Commit Graph
153 Commits
Author SHA1 Message Date
Anthony StirlingandGitHub 76840d8a57 Add CI DB migration smoke test against v2.0/v2.5/v2.10 updates (#6453) 2026-05-28 11:36:07 +01:00
ConnorYohandGitHub 43b67d213d feat(oauth2): opt-in claim-dump diagnostics for OIDC login failures (#6456)
# Description of Changes

## What & why

Customers using ADFS (or any generic OIDC provider that doesn't emit
`email`) hit `Attribute value for 'email' cannot be null` during OAuth2
login with no visibility into what claims the provider actually sent.
The only available remedy was guessing at
`security.oauth2.useAsUsername` until something worked.

This PR adds a new opt-in `security.oauth2.debugLogging` flag (default
`false`). When enabled, `CustomOAuth2UserService` logs:

- All ID token claims (sorted, with values)
- All UserInfo endpoint claims (if any)
- The merged attribute key set Spring exposes to `getAttribute()`
- The value the configured `useAsUsername` actually resolved to
- A **`Hint:`** line listing the claim keys present in the token that
map to a valid `UsernameAttribute` enum value — i.e. exactly what the
operator could put in `useAsUsername` to make login work

Logged at `INFO` on the success path and `ERROR` on failure (inside the
existing `catch (IllegalArgumentException)` block that throws
`OAuth2AuthenticationException`). The block is wrapped with a `[OAUTH2
DEBUG] ... [/OAUTH2 DEBUG]` banner and ends with a PII warning so
operators don't leave it on in production.

Default off → zero observable change for anyone not actively
troubleshooting.

## Files changed

| File | Why |
|---|---|
| `app/common/.../ApplicationProperties.java` | New `debugLogging` field
on the `OAUTH2` config class with javadoc warning about PII |
| `app/core/src/main/resources/settings.yml.template` | Documents
`oauth2.debugLogging` so it appears on next startup |
| `app/proprietary/.../security/service/CustomOAuth2UserService.java` |
Emits the claim dump + suggestion hint when the flag is on |
|
`app/proprietary/.../security/service/CustomOAuth2UserServiceDebugLoggingTest.java`
(new) | Unit test: mocks the OIDC delegate, asserts off-path is silent
and on-path emits the dump with the right Hint contents |

## End-to-end verification

Ran the bundled `testing/compose/docker-compose-keycloak-oauth.yml`
Keycloak realm, configured `security.oauth2.useAsUsername: mail`
(Keycloak emits `email`, not `mail`) and `provider: demarest` (matches
the original customer bug report). Triggered the OAuth flow at
`http://localhost:8080/oauth2/authorization/demarest` and confirmed:

- The ERROR-level dump fires with the full 19-claim ID token decoded
- `-- Value at 'mail' : <NULL — this is why login fails>` correctly
identifies the missing claim
- `-- Hint:` correctly suggests `[email, family_name, given_name,
preferred_username]` (the four keys present that map to valid
`UsernameAttribute` values)
- Auth still fails with the original `OAuth2AuthenticationException` —
no change to control flow, just added diagnostic logging

Unit test (`CustomOAuth2UserServiceDebugLoggingTest`) covers both
branches.

