# Description of Changes
- **What was changed:**
- Renamed top-level directories: `stirling-pdf` → `app/core`, `common` →
`app/common`, `proprietary` → `app/proprietary`.
- Updated all path references in `.gitattributes`, GitHub workflows
(`.github/workflows/*`), scripts (`.github/scripts/*`), `.gitignore`,
Dockerfiles, license files, and template settings to reflect the new
structure.
- Added a new CI job `check-generateOpenApiDocs` to generate and upload
OpenAPI documentation.
- Removed redundant `@Autowired` annotations from `TempFileShutdownHook`
and `UnlockPDFFormsController`.
- Minor formatting and comment adjustments in YAML templates and
resource files.
- **Why the change was made:**
- To introduce a clear `app/` directory hierarchy for core, common, and
proprietary modules, improving organization and maintainability.
- To ensure continuous integration and Docker builds continue to work
seamlessly with the reorganized structure.
- To automate OpenAPI documentation generation as part of the CI
pipeline.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
Bumps
[com.unboundid.product.scim2:scim2-sdk-client](https://github.com/pingidentity/scim2)
from 2.3.5 to 4.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pingidentity/scim2/blob/master/CHANGELOG.md">com.unboundid.product.scim2:scim2-sdk-client's
changelog</a>.</em></p>
<blockquote>
<h2>v4.0.0 - 2025-Jun-10</h2>
<p>Removed support for Java 11. The UnboundID SCIM 2 SDK now requires
Java 17 or a later release.</p>
<p>Updated the following dependencies:</p>
<ul>
<li>Jackson: 2.18.3</li>
<li>Jakarta RS: 4.0.0</li>
<li>Jersey: 3.1.10</li>
</ul>
<p>Updated the default behavior for ADD patch requests with value
filters (e.g.,
<code>emails[type eq "work"].display</code>). The SCIM SDK
will now target existing values within the
multi-valued attribute. For more background on this type of patch
request, see the release notes for
the 3.2.0 release where this was introduced (but not made the default).
To restore the old behavior,
set the following property in your application:</p>
<pre><code>PatchOperation.APPEND_NEW_PATCH_VALUES_PROPERTY = true;
</code></pre>
<p>Updated <code>SearchRequestBuilder</code> to be more permissive of
ListResponses with non-standard attribute
casing (e.g., if a response includes a
<code>"resources"</code> array instead of
<code>"Resources"</code>).</p>
<p>Updated the class-level documentation of <code>SearchRequest</code>
to provide more background about how
searches are performed in the SCIM standard.</p>
<p>Added a new property that allows ignoring unknown fields when
converting JSON text to Java objects
that inherit from <code>BaseScimResource</code>. This behaves similarly
to the <code>FAIL_ON_UNKNOWN_PROPERTIES</code>
setting from the Jackson library, and allows for easier integration with
SCIM service providers
that include additional non-standard data in their responses. To enable
this setting, set the
following property in your application code:</p>
<pre><code>BaseScimResource.IGNORE_UNKNOWN_FIELDS = true;
</code></pre>
<p>Fixed an issue with methods that interface with schema extensions
such as
<code>BaseScimResource.getExtensionValues(String)</code>. These accepted
paths as a string, but previously
performed updates to the extension data incorrectly.</p>
<p>Simplified the implementation of the StaticUtils#toLowerCase method.
This had an optimization for
Java versions before JDK 9 that was especially beneficial for the most
common case of handling ASCII
characters. Since JDK 9, however, the String class has been updated so
that the class is backed by a
byte array as opposed to a character array, so it is more optimal to use
the JDK's implementation
directly while handling null values.</p>
<p>Previous releases of the SCIM SDK set many classes as
<code>final</code> to encourage applications to follow
strict compliance to the SCIM standard. However, this also makes it
difficult to integrate with
services that violate the standard. An example of this is a SCIM error
response that contains extra
fields in the JSON body. To help accommodate these integrations, the
SCIM SDK has been updated so
that several model classes are no longer <code>final</code>, allowing
applications to <code>extend</code> them if needed.
