Merge branch 'main' into audit2

# Description of Changes

Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

.github/workflows/PR-Demo-Comment-with-react.yml

@@ -41,7 +41,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -129,7 +129,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -165,7 +165,7 @@ jobs:
           STIRLING_PDF_DESKTOP_UI: false
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@18ce135bb5112fa8ce4ed6c17ab05699d7f3a5e0 # v3.11.0
 
       - name: Get version number
         id: versionNumber

.github/workflows/PR-Demo-cleanup.yml

@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/auto-labeler.yml

@@ -13,7 +13,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/build.yml

@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -103,7 +103,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -147,7 +147,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -161,7 +161,7 @@ jobs:
           distribution: "adopt"
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@18ce135bb5112fa8ce4ed6c17ab05699d7f3a5e0 # v3.11.0
 
       - name: Install Docker Compose
         run: |

.github/workflows/check_properties.yml

@@ -18,7 +18,7 @@ jobs:
       pull-requests: write # Allow writing to pull requests
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/dependency-review.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/licenses-update.yml

@@ -19,7 +19,7 @@ jobs:
       repository-projects: write # Required for enabling automerge
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -42,7 +42,7 @@ jobs:
           distribution: "adopt"
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
 
       - name: Check licenses for compatibility
         run: ./gradlew clean checkLicense

.github/workflows/manage-label.yml

@@ -15,7 +15,7 @@ jobs:
       issues: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/multiOSReleases.yml

@@ -21,7 +21,7 @@ jobs:
       versionMac: ${{ steps.versionNumberMac.outputs.versionNumberMac }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -56,7 +56,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -68,7 +68,7 @@ jobs:
           java-version: "21"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
         with:
           gradle-version: 8.14
 
@@ -106,7 +106,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -144,7 +144,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -156,7 +156,7 @@ jobs:
           java-version: "21"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
         with:
           gradle-version: 8.14
 
@@ -234,7 +234,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -297,7 +297,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -306,7 +306,7 @@ jobs:
       - name: Display structure of downloaded files
         run: ls -R
       - name: Upload binaries, attestations and signatures to Release and create GitHub Release
-        uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
         with:
           tag_name: v${{ needs.read_versions.outputs.version }}
           generate_release_notes: true

.github/workflows/pre_commit.yml

@@ -16,7 +16,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/push-docker.yml

@@ -18,7 +18,7 @@ jobs:
       id-token: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -30,7 +30,7 @@ jobs:
           java-version: "17"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
         with:
           gradle-version: 8.14
 
@@ -48,7 +48,7 @@ jobs:
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@18ce135bb5112fa8ce4ed6c17ab05699d7f3a5e0 # v3.11.0
 
       - name: Get version number
         id: versionNumber

.github/workflows/releaseArtifacts.yml

@@ -23,7 +23,7 @@ jobs:
       version: ${{ steps.versionNumber.outputs.versionNumber }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -35,7 +35,7 @@ jobs:
           java-version: "17"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
         with:
           gradle-version: 8.14
 
@@ -83,7 +83,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -161,7 +161,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -171,7 +171,7 @@ jobs:
           name: signed${{ matrix.file_suffix }}
 
       - name: Upload binaries, attestations and signatures to Release and create GitHub Release
-        uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
         with:
           tag_name: v${{ needs.build.outputs.version }}
           generate_release_notes: true

.github/workflows/scorecards.yml

@@ -34,7 +34,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -74,6 +74,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
         with:
           sarif_file: results.sarif

.github/workflows/sonarqube.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -27,7 +27,7 @@ jobs:
           fetch-depth: 0
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
 
       - name: Build and analyze with Gradle
         env:

.github/workflows/stale.yml

@@ -16,7 +16,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/swagger.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -26,7 +26,7 @@ jobs:
           java-version: "17"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
 
       - name: Generate Swagger documentation
         run: ./gradlew generateOpenApiDocs

.github/workflows/sync_files.yml

@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

.github/workflows/testdriver.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -31,7 +31,7 @@ jobs:
           DISABLE_ADDITIONAL_FEATURES: true
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@18ce135bb5112fa8ce4ed6c17ab05699d7f3a5e0 # v3.11.0
 
       - name: Get version number
         id: versionNumber
@@ -105,7 +105,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -134,7 +134,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 

README.md

@@ -131,10 +131,10 @@ Stirling-PDF currently supports 40 languages!
 | German (Deutsch) (de_DE)                     | ![96%](https://geps.dev/progress/96)   |
 | Greek (Ελληνικά) (el_GR)                     | ![74%](https://geps.dev/progress/74)   |
 | Hindi (हिंदी) (hi_IN)                          | ![74%](https://geps.dev/progress/74)   |
-| Hungarian (Magyar) (hu_HU)                   | ![97%](https://geps.dev/progress/97)   |
+| Hungarian (Magyar) (hu_HU)                   | ![99%](https://geps.dev/progress/99)   |
 | Indonesian (Bahasa Indonesia) (id_ID)        | ![68%](https://geps.dev/progress/68)   |
 | Irish (Gaeilge) (ga_IE)                      | ![75%](https://geps.dev/progress/75)   |
-| Italian (Italiano) (it_IT)                   | ![87%](https://geps.dev/progress/87)   |
+| Italian (Italiano) (it_IT)                   | ![98%](https://geps.dev/progress/98)   |
 | Japanese (日本語) (ja_JP)                    | ![76%](https://geps.dev/progress/76)   |
 | Korean (한국어) (ko_KR)                      | ![75%](https://geps.dev/progress/75)   |
 | Norwegian (Norsk) (no_NB)                    | ![73%](https://geps.dev/progress/73)   |
@@ -147,11 +147,11 @@ Stirling-PDF currently supports 40 languages!
 | Serbian Latin alphabet (Srpski) (sr_LATN_RS) | ![48%](https://geps.dev/progress/48)   |
 | Simplified Chinese (简体中文) (zh_CN)         | ![98%](https://geps.dev/progress/98)   |
 | Slovakian (Slovensky) (sk_SK)                | ![57%](https://geps.dev/progress/57)   |
-| Slovenian (Slovenščina) (sl_SI)              | ![79%](https://geps.dev/progress/79)   |
+| Slovenian (Slovenščina) (sl_SI)              | ![78%](https://geps.dev/progress/78)   |
-| Spanish (Español) (es_ES)                    | ![82%](https://geps.dev/progress/82)   |
+| Spanish (Español) (es_ES)                    | ![81%](https://geps.dev/progress/81)   |
 | Swedish (Svenska) (sv_SE)                    | ![72%](https://geps.dev/progress/72)   |
 | Thai (ไทย) (th_TH)                           | ![65%](https://geps.dev/progress/65)   |
-| Tibetan (བོད་ཡིག་) (bo_CN)                     | ![0%](https://geps.dev/progress/0) |
+| Tibetan (བོད་ཡིག་) (bo_CN)                     | ![72%](https://geps.dev/progress/72) |
 | Traditional Chinese (繁體中文) (zh_TW)        | ![83%](https://geps.dev/progress/83)   |
 | Turkish (Türkçe) (tr_TR)                     | ![81%](https://geps.dev/progress/81)   |
 | Ukrainian (Українська) (uk_UA)               | ![78%](https://geps.dev/progress/78)   |

allowed-licenses.json

@@ -124,10 +124,18 @@
       "moduleName": ".*",
       "moduleLicense": "COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0"
     },
+    {
+      "moduleName": ".*",
+      "moduleLicense": "Eclipse Public License 1.0"
+    },
     {
       "moduleName": ".*",
       "moduleLicense": "Eclipse Public License - v 1.0"
     },
+    {
+      "moduleName": ".*",
+      "moduleLicense": "Eclipse Public License v2.0"
+    },
     {
       "moduleName": ".*",
       "moduleLicense": "Eclipse Public License v. 2.0"

build.gradle

@@ -23,10 +23,11 @@ ext {
     pdfboxVersion = "3.0.5"
     imageioVersion = "3.12.0"
     lombokVersion = "1.18.38"
-    bouncycastleVersion = "1.80"
+    bouncycastleVersion = "1.81"
-    springSecuritySamlVersion = "6.5.0"
+    springSecuritySamlVersion = "6.5.1"
     openSamlVersion = "4.3.2"
     commonmarkVersion = "0.24.0"
+    googleJavaFormatVersion = "1.27.0"
     tempJrePath = null
 }
 
@@ -119,7 +120,7 @@ subprojects {
 
     dependencies {
         implementation 'org.springframework.boot:spring-boot-starter-actuator'
-        implementation 'io.github.pixee:java-security-toolkit:1.2.1'
+        implementation 'io.github.pixee:java-security-toolkit:1.2.2'
 
         //tmp for security bumps
         implementation 'ch.qos.logback:logback-core:1.5.18'
@@ -475,7 +476,7 @@ spotless {
         target project(':proprietary').sourceSets.main.allJava
         target project(':stirling-pdf').sourceSets.main.allJava
 
-        googleJavaFormat("1.27.0").aosp().reorderImports(false)
+        googleJavaFormat(googleJavaFormatVersion).aosp().reorderImports(false)
 
         importOrder("java", "javax", "org", "com", "net", "io", "jakarta", "lombok", "me", "stirling")
         toggleOffOn()

common/build.gradle

@@ -2,7 +2,12 @@
 bootRun {
     enabled = false
 }
-
+spotless {
+    java {
+        target sourceSets.main.allJava
+        googleJavaFormat(googleJavaFormatVersion).aosp()
+    }
+}
 dependencies {
     api 'org.springframework.boot:spring-boot-starter-web'
     api 'org.springframework.boot:spring-boot-starter-thymeleaf'
@@ -15,6 +20,6 @@ dependencies {
     api "org.apache.pdfbox:pdfbox:$pdfboxVersion"
     api 'jakarta.servlet:jakarta.servlet-api:6.1.0'
     api 'org.snakeyaml:snakeyaml-engine:2.9'
-    api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"
+    api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9"
     api 'jakarta.mail:jakarta.mail-api:2.1.3'
 }

common/src/main/java/org/apache/pdfbox/examples/util/DeletingRandomAccessFile.java

@@ -4,10 +4,8 @@ import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
-
-import org.apache.pdfbox.io.RandomAccessReadBufferedFile;
-
 import lombok.extern.slf4j.Slf4j;
+import org.apache.pdfbox.io.RandomAccessReadBufferedFile;
 
 /** A custom RandomAccessRead implementation that deletes the file when closed */
 @Slf4j

common/src/main/java/stirling/software/common/configuration/AppConfig.java

@@ -248,7 +248,6 @@ public class AppConfig {
         return applicationProperties.getSystem().getDatasource();
     }
 
-
     @Bean(name = "runningProOrHigher")
     @Profile("default")
     public boolean runningProOrHigher() {
@@ -273,7 +272,6 @@ public class AppConfig {
         return "NORMAL";
     }
 
-
     @Bean(name = "disablePixel")
     public boolean disablePixel() {
         return Boolean.parseBoolean(env.getProperty("DISABLE_PIXEL", "false"));

common/src/main/java/stirling/software/common/configuration/ConfigInitializer.java

@@ -10,9 +10,7 @@ import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.StandardCopyOption;
 import java.util.List;
-
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.util.YamlHelper;
 
 /**

common/src/main/java/stirling/software/common/configuration/FileFallbackTemplateResolver.java

@@ -3,16 +3,13 @@ package stirling.software.common.configuration;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Map;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
 import org.thymeleaf.IEngineConfiguration;
 import org.thymeleaf.templateresolver.AbstractConfigurableTemplateResolver;
 import org.thymeleaf.templateresource.FileTemplateResource;
 import org.thymeleaf.templateresource.ITemplateResource;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.InputStreamTemplateResource;
 
 @Slf4j

common/src/main/java/stirling/software/common/configuration/InstallationPathConfig.java

@@ -2,7 +2,6 @@ package stirling.software.common.configuration;
 
 import java.io.File;
 import java.nio.file.Paths;
-
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j

common/src/main/java/stirling/software/common/configuration/PostHogConfig.java

@@ -1,15 +1,12 @@
 package stirling.software.common.configuration;
 
+import com.posthog.java.PostHog;
+import jakarta.annotation.PreDestroy;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
-import com.posthog.java.PostHog;
-
-import jakarta.annotation.PreDestroy;
-
-import lombok.extern.slf4j.Slf4j;
-
 @Configuration
 @Slf4j
 public class PostHogConfig {

common/src/main/java/stirling/software/common/configuration/PostHogLoggerImpl.java

@@ -1,10 +1,8 @@
 package stirling.software.common.configuration;
 
-import org.springframework.stereotype.Component;
-
 import com.posthog.java.PostHogLogger;
-
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Component;
 
 @Slf4j
 @Component

common/src/main/java/stirling/software/common/configuration/RuntimePathConfig.java

@@ -2,13 +2,10 @@ package stirling.software.common.configuration;
 
 import java.nio.file.Files;
 import java.nio.file.Path;
-
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.context.annotation.Configuration;
-
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
-
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.context.annotation.Configuration;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.CustomPaths.Operations;
 import stirling.software.common.model.ApplicationProperties.CustomPaths.Pipeline;

common/src/main/java/stirling/software/common/configuration/YamlPropertySourceFactory.java