## Reviewer notes

- **No new public APIs.** The flag is config-only; no servlet endpoints
exposed.
- **PII is logged when the flag is on.** This is the whole point —
operators need to see the claims to fix their config — but it's gated,
defaults off, and the dump self-documents with a `WARNING: ... Set
security.oauth2.debugLogging=false once troubleshooting is complete.`
footer.
- **Why log everything, not just sub/email?** Because the operator
doesn't know in advance which claim they actually want. ADFS uses `upn`
in some configs and `preferred_username` in others; Azure AD uses `oid`;
the customer here had neither. Dumping the full set is the only way to
make the diagnostic self-service.
- **Out of scope for this PR (follow-ups):**
- The `UsernameAttribute` enum doesn't include `upn` / `unique_name`
(common ADFS claims). If the customer's token only has `upn`, the Hint
will be empty even though the operator can see `upn` in the dump. Worth
a separate PR to extend the enum.
- The known-provider validator in `Provider.java` (rejects e.g.
`useAsUsername: mail` for `provider: keycloak` at startup) bypasses our
diagnostic for those provider names. ADFS customers using `provider:
<name>` fall into the `default` branch so are not affected — but it's a
sharp edge worth documenting.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable) — N/A, backend-only change
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] Doc-repo update (if functionality has heavily changed) —
diagnostic flag is self-documenting via the `settings.yml.template`
comment and the in-log warning; happy to add a doc-repo entry if
reviewers want one
- [ ] Translation tags — N/A

### UI Changes (if applicable)

- [ ] N/A — backend-only

### Testing (if applicable)

- [x] Unit test added (`CustomOAuth2UserServiceDebugLoggingTest`)
covering on/off paths and Hint correctness
- [x] End-to-end verified locally against bundled Keycloak compose with
intentionally misconfigured `useAsUsername`
- [x] Full `:proprietary:test` suite passes
2026-05-27 13:01:51 +00:00
Anthony StirlingandGitHub d42b779644 Add server-side folders and files page UI (#6383) 2026-05-27 12:52:46 +01:00
9d081d1792 SaaS Consolidation (#6384)
Co-authored-by: ConnorYoh <[email protected]>
2026-05-21 16:05:35 +01:00
dependabot[bot]andGitHub ea91a35518 build(deps): bump org.postgresql:postgresql from 42.7.10 to 42.7.11 (#6375)
Signed-off-by: dependabot[bot] <[email protected]>
2026-05-20 14:17:36 +01:00
ece1bb6865 Feature/pdf to markdown agent (#6271)
Co-authored-by: James Brunton <[email protected]>
2026-05-14 16:20:45 +00:00
James BruntonandGitHub 672e81d286 Add ability for Stirling engine to reason across large documents (#6314)
# Description of Changes
Adds storage in the database for full document content alongside the RAG
content (and changes the service to `DocumentService` instead of
`RagService`). Then adds a generic capability that should be usable by
any agent (currently just used by the Question Agent) which allows the
agent to pull out the full contents of the doc, chunks it into various
sections that will fit in the context window, and then processes them in
parallel to create an intermediate result, and then processes the
intermediate result into a final answer. It will re-chunk as many times
as necessary to get the content small enough for the actual answer to be
analysed (I've tested on PDFs ~3500 pages long, which is well above the
context limit and requires maybe 3 rounds of compression to get an
answer).

The new full doc analysis stuff is heavier than the RAG lookup so both
remain. The agents should use RAG for targeted info and the chunked
reasoner for info that requires reading the full doc.
2026-05-14 13:19:38 +00:00
575684ee4b Add edit text support to stirling engine (#6245)
# Description of Changes
Hooks up the (alpha) PDF Editor backend to the AI engine Edit Agent via
an intermediary API which is easier for the agent to call. It suffers
from all the same issues that the PDF Editor does in actually editing
the text, but should also benefit from any fixes to that.

It also adds protection against the underlying tools misbehaving by
hanging, and fixes a hanging bug in the PDF Editor.

---------

Co-authored-by: EthanHealy01 <[email protected]>
2026-05-11 09:57:41 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
d8519a6517 build(deps): bump com.google.guava:guava from 33.5.0-jre to 33.6.0-jre (#6283)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2026-05-05 10:39:53 +01:00
51f5345151 Inform AI engine which endpoints are disabled on the backend (#6251)
# Description of Changes
Have the Java send a list of enabled endpoints to the AI engine so it
can intelligently respond to the user that the tool does exist but is
disabled on the server so it can't acutally run the operation, instead
of the current behaviour where it sends the API call back and then 503
errors because the execution fails when the URL is disabled.

