This fixes a failing unit test on macOS.
`ApplicationPropertiesLogicTest.tempFileManagement_defaults_and_overrides()`
has 4 asserts that will fail with this error on macOS:
```
org.opentest4j.AssertionFailedError: expected: </var/folders/6d/12xt4b4m8xjf3t0059_w18bh0000gn/T/stirling-pdf> but was: </var/folders/6d/12xt4b4m8xjf3t0059_w18bh0000gn/T//stirling-pdf>
at app//org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151)
at app//org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132)
at app//org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:197)
at app//org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:182)
at app//org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:177)
at app//org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:1145)
at app//stirling.software.common.model.ApplicationPropertiesLogicTest.tempFileManagement_defaults_and_overrides(ApplicationPropertiesLogicTest.java:40)
at java.base@24.0.2/java.lang.reflect.Method.invoke(Method.java:565)
at java.base@24.0.2/java.util.ArrayList.forEach(ArrayList.java:1604)
at java.base@24.0.2/java.util.ArrayList.forEach(ArrayList.java:1604)
```
Note the double `/` in the actual path here: `/T//stirling-pdf`.
# Description of Changes
The fix creates a lambda:
```
Function<String, String> normalize = s ->Paths.get(s).normalize().toString();
```
and applies it in all 4 broken tests.
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
Bumps
[jakarta.mail:jakarta.mail-api](https://github.com/jakartaee/mail-api)
from 2.1.3 to 2.1.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0d13f04450"><code>0d13f04</code></a>
Prepare release jakarta.mail:jakarta.mail-api:2.1.4</li>
<li><a
href="958fb97ab1"><code>958fb97</code></a>
services/jakarta.mail.Provider override not working <a
href="https://redirect.github.com/jakartaee/mail-api/issues/777">#777</a>
(<a
href="https://redirect.github.com/jakartaee/mail-api/issues/779">#779</a>)</li>
<li><a
href="3446c94241"><code>3446c94</code></a>
services/jakarta.mail.Provider override not working <a
href="https://redirect.github.com/jakartaee/mail-api/issues/170">#170</a>
(<a
href="https://redirect.github.com/jakartaee/mail-api/issues/778">#778</a>)</li>
<li><a
href="892fae4ac7"><code>892fae4</code></a>
Multipart performs blocking call in every instantiation <a
href="https://redirect.github.com/jakartaee/mail-api/issues/699">#699</a>
(<a
href="https://redirect.github.com/jakartaee/mail-api/issues/716">#716</a>)</li>
<li><a
href="666ec999d8"><code>666ec99</code></a>
Bump rexml from 3.2.8 to 3.3.6 in /www</li>
<li><a
href="8eddc342b1"><code>8eddc34</code></a>
Bump rexml from 3.2.5 to 3.2.8 in /www</li>
<li><a
href="1259b86a8c"><code>1259b86</code></a>
Bump nokogiri from 1.16.2 to 1.16.5 in /www</li>
<li><a
href="bf2bfc18c0"><code>bf2bfc1</code></a>
Update README.md</li>
<li><a
href="038fa7038a"><code>038fa70</code></a>
Prepare next development cycle for 2.1.4-SNAPSHOT</li>
<li><a
href="1e52027546"><code>1e52027</code></a>
Prepare release jakarta.mail:jakarta.mail-api:2.1.3</li>
<li>See full diff in <a
href="https://github.com/jakartaee/mail-api/compare/2.1.3...2.1.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# Description of Changes
- **What was changed**
- Reworked `ConvertOfficeController` to use a dedicated temporary
working directory per request and cleaned up with directory-level
deletion.
- Added detection for converter availability via `EndpointConfiguration`
to choose between **unoconvert** and a **soffice** headless fallback.
- Ensured safe filename handling (sanitization, extension checks,
lowercase normalization) and early validation errors for missing/invalid
filenames.
- Switched raw temp file writes to `Files.copy` / `Files.writeString`
with `StandardCopyOption.REPLACE_EXISTING`.
- Implemented robust output handling:
- Verified non-zero exit codes and null results.
- Checked for missing/empty PDF outputs.
- Added fallback lookup for any produced `.pdf` within the work
directory if the expected name is not present.
- Introduced `@Slf4j` logging; improved error and cleanup logging.
- Replaced ad-hoc temp cleanup with `FileUtils.deleteDirectory` for full
working-dir removal.
