mirror of
https://github.com/Frooodle/Stirling-PDF.git
synced 2025-11-16 01:21:16 +01:00
b8891f65c8
61 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
30bc7207a2
|
build(deps): bump com.github.junrar:junrar from 7.5.5 to 7.5.7 (#4715)
Bumps [com.github.junrar:junrar](https://github.com/junrar/junrar) from 7.5.5 to 7.5.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/junrar/junrar/releases">com.github.junrar:junrar's releases</a>.</em></p> <blockquote> <h2>Release v7.5.7</h2> <h2>Changelog</h2> <h2>🛠 Build</h2> <ul> <li>fix failing version (<a href="https://github.com/junrar/junrar/commits/beccd50">beccd50</a>)</li> <li>fix failing version (<a href="https://github.com/junrar/junrar/commits/4ccf1d2">4ccf1d2</a>)</li> <li>use bump when computing snapshot version (<a href="https://github.com/junrar/junrar/commits/20e9105">20e9105</a>)</li> <li>use java 21 (<a href="https://github.com/junrar/junrar/commits/ae8bff6">ae8bff6</a>)</li> <li>remove java toolchains and use release flag instead (<a href="https://github.com/junrar/junrar/commits/0d99993">0d99993</a>), closes <a href="https://redirect.github.com/junrar/junrar/issues/218">#218</a></li> </ul> <h2>📝 Documentation</h2> <ul> <li>update maven snapshot badge (<a href="https://github.com/junrar/junrar/commits/04481cf">04481cf</a>)</li> </ul> <h2>Contributors</h2> <p>We'd like to thank the following people for their contributions: Gauthier Roebroeck</p> <h2>Release v7.5.6</h2> <h2>Changelog</h2> <h2>🐛 Fixes</h2> <ul> <li>CorruptHeaderException when EndArcHeader is missing and parsing as stream (<a href="https://github.com/junrar/junrar/commits/964801c">964801c</a>), closes <a href="https://redirect.github.com/junrar/junrar/issues/216">#216</a></li> </ul> <h2>🧪 Tests</h2> <ul> <li>replace deprecation (<a href="https://github.com/junrar/junrar/commits/ae8870d">ae8870d</a>)</li> </ul> <h2>🛠 Build</h2> <p><strong>deps</strong></p> <ul> <li>bump com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.19.0 to 2.20.0 (<a href="https://github.com/junrar/junrar/commits/a1143e2">a1143e2</a>)</li> <li>bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19 (<a href="https://github.com/junrar/junrar/commits/06ba358">06ba358</a>)</li> <li>bump org.mockito:mockito-core from 5.17.0 to 5.20.0 (<a href="https://github.com/junrar/junrar/commits/9880cc4">9880cc4</a>)</li> <li>bump com.fasterxml.jackson.core:jackson-databind (<a href="https://github.com/junrar/junrar/commits/9912de1">9912de1</a>)</li> <li>bump commons-io:commons-io from 2.19.0 to 2.20.0 (<a href="https://github.com/junrar/junrar/commits/716b0fc">716b0fc</a>)</li> <li>bump org.assertj:assertj-core from 3.27.4 to 3.27.6 (<a href="https://github.com/junrar/junrar/commits/23ba3d7">23ba3d7</a>)</li> <li>bump peter-evans/create-or-update-comment from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/932af2e">932af2e</a>)</li> <li>bump gradle/actions from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/d3b4237">d3b4237</a>)</li> <li>bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (<a href="https://github.com/junrar/junrar/commits/a7b88da">a7b88da</a>)</li> <li>bump com.github.gotson.bestbefore:bestbefore-processor-java (<a href="https://github.com/junrar/junrar/commits/acf11b2">acf11b2</a>)</li> <li>bump org.jreleaser from 1.18.0 to 1.20.0 (<a href="https://github.com/junrar/junrar/commits/694c46c">694c46c</a>)</li> <li>bump actions/setup-java from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/c6c2cb9">c6c2cb9</a>)</li> <li>bump actions/checkout from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/f55f514">f55f514</a>)</li> <li>bump archunit to 1.4.1 (<a href="https://github.com/junrar/junrar/commits/4942838">4942838</a>)</li> <li>bump junit-pioneer to 2.3.0 (<a href="https://github.com/junrar/junrar/commits/75bd572">75bd572</a>)</li> <li>bump slf4j-api from 2.0.9 to 2.0.17 (<a href="https://github.com/junrar/junrar/commits/cd598e6">cd598e6</a>)</li> <li>bump ch.qos.logback:logback-classic from 1.4.11 to 1.5.18 (<a href="https://github.com/junrar/junrar/commits/666e572">666e572</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/junrar/junrar/blob/master/CHANGELOG.md">com.github.junrar:junrar's changelog</a>.</em></p> <blockquote> <h1><a href="https://github.com/junrar/junrar/compare/v7.5.6...v7.5.7">7.5.7</a> (2025-10-17)</h1> <h2>🛠 Build</h2> <ul> <li>fix failing version (<a href="https://github.com/junrar/junrar/commits/beccd50">beccd50</a>)</li> <li>fix failing version (<a href="https://github.com/junrar/junrar/commits/4ccf1d2">4ccf1d2</a>)</li> <li>use bump when computing snapshot version (<a href="https://github.com/junrar/junrar/commits/20e9105">20e9105</a>)</li> <li>use java 21 (<a href="https://github.com/junrar/junrar/commits/ae8bff6">ae8bff6</a>)</li> <li>remove java toolchains and use release flag instead (<a href="https://github.com/junrar/junrar/commits/0d99993">0d99993</a>), closes <a href="https://redirect.github.com/junrar/junrar/issues/218">#218</a></li> </ul> <h2>📝 Documentation</h2> <ul> <li>update maven snapshot badge (<a href="https://github.com/junrar/junrar/commits/04481cf">04481cf</a>)</li> </ul> <h1><a href="https://github.com/junrar/junrar/compare/v7.5.5...v7.5.6">7.5.6</a> (2025-10-16)</h1> <h2>🐛 Fixes</h2> <ul> <li>CorruptHeaderException when EndArcHeader is missing and parsing as stream (<a href="https://github.com/junrar/junrar/commits/964801c">964801c</a>), closes <a href="https://redirect.github.com/junrar/junrar/issues/216">#216</a></li> </ul> <h2>🧪 Tests</h2> <ul> <li>replace deprecation (<a href="https://github.com/junrar/junrar/commits/ae8870d">ae8870d</a>)</li> </ul> <h2>🛠 Build</h2> <p><strong>deps</strong></p> <ul> <li>bump com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.19.0 to 2.20.0 (<a href="https://github.com/junrar/junrar/commits/a1143e2">a1143e2</a>)</li> <li>bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19 (<a href="https://github.com/junrar/junrar/commits/06ba358">06ba358</a>)</li> <li>bump org.mockito:mockito-core from 5.17.0 to 5.20.0 (<a href="https://github.com/junrar/junrar/commits/9880cc4">9880cc4</a>)</li> <li>bump com.fasterxml.jackson.core:jackson-databind (<a href="https://github.com/junrar/junrar/commits/9912de1">9912de1</a>)</li> <li>bump commons-io:commons-io from 2.19.0 to 2.20.0 (<a href="https://github.com/junrar/junrar/commits/716b0fc">716b0fc</a>)</li> <li>bump org.assertj:assertj-core from 3.27.4 to 3.27.6 (<a href="https://github.com/junrar/junrar/commits/23ba3d7">23ba3d7</a>)</li> <li>bump peter-evans/create-or-update-comment from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/932af2e">932af2e</a>)</li> <li>bump gradle/actions from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/d3b4237">d3b4237</a>)</li> <li>bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (<a href="https://github.com/junrar/junrar/commits/a7b88da">a7b88da</a>)</li> <li>bump com.github.gotson.bestbefore:bestbefore-processor-java (<a href="https://github.com/junrar/junrar/commits/acf11b2">acf11b2</a>)</li> <li>bump org.jreleaser from 1.18.0 to 1.20.0 (<a href="https://github.com/junrar/junrar/commits/694c46c">694c46c</a>)</li> <li>bump actions/setup-java from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/c6c2cb9">c6c2cb9</a>)</li> <li>bump actions/checkout from 4 to 5 (<a href="https://github.com/junrar/junrar/commits/f55f514">f55f514</a>)</li> <li>bump archunit to 1.4.1 (<a href="https://github.com/junrar/junrar/commits/4942838">4942838</a>)</li> <li>bump junit-pioneer to 2.3.0 (<a href="https://github.com/junrar/junrar/commits/75bd572">75bd572</a>)</li> <li>bump slf4j-api from 2.0.9 to 2.0.17 (<a href="https://github.com/junrar/junrar/commits/cd598e6">cd598e6</a>)</li> <li>bump ch.qos.logback:logback-classic from 1.4.11 to 1.5.18 (<a href="https://github.com/junrar/junrar/commits/666e572">666e572</a>)</li> <li>bump com.fasterxml.jackson.core:jackson-databind (<a href="https://github.com/junrar/junrar/commits/9258830">9258830</a>)</li> <li>bump org.mockito:mockito-core from 5.6.0 to 5.17.0 (<a href="https://github.com/junrar/junrar/commits/c2eeadc">c2eeadc</a>)</li> <li>bump io.github.gradle-nexus.publish-plugin (<a href="https://github.com/junrar/junrar/commits/777d966">777d966</a>)</li> <li>bump org.assertj:assertj-core from 3.24.2 to 3.27.3 (<a href="https://github.com/junrar/junrar/commits/76c8474">76c8474</a>)</li> <li>bump com.github.ben-manes.versions from 0.50.0 to 0.52.0 (<a href="https://github.com/junrar/junrar/commits/b6fa2a8">b6fa2a8</a>)</li> <li>bump codecov/codecov-action from 3 to 5 (<a href="https://github.com/junrar/junrar/commits/9c37e01">9c37e01</a>)</li> <li>bump com.fasterxml.jackson.datatype:jackson-datatype-jsr310 (<a href="https://github.com/junrar/junrar/commits/ea99789">ea99789</a>)</li> <li>bump commons-io:commons-io from 2.15.0 to 2.19.0 (<a href="https://github.com/junrar/junrar/commits/2c02c73">2c02c73</a>)</li> <li>bump org.jreleaser from 1.9.0 to 1.18.0 (<a href="https://github.com/junrar/junrar/commits/d588832">d588832</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Balázs Szücs
|
42f1fd543a
|
refactor: remove unused imports (#4566)
# Description of Changes <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> |
||
Ludy
|
bd179579e6
|
fix(security): harden URL reachability to block SSRF to private/reserved networks and add unit tests (#4637)
# Description of Changes
- **What was changed**
- Introduced a stricter network safety check in
`GeneralUtils.isURLReachable(...)`:
- Block resolution to local, private, link-local, multicast, and
reserved ranges for both IPv4 and IPv6 (including IPv4-mapped and
IPv4-compatible IPv6).
- Added a DNS records cap (`MAX_DNS_ADDRESSES = 20`) to mitigate DNS
answer explosions and reduce SSRF blast radius.
- Treat DNS resolution failures as unsafe (fail closed).
- Reject empty/invalid hosts early and disallow non-HTTP(S) protocols.
- Ensure `HttpURLConnection` is properly disconnected in a `finally`
block to avoid resource leaks.
- Added comprehensive unit tests in `GeneralUtilsAdditionalTest` to
verify blocking of sensitive ranges (e.g., `127.0.0.1`, `10.0.0.0/8`,
`172.16.0.0/12`, `192.168.0.0/16`, CGNAT `100.64.0.0/10`, link-local
`169.254.0.0/16`, TEST-NETs, multicast `224.0.0.0/4`, IPv6 ULA
`fc00::/7`, and IPv4-mapped `::ffff:127.0.0.1`).
- Renamed and refactored helper logic to
`isDisallowedNetworkLocation(...)` and split out
`isSensitiveAddress(...)`, `isPrivateOrReservedIPv4(...)`,
`isUniqueLocalIPv6(...)`, and `isIPv4MappedAddress(...)` for clarity and
testability.
- **Why the change was made**
- To prevent Server-Side Request Forgery (SSRF) and related abuses in
features that fetch external URLs (e.g., website-to-PDF and similar
utilities).
- Ensures the application cannot be coerced into contacting internal
infrastructure or special-purpose address spaces.
