX:+G1PeriodicGCInvokesConcurrent \
    -XX:G1PeriodicGCInterval=10000 \
    -XX:+UseStringDeduplication \
    -XX:G1PeriodicGCSystemLoadThreshold=70" \
    HOME=/home/stirlingpdfuser \
    PUID=1000 \
    PGID=1000 \
@@ -51,6 +57,8 @@ RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /et
        openssl-dev \
        openjdk21-jre \
 # Doc conversion
 		gcompat \
    	libc6-compat \
        libreoffice \
 # pdftohtml
        poppler-utils \
@@ -59,7 +67,7 @@ RUN echo "@testing https://dl-cdn.alpinelinux.org/alpine/edge/main" | tee -a /et
        tesseract-ocr-data-eng \
        font-terminus font-dejavu font-noto font-noto-cjk font-awesome font-noto-extra \
 # CV
-        py3-opencv \
+		py3-opencv \
 # python3/pip
        python3 \
    py3-pip && \
--- a/Dockerfile.ultra-lite
+++ b/Dockerfile.ultra-lite
@@ -1,5 +1,5 @@
 # use alpine
-FROM alpine:3.21.0@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45
+FROM alpine:3.21.2@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099
 ARG VERSION_TAG
@@ -7,7 +7,13 @@ ARG VERSION_TAG
 ENV DOCKER_ENABLE_SECURITY=false \
    HOME=/home/stirlingpdfuser \
    VERSION_TAG=$VERSION_TAG \
-    JAVA_TOOL_OPTIONS="$JAVA_TOOL_OPTIONS -XX:MaxRAMPercentage=75" \
+    JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions \
    -XX:MaxRAMPercentage=75 \
    -XX:InitiatingHeapOccupancyPercent=20 \
    -XX:+G1PeriodicGCInvokesConcurrent \
    -XX:G1PeriodicGCInterval=10000 \
    -XX:+UseStringDeduplication \
    -XX:G1PeriodicGCSystemLoadThreshold=70" \
    PUID=1000 \
    PGID=1000 \
    UMASK=022
--- a/HowToAddNewLanguage.md
+++ b/HowToAddNewLanguage.md
@@ -18,9 +18,7 @@ Any SVG flags are fine; most of the current ones were sourced from [here](https:
 For example, to add Polish, you would add:
 ```html
-<a class="dropdown-item lang_dropdown-item" href="" data-bs-language-code="pl_PL">
+<a th:if="${#lists.isEmpty(@languages) or #lists.contains(@languages, 'pl_PL')}" class="dropdown-item lang_dropdown-item" href="" data-bs-language-code="pl_PL"> <img th:src="@{'/images/flags/pl.svg'}" alt="icon" width="20" height="15"> Polski</a>
    <img src="images/flags/pl.svg" alt="icon" width="20" height="15"> Polski
 </a>
 ```
 The `data-bs-language-code` is the code used to reference the file in the next step.
@@ -60,3 +58,13 @@ ignore = [
 - After adding the new tags to `messages_en_GB.properties`, add and translate them in the respective language file (e.g., `messages_pl_PL.properties`).
 Make sure to place the entry under the correct language section. This helps maintain the accuracy of translation progress statistics and ensures that the translation tool or scripts do not misinterpret the completion rate.
 ### Use this code to perform a local check
 #### Windows command
 ```ps
 python .github/scripts/check_language_properties.py --reference-file src\main\resources\messages_en_GB.properties --branch "" --files src\main\resources\messages_pl_PL.properties
 python .github/scripts/check_language_properties.py --reference-file src\main\resources\messages_en_GB.properties --branch "" --check-file src\main\resources\messages_pl_PL.properties
 ```
--- a/README.md
+++ b/README.md
@@ -113,49 +113,50 @@ Visit our comprehensive documentation at [docs.stirlingpdf.com](https://docs.sti
 ## Supported Languages
-Stirling-PDF currently supports 38 languages!
+Stirling-PDF currently supports 39 languages!
 | Language                                     | Progress                               |
 | -------------------------------------------- | -------------------------------------- |
-| Arabic (العربية) (ar_AR)                        | ![91%](https://geps.dev/progress/91)   |
+| Arabic (العربية) (ar_AR)                        | ![89%](https://geps.dev/progress/89)   |
-| Azerbaijani (Azərbaycan Dili) (az_AZ)        | ![89%](https://geps.dev/progress/89)   |
+| Azerbaijani (Azərbaycan Dili) (az_AZ)        | ![88%](https://geps.dev/progress/88)   |
 | Basque (Euskara) (eu_ES)                     | ![51%](https://geps.dev/progress/51)   |
-| Bulgarian (Български) (bg_BG)                | ![87%](https://geps.dev/progress/87)   |
+| Bulgarian (Български) (bg_BG)                | ![85%](https://geps.dev/progress/85)   |
-| Catalan (Català) (ca_CA)                     | ![81%](https://geps.dev/progress/81)   |
+| Catalan (Català) (ca_CA)                     | ![80%](https://geps.dev/progress/80)   |
-| Croatian (Hrvatski) (hr_HR)                  | ![88%](https://geps.dev/progress/88)   |
+| Croatian (Hrvatski) (hr_HR)                  | ![87%](https://geps.dev/progress/87)   |
-| Czech (Česky) (cs_CZ)                        | ![88%](https://geps.dev/progress/88)   |
+| Czech (Česky) (cs_CZ)                        | ![98%](https://geps.dev/progress/98)   |
-| Danish (Dansk) (da_DK)                       | ![87%](https://geps.dev/progress/87)   |
+| Danish (Dansk) (da_DK)                       | ![85%](https://geps.dev/progress/85)   |
-| Dutch (Nederlands) (nl_NL)                   | ![86%](https://geps.dev/progress/86)   |
+| Dutch (Nederlands) (nl_NL)                   | ![85%](https://geps.dev/progress/85)   |
 | English (English) (en_GB)                    | ![100%](https://geps.dev/progress/100) |
 | English (US) (en_US)                         | ![100%](https://geps.dev/progress/100) |
-| French (Français) (fr_FR)                    | ![93%](https://geps.dev/progress/93)   |
+| French (Français) (fr_FR)                    | ![96%](https://geps.dev/progress/96)   |
-| German (Deutsch) (de_DE)                     | ![96%](https://geps.dev/progress/96)   |
+| German (Deutsch) (de_DE)                     | ![99%](https://geps.dev/progress/99)   |
-| Greek (Ελληνικά) (el_GR)                     | ![87%](https://geps.dev/progress/87)   |
+| Greek (Ελληνικά) (el_GR)                     | ![98%](https://geps.dev/progress/98)   |
-| Hindi (हिंदी) (hi_IN)                          | ![85%](https://geps.dev/progress/85)   |
+| Hindi (हिंदी) (hi_IN)                          | ![98%](https://geps.dev/progress/98)   |
-| Hungarian (Magyar) (hu_HU)                   | ![88%](https://geps.dev/progress/88)   |
+| Hungarian (Magyar) (hu_HU)                   | ![95%](https://geps.dev/progress/95)   |
-| Indonesian (Bahasa Indonesia) (id_ID)        | ![88%](https://geps.dev/progress/88)   |
+| Indonesian (Bahasa Indonesia) (id_ID)        | ![86%](https://geps.dev/progress/86)   |
-| Irish (Gaeilge) (ga_IE)                      | ![80%](https://geps.dev/progress/80)   |
+| Irish (Gaeilge) (ga_IE)                      | ![98%](https://geps.dev/progress/98)   |
 | Italian (Italiano) (it_IT)                   | ![99%](https://geps.dev/progress/99)   |
-| Japanese (日本語) (ja_JP)                    | ![90%](https://geps.dev/progress/90)   |
+| Japanese (日本語) (ja_JP)                    | ![93%](https://geps.dev/progress/93)   |
-| Korean (한국어) (ko_KR)                      | ![86%](https://geps.dev/progress/86)   |
+| Korean (한국어) (ko_KR)                      | ![99%](https://geps.dev/progress/99)   |
-| Norwegian (Norsk) (no_NB)                    | ![80%](https://geps.dev/progress/80)   |
+| Norwegian (Norsk) (no_NB)                    | ![79%](https://geps.dev/progress/79)   |
-| Persian (فارسی) (fa_IR)                      | ![95%](https://geps.dev/progress/95)   |
+| Persian (فارسی) (fa_IR)                      | ![94%](https://geps.dev/progress/94)   |
-| Polish (Polski) (pl_PL)                      | ![87%](https://geps.dev/progress/87)   |
+| Polish (Polski) (pl_PL)                      | ![86%](https://geps.dev/progress/86)   |
-| Portuguese (Português) (pt_PT)               | ![87%](https://geps.dev/progress/87)   |
+| Portuguese (Português) (pt_PT)               | ![97%](https://geps.dev/progress/97)   |
-| Portuguese Brazilian (Português) (pt_BR)     | ![95%](https://geps.dev/progress/95)   |
+| Portuguese Brazilian (Português) (pt_BR)     | ![97%](https://geps.dev/progress/97)   |
-| Romanian (Română) (ro_RO)                    | ![82%](https://geps.dev/progress/82)   |
+| Romanian (Română) (ro_RO)                    | ![81%](https://geps.dev/progress/81)   |
-| Russian (Русский) (ru_RU)                    | ![87%](https://geps.dev/progress/87)   |
+| Russian (Русский) (ru_RU)                    | ![98%](https://geps.dev/progress/98)   |
 | Serbian Latin alphabet (Srpski) (sr_LATN_RS) | ![64%](https://geps.dev/progress/64)   |
-| Simplified Chinese (简体中文) (zh_CN)         | ![90%](https://geps.dev/progress/90)   |
+| Simplified Chinese (简体中文) (zh_CN)         | ![89%](https://geps.dev/progress/89)   |
-| Slovakian (Slovensky) (sk_SK)                | ![75%](https://geps.dev/progress/75)   |
+| Slovakian (Slovensky) (sk_SK)                | ![74%](https://geps.dev/progress/74)   |
-| Spanish (Español) (es_ES)                    | ![88%](https://geps.dev/progress/88)   |
+| Slovenian (Slovenščina) (sl_SI)              | ![97%](https://geps.dev/progress/97)   |
-| Swedish (Svenska) (sv_SE)                    | ![88%](https://geps.dev/progress/88)   |
+| Spanish (Español) (es_ES)                    | ![87%](https://geps.dev/progress/87)   |
-| Thai (ไทย) (th_TH)                           | ![87%](https://geps.dev/progress/87)   |
+| Swedish (Svenska) (sv_SE)                    | ![87%](https://geps.dev/progress/87)   |
-| Tibetan (བོད་ཡིག་) (zh_BO)                     | ![96%](https://geps.dev/progress/96) |
+| Thai (ไทย) (th_TH)                           | ![86%](https://geps.dev/progress/86)   |
-| Traditional Chinese (繁體中文) (zh_TW)        | ![96%](https://geps.dev/progress/96)   |
+| Tibetan (བོད་ཡིག་) (zh_BO)                     | ![95%](https://geps.dev/progress/95) |
-| Turkish (Türkçe) (tr_TR)                     | ![83%](https://geps.dev/progress/83)   |
+| Traditional Chinese (繁體中文) (zh_TW)        | ![98%](https://geps.dev/progress/98)   |
-| Ukrainian (Українська) (uk_UA)               | ![73%](https://geps.dev/progress/73)   |
+| Turkish (Türkçe) (tr_TR)                     | ![82%](https://geps.dev/progress/82)   |
-| Vietnamese (Tiếng Việt) (vi_VN)              | ![80%](https://geps.dev/progress/80)   |
+| Ukrainian (Українська) (uk_UA)               | ![72%](https://geps.dev/progress/72)   |
 | Vietnamese (Tiếng Việt) (vi_VN)              | ![79%](https://geps.dev/progress/79)   |
 ## Stirling PDF Enterprise
--- a/USERS.md
+++ b/USERS.md
@@ -0,0 +1,45 @@
 # Who is using Stirling-PDF?
 Understanding the diverse applications of Stirling-PDF can be an invaluable resource for collaboration and learning. This page provides a directory of users and use cases. If you are using Stirling-PDF, consider sharing your experiences to help others and foster a community of best practices.
 ## Adding Yourself as a User
 If you're using Stirling-PDF or have integrated it into your platform or workflow, please consider contributing to this list by describing your use case. You can do this by opening a pull request to this file and adding your details in the format below:
 - **N**: Name of the organization or individual.
 - **D**: A brief description of your usage.
 - **U**: Specific features or capabilities utilized.
 - **L**: Optional link for further information (e.g., website, blog post).
 - **Q**: Contact information for sharing insights (optional).
 Example entry:
 ```
 * N: Example Corp
  D: Using Stirling-PDF for automated document processing in our SaaS platform focusing on compression.
  U: OCR, merging PDFs, metadata editing, encryption, compression.
  L: https://example.com/stirling-pdf
  Q: @example-user on Discord/email
 ```
 ---
 ## Requirements for Listing
 - You must represent the entity you're listing and ensure the details are accurate.
 - Trial deployments are welcome if they represent a realistic evaluation of Stirling-PDF in action.
 - Community contributions, including home-lab setups or non-commercial uses, are encouraged.
 ---
 ## Users (Alphabetically)
    * N: 
      D: 
      U: 
      L: 
    * N: 
      D: 
      U: 
      L: 
--- a/allowed-licenses.json
+++ b/allowed-licenses.json
@@ -0,0 +1,164 @@
 {
  "allowedLicenses": [
    {
      "moduleName": ".*",
      "moduleLicense": "BSD License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The BSD License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "BSD-2-Clause"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "BSD 2-Clause License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The 2-Clause BSD License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "BSD-3-Clause"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The BSD 3-Clause License (BSD3)"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "BSD-4 License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "MIT"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "MIT License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The MIT License"
    },
    {
      "moduleName": "com.github.jai-imageio:jai-imageio-core",
      "moduleLicense": "LICENSE.txt"
    },
    {
      "moduleName": "com.github.jai-imageio:jai-imageio-jpeg2000",
      "moduleLicense": "LICENSE-JJ2000.txt, LICENSE-Sun.txt"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache 2"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache-2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache-2.0 License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache License 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache License Version 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Apache License, Version 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The Apache License, Version 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The Apache Software License, Version 2.0"
    },
    {
      "moduleName": "com.nimbusds:oauth2-oidc-sdk",
      "moduleLicense": "\"Apache License, version 2.0\";link=\"https://www.apache.org/licenses/LICENSE-2.0.html\""
    },
    {
      "moduleName": ".*",
      "moduleLicense": "MPL 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "UnboundID SCIM2 SDK Free Use License"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "GPL2 w/ CPE"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "GPLv2+CE"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "GNU GENERAL PUBLIC LICENSE, Version 2 + Classpath Exception"
    },
    {
      "moduleName": "com.martiansoftware:jsap",
      "moduleLicense": "LGPL"
    },
    {
      "moduleName": "org.hibernate.orm:hibernate-core",
      "moduleLicense": "GNU Library General Public License v2.1 or later"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Eclipse Public License - v 1.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Eclipse Public License v. 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Eclipse Public License - v 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Eclipse Public License - Version 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Eclipse Public License, Version 2.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Ubuntu Font Licence 1.0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Bouncy Castle Licence"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "Public Domain, per Creative Commons CC0"
    },
    {
      "moduleName": ".*",
      "moduleLicense": "The W3C License"
    }
  ]
 }
--- a/build.gradle
+++ b/build.gradle
@@ -5,30 +5,28 @@ plugins {
    id "org.springdoc.openapi-gradle-plugin" version "1.8.0"
    id "io.swagger.swaggerhub" version "1.3.2"
    id "edu.sc.seis.launch4j" version "3.0.6"
-    id "com.diffplug.spotless" version "6.25.0"
+    id "com.diffplug.spotless" version "7.0.2"
    id "com.github.jk1.dependency-license-report" version "2.9"
-	//id "nebula.lint" version "19.0.3"
+    //id "nebula.lint" version "19.0.3"
-	id("org.panteleyev.jpackageplugin") version "1.6.0"
+    id("org.panteleyev.jpackageplugin") version "1.6.1"
    id "org.sonarqube" version "6.0.1.5171"
 }
 import com.github.jk1.license.render.*
 ext {
    springBootVersion = "3.4.1"
-    pdfboxVersion = "3.0.3"
+    pdfboxVersion = "3.0.4"
    logbackVersion = "1.5.7"
    imageioVersion = "3.12.0"
    lombokVersion = "1.18.36"
-    bouncycastleVersion = "1.79"
+    bouncycastleVersion = "1.80"
    springSecuritySamlVersion = "6.4.2"
    openSamlVersion = "4.3.2"
 }
 group = "stirling.software"
-version = "0.36.6"
+version = "0.40.2"
 java {
    // 17 is lowest but we support and recommend 21
@@ -37,14 +35,13 @@ java {
 repositories {
    mavenCentral()
-    maven { url "https://jitpack.io" }
+    maven { url = "https://build.shibboleth.net/maven/releases" }
-    maven { url "https://build.shibboleth.net/maven/releases" }
+    maven { url = "https://maven.pkg.github.com/jcefmaven/jcefmaven" }
    maven { url "https://maven.pkg.github.com/jcefmaven/jcefmaven" }
 }
 licenseReport {
    renderers = [new JsonReportRenderer()]
    allowedLicensesFile = new File("$projectDir/allowed-licenses.json")
 }
 sourceSets {
@@ -68,7 +65,7 @@ sourceSets {
            }
            if (System.getenv("STIRLING_PDF_DESKTOP_UI") == "false") {
-            	exclude "stirling/software/SPDF/UI/impl/**"
+                exclude "stirling/software/SPDF/UI/impl/**"
            }
        }
@@ -113,18 +110,15 @@ def getMacVersion(String version) {
 jpackage {
    input = "build/libs"
-
+    destination = "${projectDir}/build/jpackage"
    mainJar = "Stirling-PDF-${project.version}.jar"
    appName = "Stirling-PDF"
    appVersion = project.version
    vendor = "Stirling-Software"
-	appDescription = "Stirling PDF - Your Local PDF Editor"
+    appDescription = "Stirling PDF - Your Local PDF Editor"
    mainJar = "Stirling-PDF-${project.version}.jar"
    mainClass = "org.springframework.boot.loader.launch.JarLauncher"
    icon = "src/main/resources/static/favicon.ico"
-
+    verbose = true
-
+//    mainClass = "org.springframework.boot.loader.launch.JarLauncher"
    // JVM Options
    javaOptions = [
@@ -132,23 +126,21 @@ jpackage {
        "-DSTIRLING_PDF_DESKTOP_UI=true",
        "-Djava.awt.headless=false",
        "-Dapple.awt.UIElement=true",
-        "--add-opens", "java.base/java.lang=ALL-UNNAMED",
+        "--add-opens=java.base/java.lang=ALL-UNNAMED",
-        "--add-opens", "java.desktop/java.awt.event=ALL-UNNAMED",
+        "--add-opens=java.desktop/java.awt.event=ALL-UNNAMED",
-        "--add-opens", "java.desktop/sun.awt=ALL-UNNAMED"
+        "--add-opens=java.desktop/sun.awt=ALL-UNNAMED",
-
+        "--add-opens=java.desktop/sun.awt.X11=ALL-UNNAMED",
        "--add-opens=java.desktop/sun.awt.windows=ALL-UNNAMED",
        "--add-opens=java.desktop/sun.lwawt=ALL-UNNAMED",
        "--add-opens=java.desktop/sun.lwawt.macosx=ALL-UNNAMED",
    ]
    verbose = true
    destination = "${projectDir}/build/jpackage"
    // Windows-specific configuration
    windows {
-    	launcherAsService = false
+        launcherAsService = false
-    	appVersion = project.version
+        appVersion = project.version
-    	winConsole = false
+        winConsole = false
        winMenu = true  // Creates start menu entry
        winShortcut = true  // Creates desktop shortcut
        winShortcutPrompt = true  // Lets user choose whether to create shortcuts
@@ -164,7 +156,7 @@ jpackage {
    // macOS-specific configuration
    mac {
-    	appVersion = getMacVersion(project.version.toString())
+        appVersion = getMacVersion(project.version.toString())
        icon = "src/main/resources/static/favicon.icns"
        type = "dmg"
        macPackageIdentifier = "com.stirling.software.pdf"
@@ -188,7 +180,7 @@ jpackage {
    // Linux-specific configuration
    linux {
-    	appVersion = project.version
+        appVersion = project.version
        icon = "src/main/resources/static/favicon.png"
        type = "deb" // Can also use "rpm" for Red Hat-based systems
@@ -236,9 +228,9 @@ launch4j {
    outfile="Stirling-PDF.exe"
    if(System.getenv("STIRLING_PDF_DESKTOP_UI") == 'true') {
-    	headerType = "gui"
+        headerType = "gui"
    } else {
-    	headerType = "console"
+        headerType = "console"
    }
    jarTask = tasks.bootJar
@@ -246,13 +238,11 @@ launch4j {
    downloadUrl="https://download.oracle.com/java/21/latest/jdk-21_windows-x64_bin.exe"
    if(System.getenv("STIRLING_PDF_DESKTOP_UI") == 'true') {
-    	variables=["BROWSER_OPEN=true", "STIRLING_PDF_DESKTOP_UI=true"]
+        variables=["BROWSER_OPEN=true", "STIRLING_PDF_DESKTOP_UI=true"]
    } else {
-    	variables=["BROWSER_OPEN=true"]
+        variables=["BROWSER_OPEN=true"]
    }
    jreMinVersion="17"
    mutexName="Stirling-PDF"
@@ -274,11 +264,22 @@ spotless {
        importOrder("java", "javax", "org", "com", "net", "io")
        toggleOffOn()
        trimTrailingWhitespace()
-        indentWithSpaces()
+        leadingTabsToSpaces()
        endWithNewline()
    }
 }
 sonar {
    properties {
        property "sonar.projectKey", "Stirling-Tools_Stirling-PDF"
        property "sonar.organization", "stirling-tools"
