Commit Graph
21 Commits
Author SHA1 Message Date
1f9b90ad57 feat(docker): update base images to Java 25, Spring 4, Jackson 3, Gradle 9 and optimize JVM options (Project Lilliput) (#5725)
Co-authored-by: Anthony Stirling <[email protected]>
2026-02-24 20:06:32 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6f217066a1 build(deps): bump org.postgresql:postgresql from 42.7.8 to 42.7.9 (#5554)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from
42.7.8 to 42.7.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/releases">org.postgresql:postgresql's
releases</a>.</em></p>
<blockquote>
<h2>v42.7.9</h2>
<h2>Changes</h2>
<ul>
<li>Added changelogs for version 42.7.9 <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3908">#3908</a>)</li>
<li>the classloader is nullable, and remove a space <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3907">#3907</a>)</li>
<li>fix: incorrect pg_stat_replication.reply_time calculation <a
href="https://github.com/atorik"><code>@​atorik</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3906">#3906</a>)</li>
<li>fix: issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3892">#3892</a>,
PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is
read only <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3897">#3897</a>)</li>
<li>fix badges for maven central and search paths. Sonatype has changed
the search paths <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3901">#3901</a>)</li>
<li>fix: make all Calendar instances proleptic Gregorian (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3837">#3837</a>)
<a
href="https://github.com/m-van-tilburg"><code>@​m-van-tilburg</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3887">#3887</a>)</li>
<li>test: add CI tests with Java 26 <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3893">#3893</a>)</li>
<li>perf: optimize PGInterval.getValue() by replacing String.format with
StringBuilder <a href="https://github.com/vlsi"><code>@​vlsi</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3866">#3866</a>)</li>
<li>use ssl_is_used() to check for ssl connection <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3867">#3867</a>)</li>
<li>Add PEMKeyManager to handle PEM based certs and keys. <a
href="https://github.com/harinath001"><code>@​harinath001</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3700">#3700</a>)</li>
<li>Comment and simplify the complex state machine logic in
QueryExecutorImpl <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3850">#3850</a>)</li>
<li>Revert &quot;fix: Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3784">#3784</a>
pgjdbc can't decode numeric arrays containing special numbers like
NaN&quot; <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3851">#3851</a>)</li>
<li>fix: Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3784">#3784</a>
pgjdbc can't decode numeric arrays containing special numbers like NaN
<a href="https://github.com/ShenFeng312"><code>@​ShenFeng312</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3838">#3838</a>)</li>
<li>Small simplication of locking patterns in QueryExecutorBase <a
href="https://github.com/Sanne"><code>@​Sanne</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3849">#3849</a>)</li>
<li>doc: update property quoteReturningIdentifiers default value <a
href="https://github.com/sodekim"><code>@​sodekim</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3847">#3847</a>)</li>
<li>feat: default query timeout property <a
href="https://github.com/cfredri4"><code>@​cfredri4</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3705">#3705</a>)</li>
<li>create action to deploy docs to <a
href="https://pgjdbc.github.io/">https://pgjdbc.github.io/</a> <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3819">#3819</a>)</li>
<li>fix homepage release note <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3817">#3817</a>)</li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>fix: close temporary lob descriptors that are used internally in
PreparedStatement#setBlob <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3903">#3903</a>)</li>
<li>fix: avoid memory leaks in Java &lt;= 21 caused by
Thread.inheritedAccessControlContext <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3886">#3886</a>)</li>
</ul>
<h2>📝 Documentation</h2>
<ul>
<li>doc: add the new PGP signing key to the official documentation <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3813">#3813</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>chore: remove unused com.github.spotbugs Gradle plugin dependency <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3868">#3868</a>)</li>
<li>chore: drop SpotBugs as we do not seem to use it <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3834">#3834</a>)</li>
<li>chore: bump version to 42.7.9 after 42.7.8 release <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3810">#3810</a>)</li>
</ul>
<h2>⬆️ Dependencies</h2>
<!-- raw HTML omitted -->
<ul>
<li>chore(deps): update actions/create-github-app-token digest to
29824e6 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3898">#3898</a>)</li>
<li>chore(deps): update actions/setup-java digest to c1e3236 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3899">#3899</a>)</li>
<li>chore(deps): update codecov/codecov-action digest to 671740a <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3900">#3900</a>)</li>
<li>fix(deps): update dependency org.junit:junit-bom to v5.14.1 -
autoclosed <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3884">#3884</a>)</li>
<li>fix(deps): update dependency org.apache.bcel:bcel to v6.11.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3883">#3883</a>)</li>
<li>fix(deps): update dependency org.mockito:mockito-bom to v5.20.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3885">#3885</a>)</li>
<li>fix(deps): update dependency net.bytebuddy:byte-buddy-parent to
v1.18.2 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3882">#3882</a>)</li>
<li>chore(deps): update github/codeql-action digest to 497990d <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3881">#3881</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md">org.postgresql:postgresql's
changelog</a>.</em></p>
<blockquote>
<h2>[42.7.9] (2026-01-14)</h2>
<h3>Added</h3>
<ul>
<li>feat: query timeout property [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3705">#3705</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3705">pgjdbc/pgjdbc#3705</a>)</li>
<li>feat: Add PEMKeyManager to handle PEM based certs and keys [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3700">#3700</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3700">pgjdbc/pgjdbc#3700</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>perf: optimize PGInterval.getValue() by replacing String.format with
StringBuilder</li>
<li>doc: update property quoteReturningIdentifiers default value [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3847">#3847</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3847">pgjdbc/pgjdbc#3847</a>)</li>
<li>security: Use a static method forName to load all user supplied
classes. Use the Class.forName 3 parameter method and do not initilize
it unless it is a subclass of the expected class</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>fix: incorrect pg_stat_replication.reply_time calculation [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3906">#3906</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3906">pgjdbc/pgjdbc#3906</a>)</li>
<li>fix: close temporary lob descriptors that are used internally in
PreparedStatement#setBlob</li>
<li>fix: PGXAConnection.prepare(Xid) should return XA_RDONLY if the
connection is read only [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3897">#3897</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3897">pgjdbc/pgjdbc#3897</a>)</li>
<li>fix: make all Calendar instances proleptic Gregorian [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3837">#3837</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3887">pgjdbc/pgjdbc#3887</a>)</li>
<li>fix: Simplify concurrency guards on QueryExecutorBase#transaction
and QueryExecutorBase#standardConformingStrings [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3897">#3897</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3849">pgjdbc/pgjdbc#3849</a>)</li>
<li>fix: avoid memory leaks in Java &lt;= 21 caused by
Thread.inheritedAccessControlContext [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3886">#3886</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3886">pgjdbc/pgjdbc#3886</a>)</li>
<li>fix: Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3784">#3784</a>
pgjdbc can't decode numeric arrays containing special numbers like NaN
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3838">#3838</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3838">pgjdbc/pgjdbc#3838</a>)</li>
<li>fix: use ssl_is_used() to check for ssl connection [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3867">#3867</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3867">pgjdbc/pgjdbc#3867</a>)</li>
<li>fix: the classloader is nullable [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3907">#3907</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3907">pgjdbc/pgjdbc#3907</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/79b784e3a63def9d12088471334399a53016d880"><code>79b784e</code></a>
Added changelogs for version 42.7.9 (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3908">#3908</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/1c00ffc02be1570027b6510cbcd760b916227800"><code>1c00ffc</code></a>
doc: add the new PGP signing key to the official documentation</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/f774000c105ddb2971f50dc5cf51a2d20ee4c14a"><code>f774000</code></a>
chore(deps): update actions/create-github-app-token digest to
29824e6</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/27daf3b48b8b7d266ba680f59345f3723e2786d2"><code>27daf3b</code></a>
chore(deps): update actions/setup-java digest to c1e3236</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/6eb01ff6bcb7ba6d71c9363a29d7305911861946"><code>6eb01ff</code></a>
chore(deps): update codecov/codecov-action digest to 671740a</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/dbf1e57747709b560da16fdcec0ba9e927393516"><code>dbf1e57</code></a>
the classloader is nullable, and remove a space (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3907">#3907</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/6a20574f4c896b3f02d7f36d21ab1f3da15c3936"><code>6a20574</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/c07721af972eee4f10873b1a23b3811336454436"><code>c07721a</code></a>
fix: incorrect pg_stat_replication.reply_time calculation (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3906">#3906</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/83023f3c2ae98dc69df00a560dbbe386afafe3b1"><code>83023f3</code></a>
fix: close temporary lob descriptors that are used internally in
PreparedStat...</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/62c9805ef8606f3d38273ac69f64b14e936a0bfa"><code>62c9805</code></a>
fix: issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3892">#3892</a>,
PGXAConnection.prepare(Xid) should return XA_RDONLY if the ...</li>
<li>Additional commits viewable in <a
href="https://github.com/pgjdbc/pgjdbc/compare/REL42.7.8...REL42.7.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.postgresql:postgresql&package-manager=gradle&previous-version=42.7.8&new-version=42.7.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-06 10:43:40 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
691fb80554 build(deps): bump io.swagger.core.v3:swagger-core-jakarta from 2.2.41 to 2.2.42 (#5549)
Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.41 to 2.2.42.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.swagger.core.v3:swagger-core-jakarta&package-manager=gradle&previous-version=2.2.41&new-version=2.2.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-06 10:43:23 +00:00
LudyandGitHub 3711d8d6b1 refactor(security): clean up SSO handling, harden URL parsing, and bump dependencies (#5523)
# Description of Changes