- Adds explicit resource cleanup and safer defaults (fail closed) to
improve reliability and security.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
|
||
|
Balázs Szücs
|
614d410dce
|
feat(conversion): add PDF to Vector Image conversions (#4651)
# Description of Changes This pull request adds support for converting between PDF and vector formats (EPS, PS, PCL, XPS) using Ghostscript, including both backend API endpoints and frontend UI integration. It introduces new controllers, request models, configuration, and user interface elements for these conversion features. ### Backend * Added `PdfVectorExportController` with endpoints for converting PDF to vector formats and vector formats to PDF, using Ghostscript for processing. (`app/core/src/main/java/stirling/software/SPDF/controller/api/converters/PdfVectorExportController.java`) * Introduced `PdfVectorExportRequest` model to support new conversion options and parameters. (`app/core/src/main/java/stirling/software/SPDF/model/api/converters/PdfVectorExportRequest.java`) * Added a utility method for Ghostscript conversion exceptions. (`app/common/src/main/java/stirling/software/common/util/ExceptionUtils.java`) ### Configuration * Registered new endpoints and alternatives for PDF/vector conversion in the `EndpointConfiguration`. (`app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java`) ### Frontend * Added Thymeleaf templates for "PDF to Vector" and "Vector to PDF" conversion forms. (`app/core/src/main/resources/templates/convert/pdf-to-vector.html`, `app/core/src/main/resources/templates/convert/vector-to-pdf.html`) * Integrated new conversion tools into the navigation bar and feature groups. (`app/core/src/main/resources/templates/fragments/navElements.html`) * Added controller routes for the new conversion forms. (`app/core/src/main/java/stirling/software/SPDF/controller/web/ConverterWebController.java`) ### UI <img width="629" height="551" alt="image" src="https://github.com/user-attachments/assets/37491db7-1ae8-47d4-b69b-412bf7b02acf" /> <img width="629" height="551" alt="image" src="https://github.com/user-attachments/assets/b33d3d40-5f26-415f-bd60-467f23701003" /> Closes: #4491 <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [x] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> |
||
ConnorYoh
|
1a3552d1f7
|
Dynamic tracking services (#4690)
Added bean for both scarf and posthog followed documentation at https://docs.stirlingpdf.com/analytics-telemetry Co-authored-by: Connor Yoh <connor@stirlingpdf.com> |
||
|
Balázs Szücs
|
599beb7912
|
feat(pdf-to-cbr): integrate RAR for CBR output generation (#4626)
# Description of Changes This pull request introduces full support for generating true CBR (Comic Book RAR) archives from PDF files using the local RAR CLI ### CBR Conversion Implementation: - Refactored `PdfToCbrUtils.java` to generate image files for each PDF page, invoke the RAR CLI to create a `.cbr` archive, and clean up temporary files after conversion.. ### Dependency & Endpoint Management: - Added RAR as a required external dependency in `ExternalAppDepConfig.java` and checks for its availability, disabling related endpoints if missing. - Registered new endpoints under the "RAR" group in `EndpointConfiguration.java` and updated group validation logic. ### Controller and API Updates: - Updated the API controller to clarify that the output is a true CBR archive created with RAR, not ZIP-based. - Modified the web controller to check for endpoint availability and return a 404 error if the CBR conversion feature is disabled. ### Sample logs/verification: Conversion command > 23:12:41.552 [qtp1634254747-43] INFO s.s.common.util.ProcessExecutor - Running command: rar a -m5 -ep1 output.cbr page_001.png > 23:12:41.571 [Thread-25] INFO s.s.common.util.ProcessExecutor - > 23:12:41.571 [Thread-25] INFO s.s.common.util.ProcessExecutor - RAR 7.12 Copyright (c) 1993-2025 Alexander Roshal 23 Jun 2025 > 23:12:41.571 [Thread-25] INFO s.s.common.util.ProcessExecutor - Trial version Type 'rar -?' for help > 23:12:41.571 [Thread-25] INFO s.s.common.util.ProcessExecutor - > 23:12:41.571 [Thread-25] INFO s.s.common.util.ProcessExecutor - Evaluation copy. Please register. > 23:12:41.571 [Thread-25] INFO s.s.common.util.ProcessExecutor - > 23:12:41.572 [Thread-25] INFO s.s.common.util.ProcessExecutor - Creating archive output.cbr > 23:12:41.578 [Thread-25] INFO s.s.common.util.ProcessExecutor - > 23:12:41.587 [Thread-25] INFO s.s.common.util.ProcessExecutor - Adding page_001.png OK > 23:12:41.587 [Thread-25] INFO s.s.common.util.ProcessExecutor - Done Verification whether its RAR (not included in the code; was to verify whether the code works) > ~/Downloads > ❯ unrar l lorem-ipsum_converted.cbr > > UNRAR 7.12 freeware Copyright (c) 1993-2025 Alexander Roshal > > Archive: lorem-ipsum_converted.cbr > Details: RAR 5 > > Attributes Size Date Time Name > ----------- --------- ---------- ----- ---- > -rw-r--r-- 105955 2025-10-07 23:12 page_001.png > ----------- --------- ---------- ----- ---- > 105955 1 Logs on startup with no RAR CLI > INFO:unoserver:Started. > 12:09:16.592 [main] INFO s.s.p.s.configuration.DatabaseConfig - Using default H2 database > INFO:unoserver:Server PID: 46 > 12:09:21.281 [main] INFO s.s.c.config.TempFileConfiguration - Created temporary directory: /tmp/stirling-pdf/stirling-pdf > 12:09:21.329 [main] WARN s.s.SPDF.config.ExternalAppDepConfig - Missing dependency: rar - Disabling group: RAR (Affected features: Pdf/cbr, PDF To Cbr) > 12:09:22.066 [main] INFO s.s.S.config.EndpointConfiguration - Disabled tool groups: RAR (endpoints may have alternative implementations) > 12:09:22.066 [main] INFO s.s.S.config.EndpointConfiguration - Disabled functional groups: enterprise > 12:09:22.066 [main] INFO s.s.S.config.EndpointConfiguration - Total disabled endpoints: 3. Disabled endpoints: pdf-to-cbr, pdf/cbr, url-to-pdf > 12:09:22.407 [main] INFO s.s.p.s.service.DatabaseService - Source directory does not exist: configs/db/backup > 12:09:23.092 [main] INFO s.software.common.util.FileMonitor - Monitoring directory: ./pipeline/watchedFolders > 12:09:23.721 [main] INFO s.s.c.service.TempFileCleanupService - Created LibreOffice temp directory: /tmp/stirling-pdf/stirling-pdf/libreoffice <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Balázs Szücs
|
ec1ac4cb2d
|
feat(cbr-to-pdf,pdf-to-cbr): add PDF to/from CBR conversion with ebook optimization option (#4581)
# Description of Changes This pull request adds support for converting CBR (Comic Book RAR) files to PDF, optimizes CBZ/CBR-to-PDF conversion for e-readers using Ghostscript, and improves file type detection and image file handling. It introduces the `CbrUtils` and `PdfToCbrUtils` utility classes, refactors CBZ conversion logic, and integrates these features into the API controller. The most important changes are grouped below. ### CBR Support and Conversion: - Added the `com.github.junrar:junrar` dependency to support RAR/CBR archive extraction in `build.gradle`. (https://github.com/junrar/junrar and https://github.com/junrar/junrar?tab=License-1-ov-file#readme for repo and license) - Introduced the new utility class `CbrUtils` for converting CBR files to PDF, including image extraction, sorting, and error handling. - Added the `PdfToCbrUtils` utility class to convert PDF files into CBR archives by rendering each page as an image and packaging them. ### CBZ/CBR Conversion Optimization: - Refactored `CbzUtils.convertCbzToPdf` to support optional Ghostscript optimization for e-reader compatibility and added a new method for this. - Added `GeneralUtils.optimizePdfWithGhostscript`, which uses Ghostscript to optimize PDFs for e-readers, and integrated error handling. ### API Controller Integration: - Updated `ConvertImgPDFController` to support CBR conversion, CBZ/CBR optimization toggling, and Ghostscript availability checks. ### Endpoints <img width="1298" height="522" alt="image" src="https://github.com/user-attachments/assets/144d3e03-a637-451a-9c35-f784b2a66dc1" /> <img width="1279" height="472" alt="image" src="https://github.com/user-attachments/assets/879f221d-b775-4224-8edb-a23dbea6a0ca" /> ### UI <img width="384" height="105" alt="image" src="https://github.com/user-attachments/assets/5f861943-0706-4fad-8775-c40a9c1f3170" /> ### File Type and Image Detection Improvements: - Improved file extension detection for comic book files and image files in `CbzUtils` and added a shared regex pattern utility for image files. ### Additional notes: - Please keep in mind new the dependency, this is not dependency-free implementation (as opposed to CBZ converter) - RAR 5 currently not supported. (because JUNRAR does not support it) - Added the new ebook optimization func to GeneralUtils since we'll soon (hopefully) at least 3 book/ebook formats (EPUB, CBZ, CBR) all of which can use it. - Once again this has been thoroughly tested but can't share actual "real life" file due to copyright. Closes: #775 <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [x] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [x] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> |
||
|
Balázs Szücs
|
b661eb8ff0
|
refactor: Replace manual resource handling with try-with-resources (#4593)
# Description of Changes
Explanation on try-with-resource:
> Many resources in Java need be closed after they have been used. If
they are not, the garbage collector cannot reclaim the resources'
memory, and they are still considered to be in use by the operating
system. Such resources are considered to be leaked, which can lead to
performance issues.