        property "sonar.exclusions", "**/build-wrapper-dump.json, src/main/java/org/apache/**, src/main/resources/static/pdfjs/**, src/main/resources/static/pdfjs-legacy/**, src/main/resources/static/js/thirdParty/**"
        property "sonar.coverage.exclusions", "src/main/java/org/apache/**, src/main/resources/static/pdfjs/**, src/main/resources/static/pdfjs-legacy/**, src/main/resources/static/js/thirdParty/**"
        property "sonar.cpd.exclusions", "src/main/java/org/apache/**, src/main/resources/static/pdfjs/**, src/main/resources/static/pdfjs-legacy/**, src/main/resources/static/js/thirdParty/**"
    }
 }
 //gradleLint {
 //        rules=['unused-dependency']
 //    }
@@ -293,26 +294,23 @@ configurations.all {
 }
 dependencies {
-	if (System.getenv("STIRLING_PDF_DESKTOP_UI") != "false") {
+    if (System.getenv("STIRLING_PDF_DESKTOP_UI") != "false") {
-		implementation "me.friwi:jcefmaven:127.3.1"
+        implementation "me.friwi:jcefmaven:127.3.1"
-	    implementation "org.openjfx:javafx-controls:21"
+        implementation "org.openjfx:javafx-controls:21"
-	    implementation "org.openjfx:javafx-swing:21"
+        implementation "org.openjfx:javafx-swing:21"
    }
    //security updates
-    implementation "org.springframework:spring-webmvc:6.2.1"
+    implementation "org.springframework:spring-webmvc:6.2.2"
    implementation("io.github.pixee:java-security-toolkit:1.2.1")
    // implementation "org.yaml:snakeyaml:2.2"
    implementation 'com.github.Carleslc.Simple-YAML:Simple-Yaml:1.8.4'
    // Exclude Tomcat and include Jetty
    implementation("org.springframework.boot:spring-boot-starter-web:$springBootVersion")
    implementation "org.springframework.boot:spring-boot-starter-jetty:$springBootVersion"
    implementation "org.springframework.boot:spring-boot-starter-thymeleaf:$springBootVersion"
-    implementation 'com.posthog.java:posthog:1.1.1'
+    implementation 'com.posthog.java:posthog:1.2.0'
    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
@@ -322,20 +320,20 @@ dependencies {
        implementation "org.springframework.boot:spring-boot-starter-data-jpa:$springBootVersion"
        implementation "org.springframework.boot:spring-boot-starter-oauth2-client:$springBootVersion"
-		implementation "org.springframework.session:spring-session-core:$springBootVersion"
+        implementation "org.springframework.session:spring-session-core:$springBootVersion"
-        implementation "org.springframework:spring-jdbc:6.2.1"
+        implementation "org.springframework:spring-jdbc:6.2.2"
-	    implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
+        implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
        // Don't upgrade h2database
        runtimeOnly "com.h2database:h2:2.3.232"
-        runtimeOnly "org.postgresql:postgresql:42.7.4"
+        runtimeOnly "org.postgresql:postgresql:42.7.5"
        constraints {
            implementation "org.opensaml:opensaml-core:$openSamlVersion"
            implementation "org.opensaml:opensaml-saml-api:$openSamlVersion"
            implementation "org.opensaml:opensaml-saml-impl:$openSamlVersion"
        }
        implementation "org.springframework.security:spring-security-saml2-service-provider:$springSecuritySamlVersion"
-//		implementation 'org.springframework.security:spring-security-core:$springSecuritySamlVersion'
+        // implementation 'org.springframework.security:spring-security-core:$springSecuritySamlVersion'
        implementation 'com.coveo:saml-client:5.0.0'
@@ -372,13 +370,15 @@ dependencies {
    //general PDF
    // https://mvnrepository.com/artifact/com.opencsv/opencsv
-    implementation ("com.opencsv:opencsv:5.9") {
+    implementation ("com.opencsv:opencsv:5.10") {
        exclude group: "commons-logging", module: "commons-logging"
    }
    implementation ("org.apache.pdfbox:pdfbox:$pdfboxVersion") {
        exclude group: "commons-logging", module: "commons-logging"
    }
    implementation "org.apache.pdfbox:preflight:$pdfboxVersion"
    implementation ("org.apache.pdfbox:xmpbox:$pdfboxVersion") {
        exclude group: "commons-logging", module: "commons-logging"
@@ -396,7 +396,7 @@ dependencies {
    implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion"
    implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion"
    implementation "org.springframework.boot:spring-boot-starter-actuator:$springBootVersion"
-    implementation "io.micrometer:micrometer-core:1.14.2"
+    implementation "io.micrometer:micrometer-core:1.14.3"
    implementation group: "com.google.zxing", name: "core", version: "3.5.3"
    // https://mvnrepository.com/artifact/org.commonmark/commonmark
    implementation "org.commonmark:commonmark:0.24.0"
@@ -405,6 +405,8 @@ dependencies {
    implementation "com.bucket4j:bucket4j_jdk17-core:8.14.0"
    implementation "com.fathzer:javaluator:3.0.5"
    implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'
    developmentOnly("org.springframework.boot:spring-boot-devtools:$springBootVersion")
    compileOnly "org.projectlombok:lombok:$lombokVersion"
    annotationProcessor "org.projectlombok:lombok:$lombokVersion"
@@ -428,13 +430,13 @@ task writeVersion {
 }
 swaggerhubUpload {
-    //dependsOn generateOpenApiDocs  // Depends on your task generating Swagger docs
+    // dependsOn = generateOpenApiDocs  // Depends on your task generating Swagger docs
-    api "Stirling-PDF"  // The name of your API on SwaggerHub
+    api = "Stirling-PDF"  // The name of your API on SwaggerHub
-    owner "Frooodle"  // Your SwaggerHub username (or organization name)
+    owner = "Frooodle"  // Your SwaggerHub username (or organization name)
-    version project.version  // The version of your API
+    version = project.version  // The version of your API
-    inputFile "./SwaggerDoc.json"  // The path to your Swagger docs
+    inputFile = "./SwaggerDoc.json"  // The path to your Swagger docs
-    token  "${System.getenv("SWAGGERHUB_API_KEY")}"  // Your SwaggerHub API key, passed as an environment variable
+    token = "${System.getenv("SWAGGERHUB_API_KEY")}"  // Your SwaggerHub API key, passed as an environment variable
-    oas "3.0.0"  // The version of the OpenAPI Specification you"re using
+    oas = "3.0.0"  // The version of the OpenAPI Specification you"re using
 }
 jar {
--- a/exampleYmlFiles/docker-compose-latest-fat-security-postgres.yml
+++ b/exampleYmlFiles/docker-compose-latest-fat-security-postgres.yml
@@ -60,4 +60,4 @@ services:
      timeout: 5s
      retries: 10
    volumes:
-      - ./stirling/latest/data:/pgdata
+      - ./stirling/latest/data:/pgdata
--- a/exampleYmlFiles/test_cicd.yml
+++ b/exampleYmlFiles/test_cicd.yml
@@ -1,6 +1,6 @@
 services:
  stirling-pdf:
-    container_name: Stirling-PDF-Security-Fat
+    container_name: Stirling-PDF-Security-Fat-with-login
    image: stirlingtools/stirling-pdf:latest-fat
    deploy:
      resources:
--- a/gradle.properties
+++ b/gradle.properties
@@ -0,0 +1,7 @@
 # Enables parallel execution of tasks, allowing multiple tasks to run simultaneously
 org.gradle.parallel=true
 # Enables build caching to reuse outputs from previous builds for faster execution
 # org.gradle.caching=true
 org.gradle.build-scan=true
--- a/gradle/wrapper/gradle-wrapper.jar
+++ b/gradle/wrapper/gradle-wrapper.jar
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-all.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
--- a/37
+++ b/37
@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -80,13 +82,11 @@ do
    esac
 done
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
+# This is normally unused
-
+# shellcheck disable=SC2034
 APP_NAME="Gradle"
 APP_BASE_NAME=${0##*/}
-
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -133,22 +133,29 @@ location of your Java installation."
    fi
 else
    JAVACMD=java
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+    if ! command -v java >/dev/null 2>&1
    then
        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
    fi
 fi
 # Increase the maximum file descriptors if we can.
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
    case $MAX_FD in #(
      max*)
        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
        # shellcheck disable=SC2039,SC3045
        MAX_FD=$( ulimit -H -n ) ||
            warn "Could not query maximum file descriptor limit"
    esac
    case $MAX_FD in  #(
      '' | soft) :;; #(
      *)
        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
        # shellcheck disable=SC2039,SC3045
        ulimit -n "$MAX_FD" ||
            warn "Could not set maximum file descriptor limit to $MAX_FD"
    esac
@@ -193,11 +200,15 @@ if "$cygwin" || "$msys" ; then
    done
 fi
-# Collect all arguments for the java command;
+
-#   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-#     shell script including quotes and variable substitutions, so put them in
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
-#     double quotes to make sure that they get re-expanded; and
+
-#   * put everything else in single quotes, so that it's not re-expanded.
+# Collect all arguments for the java command:
 #   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.
 set -- \
        "-Dorg.gradle.appname=$APP_BASE_NAME" \
--- a/gradlew.bat
+++ b/gradlew.bat
@@ -13,6 +13,8 @@
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@rem SPDX-License-Identifier: Apache-2.0
@rem
@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
@@ -26,6 +28,7 @@ if "%OS%"=="Windows_NT" setlocal
 set DIRNAME=%~dp0
 if "%DIRNAME%"=="" set DIRNAME=.
@rem This is normally unused
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
@@ -42,11 +45,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
-echo.
+echo. 1>&2
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
-echo.
+echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation.
+echo location of your Java installation. 1>&2
 goto fail
@@ -56,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 if exist "%JAVA_EXE%" goto execute
-echo.
+echo. 1>&2
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
-echo.
+echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation.
+echo location of your Java installation. 1>&2
 goto fail
--- a/images/stirling-home-dark.png
+++ b/images/stirling-home-dark.png
--- a/images/stirling-home.jpg
+++ b/images/stirling-home.jpg
--- a/scripts/counter_translation.py
+++ b/scripts/counter_translation.py
@@ -75,7 +75,7 @@ def write_readme(progress_list: list[tuple[str, int]]) -> None:
                        f"![{value}%](https://geps.dev/progress/{value})",
                    )
-    with open("README.md", "w", encoding="utf-8") as file:
+    with open("README.md", "w", encoding="utf-8", newline="\n") as file:
        file.writelines(content)
@@ -135,9 +135,10 @@ def compare_files(
        # elif "language.direction" in sort_ignore_translation[language]["missing"]:
        #     sort_ignore_translation[language]["missing"].remove("language.direction")
-        with open(default_file_path, encoding="utf-8") as default_file, open(
+        with (
-            file_path, encoding="utf-8"
+            open(default_file_path, encoding="utf-8") as default_file,
-        ) as file:
+            open(file_path, encoding="utf-8") as file,
        ):
            for _ in range(5):
                next(default_file)
                try:
@@ -195,7 +196,7 @@ def compare_files(
            )
        )
    ignore_translation = convert_to_multiline(sort_ignore_translation)
-    with open(ignore_translation_file, "w", encoding="utf-8") as file:
+    with open(ignore_translation_file, "w", encoding="utf-8", newline="\n") as file:
        file.write(tomlkit.dumps(ignore_translation))
    unique_data = list(set(result_list))
--- a/scripts/ignore_translation.toml
+++ b/scripts/ignore_translation.toml
@@ -24,7 +24,6 @@ ignore = [
 [cs_CZ]
 ignore = [
    'language.direction',
    'pipeline.header',
    'text',
 ]
@@ -50,6 +49,7 @@ ignore = [
    'pipeline.title',
    'pipelineOptions.pipelineHeader',
    'pro',
    'redact.zoom',
    'sponsor',
    'text',
    'validateSignature.cert.bits',
@@ -210,6 +210,11 @@ ignore = [
    'watermark.type.1',
 ]
 [sl_SI]
 ignore = [
    'language.direction',
 ]
 [sr_LATN_RS]
 ignore = [
    'language.direction',
--- a/src/main/java/stirling/software/SPDF/EE/EEAppConfig.java
+++ b/src/main/java/stirling/software/SPDF/EE/EEAppConfig.java
@@ -27,4 +27,9 @@ public class EEAppConfig {
    public boolean runningEnterpriseEdition() {
        return licenseKeyChecker.getEnterpriseEnabledResult();
    }
    @Bean(name = "SSOAutoLogin")
    public boolean ssoAutoLogin() {
        return applicationProperties.getEnterpriseEdition().isSsoAutoLogin();
    }
 }
--- a/src/main/java/stirling/software/SPDF/EE/KeygenLicenseVerifier.java
+++ b/src/main/java/stirling/software/SPDF/EE/KeygenLicenseVerifier.java
@@ -94,7 +94,7 @@ public class KeygenLicenseVerifier {
                        .build();
        HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
-        log.info(" validateLicenseResponse body: " + response.body());
+        log.debug(" validateLicenseResponse body: " + response.body());
        JsonNode jsonResponse = objectMapper.readTree(response.body());
        if (response.statusCode() == 200) {
--- a/src/main/java/stirling/software/SPDF/config/AppConfig.java
+++ b/src/main/java/stirling/software/SPDF/config/AppConfig.java
@@ -4,6 +4,7 @@ import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.List;
 import java.util.Properties;
 import java.util.function.Predicate;
@@ -74,6 +75,11 @@ public class AppConfig {
                : "null";
    }
    @Bean(name = "languages")
    public List<String> languages() {
        return applicationProperties.getUi().getLanguages();
    }
    @Bean(name = "navBarText")
    public String navBarText() {
        String defaultNavBar =
--- a/src/main/java/stirling/software/SPDF/config/ConfigInitializer.java
+++ b/src/main/java/stirling/software/SPDF/config/ConfigInitializer.java
@@ -9,135 +9,200 @@ import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.StandardCopyOption;
-import java.util.Arrays;
+import java.util.*;
 import java.util.List;
 import org.simpleyaml.configuration.comments.CommentType;
 import org.simpleyaml.configuration.file.YamlFile;
 import org.simpleyaml.configuration.implementation.SimpleYamlImplementation;
 import org.simpleyaml.configuration.implementation.snakeyaml.lib.DumperOptions;
 import lombok.extern.slf4j.Slf4j;
 /**
 * A naive, line-based approach to merging "settings.yml" with "settings.yml.template" while
 * preserving exact whitespace, blank lines, and inline comments -- but we only rewrite the file if
 * the merged content actually differs.
 */
@Slf4j
 public class ConfigInitializer {
    public void ensureConfigExists() throws IOException, URISyntaxException {
-        // Define the path to the external config directory
+        // 1) If settings file doesn't exist, create from template
        Path destPath = Paths.get(InstallationPathConfig.getSettingsPath());
        // Check if the file already exists
        if (Files.notExists(destPath)) {
            // Ensure the destination directory exists
            Files.createDirectories(destPath.getParent());
            // Copy the resource from classpath to the external directory
            try (InputStream in =
                    getClass().getClassLoader().getResourceAsStream("settings.yml.template")) {
-                if (in != null) {
+                if (in == null) {
                    Files.copy(in, destPath);
                } else {
                    throw new FileNotFoundException(
                            "Resource file not found: settings.yml.template");
                }
                Files.copy(in, destPath);
            }
            log.info("Created settings file from template");
        } else {
-
+            // 2) Merge existing file with the template
            // Define the path to the config settings file
            Path settingsPath = Paths.get(InstallationPathConfig.getSettingsPath());
-            // Load the template resource
+            URL templateResource = getClass().getClassLoader().getResource("settings.yml.template");
-            URL settingsTemplateResource =
+            if (templateResource == null) {
                    getClass().getClassLoader().getResource("settings.yml.template");
            if (settingsTemplateResource == null) {
                throw new IOException("Resource not found: settings.yml.template");
            }
-            // Create a temporary file to copy the resource content
+            // Copy template to a temp location so we can read lines
            Path tempTemplatePath = Files.createTempFile("settings.yml", ".template");
-
+            try (InputStream in = templateResource.openStream()) {
            try (InputStream in = settingsTemplateResource.openStream()) {
                Files.copy(in, tempTemplatePath, StandardCopyOption.REPLACE_EXISTING);
            }
-            final YamlFile settingsTemplateFile = new YamlFile(tempTemplatePath.toFile());
+            // 2a) Read lines from both files
-            DumperOptions yamlOptionsSettingsTemplateFile =
+            List<String> templateLines = Files.readAllLines(tempTemplatePath);
-                    ((SimpleYamlImplementation) settingsTemplateFile.getImplementation())
+            List<String> mainLines = Files.readAllLines(settingsPath);
                            .getDumperOptions();
            yamlOptionsSettingsTemplateFile.setSplitLines(false);
            settingsTemplateFile.loadWithComments();
-            final YamlFile settingsFile = new YamlFile(settingsPath.toFile());
+            // 2b) Merge lines
-            DumperOptions yamlOptionsSettingsFile =
+            List<String> mergedLines = mergeYamlLinesWithTemplate(templateLines, mainLines);
                    ((SimpleYamlImplementation) settingsFile.getImplementation())
                            .getDumperOptions();
            yamlOptionsSettingsFile.setSplitLines(false);
            settingsFile.loadWithComments();
-            // Load headers and comments
+            // 2c) Only write if there's an actual difference
-            String header = settingsTemplateFile.getHeader();
+            if (!mergedLines.equals(mainLines)) {
-
+                Files.write(settingsPath, mergedLines);
-            // Create a new file for temporary settings
+                log.info("Settings file updated based on template changes.");
-            final YamlFile tempSettingFile = new YamlFile(settingsPath.toFile());
+            } else {
-            DumperOptions yamlOptionsTempSettingFile =
+                log.info("No changes detected; settings file left as-is.");
                    ((SimpleYamlImplementation) tempSettingFile.getImplementation())
                            .getDumperOptions();
            yamlOptionsTempSettingFile.setSplitLines(false);
            tempSettingFile.createNewFile(true);
            tempSettingFile.setHeader(header);
            // Get all keys from the template
            List<String> keys =
                    Arrays.asList(settingsTemplateFile.getKeys(true).toArray(new String[0]));
            for (String key : keys) {
                if (!key.contains(".")) {
                    // Add blank lines and comments to specific sections
                    tempSettingFile
                            .path(key)
                            .comment(settingsTemplateFile.getComment(key))
                            .blankLine();
                    continue;
                }
                // Copy settings from the template to the settings.yml file
                changeConfigItemFromCommentToKeyValue(
                        settingsTemplateFile, settingsFile, tempSettingFile, key);
            }
-            // Save the settings.yml file
+            Files.deleteIfExists(tempTemplatePath);
            tempSettingFile.save();
        }
-        // Create custom settings file if it doesn't exist
+        // 3) Ensure custom settings file exists
        Path customSettingsPath = Paths.get(InstallationPathConfig.getCustomSettingsPath());
        if (!Files.exists(customSettingsPath)) {
            Files.createFile(customSettingsPath);
        }
    }
-    private void changeConfigItemFromCommentToKeyValue(
+    /**
-            final YamlFile settingsTemplateFile,
+     * Merge logic that: - Reads the template lines block-by-block (where a "block" = a key and all
-            final YamlFile settingsFile,
+     * the lines that belong to it), - If the main file has that key, we keep the main file's block
-            final YamlFile tempSettingFile,
+     * (preserving whitespace + inline comments). - Otherwise, we insert the template's block. - We
-            String path) {
+     * also remove keys from main that no longer exist in the template.