<img width="380" height="208" alt="image"
src="https://github.com/user-attachments/assets/5842fb2e-2e55-45a5-8205-25515636daae"
/>

---------

Co-authored-by: EthanHealy01 <[email protected]>
2026-05-01 14:59:53 +00:00
James BruntonandGitHub 5541dd666c Flesh out RAG system (#6197)
# Description of Changes
Flesh out the RAG system and connect it to the PDF Question Agent so it
can respond to questions about PDFs of an extremely large size.

I'd expect lots more work will need to be done to finish off the RAG
system to really be what we need, but this should be a reasonable start
which will let us connect it to tools and have the ingestion mostly
handled automatically. I'm leaving file deletion and proper file ID
management to be done in a future PR. We also need to consider whether
all tools should retrieve content exclusively via RAG, or whether it's
beneficial to have tools sometimes fetch the direct content and other
times fetch it from RAG.

A diagram of the expected interaction is as follows:

```mermaid
sequenceDiagram
    autonumber
    actor U as User
    participant FE as Frontend<br/>(ChatPanel)
    participant J as Java<br/>(AiWorkflowService)
    participant O as Engine:<br/>OrchestratorAgent
    participant QA as Engine:<br/>PdfQuestionAgent
    participant RAG as Engine:<br/>RagService + SqliteVecStore
    participant V as VoyageAI<br/>(embeddings)
    participant L as LLM<br/>(Claude / etc.)

    U->>FE: types "Summarise this PDF"<br/>(PDF already uploaded)
    FE->>J: POST /api/v1/ai/orchestrate/stream<br/>multipart: fileInputs[], userMessage
    Note over J: ByteHashFileIdStrategy<br/>id = sha256(bytes)[:16]
    J->>O: POST /api/v1/orchestrator<br/>{ files:[{id,name}], userMessage }

    O->>L: route via fast model
    L-->>O: delegate_pdf_question
    O->>QA: PdfQuestionRequest

    loop for each file
        QA->>RAG: has_collection(file.id)
        RAG-->>QA: false
    end
    QA-->>O: NeedIngestResponse(files_to_ingest)
    O-->>J: { outcome:"need_ingest", filesToIngest:[...] }

    Note over J: onNeedIngest
    loop per file
        J->>J: PDFBox: extract page text
        J->>O: POST /api/v1/rag/documents<br/>(long-running timeout)
        O->>RAG: chunk + stage documents
        O->>V: embed_documents (batches of 256)
        V-->>O: embeddings
        O->>RAG: add_documents
        O-->>J: { chunks_indexed: N }
    end

    Note over J: retry with resumeWith=pdf_question
    J->>O: POST /api/v1/orchestrator
    Note over O: fast-path to PdfQuestionAgent

    O->>QA: PdfQuestionRequest
    Note over QA: build RagCapability<br/>pinned to file IDs
    QA->>L: run(prompt) with search_knowledge tool

    loop up to max_searches
        L->>QA: search_knowledge(query)
        QA->>V: embed_query
        V-->>QA: query vector
        QA->>RAG: search(vector, collections=[file.id])
        RAG-->>QA: top-k chunks
        QA-->>L: formatted chunks
    end

    Note over QA: once budget spent,<br/>prepare() hides the tool
    L-->>QA: PdfQuestionAnswerResponse
    QA-->>O: answer
    O-->>J: { outcome:"answer", answer, evidence }
    J-->>FE: SSE "result"
    FE->>U: assistant bubble
```
2026-05-01 14:11:54 +01:00
86774d556e Pdf comment agent (#6196)
Co-authored-by: James Brunton <[email protected]>
2026-05-01 10:19:38 +01:00
ConnorYohandGitHub 4e4918b91e fix(workflow): stop leaking peer share tokens from participant session API (#6241) 2026-04-28 17:36:20 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2ade011106 build(deps): bump com.bucket4j:bucket4j_jdk17-core from 8.17.0 to 8.18.0 (#6189)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-24 21:21:02 +01:00
James BruntonandGitHub 2a856fbc19 Allow chat history to be sent to AI engine (#6128)
# Description of Changes
Add an extra parameter to every agent to receive the conversation
history in addition to the current message. This will make it possible
to answer followup questions from the AI without needing to give full
context in your message.
2026-04-21 15:03:10 +00:00
e5767ed58b Change AI engine to execute tools in Java instead of on frontend (#6116)
# Description of Changes
Redesign AI engine so that it autogenerates the `tool_models.py` file
from the OpenAPI spec so the Python has access to the Java API
parameters and the full list of Java tools that it can run. CI ensures
that whenever someone modifies a tool endpoint that the AI enigne tool
models get updated as well (the dev gets told to run `task
engine:tool-models`).