- Minor imports/cleanup: removed unused `Arrays`, added
`StandardCopyOption`, `FileUtils`, and related imports.
- **Why the change was made**
- Increase conversion reliability across environments where either
unoconvert or soffice may be available.
- Harden security and stability through strict input validation and
sanitized HTML processing.
- Prevent orphaned files/directories and ensure consistent cleanup to
reduce disk footprint and operational issues.
- Provide clearer operational signals (logging, explicit exceptions) for
easier troubleshooting.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
# Description of Changes
- **What was changed**
- Added a Spring `@InitBinder` in `StampController` that registers a
`PropertyEditorSupport` for `MultipartFile` to safely handle text inputs
by setting the value to `null`.
- Replaced multiple `switch` statements with modern Java **switch
expressions**:
- Margin selection (`customMargin`) now uses a concise expression.
- Font selection (`alphabet` → font resource path) rewritten as an
expression.
- Position calculations (`calculatePositionX` / `calculatePositionY`)
now return via switch expressions with `yield`.
- Minor readability and maintainability improvements without changing
public API or behavior (besides the binding fix).
- **Why the change was made**
- The `@InitBinder` prevents conversion/binding issues when Spring
attempts to map string form fields to `MultipartFile`, which could cause
exceptions or unexpected behavior in multipart/form-data requests.
- Using switch expressions reduces boilerplate, clarifies intent, and
makes the control flow safer and more maintainable.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
### Description of Changes
This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:
#### **1. Synchronization of Translation Files**
- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.
#### **2. Update README.md**
- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.
#### **Why these changes are necessary**
- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.
---
Auto-generated by [create-pull-request][1].
[1]: https://github.com/peter-evans/create-pull-request
---------
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
# Description of Changes
- **What was changed**
- **URL to PDF flow**
- Changed `ConvertWebsiteToPDF#urlToPdf` to return `ResponseEntity<?>`
and perform a redirect (`303 SEE_OTHER`) back to `/url-to-pdf` with an
`error` query param instead of throwing exceptions.
- Added alert rendering in `url-to-pdf.html` using `param.error` for
localized error display.
- Introduced new translation key `error.invalidUrlFormat` in
`messages_en_GB.properties`.
- **Security / SSRF**
- Migrated `ApplicationProperties.System.UrlSecurity.level` from
`String` to `SsrfProtectionLevel` enum.
- Default now set to `SsrfProtectionLevel.MEDIUM` (`// MAX, MEDIUM,
OFF`).
- This avoids the issue where setting `OFF` returned `false` in
configuration parsing.
- Updated `SsrfProtectionService#parseProtectionLevel` accordingly
(using `level.name()`).
- **Repo hygiene**
- Added `**/LOCAL_APPDATA_FONTCONFIG_CACHE/**` to `.gitignore`.
- **Why the change was made**
- Provide user-friendly, localized error messages instead of exposing
internal exceptions on URL-to-PDF conversions.
- Ensure SSRF protection level parsing is type-safe and consistent—`OFF`
can now be set without yielding a misleading `false` state.
- Prevent unwanted fontconfig cache files from being tracked in Git.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
### Description of Changes
This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:
#### **1. Synchronization of Translation Files**
- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.
#### **2. Update README.md**
- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.
#### **Why these changes are necessary**
- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.
---
Auto-generated by [create-pull-request][1].