This PR performs a broad cleanup and refactor across the security, SSO,
and dependency layers to improve correctness, maintainability, and
robustness.

### What was changed

- **SSO / Authentication cleanup**
- Removed deprecated and ambiguous `SSO` authentication handling in
favor of explicit `OAUTH2` and `SAML2`.
- Introduced a centralized helper (`isSsoAuthenticationTypeByUsername`)
to consistently detect SSO-backed users.
- Hardened user creation logic to strictly validate authentication types
and reject invalid values.
- Updated OAuth2 and SAML2 authentication success handlers to use
unified SSO detection logic and clearer control flow.
  - Adjusted tests to reflect the new canonical authentication types.

- **Security & robustness improvements**
- Replaced direct `new URL(...)` usage with `URI.create(...).toURL()` to
avoid malformed URL edge cases.
- Hardened `Referer` parsing logic to safely handle invalid or host-less
URIs.
- Improved string comparison patterns (`"literal".equals(x)`) to avoid
potential `NullPointerException`s.

- **Controller and API cleanup**
- Removed large blocks of unused and legacy admin settings endpoints
from `SettingsController`.
- Updated OpenAPI annotations to use `requiredMode` instead of
deprecated `required`.

- **Dependency and build maintenance**
  - Updated Spring Boot from `3.5.7` to `3.5.9`.
- Updated multiple dependencies (Spring Security, Jackson, Micrometer,
Jetty, Hibernate, SnakeYAML, Springdoc, Swagger UI, etc.).
- Synced dependency versions in `3rdPartyLicenses.json` and removed
duplicate or obsolete entries.
- Modernized Gradle DSL usage (`url =`, `username =`,
`allowInsecureProtocol = true`).
- Ensured Spotless disabling applies consistently across all
subprojects.
  - Added `.build-cache` to `.gitignore`.

### Why the change was made

- To eliminate legacy and ambiguous SSO handling that could lead to
incorrect authentication decisions.
- To improve security and stability when dealing with user-controlled
URLs and headers.
- To reduce technical debt by removing unused controllers and deprecated
patterns.
- To keep dependencies up to date and aligned with the current Spring
Boot release.
- To improve overall code clarity, consistency, and long-term
maintainability.

---

This pull request contains dependency updates, minor code cleanups, and
some refactoring to improve maintainability and correctness. The most
significant change is the removal of all admin settings endpoints
(GET/POST) from the `SettingsController`, which impacts how application
settings can be managed via the API. Additionally, there are dependency
version bumps, minor improvements to static resource checks, and small
refactors in certificate download logic and Telegram bot service.

**Major API changes:**

* Removed all admin settings endpoints (general, security, connections,
privacy, advanced) from `SettingsController`, including both GET and
POST handlers for updating and retrieving settings. This eliminates the
ability to manage these settings via the API.

**Dependency updates:**

* Upgraded `snakeyaml-engine` from 2.10 to 3.0.1 and
`springdoc-openapi-starter-webmvc-ui` from 2.8.14 to 2.8.15 in
`build.gradle`.

**Refactoring and bug fixes:**

* Refactored static resource check in `RequestUriUtils.isStaticResource`
to use constant-first string comparison for better null safety and
clarity.
* Updated certificate download logic in `CertificateValidationService`
to use `URI.create(urlStr).toURL()` instead of `new URL(urlStr)` for
improved URL parsing and error handling.
[[1]](diffhunk://#diff-d2646f37bfd3e0963cbce16ab13edb52f2092795f54203b999dd82651154f26dL513-R514)
[[2]](diffhunk://#diff-d2646f37bfd3e0963cbce16ab13edb52f2092795f54203b999dd82651154f26dL703-R704)
* Refactored `TelegramPipelineBot` to consistently use
`telegramProperties.getBotToken()` instead of `getBotToken()`, and
removed the `getBotToken()` method override.
[[1]](diffhunk://#diff-a2466b92f58750ea37960cd1533e3194d9ecc3b4ef5ad7b64a017ee0e636ad93L85-R85)
[[2]](diffhunk://#diff-a2466b92f58750ea37960cd1533e3194d9ecc3b4ef5ad7b64a017ee0e636ad93L395-R395)
[[3]](diffhunk://#diff-a2466b92f58750ea37960cd1533e3194d9ecc3b4ef5ad7b64a017ee0e636ad93L519-L523)

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-01-22 19:39:34 +00:00
LudyandGitHub 80cba55459 refactor: remove legacy Thymeleaf web UI controllers and templates (#5406)
# Description of Changes

This pull request completes the removal of Thymeleaf template engine
support and documentation from the Stirling-PDF codebase and developer
guides, reflecting the project's full migration to a React-based
frontend. It removes all references to Thymeleaf in code, configuration,
and documentation, and updates guides to focus exclusively on the React
SPA architecture. This streamlines the codebase and clarifies the
development workflow for contributors.