-        if (settingsFile.get(path) == null && settingsTemplateFile.get(path) != null) {
+     *
-            // If the key is only in the template, add it to the temporary settings with comments
+     * @param templateLines lines from settings.yml.template
-            tempSettingFile
+     * @param mainLines lines from the existing settings.yml
-                    .path(path)
+     * @return merged lines
-                    .set(settingsTemplateFile.get(path))
+     */
-                    .comment(settingsTemplateFile.getComment(path, CommentType.BLOCK))
+    private List<String> mergeYamlLinesWithTemplate(
-                    .commentSide(settingsTemplateFile.getComment(path, CommentType.SIDE));
+            List<String> templateLines, List<String> mainLines) {
-        } else if (settingsFile.get(path) != null && settingsTemplateFile.get(path) != null) {
+
-            // If the key is in both, update the temporary settings with the main settings' value
+        // 1) Parse template lines into an ordered map: path -> Block
-            // and comments
+        LinkedHashMap<String, Block> templateBlocks = parseYamlBlocks(templateLines);
-            tempSettingFile
+
-                    .path(path)
+        // 2) Parse main lines into a map: path -> Block
-                    .set(settingsFile.get(path))
+        LinkedHashMap<String, Block> mainBlocks = parseYamlBlocks(mainLines);
-                    .comment(settingsTemplateFile.getComment(path, CommentType.BLOCK))
+
-                    .commentSide(settingsTemplateFile.getComment(path, CommentType.SIDE));
+        // 3) Build the final list by iterating template blocks in order
-        } else {
+        List<String> merged = new ArrayList<>();
-            // Log if the key is not found in both YAML files
+        for (Map.Entry<String, Block> entry : templateBlocks.entrySet()) {
-            log.info("Key not found in both YAML files: " + path);
+            String path = entry.getKey();
            Block templateBlock = entry.getValue();
            if (mainBlocks.containsKey(path)) {
                // If main has the same block, prefer main's lines
                merged.addAll(mainBlocks.get(path).lines);
            } else {
                // Otherwise, add the template block
                merged.addAll(templateBlock.lines);
            }
        }
        return merged;
    }
    /**
     * Parse a list of lines into a map of "path -> Block" where "Block" is all lines that belong to
     * that key (including subsequent indented lines). Very naive approach that may not work with
     * advanced YAML.
     */
    private LinkedHashMap<String, Block> parseYamlBlocks(List<String> lines) {
        LinkedHashMap<String, Block> blocks = new LinkedHashMap<>();
        Block currentBlock = null;
        String currentPath = null;
        for (String line : lines) {
            if (isLikelyKeyLine(line)) {
                // Found a new "key: ..." line
                if (currentBlock != null && currentPath != null) {
                    blocks.put(currentPath, currentBlock);
                }
                currentBlock = new Block();
                currentBlock.lines.add(line);
                currentPath = computePathForLine(line);
            } else {
                // Continuation of current block (comments, blank lines, sub-lines)
                if (currentBlock == null) {
                    // If file starts with comments/blank lines, treat as "header block" with path
                    // ""
                    currentBlock = new Block();
                    currentPath = "";
                }
                currentBlock.lines.add(line);
            }
        }
        if (currentBlock != null && currentPath != null) {
            blocks.put(currentPath, currentBlock);
        }
        return blocks;
    }
    /**
     * Checks if the line is likely "key:" or "key: value", ignoring comments/blank. Skips lines
     * starting with "-" or "#".
     */
    private boolean isLikelyKeyLine(String line) {
        String trimmed = line.trim();
        if (trimmed.isEmpty() || trimmed.startsWith("#") || trimmed.startsWith("-")) {
            return false;
        }
        int colonIdx = trimmed.indexOf(':');
        return (colonIdx > 0); // someKey:
    }
    // For a line like "security: ", returns "security" or "security.enableLogin"
    // by looking at indentation. Very naive.
    private static final Deque<String> pathStack = new ArrayDeque<>();
    private static int currentIndentLevel = 0;
    private String computePathForLine(String line) {
        // count leading spaces
        int leadingSpaces = 0;
        for (char c : line.toCharArray()) {
            if (c == ' ') leadingSpaces++;
            else break;
        }
        // assume 2 spaces = 1 indent
        int indentLevel = leadingSpaces / 2;
        String trimmed = line.trim();
        int colonIdx = trimmed.indexOf(':');
        String keyName = trimmed.substring(0, colonIdx).trim();
        // pop stack until we match the new indent level
        while (currentIndentLevel >= indentLevel && !pathStack.isEmpty()) {
            pathStack.pop();
            currentIndentLevel--;
        }
        // push the new key
        pathStack.push(keyName);
        currentIndentLevel = indentLevel;
        // build path by reversing the stack
        String[] arr = pathStack.toArray(new String[0]);
        List<String> reversed = Arrays.asList(arr);
        Collections.reverse(reversed);
        return String.join(".", reversed);
    }
    /**
     * Simple holder for the lines that comprise a "block" (i.e. a key and its subsequent lines).
     */
    private static class Block {
        List<String> lines = new ArrayList<>();
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java
@@ -126,6 +126,7 @@ public class EndpointConfiguration {
        addEndpointToGroup("Convert", "url-to-pdf");
        addEndpointToGroup("Convert", "markdown-to-pdf");
        addEndpointToGroup("Convert", "pdf-to-csv");
        addEndpointToGroup("Convert", "pdf-to-markdown");
        // Adding endpoints to "Security" group
        addEndpointToGroup("Security", "add-password");
@@ -182,7 +183,6 @@ public class EndpointConfiguration {
        addEndpointToGroup("Python", "extract-image-scans");
        addEndpointToGroup("Python", "html-to-pdf");
        addEndpointToGroup("Python", "url-to-pdf");
        addEndpointToGroup("Python", "pdf-to-img");
        addEndpointToGroup("Python", "file-to-pdf");
        // openCV
@@ -244,6 +244,7 @@ public class EndpointConfiguration {
        addEndpointToGroup("Java", REMOVE_BLANKS);
        addEndpointToGroup("Java", "pdf-to-text");
        addEndpointToGroup("Java", "remove-image-pdf");
        addEndpointToGroup("Java", "pdf-to-markdown");
        // Javascript
        addEndpointToGroup("Javascript", "pdf-organizer");
@@ -259,12 +260,11 @@ public class EndpointConfiguration {
        // Weasyprint dependent endpoints
        addEndpointToGroup("Weasyprint", "html-to-pdf");
        addEndpointToGroup("Weasyprint", "url-to-pdf");
        addEndpointToGroup("Weasyprint", "markdown-to-pdf");
        // Pdftohtml dependent endpoints
        addEndpointToGroup("Pdftohtml", "pdf-to-html");
-
+        addEndpointToGroup("Pdftohtml", "pdf-to-markdown");
        // disabled for now while we resolve issues
        disableEndpoint("pdf-to-pdfa");
    }
    private void processEnvironmentConfigs() {
--- a/src/main/java/stirling/software/SPDF/config/InstallationPathConfig.java
+++ b/src/main/java/stirling/software/SPDF/config/InstallationPathConfig.java
@@ -22,6 +22,7 @@ public class InstallationPathConfig {
    // Pipeline paths
    private static final String PIPELINE_WATCHED_FOLDERS_PATH;
    private static final String PIPELINE_FINISHED_FOLDERS_PATH;
    private static final String PIPELINE_DEFAULT_WEB_UI_CONFIGS;
    // Custom file paths
    private static final String STATIC_PATH;
@@ -45,6 +46,7 @@ public class InstallationPathConfig {
        // Initialize pipeline paths
        PIPELINE_WATCHED_FOLDERS_PATH = PIPELINE_PATH + "watchedFolders" + File.separator;
        PIPELINE_FINISHED_FOLDERS_PATH = PIPELINE_PATH + "finishedFolders" + File.separator;
        PIPELINE_DEFAULT_WEB_UI_CONFIGS = PIPELINE_PATH + "defaultWebUIConfigs" + File.separator;
        // Initialize custom file paths
        STATIC_PATH = CUSTOM_FILES_PATH + "static" + File.separator;
@@ -118,6 +120,10 @@ public class InstallationPathConfig {
        return PIPELINE_FINISHED_FOLDERS_PATH;
    }
    public static String getPipelineDefaultWebUIConfigsDir() {
        return PIPELINE_DEFAULT_WEB_UI_CONFIGS;
    }
    public static String getStaticPath() {
        return STATIC_PATH;
    }
--- a/src/main/java/stirling/software/SPDF/config/PostHogConfig.java
+++ b/src/main/java/stirling/software/SPDF/config/PostHogConfig.java
@@ -7,8 +7,10 @@ import org.springframework.context.annotation.Configuration;
 import com.posthog.java.PostHog;
 import jakarta.annotation.PreDestroy;
 import lombok.extern.slf4j.Slf4j;
@Configuration
@Slf4j
 public class PostHogConfig {
    @Value("${posthog.api.key}")
@@ -21,7 +23,11 @@ public class PostHogConfig {
    @Bean
    public PostHog postHogClient() {
-        postHogClient = new PostHog.Builder(posthogApiKey).host(posthogHost).build();
+        postHogClient =
                new PostHog.Builder(posthogApiKey)
                        .host(posthogHost)
                        .logger(new PostHogLoggerImpl())
                        .build();
        return postHogClient;
    }
--- a/src/main/java/stirling/software/SPDF/config/PostHogLoggerImpl.java
+++ b/src/main/java/stirling/software/SPDF/config/PostHogLoggerImpl.java
@@ -0,0 +1,42 @@
 package stirling.software.SPDF.config;
 import org.springframework.stereotype.Component;
 import com.posthog.java.PostHogLogger;
 import lombok.extern.slf4j.Slf4j;
@Slf4j
@Component
 public class PostHogLoggerImpl implements PostHogLogger {
    @Override
    public void debug(String message) {
        log.debug(message);
    }
    @Override
    public void info(String message) {
        log.info(message);
    }
    @Override
    public void warn(String message) {
        log.warn(message);
    }
    @Override
    public void error(String message) {
        log.error(message);
    }
    @Override
    public void error(String message, Throwable throwable) {
        if (message.contains("Error sending events to PostHog")) {
            log.warn(
                    "Error sending metrics, Likely caused by no internet connection. Non Blocking");
        } else {
            log.error(message, throwable);
        }
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
@@ -1,39 +1,24 @@
 package stirling.software.SPDF.config.security;
 import java.security.cert.X509Certificate;
 import java.util.*;
-import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.core.io.Resource;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.ClientRegistrations;
 import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 import org.springframework.security.saml2.core.Saml2X509Credential;
 import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType;
 import org.springframework.security.saml2.provider.service.authentication.OpenSaml4AuthenticationProvider;
 import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
 import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@@ -43,24 +28,16 @@ import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.security.web.savedrequest.NullRequestCache;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.config.security.oauth2.CustomOAuth2AuthenticationFailureHandler;
 import stirling.software.SPDF.config.security.oauth2.CustomOAuth2AuthenticationSuccessHandler;
 import stirling.software.SPDF.config.security.oauth2.CustomOAuth2UserService;
 import stirling.software.SPDF.config.security.saml2.CertificateUtils;
 import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticationFailureHandler;
 import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticationSuccessHandler;
 import stirling.software.SPDF.config.security.saml2.CustomSaml2ResponseAuthenticationConverter;
 import stirling.software.SPDF.config.security.session.SessionPersistentRegistry;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2.Client;
 import stirling.software.SPDF.model.ApplicationProperties.Security.SAML2;
 import stirling.software.SPDF.model.User;
 import stirling.software.SPDF.model.provider.GithubProvider;
 import stirling.software.SPDF.model.provider.GoogleProvider;
 import stirling.software.SPDF.model.provider.KeycloakProvider;
 import stirling.software.SPDF.repository.JPATokenRepositoryImpl;
 import stirling.software.SPDF.repository.PersistentLoginRepository;
@@ -72,7 +49,7 @@ import stirling.software.SPDF.repository.PersistentLoginRepository;
 public class SecurityConfiguration {
    private final CustomUserDetailsService userDetailsService;
-    @Lazy private final UserService userService;
+    private final UserService userService;
    @Qualifier("loginEnabled")
    private final boolean loginEnabledValue;
@@ -86,16 +63,10 @@ public class SecurityConfiguration {
    private final FirstLoginFilter firstLoginFilter;
    private final SessionPersistentRegistry sessionRegistry;
    private final PersistentLoginRepository persistentLoginRepository;
    private final GrantedAuthoritiesMapper oAuth2userAuthoritiesMapper;
    private final RelyingPartyRegistrationRepository saml2RelyingPartyRegistrations;
    private final OpenSaml4AuthenticationRequestResolver saml2AuthenticationRequestResolver;
    //    // Only Dev test
    //    @Bean
    //    public WebSecurityCustomizer webSecurityCustomizer() {
    //        return (web) ->
    //                web.ignoring()
    //                        .requestMatchers(
    //                                "/css/**", "/images/**", "/js/**", "/**.svg",
    // "/pdfjs-legacy/**");
    //    }
    public SecurityConfiguration(
            PersistentLoginRepository persistentLoginRepository,
            CustomUserDetailsService userDetailsService,
@@ -106,7 +77,12 @@ public class SecurityConfiguration {
            UserAuthenticationFilter userAuthenticationFilter,
            LoginAttemptService loginAttemptService,
            FirstLoginFilter firstLoginFilter,
-            SessionPersistentRegistry sessionRegistry) {
+            SessionPersistentRegistry sessionRegistry,
            @Autowired(required = false) GrantedAuthoritiesMapper oAuth2userAuthoritiesMapper,
            @Autowired(required = false)
                    RelyingPartyRegistrationRepository saml2RelyingPartyRegistrations,
            @Autowired(required = false)
                    OpenSaml4AuthenticationRequestResolver saml2AuthenticationRequestResolver) {
        this.userDetailsService = userDetailsService;
        this.userService = userService;
        this.loginEnabledValue = loginEnabledValue;
@@ -117,6 +93,9 @@ public class SecurityConfiguration {
        this.firstLoginFilter = firstLoginFilter;
        this.sessionRegistry = sessionRegistry;
        this.persistentLoginRepository = persistentLoginRepository;
        this.oAuth2userAuthoritiesMapper = oAuth2userAuthoritiesMapper;
        this.saml2RelyingPartyRegistrations = saml2RelyingPartyRegistrations;
        this.saml2AuthenticationRequestResolver = saml2AuthenticationRequestResolver;
    }
    @Bean
@@ -274,7 +253,7 @@ public class SecurityConfiguration {
                                                                                userService,
                                                                                loginAttemptService))
                                                                .userAuthoritiesMapper(
-                                                                        userAuthoritiesMapper()))
+                                                                        oAuth2userAuthoritiesMapper))
                                        .permitAll());
            }
            // Handle SAML
@@ -291,7 +270,7 @@ public class SecurityConfiguration {
                                    try {
                                        saml2.loginPage("/saml2")
                                                .relyingPartyRegistrationRepository(
-                                                        relyingPartyRegistrations())
+                                                        saml2RelyingPartyRegistrations)
                                                .authenticationManager(
                                                        new ProviderManager(authenticationProvider))
                                                .successHandler(
@@ -302,8 +281,7 @@ public class SecurityConfiguration {
                                                .failureHandler(
                                                        new CustomSaml2AuthenticationFailureHandler())
                                                .authenticationRequestResolver(
-                                                        authenticationRequestResolver(
+                                                        saml2AuthenticationRequestResolver);
                                                                relyingPartyRegistrations()));
                                    } catch (Exception e) {
                                        log.error("Error configuring SAML2 login", e);
                                        throw new RuntimeException(e);
@@ -311,244 +289,11 @@ public class SecurityConfiguration {
                                });
            }
        } else {
            //            if (!applicationProperties.getSecurity().getCsrfDisabled()) {
            //                CookieCsrfTokenRepository cookieRepo =
            //                        CookieCsrfTokenRepository.withHttpOnlyFalse();
            //                CsrfTokenRequestAttributeHandler requestHandler =
            //                        new CsrfTokenRequestAttributeHandler();
            //                requestHandler.setCsrfRequestAttributeName(null);
            //                http.csrf(
            //                        csrf ->
            //                                csrf.csrfTokenRepository(cookieRepo)
            //                                        .csrfTokenRequestHandler(requestHandler));
            //            }
            http.authorizeHttpRequests(authz -> authz.anyRequest().permitAll());
        }
        return http.build();
    }
    @Bean
    @ConditionalOnProperty(
            value = "security.oauth2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    public ClientRegistrationRepository clientRegistrationRepository() {
        List<ClientRegistration> registrations = new ArrayList<>();
        githubClientRegistration().ifPresent(registrations::add);
        oidcClientRegistration().ifPresent(registrations::add);
        googleClientRegistration().ifPresent(registrations::add);
        keycloakClientRegistration().ifPresent(registrations::add);
        if (registrations.isEmpty()) {
            log.error("At least one OAuth2 provider must be configured");
            System.exit(1);
        }
        return new InMemoryClientRegistrationRepository(registrations);
    }
    private Optional<ClientRegistration> googleClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null || !oauth.getEnabled()) {
            return Optional.empty();
        }
        Client client = oauth.getClient();
        if (client == null) {
            return Optional.empty();
        }
        GoogleProvider google = client.getGoogle();
        return google != null && google.isSettingsValid()
                ? Optional.of(
                        ClientRegistration.withRegistrationId(google.getName())
                                .clientId(google.getClientId())
                                .clientSecret(google.getClientSecret())
                                .scope(google.getScopes())
                                .authorizationUri(google.getAuthorizationuri())
                                .tokenUri(google.getTokenuri())
                                .userInfoUri(google.getUserinfouri())
                                .userNameAttributeName(google.getUseAsUsername())
                                .clientName(google.getClientName())
                                .redirectUri("{baseUrl}/login/oauth2/code/" + google.getName())
                                .authorizationGrantType(
                                        org.springframework.security.oauth2.core
                                                .AuthorizationGrantType.AUTHORIZATION_CODE)
                                .build())
                : Optional.empty();
    }
    private Optional<ClientRegistration> keycloakClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null || !oauth.getEnabled()) {
            return Optional.empty();
        }
        Client client = oauth.getClient();
        if (client == null) {
            return Optional.empty();
        }
        KeycloakProvider keycloak = client.getKeycloak();
        return keycloak != null && keycloak.isSettingsValid()
                ? Optional.of(
                        ClientRegistrations.fromIssuerLocation(keycloak.getIssuer())
                                .registrationId(keycloak.getName())
                                .clientId(keycloak.getClientId())
                                .clientSecret(keycloak.getClientSecret())
                                .scope(keycloak.getScopes())
                                .userNameAttributeName(keycloak.getUseAsUsername())
                                .clientName(keycloak.getClientName())
                                .build())
                : Optional.empty();
    }
    private Optional<ClientRegistration> githubClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null || !oauth.getEnabled()) {
            return Optional.empty();
        }
        Client client = oauth.getClient();
        if (client == null) {
            return Optional.empty();
        }
        GithubProvider github = client.getGithub();
        return github != null && github.isSettingsValid()
                ? Optional.of(
                        ClientRegistration.withRegistrationId(github.getName())
                                .clientId(github.getClientId())
                                .clientSecret(github.getClientSecret())
                                .scope(github.getScopes())
                                .authorizationUri(github.getAuthorizationuri())
                                .tokenUri(github.getTokenuri())
                                .userInfoUri(github.getUserinfouri())
                                .userNameAttributeName(github.getUseAsUsername())
                                .clientName(github.getClientName())
                                .redirectUri("{baseUrl}/login/oauth2/code/" + github.getName())
                                .authorizationGrantType(
                                        org.springframework.security.oauth2.core
                                                .AuthorizationGrantType.AUTHORIZATION_CODE)
                                .build())
                : Optional.empty();
    }
    private Optional<ClientRegistration> oidcClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null
                || oauth.getIssuer() == null
                || oauth.getIssuer().isEmpty()
                || oauth.getClientId() == null
                || oauth.getClientId().isEmpty()
                || oauth.getClientSecret() == null
                || oauth.getClientSecret().isEmpty()
                || oauth.getScopes() == null
                || oauth.getScopes().isEmpty()
                || oauth.getUseAsUsername() == null
                || oauth.getUseAsUsername().isEmpty()) {
            return Optional.empty();
        }
        return Optional.of(
                ClientRegistrations.fromIssuerLocation(oauth.getIssuer())
                        .registrationId("oidc")
                        .clientId(oauth.getClientId())
                        .clientSecret(oauth.getClientSecret())
                        .scope(oauth.getScopes())
                        .userNameAttributeName(oauth.getUseAsUsername())
                        .clientName("OIDC")
                        .build());
    }
    @Bean
    @ConditionalOnProperty(
            name = "security.saml2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    public RelyingPartyRegistrationRepository relyingPartyRegistrations() throws Exception {
        SAML2 samlConf = applicationProperties.getSecurity().getSaml2();
        X509Certificate idpCert = CertificateUtils.readCertificate(samlConf.getidpCert());
        Saml2X509Credential verificationCredential = Saml2X509Credential.verification(idpCert);
        Resource privateKeyResource = samlConf.getPrivateKey();
        Resource certificateResource = samlConf.getSpCert();
        Saml2X509Credential signingCredential =
                new Saml2X509Credential(
                        CertificateUtils.readPrivateKey(privateKeyResource),
                        CertificateUtils.readCertificate(certificateResource),
                        Saml2X509CredentialType.SIGNING);
        RelyingPartyRegistration rp =
                RelyingPartyRegistration.withRegistrationId(samlConf.getRegistrationId())
                        .signingX509Credentials(c -> c.add(signingCredential))
                        .assertingPartyMetadata(
                                metadata ->
                                        metadata.entityId(samlConf.getIdpIssuer())
                                                .singleSignOnServiceLocation(
                                                        samlConf.getIdpSingleLoginUrl())
                                                .verificationX509Credentials(
                                                        c -> c.add(verificationCredential))
                                                .singleSignOnServiceBinding(
                                                        Saml2MessageBinding.POST)
                                                .wantAuthnRequestsSigned(true))
                        .build();
        return new InMemoryRelyingPartyRegistrationRepository(rp);
    }
    @Bean
    @ConditionalOnProperty(
            name = "security.saml2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    public OpenSaml4AuthenticationRequestResolver authenticationRequestResolver(
            RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
        OpenSaml4AuthenticationRequestResolver resolver =
                new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
        resolver.setAuthnRequestCustomizer(
                customizer -> {
                    log.debug("Customizing SAML Authentication request");
                    AuthnRequest authnRequest = customizer.getAuthnRequest();
                    log.debug("AuthnRequest ID: {}", authnRequest.getID());
                    if (authnRequest.getID() == null) {
                        authnRequest.setID("ARQ" + UUID.randomUUID().toString());
                    }
                    log.debug("AuthnRequest new ID after set: {}", authnRequest.getID());
                    log.debug("AuthnRequest IssueInstant: {}", authnRequest.getIssueInstant());
                    log.debug(
                            "AuthnRequest Issuer: {}",
                            authnRequest.getIssuer() != null
                                    ? authnRequest.getIssuer().getValue()
                                    : "null");
                    HttpServletRequest request = customizer.getRequest();
                    // Log HTTP request details
                    log.debug("HTTP Request Method: {}", request.getMethod());
                    log.debug("Request URI: {}", request.getRequestURI());
                    log.debug("Request URL: {}", request.getRequestURL().toString());
                    log.debug("Query String: {}", request.getQueryString());
                    log.debug("Remote Address: {}", request.getRemoteAddr());
                    // Log headers
                    Collections.list(request.getHeaderNames())
                            .forEach(
                                    headerName -> {
                                        log.debug(
                                                "Header - {}: {}",
                                                headerName,
                                                request.getHeader(headerName));
                                    });
                    // Log SAML specific parameters
                    log.debug("SAML Request Parameters:");
                    log.debug("SAMLRequest: {}", request.getParameter("SAMLRequest"));
                    log.debug("RelayState: {}", request.getParameter("RelayState"));
                    // Log session debugrmation if exists
                    if (request.getSession(false) != null) {
                        log.debug("Session ID: {}", request.getSession().getId());
                    }
                    // Log any assertions consumer service details if present
                    if (authnRequest.getAssertionConsumerServiceURL() != null) {
                        log.debug(
                                "AssertionConsumerServiceURL: {}",
                                authnRequest.getAssertionConsumerServiceURL());
                    }
                    // Log NameID policy if present
                    if (authnRequest.getNameIDPolicy() != null) {
                        log.debug(
                                "NameIDPolicy Format: {}",
                                authnRequest.getNameIDPolicy().getFormat());
                    }
                });
        return resolver;
    }
    public DaoAuthenticationProvider daoAuthenticationProvider() {
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
        provider.setUserDetailsService(userDetailsService);
@@ -556,46 +301,6 @@ public class SecurityConfiguration {
        return provider;
    }
    /*
    This following function is to grant Authorities to the OAUTH2 user from the values stored in the database.