@@ -1,7 +1,6 @@
 package stirling.software.common.configuration;
 
 import java.util.Properties;
-
 import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
 import org.springframework.core.env.PropertiesPropertySource;
 import org.springframework.core.env.PropertySource;

common/src/main/java/stirling/software/common/model/ApplicationProperties.java

@@ -12,7 +12,11 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
-
+import lombok.Data;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.Ordered;
@@ -24,13 +28,6 @@ import org.springframework.core.io.FileSystemResource;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.support.EncodedResource;
 import org.springframework.stereotype.Component;
-
-import lombok.Data;
-import lombok.Getter;
-import lombok.Setter;
-import lombok.ToString;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.InstallationPathConfig;
 import stirling.software.common.configuration.YamlPropertySourceFactory;
 import stirling.software.common.model.exception.UnsupportedProviderException;

common/src/main/java/stirling/software/common/model/FileInfo.java

@@ -5,7 +5,6 @@ import java.nio.file.Paths;
 import java.time.LocalDateTime;
 import java.time.format.DateTimeFormatter;
 import java.util.Locale;
-
 import lombok.AllArgsConstructor;
 import lombok.Data;
 

common/src/main/java/stirling/software/common/model/InputStreamTemplateResource.java

@@ -4,7 +4,6 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.Reader;
-
 import org.thymeleaf.templateresource.ITemplateResource;
 
 public class InputStreamTemplateResource implements ITemplateResource {

common/src/main/java/stirling/software/common/model/PdfMetadata.java

@@ -1,7 +1,6 @@
 package stirling.software.common.model;
 
 import java.util.Calendar;
-
 import lombok.Builder;
 import lombok.Data;
 

common/src/main/java/stirling/software/common/model/api/GeneralFile.java

@@ -1,11 +1,9 @@
 package stirling.software.common.model.api;
 
-import org.springframework.web.multipart.MultipartFile;
-
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
+import org.springframework.web.multipart.MultipartFile;
 
 @Data
 @EqualsAndHashCode

common/src/main/java/stirling/software/common/model/api/PDFFile.java

@@ -1,12 +1,10 @@
 package stirling.software.common.model.api;
 
-import org.springframework.web.multipart.MultipartFile;
-
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
+import org.springframework.web.multipart.MultipartFile;
 
 @Data
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/api/converters/HTMLToPdfRequest.java

@@ -1,10 +1,8 @@
 package stirling.software.common.model.api.converters;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
 import stirling.software.common.model.api.PDFFile;
 
 @Data

common/src/main/java/stirling/software/common/model/api/security/RedactionArea.java

@@ -1,7 +1,6 @@
 package stirling.software.common.model.api.security;
 
 import io.swagger.v3.oas.annotations.media.Schema;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 

common/src/main/java/stirling/software/common/model/enumeration/Role.java

@@ -2,7 +2,6 @@ package stirling.software.common.model.enumeration;
 
 import java.util.LinkedHashMap;
 import java.util.Map;
-
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 

common/src/main/java/stirling/software/common/model/oauth2/GitHubProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/GoogleProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/KeycloakProvider.java

@@ -2,9 +2,7 @@ package stirling.software.common.model.oauth2;
 
 import java.util.ArrayList;
 import java.util.Collection;
-
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 
 @NoArgsConstructor

common/src/main/java/stirling/software/common/model/oauth2/Provider.java

@@ -5,10 +5,8 @@ import static stirling.software.common.model.enumeration.UsernameAttribute.EMAIL
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
-
 import lombok.Data;
 import lombok.NoArgsConstructor;
-
 import stirling.software.common.model.enumeration.UsernameAttribute;
 import stirling.software.common.model.exception.UnsupportedClaimException;
 

common/src/main/java/stirling/software/common/service/CustomPDFDocumentFactory.java

@@ -8,7 +8,8 @@ import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.StandardCopyOption;
 import java.util.concurrent.atomic.AtomicLong;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.examples.util.DeletingRandomAccessFile;
 import org.apache.pdfbox.io.IOUtils;
@@ -18,10 +19,6 @@ import org.apache.pdfbox.io.ScratchFile;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.stereotype.Component;
 import org.springframework.web.multipart.MultipartFile;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.PDFFile;
 
 /**

common/src/main/java/stirling/software/common/service/PdfMetadataService.java

@@ -1,12 +1,10 @@
 package stirling.software.common.service;
 
 import java.util.Calendar;
-
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Service;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.PdfMetadata;
 

common/src/main/java/stirling/software/common/service/PostHogService.java

@@ -1,5 +1,6 @@
 package stirling.software.common.service;
 
+import com.posthog.java.PostHog;
 import java.io.File;
 import java.lang.management.GarbageCollectorMXBean;
 import java.lang.management.ManagementFactory;
@@ -16,15 +17,11 @@ import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
 import java.util.TimeZone;
-
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Service;
-
-import com.posthog.java.PostHog;
-
 import stirling.software.common.model.ApplicationProperties;
 
 @Service

common/src/main/java/stirling/software/common/util/CheckProgramInstall.java

@@ -3,7 +3,6 @@ package stirling.software.common.util;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.List;
-
 import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 
 public class CheckProgramInstall {

common/src/main/java/stirling/software/common/util/EmlToPdf.java

@@ -19,7 +19,10 @@ import java.util.Map;
 import java.util.Properties;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-
+import lombok.Data;
+import lombok.Getter;
+import lombok.experimental.UtilityClass;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.cos.COSDictionary;
 import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.pdmodel.PDDocument;
@@ -35,11 +38,6 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceDictionary;
 import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
-
-import lombok.Data;
-import lombok.Getter;
-import lombok.experimental.UtilityClass;
-import lombok.extern.slf4j.Slf4j;
 import stirling.software.common.model.api.converters.EmlToPdfRequest;
 
 @Slf4j
@@ -49,7 +47,8 @@ public class EmlToPdf {
     private static final class StyleConstants {
         // Font and layout constants
         static final int DEFAULT_FONT_SIZE = 12;
-        static final String DEFAULT_FONT_FAMILY = "-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif";
+        static final String DEFAULT_FONT_FAMILY =
+                "-apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif";
         static final float DEFAULT_LINE_HEIGHT = 1.4f;
         static final String DEFAULT_ZOOM = "1.0";
 
@@ -76,7 +75,8 @@ public class EmlToPdf {
     }
 
     private static final class MimeConstants {
-        static final Pattern MIME_ENCODED_PATTERN = Pattern.compile("=\\?([^?]+)\\?([BbQq])\\?([^?]*)\\?=");
+        static final Pattern MIME_ENCODED_PATTERN =
+                Pattern.compile("=\\?([^?]+)\\?([BbQq])\\?([^?]*)\\?=");
         static final String PAPERCLIP_EMOJI = "\uD83D\uDCCE"; // 📎
         static final String ATTACHMENT_ICON_PLACEHOLDER = "icon";
 
@@ -113,7 +113,8 @@ public class EmlToPdf {
         return jakartaMailAvailable;
     }
 
-    public static String convertEmlToHtml(byte[] emlBytes, EmlToPdfRequest request) throws IOException {
+    public static String convertEmlToHtml(byte[] emlBytes, EmlToPdfRequest request)
+            throws IOException {
         validateEmlInput(emlBytes);
 
         if (isJakartaMailAvailable()) {
@@ -147,11 +148,14 @@ public class EmlToPdf {
             }
 
             // Convert HTML to PDF
-            byte[] pdfBytes = convertHtmlToPdf(weasyprintPath, request, htmlContent, disableSanitize);
+            byte[] pdfBytes =
+                    convertHtmlToPdf(weasyprintPath, request, htmlContent, disableSanitize);
 
             // Attach files if available and requested
             if (shouldAttachFiles(emailContent, request)) {
-                pdfBytes = attachFilesToPdf(pdfBytes, emailContent.getAttachments(), pdfDocumentFactory);
+                pdfBytes =
+                        attachFilesToPdf(
+                                pdfBytes, emailContent.getAttachments(), pdfDocumentFactory);
             }
 
             return pdfBytes;
@@ -182,11 +186,15 @@ public class EmlToPdf {
                 && !emailContent.getAttachments().isEmpty();
     }
 
-    private static byte[] convertHtmlToPdf(String weasyprintPath, EmlToPdfRequest request,
+    private static byte[] convertHtmlToPdf(
-                                         String htmlContent, boolean disableSanitize)
+            String weasyprintPath,
+            EmlToPdfRequest request,
+            String htmlContent,
+            boolean disableSanitize)
             throws IOException, InterruptedException {
 
-        stirling.software.common.model.api.converters.HTMLToPdfRequest htmlRequest = createHtmlRequest(request);
+        stirling.software.common.model.api.converters.HTMLToPdfRequest htmlRequest =
+                createHtmlRequest(request);
 
         try {
             return FileToPdf.convertHtmlToPdf(
@@ -218,8 +226,7 @@ public class EmlToPdf {
         return "attachment_" + filename.hashCode() + "_" + System.nanoTime();
     }
 
-    private static String convertEmlToHtmlBasic(
+    private static String convertEmlToHtmlBasic(byte[] emlBytes, EmlToPdfRequest request) {
-            byte[] emlBytes, EmlToPdfRequest request) {
         if (emlBytes == null || emlBytes.length == 0) {
             throw new IllegalArgumentException("EML file is empty or null");
         }
@@ -335,7 +342,6 @@ public class EmlToPdf {
             Object message =
                     mimeMessageConstructor.newInstance(session, new ByteArrayInputStream(emlBytes));
 
-
             return extractEmailContentAdvanced(message, request);
 
         } catch (ReflectiveOperationException e) {
@@ -346,8 +352,7 @@ public class EmlToPdf {
         }
     }
 
-    private static String convertEmlToHtmlAdvanced(
+    private static String convertEmlToHtmlAdvanced(byte[] emlBytes, EmlToPdfRequest request) {
-            byte[] emlBytes, EmlToPdfRequest request) {
         EmailContent content = extractEmailContentAdvanced(emlBytes, request);
         return generateEnhancedEmailHtml(content, request);
     }
@@ -479,8 +484,12 @@ public class EmlToPdf {
         // Create attachment info with paperclip emoji before filename
         attachmentInfo
                 .append("<div class=\"attachment-item\">")
-                .append("<span class=\"attachment-icon\">").append(MimeConstants.ATTACHMENT_ICON_PLACEHOLDER).append("</span> ")
+                .append("<span class=\"attachment-icon\">")
-                .append("<span class=\"attachment-name\">").append(escapeHtml(filename)).append("</span>");
+                .append(MimeConstants.ATTACHMENT_ICON_PLACEHOLDER)
+                .append("</span> ")
+                .append("<span class=\"attachment-name\">")
+                .append(escapeHtml(filename))
+                .append("</span>");
 
         // Add content type and encoding info
         if (!contentType.isEmpty() || !encoding.isEmpty()) {
@@ -503,14 +512,17 @@ public class EmlToPdf {
             String content = new String(emlBytes, 0, checkLength, StandardCharsets.UTF_8);
             String lowerContent = content.toLowerCase();
 
-            boolean hasFrom = lowerContent.contains("from:") || lowerContent.contains("return-path:");
+            boolean hasFrom =
+                    lowerContent.contains("from:") || lowerContent.contains("return-path:");
             boolean hasSubject = lowerContent.contains("subject:");
             boolean hasMessageId = lowerContent.contains("message-id:");
             boolean hasDate = lowerContent.contains("date:");
-            boolean hasTo = lowerContent.contains("to:")
+            boolean hasTo =
+                    lowerContent.contains("to:")
                             || lowerContent.contains("cc:")
                             || lowerContent.contains("bcc:");
-            boolean hasMimeStructure = lowerContent.contains("multipart/")
+            boolean hasMimeStructure =
+                    lowerContent.contains("multipart/")
                             || lowerContent.contains("text/plain")
                             || lowerContent.contains("text/html")
                             || lowerContent.contains("boundary=");
@@ -684,17 +696,19 @@ public class EmlToPdf {
         html.append("  font-size: ").append(fontSize - 1).append("px;\n");
         html.append("}\n\n");
 
-
         html.append(".email-body {\n");
         html.append("  word-wrap: break-word;\n");
         html.append("}\n\n");
 
-
         html.append(".attachment-section {\n");
         html.append("  margin-top: 15px;\n");
         html.append("  padding: 10px;\n");
-        html.append("  background-color: ").append(StyleConstants.ATTACHMENT_BACKGROUND_COLOR).append(";\n");
+        html.append("  background-color: ")
-        html.append("  border: 1px solid ").append(StyleConstants.ATTACHMENT_BORDER_COLOR).append(";\n");
+                .append(StyleConstants.ATTACHMENT_BACKGROUND_COLOR)
+                .append(";\n");
+        html.append("  border: 1px solid ")
+                .append(StyleConstants.ATTACHMENT_BORDER_COLOR)
+                .append(";\n");
         html.append("  border-radius: 3px;\n");
         html.append("}\n\n");
         html.append(".attachment-section h3 {\n");
@@ -746,7 +760,6 @@ public class EmlToPdf {
         html.append("  margin-left: 8px;\n");
         html.append("}\n\n");
 
