refactor(common, core, proprietary): migrate boxed Booleans to primitive booleans and adopt is* accessors to reduce null checks/NPE risk (#4153)

# Description of Changes

**What was changed**
- Switched multiple nullable `Boolean` fields to primitive `boolean` in
`ApplicationProperties`:
  - `Security.enableLogin`, `Security.csrfDisabled`
- `System.googlevisibility`, `System.showUpdateOnlyAdmin`,
`System.enableAlphaFunctionality`, `System.disableSanitize`,
`System.enableUrlToPDF`
  - `Metrics.enabled`
- Updated all consumers to use Lombok’s `is*` accessors instead of
`get*`:
- `AppConfig`, `PostHogService`, `CustomHtmlSanitizer`,
`EndpointConfiguration`, `InitialSetup`, `OpenApiConfig`,
`ConvertWebsiteToPDF`, `HomeWebController`, `MetricsController`,
proprietary `SecurityConfiguration`, `AccountWebController`
- Tests adjusted to mock `isDisableSanitize()` instead of
`getDisableSanitize()`
- Logic simplifications:
- Removed redundant null-handling/ternaries now that primitives have
defaults (e.g., `enableAlphaFunctionality` bean)
  - Replaced `Boolean.TRUE.equals(...)` with direct primitive checks
  - Used constant-first `equals` for NPE safety in string comparisons

**Why the change was made**
- Primitive booleans eliminate ambiguity, cut down on
`NullPointerException` risks, and simplify conditions
- Aligns with Java/Lombok conventions (`isX()` for `boolean`) for
clearer, more consistent APIs
- Spring provides sane defaults for missing booleans (`false`), reducing
boilerplate and cognitive load

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java

@@ -475,7 +475,7 @@ public class EndpointConfiguration {
             disableGroup("enterprise");
         }
 
-        if (!applicationProperties.getSystem().getEnableUrlToPDF()) {
+        if (!applicationProperties.getSystem().isEnableUrlToPDF()) {
             disableEndpoint("url-to-pdf");
         }
     }

app/core/src/main/java/stirling/software/SPDF/config/InitialSetup.java

@@ -61,11 +61,9 @@ public class InitialSetup {
     public void initEnableCSRFSecurity() throws IOException {
         if (GeneralUtils.isVersionHigher(
                 "0.46.0", applicationProperties.getAutomaticallyGenerated().getAppVersion())) {
-            Boolean csrf = applicationProperties.getSecurity().getCsrfDisabled();
+            boolean csrf = applicationProperties.getSecurity().isCsrfDisabled();
             if (!csrf) {
-                GeneralUtils.saveKeyToSettings("security.csrfDisabled", false);
                 GeneralUtils.saveKeyToSettings("system.enableAnalytics", true);
-                applicationProperties.getSecurity().setCsrfDisabled(false);
             }
         }
     }

app/core/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java

@@ -50,7 +50,7 @@ public class OpenApiConfig {
                                         .url("https://www.stirlingpdf.com")
                                         .email("contact@stirlingpdf.com"))
                         .description(DEFAULT_DESCRIPTION);
-        if (!applicationProperties.getSecurity().getEnableLogin()) {
+        if (!applicationProperties.getSecurity().isEnableLogin()) {
             return new OpenAPI().components(new Components()).info(info);
         } else {
             SecurityScheme apiKeyScheme =

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertWebsiteToPDF.java

@@ -71,7 +71,7 @@ public class ConvertWebsiteToPDF {
         URI location = null;
         HttpStatus status = HttpStatus.SEE_OTHER;
 
-        if (!applicationProperties.getSystem().getEnableUrlToPDF()) {
+        if (!applicationProperties.getSystem().isEnableUrlToPDF()) {
             location =
                     uriComponentsBuilder
                             .queryParam("error", "error.endpointDisabled")

app/core/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java

@@ -84,8 +84,8 @@ public class HomeWebController {
     @ResponseBody
     @Hidden
     public String getRobotsTxt() {
-        Boolean allowGoogle = applicationProperties.getSystem().getGooglevisibility();
-        if (Boolean.TRUE.equals(allowGoogle)) {
+        boolean allowGoogle = applicationProperties.getSystem().isGooglevisibility();
+        if (allowGoogle) {
             return "User-agent: Googlebot\nAllow: /\n\nUser-agent: *\nAllow: /";
         } else {
             return "User-agent: Googlebot\nDisallow: /\n\nUser-agent: *\nDisallow: /";

app/core/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java

@@ -42,9 +42,7 @@ public class MetricsController {
 
     @PostConstruct
     public void init() {
-        Boolean metricsEnabled = applicationProperties.getMetrics().getEnabled();
-        if (metricsEnabled == null) metricsEnabled = true;
-        this.metricsEnabled = metricsEnabled;
+        metricsEnabled = applicationProperties.getMetrics().isEnabled();
     }
 
     @GetMapping("/status")

app/core/src/test/java/stirling/software/SPDF/controller/web/HomeWebControllerTest.java

@@ -119,7 +119,7 @@ class HomeWebControllerTest {
         @Test
         @DisplayName("googlevisibility=true -> allow all agents")
         void robots_allow() throws Exception {
-            when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(Boolean.TRUE);
+            when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(true);
 
             mockMvc.perform(get("/robots.txt"))
                     .andExpect(status().isOk())
@@ -136,7 +136,7 @@ class HomeWebControllerTest {
         @Test
         @DisplayName("googlevisibility=false -> disallow all agents")
         void robots_disallow() throws Exception {
-            when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(Boolean.FALSE);
+            when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(false);
 
             mockMvc.perform(get("/robots.txt"))
                     .andExpect(status().isOk())
@@ -151,9 +151,9 @@ class HomeWebControllerTest {
         }
 
         @Test
-        @DisplayName("googlevisibility=null -> disallow all (default branch)")
-        void robots_disallowWhenNull() throws Exception {
-            when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(null);
+        @DisplayName("googlevisibility not set (default false) -> disallow all")
+        void robots_disallowWhenNotSet() throws Exception {
+            when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(false);
 
             mockMvc.perform(get("/robots.txt"))
                     .andExpect(status().isOk())