**Codebase cleanup: Thymeleaf removal**
- Removed all commented-out Thymeleaf dependencies and related
configuration beans from `build.gradle` and `AppConfig.java`
(`app/common/build.gradle`,
`app/common/src/main/java/stirling/software/common/configuration/AppConfig.java`)
[[1]](diffhunk://#diff-2a1a21726f33b05d16451237c68d6df91a5f4a58419d839715f3f1538a9a14aeL32)
[[2]](diffhunk://#diff-70792df9a0ab5675ded888c9eb8e2815c780d7b39f4bda8cf2da51d1b336899aL67-L76).
- Fully commented out (as a precursor to future deletion) the
`FileFallbackTemplateResolver` and `InputStreamTemplateResource`
classes, which were only used for Thymeleaf template resolution
(`app/common/src/main/java/stirling/software/common/configuration/FileFallbackTemplateResolver.java`,
`app/common/src/main/java/stirling/software/common/model/InputStreamTemplateResource.java`)
[[1]](diffhunk://#diff-e2bc7614074316b972355cb7dda47b98f75b00eb6b2ca4f143a680ab2803dcd8L1-L49)
[[2]](diffhunk://#diff-ab10ee12d8de8fb77759e931170373d388bde04bad6d0e42a0ab674355ef7ef3L1-L40).

**Documentation updates: React-only focus**
- Removed all instructions and references to migrating or developing
with Thymeleaf templates in `DeveloperGuide.md` and `ADDING_TOOLS.md`,
including detailed Thymeleaf usage examples, migration steps, and
translation key usage in templates
[[1]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL5-R5)
[[2]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL41-L43)
[[3]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL103-L105)
[[4]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL157)
[[5]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL312)
[[6]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL404-R396)
[[7]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL451-L505)
[[8]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL530-R467)
[[9]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL585-L669)
[[10]](diffhunk://#diff-ccd22fcbec8148152c8c77b85fbfe2633a6707b5ad50c2ef88fa87e2c47ea88fL699-L709)
[[11]](diffhunk://#diff-e2f8148ea620602b7761e8ee24afeac1c577476630528e210fe0b22e950016ddL3-R3)
[[12]](diffhunk://#diff-e2f8148ea620602b7761e8ee24afeac1c577476630528e210fe0b22e950016ddL267-R267).
- Updated architecture descriptions in `CLAUDE.md` to reflect that the
frontend is now exclusively a React SPA and that Thymeleaf templates
have been fully replaced
[[1]](diffhunk://#diff-6ebdb617a8104a7756d0cf36578ab01103dc9f07e4dc6feb751296b9c402faf7L131-R132)
[[2]](diffhunk://#diff-6ebdb617a8104a7756d0cf36578ab01103dc9f07e4dc6feb751296b9c402faf7L143-L144).

**Labeler configuration update**
- Removed labeler rules for files related to the old Thymeleaf-based web
controllers and UI directories, as these are now obsolete
(`.github/labeler-config-srvaroa.yml`).

These changes ensure the codebase and documentation are consistent with
the new React-only frontend approach, reducing maintenance overhead and
potential confusion for contributors.

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-01-21 21:58:29 +00:00
LudyandGitHub 8bb807471f chore(ci): enable Gradle dependency caching across GitHub workflows (#5400)
# Description of Changes

This pull request updates the CI/CD workflows and Gradle configuration
to improve build reproducibility, security, and external dependency
management. The main changes include standardizing Gradle setup across
workflows, securely injecting Maven credentials, and enabling Gradle
build caching. There are also minor improvements to dependency version
management and plugin repository configuration.

**CI/CD Workflow Improvements:**

- Standardized Gradle setup across all GitHub Actions workflows by
explicitly adding a `Setup Gradle` step using
`gradle/actions/[email protected]` and specifying Gradle version 8.14.
This replaces previous usages and ensures consistency.
[[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R71-R81)
[[2]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L157-R176)
[[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R134-R144)
[[4]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R206-R216)
[[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R260-R264)
[[6]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R331-R341)
[[7]](diffhunk://#diff-3c0f521958c53ad27c967692b4d5480ead136acb33622ee97d39df814b1b202eR339-R351)
[[8]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL53-R54)
[[9]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL121-R127)
[[10]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR206-R217)
[[11]](diffhunk://#diff-6a2e9fb077e57351f4a7e10d03b114e256298babdf06e7e7ae666781a5cf36a1R60-R70)
[[12]](diffhunk://#diff-62dcbe64a950b4efb54d691e1e87451a8cd535400aa9ea1e40893de5b57cd73bL45-R46)
[[13]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fL46-R56)
[[14]](diffhunk://#diff-fd60dc2adec58c1005c4e4164e9c24362fd6082fd3ab0403e54d276d9835fa6eL42-R65)
[[15]](diffhunk://#diff-b34ab107dd4bc92075b2e89b6f16e4a2813e267ca7c2afebdb1931a0a3900d5aR102-R114)
[[16]](diffhunk://#diff-98b618771a57e1758961359ecacbac2cff7cfef29aa021c3bc294ae926c4ce5bL47-R51)

- Enabled Gradle build cache (`--build-cache`) for all build-related
commands in workflows, improving build performance and consistency. Also
removed unnecessary `clean` commands before builds to further optimize
workflow times.
[[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R71-R81)
[[2]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L157-R176)
[[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R134-R144)
[[4]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R206-R216)
[[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R331-R341)
[[6]](diffhunk://#diff-3c0f521958c53ad27c967692b4d5480ead136acb33622ee97d39df814b1b202eR339-R351)
[[7]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL134-R144)
[[8]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR206-R217)
[[9]](diffhunk://#diff-6a2e9fb077e57351f4a7e10d03b114e256298babdf06e7e7ae666781a5cf36a1R60-R70)
[[10]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fL46-R56)
[[11]](diffhunk://#diff-fd60dc2adec58c1005c4e4164e9c24362fd6082fd3ab0403e54d276d9835fa6eL42-R65)
[[12]](diffhunk://#diff-b34ab107dd4bc92075b2e89b6f16e4a2813e267ca7c2afebdb1931a0a3900d5aR102-R114)
[[13]](diffhunk://#diff-98b618771a57e1758961359ecacbac2cff7cfef29aa021c3bc294ae926c4ce5bL47-R51)

**Security and Dependency Management:**

- Injected Maven credentials (`MAVEN_USER`, `MAVEN_PASSWORD`,
`MAVEN_PUBLIC_URL`) as environment variables in all relevant workflow
steps, supporting secure access to private or custom Maven repositories.
[[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R71-R81)
[[2]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L157-R176)
[[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R134-R144)
[[4]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R206-R216)
[[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R290-R293)
[[6]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R331-R341)
[[7]](diffhunk://#diff-3c0f521958c53ad27c967692b4d5480ead136acb33622ee97d39df814b1b202eR339-R351)
[[8]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR66-R69)
[[9]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL134-R144)
[[10]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR281-R283)
[[11]](diffhunk://#diff-62dcbe64a950b4efb54d691e1e87451a8cd535400aa9ea1e40893de5b57cd73bR57-R60)
[[12]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fR73-R76)
[[13]](diffhunk://#diff-fd60dc2adec58c1005c4e4164e9c24362fd6082fd3ab0403e54d276d9835fa6eL42-R65)
[[14]](diffhunk://#diff-b34ab107dd4bc92075b2e89b6f16e4a2813e267ca7c2afebdb1931a0a3900d5aR178-R180)
[[15]](diffhunk://#diff-98b618771a57e1758961359ecacbac2cff7cfef29aa021c3bc294ae926c4ce5bL47-R51)

- Added a `pluginManagement` block in `settings.gradle` to allow Gradle
plugins to be resolved from a custom Maven repository if specified by
environment variables, increasing flexibility for plugin sourcing.