-
         // Basic image styling: ensure images are responsive but not overly constrained.
         html.append("img {\n");
         html.append("  max-width: 100%;\n"); // Make images responsive to container width
@@ -801,7 +814,9 @@ public class EmlToPdf {
             java.lang.reflect.Method getAllRecipients = messageClass.getMethod("getAllRecipients");
             Object[] recipients = (Object[]) getAllRecipients.invoke(message);
             content.setTo(
-                    recipients != null && recipients.length > 0 ? safeMimeDecode(recipients[0].toString()) : "");
+                    recipients != null && recipients.length > 0
+                            ? safeMimeDecode(recipients[0].toString())
+                            : "");
 
             java.lang.reflect.Method getSentDate = messageClass.getMethod("getSentDate");
             content.setDate((Date) getSentDate.invoke(message));
@@ -908,13 +923,14 @@ public class EmlToPdf {
                                 try {
                                     attachmentData = inputStream.readAllBytes();
                                 } catch (IOException e) {
-                                    log.warn("Failed to read InputStream attachment: {}", e.getMessage());
+                                    log.warn(
+                                            "Failed to read InputStream attachment: {}",
+                                            e.getMessage());
                                 }
                             } else if (attachmentContent instanceof byte[] byteArray) {
                                 attachmentData = byteArray;
                             } else if (attachmentContent instanceof String stringContent) {
-                                attachmentData =
+                                attachmentData = stringContent.getBytes(StandardCharsets.UTF_8);
-                                        stringContent.getBytes(StandardCharsets.UTF_8);
                             }
 
                             if (attachmentData != null) {
@@ -974,7 +990,9 @@ public class EmlToPdf {
         html.append("<div><strong>From:</strong> ")
                 .append(escapeHtml(content.getFrom()))
                 .append("</div>\n");
-        html.append("<div><strong>To:</strong> ").append(escapeHtml(content.getTo())).append("</div>\n");
+        html.append("<div><strong>To:</strong> ")
+                .append(escapeHtml(content.getTo()))
+                .append("</div>\n");
 
         if (content.getDate() != null) {
             html.append("<div><strong>Date:</strong> ")
@@ -1014,15 +1032,20 @@ public class EmlToPdf {
                                     ? attachment.getEmbeddedFilename()
                                     : attachment.getFilename());
 
-                    html.append("<div class=\"attachment-item\" id=\"").append(uniqueId).append("\">")
+                    html.append("<div class=\"attachment-item\" id=\"")
-                            .append("<span class=\"attachment-icon\">").append(MimeConstants.PAPERCLIP_EMOJI).append("</span> ")
+                            .append(uniqueId)
+                            .append("\">")
+                            .append("<span class=\"attachment-icon\">")
+                            .append(MimeConstants.PAPERCLIP_EMOJI)
+                            .append("</span> ")
                             .append("<span class=\"attachment-name\">")
                             .append(escapeHtml(safeMimeDecode(attachment.getFilename())))
                             .append("</span>");
 
                     String sizeStr = formatFileSize(attachment.getSizeBytes());
                     html.append(" <span class=\"attachment-details\">(").append(sizeStr);
-                    if (attachment.getContentType() != null && !attachment.getContentType().isEmpty()) {
+                    if (attachment.getContentType() != null
+                            && !attachment.getContentType().isEmpty()) {
                         html.append(", ").append(escapeHtml(attachment.getContentType()));
                     }
                     html.append(")</span></div>\n");
@@ -1031,8 +1054,7 @@ public class EmlToPdf {
 
             if (request.isIncludeAttachments()) {
                 html.append("<div class=\"attachment-info-note\">\n");
-                html.append(
+                html.append("<p><em>Attachments are embedded in the file.</em></p>\n");
-                        "<p><em>Attachments are embedded in the file.</em></p>\n");
                 html.append("</div>\n");
             } else {
                 html.append("<div class=\"attachment-info-note\">\n");
@@ -1050,7 +1072,10 @@ public class EmlToPdf {
         return html.toString();
     }
 
-    private static byte[] attachFilesToPdf(byte[] pdfBytes, List<EmailAttachment> attachments, stirling.software.common.service.CustomPDFDocumentFactory pdfDocumentFactory)
+    private static byte[] attachFilesToPdf(
+            byte[] pdfBytes,
+            List<EmailAttachment> attachments,
+            stirling.software.common.service.CustomPDFDocumentFactory pdfDocumentFactory)
             throws IOException {
         try (PDDocument document = pdfDocumentFactory.load(pdfBytes);
                 ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
@@ -1104,7 +1129,8 @@ public class EmlToPdf {
 
                     // Create embedded file
                     PDEmbeddedFile embeddedFile =
-                            new PDEmbeddedFile(document, new ByteArrayInputStream(attachment.getData()));
+                            new PDEmbeddedFile(
+                                    document, new ByteArrayInputStream(attachment.getData()));
                     embeddedFile.setSize(attachment.getData().length);
                     embeddedFile.setCreationDate(new GregorianCalendar());
                     if (attachment.getContentType() != null) {
@@ -1150,11 +1176,13 @@ public class EmlToPdf {
         }
     }
 
-    private static String getUniqueFilename(String filename, List<String> embeddedFiles, Map<String, PDComplexFileSpecification> efMap) {
+    private static String getUniqueFilename(
+            String filename,
+            List<String> embeddedFiles,
+            Map<String, PDComplexFileSpecification> efMap) {
         String uniqueFilename = filename;
         int counter = 1;
-        while (embeddedFiles.contains(uniqueFilename)
+        while (embeddedFiles.contains(uniqueFilename) || efMap.containsKey(uniqueFilename)) {
-                || efMap.containsKey(uniqueFilename)) {
             String extension = "";
             String baseName = filename;
             int lastDot = filename.lastIndexOf('.');
@@ -1230,7 +1258,8 @@ public class EmlToPdf {
         fileAnnotation.setNoView(false); // Must be false to remain clickable
         fileAnnotation.setPrinted(false);
 
-        PDEmbeddedFilesNameTreeNode efTree = document.getDocumentCatalog().getNames().getEmbeddedFiles();
+        PDEmbeddedFilesNameTreeNode efTree =
+                document.getDocumentCatalog().getNames().getEmbeddedFiles();
         if (efTree != null) {
             Map<String, PDComplexFileSpecification> efMap = efTree.getNames();
             if (efMap != null) {
@@ -1246,24 +1275,27 @@ public class EmlToPdf {
 
         page.getAnnotations().add(fileAnnotation);
 
-        log.info("Added attachment annotation for '{}' on page {}",
+        log.info(
-            attachment.getFilename(), document.getPages().indexOf(page) + 1);
+                "Added attachment annotation for '{}' on page {}",
+                attachment.getFilename(),
+                document.getPages().indexOf(page) + 1);
     }
 
     private static @NotNull PDRectangle getPdRectangle(PDPage page, float x, float y) {
         PDRectangle mediaBox = page.getMediaBox();
         float pdfY = mediaBox.getHeight() - y;
 
-        float iconWidth = StyleConstants.ATTACHMENT_ICON_WIDTH;  // Keep original size for clickability
+        float iconWidth =
-        float iconHeight = StyleConstants.ATTACHMENT_ICON_HEIGHT; // Keep original size for clickability
+                StyleConstants.ATTACHMENT_ICON_WIDTH; // Keep original size for clickability
+        float iconHeight =
+                StyleConstants.ATTACHMENT_ICON_HEIGHT; // Keep original size for clickability
 
         // Keep the full-size rectangle so it remains clickable
         return new PDRectangle(
                 x + StyleConstants.ANNOTATION_X_OFFSET,
                 pdfY - iconHeight + StyleConstants.ANNOTATION_Y_OFFSET,
                 iconWidth,
-            iconHeight
+                iconHeight);
-        );
     }
 
     private static String formatEmailDate(Date date) {
@@ -1293,23 +1325,27 @@ public class EmlToPdf {
                 COSDictionary catalogDict = catalog.getCOSObject();
 
                 // Set PageMode to UseAttachments - this is the standard PDF specification approach
-                // PageMode values: UseNone, UseOutlines, UseThumbs, FullScreen, UseOC, UseAttachments
+                // PageMode values: UseNone, UseOutlines, UseThumbs, FullScreen, UseOC,
+                // UseAttachments
                 catalogDict.setName(COSName.PAGE_MODE, "UseAttachments");
 
                 // Also set viewer preferences for better attachment viewing experience
-                COSDictionary viewerPrefs = (COSDictionary) catalogDict.getDictionaryObject(COSName.VIEWER_PREFERENCES);
+                COSDictionary viewerPrefs =
+                        (COSDictionary) catalogDict.getDictionaryObject(COSName.VIEWER_PREFERENCES);
                 if (viewerPrefs == null) {
                     viewerPrefs = new COSDictionary();
                     catalogDict.setItem(COSName.VIEWER_PREFERENCES, viewerPrefs);
                 }
 
-                // Set NonFullScreenPageMode to UseAttachments as fallback for viewers that support it
+                // Set NonFullScreenPageMode to UseAttachments as fallback for viewers that support
+                // it
                 viewerPrefs.setName(COSName.getPDFName("NonFullScreenPageMode"), "UseAttachments");
 
                 // Additional viewer preferences that may help with attachment display
                 viewerPrefs.setBoolean(COSName.getPDFName("DisplayDocTitle"), true);
 
-                log.info("Set PDF PageMode to UseAttachments to automatically show attachments pane");
+                log.info(
+                        "Set PDF PageMode to UseAttachments to automatically show attachments pane");
             }
         } catch (Exception e) {
             // Log warning but don't fail the entire operation for viewer preferences
@@ -1464,8 +1500,7 @@ public class EmlToPdf {
         private float y;
         private String character;
 
-        public EmojiPosition() {
+        public EmojiPosition() {}
-        }
 
         public EmojiPosition(int pageIndex, float x, float y, String character) {
             this.pageIndex = pageIndex;
@@ -1476,8 +1511,7 @@ public class EmlToPdf {
     }
 
     public static class EmojiPositionFinder extends org.apache.pdfbox.text.PDFTextStripper {
-        @Getter
+        @Getter private final List<EmojiPosition> positions = new ArrayList<>();
-        private final List<EmojiPosition> positions = new ArrayList<>();
         private int currentPageIndex;
         private boolean sortByPosition;
         private boolean isInAttachmentSection;
@@ -1503,7 +1537,9 @@ public class EmlToPdf {
         }
 
         @Override
-        protected void writeString(String string, List<org.apache.pdfbox.text.TextPosition> textPositions) throws IOException {
+        protected void writeString(
+                String string, List<org.apache.pdfbox.text.TextPosition> textPositions)
+                throws IOException {
             // Check if we are entering or exiting the attachment section
             String lowerString = string.toLowerCase();
 
@@ -1513,10 +1549,14 @@ public class EmlToPdf {
                 attachmentSectionFound = true;
             }
 
-            // Look for attachment section end markers (common patterns that indicate end of attachments)
+            // Look for attachment section end markers (common patterns that indicate end of
-            if (isInAttachmentSection && (lowerString.contains("</body>") ||
+            // attachments)
-                                         lowerString.contains("</html>") ||
+            if (isInAttachmentSection
-                                         (attachmentSectionFound && lowerString.trim().isEmpty() && string.length() > 50))) {
+                    && (lowerString.contains("</body>")
+                            || lowerString.contains("</html>")
+                            || (attachmentSectionFound
+                                    && lowerString.trim().isEmpty()
+                                    && string.length() > 50))) {
                 isInAttachmentSection = false;
             }
 
@@ -1527,17 +1567,17 @@ public class EmlToPdf {
 
                 for (int i = 0; i < string.length(); i++) {
                     // Check if we have a complete paperclip emoji at this position
-                    if (i < string.length() - 1 &&
+                    if (i < string.length() - 1
-                        string.substring(i, i + 2).equals(paperclipEmoji) &&
+                            && string.substring(i, i + 2).equals(paperclipEmoji)
-                        i < textPositions.size()) {
+                            && i < textPositions.size()) {
 
                         org.apache.pdfbox.text.TextPosition textPosition = textPositions.get(i);
-                        EmojiPosition position = new EmojiPosition(
+                        EmojiPosition position =
+                                new EmojiPosition(
                                         currentPageIndex,
                                         textPosition.getXDirAdj(),
                                         textPosition.getYDirAdj(),
-                            paperclipEmoji
+                                        paperclipEmoji);
-                        );
                         positions.add(position);
                     }
                 }
@@ -1554,7 +1594,6 @@ public class EmlToPdf {
             return sortByPosition;
         }
 