There's loads of advantages to having the Java be the one that actually
executes the tools, rather than the frontend as it was previously set up
to theoretically use:
- The AI gets much better descriptions of the params from the API docs
- It'll be usable headless in the future so a Java daemon could run to
execute ops on files in a folder without the need for the UI to run
- The Java already has all the logic it needs to execute the tools 
- We don't need to parse the TypeScript to find the API (which is hard
because the TS wasn't designed to be computer-read to extract the API)

I've also hooked up the prototype frontend to ensure it's working
properly, and have built it in a way that all the tool names can be
translated properly, which was always an issue with previous prototypes
of this.

---------

Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: EthanHealy01 <[email protected]>
2026-04-20 15:57:11 +01:00
de8c483054 Feat/math validation agent (#6012)
Co-authored-by: James Brunton <[email protected]>
Co-authored-by: EthanHealy01 <[email protected]>
2026-04-17 10:36:45 +01:00
James BruntonandGitHub 688f7f2013 Add streaming to Engine orchestrator (#6094)
# Description of Changes
Adds a streaming endpoint to the Java AI orchestrator
(`/api/v1/ai/orchestrate/stream` in addition to the existing
`/api/v1/ai/orchestrate`). This allows the caller to get updates of what
stage of orchestration is being run at the time so UIs can give the user
feedback.

Also contains some dubious Gradle changes to suppress errors coming from
Spotless, when it crashes in Google stuff. I'm not sure if that's
appropriate to add, feel free to ask for changes in review.
2026-04-17 10:01:08 +01:00
Anthony StirlingandGitHub cc5a0b8def Cleanup work + stream endpoints to reduce memory usage (#6106) 2026-04-15 15:34:17 +01:00
James BruntonandGitHub b130242688 Add Java orchestrator to connect to the AI engine (#6003)
# Description of Changes
Add Java orchestration layer which can connect and go back and forth
with the AI engine to get results for the user. It's expected that the
AI engine will not be publicly available and this Java layer will always
be in front of it, to manage sessions and auth etc.
2026-04-09 08:04:38 +00:00
Anthony StirlingandGitHub 81dc90cd6d possible fix permission issues and fix thread timing issues (#6061)
# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-04-03 16:49:16 +01:00
Anthony StirlingandGitHub 3c48740c5e dep updates (#6058) 2026-04-03 13:24:41 +01:00
Anthony StirlingandGitHub c9a70f3754 removeffmpeg (#6053) 2026-04-02 17:40:02 +01:00
de9625942b Pipeline changes and version bump (#6047)
# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

---------

Co-authored-by: a <a>
2026-04-02 12:52:22 +01:00
Anthony StirlingandGitHub ecd1d3cad3 fix new line in redact (#6035) 2026-04-01 11:58:38 +01:00
Anthony StirlingandGitHub 82a3b8c770 Unlock account (#5984) 2026-03-30 16:07:57 +01:00
ConnorYohandGitHub dd44de349c Shared Sign Cert Validation (#5996)
## PR: Certificate Pre-Validation for Document Signing

### Problem

When a participant uploaded a certificate to sign a document, there was
no validation at submission time. If the certificate had the wrong
password, was expired, or was incompatible with the signing algorithm,
the error only surfaced during **finalization** — potentially days
later, after all other participants had signed. At that point the
session is stuck with no way to recover.