**Build and Dependency Versioning:**

- Updated `app/proprietary/build.gradle` to use the
`bouncycastleVersion` variable for the Bouncy Castle dependency version,
improving maintainability and consistency of dependency versioning.

**Workflow Trigger Improvements:**

- Expanded the file path triggers in
`.github/workflows/sync_files_v2.yml` to include additional Gradle build
files, ensuring the workflow runs when any core build files are changed.

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-01-19 19:03:50 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e137436656 build(deps): bump bouncycastleVersion from 1.82 to 1.83 (#5111)
Bumps `bouncycastleVersion` from 1.82 to 1.83.
Updates `org.bouncycastle:bcprov-jdk18on` from 1.82 to 1.83
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html">org.bouncycastle:bcprov-jdk18on's
changelog</a>.</em></p>
<blockquote>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.1.1 Version<!--
raw HTML omitted --><!-- raw HTML omitted -->
Release: 1.83<!-- raw HTML omitted -->
Date:      2025, November 27th.</p>
<!-- raw HTML omitted -->
<p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.2.1 Version<!--
raw HTML omitted --><!-- raw HTML omitted -->
Release: 1.82<!-- raw HTML omitted -->
Date:      2025, 17th September.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bcgit/bc-java/commits">compare view</a></li>
</ul>
</details>
<br />

Updates `org.bouncycastle:bcpkix-jdk18on` from 1.82 to 1.83
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html">org.bouncycastle:bcpkix-jdk18on's
changelog</a>.</em></p>
<blockquote>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.1.1 Version<!--
raw HTML omitted --><!-- raw HTML omitted -->
Release: 1.83<!-- raw HTML omitted -->
Date:      2025, November 27th.</p>
<!-- raw HTML omitted -->
<p><!-- raw HTML omitted --><!-- raw HTML omitted -->2.2.1 Version<!--
raw HTML omitted --><!-- raw HTML omitted -->
Release: 1.82<!-- raw HTML omitted -->
Date:      2025, 17th September.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/bcgit/bc-java/commits">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-22 15:45:11 +00:00
+18 68ed54e398 V1 merge (#5193)
# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Balázs Szücs <[email protected]>
Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com>
Co-authored-by: ConnorYoh <[email protected]>
Co-authored-by: Connor Yoh <[email protected]>
Co-authored-by: OUNZAR Aymane <[email protected]>
Co-authored-by: YAOU Reda <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
Co-authored-by: Balázs Szücs <[email protected]>
Co-authored-by: Ludy <[email protected]>
Co-authored-by: tkymmm <[email protected]>
Co-authored-by: Peter Dave Hello <[email protected]>
Co-authored-by: albanobattistella <[email protected]>
Co-authored-by: PingLin8888 <[email protected]>
Co-authored-by: FdaSilvaYY <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: OteJlo <[email protected]>
Co-authored-by: Angel <[email protected]>
Co-authored-by: Ricardo Catarino <[email protected]>
Co-authored-by: Luis Antonio Argüelles González <[email protected]>
Co-authored-by: Dawid Urbański <[email protected]>
Co-authored-by: Stephan Paternotte <[email protected]>
Co-authored-by: Leonardo Santos Paulucio <[email protected]>
Co-authored-by: hamza khalem <[email protected]>
Co-authored-by: IT Creativity + Art Team <[email protected]>
Co-authored-by: Reece Browne <[email protected]>
Co-authored-by: James Brunton <[email protected]>
Co-authored-by: Victor Villarreal <[email protected]>
2025-12-21 10:40:32 +00:00
b0397da19e PDF Text editor (#4724)
## Summary
- add a `PdfJsonConversionService` that serializes PDF text, fonts, and
metadata to JSON and rebuilds a PDF from the same structure
- expose REST endpoints for `/pdf/json` and `/json/pdf` conversions
using the existing convert API infrastructure
- define JSON model classes capturing document metadata, font
information, and positioned text elements

## Testing
- `./gradlew spotlessApply` *(fails: plugin
org.springframework.boot:3.5.4 unavailable in build environment)*
- `./gradlew build` *(fails: plugin org.springframework.boot:3.5.4
unavailable in build environment)*