    This is required for the internal; 'hasRole()' function to give out the correct role.
     */
    @Bean
    @ConditionalOnProperty(
            value = "security.oauth2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    GrantedAuthoritiesMapper userAuthoritiesMapper() {
        return (authorities) -> {
            Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
            authorities.forEach(
                    authority -> {
                        // Add existing OAUTH2 Authorities
                        mappedAuthorities.add(new SimpleGrantedAuthority(authority.getAuthority()));
                        // Add Authorities from database for existing user, if user is present.
                        if (authority instanceof OAuth2UserAuthority oauth2Auth) {
                            String useAsUsername =
                                    applicationProperties
                                            .getSecurity()
                                            .getOauth2()
                                            .getUseAsUsername();
                            Optional<User> userOpt =
                                    userService.findByUsernameIgnoreCase(
                                            (String) oauth2Auth.getAttributes().get(useAsUsername));
                            if (userOpt.isPresent()) {
                                User user = userOpt.get();
                                if (user != null) {
                                    mappedAuthorities.add(
                                            new SimpleGrantedAuthority(
                                                    userService.findRole(user).getAuthority()));
                                }
                            }
                        }
                    });
            return mappedAuthorities;
        };
    }
    @Bean
    public IPRateLimitingFilter rateLimitingFilter() {
        // Example limit TODO add config level
--- a/src/main/java/stirling/software/SPDF/config/security/UserService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/UserService.java
@@ -329,12 +329,16 @@ public class UserService implements UserServiceInterface {
    public boolean isUsernameValid(String username) {
        // Checks whether the simple username is formatted correctly
        // Regular expression for user name: Min. 3 characters, max. 50 characters
        boolean isValidSimpleUsername =
-                username.matches("^[a-zA-Z0-9][a-zA-Z0-9@._+-]*[a-zA-Z0-9]$");
+                username.matches("^[a-zA-Z0-9](?!.*[-@._+]{2,})[a-zA-Z0-9@._+-]{1,48}[a-zA-Z0-9]$");
        // Checks whether the email address is formatted correctly
        // Regular expression for email addresses: Max. 320 characters, with RFC-like validation
        boolean isValidEmail =
                username.matches(
-                        "^(?=.{1,64}@)[A-Za-z0-9]+(\\.[A-Za-z0-9_+.-]+)*@[^-][A-Za-z0-9-]+(\\.[A-Za-z0-9-]+)*(\\.[A-Za-z]{2,})$");
+                        "^(?=.{1,320}$)(?=.{1,64}@)[A-Za-z0-9](?:[A-Za-z0-9_.+-]*[A-Za-z0-9])?@[^-][A-Za-z0-9-]+(?:\\\\.[A-Za-z0-9-]+)*(?:\\\\.[A-Za-z]{2,})$");
        List<String> notAllowedUserList = new ArrayList<>();
        notAllowedUserList.add("ALL_USERS".toLowerCase());
        boolean notAllowedUser = notAllowedUserList.contains(username.toLowerCase());
--- a/src/main/java/stirling/software/SPDF/config/security/database/DatabaseConfig.java
+++ b/src/main/java/stirling/software/SPDF/config/security/database/DatabaseConfig.java
@@ -1,5 +1,7 @@
 package stirling.software.SPDF.config.security.database;
 import java.io.File;
 import javax.sql.DataSource;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -9,6 +11,7 @@ import org.springframework.context.annotation.Configuration;
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.config.InstallationPathConfig;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.provider.UnsupportedProviderException;
@@ -17,8 +20,8 @@ import stirling.software.SPDF.model.provider.UnsupportedProviderException;
@Configuration
 public class DatabaseConfig {
-    public static final String DATASOURCE_DEFAULT_URL =
+    public final String DATASOURCE_DEFAULT_URL;
-            "jdbc:h2:file:./configs/stirling-pdf-DB-2.3.232;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE";
+
    public static final String DATASOURCE_URL_TEMPLATE = "jdbc:%s://%s:%4d/%s";
    public static final String DEFAULT_DRIVER = "org.h2.Driver";
    public static final String DEFAULT_USERNAME = "sa";
@@ -27,7 +30,14 @@ public class DatabaseConfig {
    private final ApplicationProperties applicationProperties;
    private final boolean runningEE;
-    public DatabaseConfig(ApplicationProperties applicationProperties, @Qualifier("runningEE") boolean runningEE) {
+    public DatabaseConfig(
            ApplicationProperties applicationProperties,
            @Qualifier("runningEE") boolean runningEE) {
        DATASOURCE_DEFAULT_URL =
                "jdbc:h2:file:"
                        + InstallationPathConfig.getConfigPath()
                        + File.separator
                        + "stirling-pdf-DB-2.3.232;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE";
        this.applicationProperties = applicationProperties;
        this.runningEE = runningEE;
    }
--- a/src/main/java/stirling/software/SPDF/config/security/database/DatabaseService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/database/DatabaseService.java
@@ -26,6 +26,7 @@ import org.springframework.jdbc.datasource.init.ScriptException;
 import org.springframework.stereotype.Service;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.config.InstallationPathConfig;
 import stirling.software.SPDF.config.interfaces.DatabaseInterface;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.exception.BackupNotFoundException;
@@ -37,12 +38,14 @@ public class DatabaseService implements DatabaseInterface {
    public static final String BACKUP_PREFIX = "backup_";
    public static final String SQL_SUFFIX = ".sql";
-    private static final String BACKUP_DIR = "configs/db/backup/";
+    private final Path BACKUP_DIR;
    private final ApplicationProperties applicationProperties;
    private final DataSource dataSource;
    public DatabaseService(ApplicationProperties applicationProperties, DataSource dataSource) {
        this.BACKUP_DIR =
                Paths.get(InstallationPathConfig.getConfigPath(), "db", "backup").normalize();
        this.applicationProperties = applicationProperties;
        this.dataSource = dataSource;
    }
@@ -55,9 +58,9 @@ public class DatabaseService implements DatabaseInterface {
     */
    @Override
    public boolean hasBackup() {
-        Path filePath = Paths.get(BACKUP_DIR);
+        createBackupDirectory();
-        if (Files.exists(filePath)) {
+        if (Files.exists(BACKUP_DIR)) {
            return !getBackupList().isEmpty();
        }
@@ -74,11 +77,11 @@ public class DatabaseService implements DatabaseInterface {
        List<FileInfo> backupFiles = new ArrayList<>();
        if (isH2Database()) {
-            Path backupPath = Paths.get(BACKUP_DIR);
+            createBackupDirectory();
            try (DirectoryStream<Path> stream =
                    Files.newDirectoryStream(
-                            backupPath,
+                            BACKUP_DIR,
                            path ->
                                    path.getFileName().toString().startsWith(BACKUP_PREFIX)
                                            && path.getFileName()
@@ -110,6 +113,17 @@ public class DatabaseService implements DatabaseInterface {
        return backupFiles;
    }
    private void createBackupDirectory() {
        if (!Files.exists(BACKUP_DIR)) {
            try {
                Files.createDirectories(BACKUP_DIR);
                log.debug("create backup directory: {}", BACKUP_DIR);
            } catch (IOException e) {
                log.error("Error create backup directory: {}", e.getMessage(), e);
            }
        }
    }
    @Override
    public void importDatabase() {
        if (!hasBackup()) throw new BackupNotFoundException("No backup scripts were found.");
@@ -255,7 +269,8 @@ public class DatabaseService implements DatabaseInterface {
     * @return the <code>Path</code> object for the given file name
     */
    public Path getBackupFilePath(String fileName) {
-        Path filePath = Paths.get(BACKUP_DIR, fileName).normalize();
+        createBackupDirectory();
        Path filePath = BACKUP_DIR.resolve(fileName).normalize();
        if (!filePath.startsWith(BACKUP_DIR)) {
            throw new SecurityException("Path traversal detected");
        }
--- a/src/main/java/stirling/software/SPDF/config/security/oauth2/OAuth2Configuration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/oauth2/OAuth2Configuration.java
@@ -0,0 +1,213 @@
 package stirling.software.SPDF.config.security.oauth2;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.ClientRegistrations;
 import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.config.security.UserService;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2;
 import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2.Client;
 import stirling.software.SPDF.model.User;
 import stirling.software.SPDF.model.provider.GithubProvider;
 import stirling.software.SPDF.model.provider.GoogleProvider;
 import stirling.software.SPDF.model.provider.KeycloakProvider;
@Configuration
@Slf4j
@ConditionalOnProperty(
        value = "security.oauth2.enabled",
        havingValue = "true",
        matchIfMissing = false)
 public class OAuth2Configuration {
    private final ApplicationProperties applicationProperties;
    @Lazy private final UserService userService;
    public OAuth2Configuration(
            ApplicationProperties applicationProperties, @Lazy UserService userService) {
        this.userService = userService;
        this.applicationProperties = applicationProperties;
    }
    @Bean
    @ConditionalOnProperty(
            value = "security.oauth2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    public ClientRegistrationRepository clientRegistrationRepository() {
        List<ClientRegistration> registrations = new ArrayList<>();
        githubClientRegistration().ifPresent(registrations::add);
        oidcClientRegistration().ifPresent(registrations::add);
        googleClientRegistration().ifPresent(registrations::add);
        keycloakClientRegistration().ifPresent(registrations::add);
        if (registrations.isEmpty()) {
            log.error("At least one OAuth2 provider must be configured");
            System.exit(1);
        }
        return new InMemoryClientRegistrationRepository(registrations);
    }
    private Optional<ClientRegistration> googleClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null || !oauth.getEnabled()) {
            return Optional.empty();
        }
        Client client = oauth.getClient();
        if (client == null) {
            return Optional.empty();
        }
        GoogleProvider google = client.getGoogle();
        return google != null && google.isSettingsValid()
                ? Optional.of(
                        ClientRegistration.withRegistrationId(google.getName())
                                .clientId(google.getClientId())
                                .clientSecret(google.getClientSecret())
                                .scope(google.getScopes())
                                .authorizationUri(google.getAuthorizationuri())
                                .tokenUri(google.getTokenuri())
                                .userInfoUri(google.getUserinfouri())
                                .userNameAttributeName(google.getUseAsUsername())
                                .clientName(google.getClientName())
                                .redirectUri("{baseUrl}/login/oauth2/code/" + google.getName())
                                .authorizationGrantType(
                                        org.springframework.security.oauth2.core
                                                .AuthorizationGrantType.AUTHORIZATION_CODE)
                                .build())
                : Optional.empty();
    }
    private Optional<ClientRegistration> keycloakClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null || !oauth.getEnabled()) {
            return Optional.empty();
        }
        Client client = oauth.getClient();
        if (client == null) {
            return Optional.empty();
        }
        KeycloakProvider keycloak = client.getKeycloak();
        return keycloak != null && keycloak.isSettingsValid()
                ? Optional.of(
                        ClientRegistrations.fromIssuerLocation(keycloak.getIssuer())
                                .registrationId(keycloak.getName())
                                .clientId(keycloak.getClientId())
                                .clientSecret(keycloak.getClientSecret())
                                .scope(keycloak.getScopes())
                                .userNameAttributeName(keycloak.getUseAsUsername())
                                .clientName(keycloak.getClientName())
                                .build())
                : Optional.empty();
    }
    private Optional<ClientRegistration> githubClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null || !oauth.getEnabled()) {
            return Optional.empty();
        }
        Client client = oauth.getClient();
        if (client == null) {
            return Optional.empty();
        }
        GithubProvider github = client.getGithub();
        return github != null && github.isSettingsValid()
                ? Optional.of(
                        ClientRegistration.withRegistrationId(github.getName())
                                .clientId(github.getClientId())
                                .clientSecret(github.getClientSecret())
                                .scope(github.getScopes())
                                .authorizationUri(github.getAuthorizationuri())
                                .tokenUri(github.getTokenuri())
                                .userInfoUri(github.getUserinfouri())
                                .userNameAttributeName(github.getUseAsUsername())
                                .clientName(github.getClientName())
                                .redirectUri("{baseUrl}/login/oauth2/code/" + github.getName())
                                .authorizationGrantType(
                                        org.springframework.security.oauth2.core
                                                .AuthorizationGrantType.AUTHORIZATION_CODE)
                                .build())
                : Optional.empty();
    }
    private Optional<ClientRegistration> oidcClientRegistration() {
        OAUTH2 oauth = applicationProperties.getSecurity().getOauth2();
        if (oauth == null
                || oauth.getIssuer() == null
                || oauth.getIssuer().isEmpty()
                || oauth.getClientId() == null
                || oauth.getClientId().isEmpty()
                || oauth.getClientSecret() == null
                || oauth.getClientSecret().isEmpty()
                || oauth.getScopes() == null
                || oauth.getScopes().isEmpty()
                || oauth.getUseAsUsername() == null
                || oauth.getUseAsUsername().isEmpty()) {
            return Optional.empty();
        }
        return Optional.of(
                ClientRegistrations.fromIssuerLocation(oauth.getIssuer())
                        .registrationId("oidc")
                        .clientId(oauth.getClientId())
                        .clientSecret(oauth.getClientSecret())
                        .scope(oauth.getScopes())
                        .userNameAttributeName(oauth.getUseAsUsername())
                        .clientName("OIDC")
                        .build());
    }
    /*
    This following function is to grant Authorities to the OAUTH2 user from the values stored in the database.
    This is required for the internal; 'hasRole()' function to give out the correct role.
     */
    @Bean
    @ConditionalOnProperty(
            value = "security.oauth2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    GrantedAuthoritiesMapper userAuthoritiesMapper() {
        return (authorities) -> {
            Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
            authorities.forEach(
                    authority -> {
                        // Add existing OAUTH2 Authorities
                        mappedAuthorities.add(new SimpleGrantedAuthority(authority.getAuthority()));
                        // Add Authorities from database for existing user, if user is present.
