refactor(common, core, proprietary): migrate boxed Booleans to primitive booleans and adopt is* accessors to reduce null checks/NPE risk (#4153)

# Description of Changes

**What was changed**
- Switched multiple nullable `Boolean` fields to primitive `boolean` in
`ApplicationProperties`:
  - `Security.enableLogin`, `Security.csrfDisabled`
- `System.googlevisibility`, `System.showUpdateOnlyAdmin`,
`System.enableAlphaFunctionality`, `System.disableSanitize`,
`System.enableUrlToPDF`
  - `Metrics.enabled`
- Updated all consumers to use Lombok’s `is*` accessors instead of
`get*`:
- `AppConfig`, `PostHogService`, `CustomHtmlSanitizer`,
`EndpointConfiguration`, `InitialSetup`, `OpenApiConfig`,
`ConvertWebsiteToPDF`, `HomeWebController`, `MetricsController`,
proprietary `SecurityConfiguration`, `AccountWebController`
- Tests adjusted to mock `isDisableSanitize()` instead of
`getDisableSanitize()`
- Logic simplifications:
- Removed redundant null-handling/ternaries now that primitives have
defaults (e.g., `enableAlphaFunctionality` bean)
  - Replaced `Boolean.TRUE.equals(...)` with direct primitive checks
  - Used constant-first `equals` for NPE safety in string comparisons

**Why the change was made**
- Primitive booleans eliminate ambiguity, cut down on
`NullPointerException` risks, and simplify conditions
- Aligns with Java/Lombok conventions (`isX()` for `boolean`) for
clearer, more consistent APIs
- Spring provides sane defaults for missing booleans (`false`), reducing
boilerplate and cognitive load

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java

@@ -126,7 +126,7 @@ public class AccountWebController {
         SAML2 saml2 = securityProps.getSaml2();
 
         if (securityProps.isSaml2Active()
-                && applicationProperties.getSystem().getEnableAlphaFunctionality()
+                && applicationProperties.getSystem().isEnableAlphaFunctionality()
                 && applicationProperties.getPremium().isEnabled()) {
             String samlIdp = saml2.getProvider();
             String saml2AuthenticationPath = "/saml2/authenticate/" + saml2.getRegistrationId();

app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java

@@ -125,7 +125,7 @@ public class SecurityConfiguration {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        if (securityProperties.getCsrfDisabled() || !loginEnabledValue) {
+        if (securityProperties.isCsrfDisabled() || !loginEnabledValue) {
             http.csrf(CsrfConfigurer::disable);
         }
 
@@ -146,7 +146,7 @@ public class SecurityConfiguration {
                     .addFilterAfter(rateLimitingFilter(), UserAuthenticationFilter.class)
                     .addFilterAfter(firstLoginFilter, UsernamePasswordAuthenticationFilter.class);
 
-            if (!securityProperties.getCsrfDisabled()) {
+            if (!securityProperties.isCsrfDisabled()) {
                 CookieCsrfTokenRepository cookieRepo =
                         CookieCsrfTokenRepository.withHttpOnlyFalse();
                 CsrfTokenRequestAttributeHandler requestHandler =

app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java

@@ -27,7 +27,7 @@ class AppUpdateAuthService implements ShowAdminInterface {
         if (!showUpdate) {
             return showUpdate;
         }
-        boolean showUpdateOnlyAdmin = applicationProperties.getSystem().getShowUpdateOnlyAdmin();
+        boolean showUpdateOnlyAdmin = applicationProperties.getSystem().isShowUpdateOnlyAdmin();
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         if (authentication == null || !authentication.isAuthenticated()) {
             return !showUpdateOnlyAdmin;