>
> Java 7 introduced the try-with-resources statement, which guarantees
that the resource in question will be closed.
>
> try (InputStream input = Files.newInputStream(path)) {
> // "input" will be closed after the execution of this block
> }
>
> This syntax is safer than the traditional method using try, catch, and
finally and hence should be preferred.
https://rules.sonarsource.com/java/tag/java8/RSPEC-2093/
<!--
Please provide a summary of the changes, including:
- What was changed
- Why the change was made
- Any challenges encountered
Closes #(issue_number)
-->
---
## Checklist
### General
- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Signed-off-by: Balázs Szücs <bszucs1209@gmail.com>
|
||
|
Balázs Szücs
|
575854952a
|
feat(get-info-on-pdf): use PDFBox preflight to validate PDF compliancy level, and parse in compliancy type (#4595)
# Description of Changes - Refactored methods for parsing and extracting PDF/A conformance levels from XMP metadata. - Implemented PDF/A validation using Preflight from Apache PDFBox. - Enhanced PDF information generation to include PDF/A conformance level and validation results. - Updated compliance checks and JSON output to reflect new PDF/A capabilities. ### Test files: [lorem-ipsum_PDFA1b.pdf](https://github.com/user-attachments/files/22687689/lorem-ipsum_PDFA1b.pdf) [lorem-ipsum_PDFA_2b.pdf](https://github.com/user-attachments/files/22687692/lorem-ipsum_PDFA_2b.pdf) [lorem-ipsum_PD⁄A3a.pdf](https://github.com/user-attachments/files/22687693/lorem-ipsum_PD.A3a.pdf) ### New results: <img width="699" height="257" alt="image" src="https://github.com/user-attachments/assets/b8cb5510-2908-4e08-97f6-d5799e0e1be7" /> <img width="699" height="257" alt="image" src="https://github.com/user-attachments/assets/d7af3731-ad19-4524-b1c1-32f47776e6af" /> <img width="699" height="257" alt="image" src="https://github.com/user-attachments/assets/6e48e65b-2ebc-402a-a222-bfdbf783e45d" /> I also validated with online tools. Should be good now! I was also thinking moving this to GeneralUtils; it may be useful for PDF/A converter in the future, or for other features. Not sure yet, for now I think this is good for now. Closes #4568 <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [x] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> |
||
Dario Ghunney Ware
|
dabc52ef73
|
Defaulting JWT settings to false (#4416)
Defaulting the configuration settings for Stirling PDF's JWT to false to avoid any unexpected issues |
||
|
dependabot[bot]
|
927bf3d004
|
build(deps): bump org.eclipse.angus:angus-mail from 2.0.4 to 2.0.5 (#4549)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [org.eclipse.angus:angus-mail](https://github.com/eclipse-ee4j/angus-mail) from 2.0.4 to 2.0.5. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
10263ffc7f
|
build(deps): bump jakarta.mail:jakarta.mail-api from 2.1.4 to 2.1.5 (#4553)
Bumps [jakarta.mail:jakarta.mail-api](https://github.com/jakartaee/mail-api) from 2.1.4 to 2.1.5. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Balázs Szücs
|
51aa03b256
|
feat(cbz-to-pdf,pdf-to-cbz): Converter for CBZ format to and from PDF (#4472) | ||
|
Balázs Szücs
|
413cd0c697
|
refactor: replace switch statements with modern switch expressions for better readability (#4095)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> |
||
|
dependabot[bot]
|
d9c0223703
|
build(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.12 to 2.8.13 (#4421)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Balázs Szücs
|
e44d5f3714
|
perf: Logging statements to use parameterized messages (#4399) | ||
|
dependabot[bot]
|
b950484bfc
|
build(deps): bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#4534)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Balázs Szücs
|
ae1db0dd13
|
refactor: replace size checks with isEmpty(), safely collapse redundant emptiness checking logic, minor code improvements (#4132) | ||
|
Balázs Szücs
|
045f4cc591
|
feat: Add RegexPatternUtils for centralized regex management, file naming funcs, UtilityClass annotation (#4218)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> |
||
|
Balázs Szücs
|
133e6d3de6
|
refactor(core,common,proprietary): Replace Date with Instant/modern Date API alternative for improved time handling (#4497) | ||
|
Balázs Szücs
|
07392ed25e
|
feat(replace-and-invert-colour): Add CMYK color space conversion with prepress preset for PDF processing (#4494) | ||
|
Balázs Szücs
|
ef7030d5a9
|
feat(multi-layout): implement form field copying and transformation for multi-page PDF to keep form data (#4314) | ||
Sean Gilligan
|
93fb62047a
|
fix: normalize path in ApplicationPropertiesLogicTest (#4477)
This fixes a failing unit test on macOS. `ApplicationPropertiesLogicTest.tempFileManagement_defaults_and_overrides()` has 4 asserts that will fail with this error on macOS: ``` org.opentest4j.AssertionFailedError: expected: </var/folders/6d/12xt4b4m8xjf3t0059_w18bh0000gn/T/stirling-pdf> but was: </var/folders/6d/12xt4b4m8xjf3t0059_w18bh0000gn/T//stirling-pdf> at app//org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151) at app//org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132) at app//org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:197) at app//org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:182) at app//org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:177) at app//org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:1145) at app//stirling.software.common.model.ApplicationPropertiesLogicTest.tempFileManagement_defaults_and_overrides(ApplicationPropertiesLogicTest.java:40) at java.base@24.0.2/java.lang.reflect.Method.invoke(Method.java:565) at java.base@24.0.2/java.util.ArrayList.forEach(ArrayList.java:1604) at java.base@24.0.2/java.util.ArrayList.forEach(ArrayList.java:1604) ``` Note the double `/` in the actual path here: `/T//stirling-pdf`. # Description of Changes The fix creates a lambda: ``` Function<String, String> normalize = s ->Paths.get(s).normalize().toString(); ``` and applies it in all 4 broken tests. ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