The following classes were updated:</p>
<ul>
<li>scim2-sdk-client builder classes such as
<code>CreateRequestBuilder.java</code></li>
<li><code>ErrorResponse.java</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="039c7e6264"><code>039c7e6</code></a>
Setting release version 4.0.0</li>
<li><a
href="ea0486470e"><code>ea04864</code></a>
Update CHANGELOG date for the 4.0.0 release.</li>
<li><a
href="bfd276e822"><code>bfd276e</code></a>
Make GenericScimResource extendable.</li>
<li><a
href="9008757a22"><code>9008757</code></a>
Clean up POM and remove Guava test dependency.</li>
<li><a
href="a954381dcc"><code>a954381</code></a>
Remove the deprecated ScimDateFormat class.</li>
<li><a
href="76f23141ff"><code>76f2314</code></a>
Enhance the Filter classes and their documentation</li>
<li><a
href="cfd9d7ecf9"><code>cfd9d7e</code></a>
Add a new filter method for SearchRequestBuilder.</li>
<li><a
href="3c3c0cad33"><code>3c3c0ca</code></a>
Fix CodeQL by adding Java 17 installation step</li>
<li><a
href="114ad5105b"><code>114ad51</code></a>
Import the default codeql.yaml</li>
<li><a
href="26fe8f180a"><code>26fe8f1</code></a>
Allow extending model classes</li>
<li>Additional commits viewable in <a
href="https://github.com/pingidentity/scim2/compare/scim2-2.3.5...scim2-4.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps io.swagger.core.v3:swagger-core-jakarta from 2.2.34 to 2.2.35.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[org.eclipse.angus:angus-mail](https://github.com/eclipse-ee4j/angus-mail)
from 2.0.3 to 2.0.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="37c1c6ca1e"><code>37c1c6c</code></a>
Prepare release org.eclipse.angus:all:2.0.4</li>
<li><a
href="a53d904ca1"><code>a53d904</code></a>
Update changes log (<a
href="https://redirect.github.com/eclipse-ee4j/angus-mail/issues/169">#169</a>)</li>
<li><a
href="5d0e7b3f51"><code>5d0e7b3</code></a>
Update changes log</li>
<li><a
href="84fe702f7a"><code>84fe702</code></a>
Fix issue299 (<a
href="https://redirect.github.com/eclipse-ee4j/angus-mail/issues/166">#166</a>)
(<a
href="https://redirect.github.com/eclipse-ee4j/angus-mail/issues/167">#167</a>)</li>
<li><a
href="a15041d503"><code>a15041d</code></a>
Update README.md</li>
<li><a
href="005bec4025"><code>005bec4</code></a>
Merge pull request <a
href="https://redirect.github.com/eclipse-ee4j/angus-mail/issues/138">#138</a>
from eclipse-ee4j/2.0.3-RELEASE</li>
<li><a
href="637b1913d2"><code>637b191</code></a>
Update TCK-Results.md</li>
<li><a
href="2a375178f6"><code>2a37517</code></a>
Prepare next development cycle for 2.0.4-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/eclipse-ee4j/angus-mail/compare/2.0.3...2.0.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# Description of Changes
This PR improves the pre-commit workflow and formatting configuration to
enforce consistency and catch issues earlier in CI:
- **Pre-commit workflow (`pre_commit.yml`)**:
- Trigger now runs on `push` to `main` (previously scheduled weekly
only).
- Adds a `gradlew clean build` step to ensure the codebase compiles as
part of the pre-commit validation.
- Configures Java 17 using the Temurin distribution via
`actions/setup-java`.
- **.pre-commit-config.yaml**:
- Updated `ruff` to version `v0.12.7` (from `v0.12.0`).
- Updated `gitleaks` to `v8.28.0` (from `v8.27.2`).
- **Spotless configuration**:
- Added formatting for `test` sources across all Gradle modules
(`common`, `core`, `proprietary`, `stirling-pdf`).
- Ensures that test code follows the same formatting rules as production
code.
These changes help improve early feedback in development and CI by
integrating linting, formatting, and build checks directly into the
workflow on code pushes.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
Bumps com.opencsv:opencsv from 5.11.2 to 5.12.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# Description of Changes
- **What was changed:**
- Updated `.github/labeler-config-srvaroa.yml` to include
`app/core/src/main/resources/static/pipeline/defaultWebUIConfigs/**`
under the labeler paths.
- Removed `COPY pipeline /pipeline` from all three Dockerfiles to slim
down images.
- Added a new `PIPELINE_PATH` constant and `getPipelinePath()` method in
`InstallationPathConfig.java`.
- Implemented `GeneralUtils.extractPipeline()` to copy default pipeline
JSON configs (`OCR images.json`, `Prepare-pdfs-for-email.json`,
`split-rotate-auto-rename.json`) from classpath into the installation
directory.
- Invoked `GeneralUtils.extractPipeline()` during initial setup in
`InitialSetup.java`.
- Updated `.gitignore` to treat `./pipeline/` as ignored.
- **Why the change was made:**
Ensures that default WebUI pipeline configurations are automatically
extracted at runtime rather than baked into the image, improving
flexibility and reducing image size.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
# Description of Changes
This pull request introduces a new SSRF (Server-Side Request Forgery)
protection mechanism for URL handling in the application. Key changes
include adding a dedicated `SsrfProtectionService`, integrating
SSRF-safe policies into HTML sanitization, and extending application
settings to support configurable URL security options.