Additionally, `buildKeystore` in the finalization service only
recognised `"P12"` as a cert type, causing a `400 Invalid certificate
type: PKCS12` error when the **owner** signed using the standard
`PKCS12` identifier.

---

### What this PR does

#### Backend — Certificate pre-validation service

Adds `CertificateSubmissionValidator`, which validates a keystore before
it is stored by:
1. Loading the keystore with the provided password (catches wrong
password / corrupt file)
2. Checking the certificate's validity dates (catches expired and
not-yet-valid certs)
3. Test-signing a blank PDF using the same `PdfSigningService` code path
as finalization (catches algorithm incompatibilities)

This runs on both the participant submission endpoint
(`WorkflowParticipantController`) and the owner signing endpoint
(`SigningSessionController`), so both flows are protected.

#### Backend — Bug fix

`SigningFinalizationService.buildKeystore` now accepts `"PKCS12"` and
`"PFX"` as aliases for `"P12"`, consistent with how the validator
already handles them. This fixes a `400` error when the owner signed
using the `PKCS12` cert type.

#### Frontend — Real-time validation feedback

`ParticipantView` gains a debounced validation call (600ms) triggered
whenever the cert file or password changes. The UI shows:
- A spinner while validating
- Green "Certificate valid until [date] · [subject name]" on success
- Red error message on failure (wrong password, expired, not yet valid)
- The submit button is disabled while validation is in flight

#### Tests — Three layers

| Layer | File | Coverage |
|---|---|---|
| Service unit | `CertificateSubmissionValidatorTest` | 11 tests — valid
P12/JKS, wrong password, corrupt bytes, expired, not-yet-valid, signing
failure, cert type aliases |
| Controller unit | `WorkflowParticipantValidateCertificateTest` | 4
tests — valid cert, invalid cert, missing file, invalid token |
| Controller integration | `CertificateValidationIntegrationTest` | 6
tests — real `.p12`/`.jks` files through the full controller → validator
stack |
| Frontend E2E | `CertificateValidationE2E.spec.ts` | 7 Playwright tests
— all feedback states, button behaviour, SERVER type bypass |