Balázs Szücs
|
c684a51cf9
|
feat: custom error handling when calling renderImageWithDPI, controllers to respect global DPI (#4407) | ||
|
Balázs Szücs
|
8192b1a44f
|
performance: Use StringBuilder instead of string concatenation for building strings (#4193) | ||
|
Balázs Szücs
|
47bce86ae2
|
fix: try-with-resources for Streams interacting with Files to ensure proper resource management (#4404)
# Description of Changes The Javadoc recommends wrapping Files.list(), Files.walk(), Files.find(), and Files.lines() in try-with-resources so the stream’s close() is called as soon as the terminal operation completes. This is because when Stream interact with files, Java can ONLY close the Stream during garbage-collection finalization, which is not guaranteed to run promptly or at all before the JVM exits, creating a memory leak. Direct quote: > Streams have a [BaseStream.close()](https://docs.oracle.com/javase/8/docs/api/java/util/stream/BaseStream.html#close--) method and implement [AutoCloseable](https://docs.oracle.com/javase/8/docs/api/java/lang/AutoCloseable.html), but nearly all stream instances do not actually need to be closed after use. Generally, only streams whose source is an IO channel (such as those returned by [Files.lines(Path, Charset)](https://docs.oracle.com/javase/8/docs/api/java/nio/file/Files.html#lines-java.nio.file.Path-java.nio.charset.Charset-)) will require closing. Most streams are backed by collections, arrays, or generating functions, which require no special resource management. (If a stream does require closing, it can be declared as a resource in a try-with-resources statement.) > A DirectoryStream is opened upon creation and is closed by invoking the close method. Closing a directory stream releases any resources associated with the stream. Failure to close the stream may result in a resource leak. The try-with-resources statement provides a useful construct to ensure that the stream is closed: Sources: https://docs.oracle.com/javase/8/docs/api/java/util/stream/Stream.html https://docs.oracle.com/en/java/javase/21/docs/api/java.base/java/nio/file/DirectoryStream.html https://stackoverflow.com/questions/79078272/using-try-with-resources-for-a-java-files-walk-stream-created-in-a-separate-meth https://stackoverflow.com/questions/36990053/resource-leak-in-files-listpath-dir-when-stream-is-not-explicitly-closed <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> |
||
|
Ludy
|
9b3e2c29a5
|
perf(core): Stream responses and unify temp file lifecycle across controllers (#4330) | ||
|
Ludy
|
9a39aff19f
|
refactor: standardize MIME handling via Spring MediaType (#4389)
|
||
stirlingbot[bot]
|
dde6cc2d49
|
🤖 format everything with pre-commit by stirlingbot (#4375)
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> |
||
|
Ludy
|
cb7471024b
|
feat(common): add ChecksumUtils for MD5/SHA*/CRC32/Adler32 with Base64 and multi-algorithm support (#4261)
|
||
|
Ludy
|
0776ecc96b
|
test(common): add dedicated unit tests for FileInfo and InputStreamTemplateResource (#4140) | ||
|
Ludy
|
8113728d3d
|
feat(database): make backup schedule configurable via system keys (#4251) | ||
|
dependabot[bot]
|
61b85a9273
|
build(deps): bump jakarta.mail:jakarta.mail-api from 2.1.3 to 2.1.4 (#4351)
Bumps [jakarta.mail:jakarta.mail-api](https://github.com/jakartaee/mail-api) from 2.1.3 to 2.1.4. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Balázs Szücs
|
fe84b3ff15
|
feat: Add Lombok @Getter and @Setter annotations to reduce boilerplate code in multiple classes (#4321)
# Description of Changes Update classes across the codebase to use Lombok's `@Getter` and `@Setter` annotations, replacing manually written getter and setter methods. This change streamlines the code, reduces boilerplate, and improves maintainability. <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: Balázs Szücs <bszucs1209@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Ludy
|
963b4ee69d
|
refactor(ssrf): default enum MEDIUM prevents OFF=false (#4280)
# Description of Changes
- **What was changed**
- **URL to PDF flow**
- Changed `ConvertWebsiteToPDF#urlToPdf` to return `ResponseEntity<?>`
and perform a redirect (`303 SEE_OTHER`) back to `/url-to-pdf` with an
`error` query param instead of throwing exceptions.
- Added alert rendering in `url-to-pdf.html` using `param.error` for
localized error display.
- Introduced new translation key `error.invalidUrlFormat` in
`messages_en_GB.properties`.
- **Security / SSRF**
- Migrated `ApplicationProperties.System.UrlSecurity.level` from
`String` to `SsrfProtectionLevel` enum.
- Default now set to `SsrfProtectionLevel.MEDIUM` (`// MAX, MEDIUM,
OFF`).
- This avoids the issue where setting `OFF` returned `false` in
configuration parsing.
- Updated `SsrfProtectionService#parseProtectionLevel` accordingly
(using `level.name()`).
- **Repo hygiene**
- Added `**/LOCAL_APPDATA_FONTCONFIG_CACHE/**` to `.gitignore`.
- **Why the change was made**
- Provide user-friendly, localized error messages instead of exposing
internal exceptions on URL-to-PDF conversions.
- Ensure SSRF protection level parsing is type-safe and consistent—`OFF`
can now be set without yielding a misleading `false` state.