-
         public void reset() {
             positions.clear();
             currentPageIndex = 0;

common/src/main/java/stirling/software/common/util/ErrorUtils.java

@@ -2,7 +2,6 @@ package stirling.software.common.util;
 
 import java.io.PrintWriter;
 import java.io.StringWriter;
-
 import org.springframework.ui.Model;
 import org.springframework.web.servlet.ModelAndView;
 

common/src/main/java/stirling/software/common/util/FileMonitor.java

@@ -11,13 +11,10 @@ import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.function.Predicate;
 import java.util.stream.Stream;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.RuntimePathConfig;
 
 @Component

common/src/main/java/stirling/software/common/util/FileToPdf.java

@@ -1,5 +1,6 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.ZipSecurity;
 import java.io.*;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.FileVisitResult;
@@ -13,9 +14,6 @@ import java.util.stream.Stream;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 import java.util.zip.ZipOutputStream;
-
-import io.github.pixee.security.ZipSecurity;
-
 import stirling.software.common.model.api.converters.HTMLToPdfRequest;
 import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 

common/src/main/java/stirling/software/common/util/GeneralUtils.java

@@ -1,5 +1,8 @@
 package stirling.software.common.util;
 
+import com.fathzer.soft.javaluator.DoubleEvaluator;
+import io.github.pixee.security.HostValidator;
+import io.github.pixee.security.Urls;
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
@@ -14,19 +17,11 @@ import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.List;
 import java.util.UUID;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
 import org.springframework.core.io.support.ResourcePatternUtils;
 import org.springframework.web.multipart.MultipartFile;
-
-import com.fathzer.soft.javaluator.DoubleEvaluator;
-
-import io.github.pixee.security.HostValidator;
-import io.github.pixee.security.Urls;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.InstallationPathConfig;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/ImageProcessingUtils.java

@@ -1,22 +1,18 @@
 package stirling.software.common.util;
 
-import java.awt.geom.AffineTransform;
-import java.awt.image.*;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.ByteBuffer;
-
-import javax.imageio.ImageIO;
-
-import org.springframework.web.multipart.MultipartFile;
-
 import com.drew.imaging.ImageMetadataReader;
 import com.drew.imaging.ImageProcessingException;
 import com.drew.metadata.Metadata;
 import com.drew.metadata.MetadataException;
 import com.drew.metadata.exif.ExifSubIFDDirectory;
-
+import java.awt.geom.AffineTransform;
+import java.awt.image.*;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.ByteBuffer;
+import javax.imageio.ImageIO;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.multipart.MultipartFile;
 
 @Slf4j
 public class ImageProcessingUtils {

common/src/main/java/stirling/software/common/util/PDFToFile.java

@@ -1,5 +1,8 @@
 package stirling.software.common.util;
 
+import com.vladsch.flexmark.html2md.converter.FlexmarkHtmlConverter;
+import com.vladsch.flexmark.util.data.MutableDataSet;
+import io.github.pixee.security.Filenames;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
@@ -12,22 +15,14 @@ import java.util.List;
 import java.util.Objects;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
-
+import lombok.NoArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.multipart.MultipartFile;
-
-import com.vladsch.flexmark.html2md.converter.FlexmarkHtmlConverter;
-import com.vladsch.flexmark.util.data.MutableDataSet;
-
-import io.github.pixee.security.Filenames;
-
-import lombok.NoArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.util.ProcessExecutor.ProcessExecutorResult;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/PdfUtils.java

@@ -1,5 +1,6 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.Filenames;
 import java.awt.*;
 import java.awt.image.BufferedImage;
 import java.awt.image.RenderedImage;
@@ -10,10 +11,9 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
-
 import javax.imageio.*;
 import javax.imageio.stream.ImageOutputStream;
-
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.cos.COSName;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
@@ -30,11 +30,6 @@ import org.apache.pdfbox.rendering.ImageType;
 import org.apache.pdfbox.rendering.PDFRenderer;
 import org.apache.pdfbox.text.PDFTextStripper;
 import org.springframework.web.multipart.MultipartFile;
-
-import io.github.pixee.security.Filenames;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.service.CustomPDFDocumentFactory;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/ProcessExecutor.java

@@ -1,5 +1,6 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.BoundedLineReader;
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.IOException;
@@ -12,11 +13,7 @@ import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
-
-import io.github.pixee.security.BoundedLineReader;
-
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/UrlUtils.java

@@ -1,10 +1,9 @@
 package stirling.software.common.util;
 
+import jakarta.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.net.ServerSocket;
 
-import jakarta.servlet.http.HttpServletRequest;
-
 public class UrlUtils {
 
     public static String getOrigin(HttpServletRequest request) {

common/src/main/java/stirling/software/common/util/WebResponseUtils.java

@@ -1,10 +1,10 @@
 package stirling.software.common.util;
 
+import io.github.pixee.security.Filenames;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
-
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
@@ -12,8 +12,6 @@ import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.multipart.MultipartFile;
 
-import io.github.pixee.security.Filenames;
-
 public class WebResponseUtils {
 
     public static ResponseEntity<byte[]> boasToWebResponse(

common/src/main/java/stirling/software/common/util/YamlHelper.java

@@ -13,7 +13,7 @@ import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import java.util.function.Function;
-
+import lombok.extern.slf4j.Slf4j;
 import org.snakeyaml.engine.v2.api.Dump;
 import org.snakeyaml.engine.v2.api.DumpSettings;
 import org.snakeyaml.engine.v2.api.LoadSettings;
@@ -30,8 +30,6 @@ import org.snakeyaml.engine.v2.nodes.Tag;
 import org.snakeyaml.engine.v2.parser.ParserImpl;
 import org.snakeyaml.engine.v2.scanner.StreamReader;
 
-import lombok.extern.slf4j.Slf4j;
-
 @Slf4j
 public class YamlHelper {
 

common/src/main/java/stirling/software/common/util/misc/CustomColorReplaceStrategy.java

@@ -8,7 +8,7 @@ import java.io.IOException;
 import java.nio.file.Files;
 import java.util.List;
 import java.util.Set;
-
+import lombok.extern.slf4j.Slf4j;
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
@@ -21,9 +21,6 @@ import org.apache.pdfbox.pdmodel.font.Standard14Fonts;
 import org.apache.pdfbox.text.TextPosition;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.web.multipart.MultipartFile;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.misc.HighContrastColorCombination;
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 

common/src/main/java/stirling/software/common/util/misc/InvertFullColorStrategy.java

@@ -7,9 +7,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
-
 import javax.imageio.ImageIO;
-
 import org.apache.pdfbox.Loader;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
@@ -18,7 +16,6 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;
 import org.apache.pdfbox.rendering.PDFRenderer;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.web.multipart.MultipartFile;
-
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 
 public class InvertFullColorStrategy extends ReplaceAndInvertColorStrategy {

common/src/main/java/stirling/software/common/util/misc/PdfTextStripperCustom.java

@@ -3,7 +3,6 @@ package stirling.software.common.util.misc;
 import java.awt.geom.Rectangle2D;
 import java.io.IOException;
 import java.util.List;
-
 import org.apache.pdfbox.pdmodel.PDPage;
 import org.apache.pdfbox.text.PDFTextStripperByArea;
 import org.apache.pdfbox.text.TextPosition;

common/src/main/java/stirling/software/common/util/misc/ReplaceAndInvertColorStrategy.java

@@ -1,13 +1,10 @@
 package stirling.software.common.util.misc;
 
 import java.io.IOException;
-
-import org.springframework.core.io.InputStreamResource;
-import org.springframework.web.multipart.MultipartFile;
-
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-
+import org.springframework.core.io.InputStreamResource;
+import org.springframework.web.multipart.MultipartFile;
 import stirling.software.common.model.api.PDFFile;
 import stirling.software.common.model.api.misc.ReplaceAndInvert;
 

common/src/main/java/stirling/software/common/util/propertyeditor/StringToArrayListPropertyEditor.java

@@ -1,15 +1,12 @@
 package stirling.software.common.util.propertyeditor;
 
-import java.beans.PropertyEditorSupport;
-import java.util.ArrayList;
-import java.util.List;
-
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
-
+import java.beans.PropertyEditorSupport;
+import java.util.ArrayList;
+import java.util.List;
 import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.api.security.RedactionArea;
 
 @Slf4j

common/src/main/java/stirling/software/common/util/propertyeditor/StringToMapPropertyEditor.java

@@ -1,11 +1,10 @@
 package stirling.software.common.util.propertyeditor;
 
-import java.beans.PropertyEditorSupport;
-import java.util.HashMap;
-import java.util.Map;
-
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import java.beans.PropertyEditorSupport;
+import java.util.HashMap;
+import java.util.Map;
 
 public class StringToMapPropertyEditor extends PropertyEditorSupport {
 

proprietary/build.gradle

@@ -4,6 +4,12 @@ repositories {
 bootRun {
     enabled = false
 }
+spotless {
+    java {
+        target sourceSets.main.allJava
+        googleJavaFormat(googleJavaFormatVersion).aosp()
+    }
+}
 dependencies {
     implementation project(':common')
 
@@ -17,18 +23,17 @@ dependencies {
     api 'org.springframework.boot:spring-boot-starter-data-jpa'
     api 'org.springframework.boot:spring-boot-starter-oauth2-client'
     api 'org.springframework.boot:spring-boot-starter-mail'
-    api 'io.swagger.core.v3:swagger-core-jakarta:2.2.30'
+    api 'io.swagger.core.v3:swagger-core-jakarta:2.2.33'
-    api 'org.springframework.boot:spring-boot-starter-validation'
     implementation 'com.bucket4j:bucket4j_jdk17-core:8.14.0'
 
     // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17
-    implementation 'org.bouncycastle:bcprov-jdk18on:1.80'
+    implementation 'org.bouncycastle:bcprov-jdk18on:1.81'
 
     implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE'
     api 'io.micrometer:micrometer-registry-prometheus'
     implementation 'com.unboundid.product.scim2:scim2-sdk-client:2.3.5'
     runtimeOnly 'com.h2database:h2:2.3.232' // Don't upgrade h2database
-    runtimeOnly 'org.postgresql:postgresql:42.7.5'
+    runtimeOnly 'org.postgresql:postgresql:42.7.7'
     constraints {
         implementation "org.opensaml:opensaml-core:$openSamlVersion"
         implementation "org.opensaml:opensaml-saml-api:$openSamlVersion"

proprietary/src/main/java/stirling/software/proprietary/audit/AuditAspect.java

@@ -8,13 +8,16 @@ import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 import stirling.software.proprietary.config.AuditConfigurationProperties;
 import stirling.software.proprietary.service.AuditService;
 
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.lang.reflect.Method;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.stream.IntStream;
 
 /**
  * Aspect for processing {@link Audited} annotations.
@@ -34,14 +37,24 @@ public class AuditAspect {
         Method method = signature.getMethod();
         Audited auditedAnnotation = method.getAnnotation(Audited.class);
         
-        // Skip if this audit level is not enabled
+        // Fast path: use unified check to determine if we should audit
-        if (!auditConfig.isLevelEnabled(auditedAnnotation.level())) {
+        // This avoids all data collection if auditing is disabled
+        if (!AuditUtils.shouldAudit(method, auditConfig)) {
             return joinPoint.proceed();
         }
         
-        Map<String, Object> auditData = new HashMap<>();
+        // Only create the map once we know we'll use it
-        auditData.put("className", joinPoint.getTarget().getClass().getName());
+        Map<String, Object> auditData = AuditUtils.createBaseAuditData(joinPoint, auditedAnnotation.level());
-        auditData.put("methodName", method.getName());
+        
+        // Add HTTP information if we're in a web context
+        ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        if (attrs != null) {
+            HttpServletRequest req = attrs.getRequest();
+            String path = req.getRequestURI();
+            String httpMethod = req.getMethod();
+            AuditUtils.addHttpData(auditData, httpMethod, path, auditedAnnotation.level());
+            AuditUtils.addFileData(auditData, joinPoint, auditedAnnotation.level());
+        }
         
         // Add arguments if requested and if at VERBOSE level, or if specifically requested
         boolean includeArgs = auditedAnnotation.includeArgs() && 
@@ -49,18 +62,11 @@ public class AuditAspect {
                               auditConfig.getAuditLevel() == AuditLevel.VERBOSE);
                               
         if (includeArgs) {
-            Object[] args = joinPoint.getArgs();
+            AuditUtils.addMethodArguments(auditData, joinPoint, AuditLevel.VERBOSE);
-            String[] parameterNames = signature.getParameterNames();
-            
-            if (args != null && parameterNames != null) {
-                IntStream.range(0, args.length)
-                        .forEach(i -> {
-                            String paramName = i < parameterNames.length ? parameterNames[i] : "arg" + i;
-                            auditData.put("arg_" + paramName, args[i]);
-                        });
-            }
         }
         