#### CI

- **PR**: Playwright runs on chromium when frontend files change (~2-3
min)
- **Nightly / on-demand**: All three browsers (chromium, firefox,
webkit) at 2 AM UTC, also manually triggerable via `workflow_dispatch`
2026-03-27 14:01:10 +00:00
Anthony StirlingGitHubConnorYohConnor YohEthanHealy01Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
28613caf8a fileshare (#5414)
Co-authored-by: ConnorYoh <[email protected]>
Co-authored-by: Connor Yoh <[email protected]>
Co-authored-by: EthanHealy01 <[email protected]>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-03-25 11:00:40 +00:00
Anthony StirlingandGitHub 7b3985e34a FileReadiness (#5985) 2026-03-24 15:25:33 +00:00
ConnorYohandGitHub 081b1ec49e Invite-link-issues (#5983) 2026-03-23 19:35:41 +00:00
Anthony StirlingandGitHub 9e8606cab4 XSS for eml and others (#5967) 2026-03-20 11:55:23 +00:00
PandaManandGitHub 2b9f03237a Fix non-ASCII characters in headers being rejected (#5377) (#5699) 2026-03-17 19:23:18 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
a2b0d1122c build(deps): bump step-security/harden-runner from 2.14.0 to 2.15.1 (#5896)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2026-03-13 15:39:07 +00:00
0545c3f997 Cleanup-conversion-translations (#5906)
Co-authored-by: Anthony Stirling <[email protected]>
2026-03-12 20:23:13 +00:00
Anthony StirlingandGitHub 6c83da6417 Audit fixes and improvements (#5835) 2026-03-05 22:00:44 +00:00
Anthony StirlingandGitHub 0f7ee5c5b0 settings menu reworks (#5864) 2026-03-05 16:20:20 +00:00
fd1b7abc83 refactor(merge,split,json): adopt streaming approach and standardize types, address gradle warnings (#5803)
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: Balázs <[email protected]>
2026-03-02 21:55:07 +00:00
012bd1af92 hardening (#5807)
Co-authored-by: Claude Haiku 4.5 <[email protected]>
2026-03-02 13:56:39 +00:00
Anthony StirlingandGitHub 930d7a0df8 open-saml bumps (#5805) 2026-02-27 15:03:12 +00:00
Balázs SzücsandGitHub 7310b75ee6 chore(deps): update dependencies for security (#5813) 2026-02-27 10:10:40 +00:00
Anthony StirlingandGitHub 1bac8417af Harden shared signature endpoints (#5806) 2026-02-26 12:53:47 +00:00
1f9b90ad57 feat(docker): update base images to Java 25, Spring 4, Jackson 3, Gradle 9 and optimize JVM options (Project Lilliput) (#5725)
Co-authored-by: Anthony Stirling <[email protected]>
2026-02-24 20:06:32 +00:00
Anthony StirlingandGitHub 83169ed0f4 Move Forms location (#5769)
# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-02-20 22:35:35 +00:00
Anthony StirlingandGitHub 7959b3f2a4 licensere reTry (#5763)
# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-02-20 12:08:20 +00:00
Anthony StirlingandGitHub 558c75a2b1 JWT enhancements for desktop (#5742)
# Description of Changes

This is temporary solution which will be enhanced in future

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2026-02-16 21:57:42 +00:00
Balázs SzücsandGitHub e310493966 refactor(api): replace regex string literals with Pattern instances for improved performance and readability (#5680)
# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