                        if (authority instanceof OAuth2UserAuthority oauth2Auth) {
                            String useAsUsername =
                                    applicationProperties
                                            .getSecurity()
                                            .getOauth2()
                                            .getUseAsUsername();
                            Optional<User> userOpt =
                                    userService.findByUsernameIgnoreCase(
                                            (String) oauth2Auth.getAttributes().get(useAsUsername));
                            if (userOpt.isPresent()) {
                                User user = userOpt.get();
                                if (user != null) {
                                    mappedAuthorities.add(
                                            new SimpleGrantedAuthority(
                                                    userService.findRole(user).getAuthority()));
                                }
                            }
                        }
                    });
            return mappedAuthorities;
        };
    }
 }
--- a/src/main/java/stirling/software/SPDF/config/security/saml2/SAML2Configuration.java
+++ b/src/main/java/stirling/software/SPDF/config/security/saml2/SAML2Configuration.java
@@ -0,0 +1,136 @@
 package stirling.software.SPDF.config.security.saml2;
 import java.security.cert.X509Certificate;
 import java.util.Collections;
 import java.util.UUID;
 import org.opensaml.saml.saml2.core.AuthnRequest;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.Resource;
 import org.springframework.security.saml2.core.Saml2X509Credential;
 import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType;
 import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
 import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.ApplicationProperties.Security.SAML2;
@Configuration
@Slf4j
@ConditionalOnProperty(
        value = "security.saml2.enabled",
        havingValue = "true",
        matchIfMissing = false)
 public class SAML2Configuration {
    private final ApplicationProperties applicationProperties;
    public SAML2Configuration(ApplicationProperties applicationProperties) {
        this.applicationProperties = applicationProperties;
    }
    @Bean
    @ConditionalOnProperty(
            name = "security.saml2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    public RelyingPartyRegistrationRepository relyingPartyRegistrations() throws Exception {
        SAML2 samlConf = applicationProperties.getSecurity().getSaml2();
        X509Certificate idpCert = CertificateUtils.readCertificate(samlConf.getidpCert());
        Saml2X509Credential verificationCredential = Saml2X509Credential.verification(idpCert);
        Resource privateKeyResource = samlConf.getPrivateKey();
        Resource certificateResource = samlConf.getSpCert();
        Saml2X509Credential signingCredential =
                new Saml2X509Credential(
                        CertificateUtils.readPrivateKey(privateKeyResource),
                        CertificateUtils.readCertificate(certificateResource),
                        Saml2X509CredentialType.SIGNING);
        RelyingPartyRegistration rp =
                RelyingPartyRegistration.withRegistrationId(samlConf.getRegistrationId())
                        .signingX509Credentials(c -> c.add(signingCredential))
                        .assertingPartyMetadata(
                                metadata ->
                                        metadata.entityId(samlConf.getIdpIssuer())
                                                .singleSignOnServiceLocation(
                                                        samlConf.getIdpSingleLoginUrl())
                                                .verificationX509Credentials(
                                                        c -> c.add(verificationCredential))
                                                .singleSignOnServiceBinding(
                                                        Saml2MessageBinding.POST)
                                                .wantAuthnRequestsSigned(true))
                        .build();
        return new InMemoryRelyingPartyRegistrationRepository(rp);
    }
    @Bean
    @ConditionalOnProperty(
            name = "security.saml2.enabled",
            havingValue = "true",
            matchIfMissing = false)
    public OpenSaml4AuthenticationRequestResolver authenticationRequestResolver(
            RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
        OpenSaml4AuthenticationRequestResolver resolver =
                new OpenSaml4AuthenticationRequestResolver(relyingPartyRegistrationRepository);
        resolver.setAuthnRequestCustomizer(
                customizer -> {
                    log.debug("Customizing SAML Authentication request");
                    AuthnRequest authnRequest = customizer.getAuthnRequest();
                    log.debug("AuthnRequest ID: {}", authnRequest.getID());
                    if (authnRequest.getID() == null) {
                        authnRequest.setID("ARQ" + UUID.randomUUID().toString());
                    }
                    log.debug("AuthnRequest new ID after set: {}", authnRequest.getID());
                    log.debug("AuthnRequest IssueInstant: {}", authnRequest.getIssueInstant());
                    log.debug(
                            "AuthnRequest Issuer: {}",
                            authnRequest.getIssuer() != null
                                    ? authnRequest.getIssuer().getValue()
                                    : "null");
                    HttpServletRequest request = customizer.getRequest();
                    // Log HTTP request details
                    log.debug("HTTP Request Method: {}", request.getMethod());
                    log.debug("Request URI: {}", request.getRequestURI());
                    log.debug("Request URL: {}", request.getRequestURL().toString());
                    log.debug("Query String: {}", request.getQueryString());
                    log.debug("Remote Address: {}", request.getRemoteAddr());
                    // Log headers
                    Collections.list(request.getHeaderNames())
                            .forEach(
                                    headerName -> {
                                        log.debug(
                                                "Header - {}: {}",
                                                headerName,
                                                request.getHeader(headerName));
                                    });
                    // Log SAML specific parameters
                    log.debug("SAML Request Parameters:");
                    log.debug("SAMLRequest: {}", request.getParameter("SAMLRequest"));
                    log.debug("RelayState: {}", request.getParameter("RelayState"));
                    // Log session debugrmation if exists
                    if (request.getSession(false) != null) {
                        log.debug("Session ID: {}", request.getSession().getId());
                    }
                    // Log any assertions consumer service details if present
                    if (authnRequest.getAssertionConsumerServiceURL() != null) {
                        log.debug(
                                "AssertionConsumerServiceURL: {}",
                                authnRequest.getAssertionConsumerServiceURL());
                    }
                    // Log NameID policy if present
                    if (authnRequest.getNameIDPolicy() != null) {
                        log.debug(
                                "NameIDPolicy Format: {}",
                                authnRequest.getNameIDPolicy().getFormat());
                    }
                });
        return resolver;
    }
 }
--- a/src/main/java/stirling/software/SPDF/controller/api/AdditionalLanguageJsController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/AdditionalLanguageJsController.java
@@ -2,7 +2,9 @@ package stirling.software.SPDF.controller.api;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -26,11 +28,14 @@ public class AdditionalLanguageJsController {
    @Hidden
    @GetMapping(value = "/additionalLanguageCode.js", produces = "application/javascript")
    public void generateAdditionalLanguageJs(HttpServletResponse response) throws IOException {
-        List<String> supportedLanguages = languageService.getSupportedLanguages();
+        Set<String> supportedLanguages = languageService.getSupportedLanguages();
        response.setContentType("application/javascript");
        PrintWriter writer = response.getWriter();
        // Erstelle das JavaScript dynamisch
-        writer.println("const supportedLanguages = " + toJsonArray(supportedLanguages) + ";");
+        writer.println(
                "const supportedLanguages = "
                        + toJsonArray(new ArrayList<>(supportedLanguages))
                        + ";");
        // Generiere die `getDetailedLanguageCode`-Funktion
        writer.println(
                """
--- a/src/main/java/stirling/software/SPDF/controller/api/AnalysisController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/AnalysisController.java
@@ -0,0 +1,194 @@
 package stirling.software.SPDF.controller.api;
 import java.io.IOException;
 import java.util.*;
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDDocumentInformation;
 import org.apache.pdfbox.pdmodel.PDPage;
 import org.apache.pdfbox.pdmodel.PDPageTree;
 import org.apache.pdfbox.pdmodel.encryption.PDEncryption;
 import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;
 import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import stirling.software.SPDF.model.api.PDFFile;
@RestController
@RequestMapping("/api/v1/analysis")
@Tag(name = "Analysis", description = "Analysis APIs")
 public class AnalysisController {
    @PostMapping(value = "/page-count", consumes = "multipart/form-data")
    @Operation(
            summary = "Get PDF page count",
            description = "Returns total number of pages in PDF. Input:PDF Output:JSON Type:SISO")
    public Map<String, Integer> getPageCount(@ModelAttribute PDFFile file) throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            return Map.of("pageCount", document.getNumberOfPages());
        }
    }
    @PostMapping(value = "/basic-info", consumes = "multipart/form-data")
    @Operation(
            summary = "Get basic PDF information",
            description = "Returns page count, version, file size. Input:PDF Output:JSON Type:SISO")
    public Map<String, Object> getBasicInfo(@ModelAttribute PDFFile file) throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            Map<String, Object> info = new HashMap<>();
            info.put("pageCount", document.getNumberOfPages());
            info.put("pdfVersion", document.getVersion());
            info.put("fileSize", file.getFileInput().getSize());
            return info;
        }
    }
    @PostMapping(value = "/document-properties", consumes = "multipart/form-data")
    @Operation(
            summary = "Get PDF document properties",
            description = "Returns title, author, subject, etc. Input:PDF Output:JSON Type:SISO")
    public Map<String, String> getDocumentProperties(@ModelAttribute PDFFile file)
            throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            PDDocumentInformation info = document.getDocumentInformation();
            Map<String, String> properties = new HashMap<>();
            properties.put("title", info.getTitle());
            properties.put("author", info.getAuthor());
            properties.put("subject", info.getSubject());
            properties.put("keywords", info.getKeywords());
            properties.put("creator", info.getCreator());
            properties.put("producer", info.getProducer());
            properties.put("creationDate", info.getCreationDate().toString());
            properties.put("modificationDate", info.getModificationDate().toString());
            return properties;
        }
    }
    @PostMapping(value = "/page-dimensions", consumes = "multipart/form-data")
    @Operation(
            summary = "Get page dimensions for all pages",
            description = "Returns width and height of each page. Input:PDF Output:JSON Type:SISO")
    public List<Map<String, Float>> getPageDimensions(@ModelAttribute PDFFile file)
            throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            List<Map<String, Float>> dimensions = new ArrayList<>();
            PDPageTree pages = document.getPages();
            for (PDPage page : pages) {
                Map<String, Float> pageDim = new HashMap<>();
                pageDim.put("width", page.getBBox().getWidth());
                pageDim.put("height", page.getBBox().getHeight());
                dimensions.add(pageDim);
            }
            return dimensions;
        }
    }
    @PostMapping(value = "/form-fields", consumes = "multipart/form-data")
    @Operation(
            summary = "Get form field information",
            description =
                    "Returns count and details of form fields. Input:PDF Output:JSON Type:SISO")
    public Map<String, Object> getFormFields(@ModelAttribute PDFFile file) throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            Map<String, Object> formInfo = new HashMap<>();
            PDAcroForm form = document.getDocumentCatalog().getAcroForm();
            if (form != null) {
                formInfo.put("fieldCount", form.getFields().size());
                formInfo.put("hasXFA", form.hasXFA());
                formInfo.put("isSignaturesExist", form.isSignaturesExist());
            } else {
                formInfo.put("fieldCount", 0);
                formInfo.put("hasXFA", false);
                formInfo.put("isSignaturesExist", false);
            }
            return formInfo;
        }
    }
    @PostMapping(value = "/annotation-info", consumes = "multipart/form-data")
    @Operation(
            summary = "Get annotation information",
            description = "Returns count and types of annotations. Input:PDF Output:JSON Type:SISO")
    public Map<String, Object> getAnnotationInfo(@ModelAttribute PDFFile file) throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            Map<String, Object> annotInfo = new HashMap<>();
            int totalAnnotations = 0;
            Map<String, Integer> annotationTypes = new HashMap<>();
            for (PDPage page : document.getPages()) {
                for (PDAnnotation annot : page.getAnnotations()) {
                    totalAnnotations++;
                    String subType = annot.getSubtype();
                    annotationTypes.merge(subType, 1, Integer::sum);
                }
            }
            annotInfo.put("totalCount", totalAnnotations);
            annotInfo.put("typeBreakdown", annotationTypes);
            return annotInfo;
        }
    }
    @PostMapping(value = "/font-info", consumes = "multipart/form-data")
    @Operation(
            summary = "Get font information",
            description =
                    "Returns list of fonts used in the document. Input:PDF Output:JSON Type:SISO")
    public Map<String, Object> getFontInfo(@ModelAttribute PDFFile file) throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            Map<String, Object> fontInfo = new HashMap<>();
            Set<String> fontNames = new HashSet<>();
            for (PDPage page : document.getPages()) {
                for (COSName font : page.getResources().getFontNames()) {
                    fontNames.add(font.getName());
                }
            }
            fontInfo.put("fontCount", fontNames.size());
            fontInfo.put("fonts", fontNames);
            return fontInfo;
        }
    }
    @PostMapping(value = "/security-info", consumes = "multipart/form-data")
    @Operation(
            summary = "Get security information",
            description =
                    "Returns encryption and permission details. Input:PDF Output:JSON Type:SISO")
    public Map<String, Object> getSecurityInfo(@ModelAttribute PDFFile file) throws IOException {
        try (PDDocument document = Loader.loadPDF(file.getFileInput().getBytes())) {
            Map<String, Object> securityInfo = new HashMap<>();
            PDEncryption encryption = document.getEncryption();
            if (encryption != null) {
                securityInfo.put("isEncrypted", true);
                securityInfo.put("keyLength", encryption.getLength());
                // Get permissions
                Map<String, Boolean> permissions = new HashMap<>();
                permissions.put("canPrint", document.getCurrentAccessPermission().canPrint());
                permissions.put("canModify", document.getCurrentAccessPermission().canModify());
                permissions.put(
                        "canExtractContent",
                        document.getCurrentAccessPermission().canExtractContent());
                permissions.put(
                        "canModifyAnnotations",
                        document.getCurrentAccessPermission().canModifyAnnotations());
                securityInfo.put("permissions", permissions);
            } else {
                securityInfo.put("isEncrypted", false);
            }
            return securityInfo;
        }
    }
 }
--- a/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertHtmlToPDF.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertHtmlToPDF.java
@@ -13,6 +13,7 @@ import io.github.pixee.security.Filenames;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.api.converters.HTMLToPdfRequest;
 import stirling.software.SPDF.service.CustomPDDocumentFactory;
 import stirling.software.SPDF.utils.FileToPdf;
@@ -27,19 +28,23 @@ public class ConvertHtmlToPDF {
    private final CustomPDDocumentFactory pdfDocumentFactory;
    private final ApplicationProperties applicationProperties;
    @Autowired
    public ConvertHtmlToPDF(
            CustomPDDocumentFactory pdfDocumentFactory,
-            @Qualifier("bookAndHtmlFormatsInstalled") boolean bookAndHtmlFormatsInstalled) {
+            @Qualifier("bookAndHtmlFormatsInstalled") boolean bookAndHtmlFormatsInstalled,
            ApplicationProperties applicationProperties) {
        this.pdfDocumentFactory = pdfDocumentFactory;
        this.bookAndHtmlFormatsInstalled = bookAndHtmlFormatsInstalled;
        this.applicationProperties = applicationProperties;
    }
    @PostMapping(consumes = "multipart/form-data", value = "/html/pdf")
    @Operation(
            summary = "Convert an HTML or ZIP (containing HTML and CSS) to PDF",
            description =
-                    "This endpoint takes an HTML or ZIP file input and converts it to a PDF format.")
+                    "This endpoint takes an HTML or ZIP file input and converts it to a PDF format. Input:HTML Output:PDF Type:SISO")
    public ResponseEntity<byte[]> HtmlToPdf(@ModelAttribute HTMLToPdfRequest request)
            throws Exception {
        MultipartFile fileInput = request.getFileInput();
@@ -54,12 +59,17 @@ public class ConvertHtmlToPDF {
                || (!originalFilename.endsWith(".html") && !originalFilename.endsWith(".zip"))) {
            throw new IllegalArgumentException("File must be either .html or .zip format.");
        }
        boolean disableSanitize =
                Boolean.TRUE.equals(applicationProperties.getSystem().getDisableSanitize());
        byte[] pdfBytes =
                FileToPdf.convertHtmlToPdf(
                        request,
                        fileInput.getBytes(),
                        originalFilename,
-                        bookAndHtmlFormatsInstalled);
+                        bookAndHtmlFormatsInstalled,
                        disableSanitize);
        pdfBytes = pdfDocumentFactory.createNewBytesBasedOnOldDocument(pdfBytes);
--- a/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertMarkdownToPdf.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertMarkdownToPdf.java
@@ -23,6 +23,7 @@ import io.github.pixee.security.Filenames;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import stirling.software.SPDF.model.ApplicationProperties;
 import stirling.software.SPDF.model.api.GeneralFile;
 import stirling.software.SPDF.service.CustomPDDocumentFactory;
 import stirling.software.SPDF.utils.FileToPdf;
@@ -37,12 +38,16 @@ public class ConvertMarkdownToPdf {
    private final CustomPDDocumentFactory pdfDocumentFactory;
    private final ApplicationProperties applicationProperties;
    @Autowired
    public ConvertMarkdownToPdf(
            CustomPDDocumentFactory pdfDocumentFactory,
-            @Qualifier("bookAndHtmlFormatsInstalled") boolean bookAndHtmlFormatsInstalled) {
+            @Qualifier("bookAndHtmlFormatsInstalled") boolean bookAndHtmlFormatsInstalled,
            ApplicationProperties applicationProperties) {
        this.pdfDocumentFactory = pdfDocumentFactory;
        this.bookAndHtmlFormatsInstalled = bookAndHtmlFormatsInstalled;
        this.applicationProperties = applicationProperties;
    }
    @PostMapping(consumes = "multipart/form-data", value = "/markdown/pdf")
@@ -76,12 +81,16 @@ public class ConvertMarkdownToPdf {
        String htmlContent = renderer.render(document);
        boolean disableSanitize =
                Boolean.TRUE.equals(applicationProperties.getSystem().getDisableSanitize());
        byte[] pdfBytes =
                FileToPdf.convertHtmlToPdf(
                        null,
                        htmlContent.getBytes(),
                        "converted.html",
-                        bookAndHtmlFormatsInstalled);
+                        bookAndHtmlFormatsInstalled,
                        disableSanitize);
        pdfBytes = pdfDocumentFactory.createNewBytesBasedOnOldDocument(pdfBytes);
        String outputFilename =
                originalFilename.replaceFirst("[.][^.]+$", "")
--- a/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertPDFToPDFA.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertPDFToPDFA.java
@@ -73,8 +73,8 @@ public class ConvertPDFToPDFA {
            // Determine PDF/A filter based on requested format
            String pdfFilter =
                    "pdfa".equals(outputFormat)
-                            ? "writer_pdf_Export:{'SelectPdfVersion':{'Value':'2'}}:writer_pdf_Export"
+                            ? "pdf:writer_pdf_Export:{\"SelectPdfVersion\":{\"type\":\"long\",\"value\":\"2\"}}"
-                            : "writer_pdf_Export:{'SelectPdfVersion':{'Value':'1'}}:writer_pdf_Export";
+                            : "pdf:writer_pdf_Export:{\"SelectPdfVersion\":{\"type\":\"long\",\"value\":\"1\"}}";
            // Prepare LibreOffice command
            List<String> command =
@@ -84,7 +84,7 @@ public class ConvertPDFToPDFA {
                                    "--headless",
                                    "--nologo",
                                    "--convert-to",
-                                    "pdf:" + pdfFilter,
+                                    pdfFilter,
                                    "--outdir",
                                    tempOutputDir.toString(),
                                    tempInputFile.toString()));
--- a/src/main/java/stirling/software/SPDF/controller/api/misc/OCRController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/misc/OCRController.java
@@ -8,7 +8,7 @@ import java.util.*;
 import java.util.stream.Collectors;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
-
+import io.swagger.v3.oas.annotations.Operation;
 import javax.imageio.ImageIO;
 import org.apache.pdfbox.multipdf.PDFMergerUtility;
@@ -65,6 +65,9 @@ public class OCRController {
    }
    @PostMapping(consumes = "multipart/form-data", value = "/ocr-pdf")
     @Operation(
        summary = "Process PDF files with OCR using Tesseract",
        description = "Takes a PDF file as input, performs OCR using specified languages and OCR type (skip-text/force-ocr), and returns the processed PDF. Input:PDF Output:PDF Type:SISO")
    public ResponseEntity<byte[]> processPdfWithOCR(
            @ModelAttribute ProcessPdfWithOcrRequest request)
            throws IOException, InterruptedException {
--- a/src/main/java/stirling/software/SPDF/controller/api/security/RedactController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/security/RedactController.java
@@ -26,7 +26,6 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.PDFText;
 import stirling.software.SPDF.model.api.security.ManualRedactPdfRequest;
 import stirling.software.SPDF.model.api.security.RedactPdfRequest;
@@ -53,12 +52,17 @@ public class RedactController {
    @InitBinder
    public void initBinder(WebDataBinder binder) {
-        binder.registerCustomEditor(List.class, "redactions", new StringToArrayListPropertyEditor());
+        binder.registerCustomEditor(
                List.class, "redactions", new StringToArrayListPropertyEditor());
    }
    @PostMapping(value = "/redact", consumes = "multipart/form-data")
-    @Operation(summary = "Redacts areas and pages in a PDF document", description = "This operation takes an input PDF file with a list of areas, page number(s)/range(s)/function(s) to redact. Input:PDF, Output:PDF, Type:SISO")
+    @Operation(
-    public ResponseEntity<byte[]> redactPDF(@ModelAttribute ManualRedactPdfRequest request) throws IOException {
+            summary = "Redacts areas and pages in a PDF document",
            description =
                    "This operation takes an input PDF file with a list of areas, page number(s)/range(s)/function(s) to redact. Input:PDF, Output:PDF, Type:SISO")
    public ResponseEntity<byte[]> redactPDF(@ModelAttribute ManualRedactPdfRequest request)
            throws IOException {
        MultipartFile file = request.getFileInput();
        List<RedactionArea> redactionAreas = request.getRedactions();
@@ -86,18 +90,22 @@ public class RedactController {
                        + "_redacted.pdf");
    }
-    private void redactAreas(List<RedactionArea> redactionAreas, PDDocument document, PDPageTree allPages)
+    private void redactAreas(
            List<RedactionArea> redactionAreas, PDDocument document, PDPageTree allPages)
            throws IOException {
        Color redactColor = null;
        for (RedactionArea redactionArea : redactionAreas) {
-            if (redactionArea.getPage() == null || redactionArea.getPage() <= 0
+            if (redactionArea.getPage() == null
-                    || redactionArea.getHeight() == null || redactionArea.getHeight() <= 0.0D
+                    || redactionArea.getPage() <= 0
-                    || redactionArea.getWidth() == null || redactionArea.getWidth() <= 0.0D)
+                    || redactionArea.getHeight() == null
-                continue;
+                    || redactionArea.getHeight() <= 0.0D
                    || redactionArea.getWidth() == null
                    || redactionArea.getWidth() <= 0.0D) continue;
            PDPage page = allPages.get(redactionArea.getPage() - 1);
-            PDPageContentStream contentStream = new PDPageContentStream(
+            PDPageContentStream contentStream =
-                    document, page, PDPageContentStream.AppendMode.APPEND, true, true);
+                    new PDPageContentStream(
                            document, page, PDPageContentStream.AppendMode.APPEND, true, true);
            redactColor = decodeOrDefault(redactionArea.getColor(), Color.BLACK);
            contentStream.setNonStrokingColor(redactColor);
@@ -114,15 +122,17 @@ public class RedactController {
        }
    }
-    private void redactPages(ManualRedactPdfRequest request, PDDocument document, PDPageTree allPages)
+    private void redactPages(
            ManualRedactPdfRequest request, PDDocument document, PDPageTree allPages)
            throws IOException {
        Color redactColor = decodeOrDefault(request.getPageRedactionColor(), Color.BLACK);
        List<Integer> pageNumbers = getPageNumbers(request, allPages.getCount());
        for (Integer pageNumber : pageNumbers) {
            PDPage page = allPages.get(pageNumber);
-            PDPageContentStream contentStream = new PDPageContentStream(
+            PDPageContentStream contentStream =
-                    document, page, PDPageContentStream.AppendMode.APPEND, true, true);
+                    new PDPageContentStream(
                            document, page, PDPageContentStream.AppendMode.APPEND, true, true);
            contentStream.setNonStrokingColor(redactColor);
            PDRectangle box = page.getBBox();
@@ -146,8 +156,10 @@ public class RedactController {
    private List<Integer> getPageNumbers(ManualRedactPdfRequest request, int pagesCount) {
        String pageNumbersInput = request.getPageNumbers();
-        String[] parsedPageNumbers = pageNumbersInput != null ? pageNumbersInput.split(",") : new String[0];
+        String[] parsedPageNumbers =
-        List<Integer> pageNumbers = GeneralUtils.parsePageList(parsedPageNumbers, pagesCount, false);
+                pageNumbersInput != null ? pageNumbersInput.split(",") : new String[0];
        List<Integer> pageNumbers =
                GeneralUtils.parsePageList(parsedPageNumbers, pagesCount, false);
        Collections.sort(pageNumbers);
        return pageNumbers;
    }
--- a/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/security/WatermarkController.java
@@ -214,6 +214,7 @@ public class WatermarkController {
                                + Math.abs(watermarkHeight * Math.cos(radians)));
        // Calculating the number of rows and columns.