+        // Record start time for latency calculation
+        long startTime = System.currentTimeMillis();
         Object result;
         try {
             // Execute the method
@@ -75,7 +81,8 @@ public class AuditAspect {
                                    auditConfig.getAuditLevel() == AuditLevel.VERBOSE);
                                    
             if (includeResult && result != null) {
-                auditData.put("result", result.toString());
+                // Use safe string conversion with size limiting
+                auditData.put("result", AuditUtils.safeToString(result, 1000));
             }
             
             return result;
@@ -88,17 +95,36 @@ public class AuditAspect {
             // Re-throw the exception
             throw ex;
         } finally {
-            // Create the audit entry with the specified level
+            // Add timing information - use isHttpRequest=false to ensure we get timing for non-HTTP methods
-            // Determine which type of event identifier to use (enum or string)
+            HttpServletResponse resp = attrs != null ? attrs.getResponse() : null;
-            AuditEventType eventType = auditedAnnotation.type();
+            boolean isHttpRequest = attrs != null;
-            String typeString = auditedAnnotation.typeString();
+            AuditUtils.addTimingData(auditData, startTime, resp, auditedAnnotation.level(), isHttpRequest);
             
-            if (eventType != AuditEventType.HTTP_REQUEST || !StringUtils.isNotEmpty(typeString)) {
+            // Resolve the event type based on annotation and context
-                // Use the enum type (preferred)
+            String httpMethod = null;
-                auditService.audit(eventType, auditData, auditedAnnotation.level());
+            String path = null;
-            } else {
+            if (attrs != null) {
+                HttpServletRequest req = attrs.getRequest();
+                httpMethod = req.getMethod();
+                path = req.getRequestURI();
+            }
+            
+            AuditEventType eventType = AuditUtils.resolveEventType(
+                method,
+                joinPoint.getTarget().getClass(),
+                path,
+                httpMethod,
+                auditedAnnotation
+            );
+            
+            // Check if we should use string type instead
+            String typeString = auditedAnnotation.typeString();
+            if (eventType == AuditEventType.HTTP_REQUEST && StringUtils.isNotEmpty(typeString)) {
                 // Use the string type (for backward compatibility)
                 auditService.audit(typeString, auditData, auditedAnnotation.level());
+            } else {
+                // Use the enum type (preferred)
+                auditService.audit(eventType, auditData, auditedAnnotation.level());
             }
         }
     }

proprietary/src/main/java/stirling/software/proprietary/audit/AuditLevel.java

@@ -65,12 +65,16 @@ public enum AuditLevel {
      * @return The corresponding AuditLevel
      */
     public static AuditLevel fromInt(int level) {
+        // Ensure level is within valid bounds
+        int boundedLevel = Math.min(Math.max(level, 0), 3);
+        
         for (AuditLevel auditLevel : values()) {
-            if (auditLevel.level == level) {
+            if (auditLevel.level == boundedLevel) {
                 return auditLevel;
             }
         }
-        // Default to STANDARD if invalid level
+        
+        // Default to STANDARD if somehow we didn't match
         return STANDARD;
     }
 }

proprietary/src/main/java/stirling/software/proprietary/audit/AuditUtils.java

@@ -0,0 +1,375 @@
+package stirling.software.proprietary.audit;
+
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.slf4j.MDC;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.multipart.MultipartFile;
+import stirling.software.common.util.RequestUriUtils;
+import stirling.software.proprietary.config.AuditConfigurationProperties;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.lang.reflect.Method;
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * Shared utilities for audit aspects to ensure consistent behavior
+ * across different audit mechanisms.
+ */
+@Slf4j
+public class AuditUtils {
+
+    /**
+     * Create a standard audit data map with common attributes based on the current audit level
+     *
+     * @param joinPoint The AspectJ join point
+     * @param auditLevel The current audit level
+     * @return A map with standard audit data
+     */
+    public static Map<String, Object> createBaseAuditData(ProceedingJoinPoint joinPoint, AuditLevel auditLevel) {
+        Map<String, Object> data = new HashMap<>();
+        
+        // Common data for all levels
+        data.put("timestamp", Instant.now().toString());
+        
+        // Add principal if available
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        if (auth != null && auth.getName() != null) {
+            data.put("principal", auth.getName());
+        } else {
+            data.put("principal", "system");
+        }
+        
+        // Add class name and method name only at VERBOSE level
+        if (auditLevel.includes(AuditLevel.VERBOSE)) {
+            data.put("className", joinPoint.getTarget().getClass().getName());
+            data.put("methodName", ((MethodSignature) joinPoint.getSignature()).getMethod().getName());
+        }
+        
+        return data;
+    }
+    
+    /**
+     * Add HTTP-specific information to the audit data if available
+     *
+     * @param data The existing audit data map
+     * @param httpMethod The HTTP method (GET, POST, etc.)
+     * @param path The request path
+     * @param auditLevel The current audit level
+     */
+    public static void addHttpData(Map<String, Object> data, String httpMethod, String path, AuditLevel auditLevel) {
+        if (httpMethod == null || path == null) {
+            return; // Skip if we don't have basic HTTP info
+        }
+        
+        // BASIC level HTTP data
+        data.put("httpMethod", httpMethod);
+        data.put("path", path);
+        
+        // Get request attributes safely
+        ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        if (attrs == null) {
+            return; // No request context available
+        }
+        
+        HttpServletRequest req = attrs.getRequest();
+        if (req == null) {
+            return; // No request available
+        }
+        
+        // STANDARD level HTTP data
+        if (auditLevel.includes(AuditLevel.STANDARD)) {
+            data.put("clientIp", req.getRemoteAddr());
+            data.put("sessionId", req.getSession(false) != null ? req.getSession(false).getId() : null);
+            data.put("requestId", MDC.get("requestId"));
+            
+            // Form data for POST/PUT/PATCH
+            if (("POST".equalsIgnoreCase(httpMethod) || 
+                 "PUT".equalsIgnoreCase(httpMethod) || 
+                 "PATCH".equalsIgnoreCase(httpMethod)) && req.getContentType() != null) {
+                
+                String contentType = req.getContentType();
+                if (contentType.contains("application/x-www-form-urlencoded") ||
+                    contentType.contains("multipart/form-data")) {
+                    
+                    Map<String, String[]> params = new HashMap<>(req.getParameterMap());
+                    // Remove CSRF token from logged parameters
+                    params.remove("_csrf");
+                    
+                    if (!params.isEmpty()) {
+                        data.put("formParams", params);
+                    }
+                }
+            }
+        }
+    }
+    
+    /**
+     * Add file information to the audit data if available
+     *
+     * @param data The existing audit data map
+     * @param joinPoint The AspectJ join point
+     * @param auditLevel The current audit level
+     */
+    public static void addFileData(Map<String, Object> data, ProceedingJoinPoint joinPoint, AuditLevel auditLevel) {
+        if (auditLevel.includes(AuditLevel.STANDARD)) {
+            List<MultipartFile> files = Arrays.stream(joinPoint.getArgs())
+                    .filter(a -> a instanceof MultipartFile)
+                    .map(a -> (MultipartFile)a)
+                    .collect(Collectors.toList());
+
+            if (!files.isEmpty()) {
+                List<Map<String,Object>> fileInfos = files.stream().map(f -> {
+                    Map<String,Object> m = new HashMap<>();
+                    m.put("name", f.getOriginalFilename());
+                    m.put("size", f.getSize());
+                    m.put("type", f.getContentType());
+                    return m;
+                }).collect(Collectors.toList());
+
+                data.put("files", fileInfos);
+            }
+        }
+    }
+    
+    /**
+     * Add method arguments to the audit data
+     *
+     * @param data The existing audit data map
+     * @param joinPoint The AspectJ join point
+     * @param auditLevel The current audit level
+     */
+    public static void addMethodArguments(Map<String, Object> data, ProceedingJoinPoint joinPoint, AuditLevel auditLevel) {
+        if (auditLevel.includes(AuditLevel.VERBOSE)) {
+            MethodSignature sig = (MethodSignature) joinPoint.getSignature();
+            String[] names = sig.getParameterNames();
+            Object[] vals = joinPoint.getArgs();
+            if (names != null && vals != null) {
+                IntStream.range(0, names.length)
+                        .forEach(i -> {
+                            if (vals[i] != null) {
+                                // Convert objects to safe string representation
+                                data.put("arg_" + names[i], safeToString(vals[i], 500));
+                            } else {
+                                data.put("arg_" + names[i], null);
+                            }
+                        });
+            }
+        }
+    }
+    
+    /**
+     * Safely convert an object to string with size limiting
+     * 
+     * @param obj The object to convert
+     * @param maxLength Maximum length of the resulting string
+     * @return A safe string representation, truncated if needed
+     */
+    public static String safeToString(Object obj, int maxLength) {
+        if (obj == null) {
+            return "null";
+        }
+        
+        String result;
+        try {
+            // Handle common types directly to avoid toString() overhead
+            if (obj instanceof String) {
+                result = (String) obj;
+            } else if (obj instanceof Number || obj instanceof Boolean) {
+                result = obj.toString();
+            } else if (obj instanceof byte[]) {
+                result = "[binary data length=" + ((byte[]) obj).length + "]";
+            } else {
+                // For complex objects, use toString but handle exceptions
+                result = obj.toString();
+            }
+            
+            // Truncate if necessary
+            if (result != null && result.length() > maxLength) {
+                return StringUtils.truncate(result, maxLength - 3) + "...";
+            }
+            
+            return result;
+        } catch (Exception e) {
+            // If toString() fails, return the class name
+            return "[" + obj.getClass().getName() + " - toString() failed]";
+        }
+    }
+    
+    /**
+     * Determine if a method should be audited based on config and annotation
+     *
+     * @param method The method to check
+     * @param auditConfig The audit configuration
+     * @return true if the method should be audited
+     */
+    public static boolean shouldAudit(Method method, AuditConfigurationProperties auditConfig) {
+        // First check if audit is globally enabled - fast path
+        if (!auditConfig.isEnabled()) {
+            return false;
+        }
+        
+        // Check for annotation override
+        Audited auditedAnnotation = method.getAnnotation(Audited.class);
+        AuditLevel requiredLevel = (auditedAnnotation != null) 
+            ? auditedAnnotation.level() 
+            : AuditLevel.BASIC;
+            
+        // Check if the required level is enabled
+        return auditConfig.getAuditLevel().includes(requiredLevel);
+    }
+    
+    /**
+     * Add timing and response status data to the audit record
+     *
+     * @param data The audit data to add to
+     * @param startTime The start time in milliseconds
+     * @param response The HTTP response (may be null for non-HTTP methods)
+     * @param level The current audit level
+     * @param isHttpRequest Whether this is an HTTP request (controller) or a regular method call
+     */
+    public static void addTimingData(Map<String, Object> data, long startTime, HttpServletResponse response, AuditLevel level, boolean isHttpRequest) {
+        if (level.includes(AuditLevel.STANDARD)) {
+            // For HTTP requests, let ControllerAuditAspect handle timing separately
+            // For non-HTTP methods, add execution time here
+            if (!isHttpRequest) {
+                data.put("latencyMs", System.currentTimeMillis() - startTime);
+            }
+            
+            // Add HTTP status code if available
+            if (response != null) {
+                try {
+                    data.put("statusCode", response.getStatus());
+                } catch (Exception e) {
+                    // Ignore - response might be in an inconsistent state
+                }
+            }
+        }
+    }
+    
+    /**
+     * Resolve the event type to use for auditing, considering annotations and context
+     *
+     * @param method The method being audited
+     * @param controller The controller class
+     * @param path The request path (may be null for non-HTTP methods)
+     * @param httpMethod The HTTP method (may be null for non-HTTP methods)
+     * @param annotation The @Audited annotation (may be null)
+     * @return The resolved event type (never null)
+     */
+    public static AuditEventType resolveEventType(Method method, Class<?> controller, String path, String httpMethod, Audited annotation) {
+        // First check if we have an explicit annotation
+        if (annotation != null && annotation.type() != AuditEventType.HTTP_REQUEST) {
+            return annotation.type();
+        }
+        
+        // For HTTP methods, infer based on controller and path
+        if (httpMethod != null && path != null) {
+            String cls = controller.getSimpleName().toLowerCase();
+            String pkg = controller.getPackage().getName().toLowerCase();
+            
+            if ("GET".equals(httpMethod)) return AuditEventType.HTTP_REQUEST;
+            
+            if (cls.contains("user") || cls.contains("auth") || pkg.contains("auth")
+                    || path.startsWith("/user") || path.startsWith("/login")) {
+                return AuditEventType.USER_PROFILE_UPDATE;
+            } else if (cls.contains("admin") || path.startsWith("/admin") || path.startsWith("/settings")) {
+                return AuditEventType.SETTINGS_CHANGED;
+            } else if (cls.contains("file") || path.startsWith("/file")
+                    || path.matches("(?i).*/(upload|download)/.*")) {
+                return AuditEventType.FILE_OPERATION;
+            }
+        }
+        
+        // Default for non-HTTP methods or when no specific match
+        return AuditEventType.PDF_PROCESS;
+    }
+    
+    /**
+     * Determine the appropriate audit level to use
+     *
+     * @param method The method to check
+     * @param defaultLevel The default level to use if no annotation present
+     * @param auditConfig The audit configuration
+     * @return The audit level to use
+     */
+    public static AuditLevel getEffectiveAuditLevel(Method method, AuditLevel defaultLevel, AuditConfigurationProperties auditConfig) {
+        Audited auditedAnnotation = method.getAnnotation(Audited.class);
+        if (auditedAnnotation != null) {
+            // Method has @Audited - use its level
+            return auditedAnnotation.level();
+        }
+        
+        // Use default level (typically from global config)
+        return defaultLevel;
+    }
+    
+    /**
+     * Determine the appropriate audit event type to use
+     *
+     * @param method The method being audited
+     * @param controller The controller class
+     * @param path The request path
+     * @param httpMethod The HTTP method
+     * @return The determined audit event type
+     */
+    public static AuditEventType determineAuditEventType(Method method, Class<?> controller, String path, String httpMethod) {
+        // First check for explicit annotation
+        Audited auditedAnnotation = method.getAnnotation(Audited.class);
+        if (auditedAnnotation != null) {
+            return auditedAnnotation.type();
+        }
+        
+        // Otherwise infer from controller and path
+        String cls = controller.getSimpleName().toLowerCase();
+        String pkg = controller.getPackage().getName().toLowerCase();
+        
+        if ("GET".equals(httpMethod)) return AuditEventType.HTTP_REQUEST;
+        
+        if (cls.contains("user") || cls.contains("auth") || pkg.contains("auth")
+                || path.startsWith("/user") || path.startsWith("/login")) {
+            return AuditEventType.USER_PROFILE_UPDATE;
+        } else if (cls.contains("admin") || path.startsWith("/admin") || path.startsWith("/settings")) {
+            return AuditEventType.SETTINGS_CHANGED;
+        } else if (cls.contains("file") || path.startsWith("/file")
+                || path.matches("(?i).*/(upload|download)/.*")) {
+            return AuditEventType.FILE_OPERATION;
+        } else {
+            return AuditEventType.PDF_PROCESS;
+        }
+    }
+    
+    /**
+     * Get the current HTTP request if available
+     *
+     * @return The current request or null if not in a request context
+     */
+    public static HttpServletRequest getCurrentRequest() {
+        ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        return attrs != null ? attrs.getRequest() : null;
+    }
+    
+    /**
+     * Check if a GET request is for a static resource
+     *
+     * @param request The HTTP request
+     * @return true if this is a static resource request
+     */
+    public static boolean isStaticResourceRequest(HttpServletRequest request) {
+        return request != null && !RequestUriUtils.isTrackableResource(
+                request.getContextPath(), request.getRequestURI());
+    }
+}