---------

Signed-off-by: Balázs Szücs <[email protected]>
2026-02-14 21:01:19 +00:00
Balázs SzücsandGitHub 27bd34c29b feat(form-fill): FormFill tool with context and UI components for PDF form filling (#5711) 2026-02-13 15:10:48 +00:00
f9d2f36ab7 Bug fixing and debugs (#5704)
Co-authored-by: ConnorYoh <[email protected]>
2026-02-11 18:43:29 +00:00
James BruntonandGitHub 5df466266a Enhance SSO SAML in desktop app (#5705)
# Description of Changes
Change the SAML support for SSO to understand when a request is coming
from the desktop app, and use the alternate auth flow that the desktop
app requires.
2026-02-11 16:07:06 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6f217066a1 build(deps): bump org.postgresql:postgresql from 42.7.8 to 42.7.9 (#5554)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from
42.7.8 to 42.7.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/releases">org.postgresql:postgresql's
releases</a>.</em></p>
<blockquote>
<h2>v42.7.9</h2>
<h2>Changes</h2>
<ul>
<li>Added changelogs for version 42.7.9 <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3908">#3908</a>)</li>
<li>the classloader is nullable, and remove a space <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3907">#3907</a>)</li>
<li>fix: incorrect pg_stat_replication.reply_time calculation <a
href="https://github.com/atorik"><code>@​atorik</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3906">#3906</a>)</li>
<li>fix: issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3892">#3892</a>,
PGXAConnection.prepare(Xid) should return XA_RDONLY if the connection is
read only <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3897">#3897</a>)</li>
<li>fix badges for maven central and search paths. Sonatype has changed
the search paths <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3901">#3901</a>)</li>
<li>fix: make all Calendar instances proleptic Gregorian (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3837">#3837</a>)
<a
href="https://github.com/m-van-tilburg"><code>@​m-van-tilburg</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3887">#3887</a>)</li>
<li>test: add CI tests with Java 26 <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3893">#3893</a>)</li>
<li>perf: optimize PGInterval.getValue() by replacing String.format with
StringBuilder <a href="https://github.com/vlsi"><code>@​vlsi</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3866">#3866</a>)</li>
<li>use ssl_is_used() to check for ssl connection <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3867">#3867</a>)</li>
<li>Add PEMKeyManager to handle PEM based certs and keys. <a
href="https://github.com/harinath001"><code>@​harinath001</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3700">#3700</a>)</li>
<li>Comment and simplify the complex state machine logic in
QueryExecutorImpl <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3850">#3850</a>)</li>
<li>Revert &quot;fix: Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3784">#3784</a>
pgjdbc can't decode numeric arrays containing special numbers like
NaN&quot; <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3851">#3851</a>)</li>
<li>fix: Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3784">#3784</a>
pgjdbc can't decode numeric arrays containing special numbers like NaN
<a href="https://github.com/ShenFeng312"><code>@​ShenFeng312</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3838">#3838</a>)</li>
<li>Small simplication of locking patterns in QueryExecutorBase <a
href="https://github.com/Sanne"><code>@​Sanne</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3849">#3849</a>)</li>
<li>doc: update property quoteReturningIdentifiers default value <a
href="https://github.com/sodekim"><code>@​sodekim</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3847">#3847</a>)</li>
<li>feat: default query timeout property <a
href="https://github.com/cfredri4"><code>@​cfredri4</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3705">#3705</a>)</li>
<li>create action to deploy docs to <a
href="https://pgjdbc.github.io/">https://pgjdbc.github.io/</a> <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3819">#3819</a>)</li>
<li>fix homepage release note <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3817">#3817</a>)</li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>fix: close temporary lob descriptors that are used internally in
PreparedStatement#setBlob <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3903">#3903</a>)</li>
<li>fix: avoid memory leaks in Java &lt;= 21 caused by
Thread.inheritedAccessControlContext <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3886">#3886</a>)</li>
</ul>
<h2>📝 Documentation</h2>
<ul>
<li>doc: add the new PGP signing key to the official documentation <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3813">#3813</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>chore: remove unused com.github.spotbugs Gradle plugin dependency <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3868">#3868</a>)</li>
<li>chore: drop SpotBugs as we do not seem to use it <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3834">#3834</a>)</li>
<li>chore: bump version to 42.7.9 after 42.7.8 release <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3810">#3810</a>)</li>
</ul>
<h2>⬆️ Dependencies</h2>
<!-- raw HTML omitted -->
<ul>
<li>chore(deps): update actions/create-github-app-token digest to
29824e6 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3898">#3898</a>)</li>
<li>chore(deps): update actions/setup-java digest to c1e3236 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3899">#3899</a>)</li>
<li>chore(deps): update codecov/codecov-action digest to 671740a <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3900">#3900</a>)</li>
<li>fix(deps): update dependency org.junit:junit-bom to v5.14.1 -
autoclosed <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3884">#3884</a>)</li>
<li>fix(deps): update dependency org.apache.bcel:bcel to v6.11.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3883">#3883</a>)</li>