------
https://chatgpt.com/codex/tasks/task_b_68f8e98d94ac8328a0e499e541528b6f

---------

Co-authored-by: EthanHealy01 <[email protected]>
2025-11-24 14:15:02 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8884e65c29 build(deps): bump io.swagger.core.v3:swagger-core-jakarta from 2.2.36 to 2.2.38 (#4551)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.36 to 2.2.38.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.swagger.core.v3:swagger-core-jakarta&package-manager=gradle&previous-version=2.2.36&new-version=2.2.38)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-30 11:38:51 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
16576c1789 build(deps): bump org.postgresql:postgresql from 42.7.7 to 42.7.8 (#4479)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-28 16:36:30 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
591a70f9b0 build(deps): bump bouncycastleVersion from 1.81 to 1.82 (#4474)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-28 16:35:24 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1036befaf1 build(deps): bump com.bucket4j:bucket4j_jdk17-core from 8.14.0 to 8.15.0 (#4279)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[com.bucket4j:bucket4j_jdk17-core](https://github.com/bucket4j/bucket4j)
from 8.14.0 to 8.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bucket4j/bucket4j/releases">com.bucket4j:bucket4j_jdk17-core's
releases</a>.</em></p>
<blockquote>
<h2>8.15.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix typo in previous-releases link by <a
href="https://github.com/DominiQN"><code>@​DominiQN</code></a> in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/533">bucket4j/bucket4j#533</a></li>
<li>Fix typo in verbose-api docs by <a
href="https://github.com/cmg1411"><code>@​cmg1411</code></a> in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/540">bucket4j/bucket4j#540</a></li>
<li>Fix comment in redisson.adoc by <a
href="https://github.com/K-jun98"><code>@​K-jun98</code></a> in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/541">bucket4j/bucket4j#541</a></li>
<li>Add valid example using Redisson library by <a
href="https://github.com/JoshWein"><code>@​JoshWein</code></a> in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/542">bucket4j/bucket4j#542</a></li>
<li>MongoDB backend by <a
href="https://github.com/granikartem"><code>@​granikartem</code></a> in
<a
href="https://redirect.github.com/bucket4j/bucket4j/pull/549">bucket4j/bucket4j#549</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/DominiQN"><code>@​DominiQN</code></a>
made their first contribution in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/533">bucket4j/bucket4j#533</a></li>
<li><a href="https://github.com/cmg1411"><code>@​cmg1411</code></a> made
their first contribution in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/540">bucket4j/bucket4j#540</a></li>
<li><a href="https://github.com/K-jun98"><code>@​K-jun98</code></a> made
their first contribution in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/541">bucket4j/bucket4j#541</a></li>
<li><a href="https://github.com/JoshWein"><code>@​JoshWein</code></a>
made their first contribution in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/542">bucket4j/bucket4j#542</a></li>
<li><a
href="https://github.com/granikartem"><code>@​granikartem</code></a>
made their first contribution in <a
href="https://redirect.github.com/bucket4j/bucket4j/pull/549">bucket4j/bucket4j#549</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/bucket4j/bucket4j/compare/8.14.0...8.15.0">https://github.com/bucket4j/bucket4j/compare/8.14.0...8.15.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/1ecc3152b8c9383d12e37aae1e6a431dbac9baa1"><code>1ecc315</code></a>
Documentation for release 8.15.0</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/0d257fd2f4f9ff871268feef50c7f40a7b8bb486"><code>0d257fd</code></a>
Documentation for release 8.15.0</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/621f5d58043cad215fae598e432c45d6ebaa32e0"><code>621f5d5</code></a>
Documentation for release 8.15.0</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/2930d8388b6168f8056ffa9e0ac6a72a8efa230d"><code>2930d83</code></a>
<a
href="https://redirect.github.com/bucket4j/bucket4j/issues/549">#549</a>
documentations</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/9b7f66a80f69b48dd2b7cc79699d651eb5eaba20"><code>9b7f66a</code></a>
Changes according to the OSSRH Sunset <a
href="https://central.sonatype.org/pages/ossr">https://central.sonatype.org/pages/ossr</a>...</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/a9dae860eae3298cdd223cb06ede4669222463b5"><code>a9dae86</code></a>
<a
href="https://redirect.github.com/bucket4j/bucket4j/issues/549">#549</a>
do not insist on specific the mongo-driver versions</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/4c4f1b9f7a0fd1987690ac728214bc06bc9332f1"><code>4c4f1b9</code></a>
<a
href="https://redirect.github.com/bucket4j/bucket4j/issues/549">#549</a>
add project names</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/3e024b0fb0d5d7c0c9f7dbee948f64ac9bda69ed"><code>3e024b0</code></a>
<a
href="https://redirect.github.com/bucket4j/bucket4j/issues/549">#549</a>
add license</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/70e9cf58f93d3641d91a4428bb5eb9c25c7a9d3b"><code>70e9cf5</code></a>
<a
href="https://redirect.github.com/bucket4j/bucket4j/issues/549">#549</a>
fix modular-name</li>
<li><a
href="https://github.com/bucket4j/bucket4j/commit/1cbc7e1f3e70de94ec1ff4d6deea7d5b1bf15ea4"><code>1cbc7e1</code></a>
<a
href="https://redirect.github.com/bucket4j/bucket4j/issues/549">#549</a>
fix maven configuration</li>
<li>Additional commits viewable in <a
href="https://github.com/bucket4j/bucket4j/compare/8.14.0...8.15.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.bucket4j:bucket4j_jdk17-core&package-manager=gradle&previous-version=8.14.0&new-version=8.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 12:29:40 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Dario Ghunney Ware
1d527db305 build(deps): bump jwtVersion from 0.12.7 to 0.13.0 (#4270)
Bumps `jwtVersion` from 0.12.7 to 0.13.0.
Updates `io.jsonwebtoken:jjwt-api` from 0.12.7 to 0.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/releases">io.jsonwebtoken:jjwt-api's
releases</a>.</em></p>
<blockquote>
<h2>0.13.0</h2>
<p><strong>This is the last minor JJWT release branch that will support
Java 7</strong>.</p>
<p>Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
<a
href="https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8">Java
8 compatible changes</a>, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<h2>What's Changed</h2>
<p>This release contains a single change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map&lt;String, Class&lt;?&gt;&gt; claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims type converter on their own specified <code>ObjectMapper</code>
instance. Thank you to <a
href="https://github.com/kesrishubham2510"><code>@​kesrishubham2510</code></a>
for PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md">io.jsonwebtoken:jjwt-api's
changelog</a>.</em></p>
<blockquote>
<h3>0.13.0</h3>
<p>This is the last minor JJWT release branch that will support Java 7.
Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
Java 8 compatible changes, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<p>This <code>0.13.0</code> minor release has only one change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map&lt;String, Class&lt;?&gt;&gt; claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims
type converter on their own specified <code>ObjectMapper</code>
instance. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b"><code>a757add</code></a>
[maven-release-plugin] prepare release 0.13.0</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d"><code>e357463</code></a>
Preparing for the 0.13.0 release.</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342"><code>b6f8cb8</code></a>
Made constructor public to allow users their own objectMapper instance
(<a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14"><code>03f088a</code></a>
Bumping development version to 0.13.0-SNAPSHOT (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1014">#1014</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca"><code>3f2697f</code></a>
Release 0.12.7 (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1012">#1012</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/a0a123e848fc25a7920bcbd84615f639c4cc098a"><code>a0a123e</code></a>
PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/917">#917</a></li>
<li>See full diff in <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `io.jsonwebtoken:jjwt-impl` from 0.12.7 to 0.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/releases">io.jsonwebtoken:jjwt-impl's
releases</a>.</em></p>
<blockquote>
<h2>0.13.0</h2>
<p><strong>This is the last minor JJWT release branch that will support
Java 7</strong>.</p>
<p>Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
<a
href="https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8">Java
8 compatible changes</a>, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<h2>What's Changed</h2>
<p>This release contains a single change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map&lt;String, Class&lt;?&gt;&gt; claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims type converter on their own specified <code>ObjectMapper</code>
instance. Thank you to <a
href="https://github.com/kesrishubham2510"><code>@​kesrishubham2510</code></a>
for PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md">io.jsonwebtoken:jjwt-impl's
changelog</a>.</em></p>
<blockquote>
<h3>0.13.0</h3>
<p>This is the last minor JJWT release branch that will support Java 7.
Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
Java 8 compatible changes, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<p>This <code>0.13.0</code> minor release has only one change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map&lt;String, Class&lt;?&gt;&gt; claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims
type converter on their own specified <code>ObjectMapper</code>
instance. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jwtk/jjwt/commit/a757addce04f6b6d8086beeee8dafcf670550a5b"><code>a757add</code></a>
[maven-release-plugin] prepare release 0.13.0</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/e357463c59cf62c1f70503ac0102d10efcdfc37d"><code>e357463</code></a>
Preparing for the 0.13.0 release.</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/b6f8cb82a9c2e9817d842bfe72d2c8fb03124342"><code>b6f8cb8</code></a>
Made constructor public to allow users their own objectMapper instance
(<a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/03f088a4eb774bae2403c428aa885a12d3afde14"><code>03f088a</code></a>
Bumping development version to 0.13.0-SNAPSHOT (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1014">#1014</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/3f2697f854bedebe63e9eddb8c596f76086d11ca"><code>3f2697f</code></a>
Release 0.12.7 (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1012">#1012</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/a0a123e848fc25a7920bcbd84615f639c4cc098a"><code>a0a123e</code></a>
PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/917">#917</a></li>
<li>See full diff in <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `io.jsonwebtoken:jjwt-jackson` from 0.12.7 to 0.13.0