[1]: https://github.com/peter-evans/create-pull-request
---------
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
## Summary
- add optional flag to include PDF annotations when converting to images
- expose annotation option via API model and UI checkbox
- add translation for annotation option
## Testing
- `./gradlew spotlessApply`
- `./gradlew build`
------
https://chatgpt.com/codex/tasks/task_b_68b7fa1d5a1c83288342244a0ec85e9d
Bumps
[org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi)
from 2.8.11 to 2.8.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's
releases</a>.</em></p>
<blockquote>
<h2>springdoc-openapi v2.8.12 released!</h2>
<h3>Changed</h3>
<ul>
<li>Upgrade swagger-ui to v5.28.0</li>
<li>Upgrade commons-lang3 to v3.18.0</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3073">#3073</a>
- Duplicate key class Parameter when documenting two GET methods with
same path and PathVariable.</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3071">#3071</a>
- <a
href="https://github.com/io"><code>@io</code></a>.swagger.v3.oas.annotations.parameters.RequestBody
does not work well with <a
href="https://github.com/RequestPart"><code>@RequestPart</code></a></li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3066">#3066</a>
- Parameter is now required after upgrading to springdoc-openapi
2.8.10</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.11...v2.8.12">https://github.com/springdoc/springdoc-openapi/compare/v2.8.11...v2.8.12</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's
changelog</a>.</em></p>
<blockquote>
<h2>[2.8.12] - 2025-09-01</h2>
<h3>Changed</h3>
<ul>
<li>Upgrade swagger-ui to v5.28.0</li>
<li>Upgrade commons-lang3 to v3.18.0</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3073">#3073</a>
- Duplicate key class Parameter when documenting two GET methods with
same path and PathVariable.</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3071">#3071</a>
- <a
href="https://github.com/io"><code>@io</code></a>.swagger.v3.oas.annotations.parameters.RequestBody
does not work well with <a
href="https://github.com/RequestPart"><code>@RequestPart</code></a></li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3066">#3066</a>
- Parameter is now required after upgrading to springdoc-openapi
2.8.10</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="493cc68492"><code>493cc68</code></a>
[maven-release-plugin] prepare release v2.8.12</li>
<li><a
href="8ef9eb8199"><code>8ef9eb8</code></a>
CHANGELOG.md update</li>
<li><a
href="bc4ba682eb"><code>bc4ba68</code></a>
upgrade commons-lang3 to v3.18.0</li>
<li><a
href="8741823941"><code>8741823</code></a>
upgrade swagger-ui to v5.28.0</li>
<li><a
href="8d85e0e445"><code>8d85e0e</code></a>
Duplicate key class Parameter when documenting two GET methods with same
path...</li>
<li><a
href="4d505d62dd"><code>4d505d6</code></a>
<a
href="https://github.com/io"><code>@io</code></a>.swagger.v3.oas.annotations.parameters.RequestBody
does not work well with...</li>
<li><a
href="3190ae2c7f"><code>3190ae2</code></a>
Parameter is now required after upgrading to springdoc-openapi 2.8.10.
Fixes ...</li>
<li><a
href="74dcd4f845"><code>74dcd4f</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>See full diff in <a
href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.11...v2.8.12">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `jwtVersion` from 0.12.7 to 0.13.0.
Updates `io.jsonwebtoken:jjwt-api` from 0.12.7 to 0.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/releases">io.jsonwebtoken:jjwt-api's
releases</a>.</em></p>
<blockquote>
<h2>0.13.0</h2>
<p><strong>This is the last minor JJWT release branch that will support
Java 7</strong>.</p>
<p>Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
<a
href="https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8">Java
8 compatible changes</a>, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<h2>What's Changed</h2>
<p>This release contains a single change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map<String, Class<?>> claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims type converter on their own specified <code>ObjectMapper</code>
instance. Thank you to <a
href="https://github.com/kesrishubham2510"><code>@kesrishubham2510</code></a>
for PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md">io.jsonwebtoken:jjwt-api's
changelog</a>.</em></p>
<blockquote>
<h3>0.13.0</h3>
<p>This is the last minor JJWT release branch that will support Java 7.
Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
Java 8 compatible changes, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<p>This <code>0.13.0</code> minor release has only one change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map<String, Class<?>> claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims
type converter on their own specified <code>ObjectMapper</code>
instance. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a757addce0"><code>a757add</code></a>
[maven-release-plugin] prepare release 0.13.0</li>
<li><a
href="e357463c59"><code>e357463</code></a>
Preparing for the 0.13.0 release.</li>
<li><a
href="b6f8cb82a9"><code>b6f8cb8</code></a>
Made constructor public to allow users their own objectMapper instance
(<a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>)</li>
<li><a
href="03f088a4eb"><code>03f088a</code></a>
Bumping development version to 0.13.0-SNAPSHOT (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1014">#1014</a>)</li>
<li><a
href="3f2697f854"><code>3f2697f</code></a>
Release 0.12.7 (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1012">#1012</a>)</li>
<li><a
href="a0a123e848"><code>a0a123e</code></a>
PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/917">#917</a></li>
<li>See full diff in <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `io.jsonwebtoken:jjwt-impl` from 0.12.7 to 0.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/releases">io.jsonwebtoken:jjwt-impl's
releases</a>.</em></p>
<blockquote>
<h2>0.13.0</h2>
<p><strong>This is the last minor JJWT release branch that will support
Java 7</strong>.</p>
<p>Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
<a
href="https://github.com/jwtk/jjwt/issues?q=is%3Aissue%20label%3Ajdk8">Java
8 compatible changes</a>, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<h2>What's Changed</h2>
<p>This release contains a single change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map<String, Class<?>> claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims type converter on their own specified <code>ObjectMapper</code>
instance. Thank you to <a
href="https://github.com/kesrishubham2510"><code>@kesrishubham2510</code></a>
for PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jwtk/jjwt/blob/master/CHANGELOG.md">io.jsonwebtoken:jjwt-impl's
changelog</a>.</em></p>
<blockquote>
<h3>0.13.0</h3>
<p>This is the last minor JJWT release branch that will support Java 7.