        int watermarkRows = (int) (pageHeight / newWatermarkHeight + 1);
        int watermarkCols = (int) (pageWidth / newWatermarkWidth + 1);
--- a/src/main/java/stirling/software/SPDF/controller/web/ConverterWebController.java
+++ b/src/main/java/stirling/software/SPDF/controller/web/ConverterWebController.java
@@ -44,6 +44,13 @@ public class ConverterWebController {
        return "convert/markdown-to-pdf";
    }
    @GetMapping("/pdf-to-markdown")
    @Hidden
    public String convertPdfToMarkdownForm(Model model) {
        model.addAttribute("currentPage", "pdf-to-markdown");
        return "convert/pdf-to-markdown";
    }
    @GetMapping("/url-to-pdf")
    @Hidden
    public String convertURLToPdfForm(Model model) {
--- a/src/main/java/stirling/software/SPDF/controller/web/DatabaseWebController.java
+++ b/src/main/java/stirling/software/SPDF/controller/web/DatabaseWebController.java
@@ -36,8 +36,9 @@ public class DatabaseWebController {
        }
        List<FileInfo> backupList = databaseService.getBackupList();
        model.addAttribute("backupFiles", backupList);
-        model.addAttribute("databaseVersion", databaseService.getH2Version());
+        String dbVersion = databaseService.getH2Version();
-        if ("Unknown".equalsIgnoreCase(databaseService.getH2Version())) {
+        model.addAttribute("databaseVersion", dbVersion);
        if ("Unknown".equalsIgnoreCase(dbVersion)) {
            model.addAttribute("infoMessage", "notSupported");
        }
        return "database";
--- a/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java
+++ b/src/main/java/stirling/software/SPDF/controller/web/GeneralWebController.java
@@ -54,8 +54,11 @@ public class GeneralWebController {
        model.addAttribute("currentPage", "pipeline");
        List<String> pipelineConfigs = new ArrayList<>();
        List<Map<String, String>> pipelineConfigsWithNames = new ArrayList<>();
-        if (new File("./pipeline/defaultWebUIConfigs/").exists()) {
+        if (new File(InstallationPathConfig.getPipelineDefaultWebUIConfigsDir()).exists()) {
-            try (Stream<Path> paths = Files.walk(Paths.get("./pipeline/defaultWebUIConfigs/"))) {
+            try (Stream<Path> paths =
                    Files.walk(
                            Paths.get(
                                    InstallationPathConfig.getPipelineDefaultWebUIConfigsDir()))) {
                List<Path> jsonFiles =
                        paths.filter(Files::isRegularFile)
                                .filter(p -> p.toString().endsWith(".json"))
--- a/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java
+++ b/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java
@@ -74,6 +74,12 @@ public class HomeWebController {
        return "redirect:/";
    }
    @GetMapping("/home-legacy")
    public String homeLegacy(Model model) {
        model.addAttribute("currentPage", "home-legacy");
        return "home-legacy";
    }
    @GetMapping(value = "/robots.txt", produces = MediaType.TEXT_PLAIN_VALUE)
    @ResponseBody
    @Hidden
--- a/src/main/java/stirling/software/SPDF/model/ApplicationProperties.java
+++ b/src/main/java/stirling/software/SPDF/model/ApplicationProperties.java
@@ -265,7 +265,8 @@ public class ApplicationProperties {
                            return getKeycloak();
                        default:
                            throw new UnsupportedProviderException(
-                                    "Logout from the provider is not supported? Report it at https://github.com/Stirling-Tools/Stirling-PDF/issues");
+                                    "Logout from the provider is not supported? Report it at"
                                            + " https://github.com/Stirling-Tools/Stirling-PDF/issues");
                    }
                }
            }
@@ -283,6 +284,7 @@ public class ApplicationProperties {
        private Boolean enableAlphaFunctionality;
        private String enableAnalytics;
        private Datasource datasource;
        private Boolean disableSanitize;
    }
    @Data
@@ -312,10 +314,10 @@ public class ApplicationProperties {
        @Override
        public String toString() {
            return """
-                    Driver {
+            Driver {
-                      driverName='%s'
+              driverName='%s'
-                    }
+            }
-                    """
+            """
                    .formatted(driverName);
        }
    }
@@ -325,6 +327,7 @@ public class ApplicationProperties {
        private String appName;
        private String homeDescription;
        private String appNameNavbar;
        private List<String> languages;
        public String getAppName() {
            return appName != null && appName.trim().length() > 0 ? appName : null;
@@ -366,6 +369,7 @@ public class ApplicationProperties {
        private boolean enabled;
        @ToString.Exclude private String key;
        private int maxUsers;
        private boolean ssoAutoLogin;
        private CustomMetadata customMetadata = new CustomMetadata();
        @Data
--- a/src/main/java/stirling/software/SPDF/model/api/converters/ConvertPDFToMarkdown.java
+++ b/src/main/java/stirling/software/SPDF/model/api/converters/ConvertPDFToMarkdown.java
@@ -0,0 +1,32 @@
 package stirling.software.SPDF.model.api.converters;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import stirling.software.SPDF.model.api.PDFFile;
 import stirling.software.SPDF.utils.PDFToFile;
@RestController
@Tag(name = "Convert", description = "Convert APIs")
@RequestMapping("/api/v1/convert")
 public class ConvertPDFToMarkdown {
    @PostMapping(consumes = "multipart/form-data", value = "/pdf/markdown")
    @Operation(
            summary = "Convert PDF to Markdown",
            description =
                    "This endpoint converts a PDF file to Markdown format. Input:PDF Output:Markdown Type:SISO")
    public ResponseEntity<byte[]> processPdfToMarkdown(@ModelAttribute PDFFile request)
            throws Exception {
        MultipartFile inputFile = request.getFileInput();
        PDFToFile pdfToFile = new PDFToFile();
        return pdfToFile.processPdfToMarkdown(inputFile);
    }
 }
--- a/src/main/java/stirling/software/SPDF/model/api/misc/OptimizePdfRequest.java
+++ b/src/main/java/stirling/software/SPDF/model/api/misc/OptimizePdfRequest.java
@@ -26,7 +26,7 @@ public class OptimizePdfRequest extends PDFFile {
    @Schema(
            description =
-                    "Whether to normalize the PDF content for better compatibility. Default is true.",
+                    "Whether to normalize the PDF content for better compatibility. Default is false.",
-            defaultValue = "true")
+            defaultValue = "false")
-    private Boolean normalize = true;
+    private Boolean normalize = false;
 }
--- a/src/main/java/stirling/software/SPDF/model/api/security/ManualRedactPdfRequest.java
+++ b/src/main/java/stirling/software/SPDF/model/api/security/ManualRedactPdfRequest.java
@@ -3,6 +3,7 @@ package stirling.software.SPDF.model.api.security;
 import java.util.List;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import stirling.software.SPDF.model.api.PDFWithPageNums;
--- a/src/main/java/stirling/software/SPDF/model/api/security/RedactionArea.java
+++ b/src/main/java/stirling/software/SPDF/model/api/security/RedactionArea.java
@@ -1,17 +1,20 @@
 package stirling.software.SPDF.model.api.security;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
@Data
 public class RedactionArea {
    @Schema(description = "The left edge point of the area to be redacted.")
    private Double x;
    @Schema(description = "The top edge point of the area to be redacted.")
    private Double y;
    @Schema(description = "The height of the area to be redacted.")
    private Double height;
    @Schema(description = "The width of the area to be redacted.")
    private Double width;
--- a/src/main/java/stirling/software/SPDF/service/LanguageService.java
+++ b/src/main/java/stirling/software/SPDF/service/LanguageService.java
@@ -1,41 +1,56 @@
 package stirling.software.SPDF.service;
 import java.io.IOException;
-import java.util.ArrayList;
+import java.util.Arrays;
-import java.util.List;
+import java.util.HashSet;
 import java.util.Set;
 import java.util.stream.Collectors;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
 import org.springframework.stereotype.Service;
 import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.ApplicationProperties;
@Service
@Slf4j
 public class LanguageService {
    private final ApplicationProperties applicationProperties;
    private final PathMatchingResourcePatternResolver resourcePatternResolver =
            new PathMatchingResourcePatternResolver();
-    public List<String> getSupportedLanguages() {
+    public LanguageService(ApplicationProperties applicationProperties) {
-        List<String> supportedLanguages = new ArrayList<>();
+        this.applicationProperties = applicationProperties;
    }
    public Set<String> getSupportedLanguages() {
        try {
            Resource[] resources =
                    resourcePatternResolver.getResources("classpath*:messages_*.properties");
            for (Resource resource : resources) {
                if (resource.exists() && resource.isReadable()) {
                    String filename = resource.getFilename();
                    if (filename != null
                            && filename.startsWith("messages_")
                            && filename.endsWith(".properties")) {
                        String languageCode =
                                filename.replace("messages_", "").replace(".properties", "");
                        supportedLanguages.add(languageCode);
                    }
                }
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
-        return supportedLanguages;
+            return Arrays.stream(resources)
                    .map(Resource::getFilename)
                    .filter(
                            filename ->
                                    filename != null
                                            && filename.startsWith("messages_")
                                            && filename.endsWith(".properties"))
                    .map(filename -> filename.replace("messages_", "").replace(".properties", ""))
                    .filter(
                            languageCode -> {
                                Set<String> allowedLanguages =
                                        new HashSet<>(applicationProperties.getUi().getLanguages());
                                return allowedLanguages.isEmpty()
                                        || allowedLanguages.contains(languageCode)
                                        || "en_GB".equals(languageCode);
                            })
                    .collect(Collectors.toSet());
        } catch (IOException e) {
            log.error("Error retrieving supported languages", e);
            return new HashSet<>();
        }
    }
 }
--- a/src/main/java/stirling/software/SPDF/service/MetricsAggregatorService.java
+++ b/src/main/java/stirling/software/SPDF/service/MetricsAggregatorService.java
@@ -39,7 +39,7 @@ public class MetricsAggregatorService {
                            if (method == null || uri == null) {
                                return;
                            }
-                            if (!method.equals("GET") && !method.equals("POST")) {
+                            if (!"GET".equals(method) && !"POST".equals(method)) {
                                return;
                            }
                            // Skip URIs that are 2 characters or shorter
--- a/src/main/java/stirling/software/SPDF/utils/FileToPdf.java
+++ b/src/main/java/stirling/software/SPDF/utils/FileToPdf.java
@@ -26,7 +26,8 @@ public class FileToPdf {
            HTMLToPdfRequest request,
            byte[] fileBytes,
            String fileName,
-            boolean htmlFormatsInstalled)
+            boolean htmlFormatsInstalled,
            boolean disableSanitize)
            throws IOException, InterruptedException {
        Path tempOutputFile = Files.createTempFile("output_", ".pdf");
@@ -36,12 +37,13 @@ public class FileToPdf {
            if (fileName.endsWith(".html")) {
                tempInputFile = Files.createTempFile("input_", ".html");
                String sanitizedHtml =
-                        sanitizeHtmlContent(new String(fileBytes, StandardCharsets.UTF_8));
+                        sanitizeHtmlContent(
                                new String(fileBytes, StandardCharsets.UTF_8), disableSanitize);
                Files.write(tempInputFile, sanitizedHtml.getBytes(StandardCharsets.UTF_8));
            } else if (fileName.endsWith(".zip")) {
                tempInputFile = Files.createTempFile("input_", ".zip");
                Files.write(tempInputFile, fileBytes);
-                sanitizeHtmlFilesInZip(tempInputFile);
+                sanitizeHtmlFilesInZip(tempInputFile, disableSanitize);
            } else {
                throw new IllegalArgumentException("Unsupported file format: " + fileName);
            }
@@ -89,11 +91,12 @@ public class FileToPdf {
        return pdfBytes;
    }
-    private static String sanitizeHtmlContent(String htmlContent) {
+    private static String sanitizeHtmlContent(String htmlContent, boolean disableSanitize) {
-        return CustomHtmlSanitizer.sanitize(htmlContent);
+        return (!disableSanitize) ? CustomHtmlSanitizer.sanitize(htmlContent) : htmlContent;
    }
-    private static void sanitizeHtmlFilesInZip(Path zipFilePath) throws IOException {
+    private static void sanitizeHtmlFilesInZip(Path zipFilePath, boolean disableSanitize)
            throws IOException {
        Path tempUnzippedDir = Files.createTempDirectory("unzipped_");
        try (ZipInputStream zipIn =
                ZipSecurity.createHardenedInputStream(
@@ -106,7 +109,7 @@ public class FileToPdf {
                    if (entry.getName().toLowerCase().endsWith(".html")
                            || entry.getName().toLowerCase().endsWith(".htm")) {
                        String content = new String(zipIn.readAllBytes(), StandardCharsets.UTF_8);
-                        String sanitizedContent = sanitizeHtmlContent(content);
+                        String sanitizedContent = sanitizeHtmlContent(content, disableSanitize);
                        Files.write(filePath, sanitizedContent.getBytes(StandardCharsets.UTF_8));
                    } else {
                        Files.copy(zipIn, filePath);
--- a/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java
+++ b/src/main/java/stirling/software/SPDF/utils/GeneralUtils.java
@@ -9,15 +9,17 @@ import java.nio.charset.StandardCharsets;
 import java.nio.file.*;
 import java.nio.file.attribute.BasicFileAttributes;
 import java.security.MessageDigest;
 import java.util.ArrayDeque;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Deque;
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.UUID;
 import org.simpleyaml.configuration.file.YamlFile;
 import org.simpleyaml.configuration.file.YamlFileWrapper;
 import org.simpleyaml.configuration.implementation.SimpleYamlImplementation;
 import org.simpleyaml.configuration.implementation.snakeyaml.lib.DumperOptions;
 import org.springframework.web.multipart.MultipartFile;
 import com.fathzer.soft.javaluator.DoubleEvaluator;
@@ -285,7 +287,10 @@ public class GeneralUtils {
            String[] rangeParts = part.split("-");
            try {
                int start = Integer.parseInt(rangeParts[0]);
-                int end = Integer.parseInt(rangeParts[1]);
+                int end =
                        (rangeParts.length > 1 && !rangeParts[1].isEmpty())
                                ? Integer.parseInt(rangeParts[1])
                                : totalPages;
                for (int i = start; i <= end; i++) {
                    if (i >= 1 && i <= totalPages) {
                        partResult.add(i - 1 + offset);
@@ -343,41 +348,208 @@ public class GeneralUtils {
    public static void saveKeyToConfig(String id, String key, boolean autoGenerated)
            throws IOException {
-        Path path =
+        doSaveKeyToConfig(id, (key == null ? "" : key), autoGenerated);
                Paths.get(
                        InstallationPathConfig
                                .getSettingsPath()); // Target the configs/settings.yml
        final YamlFile settingsYml = new YamlFile(path.toFile());
        DumperOptions yamlOptionssettingsYml =
                ((SimpleYamlImplementation) settingsYml.getImplementation()).getDumperOptions();
        yamlOptionssettingsYml.setSplitLines(false);
        settingsYml.loadWithComments();
        YamlFileWrapper writer = settingsYml.path(id).set(key);
        if (autoGenerated) {
            writer.comment("# Automatically Generated Settings (Do Not Edit Directly)");
        }
        settingsYml.save();
    }
    public static void saveKeyToConfig(String id, boolean key, boolean autoGenerated)
            throws IOException {
-        Path path = Paths.get(InstallationPathConfig.getSettingsPath());
+        doSaveKeyToConfig(id, String.valueOf(key), autoGenerated);
    }
-        final YamlFile settingsYml = new YamlFile(path.toFile());
+    /*------------------------------------------------------------------------*
-        DumperOptions yamlOptionssettingsYml =
+     *                  Internal Implementation Details                       *
-                ((SimpleYamlImplementation) settingsYml.getImplementation()).getDumperOptions();
+     *------------------------------------------------------------------------*/
        yamlOptionssettingsYml.setSplitLines(false);
-        settingsYml.loadWithComments();
+    /**
-
+     * Actually performs the line-based update for the given path (e.g. "security.csrfDisabled") to
-        YamlFileWrapper writer = settingsYml.path(id).set(key);
+     * a new string value (e.g. "true"), possibly marking it as auto-generated.
-        if (autoGenerated) {
+     */
-            writer.comment("# Automatically Generated Settings (Do Not Edit Directly)");
+    private static void doSaveKeyToConfig(String fullPath, String newValue, boolean autoGenerated)
            throws IOException {
        // 1) Load the file (settings.yml)
        Path settingsPath = Paths.get(InstallationPathConfig.getSettingsPath());
        if (!Files.exists(settingsPath)) {
            log.warn("Settings file not found at {}, creating a new empty file...", settingsPath);
            Files.createDirectories(settingsPath.getParent());
            Files.createFile(settingsPath);
        }
-        settingsYml.save();
+        List<String> lines = Files.readAllLines(settingsPath);
        // 2) Build a map of "nestedKeyPath -> lineIndex" by parsing indentation
        //    Also track each line's indentation so we can preserve it when rewriting.
        Map<String, LineInfo> pathToLine = parseNestedYamlKeys(lines);
        // 3) If the path is found, rewrite its line. Else, append at the bottom (no indentation).
        boolean changed = false;
        if (pathToLine.containsKey(fullPath)) {
            // Rewrite existing line
            LineInfo info = pathToLine.get(fullPath);
            String oldLine = lines.get(info.lineIndex);
            String newLine =
                    rewriteLine(oldLine, info.indentSpaces, fullPath, newValue, autoGenerated);
            if (!newLine.equals(oldLine)) {
                lines.set(info.lineIndex, newLine);
                changed = true;
            }
        } else {
            // Append a new line at the bottom, with zero indentation
            String appended = fullPath + ": " + newValue;
            if (autoGenerated) {
                appended += " # Automatically Generated Settings (Do Not Edit Directly)";
            }
            lines.add(appended);
            changed = true;
        }
        // 4) If changed, write back to file
        if (changed) {
            Files.write(settingsPath, lines);
            log.info(
                    "Updated '{}' to '{}' (autoGenerated={}) in {}",
                    fullPath,
                    newValue,
                    autoGenerated,
                    settingsPath);
        } else {
            log.info("No changes for '{}' (already set to '{}').", fullPath, newValue);
        }
    }
    /** A small record-like class that holds: - lineIndex - indentSpaces */
    private static class LineInfo {
        int lineIndex;
        int indentSpaces;
        public LineInfo(int lineIndex, int indentSpaces) {
            this.lineIndex = lineIndex;
            this.indentSpaces = indentSpaces;
        }
    }
    /**
     * Parse the YAML lines to build a map: "full.nested.key" -> (lineIndex, indentSpaces). We do a
     * naive indentation-based path stacking: - 2 spaces = 1 indent level - lines that start with
     * fewer or equal indentation pop the stack - lines that look like "key:" or "key: value" cause
     * a push
     */
    private static Map<String, LineInfo> parseNestedYamlKeys(List<String> lines) {
        Map<String, LineInfo> result = new HashMap<>();
        // We'll maintain a stack of (keyName, indentLevel).
        // Each line that looks like "myKey:" or "myKey: value" is a new "child" of the top of the
        // stack if indent is deeper.