### SSRF Protection Implementation:
* **`SsrfProtectionService`**: Added a new service to handle SSRF
protection with configurable levels (`OFF`, `MEDIUM`, `MAX`) and checks
for private networks, localhost, link-local addresses, and cloud
metadata endpoints
(`app/common/src/main/java/stirling/software/common/service/SsrfProtectionService.java`).
### Application Configuration Enhancements:
* **`ApplicationProperties`**: Introduced a new `Html` configuration
class with nested `UrlSecurity` settings, allowing fine-grained control
over URL security, including allowed/blocked domains and internal TLDs
(`app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java`).
[[1]](diffhunk://#diff-1c357db0a3e88cf5bedd4a5852415fadad83b8b3b9eb56e67059d8b9d8b10702R293)
[[2]](diffhunk://#diff-1c357db0a3e88cf5bedd4a5852415fadad83b8b3b9eb56e67059d8b9d8b10702R346-R364)
* **`settings.yml.template`**: Updated the configuration template to
include the new `html.urlSecurity` settings, enabling users to customize
SSRF protection behavior
(`app/core/src/main/resources/settings.yml.template`).
### HTML Sanitization Updates:
* **`CustomHtmlSanitizer`**: Integrated SSRF-safe URL validation into
the HTML sanitizer by using the `SsrfProtectionService`. Added a custom
policy for validating `img` tags' `src` attributes
(`app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java`).
---
## Checklist
### General
- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: a <a>
Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Bumps [commons-io:commons-io](https://github.com/apache/commons-io) from
2.19.0 to 2.20.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt">commons-io:commons-io's
changelog</a>.</em></p>
<blockquote>
<p>Apache Commons IO 2.20.0 Release Notes</p>
<p>The Apache Commons IO team is pleased to announce the release of
Apache Commons IO 2.20.0.</p>
<h2>Introduction</h2>
<p>The Apache Commons IO library contains utility classes, stream
implementations, file filters,
file comparators, endian transformation classes, and much more.</p>
<p>Version 2.19.1: Java 8 or later is required.</p>
<h2>New features</h2>
<p>o IO-875: Add
org.apache.commons.io.file.CountingPathVisitor.accept(Path,
BasicFileAttributes) <a
href="https://redirect.github.com/apache/commons-io/issues/743">#743</a>.
Thanks to Pierre Baumard, Gary Gregory.
o Add org.apache.commons.io.Charsets.isAlias(Charset, String). Thanks to
Gary Gregory.
o Add org.apache.commons.io.Charsets.isUTF8(Charset). Thanks to Gary
Gregory.
o Add org.apache.commons.io.Charsets.toCharsetDefault(String, Charset).
Thanks to Gary Gregory.
o IO-279: Add Tailer ignoreTouch option <a
href="https://redirect.github.com/apache/commons-io/issues/757">#757</a>.
Thanks to Joerg Budischewski, Gary Gregory.</p>
<h2>Fixed Bugs</h2>
<p>o [javadoc] Rename parameter of ProxyOutputStream.write(int) <a
href="https://redirect.github.com/apache/commons-io/issues/740">#740</a>.
Thanks to Jesse Glick.
o IO-875: CopyDirectoryVisitor ignores fileFilter <a
href="https://redirect.github.com/apache/commons-io/issues/743">#743</a>.
Thanks to Pierre Baumard, Gary Gregory.
o org.apache.commons.io.build.AbstractOrigin.getReader(Charset) now maps
a null Charset to the default Charset. Thanks to Gary Gregory.
o
org.apache.commons.io.build.AbstractOrigin.AbstractRandomAccessFileOrigin.getReader(Charset)
now maps a null Charset to the default Charset. Thanks to Gary Gregory.
o
org.apache.commons.io.build.AbstractOrigin.ByeArrayOrigin.getReader(Charset)
now maps a null Charset to the default Charset. Thanks to Gary Gregory.
o
org.apache.commons.io.build.AbstractOrigin.InputStreamOrigin.getReader(Charset)
now maps a null Charset to the default Charset. Thanks to Gary Gregory.
o org.apache.commons.io.build.AbstractOrigin.getWriter(Charset) now maps
a null Charset to the default Charset. Thanks to Gary Gregory.
o
org.apache.commons.io.build.AbstractOrigin.AbstractRandomAccessFileOrigin.getWriter(Charset)
now maps a null Charset to the default Charset. Thanks to Gary Gregory.
o
org.apache.commons.io.build.AbstractOrigin.OutputStreamOrigin.getWriter(Charset)
now maps a null Charset to the default Charset. Thanks to Gary Gregory.
o FileUtils.readLines(File, Charset) now maps a null Charset to the
default Charset <a
href="https://redirect.github.com/apache/commons-io/issues/744">#744</a>.