Any necessary emergency bug fixes will be fixed in subsequent
<code>0.13.x</code> patch releases, but all new development, including
Java 8 compatible changes, will be in the next minor
(<code>0.14.0</code>) release.</p>
<p><strong>All future JJWT major and minor versions (
<code>0.14.0</code> and later) will require Java 8 or
later.</strong></p>
<p>This <code>0.13.0</code> minor release has only one change:</p>
<ul>
<li>The previously private <code>JacksonDeserializer(ObjectMapper
objectMapper, Map<String, Class<?>> claimTypeMap)</code>
constructor is now <code>public</code> for those that want register a
claims
type converter on their own specified <code>ObjectMapper</code>
instance. See <a
href="https://redirect.github.com/jwtk/jjwt/issues/914">Issue
914</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a757addce0"><code>a757add</code></a>
[maven-release-plugin] prepare release 0.13.0</li>
<li><a
href="e357463c59"><code>e357463</code></a>
Preparing for the 0.13.0 release.</li>
<li><a
href="b6f8cb82a9"><code>b6f8cb8</code></a>
Made constructor public to allow users their own objectMapper instance
(<a
href="https://redirect.github.com/jwtk/jjwt/issues/972">#972</a>)</li>
<li><a
href="03f088a4eb"><code>03f088a</code></a>
Bumping development version to 0.13.0-SNAPSHOT (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1014">#1014</a>)</li>
<li><a
href="3f2697f854"><code>3f2697f</code></a>
Release 0.12.7 (<a
href="https://redirect.github.com/jwtk/jjwt/issues/1012">#1012</a>)</li>
<li><a
href="a0a123e848"><code>a0a123e</code></a>
PR <a
href="https://redirect.github.com/jwtk/jjwt/issues/917">#917</a></li>
<li>See full diff in <a
href="https://github.com/jwtk/jjwt/compare/0.12.7...0.13.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `io.jsonwebtoken:jjwt-jackson` from 0.12.7 to 0.13.0
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dario Ghunney Ware <dariogware@gmail.com>
# Description of Changes
- **What was changed**
- Centralized installation paths:
- Introduced `BACKUP_PATH`, `BACKUP_DB_PATH`, and
`BACKUP_PRIVATE_KEY_PATH` in `InstallationPathConfig`;
`getPrivateKeyPath()` now resolves to `backup/keys` and new
`getBackupPath()` returns `backup/db`.
- Removed old `PRIVATE_KEY_PATH` and switched all usages to the new
locations.
- Database service enhancements:
- `DatabaseService` now uses `InstallationPathConfig.getBackupPath()`
and includes a one-time migration to move existing backups from
`config/db/backup` to `config/backup/db` (**@Deprecated(since = "2.0.0",
forRemoval = true)**).
- Added `deleteAllBackups()` and `deleteLastBackup()` methods and
exposed them via a new Enterprise controller.
- New Enterprise-only API:
- Added `DatabaseControllerEnterprise` with:
- `DELETE /api/v1/database/deleteAll` — delete all backup files.
- `DELETE /api/v1/database/deleteLast` — delete the most recent backup.
- Endpoints gated by `@EnterpriseEndpoint` and
`@Conditional(H2SQLCondition.class)`.
- Key persistence adjustments:
- `KeyPersistenceService` now migrates keys from `config/db/keys` to
`config/backup/keys` on startup (**@Deprecated(since = "2.0.0",
forRemoval = true)**).
- Miscellaneous refactors/fixes:
- Switched driver resolution in `DatabaseConfig` to a switch expression.