        Deque<String> pathStack = new ArrayDeque<>();
        Deque<Integer> indentStack = new ArrayDeque<>();
        indentStack.push(-1); // sentinel
        for (int i = 0; i < lines.size(); i++) {
            String line = lines.get(i);
            String trimmed = line.trim();
            // skip blank lines, comment lines, or list items
            if (trimmed.isEmpty() || trimmed.startsWith("#") || trimmed.startsWith("-")) {
                continue;
            }
            // check if there's a colon
            int colonIdx = trimmed.indexOf(':');
            if (colonIdx <= 0) { // must have at least one char before ':'
                continue;
            }
            // parse out key
            String keyPart = trimmed.substring(0, colonIdx).trim();
            if (keyPart.isEmpty()) {
                continue;
            }
            // count leading spaces for indentation
            int leadingSpaces = countLeadingSpaces(line);
            int indentLevel = leadingSpaces / 2; // assume 2 spaces per level
            // pop from stack until we get to a shallower indentation
            while (indentStack.peek() != null && indentStack.peek() >= indentLevel) {
                indentStack.pop();
                pathStack.pop();
            }
            // push the new key
            pathStack.push(keyPart);
            indentStack.push(indentLevel);
            // build the full path
            String[] arr = pathStack.toArray(new String[0]);
            List<String> reversed = Arrays.asList(arr);
            Collections.reverse(reversed);
            String fullPath = String.join(".", reversed);
            // store line info
            result.put(fullPath, new LineInfo(i, leadingSpaces));
        }
        return result;
    }
    /**
     * Rewrite a single line to set a new value, preserving indentation and (optionally) the
     * existing or auto-generated inline comment.
     *
     * <p>For example, oldLine might be: " csrfDisabled: false # set to 'true' to disable CSRF
     * protection" newValue = "true" autoGenerated = false
     *
     * <p>We'll produce something like: " csrfDisabled: true # set to 'true' to disable CSRF
     * protection"
     */
    private static String rewriteLine(
            String oldLine, int indentSpaces, String path, String newValue, boolean autoGenerated) {
        // We'll keep the exact leading indentation (indentSpaces).
        // Then "key: newValue". We'll try to preserve any existing inline comment unless
        // autoGenerated is true.
        // 1) Extract leading spaces from the old line (just in case they differ from indentSpaces).
        int actualLeadingSpaces = countLeadingSpaces(oldLine);
        String leading = oldLine.substring(0, actualLeadingSpaces);
        // 2) Remove leading spaces from the rest
        String trimmed = oldLine.substring(actualLeadingSpaces);
        // 3) Check for existing comment
        int hashIndex = trimmed.indexOf('#');
        String lineWithoutComment =
                (hashIndex >= 0) ? trimmed.substring(0, hashIndex).trim() : trimmed.trim();
        String oldComment = (hashIndex >= 0) ? trimmed.substring(hashIndex).trim() : "";
        // 4) Rebuild "key: newValue"
        // The "key" here is everything before ':' in lineWithoutComment
        int colonIdx = lineWithoutComment.indexOf(':');
        String existingKey =
                (colonIdx >= 0)
                        ? lineWithoutComment.substring(0, colonIdx).trim()
                        : path; // fallback if line is malformed
        StringBuilder sb = new StringBuilder();
        sb.append(leading); // restore original leading spaces
        // "key: newValue"
        sb.append(existingKey).append(": ").append(newValue);
        // 5) If autoGenerated, add/replace comment
        if (autoGenerated) {
            sb.append(" # Automatically Generated Settings (Do Not Edit Directly)");
        } else {
            // preserve the old comment if it exists
            if (!oldComment.isEmpty()) {
                sb.append(" ").append(oldComment);
            }
        }
        return sb.toString();
    }
    private static int countLeadingSpaces(String line) {
        int count = 0;
        for (char c : line.toCharArray()) {
            if (c == ' ') count++;
            else break;
        }
        return count;
    }
    public static String generateMachineFingerprint() {
@@ -415,9 +587,7 @@ public class GeneralUtils {
            for (byte b : hash) {
                fingerprint.append(String.format("%02x", b));
            }
            return fingerprint.toString();
        } catch (Exception e) {
            return "GenericID";
        }
--- a/src/main/java/stirling/software/SPDF/utils/PDFToFile.java
+++ b/src/main/java/stirling/software/SPDF/utils/PDFToFile.java
@@ -20,6 +20,9 @@ import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.multipart.MultipartFile;
 import com.vladsch.flexmark.html2md.converter.FlexmarkHtmlConverter;
 import com.vladsch.flexmark.util.data.MutableDataSet;
 import io.github.pixee.security.Filenames;
 import lombok.extern.slf4j.Slf4j;
@@ -28,6 +31,123 @@ import stirling.software.SPDF.utils.ProcessExecutor.ProcessExecutorResult;
@Slf4j
 public class PDFToFile {
    public ResponseEntity<byte[]> processPdfToMarkdown(MultipartFile inputFile)
            throws IOException, InterruptedException {
        if (!"application/pdf".equals(inputFile.getContentType())) {
            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
        }
        MutableDataSet options =
                new MutableDataSet()
                        .set(
                                FlexmarkHtmlConverter.MAX_BLANK_LINES,
                                2) // Control max consecutive blank lines
                        .set(
                                FlexmarkHtmlConverter.MAX_TRAILING_BLANK_LINES,
                                1) // Control trailing blank lines
                        .set(
                                FlexmarkHtmlConverter.SETEXT_HEADINGS,
                                true) // Use Setext headings for h1 and h2
                        .set(
                                FlexmarkHtmlConverter.OUTPUT_UNKNOWN_TAGS,
                                false) // Don't output HTML for unknown tags
                        .set(
                                FlexmarkHtmlConverter.TYPOGRAPHIC_QUOTES,
                                true) // Convert quotation marks
                        .set(
                                FlexmarkHtmlConverter.BR_AS_PARA_BREAKS,
                                true) // Convert <br> to paragraph breaks
                        .set(FlexmarkHtmlConverter.CODE_INDENT, "    "); // Indent for code blocks
        FlexmarkHtmlConverter htmlToMarkdownConverter =
                FlexmarkHtmlConverter.builder(options).build();
        String originalPdfFileName = Filenames.toSimpleFileName(inputFile.getOriginalFilename());
        String pdfBaseName = originalPdfFileName;
        if (originalPdfFileName.contains(".")) {
            pdfBaseName = originalPdfFileName.substring(0, originalPdfFileName.lastIndexOf('.'));
        }
        Path tempInputFile = null;
        Path tempOutputDir = null;
        byte[] fileBytes;
        String fileName = "temp.file";
        try {
            tempInputFile = Files.createTempFile("input_", ".pdf");
            inputFile.transferTo(tempInputFile);
            tempOutputDir = Files.createTempDirectory("output_");
            List<String> command =
                    new ArrayList<>(
                            Arrays.asList(
                                    "pdftohtml",
                                    "-s",
                                    "-noframes",
                                    "-c",
                                    tempInputFile.toString(),
                                    pdfBaseName));
            ProcessExecutorResult returnCode =
                    ProcessExecutor.getInstance(ProcessExecutor.Processes.PDFTOHTML)
                            .runCommandWithOutputHandling(command, tempOutputDir.toFile());
            // Process HTML files to Markdown
            File[] outputFiles = Objects.requireNonNull(tempOutputDir.toFile().listFiles());
            List<File> markdownFiles = new ArrayList<>();
            // Convert HTML files to Markdown
            for (File outputFile : outputFiles) {
                if (outputFile.getName().endsWith(".html")) {
                    String html = Files.readString(outputFile.toPath());
                    String markdown = htmlToMarkdownConverter.convert(html);
                    String mdFileName = outputFile.getName().replace(".html", ".md");
                    File mdFile = new File(tempOutputDir.toFile(), mdFileName);
                    Files.writeString(mdFile.toPath(), markdown);
                    markdownFiles.add(mdFile);
                }
            }
            // If there's only one markdown file, return it directly
            if (markdownFiles.size() == 1) {
                fileName = pdfBaseName + ".md";
                fileBytes = Files.readAllBytes(markdownFiles.get(0).toPath());
            } else {
                // Multiple files - create a zip
                fileName = pdfBaseName + "ToMarkdown.zip";
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try (ZipOutputStream zipOutputStream = new ZipOutputStream(byteArrayOutputStream)) {
                    // Add markdown files
                    for (File mdFile : markdownFiles) {
                        ZipEntry mdEntry = new ZipEntry(mdFile.getName());
                        zipOutputStream.putNextEntry(mdEntry);
                        Files.copy(mdFile.toPath(), zipOutputStream);
                        zipOutputStream.closeEntry();
                    }
                    // Add images and other assets
                    for (File file : outputFiles) {
                        if (!file.getName().endsWith(".html") && !file.getName().endsWith(".md")) {
                            ZipEntry assetEntry = new ZipEntry(file.getName());
                            zipOutputStream.putNextEntry(assetEntry);
                            Files.copy(file.toPath(), zipOutputStream);
                            zipOutputStream.closeEntry();
                        }
                    }
                }
                fileBytes = byteArrayOutputStream.toByteArray();
            }
        } finally {
            if (tempInputFile != null) Files.deleteIfExists(tempInputFile);
            if (tempOutputDir != null) FileUtils.deleteDirectory(tempOutputDir.toFile());
        }
        return WebResponseUtils.bytesToWebResponse(
                fileBytes, fileName, MediaType.APPLICATION_OCTET_STREAM);
    }
    public ResponseEntity<byte[]> processPdfToHtml(MultipartFile inputFile)
            throws IOException, InterruptedException {
        if (!"application/pdf".equals(inputFile.getContentType())) {
--- a/src/main/java/stirling/software/SPDF/utils/ProcessExecutor.java
+++ b/src/main/java/stirling/software/SPDF/utils/ProcessExecutor.java
@@ -218,6 +218,9 @@ public class ProcessExecutor {
            errorReaderThread.join();
            outputReaderThread.join();
            boolean isQpdf =
                    command != null && !command.isEmpty() && command.get(0).contains("qpdf");
            if (outputLines.size() > 0) {
                String outputMessage = String.join("\n", outputLines);
                messages += outputMessage;
@@ -233,20 +236,28 @@ public class ProcessExecutor {
                    log.warn("Command error output:\n" + errorMessage);
                }
                if (exitCode != 0) {
-                    throw new IOException(
+                    if (isQpdf && exitCode == 3) {
-                            "Command process failed with exit code "
+                        log.warn("qpdf succeeded with warnings: {}", messages);
-                                    + exitCode
+                    } else {
-                                    + ". Error message: "
+                        throw new IOException(
-                                    + errorMessage);
+                                "Command process failed with exit code "
                                        + exitCode
                                        + ". Error message: "
                                        + errorMessage);
                    }
                }
            }
            if (exitCode != 0) {
-                throw new IOException(
+                if (isQpdf && exitCode == 3) {
-                        "Command process failed with exit code "
+                    log.warn("qpdf succeeded with warnings: {}", messages);
-                                + exitCode
+                } else {
-                                + "\nLogs: "
+                    throw new IOException(
-                                + messages);
+                            "Command process failed with exit code "
                                    + exitCode
                                    + "\nLogs: "
                                    + messages);
                }
            }
        } finally {
            semaphore.release();
--- a/src/main/java/stirling/software/SPDF/utils/propertyeditor/StringToArrayListPropertyEditor.java
+++ b/src/main/java/stirling/software/SPDF/utils/propertyeditor/StringToArrayListPropertyEditor.java
@@ -24,8 +24,8 @@ public class StringToArrayListPropertyEditor extends PropertyEditorSupport {
        }
        try {
            objectMapper.configure(DeserializationFeature.ACCEPT_SINGLE_VALUE_AS_ARRAY, true);
-            TypeReference<ArrayList<RedactionArea>> typeRef = new TypeReference<ArrayList<RedactionArea>>() {
+            TypeReference<ArrayList<RedactionArea>> typeRef =
-            };
+                    new TypeReference<ArrayList<RedactionArea>>() {};
            List<RedactionArea> list = objectMapper.readValue(text, typeRef);
            setValue(list);
        } catch (Exception e) {
--- a/src/main/resources/messages_ar_AR.properties
+++ b/src/main/resources/messages_ar_AR.properties
@@ -138,6 +138,7 @@ analytics.settings=يمكنك تغيير إعدادات الإحصائيات ف
 #  NAVBAR   #
 #############
 navbar.favorite=المفضلة
 navbar.recent=New and recently updated
 navbar.darkmode=الوضع الداكن
 navbar.language=اللغات
 navbar.settings=إعدادات
@@ -265,6 +266,15 @@ home.viewPdf.title=عرض PDF
 home.viewPdf.desc=عرض وتعليق وإضافة نص أو صور
 viewPdf.tags=عرض,قراءة,تعليق,نص,صورة
 home.setFavorites=Set Favourites
 home.hideFavorites=Hide Favourites
 home.showFavorites=Show Favourites
 home.legacyHomepage=Old homepage
 home.newHomePage=Try our new homepage!
 home.alphabetical=Alphabetical
 home.globalPopularity=Global Popularity
 home.sortBy=Sort by:
 home.multiTool.title=أداة متعددة PDF
 home.multiTool.desc=دمج الصفحات وتدويرها وإعادة ترتيبها وإزالتها
 multiTool.tags=أداة متعددة,عملية متعددة,واجهة مستخدم,النقر والسحب,واجهة أمامية,جانب العميل
@@ -452,6 +462,9 @@ home.MarkdownToPDF.title=Markdown إلى PDF
 home.MarkdownToPDF.desc=يحول أي ملف Markdown إلى PDF
 MarkdownToPDF.tags=لغة الترميز,محتوى الويب,تحويل,تحويل
 home.PDFToMarkdown.title=PDF to Markdown
 home.PDFToMarkdown.desc=Converts any PDF to Markdown
 PDFToMarkdown.tags=markup,web-content,transformation,convert,md
 home.getPdfInfo.title=الحصول على جميع المعلومات عن PDF
 home.getPdfInfo.desc=يجمع أي وكل المعلومات الممكنة عن ملفات PDF
@@ -646,6 +659,11 @@ MarkdownToPDF.help=العمل قيد التقدم
 MarkdownToPDF.credit=يستخدم WeasyPrint
 #pdf-to-markdown
 PDFToMarkdown.title=PDF To Markdown
 PDFToMarkdown.header=PDF To Markdown
 PDFToMarkdown.submit=Convert
 #url-to-pdf
 URLToPDF.title=URL إلى PDF
@@ -933,7 +951,8 @@ fileToPDF.submit=تحويل إلى PDF
 compress.title=ضغط
 compress.header=ضغط ملف PDF
 compress.credit=تستخدم هذه الخدمة qpdf لضغط / تحسين PDF.
-compress.selectText.1=الوضع اليدوي - من 1 إلى 4
+compress.selectText.1=الوضع اليدوي - من 1 إلى 5
 compress.selectText.1.1=In optimization levels 6 to 9, in addition to general PDF compression, image resolution is scaled down to further reduce file size. Higher levels result in stronger image compression (up to 50% of the original size), achieving greater size reduction but with potential quality loss in images.
 compress.selectText.2=مستوى التحسين:
 compress.selectText.3=4 (رهيب للصور النصية)
 compress.selectText.4=الوضع التلقائي - يضبط الجودة تلقائيًا للحصول على ملف PDF بالحجم المحدد
--- a/src/main/resources/messages_az_AZ.properties
+++ b/src/main/resources/messages_az_AZ.properties
@@ -138,6 +138,7 @@ analytics.settings=Analitikanın parametrlərini config/settings.yml faylından
 #  NAVBAR   #
 #############
 navbar.favorite=Sevimlilər
 navbar.recent=New and recently updated
 navbar.darkmode=Qaranlıq Tema
 navbar.language=Dillər
 navbar.settings=Parametrlər
@@ -265,6 +266,15 @@ home.viewPdf.title=PDF-ə bax
 home.viewPdf.desc=Bax, sitat götür, mətn və ya şəkil əlavə et
 viewPdf.tags=bax,oxu,sitat götür,mətn,şəkil
 home.setFavorites=Set Favourites
 home.hideFavorites=Hide Favourites
 home.showFavorites=Show Favourites
 home.legacyHomepage=Old homepage
 home.newHomePage=Try our new homepage!
 home.alphabetical=Alphabetical
 home.globalPopularity=Global Popularity
 home.sortBy=Sort by:
 home.multiTool.title=PDF Multi-alət
 home.multiTool.desc=Səhifələri Birləşdir, Çevir, Yenidən Sırala, Böl və Sil
 multiTool.tags=Multi-alət,Çoxlu əməliyyat,UI,tut-sürüşdür,front end,istifadəçi-tərəf,interaktiv,qarşılıqlı,yerini dəyiş,sil,köçür,böl
@@ -452,6 +462,9 @@ home.MarkdownToPDF.title=Markdown-dan PDF-ə
 home.MarkdownToPDF.desc=Hər hansı Markdown faylını PDF-ə çevirir
 MarkdownToPDF.tags=işarələmə,web-məzmun,dəyişmə,çevirmə
 home.PDFToMarkdown.title=PDF to Markdown
 home.PDFToMarkdown.desc=Converts any PDF to Markdown
 PDFToMarkdown.tags=markup,web-content,transformation,convert,md
 home.getPdfInfo.title=PDF-in Bütün Məlumatları
 home.getPdfInfo.desc=PDF barədə mümkün olan bütün məlumatları əldə edir
@@ -646,6 +659,11 @@ MarkdownToPDF.help=İş davam edir
 MarkdownToPDF.credit=WeasyPrint İstifadə Edir
 #pdf-to-markdown
 PDFToMarkdown.title=PDF To Markdown
 PDFToMarkdown.header=PDF To Markdown
 PDFToMarkdown.submit=Convert
 #url-to-pdf
 URLToPDF.title=URL-i PDF-ə
@@ -933,7 +951,8 @@ fileToPDF.submit=PDF-ə Çevir
 compress.title=Sıxışdır
 compress.header=PDF-i Sıxışdır
 compress.credit=Bu servis PDF sıxışdırılması/Optimizasiyası üçün Ghostscript istifadə edir.
-compress.selectText.1=Manual Mod - 1-dən 4-ə
+compress.selectText.1=Manual Mod - 1-dən 5-ə
 compress.selectText.1.1=In optimization levels 6 to 9, in addition to general PDF compression, image resolution is scaled down to further reduce file size. Higher levels result in stronger image compression (up to 50% of the original size), achieving greater size reduction but with potential quality loss in images.
 compress.selectText.2=Optimizasiya səviyyəsi:
 compress.selectText.3=4 (Mətn şəkilləri üçün yaxşı deyil)
 compress.selectText.4=Avto mod - PDF-in dəqiq ölçüsünü əldə etmək üçün keyfiyyəti avtomatik tənzimləyir
--- a/src/main/resources/messages_bg_BG.properties
+++ b/src/main/resources/messages_bg_BG.properties
@@ -138,6 +138,7 @@ analytics.settings=Можете да промените настройките
 #  NAVBAR   #
 #############
 navbar.favorite=Любими
 navbar.recent=New and recently updated
 navbar.darkmode=Тъмна тема
 navbar.language=Езици
 navbar.settings=Настройки
@@ -265,6 +266,15 @@ home.viewPdf.title=Преглед на PDF
 home.viewPdf.desc=Преглеждайте, коментирайте, добавяйте текст или изображения
 viewPdf.tags=преглед,четене,анотиране,текст,изображение
 home.setFavorites=Set Favourites
 home.hideFavorites=Hide Favourites
 home.showFavorites=Show Favourites
 home.legacyHomepage=Old homepage
 home.newHomePage=Try our new homepage!
 home.alphabetical=Alphabetical
 home.globalPopularity=Global Popularity
 home.sortBy=Sort by:
 home.multiTool.title=PDF Мулти инструмент
 home.multiTool.desc=Обединяване, завъртане, пренареждане и премахване на страници
 multiTool.tags=Мултиинструмент,Мулти операции,UI,плъзгане с щракване,потребителска част,страна на клиента,интерактивен,неразрешим,преместване
@@ -452,6 +462,9 @@ home.MarkdownToPDF.title=Markdown към PDF
 home.MarkdownToPDF.desc=Преобразува всеки Markdown файл към PDF
 MarkdownToPDF.tags=маркиране,уеб-съдържание,трансформация,преобразуване
 home.PDFToMarkdown.title=PDF to Markdown
 home.PDFToMarkdown.desc=Converts any PDF to Markdown
 PDFToMarkdown.tags=markup,web-content,transformation,convert,md
 home.getPdfInfo.title=Вземете ЦЯЛАТА информация от PDF
 home.getPdfInfo.desc=Взима всяка възможна информация от PDF файлове
@@ -646,6 +659,11 @@ MarkdownToPDF.help=Работата е в ход
 MarkdownToPDF.credit=Използва WeasyPrint
 #pdf-to-markdown
 PDFToMarkdown.title=PDF To Markdown
 PDFToMarkdown.header=PDF To Markdown
 PDFToMarkdown.submit=Convert
 #url-to-pdf
 URLToPDF.title=URL към PDF
@@ -933,7 +951,8 @@ fileToPDF.submit=Преобразуване към PDF
 compress.title=Компресиране
 compress.header=Компресиране на PDF
 compress.credit=Тази услуга използва qpdf за PDF компресиране/оптимизиране.