Thanks to Ryan Kurtz, Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atSlashCr" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.WindowsLineEndingInputStream,
org.apache.commons.io.input.WindowsLineEndingInputStream] At
WindowsLineEndingInputStream.java:[line 77]Another occurrence at
WindowsLineEndingInputStream.java:[line 81]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atSlashCr" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.WindowsLineEndingInputStream] At
WindowsLineEndingInputStream.java:[line 112]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atSlashLf" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.WindowsLineEndingInputStream] At
WindowsLineEndingInputStream.java:[line 113]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atSlashLf" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.UnixLineEndingInputStream] At
UnixLineEndingInputStream.java:[line 75]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atEos" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.UnixLineEndingInputStream] At
UnixLineEndingInputStream.java:[line 120]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atSlashCr" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.UnixLineEndingInputStream] At
UnixLineEndingInputStream.java:[line 124]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"atSlashLf" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.UnixLineEndingInputStream] At
UnixLineEndingInputStream.java:[line 125]
AT_STALE_THREAD_WRITE_OF_PRIMITIVE. Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"closed" in one thread may not yield the value of the most
recent write from another thread
[org.apache.commons.io.input.ProxyInputStream] At
ProxyInputStream.java:[line 233] AT_STALE_THREAD_WRITE_OF_PRIMITIVE.
Thanks to Gary Gregory.
o Fix SpotBugs [ERROR] Medium: Shared primitive variable
"propagateClose" in one thread may not yield the value of the
most recent write from another thread
[org.apache.commons.io.input.BoundedInputStream] At
BoundedInputStream.java:[line 555] AT_STALE_THREAD_WRITE_OF_PRIMITIVE.
Thanks to Gary Gregory.
o QueueInputStream reads all but the first byte without waiting. <a
href="https://redirect.github.com/apache/commons-io/issues/748">#748</a>.
Thanks to maxxedev, Piotr P. Karwasz, Gary Gregory.
o Javadoc fixes and improvements. Thanks to Gary Gregory.
o Avoid NPE in
org.apache.commons.io.filefilter.WildcardFilter.accept(File). Thanks to
Gary Gregory.
o IO-874: FileUtils.forceDelete can delete a broken symlink again <a
href="https://redirect.github.com/apache/commons-io/issues/756">#756</a>.
Thanks to Andy Russell, Joerg Budischewski.
o Fix infinite loop in AbstractByteArrayOutputStream. <a
href="https://redirect.github.com/apache/commons-io/issues/758">#758</a>.
Thanks to Alex Benusovich.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c224bce839"><code>c224bce</code></a>
Prepare for the release candidate 2.20.0 RC1</li>
<li><a
href="8981a5c966"><code>8981a5c</code></a>
Remove workaround for</li>
<li><a
href="4ef481f142"><code>4ef481f</code></a>
Prepare for the next release candidate</li>
<li><a
href="d23228f4a9"><code>d23228f</code></a>
Merge branch 'master' of <a
href="https://github.com/apache/commons-io.git">https://github.com/apache/commons-io.git</a></li>
<li><a
href="5d2737ffe4"><code>5d2737f</code></a>
Add <a
href="https://github.com/SuppressWarnings"><code>@SuppressWarnings</code></a></li>
<li><a
href="e5c80d6eff"><code>e5c80d6</code></a>
Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 <a
href="https://redirect.github.com/apache/commons-io/issues/761">#761</a></li>
<li><a
href="2017ac063c"><code>2017ac0</code></a>
Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (<a
href="https://redirect.github.com/apache/commons-io/issues/761">#761</a>)</li>
<li><a
href="07ce798898"><code>07ce798</code></a>
Javadoc</li>
<li><a
href="a828efa09f"><code>a828efa</code></a>
Add ciManagement element to POM</li>
<li><a
href="46bd1c2955"><code>46bd1c2</code></a>
Javadoc</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-io/compare/rel/commons-io-2.19.0...rel/commons-io-2.20.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
# Description of Changes
- **What was changed**
- Relocated `png_to_webp.py` and `split_photos.py` from `scripts/` to
`app/core/src/main/resources/static/python/`.
- Updated `.github/labeler-config-srvaroa.yml` and
`.pre-commit-config.yaml` to include the new script directory in their
file-matching patterns.
- Added `GeneralUtils.extractScript(String scriptName)` to load Python
scripts from the classpath (`static/python/`), extract them into a
temporary directory at runtime, and return the filesystem path.
- **Why the change was made**
- To fix the Internal Server Error caused by missing script files at
their old locations.
- Ensure the Python helper scripts are packaged inside the JAR/WAR and
reliably accessible when the application runs.
- Only local installations were affected
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