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dario Ghunney Ware <[email protected]>
2025-08-27 10:28:08 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3f004dcad3 build(deps): bump io.swagger.core.v3:swagger-core-jakarta from 2.2.35 to 2.2.36 (#4226)
Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.35 to 2.2.36.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.swagger.core.v3:swagger-core-jakarta&package-manager=gradle&previous-version=2.2.35&new-version=2.2.36)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-24 21:17:10 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
12d4e26aa3 build(deps): bump jwtVersion from 0.12.6 to 0.12.7 (#4229)
Bumps `jwtVersion` from 0.12.6 to 0.12.7.
Updates `io.jsonwebtoken:jjwt-api` from 0.12.6 to 0.12.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/releases">io.jsonwebtoken:jjwt-api's
releases</a>.</em></p>
<blockquote>
<h2>0.12.7</h2>
<p>This patch release:</p>
<ul>
<li>
<p>Adds a new Maven BOM! This is useful for multi-module projects. See
<a href="https://redirect.github.com/jwtk/jjwt/issues/967">Issue
967</a>.</p>
</li>
<li>
<p>Allows the <code>JwtParserBuilder</code> to have empty nested
algorithm collections, effectively disabling the parser's associated
feature:</p>
<ul>
<li>Emptying the <code>zip()</code> nested collection disables JWT
decompression.</li>
<li>Emptying the <code>sig()</code> nested collection disables JWS
mac/signature verification (i.e. all JWSs will be
unsupported/rejected).</li>
<li>Emptying either the <code>enc()</code> or <code>key()</code> nested
collections disables JWE decryption (i.e. all JWEs will be
unsupported/rejected)</li>
</ul>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/996">Issue
996</a>.</p>
</li>
<li>
<p>Fixes <a href="https://redirect.github.com/jwtk/jjwt/issues/961">bug
961</a> where <code>JwtParserBuilder</code> nested collection builders
were not correctly replacing algorithms with the same id.</p>
</li>
<li>
<p>Ensures a <code>JwkSet</code>'s <code>keys</code> collection is no
longer entirely secret/redacted by default. This was an overzealous
default that was unnecessarily restrictive; the <code>keys</code>
collection itself should always be public, and each individual key
within should determine which fields should be redacted when printed.
See <a href="https://redirect.github.com/jwtk/jjwt/issues/976">Issue
976</a>.</p>
</li>
<li>
<p>Improves performance slightly by ensuring all <code>jjwt-api</code>
utility methods that create <code>*Builder</code> instances
(<code>Jwts.builder()</code>, <code>Jwts.parserBuilder()</code>,
<code>Jwks.builder()</code>, etc) no longer use reflection.</p>
<p>Instead,<code>static</code> factories are created via reflection only
once during initial <code>jjwt-api</code> classloading, and then
<code>*Builder</code>s are created via standard instantiation using the
<code>new</code> operator thereafter. This also benefits certain
environments that may not have ideal <code>ClassLoader</code>
implementations (e.g. Tomcat in some cases).</p>
<p><strong>NOTE: because this changes which classes are loaded via
reflection, any environments that must explicitly reference reflective
class names (e.g. GraalVM applications) will need to be updated to
reflect the new factory class names</strong>.</p>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/988">Issue
988</a>.</p>
</li>
<li>
<p>Upgrades the Gson dependency to <code>2.11.0</code></p>
</li>
<li>
<p>Upgrades the BouncyCastle dependency to <code>1.78.1</code></p>
</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/sigpwned"><code>@​sigpwned</code></a>
made their first contribution in <a
href="https://redirect.github.com/jwtk/jjwt/pull/968">jwtk/jjwt#968</a></li>
<li><a
href="https://github.com/TheMrMilchmann"><code>@​TheMrMilchmann</code></a>
made their first contribution in <a
href="https://redirect.github.com/jwtk/jjwt/pull/979">jwtk/jjwt#979</a></li>
<li><a href="https://github.com/atanasg"><code>@​atanasg</code></a> made
their first contribution in <a
href="https://redirect.github.com/jwtk/jjwt/pull/974">jwtk/jjwt#974</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7">https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md">io.jsonwebtoken:jjwt-api's
changelog</a>.</em></p>
<blockquote>
<h3>0.12.7</h3>
<p>This patch release:</p>
<ul>
<li>
<p>Adds a new Maven BOM, useful for multi-module projects. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/967">Issue
967</a>.</p>
</li>
<li>
<p>Allows the <code>JwtParserBuilder</code> to have empty nested
algorithm collections, effectively disabling the parser's associated
feature:</p>
<ul>
<li>Emptying the <code>zip()</code> nested collection disables JWT
decompression.</li>
<li>Emptying the <code>sig()</code> nested collection disables JWS
mac/signature verification (i.e. all JWSs will be
unsupported/rejected).</li>
<li>Emptying either the <code>enc()</code> or <code>key()</code> nested
collections disables JWE decryption (i.e. all JWEs will be
unsupported/rejected)</li>
</ul>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/996">Issue
996</a>.</p>
</li>
<li>
<p>Fixes <a href="https://redirect.github.com/jwtk/jjwt/issues/961">bug
961</a> where <code>JwtParserBuilder</code> nested collection builders
were not correctly replacing algorithms with the same id.</p>
</li>
<li>
<p>Ensures a <code>JwkSet</code>'s <code>keys</code> collection is no
longer entirely secret/redacted by default. This was an overzealous
default that was unnecessarily restrictive; the <code>keys</code>
collection itself should always be public, and each individual key
within should determine which fields should be redacted when printed.
See <a href="https://redirect.github.com/jwtk/jjwt/issues/976">Issue
976</a>.</p>
</li>
<li>
<p>Improves performance slightly by ensuring all <code>jjwt-api</code>
utility methods that create <code>*Builder</code> instances
(<code>Jwts.builder()</code>, <code>Jwts.parserBuilder()</code>,
<code>Jwks.builder()</code>, etc) no longer use reflection.</p>
<p>Instead,<code>static</code> factories are created via reflection only
once during initial <code>jjwt-api</code> classloading, and then
<code>*Builder</code>s are created via standard instantiation using the
<code>new</code> operator thereafter. This also benefits certain
environments that may not have ideal <code>ClassLoader</code>
implementations (e.g. Tomcat in some cases).</p>
<p><strong>NOTE: because this changes which classes are loaded via
reflection, any environments that must explicitly reference reflective
class names (e.g. GraalVM applications) will need to be updated to
reflect the new factory class names</strong>.</p>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/988">Issue
988</a>.</p>
</li>
<li>
<p>Upgrades the Gson dependency to <code>2.11.0</code></p>
</li>
<li>
<p>Upgrades the BouncyCastle dependency to <code>1.78.1</code></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jwtk/jjwt/commit/77aeda012c4e31b86fb66acf43a67775c6fa3142"><code>77aeda0</code></a>
[maven-release-plugin] prepare release 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/47d966f8e93734cf35fc19f5c1a9e5cc4abe624b"><code>47d966f</code></a>
Testing latest sonatype central publishing guidelines</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/22ca29fe8849b11d2793bfcf2825ef692f2c19b2"><code>22ca29f</code></a>
[maven-release-plugin] rollback the release of 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/0487f9b49f10f37b7ad5b4e664f3e9b9a25e4a1c"><code>0487f9b</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/4329125bac91880cb852983b1475465c30a1d819"><code>4329125</code></a>
[maven-release-plugin] prepare release 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/0ddc51421240a9832f38c9afd966429c6d1aeb19"><code>0ddc514</code></a>
- Ensured JJWT_RELEASE_VERSION placeholders reference 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9"><code>efed1cf</code></a>
Updated 0.12.7 change list</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8"><code>ca27b12</code></a>
Resolves <a
href="https://redirect.github.com/jwtk/jjwt/issues/1010">#1010</a> (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1011">#1011</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478"><code>55c7b9a</code></a>
Resolves <a
href="https://redirect.github.com/jwtk/jjwt/issues/771">#771</a> (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1009">#1009</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e"><code>6e9c6a5</code></a>
Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1008">#1008</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7">compare
view</a></li>
</ul>
</details>
<br />