-compress.selectText.1=Ръчен режим - от 1 до 4
+compress.selectText.1=Ръчен режим - от 1 до 5
 compress.selectText.1.1=In optimization levels 6 to 9, in addition to general PDF compression, image resolution is scaled down to further reduce file size. Higher levels result in stronger image compression (up to 50% of the original size), achieving greater size reduction but with potential quality loss in images.
 compress.selectText.2=Ниво на оптимизация:
 compress.selectText.3=4 (Ужасно за текстови изображения)
 compress.selectText.4=Автоматичен режим - Автоматично настройва качеството, за да получи PDF с точен размер
--- a/src/main/resources/messages_ca_CA.properties
+++ b/src/main/resources/messages_ca_CA.properties
@@ -138,6 +138,7 @@ analytics.settings=Pots canviar la configuració de les analítiques al fitxer c
 #  NAVBAR   #
 #############
 navbar.favorite=Favorits
 navbar.recent=New and recently updated
 navbar.darkmode=Mode Fosc
 navbar.language=Idiomes
 navbar.settings=Opcions
@@ -265,6 +266,15 @@ home.viewPdf.title=Visualitza PDF
 home.viewPdf.desc=Visualitza, anota, afegeix text o imatges
 viewPdf.tags=view,read,annotate,text,image
 home.setFavorites=Set Favourites
 home.hideFavorites=Hide Favourites
 home.showFavorites=Show Favourites
 home.legacyHomepage=Old homepage
 home.newHomePage=Try our new homepage!
 home.alphabetical=Alphabetical
 home.globalPopularity=Global Popularity
 home.sortBy=Sort by:
 home.multiTool.title=Eina Multifunció de PDF
 home.multiTool.desc=Fusiona, Rota, Reorganitza i Esborra pàgines
 multiTool.tags=Multi Tool,Multi operation,UI,click drag,front end,client side
@@ -452,6 +462,9 @@ home.MarkdownToPDF.title=Markdown a PDF
 home.MarkdownToPDF.desc=Converteix qualsevol fitxer Markdown a PDF
 MarkdownToPDF.tags=markup,web-content,transformation,convert
 home.PDFToMarkdown.title=PDF to Markdown
 home.PDFToMarkdown.desc=Converts any PDF to Markdown
 PDFToMarkdown.tags=markup,web-content,transformation,convert,md
 home.getPdfInfo.title=Obteniu Tota la Informació sobre el PDF
 home.getPdfInfo.desc=Recupera tota la informació possible sobre els PDFs
@@ -646,6 +659,11 @@ MarkdownToPDF.help=Work in progress
 MarkdownToPDF.credit=Uses WeasyPrint
 #pdf-to-markdown
 PDFToMarkdown.title=PDF To Markdown
 PDFToMarkdown.header=PDF To Markdown
 PDFToMarkdown.submit=Convert
 #url-to-pdf
 URLToPDF.title=URL a PDF
@@ -933,7 +951,8 @@ fileToPDF.submit=Converteix a PDF
 compress.title=Comprimir
 compress.header=Comprimir PDF
 compress.credit=Aquest servei utilitza qpdf per a la compressió/optimització de PDF.
-compress.selectText.1=Mode manual: de l'1 al 4
+compress.selectText.1=Mode manual: de l'1 al 5
 compress.selectText.1.1=In optimization levels 6 to 9, in addition to general PDF compression, image resolution is scaled down to further reduce file size. Higher levels result in stronger image compression (up to 50% of the original size), achieving greater size reduction but with potential quality loss in images.
 compress.selectText.2=Nivell d'optimització:
 compress.selectText.3=4 (terrible per a imatges de text)
 compress.selectText.4=Mode automàtic: ajusta automàticament la qualitat perquè el PDF tingui la mida exacta
--- a/src/main/resources/messages_cs_CZ.properties
+++ b/src/main/resources/messages_cs_CZ.properties
--- a/src/main/resources/messages_da_DK.properties
+++ b/src/main/resources/messages_da_DK.properties
@@ -138,6 +138,7 @@ analytics.settings=Du kan ændre analytics-indstillingerne i config/settings.yml
 #  NAVBAR   #
 #############
 navbar.favorite=Favoritter
 navbar.recent=New and recently updated
 navbar.darkmode=Mørk Tilstand
 navbar.language=Sprog
 navbar.settings=Indstillinger
@@ -265,6 +266,15 @@ home.viewPdf.title=Se PDF
 home.viewPdf.desc=Se, annotér, tilføj tekst eller billeder
 viewPdf.tags=se,læs,annotér,tekst,billede
 home.setFavorites=Set Favourites
 home.hideFavorites=Hide Favourites
 home.showFavorites=Show Favourites
 home.legacyHomepage=Old homepage
 home.newHomePage=Try our new homepage!
 home.alphabetical=Alphabetical
 home.globalPopularity=Global Popularity
 home.sortBy=Sort by:
 home.multiTool.title=PDF Multi Værktøj
 home.multiTool.desc=Flet, Rotér, Omarrangér og Fjern sider
 multiTool.tags=Multi Værktøj,Multi operation,UI,klik træk,front end,klient side,interaktiv,interagerbar,flyt
@@ -452,6 +462,9 @@ home.MarkdownToPDF.title=Markdown til PDF
 home.MarkdownToPDF.desc=Konverterer enhver Markdown-fil til PDF
 MarkdownToPDF.tags=markup,webindhold,transformation,konvertér
 home.PDFToMarkdown.title=PDF to Markdown
 home.PDFToMarkdown.desc=Converts any PDF to Markdown
 PDFToMarkdown.tags=markup,web-content,transformation,convert,md
 home.getPdfInfo.title=Få ALLE Oplysninger om PDF
 home.getPdfInfo.desc=Henter alle mulige oplysninger om PDF'er
@@ -646,6 +659,11 @@ MarkdownToPDF.help=Arbejde i gang
 MarkdownToPDF.credit=Bruger WeasyPrint
 #pdf-to-markdown
 PDFToMarkdown.title=PDF To Markdown
 PDFToMarkdown.header=PDF To Markdown
 PDFToMarkdown.submit=Convert
 #url-to-pdf
 URLToPDF.title=URL Til PDF
@@ -933,7 +951,8 @@ fileToPDF.submit=Konvertér til PDF
 compress.title=Komprimer
 compress.header=Komprimer PDF
 compress.credit=Denne tjeneste bruger qpdf til PDF Komprimering/Optimering.
-compress.selectText.1=Manuel Tilstand - Fra 1 til 4
+compress.selectText.1=Manuel Tilstand - Fra 1 til 5
 compress.selectText.1.1=In optimization levels 6 to 9, in addition to general PDF compression, image resolution is scaled down to further reduce file size. Higher levels result in stronger image compression (up to 50% of the original size), achieving greater size reduction but with potential quality loss in images.
 compress.selectText.2=Optimeringsniveau:
 compress.selectText.3=4 (Forfærdelig for tekstbilleder)
 compress.selectText.4=Auto tilstand - Justerer automatisk kvaliteten for at få PDF'en til en præcis størrelse
--- a/src/main/resources/messages_de_DE.properties
+++ b/src/main/resources/messages_de_DE.properties
@@ -82,7 +82,7 @@ pages=Seiten
 loading=Laden...
 addToDoc=In Dokument hinzufügen
 reset=Zurücksetzen
-apply=Apply
+apply=Anwenden
 legal.privacy=Datenschutz
 legal.terms=AGB
@@ -138,6 +138,7 @@ analytics.settings=Sie können die Einstellungen für die Analytics in der confi
 #  NAVBAR   #
 #############
 navbar.favorite=Favoriten
 navbar.recent=Neu und kürzlich aktualisiert
 navbar.darkmode=Dunkler Modus
 navbar.language=Sprachen
 navbar.settings=Einstellungen
@@ -249,7 +250,7 @@ database.backupCreated=Datenbanksicherung erfolgreich
 database.fileNotFound=Datei nicht gefunden
 database.fileNullOrEmpty=Datei darf nicht null oder leer sein
 database.failedImportFile=Dateiimport fehlgeschlagen
-database.notSupported=This function is not available for your database connection.
+database.notSupported=Diese Funktion ist für deine Datenbankverbindung nicht verfügbar.
 session.expired=Ihre Sitzung ist abgelaufen. Bitte laden Sie die Seite neu und versuchen Sie es erneut.
 session.refreshPage=Seite aktualisieren
@@ -265,13 +266,22 @@ home.viewPdf.title=PDF anzeigen
 home.viewPdf.desc=Anzeigen, Kommentieren, Text oder Bilder hinzufügen
 viewPdf.tags=anzeigen,lesen,kommentieren,text,bild
 home.setFavorites=Favoriten festlegen
 home.hideFavorites=Favoriten ausblenden
 home.showFavorites=Favoriten anzeigen
 home.legacyHomepage=Alte Homepage
 home.newHomePage=Probieren Sie unsere neue Homepage aus!
 home.alphabetical=Alphabetisch
 home.globalPopularity=Beliebtheit
 home.sortBy=Sort by:
 home.multiTool.title=PDF-Multitool
 home.multiTool.desc=Seiten zusammenführen, drehen, neu anordnen und entfernen
 multiTool.tags=Multi Tool,Multi operation,UI,click drag,front end,client side
 home.merge.title=Zusammenführen
 home.merge.desc=Mehrere PDF-Dateien zu einer einzigen zusammenführen
-merge.tags=zusammenführen,seitenvorgänge,back end,serverseite
+merge.tags=zusammenführen,seitenvorgänge,back end,serverseitig
 home.split.title=Aufteilen
 home.split.desc=PDFs in mehrere Dokumente aufteilen
@@ -452,6 +462,9 @@ home.MarkdownToPDF.title=Markdown zu PDF
 home.MarkdownToPDF.desc=Konvertiert jede Markdown-Datei zu PDF
 MarkdownToPDF.tags=markup,web-content,transformation,konvertieren
 home.PDFToMarkdown.title=PDF zu Markdown
 home.PDFToMarkdown.desc=Konvertiert jedes PDF in Markdown
 PDFToMarkdown.tags=markup,web inhalt,transformation,konvertieren,md
 home.getPdfInfo.title=Alle Informationen anzeigen
 home.getPdfInfo.desc=Erfasst alle möglichen Informationen in einer PDF
@@ -476,9 +489,9 @@ home.autoRedact.title=Automatisch zensieren/schwärzen
 home.autoRedact.desc=Automatisches Zensieren (Schwärzen) von Text in einer PDF-Datei basierend auf dem eingegebenen Text
 autoRedact.tags=zensieren,schwärzen
-home.redact.title=Manual Redaction
+home.redact.title=Manuell zensieren/schwärzen
-home.redact.desc=Redacts a PDF based on selected text, drawn shapes and/or selected page(s)
+home.redact.desc=Zensiere (Schwärze) eine PDF-Datei durch Auswählen von Text, gezeichneten Formen und/oder ausgewählten Seite(n)
-redact.tags=Redact,Hide,black out,black,marker,hidden,manual
+redact.tags=zensieren,schwärzen,verstecken,verdunkeln,schwarz,markieren,verbergen,manuell
 home.tableExtraxt.title=Tabelle extrahieren
 home.tableExtraxt.desc=Tabelle aus PDF in CSV extrahieren
@@ -586,30 +599,30 @@ autoRedact.convertPDFToImageLabel=PDF in PDF-Bild konvertieren (zum Entfernen vo
 autoRedact.submitButton=Zensieren
 #redact
-redact.title=Manual Redaction
+redact.title=Manuelles Zensieren (Schwärzen)
-redact.header=Manual Redaction
+redact.header=Manuelles Zensieren (Schwärzen)
-redact.submit=Redact
+redact.submit=Zensieren
-redact.textBasedRedaction=Text based Redaction
+redact.textBasedRedaction=Textbasiertes Zensieren
-redact.pageBasedRedaction=Page-based Redaction
+redact.pageBasedRedaction=Seitenweises Zensieren
-redact.convertPDFToImageLabel=Convert PDF to PDF-Image (Used to remove text behind the box)
+redact.convertPDFToImageLabel=Konvertiere PDF zu einem Bild (Zum Entfernen von Text hinter der Box verwenden)
-redact.pageRedactionNumbers.title=Pages
+redact.pageRedactionNumbers.title=Seiten
-redact.pageRedactionNumbers.placeholder=(e.g. 1,2,8 or 4,7,12-16 or 2n-1)
+redact.pageRedactionNumbers.placeholder=(z.B. 1,2,8 oder 4,7,12-16 oder 2n-1)
-redact.redactionColor.title=Redaction Color
+redact.redactionColor.title=Zensurfarbe
-redact.export=Export
+redact.export=Exportieren
-redact.upload=Upload
+redact.upload=Hochladen
-redact.boxRedaction=Box draw redaction
+redact.boxRedaction=Rechteck zeichnen zum zensieren
 redact.zoom=Zoom
-redact.zoomIn=Zoom in
+redact.zoomIn=Vergrößern
-redact.zoomOut=Zoom out
+redact.zoomOut=Verkleinern
-redact.nextPage=Next Page
+redact.nextPage=Nächste Seite
-redact.previousPage=Previous Page
+redact.previousPage=Vorherige Seite
-redact.toggleSidebar=Toggle Sidebar
+redact.toggleSidebar=Seitenleiste umschalten
-redact.showThumbnails=Show Thumbnails
+redact.showThumbnails=Vorschau anzeigen
-redact.showDocumentOutline=Show Document Outline (double-click to expand/collapse all items)
+redact.showDocumentOutline=Dokumentübersicht anzeigen (Doppelklick zum Auf/Einklappen aller Elemente)
-redact.showAttatchments=Show Attachments
+redact.showAttatchments=Zeige Anhänge
-redact.showLayers=Show Layers (double-click to reset all layers to the default state)
+redact.showLayers=Ebenen anzeigen (Doppelklick, um alle Ebenen auf den Standardzustand zurückzusetzen)
-redact.colourPicker=Colour Picker
+redact.colourPicker=Farbauswahl
-redact.findCurrentOutlineItem=Find current outline item
+redact.findCurrentOutlineItem=Aktuell gewähltes Element finden
 #showJS
 showJS.title=Javascript anzeigen
@@ -646,6 +659,11 @@ MarkdownToPDF.help=In Arbeit
 MarkdownToPDF.credit=Verwendet WeasyPrint
 #pdf-to-markdown
 PDFToMarkdown.title=PDF zu Markdown
 PDFToMarkdown.header=PDF zu Markdown
 PDFToMarkdown.submit=Konvertieren
 #url-to-pdf
 URLToPDF.title=URL zu PDF
@@ -862,7 +880,7 @@ sign.first=Erste Seite
 sign.last=Letzte Seite
 sign.next=Nächste Seite
 sign.previous=Vorherige Seite
-sign.maintainRatio=Toggle maintain aspect ratio
+sign.maintainRatio=Seitenverhältnis beibehalten ein-/ausschalten
 #repair
@@ -933,7 +951,8 @@ fileToPDF.submit=In PDF konvertieren
 compress.title=Komprimieren
 compress.header=PDF komprimieren
 compress.credit=Dieser Dienst verwendet qpdf für die PDF-Komprimierung/-Optimierung.
-compress.selectText.1=Manueller Modus – Von 1 bis 4
+compress.selectText.1=Manueller Modus – Von 1 bis 5
 compress.selectText.1.1=In den Optimierungsstufen 6 bis 9 wird zusätzlich zur allgemeinen PDF-Komprimierung die Bildauflösung reduziert, um die Dateigröße weiter zu verringern. Höhere Stufen führen zu einer stärkeren Bildkomprimierung (bis zu 50 % der Originalgröße), wodurch eine stärkere Größenreduzierung erreicht wird, die jedoch mit einem möglichen Qualitätsverlust der Bilder einhergeht.
 compress.selectText.2=Optimierungsstufe:
 compress.selectText.3=4 (Schrecklich für Textbilder)
 compress.selectText.4=Automatischer Modus – Passt die Qualität automatisch an, um das PDF auf die exakte Größe zu bringen
@@ -1319,8 +1338,8 @@ splitByChapters.submit=PDF teilen
 fileChooser.click=Klicken
 fileChooser.or=oder
 fileChooser.dragAndDrop=Drag & Drop
-fileChooser.dragAndDropPDF=Drag & Drop PDF file
+fileChooser.dragAndDropPDF=Drag & Drop PDF-Datei
-fileChooser.dragAndDropImage=Drag & Drop Image file
+fileChooser.dragAndDropImage=Drag & Drop Bilddatei
 fileChooser.hoveredDragAndDrop=Datei(en) hierhin Ziehen & Fallenlassen
 #release notes
--- a/src/main/resources/messages_el_GR.properties
+++ b/src/main/resources/messages_el_GR.properties
--- a/src/main/resources/messages_en_GB.properties
+++ b/src/main/resources/messages_en_GB.properties
@@ -138,6 +138,7 @@ analytics.settings=You can change the settings for analytics in the config/setti
 #  NAVBAR   #
 #############
 navbar.favorite=Favorites
 navbar.recent=New and recently updated
 navbar.darkmode=Dark Mode
 navbar.language=Languages
 navbar.settings=Settings
@@ -265,6 +266,15 @@ home.viewPdf.title=View PDF
 home.viewPdf.desc=View, annotate, add text or images
 viewPdf.tags=view,read,annotate,text,image
 home.setFavorites=Set Favourites
 home.hideFavorites=Hide Favourites
 home.showFavorites=Show Favourites
 home.legacyHomepage=Old homepage
 home.newHomePage=Try our new homepage!
 home.alphabetical=Alphabetical
 home.globalPopularity=Global Popularity
 home.sortBy=Sort by:
 home.multiTool.title=PDF Multi Tool
 home.multiTool.desc=Merge, Rotate, Rearrange, Split, and Remove pages
 multiTool.tags=Multi Tool,Multi operation,UI,click drag,front end,client side,interactive,intractable,move,delete,migrate,divide
@@ -450,8 +460,11 @@ HTMLToPDF.tags=markup,web-content,transformation,convert
 home.MarkdownToPDF.title=Markdown to PDF
 home.MarkdownToPDF.desc=Converts any Markdown file to PDF
-MarkdownToPDF.tags=markup,web-content,transformation,convert
+MarkdownToPDF.tags=markup,web-content,transformation,convert,md
 home.PDFToMarkdown.title=PDF to Markdown
 home.PDFToMarkdown.desc=Converts any PDF to Markdown
 PDFToMarkdown.tags=markup,web-content,transformation,convert,md
 home.getPdfInfo.title=Get ALL Info on PDF
 home.getPdfInfo.desc=Grabs any and all information possible on PDFs
@@ -646,6 +659,11 @@ MarkdownToPDF.help=Work in progress
 MarkdownToPDF.credit=Uses WeasyPrint
 #pdf-to-markdown
 PDFToMarkdown.title=PDF To Markdown
 PDFToMarkdown.header=PDF To Markdown
 PDFToMarkdown.submit=Convert
 #url-to-pdf
 URLToPDF.title=URL To PDF
@@ -933,7 +951,8 @@ fileToPDF.submit=Convert to PDF
 compress.title=Compress
 compress.header=Compress PDF
 compress.credit=This service uses qpdf for PDF Compress/Optimisation.
-compress.selectText.1=Manual Mode - From 1 to 4
+compress.selectText.1=Manual Mode - From 1 to 5
 compress.selectText.1.1=In optimization levels 6 to 9, in addition to general PDF compression, image resolution is scaled down to further reduce file size. Higher levels result in stronger image compression (up to 50% of the original size), achieving greater size reduction but with potential quality loss in images.
 compress.selectText.2=Optimisation level:
 compress.selectText.3=4 (Terrible for text images)
 compress.selectText.4=Auto mode - Auto adjusts quality to get PDF to exact size
@@ -998,8 +1017,8 @@ multiTool.moveLeft=Move Left
 multiTool.moveRight=Move Right
 multiTool.delete=Delete
 multiTool.dragDropMessage=Page(s) Selected
-multiTool.undo=Undo
+multiTool.undo=Undo (CTRL + Z)
-multiTool.redo=Redo
+multiTool.redo=Redo (CTRL + Y)
 #decrypt
 decrypt.passwordPrompt=This file is password-protected. Please enter the password:
@@ -1166,7 +1185,7 @@ changeMetadata.submit=Change
 #pdfToPDFA
 pdfToPDFA.title=PDF To PDF/A
 pdfToPDFA.header=PDF To PDF/A
-pdfToPDFA.credit=This service uses qpdf for PDF/A conversion
+pdfToPDFA.credit=This service uses libreoffice for PDF/A conversion
 pdfToPDFA.submit=Convert
 pdfToPDFA.tip=Currently does not work for multiple inputs at once
 pdfToPDFA.outputFormat=Output format
--- a/Show More
+++ b/Show More
`@@ -1,2 +1,2 @@`
	`# All PRs to V1 must be approved by Frooodle`	`# All PRs to V1 must be approved by Frooodle`
	`* @Frooodle @reecebrowne @Ludy87 @DarioGii`	`* @Frooodle @reecebrowne @Ludy87 @DarioGii @ConnorYoh`