- Prevent unwanted fontconfig cache files from being tracked in Git.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
|
||
Anthony Stirling
|
bf90f4b1da
|
feat: add annotation option to PDF to image (#4365)
## Summary - add optional flag to include PDF annotations when converting to images - expose annotation option via API model and UI checkbox - add translation for annotation option ## Testing - `./gradlew spotlessApply` - `./gradlew build` ------ https://chatgpt.com/codex/tasks/task_b_68b7fa1d5a1c83288342244a0ec85e9d |
||
|
dependabot[bot]
|
18e2078b8b
|
build(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.11 to 2.8.12 (#4356)
Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.11 to 2.8.12. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's releases</a>.</em></p> <blockquote> <h2>springdoc-openapi v2.8.12 released!</h2> <h3>Changed</h3> <ul> <li>Upgrade swagger-ui to v5.28.0</li> <li>Upgrade commons-lang3 to v3.18.0</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3073">#3073</a> - Duplicate key class Parameter when documenting two GET methods with same path and PathVariable.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3071">#3071</a> - <a href="https://github.com/io"><code>@io</code></a>.swagger.v3.oas.annotations.parameters.RequestBody does not work well with <a href="https://github.com/RequestPart"><code>@RequestPart</code></a></li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3066">#3066</a> - Parameter is now required after upgrading to springdoc-openapi 2.8.10</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.11...v2.8.12">https://github.com/springdoc/springdoc-openapi/compare/v2.8.11...v2.8.12</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog</a>.</em></p> <blockquote> <h2>[2.8.12] - 2025-09-01</h2> <h3>Changed</h3> <ul> <li>Upgrade swagger-ui to v5.28.0</li> <li>Upgrade commons-lang3 to v3.18.0</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3073">#3073</a> - Duplicate key class Parameter when documenting two GET methods with same path and PathVariable.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3071">#3071</a> - <a href="https://github.com/io"><code>@io</code></a>.swagger.v3.oas.annotations.parameters.RequestBody does not work well with <a href="https://github.com/RequestPart"><code>@RequestPart</code></a></li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3066">#3066</a> - Parameter is now required after upgrading to springdoc-openapi 2.8.10</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Ludy
|
3af93f0adb
|
feat(database,Jwt): relocate backups and Jwt-keys to config/backup and add Enterprise cleanup endpoints (#4225)
# Description of Changes
- **What was changed**
- Centralized installation paths:
- Introduced `BACKUP_PATH`, `BACKUP_DB_PATH`, and
`BACKUP_PRIVATE_KEY_PATH` in `InstallationPathConfig`;
`getPrivateKeyPath()` now resolves to `backup/keys` and new
`getBackupPath()` returns `backup/db`.
- Removed old `PRIVATE_KEY_PATH` and switched all usages to the new
locations.
- Database service enhancements:
- `DatabaseService` now uses `InstallationPathConfig.getBackupPath()`
and includes a one-time migration to move existing backups from
`config/db/backup` to `config/backup/db` (**@Deprecated(since = "2.0.0",
forRemoval = true)**).
- Added `deleteAllBackups()` and `deleteLastBackup()` methods and
exposed them via a new Enterprise controller.
- New Enterprise-only API:
- Added `DatabaseControllerEnterprise` with:
- `DELETE /api/v1/database/deleteAll` — delete all backup files.
- `DELETE /api/v1/database/deleteLast` — delete the most recent backup.
- Endpoints gated by `@EnterpriseEndpoint` and
`@Conditional(H2SQLCondition.class)`.
- Key persistence adjustments:
- `KeyPersistenceService` now migrates keys from `config/db/keys` to
`config/backup/keys` on startup (**@Deprecated(since = "2.0.0",
forRemoval = true)**).
- Miscellaneous refactors/fixes:
- Switched driver resolution in `DatabaseConfig` to a switch expression.
- Corrected HTTP status usage to `HttpStatus.SEE_OTHER`.
- Removed constructor `runningEE` flag from `AccountWebController` and
replaced EE checks with `@EnterpriseEndpoint`.
- Minor test and annotation improvements (e.g., `@Deprecated(since =
"0.45.0")`, method references, equals order).
- **Why the change was made**
- To standardize and future-proof storage locations for both backups and
keys under a clear `config/backup` hierarchy.
- To give Enterprise admins first-class, safe cleanup endpoints for
managing backup retention without manual file operations.
- To reduce conditional logic in controllers and rely on declarative EE
gating.
- To improve maintainability and correctness (status codes, switch
expression, null-safety patterns).
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
||
|
Ludy
|
40cf337b23
|
feat(ssrf): enhance private IP detection and IPv6 handling (#4191)
# Description of Changes - Refactored `isPrivateAddress` to improve detection of private and local addresses for both IPv4 and IPv6. - Added explicit handling for: - IPv4-mapped IPv6 addresses - IPv6 link-local, site-local, and unique local (fc00::/7) addresses - Additional IPv4 private ranges such as link-local (169.254.0.0/16) - Introduced `normalizeIpv4MappedAddress` to standardize IP checks in cloud metadata detection. - Replaced `switch` statement with modern `switch` expression for cleaner control flow. These changes were made to strengthen SSRF protection by covering more address edge cases, especially in mixed IPv4/IPv6 environments. This also improves detection of cloud metadata endpoints when accessed via IPv4-mapped IPv6 addresses. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
Ludy
|
73df0ae1a8
|
fix(config): recreate settings.yml if missing or below minimal size threshold (#4166)
# Description of Changes - Added logic to verify the `settings.yml` file’s existence **and** ensure it has at least 31 lines (minimum valid config since `v0.13.0`). - If the file exists but is too small, it is moved to a timestamped `.bak` backup before creating a new one from the template. - Added logging to show current line count and backup location for better traceability. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
dependabot[bot]
|
1d89917e88
|
build(deps): bump org.springdoc:springdoc-openapi-starter-webmvc-ui from 2.8.9 to 2.8.11 (#4273)
Bumps [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) from 2.8.9 to 2.8.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's releases</a>.</em></p> <blockquote> <h2>springdoc-openapi v2.8.11 released!</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3065">#3065</a> - javadoc and overall performance optimization</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade spring-boot to v3.5.5</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3064">#3064</a> -ClassNotFoundException: kotlin.reflect.full.KClasses</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/rayuuuu"><code>@rayuuuu</code></a> made their first contribution in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3065">springdoc/springdoc-openapi#3065</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/springdoc/springdoc-openapi/compare/v2.8.10...v2.8.11">https://github.com/springdoc/springdoc-openapi/compare/v2.8.10...v2.8.11</a></p> <h2>springdoc-openapi v2.8.10 released!