Updates `io.jsonwebtoken:jjwt-impl` from 0.12.6 to 0.12.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/releases">io.jsonwebtoken:jjwt-impl's
releases</a>.</em></p>
<blockquote>
<h2>0.12.7</h2>
<p>This patch release:</p>
<ul>
<li>
<p>Adds a new Maven BOM! This is useful for multi-module projects. See
<a href="https://redirect.github.com/jwtk/jjwt/issues/967">Issue
967</a>.</p>
</li>
<li>
<p>Allows the <code>JwtParserBuilder</code> to have empty nested
algorithm collections, effectively disabling the parser's associated
feature:</p>
<ul>
<li>Emptying the <code>zip()</code> nested collection disables JWT
decompression.</li>
<li>Emptying the <code>sig()</code> nested collection disables JWS
mac/signature verification (i.e. all JWSs will be
unsupported/rejected).</li>
<li>Emptying either the <code>enc()</code> or <code>key()</code> nested
collections disables JWE decryption (i.e. all JWEs will be
unsupported/rejected)</li>
</ul>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/996">Issue
996</a>.</p>
</li>
<li>
<p>Fixes <a href="https://redirect.github.com/jwtk/jjwt/issues/961">bug
961</a> where <code>JwtParserBuilder</code> nested collection builders
were not correctly replacing algorithms with the same id.</p>
</li>
<li>
<p>Ensures a <code>JwkSet</code>'s <code>keys</code> collection is no
longer entirely secret/redacted by default. This was an overzealous
default that was unnecessarily restrictive; the <code>keys</code>
collection itself should always be public, and each individual key
within should determine which fields should be redacted when printed.
See <a href="https://redirect.github.com/jwtk/jjwt/issues/976">Issue
976</a>.</p>
</li>
<li>
<p>Improves performance slightly by ensuring all <code>jjwt-api</code>
utility methods that create <code>*Builder</code> instances
(<code>Jwts.builder()</code>, <code>Jwts.parserBuilder()</code>,
<code>Jwks.builder()</code>, etc) no longer use reflection.</p>
<p>Instead,<code>static</code> factories are created via reflection only
once during initial <code>jjwt-api</code> classloading, and then
<code>*Builder</code>s are created via standard instantiation using the
<code>new</code> operator thereafter. This also benefits certain
environments that may not have ideal <code>ClassLoader</code>
implementations (e.g. Tomcat in some cases).</p>
<p><strong>NOTE: because this changes which classes are loaded via
reflection, any environments that must explicitly reference reflective
class names (e.g. GraalVM applications) will need to be updated to
reflect the new factory class names</strong>.</p>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/988">Issue
988</a>.</p>
</li>
<li>
<p>Upgrades the Gson dependency to <code>2.11.0</code></p>
</li>
<li>
<p>Upgrades the BouncyCastle dependency to <code>1.78.1</code></p>
</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/sigpwned"><code>@​sigpwned</code></a>
made their first contribution in <a
href="https://redirect.github.com/jwtk/jjwt/pull/968">jwtk/jjwt#968</a></li>
<li><a
href="https://github.com/TheMrMilchmann"><code>@​TheMrMilchmann</code></a>
made their first contribution in <a
href="https://redirect.github.com/jwtk/jjwt/pull/979">jwtk/jjwt#979</a></li>
<li><a href="https://github.com/atanasg"><code>@​atanasg</code></a> made
their first contribution in <a
href="https://redirect.github.com/jwtk/jjwt/pull/974">jwtk/jjwt#974</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7">https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md">io.jsonwebtoken:jjwt-impl's
changelog</a>.</em></p>
<blockquote>
<h3>0.12.7</h3>
<p>This patch release:</p>
<ul>
<li>
<p>Adds a new Maven BOM, useful for multi-module projects. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/967">Issue
967</a>.</p>
</li>
<li>
<p>Allows the <code>JwtParserBuilder</code> to have empty nested
algorithm collections, effectively disabling the parser's associated
feature:</p>
<ul>
<li>Emptying the <code>zip()</code> nested collection disables JWT
decompression.</li>
<li>Emptying the <code>sig()</code> nested collection disables JWS
mac/signature verification (i.e. all JWSs will be
unsupported/rejected).</li>
<li>Emptying either the <code>enc()</code> or <code>key()</code> nested
collections disables JWE decryption (i.e. all JWEs will be
unsupported/rejected)</li>
</ul>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/996">Issue
996</a>.</p>
</li>
<li>
<p>Fixes <a href="https://redirect.github.com/jwtk/jjwt/issues/961">bug
961</a> where <code>JwtParserBuilder</code> nested collection builders
were not correctly replacing algorithms with the same id.</p>
</li>
<li>
<p>Ensures a <code>JwkSet</code>'s <code>keys</code> collection is no
longer entirely secret/redacted by default. This was an overzealous
default that was unnecessarily restrictive; the <code>keys</code>
collection itself should always be public, and each individual key
within should determine which fields should be redacted when printed.
See <a href="https://redirect.github.com/jwtk/jjwt/issues/976">Issue
976</a>.</p>
</li>
<li>
<p>Improves performance slightly by ensuring all <code>jjwt-api</code>
utility methods that create <code>*Builder</code> instances
(<code>Jwts.builder()</code>, <code>Jwts.parserBuilder()</code>,
<code>Jwks.builder()</code>, etc) no longer use reflection.</p>
<p>Instead,<code>static</code> factories are created via reflection only
once during initial <code>jjwt-api</code> classloading, and then
<code>*Builder</code>s are created via standard instantiation using the
<code>new</code> operator thereafter. This also benefits certain
environments that may not have ideal <code>ClassLoader</code>
implementations (e.g. Tomcat in some cases).</p>
<p><strong>NOTE: because this changes which classes are loaded via
reflection, any environments that must explicitly reference reflective
class names (e.g. GraalVM applications) will need to be updated to
reflect the new factory class names</strong>.</p>
<p>See <a href="https://redirect.github.com/jwtk/jjwt/issues/988">Issue
988</a>.</p>
</li>
<li>
<p>Upgrades the Gson dependency to <code>2.11.0</code></p>
</li>
<li>
<p>Upgrades the BouncyCastle dependency to <code>1.78.1</code></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jwtk/jjwt/commit/77aeda012c4e31b86fb66acf43a67775c6fa3142"><code>77aeda0</code></a>
[maven-release-plugin] prepare release 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/47d966f8e93734cf35fc19f5c1a9e5cc4abe624b"><code>47d966f</code></a>
Testing latest sonatype central publishing guidelines</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/22ca29fe8849b11d2793bfcf2825ef692f2c19b2"><code>22ca29f</code></a>
[maven-release-plugin] rollback the release of 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/0487f9b49f10f37b7ad5b4e664f3e9b9a25e4a1c"><code>0487f9b</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/4329125bac91880cb852983b1475465c30a1d819"><code>4329125</code></a>
[maven-release-plugin] prepare release 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/0ddc51421240a9832f38c9afd966429c6d1aeb19"><code>0ddc514</code></a>
- Ensured JJWT_RELEASE_VERSION placeholders reference 0.12.7</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/efed1cf56f9b9715e60eaac7fda6b2c4b62410b9"><code>efed1cf</code></a>
Updated 0.12.7 change list</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/ca27b122b7f44f3bdd4cd4f636d084f38cc3b3c8"><code>ca27b12</code></a>
Resolves <a
href="https://redirect.github.com/jwtk/jjwt/issues/1010">#1010</a> (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1011">#1011</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/55c7b9adef88328f59534f232060830c34f25478"><code>55c7b9a</code></a>
Resolves <a
href="https://redirect.github.com/jwtk/jjwt/issues/771">#771</a> (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1009">#1009</a>)</li>
<li><a
href="https://github.com/jwtk/jjwt/commit/6e9c6a5a825c5ec38f90006f48cc1f8640a6d82e"><code>6e9c6a5</code></a>
Bump org.bouncycastle:bcpkix-jdk18on from 1.78 to 1.78.1 (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1008">#1008</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/jwtk/jjwt/compare/0.12.6...0.12.7">compare
view</a></li>
</ul>
</details>
<br />