proprietary/src/main/java/stirling/software/proprietary/audit/ControllerAuditAspect.java

@@ -2,12 +2,11 @@ package stirling.software.proprietary.audit;
 
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.reflect.MethodSignature;
-import org.slf4j.MDC;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -17,23 +16,16 @@ import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
-import org.springframework.web.multipart.MultipartFile;
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import stirling.software.common.util.RequestUriUtils;
 import stirling.software.proprietary.config.AuditConfigurationProperties;
 import stirling.software.proprietary.service.AuditService;
 
 import java.lang.annotation.Annotation;
 import java.lang.reflect.Method;
-import java.time.Instant;
-import java.util.Arrays;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
-import java.util.stream.Collectors;
-import java.util.stream.IntStream;
 
 /**
  * Aspect for automatically auditing controller methods with web mappings
@@ -51,10 +43,7 @@ public class ControllerAuditAspect {
     
     @Around("execution(* org.springframework.web.servlet.resource.ResourceHttpRequestHandler.handleRequest(..))")
     public Object auditStaticResource(ProceedingJoinPoint jp) throws Throwable {
-    	log.info("HELLOOOOOOOOOOOOOOOO");
         return auditController(jp, "GET");
-    	
-    	
     }
     /**
      * Intercept all methods with GetMapping annotation
@@ -99,23 +88,29 @@ public class ControllerAuditAspect {
     private Object auditController(ProceedingJoinPoint joinPoint, String httpMethod) throws Throwable {
         MethodSignature sig = (MethodSignature) joinPoint.getSignature();
         Method method = sig.getMethod();
-        AuditLevel level = auditConfig.getAuditLevel();
+        
-        // OFF below BASIC?
+        // Fast path: check if auditing is enabled before doing any work
-        if (!auditConfig.isLevelEnabled(AuditLevel.BASIC)) {
+        // This avoids all data collection if auditing is disabled
+        if (!AuditUtils.shouldAudit(method, auditConfig)) {
             return joinPoint.proceed();
         }
         
-//        // Opt-out
+        // Check if method is explicitly annotated with @Audited
-//        if (method.isAnnotationPresent(Audited.class)) {
+        Audited auditedAnnotation = method.getAnnotation(Audited.class);
-//            return joinPoint.proceed();
+        AuditLevel level = auditConfig.getAuditLevel();
-//        }
+        
+        // If @Audited annotation is present, respect its level setting
+        if (auditedAnnotation != null) {
+            // Use the level from annotation if it's stricter than global level
+            level = auditedAnnotation.level();
+        }
 
         String path = getRequestPath(method, httpMethod);
 
         // Skip static GET resources
         if ("GET".equals(httpMethod)) {
-            HttpServletRequest maybe = getCurrentRequest();
+            HttpServletRequest maybe = AuditUtils.getCurrentRequest();
-            if (maybe != null && !RequestUriUtils.isTrackableResource(maybe.getContextPath(), maybe.getRequestURI())) {
+            if (maybe != null && AuditUtils.isStaticResourceRequest(maybe)) {
                 return joinPoint.proceed();
             }
         }
@@ -125,64 +120,19 @@ public class ControllerAuditAspect {
         HttpServletResponse resp = attrs != null ? attrs.getResponse() : null;
 
         long start = System.currentTimeMillis();
-        Map<String, Object> data = new HashMap<>();
         
-        // BASIC
+        // Use AuditUtils to create the base audit data
-        if (level.includes(AuditLevel.BASIC)) {
+        Map<String, Object> data = AuditUtils.createBaseAuditData(joinPoint, level);
-            data.put("timestamp", Instant.now().toString());
-            data.put("principal", SecurityContextHolder.getContext().getAuthentication().getName());
-            data.put("path", path);
-            data.put("httpMethod", httpMethod);
-        }
         
-        // STANDARD
+        // Add HTTP-specific information
-        if (level.includes(AuditLevel.STANDARD) && req != null) {
+        AuditUtils.addHttpData(data, httpMethod, path, level);
-            data.put("clientIp", req.getRemoteAddr());
-            data.put("sessionId", req.getSession(false) != null ? req.getSession(false).getId() : null);
-            data.put("requestId", MDC.get("requestId"));
         
-            if ("POST".equalsIgnoreCase(httpMethod)
+        // Add file information if present
-            		         || "PUT".equalsIgnoreCase(httpMethod)
+        AuditUtils.addFileData(data, joinPoint, level);
-            		         || "PATCH".equalsIgnoreCase(httpMethod)) {
-            		            String ct = req.getContentType();
-            		            if (ct != null && (
-            		                 ct.contains("application/x-www-form-urlencoded") ||
-            		                 ct.contains("multipart/form-data")
-            		            )) {
-            		                Map<String,String[]> params = req.getParameterMap();
-            		                if (!params.isEmpty()) {
-            		                    data.put("formParams", params);
-            		                }
-            		            }
         
-            		            List<MultipartFile> files = Arrays.stream(joinPoint.getArgs())
+        // Add method arguments if at VERBOSE level
-            		                    .filter(a -> a instanceof MultipartFile)
-            		                    .map(a -> (MultipartFile)a)
-            		                    .collect(Collectors.toList());
-
-            		                if (!files.isEmpty()) {
-            		                    List<Map<String,Object>> fileInfos = files.stream().map(f -> {
-            		                        Map<String,Object> m = new HashMap<>();
-            		                        m.put("name",     f.getOriginalFilename());
-            		                        m.put("size",     f.getSize());
-            		                        m.put("type",     f.getContentType());
-            		                        return m;
-            		                    }).collect(Collectors.toList());
-
-            		                    data.put("files", fileInfos);
-            		                }
-            		                
-            		        }
-            
-        }
-
-        // VERBOSE args
         if (level.includes(AuditLevel.VERBOSE)) {
-            String[] names = sig.getParameterNames();
+            AuditUtils.addMethodArguments(data, joinPoint, level);
-            Object[] vals = joinPoint.getArgs();
-            if (names != null && vals != null) {
-                IntStream.range(0, names.length).forEach(i -> data.put("arg_" + names[i], vals[i]));
-            }
         }
 
         Object result = null;
@@ -195,37 +145,46 @@ public class ControllerAuditAspect {
             data.put("errorMessage", ex.getMessage());
             throw ex;
         } finally {
-            // finalize STANDARD
+            // Handle timing directly for HTTP requests
             if (level.includes(AuditLevel.STANDARD)) {
                 data.put("latencyMs", System.currentTimeMillis() - start);
                 if (resp != null) data.put("statusCode", resp.getStatus());
             }
-            // finalize VERBOSE result
+            
+            // Call AuditUtils but with isHttpRequest=true to skip additional timing
+            AuditUtils.addTimingData(data, start, resp, level, true);
+            
+            // Add result for VERBOSE level
             if (level.includes(AuditLevel.VERBOSE) && result != null) {
-                data.put("result", result.toString());
+                // Use safe string conversion with size limiting
+                data.put("result", AuditUtils.safeToString(result, 1000));
             }
-            AuditEventType type = determineAuditEventType(joinPoint.getTarget().getClass(), path, httpMethod);
+            
-            auditService.audit(type, data, level);
+            // Resolve the event type using the unified method
+            AuditEventType eventType = AuditUtils.resolveEventType(
+                method,
+                joinPoint.getTarget().getClass(),
+                path,
+                httpMethod,
+                auditedAnnotation
+            );
+            
+            // Check if we should use string type instead (for backward compatibility)
+            if (auditedAnnotation != null) {
+                String typeString = auditedAnnotation.typeString();
+                if (eventType == AuditEventType.HTTP_REQUEST && StringUtils.isNotEmpty(typeString)) {
+                    auditService.audit(typeString, data, level);
+                    return result;
+                }
+            }
+            
+            // Use the enum type
+            auditService.audit(eventType, data, level);
         }
         return result;
     }
 
-    private AuditEventType determineAuditEventType(Class<?> controller, String path, String httpMethod) {
+    // Using AuditUtils.determineAuditEventType instead
-        String cls = controller.getSimpleName().toLowerCase();
-        String pkg = controller.getPackage().getName().toLowerCase();
-        if ("GET".equals(httpMethod)) return AuditEventType.HTTP_REQUEST;
-        if (cls.contains("user") || cls.contains("auth") || pkg.contains("auth")
-                || path.startsWith("/user") || path.startsWith("/login")) {
-            return AuditEventType.USER_PROFILE_UPDATE;
-        } else if (cls.contains("admin") || path.startsWith("/admin") || path.startsWith("/settings")) {
-            return AuditEventType.SETTINGS_CHANGED;
-        } else if (cls.contains("file") || path.startsWith("/file")
-                || path.matches("(?i).*/(upload|download)/.*")) {
-            return AuditEventType.FILE_OPERATION;
-        } else {
-            return AuditEventType.PDF_PROCESS;
-        }
-    }
 
     private String getRequestPath(Method method, String httpMethod) {
         String base = "";
@@ -248,8 +207,5 @@ public class ControllerAuditAspect {
         return base + mp;
     }
 
-    private HttpServletRequest getCurrentRequest() {
+    // Using AuditUtils.getCurrentRequest instead
-        ServletRequestAttributes a = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
-        return a != null ? a.getRequest() : null;
-    }
 }

proprietary/src/main/java/stirling/software/proprietary/config/AuditConfigurationProperties.java

@@ -3,8 +3,6 @@ package stirling.software.proprietary.config;
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
@@ -24,19 +22,21 @@ public class AuditConfigurationProperties {
     private final boolean enabled;
     private final int level;
     private final int retentionDays;
-    private final String licenseType;
     
-    
+    public AuditConfigurationProperties(ApplicationProperties applicationProperties) {
-    public AuditConfigurationProperties(ApplicationProperties applicationProperties, @Qualifier("license") String licenseType) {
         ApplicationProperties.Premium.ProFeatures.Audit auditConfig = 
                 applicationProperties.getPremium().getProFeatures().getAudit();   
-        
+        // Read values directly from configuration
         this.enabled = auditConfig.isEnabled();
-        this.level = auditConfig.getLevel();
-        this.retentionDays = auditConfig.getRetentionDays();
-        this.licenseType = licenseType;
         
-        log.info("Initialized audit configuration: enabled={}, level={}, retentionDays={}", 
+        // Ensure level is within valid bounds (0-3)
+        int configLevel = auditConfig.getLevel();
+        this.level = Math.min(Math.max(configLevel, 0), 3);
+        
+        // Retention days (0 means infinite)
+        this.retentionDays = auditConfig.getRetentionDays();
+        
+        log.debug("Initialized audit configuration: enabled={}, level={}, retentionDays={} (0=infinite)", 
                 this.enabled, this.level, this.retentionDays);
     }
     