</h2> <h2>What's Changed</h2> <ul> <li>Fix unexpected merging of media types by <a href="https://github.com/Mattias-Sehlstedt"><code>@Mattias-Sehlstedt</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3026">springdoc/springdoc-openapi#3026</a></li> <li>Fixed "desciption" typo by <a href="https://github.com/lc-nyovchev"><code>@lc-nyovchev</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3036">springdoc/springdoc-openapi#3036</a></li> <li>Fix: Property resolution for extensions within <code>@OpenAPIDefinition</code> Info object by <a href="https://github.com/limehee"><code>@limehee</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3039">springdoc/springdoc-openapi#3039</a></li> <li>Support externalDocs configure on SpecPropertiesCustomizer by <a href="https://github.com/huisam"><code>@huisam</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3042">springdoc/springdoc-openapi#3042</a></li> <li>Use adaptFromForwardedHeaders instead of deprecated fromHttpRequest by <a href="https://github.com/thijsnissen"><code>@thijsnissen</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3060">springdoc/springdoc-openapi#3060</a></li> <li>Fixes so that a RequestPart with a Map is added to the RequestBody by <a href="https://github.com/Mattias-Sehlstedt"><code>@Mattias-Sehlstedt</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3051">springdoc/springdoc-openapi#3051</a></li> <li>Refactor webhook discovery and scanning mechanism by <a href="https://github.com/zdary"><code>@zdary</code></a> in <a href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3057">springdoc/springdoc-openapi#3057</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3046">#3046</a> - Feature Request: Support <a href="https://github.com/jakarta"><code>@jakarta</code></a>.annotation.Nonnull.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3042">#3042</a> - Support externalDocs configure on SpecPropertiesCustomizer</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3057">#3057</a> - Refactor webhook discovery and scanning mechanism</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade spring-boot to v3.5.4</li> <li>Upgrade swagger-ui to v5.27.1</li> <li>Upgrade swagger-core to 2.2.36</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3050">#3050</a> - <a href="https://github.com/RequestPart"><code>@RequestPart</code></a> JSON parameters missing Content-Type in generated curl commands, causing 415 errors.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2978">#2978</a> - Parameter is no longer optional after upgrade to 2.8.8</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3022">#3022</a> - NullPointerException thrown in SchemaUtils.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3026">#3026</a> - Fix unexpected merging of media types</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3036">#3036</a> - Fixed "desciption"</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3039">#3039</a> - Fix: Property resolution for extensions within <a href="https://github.com/OpenAPIDefinition"><code>@OpenAPIDefinition</code></a> Info object</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3051">#3051</a> - Fixes so that a RequestPart with a Map is added to the RequestBody</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3060">#3060</a> - Use adaptFromForwardedHeaders instead of deprecated fromHttpRequest</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's changelog</a>.</em></p> <blockquote> <h2>[2.8.11] - 2025-08-23</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3065">#3065</a> - javadoc and overall performance optimization</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade spring-boot to v3.5.5</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3064">#3064</a> -ClassNotFoundException: kotlin.reflect.full.KClasses</li> </ul> <h2>[2.8.10] - 2025-08-20</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3046">#3046</a> - Feature Request: Support <a href="https://github.com/jakarta"><code>@jakarta</code></a>.annotation.Nonnull.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3042">#3042</a> - Support externalDocs configure on SpecPropertiesCustomizer</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3057">#3057</a> - Refactor webhook discovery and scanning mechanism</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade spring-boot to v3.5.4</li> <li>Upgrade swagger-ui to v5.27.1</li> <li>Upgrade swagger-core to 2.2.36</li> </ul> <h3>Fixed</h3> <ul> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3050">#3050</a> - <a href="https://github.com/RequestPart"><code>@RequestPart</code></a> JSON parameters missing Content-Type in generated curl commands, causing 415 errors.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/2978">#2978</a> - Parameter is no longer optional after upgrade to 2.8.8</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3022">#3022</a> - NullPointerException thrown in SchemaUtils.</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3026">#3026</a> - Fix unexpected merging of media types</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3036">#3036</a> - Fixed "desciption"</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3039">#3039</a> - Fix: Property resolution for extensions within <a href="https://github.com/OpenAPIDefinition"><code>@OpenAPIDefinition</code></a> Info object</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3051">#3051</a> - Fixes so that a RequestPart with a Map is added to the RequestBody</li> <li><a href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3060">#3060</a> - Use adaptFromForwardedHeaders instead of deprecated fromHttpRequest</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Ludy
|
ab7cef5a97
|
feat(common,core,proprietary): remove unused injections, enhance type safety, and improve test mocks (#4213)
# Description of Changes This PR introduces several refactorings and minor enhancements across the `common`, `core`, and `proprietary` modules: - **Dependency Injection Cleanup** - Removed unused constructor-injected dependencies (e.g., `FileOrUploadService`, `ApplicationProperties`, redundant `@Autowired` annotations). - Simplified constructors to only require actively used dependencies. - **Model Enhancements** - Added `@NoArgsConstructor` to `FileInfo`, `PdfMetadata`, and `SignatureFile` to improve serialization/deserialization support. - **Service Improvements** - Improved `JobExecutorService` content type retrieval by assigning `MediaType` to a variable before conversion. - Enhanced `KeyPersistenceService` with type-safe `.filter(JwtVerificationKey.class::isInstance)`. - Annotated `decodePublicKey` in `KeyPersistenceService` with `@Override` for clarity. - **Controller & API Changes** - Updated `AdminSettingsController` to use `TypeReference<Map<String,Object>>` for safer conversion. - Improved long log and description strings with consistent formatting. - **Testing Updates** - Replaced `.lenient()` mock settings with `.defaultAnswer(RETURNS_DEFAULTS)` for `FileToPdf` static mocks. - Used `ArgumentMatchers.<TypeReference<List<BookmarkItem>>>any()` in `EditTableOfContentsControllerTest` for type safety. - Updated `UserServiceTest` default `AuthenticationType` from `SSO` to `OAUTH2`. - **Formatting** - Broke up long log/debug lines for better readability. - Removed redundant `@SuppressWarnings` where type safety was ensured. These changes aim to make the codebase leaner, more type-safe, and maintainable, while improving test reliability. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
Dario Ghunney Ware
|
6699facc24
|
JWT Authentication (#3921)
This PR introduces JWT (JSON Web Token) authentication for Stirling-PDF,
allowing for stateless authentication capabilities alongside the
existing session-based authentication system.
### Key Features & Changes
JWT Authentication System
- Core Service: JwtService.java - Token generation, validation, and
cookie management
- Authentication Filter: JwtAuthenticationFilter.java - Request
interceptor for JWT validation
- Key Management: KeyPersistenceService.java +
KeyPairCleanupService.java - RSA key rotation and persistence
- Frontend: jwt-init.js - Client-side JWT handling and URL cleanup
Security Integration
- SAML2: JwtSaml2AuthenticationRequestRepository.java - JWT-backed SAML
request storage
- OAuth2: Updated CustomAuthenticationSuccessHandler. java,
CustomOAuth2AuthenticationSuccessHandler.java &
CustomSaml2AuthenticationSuccessHandler.java for JWT integration
- Configuration: Enhanced SecurityConfiguration.java with JWT filter
chain
Infrastructure
- Caching: CacheConfig.java - Caffeine cache for JWT keys
- Database: New JwtVerificationKey.java entity for key storage
- Error Handling: JwtAuthenticationEntryPoint.java for unauthorized
access
### Challenges Encountered
- Configured SecurityConfiguration to use either
`UsernamePasswordAuthenticationFilter` or `JWTAuthenticationFilter`
based on whether JWTs are enabled to prevent the former intercepting
requests while in stateless mode.