Updates `io.jsonwebtoken:jjwt-jackson` from 0.12.6 to 0.12.7


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-20 15:34:11 +01:00
Dario Ghunney WareGitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>LudyEthanHealy01EthanAnthony Stirling
6699facc24 JWT Authentication (#3921)
This PR introduces JWT (JSON Web Token) authentication for Stirling-PDF,
allowing for stateless authentication capabilities alongside the
existing session-based authentication system.

### Key Features & Changes

  JWT Authentication System
- Core Service: JwtService.java - Token generation, validation, and
cookie management
- Authentication Filter: JwtAuthenticationFilter.java - Request
interceptor for JWT validation
- Key Management: KeyPersistenceService.java +
KeyPairCleanupService.java - RSA key rotation and persistence
  - Frontend: jwt-init.js - Client-side JWT handling and URL cleanup

  Security Integration
- SAML2: JwtSaml2AuthenticationRequestRepository.java - JWT-backed SAML
request storage
- OAuth2: Updated CustomAuthenticationSuccessHandler. java,
CustomOAuth2AuthenticationSuccessHandler.java &
CustomSaml2AuthenticationSuccessHandler.java for JWT integration
- Configuration: Enhanced SecurityConfiguration.java with JWT filter
chain

  Infrastructure
  - Caching: CacheConfig.java - Caffeine cache for JWT keys
  - Database: New JwtVerificationKey.java entity for key storage
- Error Handling: JwtAuthenticationEntryPoint.java for unauthorized
access

### Challenges Encountered

- Configured SecurityConfiguration to use either
`UsernamePasswordAuthenticationFilter` or `JWTAuthenticationFilter`
based on whether JWTs are enabled to prevent the former intercepting
requests while in stateless mode.
- Removed the `.defaultSuccessUrl("/")` from login configuration as its
inclusion was preventing overriding the use of the
`CustomAuthenticationSuccessHandler` and preventing proper
authentication flows.
---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [x] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [x] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [x] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [x] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
<img width="599" height="515" alt="Screenshot 2025-07-10 at 13 35 56"
src="https://github.com/user-attachments/assets/4126b752-ad0d-4ffa-b295-6714c43381e1"
/>

<img width="392" height="376" alt="Screenshot 2025-07-10 at 13 36 10"
src="https://github.com/user-attachments/assets/c681bc43-68ff-4934-8245-d544e2ad7b9c"
/>

<img width="1870" height="986" alt="eb750e8c3954fc47b2dd2e6e76ddb7d5"
src="https://github.com/user-attachments/assets/fca9b23d-b0b6-4884-8a26-98a441b641ef"
/>

<img width="1299" height="702" alt="Screenshot 2025-07-10 at 13 30 57"
src="https://github.com/user-attachments/assets/9415d8bf-fac4-4d38-8c3a-985d043d1076"
/>

### Testing (if applicable)

- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludy <[email protected]>
Co-authored-by: EthanHealy01 <[email protected]>
Co-authored-by: Ethan <[email protected]>
Co-authored-by: Anthony Stirling <[email protected]>
2025-08-11 12:27:42 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
63b64b5dc5 build(deps): bump io.swagger.core.v3:swagger-core-jakarta from 2.2.34 to 2.2.35 (#4117)
Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.34 to 2.2.35.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.swagger.core.v3:swagger-core-jakarta&package-manager=gradle&previous-version=2.2.34&new-version=2.2.35)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-05 16:18:25 +01:00
LudyandGitHub 9e0f6dd2e1 style(spotless): centralize and expand formatting config in root build.gradle (#4098)
# Description of Changes

- Removed redundant `spotless` configurations from `app/common`,
`app/core`, and `app/proprietary` modules.
- Consolidated all formatting logic into the root `build.gradle` file.
- Extended Spotless support to include:
  - YAML files (`*.yml`, `*.yaml`)
  - Gradle scripts (`*.gradle`, including nested `app/**/*.gradle`)
- Updated `googleJavaFormatVersion` from `1.27.0` to `1.28.0`.

This change improves maintainability by enforcing consistent formatting
across all modules from a single location. Additionally, it ensures
formatting is applied to Gradle and YAML files, which were previously
unformatted.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-08-02 23:14:03 +01:00
LudyandGitHub a5d219ed05 chore(pre-commit): enable test source formatting and build validation on push to main (#4067)
# Description of Changes

This PR improves the pre-commit workflow and formatting configuration to
enforce consistency and catch issues earlier in CI:

- **Pre-commit workflow (`pre_commit.yml`)**:
- Trigger now runs on `push` to `main` (previously scheduled weekly
only).
- Adds a `gradlew clean build` step to ensure the codebase compiles as
part of the pre-commit validation.
- Configures Java 17 using the Temurin distribution via
`actions/setup-java`.

- **.pre-commit-config.yaml**:
  - Updated `ruff` to version `v0.12.7` (from `v0.12.0`).
  - Updated `gitleaks` to `v8.28.0` (from `v8.27.2`).

- **Spotless configuration**:
- Added formatting for `test` sources across all Gradle modules
(`common`, `core`, `proprietary`, `stirling-pdf`).
- Ensures that test code follows the same formatting rules as production
code.

These changes help improve early feedback in development and CI by
integrating linting, formatting, and build checks directly into the
workflow on code pushes.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-08-01 17:21:28 +01:00
LudyandGitHub 299d52c517 refactor: move modules under app/ directory and update file paths (#3938)
# Description of Changes

- **What was changed:**  
- Renamed top-level directories: `stirling-pdf` → `app/core`, `common` →
`app/common`, `proprietary` → `app/proprietary`.
- Updated all path references in `.gitattributes`, GitHub workflows
(`.github/workflows/*`), scripts (`.github/scripts/*`), `.gitignore`,
Dockerfiles, license files, and template settings to reflect the new
structure.
- Added a new CI job `check-generateOpenApiDocs` to generate and upload
OpenAPI documentation.
- Removed redundant `@Autowired` annotations from `TempFileShutdownHook`
and `UnlockPDFFormsController`.
- Minor formatting and comment adjustments in YAML templates and
resource files.

- **Why the change was made:**  
- To introduce a clear `app/` directory hierarchy for core, common, and
proprietary modules, improving organization and maintainability.
- To ensure continuous integration and Docker builds continue to work
seamlessly with the reorganized structure.
- To automate OpenAPI documentation generation as part of the CI
pipeline.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-07-14 20:53:11 +01:00