<li>fix(deps): update dependency org.mockito:mockito-bom to v5.20.0 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3885">#3885</a>)</li>
<li>fix(deps): update dependency net.bytebuddy:byte-buddy-parent to
v1.18.2 <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3882">#3882</a>)</li>
<li>chore(deps): update github/codeql-action digest to 497990d <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3881">#3881</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md">org.postgresql:postgresql's
changelog</a>.</em></p>
<blockquote>
<h2>[42.7.9] (2026-01-14)</h2>
<h3>Added</h3>
<ul>
<li>feat: query timeout property [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3705">#3705</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3705">pgjdbc/pgjdbc#3705</a>)</li>
<li>feat: Add PEMKeyManager to handle PEM based certs and keys [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3700">#3700</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3700">pgjdbc/pgjdbc#3700</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>perf: optimize PGInterval.getValue() by replacing String.format with
StringBuilder</li>
<li>doc: update property quoteReturningIdentifiers default value [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3847">#3847</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3847">pgjdbc/pgjdbc#3847</a>)</li>
<li>security: Use a static method forName to load all user supplied
classes. Use the Class.forName 3 parameter method and do not initilize
it unless it is a subclass of the expected class</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>fix: incorrect pg_stat_replication.reply_time calculation [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3906">#3906</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3906">pgjdbc/pgjdbc#3906</a>)</li>
<li>fix: close temporary lob descriptors that are used internally in
PreparedStatement#setBlob</li>
<li>fix: PGXAConnection.prepare(Xid) should return XA_RDONLY if the
connection is read only [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3897">#3897</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3897">pgjdbc/pgjdbc#3897</a>)</li>
<li>fix: make all Calendar instances proleptic Gregorian [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3837">#3837</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3887">pgjdbc/pgjdbc#3887</a>)</li>
<li>fix: Simplify concurrency guards on QueryExecutorBase#transaction
and QueryExecutorBase#standardConformingStrings [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3897">#3897</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3849">pgjdbc/pgjdbc#3849</a>)</li>
<li>fix: avoid memory leaks in Java &lt;= 21 caused by
Thread.inheritedAccessControlContext [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3886">#3886</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3886">pgjdbc/pgjdbc#3886</a>)</li>
<li>fix: Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3784">#3784</a>
pgjdbc can't decode numeric arrays containing special numbers like NaN
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3838">#3838</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3838">pgjdbc/pgjdbc#3838</a>)</li>
<li>fix: use ssl_is_used() to check for ssl connection [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3867">#3867</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3867">pgjdbc/pgjdbc#3867</a>)</li>
<li>fix: the classloader is nullable [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3907">#3907</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3907">pgjdbc/pgjdbc#3907</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/79b784e3a63def9d12088471334399a53016d880"><code>79b784e</code></a>
Added changelogs for version 42.7.9 (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3908">#3908</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/1c00ffc02be1570027b6510cbcd760b916227800"><code>1c00ffc</code></a>
doc: add the new PGP signing key to the official documentation</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/f774000c105ddb2971f50dc5cf51a2d20ee4c14a"><code>f774000</code></a>
chore(deps): update actions/create-github-app-token digest to
29824e6</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/27daf3b48b8b7d266ba680f59345f3723e2786d2"><code>27daf3b</code></a>
chore(deps): update actions/setup-java digest to c1e3236</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/6eb01ff6bcb7ba6d71c9363a29d7305911861946"><code>6eb01ff</code></a>
chore(deps): update codecov/codecov-action digest to 671740a</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/dbf1e57747709b560da16fdcec0ba9e927393516"><code>dbf1e57</code></a>
the classloader is nullable, and remove a space (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3907">#3907</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/6a20574f4c896b3f02d7f36d21ab1f3da15c3936"><code>6a20574</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/c07721af972eee4f10873b1a23b3811336454436"><code>c07721a</code></a>
fix: incorrect pg_stat_replication.reply_time calculation (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3906">#3906</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/83023f3c2ae98dc69df00a560dbbe386afafe3b1"><code>83023f3</code></a>
fix: close temporary lob descriptors that are used internally in
PreparedStat...</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/62c9805ef8606f3d38273ac69f64b14e936a0bfa"><code>62c9805</code></a>
fix: issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3892">#3892</a>,
PGXAConnection.prepare(Xid) should return XA_RDONLY if the ...</li>
<li>Additional commits viewable in <a
href="https://github.com/pgjdbc/pgjdbc/compare/REL42.7.8...REL42.7.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.postgresql:postgresql&package-manager=gradle&previous-version=42.7.8&new-version=42.7.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-06 10:43:40 +00:00