- Removed the `.defaultSuccessUrl("/")` from login configuration as its
inclusion was preventing overriding the use of the
`CustomAuthenticationSuccessHandler` and preventing proper
authentication flows.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [x] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [x] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [x] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [x] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
<img width="599" height="515" alt="Screenshot 2025-07-10 at 13 35 56"
src="https://github.com/user-attachments/assets/4126b752-ad0d-4ffa-b295-6714c43381e1"
/>
<img width="392" height="376" alt="Screenshot 2025-07-10 at 13 36 10"
src="https://github.com/user-attachments/assets/c681bc43-68ff-4934-8245-d544e2ad7b9c"
/>
<img width="1870" height="986" alt="eb750e8c3954fc47b2dd2e6e76ddb7d5"
src="https://github.com/user-attachments/assets/fca9b23d-b0b6-4884-8a26-98a441b641ef"
/>
<img width="1299" height="702" alt="Screenshot 2025-07-10 at 13 30 57"
src="https://github.com/user-attachments/assets/9415d8bf-fac4-4d38-8c3a-985d043d1076"
/>
### Testing (if applicable)
- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludy <Ludy87@users.noreply.github.com>
Co-authored-by: EthanHealy01 <80844253+EthanHealy01@users.noreply.github.com>
Co-authored-by: Ethan <ethan@MacBook-Pro.local>
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
|
||
|
Ludy
|
05b5771c89
|
fix(saml): correct ClassPathResource handling for IdP metadata and add null-guard for privateKey (#4157)
## Description of Changes
**What was changed**
- In `getIdpMetadataUri()`, use
`idpMetadataUri.substring("classpath:".length())` so the `classpath:`
scheme (including the colon) is stripped correctly before creating the
`ClassPathResource`.
- In `getPrivateKey()`, add a null check (`if (privateKey == null)
return null;`) to avoid a potential `NullPointerException` when the
property is unset.
**Why the change was made**
- The previous substring used `"classpath".length()` (without the
colon), leaving a leading `:` in the path (e.g., `:/saml/idp.xml`) which
breaks `ClassPathResource` resolution and can prevent SAML bootstrapping
when `idpMetadataUri` uses the `classpath:` scheme.
- The null-guard aligns the method with defensive coding practices and
prevents runtime errors when no private key is configured.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
|
||
|
stirlingbot[bot]
|
678a9bc463
|
🤖 format everything with pre-commit by stirlingbot (#4150)
Auto-generated by [create-pull-request][1] with **stirlingbot** [1]: https://github.com/peter-evans/create-pull-request Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com> Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> |
||
|
Anthony Stirling
|
71ac4283b2
|
PSD (#4146)
# Description of Changes <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
Balázs Szücs
|
65e894870c
|
refactor(eml-to-pdf): Improve readability, maintainability, and overall standards compliance (#4065)
# Description of Changes
refactor(eml-to-pdf): Enhance compliance with PDF/ISO standards and MIME
specifications
This commit refactors the EML-to-PDF conversion utility to improve
standards compliance, implementing requirements from multiple RFCs and
ISO specifications:
### Standards Compliance Implemented:
• **PDF Standards (ISO 32000-1:2008)**: Added PDF version validation in
`attachFilesToPdf()`
to ensure 1.7+ compatibility for Unicode file embeddings
• **MIME Processing (RFC 2045/2046)**: Implemented case-insensitive MIME
type handling
in `processPartAdvanced()` with `toLowerCase(Locale.ROOT)` normalization
• **Content Encoding (RFC 2047)**: Enhanced `safeMimeDecode()` with
UTF-8→ISO-8859-1
charset fallback chains for robust header decoding
• **Content-ID Processing (RFC 2392)**: Added proper Content-ID
stripping with
`replaceAll("[<>]", "")` for embedded image references
• **Multipart Safety (RFC 2046)** (best practice, not compliance
related): Implemented recursion depth limiting (max 10 levels)
• **processMultipartAdvanced()**, setCatalogViewerPreferences used to
set PageMode.USE_ATTACHMENTS, but PDF spec 12.2 (Viewer Preferences)
requires a /ViewerPreferences dictionary for full control (e.g.,
/DisplayDocTitle). Docs suggested setting additional prefs like
/NonFullScreenPageMode to ensure attachments panel opens reliably across
viewers
• **addAttachmentAnnotationToPage**, annotations are set to
/Invisible=true but must remain interactive. PDF spec 12.5.6.15 (File
Attachment Annotations) requires /F flags to control print/view (e.g.,
NoPrint if not printable).
### Technical Improvements:
• **Coordinate System Handling**: Added rotation-aware coordinate
transformations
in PDF annotation placement following ISO 32000-1 Section 8.3
• **Charset Fallbacks**: Implemented progressive charset detection with
UTF-8
primary and ISO-8859-1 fallback in MIME decoding
• **Error Resilience**: Enhanced exception handling with specific error
types and
proper resource cleanup using try-with-resources patterns
• **HTML5 Compliance**: Updated email HTML generation with proper
DOCTYPE and
charset declarations for browser compatibility
### Security & Robustness:
• **Input Validation**: Added comprehensive null checks and boundary
validation
throughout attachment and multipart processing
• **XSS Prevention**: All user content now processed through
`escapeHtml()` or
`CustomHtmlSanitizer` before HTML generation
### Code Quality:
• **Method Signatures**: Updated `processMultipartAdvanced()` to include
depth
parameter for recursion tracking
• **Switch Expressions**: Modernized switch statements to use Java 17+
arrow syntax
where applicable
• **Documentation**: Added inline RFC/ISO references for
compliance-critical sections
All changes maintain backward compatibility while significantly
improving standards
adherence. Tested with various EML formats.
No major change. No change in tests. No change in aesthetic of the
resulting PDF. No change change in "user space" (except when user relied
on compliance of aforementioned stuff then a major improvement)
<!--
Please provide a summary of the changes, including:
- What was changed
- Why the change was made
- Any challenges encountered
Closes #(issue_number)
-->
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [ ] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
|
||
|
Ludy
|
aec5a8ddc5
|
feat(common): add configurable maxDPI limit for PDF-to-image conversion (#4129)
# Description of Changes - **What was changed:** Added a new `maxDPI` property under `system` in `ApplicationProperties`; updated `PdfUtils` to retrieve and enforce this configurable limit instead of a hard-coded constant; modified `ConverterWebController` and the PDF-to-image template to expose the limit to users; added `pdfToImage.dpi` entries across all translation files; updated `settings.yml.template` and `DeveloperGuide.md` to document the new setting. - **Why the change was made:** To allow deployments to tune the maximum DPI for PDF-to-image conversions based on available resources, preventing excessive memory usage and crashes caused by arbitrarily high DPI values. Closes #3985 --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
dependabot[bot]
|
47a49c5353
|
build(deps): bump org.eclipse.angus:angus-mail from 2.0.3 to 2.0.4 (#4114)
Bumps [org.eclipse.angus:angus-mail](https://github.com/eclipse-ee4j/angus-mail) from 2.0.3 to 2.0.4. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
stirlingbot[bot]
|
56c79eb63c
|
🤖 format everything with pre-commit by stirlingbot (#4075)
Auto-generated by [create-pull-request][1] with **stirlingbot** [1]: https://github.com/peter-evans/create-pull-request Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com> Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> |