@@ -56,4 +56,13 @@ public class AuditConfigurationProperties {
     public boolean isLevelEnabled(AuditLevel requiredLevel) {
         return enabled && getAuditLevel().includes(requiredLevel);
     }
+    
+    /**
+     * Get the effective retention period in days
+     * @return The number of days to retain audit records, or -1 for infinite retention
+     */
+    public int getEffectiveRetentionDays() {
+        // 0 means infinite retention
+        return retentionDays <= 0 ? -1 : retentionDays;
+    }
 }

proprietary/src/main/java/stirling/software/proprietary/controller/AuditDashboardController.java

@@ -81,8 +81,8 @@ public class AuditDashboardController {
     @GetMapping("/data")
     @ResponseBody
     public Map<String, Object> getAuditData(
-            @RequestParam(value = "page", defaultValue = "0") Long page,
+            @RequestParam(value = "page", defaultValue = "0") int page,
-            @RequestParam(value = "size", defaultValue = "30") Long size,
+            @RequestParam(value = "size", defaultValue = "30") int size,
             @RequestParam(value = "type", required = false) String type,
             @RequestParam(value = "principal", required = false) String principal,
             @RequestParam(value = "startDate", required = false) 
@@ -90,12 +90,11 @@ public class AuditDashboardController {
             @RequestParam(value = "endDate", required = false) 
                 @DateTimeFormat(iso = DateTimeFormat.ISO.DATE) LocalDate endDate, HttpServletRequest request) {
 
-    	 log.info("Raw query string: {}", request.getQueryString()); 
 
-        Pageable pageable = PageRequest.of(page.intValue(), size.intValue(), Sort.by("timestamp").descending());
+        Pageable pageable = PageRequest.of(page, size, Sort.by("timestamp").descending());
         Page<PersistentAuditEvent> events;
 
-        String mode = "unknown";
+        String mode;
 
         if (type != null && principal != null && startDate != null && endDate != null) {
             mode = "principal + type + startDate + endDate";
@@ -133,13 +132,6 @@ public class AuditDashboardController {
 
         // Logging
         List<PersistentAuditEvent> content = events.getContent();
-        Long firstId = content.isEmpty() ? null : content.get(0).getId();
-        Long lastId = content.isEmpty() ? null : content.get(content.size() - 1).getId();
-
-        log.info("Audit request: page={} size={} mode='{}' → result page={} totalElements={} totalPages={} contentSize={}",
-            page, size, mode, events.getNumber(), events.getTotalElements(), events.getTotalPages(), content.size());
-
-        log.info("Audit content ID range: firstId={} lastId={} (descending timestamp)", firstId, lastId);
 
         Map<String, Object> response = new HashMap<>();
         response.put("content", content);

proprietary/src/main/java/stirling/software/proprietary/model/Team.java

@@ -1,13 +1,10 @@
 package stirling.software.proprietary.model;
 
+import jakarta.persistence.*;
 import java.io.Serializable;
 import java.util.HashSet;
 import java.util.Set;
-
-import jakarta.persistence.*;
-
 import lombok.*;
-
 import stirling.software.proprietary.security.model.User;
 
 @Entity

proprietary/src/main/java/stirling/software/proprietary/model/dto/TeamWithUserCountDTO.java

@@ -1,6 +1,5 @@
 package stirling.software.proprietary.model.dto;
 
-import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationFailureHandler.java

@@ -1,10 +1,13 @@
 package stirling.software.proprietary.security;
 
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;

proprietary/src/main/java/stirling/software/proprietary/security/CustomAuthenticationSuccessHandler.java

@@ -1,5 +1,4 @@
 package stirling.software.proprietary.security;
-
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
@@ -12,9 +11,11 @@ import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
-
+import java.io.IOException;
 import lombok.extern.slf4j.Slf4j;
-
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+import org.springframework.security.web.savedrequest.SavedRequest;
 import stirling.software.common.util.RequestUriUtils;
 import stirling.software.proprietary.audit.AuditEventType;
 import stirling.software.proprietary.audit.AuditLevel;

proprietary/src/main/java/stirling/software/proprietary/security/CustomLogoutSuccessHandler.java

@@ -1,27 +1,22 @@
 package stirling.software.proprietary.security;
 
+import com.coveo.saml.SamlClient;
+import com.coveo.saml.SamlException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPrivateKey;
 import java.util.ArrayList;
 import java.util.List;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.core.io.Resource;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
 import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
-
-import com.coveo.saml.SamlClient;
-import com.coveo.saml.SamlException;
-
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;

proprietary/src/main/java/stirling/software/proprietary/security/InitialSecuritySetup.java

@@ -1,17 +1,13 @@
 package stirling.software.proprietary.security;
 
+import jakarta.annotation.PostConstruct;
 import java.sql.SQLException;
 import java.util.List;
 import java.util.Optional;
 import java.util.UUID;
-
-import org.springframework.stereotype.Component;
-
-import jakarta.annotation.PostConstruct;
-
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-
+import org.springframework.stereotype.Component;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.exception.UnsupportedProviderException;

proprietary/src/main/java/stirling/software/proprietary/security/RateLimitResetScheduler.java

@@ -1,10 +1,8 @@
 package stirling.software.proprietary.security;
 
+import lombok.RequiredArgsConstructor;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.RequiredArgsConstructor;
-
 import stirling.software.proprietary.security.filter.IPRateLimitingFilter;
 
 @Component

proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java

@@ -2,6 +2,10 @@ package stirling.software.proprietary.security.config;
 
 import static stirling.software.common.util.ProviderUtils.validateProvider;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Date;
@@ -10,7 +14,7 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
@@ -19,16 +23,6 @@ import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
-
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.servlet.http.HttpServletRequest;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.Security;
 import stirling.software.common.model.ApplicationProperties.Security.OAUTH2;
@@ -239,7 +233,8 @@ public class AccountWebController {
                 }
 
                 // Also check if user is part of the Internal team
-                if (user.getTeam() != null && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+                if (user.getTeam() != null
+                        && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
                     shouldRemove = true;
                 }
 
@@ -336,6 +331,9 @@ public class AccountWebController {
                         case "userNotFound" -> "userNotFoundMessage";
                         case "downgradeCurrentUser" -> "downgradeCurrentUserMessage";
                         case "disabledCurrentUser" -> "disabledCurrentUserMessage";
+                        case "cannotMoveInternalUsers" -> "team.cannotMoveInternalUsers";
+                        case "internalTeamNotAccessible" -> "team.internalTeamNotAccessible";
+                        case "invalidRole" -> "invalidRoleMessage";
                         default -> messageType;
                     };
             model.addAttribute("changeMessage", changeMessage);
@@ -351,9 +349,15 @@ public class AccountWebController {
         model.addAttribute("disabledUsers", disabledUsers);
 
         // Get all teams but filter out the Internal team
-        List<Team> allTeams = teamRepository.findAll()
+        List<Team> allTeams =
-                .stream()
+                teamRepository.findAll().stream()
-                .filter(team -> !team.getName().equals(stirling.software.proprietary.security.service.TeamService.INTERNAL_TEAM_NAME))
+                        .filter(
+                                team ->
+                                        !team.getName()
+                                                .equals(
+                                                        stirling.software.proprietary.security
+                                                                .service.TeamService
+                                                                .INTERNAL_TEAM_NAME))
                         .toList();
         model.addAttribute("teams", allTeams);
 

proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java

@@ -1,7 +1,8 @@
 package stirling.software.proprietary.security.configuration;
 
 import javax.sql.DataSource;
-
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty;
 import org.springframework.boot.autoconfigure.domain.EntityScan;
@@ -11,10 +12,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
-
-import lombok.Getter;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.InstallationPathConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.exception.UnsupportedProviderException;

proprietary/src/main/java/stirling/software/proprietary/security/configuration/MailConfig.java

@@ -1,16 +1,13 @@
 package stirling.software.proprietary.security.configuration;
 
 import java.util.Properties;
-
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.mail.javamail.JavaMailSender;
 import org.springframework.mail.javamail.JavaMailSenderImpl;
-
-import lombok.AllArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 
 /**

proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java

@@ -1,7 +1,7 @@
 package stirling.software.proprietary.security.configuration;
 
 import java.util.Optional;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
@@ -27,9 +27,6 @@ import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.security.web.savedrequest.NullRequestCache;
 import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.proprietary.security.CustomAuthenticationFailureHandler;

proprietary/src/main/java/stirling/software/proprietary/security/configuration/ee/EEAppConfig.java

@@ -8,7 +8,6 @@ import org.springframework.context.annotation.Primary;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.ApplicationProperties.EnterpriseEdition;
 import stirling.software.common.model.ApplicationProperties.Premium;
@@ -81,9 +80,9 @@ public class EEAppConfig {
 
         // Copy the license key if it's set in enterprise but not in premium
         if (premium.getKey() == null
-                || premium.getKey().equals("00000000-0000-0000-0000-000000000000")) {
+                || "00000000-0000-0000-0000-000000000000".equals(premium.getKey())) {
             if (enterpriseEdition.getKey() != null
-                    && !enterpriseEdition.getKey().equals("00000000-0000-0000-0000-000000000000")) {
+                    && !"00000000-0000-0000-0000-000000000000".equals(enterpriseEdition.getKey())) {
                 premium.setKey(enterpriseEdition.getKey());
             }
         }

proprietary/src/main/java/stirling/software/proprietary/security/configuration/ee/KeygenLicenseVerifier.java

@@ -1,24 +1,20 @@
 package stirling.software.proprietary.security.configuration.ee;
 
-import java.net.URI;
-import java.net.http.HttpClient;
-import java.net.http.HttpRequest;
-import java.net.http.HttpResponse;
-import java.util.Base64;
-
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.signers.Ed25519Signer;
-import org.bouncycastle.util.encoders.Hex;
-import org.springframework.stereotype.Service;
-
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.posthog.java.shaded.org.json.JSONException;
 import com.posthog.java.shaded.org.json.JSONObject;
-
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.util.Base64;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-
+import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
+import org.bouncycastle.crypto.signers.Ed25519Signer;
+import org.bouncycastle.util.encoders.Hex;
+import org.springframework.stereotype.Service;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.util.GeneralUtils;
 

proprietary/src/main/java/stirling/software/proprietary/security/configuration/ee/LicenseKeyChecker.java

@@ -4,12 +4,9 @@ import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.util.GeneralUtils;
 import stirling.software.proprietary.security.configuration.ee.KeygenLicenseVerifier.License;

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/DatabaseController.java

@@ -1,12 +1,17 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.Hidden;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.StandardCopyOption;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.eclipse.jetty.http.HttpStatus;
 import org.springframework.context.annotation.Conditional;
 import org.springframework.core.io.InputStreamResource;
@@ -18,15 +23,6 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
-
-import io.swagger.v3.oas.annotations.Hidden;
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.security.database.H2SQLCondition;
 import stirling.software.proprietary.security.service.DatabaseService;
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/EmailController.java

@@ -1,5 +1,11 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.mail.MessagingException;
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -8,16 +14,6 @@ import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-
-import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.mail.MessagingException;
-import jakarta.validation.Valid;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.security.model.api.Email;
 import stirling.software.proprietary.security.service.EmailService;
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/TeamController.java

@@ -1,19 +1,14 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.transaction.Transactional;
 import java.util.Optional;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.view.RedirectView;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.transaction.Transactional;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.model.Team;
 import stirling.software.proprietary.security.config.PremiumEndpoint;
 import stirling.software.proprietary.security.database.repository.UserRepository;
@@ -36,12 +31,12 @@ public class TeamController {
     @PostMapping("/create")
     public RedirectView createTeam(@RequestParam("name") String name) {
         if (teamRepository.existsByNameIgnoreCase(name)) {
-            return new RedirectView("/adminSettings?messageType=teamExists");
+            return new RedirectView("/teams?messageType=teamExists");
         }
         Team team = new Team();
         team.setName(name);
         teamRepository.save(team);
-        return new RedirectView("/adminSettings?messageType=teamCreated");
+        return new RedirectView("/teams?messageType=teamCreated");
     }
 
     @PreAuthorize("hasRole('ROLE_ADMIN')")
@@ -50,21 +45,21 @@ public class TeamController {
             @RequestParam("teamId") Long teamId, @RequestParam("newName") String newName) {
         Optional<Team> existing = teamRepository.findById(teamId);
         if (existing.isEmpty()) {
-            return new RedirectView("/adminSettings?messageType=teamNotFound");
+            return new RedirectView("/teams?messageType=teamNotFound");
         }
         if (teamRepository.existsByNameIgnoreCase(newName)) {
-            return new RedirectView("/adminSettings?messageType=teamNameExists");
+            return new RedirectView("/teams?messageType=teamNameExists");
         }
         Team team = existing.get();
 
         // Prevent renaming the Internal team
         if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
-            return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible");
+            return new RedirectView("/teams?messageType=internalTeamNotAccessible");
         }
 
         team.setName(newName);
         teamRepository.save(team);
-        return new RedirectView("/adminSettings?messageType=teamRenamed");
+        return new RedirectView("/teams?messageType=teamRenamed");
     }
 