- Corrected HTTP status usage to `HttpStatus.SEE_OTHER`.
- Removed constructor `runningEE` flag from `AccountWebController` and
replaced EE checks with `@EnterpriseEndpoint`.
- Minor test and annotation improvements (e.g., `@Deprecated(since =
"0.45.0")`, method references, equals order).
- **Why the change was made**
- To standardize and future-proof storage locations for both backups and
keys under a clear `config/backup` hierarchy.
- To give Enterprise admins first-class, safe cleanup endpoints for
managing backup retention without manual file operations.
- To reduce conditional logic in controllers and rely on declarative EE
gating.
- To improve maintainability and correctness (status codes, switch
expression, null-safety patterns).
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
# Description of Changes
- Refactored `isPrivateAddress` to improve detection of private and
local addresses for both IPv4 and IPv6.
- Added explicit handling for:
- IPv4-mapped IPv6 addresses
- IPv6 link-local, site-local, and unique local (fc00::/7) addresses
- Additional IPv4 private ranges such as link-local (169.254.0.0/16)
- Introduced `normalizeIpv4MappedAddress` to standardize IP checks in
cloud metadata detection.
- Replaced `switch` statement with modern `switch` expression for
cleaner control flow.
These changes were made to strengthen SSRF protection by covering more
address edge cases, especially in mixed IPv4/IPv6 environments.
This also improves detection of cloud metadata endpoints when accessed
via IPv4-mapped IPv6 addresses.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
# Description of Changes
Update and improve the zh-TW Traditional Chinese translation
Summary from GitHub Copilot:
> This pull request updates the Traditional Chinese localization file
`messages_zh_TW.properties` to improve translation accuracy and
consistency across the UI. The changes focus on refining update-related
strings, clarifying PDF tool descriptions, and localizing bookmark
editor actions.
>
> **Update & Upgrade Experience:**
> * Improved wording and localization for update notifications, modal
dialogs, update priority levels, and migration guide references to
better match native language conventions.
> * Refined enterprise edition feature descriptions, specifically
clarifying SSO login language for professional features.
> * Updated SSO login string for the login screen to use more natural
phrasing.
>
> **PDF Tool Descriptions:**
> * Enhanced descriptions for "Auto Split PDF" and "PDF to Single
Page/Image" tools, making instructions clearer and terminology more
consistent.
[[1]](diffhunk://#diff-b982180d8edd5c66aef4cfc826fe1cabeb4d22644359f2f749ce0bec4760b40aL809-R809)
[[2]](diffhunk://#diff-b982180d8edd5c66aef4cfc826fe1cabeb4d22644359f2f749ce0bec4760b40aL1111-R1118)
[[3]](diffhunk://#diff-b982180d8edd5c66aef4cfc826fe1cabeb4d22644359f2f749ce0bec4760b40aL1431-R1431)
>
> **Bookmark Editor Localization:**
> * Fully localized import/export actions and descriptions in the
bookmark editor, replacing English terms with accurate Chinese
equivalents.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [x] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
# Description of Changes
- **What was changed**
- Relocated and refactored unit tests:
- `TextFinderTest` and `RedactControllerTest` moved under
`app/core/src/test/...` to align with module structure.
- Expanded test coverage: whole-word vs. partial matches, complex
regexes (emails, SSNs, IPs, currency), international/accented
characters, multi-page documents, malformed PDFs, operator preservation,
color decoding, and performance assertions.
- **API adjustments in redaction flow**:
- `createTokensWithoutTargetText(...)` now accepts the `PDDocument`
alongside `PDPage` to properly manage resources/streams.
- Introduced/used `createPlaceholderWithFont(...)` to maintain text
width with explicit font context.
- **Bug fix in `TextFinder`**:
- Early-return when the (trimmed) search term is empty to prevent
unnecessary processing and avoid false positives/errors.
- Minor cleanup (removed redundant `super()` call) and improved guard
logic around regex/whole-word wrapping.
- **Why the change was made**
- Improve reliability and determinism of PDF redaction and text finding
by exercising real-world patterns and edge cases.
- Ensure structural PDF operators (graphics/positioning) are preserved
during token filtering.
- Prevent crashes or misleading matches when users provide
empty/whitespace-only search terms.
- Align tests with the current project layout and increase
maintainability.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.35 to 2.2.36.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