     @PreAuthorize("hasRole('ROLE_ADMIN')")
@@ -73,34 +68,35 @@ public class TeamController {
     public RedirectView deleteTeam(@RequestParam("teamId") Long teamId) {
         Optional<Team> teamOpt = teamRepository.findById(teamId);
         if (teamOpt.isEmpty()) {
-            return new RedirectView("/adminSettings?messageType=teamNotFound");
+            return new RedirectView("/teams?messageType=teamNotFound");
         }
 
         Team team = teamOpt.get();
 
         // Prevent deleting the Internal team
         if (team.getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
-            return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible");
+            return new RedirectView("/teams?messageType=internalTeamNotAccessible");
         }
 
         long memberCount = userRepository.countByTeam(team);
         if (memberCount > 0) {
-            return new RedirectView("/adminSettings?messageType=teamHasUsers");
+            return new RedirectView("/teams?messageType=teamHasUsers");
         }
 
         teamRepository.delete(team);
-        return new RedirectView("/adminSettings?messageType=teamDeleted");
+        return new RedirectView("/teams?messageType=teamDeleted");
     }
 
     @PreAuthorize("hasRole('ROLE_ADMIN')")
     @PostMapping("/addUser")
     @Transactional
     public RedirectView addUserToTeam(
-            @RequestParam("teamId") Long teamId,
+            @RequestParam("teamId") Long teamId, @RequestParam("userId") Long userId) {
-            @RequestParam("userId") Long userId) {
 
         // Find the team
-        Team team = teamRepository.findById(teamId)
+        Team team =
+                teamRepository
+                        .findById(teamId)
                         .orElseThrow(() -> new RuntimeException("Team not found"));
 
         // Prevent adding users to the Internal team
@@ -109,11 +105,14 @@ public class TeamController {
         }
 
         // Find the user
-        User user = userRepository.findById(userId)
+        User user =
+                userRepository
+                        .findById(userId)
                         .orElseThrow(() -> new RuntimeException("User not found"));
 
         // Check if user is in the Internal team - prevent moving them
-        if (user.getTeam() != null && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
+        if (user.getTeam() != null
+                && user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)) {
             return new RedirectView("/teams/" + teamId + "?error=cannotMoveInternalUsers");
         }
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/api/UserController.java

@@ -1,12 +1,17 @@
 package stirling.software.proprietary.security.controller.api;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.transaction.Transactional;
 import java.io.IOException;
 import java.security.Principal;
 import java.sql.SQLException;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -20,16 +25,6 @@ import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 import org.springframework.web.servlet.view.RedirectView;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import jakarta.transaction.Transactional;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.model.enumeration.Role;
 import stirling.software.common.model.exception.UnsupportedProviderException;
@@ -57,6 +52,7 @@ public class UserController {
     private final ApplicationProperties applicationProperties;
     private final TeamRepository teamRepository;
     private final UserRepository userRepository;
+
     @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
     @PostMapping("/register")
     public String register(@ModelAttribute UsernameAndPass requestModel, Model model)
@@ -250,15 +246,18 @@ public class UserController {
         // Use teamId if provided, otherwise use default team
         Long effectiveTeamId = teamId;
         if (effectiveTeamId == null) {
-            Team defaultTeam = teamRepository.findByName(TeamService.DEFAULT_TEAM_NAME).orElse(null);
+            Team defaultTeam =
+                    teamRepository.findByName(TeamService.DEFAULT_TEAM_NAME).orElse(null);
             if (defaultTeam != null) {
                 effectiveTeamId = defaultTeam.getId();
             }
         } else {
             // Check if the selected team is Internal - prevent assigning to it
             Team selectedTeam = teamRepository.findById(effectiveTeamId).orElse(null);
-            if (selectedTeam != null && TeamService.INTERNAL_TEAM_NAME.equals(selectedTeam.getName())) {
+            if (selectedTeam != null
-                return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible", true);
+                    && TeamService.INTERNAL_TEAM_NAME.equals(selectedTeam.getName())) {
+                return new RedirectView(
+                        "/adminSettings?messageType=internalTeamNotAccessible", true);
             }
         }
 
@@ -316,12 +315,15 @@ public class UserController {
             if (team != null) {
                 // Prevent assigning to Internal team
                 if (TeamService.INTERNAL_TEAM_NAME.equals(team.getName())) {
-                    return new RedirectView("/adminSettings?messageType=internalTeamNotAccessible", true);
+                    return new RedirectView(
+                            "/adminSettings?messageType=internalTeamNotAccessible", true);
                 }
 
                 // Prevent moving users from Internal team
-                if (user.getTeam() != null && TeamService.INTERNAL_TEAM_NAME.equals(user.getTeam().getName())) {
+                if (user.getTeam() != null
-                    return new RedirectView("/adminSettings?messageType=cannotMoveInternalUsers", true);
+                        && TeamService.INTERNAL_TEAM_NAME.equals(user.getTeam().getName())) {
+                    return new RedirectView(
+                            "/adminSettings?messageType=cannotMoveInternalUsers", true);
                 }
 
                 user.setTeam(team);

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/DatabaseWebController.java

@@ -1,19 +1,14 @@
 package stirling.software.proprietary.security.controller.web;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletRequest;
 import java.util.List;
-
+import lombok.RequiredArgsConstructor;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-
-import jakarta.servlet.http.HttpServletRequest;
-
-import lombok.RequiredArgsConstructor;
-
 import stirling.software.common.model.FileInfo;
 import stirling.software.proprietary.security.service.DatabaseService;
 

proprietary/src/main/java/stirling/software/proprietary/security/controller/web/TeamWebController.java

@@ -1,20 +1,18 @@
 package stirling.software.proprietary.security.controller.web;
 
+import jakarta.servlet.http.HttpServletRequest;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
-
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
 import stirling.software.proprietary.model.Team;
 import stirling.software.proprietary.model.dto.TeamWithUserCountDTO;
 import stirling.software.proprietary.security.database.repository.SessionRepository;
@@ -35,12 +33,13 @@ public class TeamWebController {
 
     @GetMapping
     @PreAuthorize("hasRole('ROLE_ADMIN')")
-    public String listTeams(Model model) {
+    public String listTeams(HttpServletRequest request, Model model) {
         // Get teams with user counts using a DTO projection
         List<TeamWithUserCountDTO> allTeamsWithCounts = teamRepository.findAllTeamsWithUserCount();
 
         // Filter out the Internal team
-        List<TeamWithUserCountDTO> teamsWithCounts = allTeamsWithCounts.stream()
+        List<TeamWithUserCountDTO> teamsWithCounts =
+                allTeamsWithCounts.stream()
                         .filter(team -> !team.getName().equals(TeamService.INTERNAL_TEAM_NAME))
                         .toList();
 
@@ -55,6 +54,27 @@ public class TeamWebController {
             teamLastRequest.put(teamId, lastActivity);
         }
 
+        String messageType = request.getParameter("messageType");
+        if (messageType != null) {
+            if ("teamCreated".equals(messageType)) {
+                model.addAttribute("addMessage", "teamCreated");
+            } else if ("teamExists".equals(messageType)) {
+                model.addAttribute("errorMessage", "teamExists");
+            } else if ("teamNotFound".equals(messageType)) {
+                model.addAttribute("errorMessage", "teamNotFound");
+            } else if ("teamNameExists".equals(messageType)) {
+                model.addAttribute("errorMessage", "teamNameExists");
+            } else if ("internalTeamNotAccessible".equals(messageType)) {
+                model.addAttribute("errorMessage", "team.internalTeamNotAccessible");
+            } else if ("teamRenamed".equals(messageType)) {
+                model.addAttribute("changeMessage", "teamRenamed");
+            } else if ("teamHasUsers".equals(messageType)) {
+                model.addAttribute("errorMessage", "teamHasUsers");
+            } else if ("teamDeleted".equals(messageType)) {
+                model.addAttribute("deleteMessage", "teamDeleted");
+            }
+        }
+
         // Add data to the model
         model.addAttribute("teamsWithCounts", teamsWithCounts);
         model.addAttribute("teamLastRequest", teamLastRequest);
@@ -64,9 +84,12 @@ public class TeamWebController {
 
     @GetMapping("/{id}")
     @PreAuthorize("hasRole('ROLE_ADMIN')")
-    public String viewTeamDetails(@PathVariable("id") Long id, Model model) {
+    public String viewTeamDetails(
+            HttpServletRequest request, @PathVariable("id") Long id, Model model) {
         // Get the team
-        Team team = teamRepository.findById(id)
+        Team team =
+                teamRepository
+                        .findById(id)
                         .orElseThrow(() -> new RuntimeException("Team not found"));
 
         // Prevent access to Internal team
@@ -80,9 +103,18 @@ public class TeamWebController {
         // Get all users not in this team for the Add User to Team dropdown
         // Exclude users that are in the Internal team
         List<User> allUsers = userRepository.findAllWithTeam();
-        List<User> availableUsers = allUsers.stream()
+        List<User> availableUsers =
-                .filter(user -> (user.getTeam() == null || !user.getTeam().getId().equals(id)) &&
+                allUsers.stream()
-                               (user.getTeam() == null || !user.getTeam().getName().equals(TeamService.INTERNAL_TEAM_NAME)))
+                        .filter(
+                                user ->
+                                        (user.getTeam() == null
+                                                        || !user.getTeam().getId().equals(id))
+                                                && (user.getTeam() == null
+                                                        || !user.getTeam()
+                                                                .getName()
+                                                                .equals(
+                                                                        TeamService
+                                                                                .INTERNAL_TEAM_NAME)))
                         .toList();
 
         // Get the latest session for each user in the team
@@ -96,6 +128,13 @@ public class TeamWebController {
             userLastRequest.put(username, lastRequest);
         }
 
+        String errorMessage = request.getParameter("error");
+        if (errorMessage != null) {
+            if ("cannotMoveInternalUsers".equals(errorMessage)) {
+                model.addAttribute("errorMessage", "team.cannotMoveInternalUsers");
+            }
+        }
+
         model.addAttribute("team", team);
         model.addAttribute("teamUsers", teamUsers);
         model.addAttribute("availableUsers", availableUsers);

proprietary/src/main/java/stirling/software/proprietary/security/database/ScheduledTasks.java

@@ -1,13 +1,10 @@
 package stirling.software.proprietary.security.database;
 
 import java.sql.SQLException;
-
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Conditional;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
-
-import lombok.RequiredArgsConstructor;
-
 import stirling.software.common.model.exception.UnsupportedProviderException;
 import stirling.software.proprietary.security.service.DatabaseServiceInterface;
 

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/AuthorityRepository.java

@@ -1,10 +1,8 @@
 package stirling.software.proprietary.security.database.repository;
 
 import java.util.Set;
-
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
-
 import stirling.software.proprietary.security.model.Authority;
 
 @Repository

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/JPATokenRepositoryImpl.java

@@ -1,11 +1,9 @@
 package stirling.software.proprietary.security.database.repository;
 
 import java.util.Date;
-
 import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 import org.springframework.transaction.annotation.Transactional;
-
 import stirling.software.proprietary.security.model.PersistentLogin;
 
 public class JPATokenRepositoryImpl implements PersistentTokenRepository {

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/PersistentLoginRepository.java

@@ -2,7 +2,6 @@ package stirling.software.proprietary.security.database.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
-
 import stirling.software.proprietary.security.model.PersistentLogin;
 
 @Repository

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/SessionRepository.java

@@ -1,16 +1,13 @@
 package stirling.software.proprietary.security.database.repository;
 
+import jakarta.transaction.Transactional;
 import java.util.Date;
 import java.util.List;
-
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
-
-import jakarta.transaction.Transactional;
-
 import stirling.software.proprietary.security.model.SessionEntity;
 
 @Repository

proprietary/src/main/java/stirling/software/proprietary/security/database/repository/UserRepository.java

@@ -2,12 +2,10 @@ package stirling.software.proprietary.security.database.repository;
 
 import java.util.List;
 import java.util.Optional;
-
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
-
 import stirling.software.proprietary.model.Team;
 import stirling.software.proprietary.security.model.User;
 
@@ -30,7 +28,8 @@ public interface UserRepository extends JpaRepository<User, Long> {
     @Query(value = "SELECT u FROM User u LEFT JOIN FETCH u.team")
     List<User> findAllWithTeam();
 
-    @Query("SELECT u FROM User u JOIN FETCH u.authorities JOIN FETCH u.team WHERE u.team.id = :teamId")
+    @Query(
+            "SELECT u FROM User u JOIN FETCH u.authorities JOIN FETCH u.team WHERE u.team.id = :teamId")
     List<User> findAllByTeamId(@Param("teamId") Long teamId);
 
     long countByTeam(Team team);

proprietary/src/main/java/stirling/software/proprietary/security/filter/EnterpriseEndpointFilter.java

@@ -1,16 +1,14 @@
 package stirling.software.proprietary.security.filter;
 
-import java.io.IOException;
-
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.http.HttpStatus;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
 
 @Component
 public class EnterpriseEndpointFilter extends OncePerRequestFilter {