login_fix (#4402)

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

.claude/settings.local.json

@@ -5,7 +5,13 @@
       "Bash(mkdir:*)",
       "Bash(./gradlew:*)",
       "Bash(grep:*)",
-      "Bash(cat:*)"
+      "Bash(cat:*)",
+      "Bash(find:*)",
+      "Bash(grep:*)",
+      "Bash(rg:*)",
+      "Bash(strings:*)",
+      "Bash(pkill:*)",
+      "Bash(true)"
     ],
     "deny": []
   }

.github/config/.files.yaml

@@ -29,3 +29,10 @@ project: &project
   - settings.gradle
   - frontend/**
   - docker/**
+  - testing/**
+
+frontend: &frontend
+  - frontend/**
+  - .github/workflows/testdriver.yml
+  - testing/**
+  - docker/**

.github/labeler-config-srvaroa.yml

@@ -46,6 +46,9 @@ labels:
   - label: 'API'
     title: '.*openapi.*|.*swagger.*|.*api.*'
 
+  - label: 'v2'
+    base-branch: 'V2'
+
   - label: 'Translation'
     files:
       - 'app/core/src/main/resources/messages_[a-zA-Z_]{2}_[a-zA-Z_]{2,7}.properties'
@@ -62,6 +65,7 @@ labels:
       - 'app/core/src/main/java/stirling/software/SPDF/controller/web/.*'
       - 'app/core/src/main/java/stirling/software/SPDF/UI/.*'
       - 'app/proprietary/src/main/java/stirling/software/proprietary/security/controller/web/.*'
+      - 'frontend/**'
 
   - label: 'Java'
     files:
@@ -120,6 +124,7 @@ labels:
       - 'scripts/installFonts.sh'
       - 'test.sh'
       - 'test2.sh'
+      - 'docker/**'
 
   - label: 'Devtools'
     files:
@@ -131,7 +136,6 @@ labels:
       - '.github/workflows/pre_commit.yml'
       - 'devGuide/.*'
       - 'devTools/.*'
-      - 'devTools/.*'
 
   - label: 'Test'
     files:

.github/labels.yml

@@ -83,6 +83,7 @@
   color: "DEDEDE"
 - name: "v2"
   color: "FFFF00"
+  description: "Issues or pull requests related to the v2 branch"
 - name: "wontfix"
   description: "This will not be worked on"
   color: "FFFFFF"

.github/scripts/requirements_dev.in

@@ -0,0 +1,8 @@
+pip
+setuptools
+WeasyPrint
+pdf2image
+pillow
+unoserver
+opencv-python-headless
+pre-commit

.github/scripts/requirements_dev.txt

@@ -0,0 +1,638 @@
+#
+# This file is autogenerated by pip-compile with Python 3.10
+# by the following command:
+#
+#    pip-compile --allow-unsafe --generate-hashes --output-file='.github\scripts\requirements_dev.txt' --strip-extras '.github\scripts\requirements_dev.in'
+#
+brotli==1.1.0 \
+    --hash=sha256:03d20af184290887bdea3f0f78c4f737d126c74dc2f3ccadf07e54ceca3bf208 \
+    --hash=sha256:0541e747cce78e24ea12d69176f6a7ddb690e62c425e01d31cc065e69ce55b48 \
+    --hash=sha256:069a121ac97412d1fe506da790b3e69f52254b9df4eb665cd42460c837193354 \
+    --hash=sha256:0737ddb3068957cf1b054899b0883830bb1fec522ec76b1098f9b6e0f02d9419 \
+    --hash=sha256:0b63b949ff929fbc2d6d3ce0e924c9b93c9785d877a21a1b678877ffbbc4423a \
+    --hash=sha256:0c6244521dda65ea562d5a69b9a26120769b7a9fb3db2fe9545935ed6735b128 \
+    --hash=sha256:11d00ed0a83fa22d29bc6b64ef636c4552ebafcef57154b4ddd132f5638fbd1c \
+    --hash=sha256:141bd4d93984070e097521ed07e2575b46f817d08f9fa42b16b9b5f27b5ac088 \
+    --hash=sha256:19c116e796420b0cee3da1ccec3b764ed2952ccfcc298b55a10e5610ad7885f9 \
+    --hash=sha256:1ab4fbee0b2d9098c74f3057b2bc055a8bd92ccf02f65944a241b4349229185a \
+    --hash=sha256:1ae56aca0402a0f9a3431cddda62ad71666ca9d4dc3a10a142b9dce2e3c0cda3 \
+    --hash=sha256:1b2c248cd517c222d89e74669a4adfa5577e06ab68771a529060cf5a156e9757 \
+    --hash=sha256:1e9a65b5736232e7a7f91ff3d02277f11d339bf34099a56cdab6a8b3410a02b2 \
+    --hash=sha256:224e57f6eac61cc449f498cc5f0e1725ba2071a3d4f48d5d9dffba42db196438 \
+    --hash=sha256:22fc2a8549ffe699bfba2256ab2ed0421a7b8fadff114a3d201794e45a9ff578 \
+    --hash=sha256:23032ae55523cc7bccb4f6a0bf368cd25ad9bcdcc1990b64a647e7bbcce9cb5b \
+    --hash=sha256:2333e30a5e00fe0fe55903c8832e08ee9c3b1382aacf4db26664a16528d51b4b \
+    --hash=sha256:2954c1c23f81c2eaf0b0717d9380bd348578a94161a65b3a2afc62c86467dd68 \
+    --hash=sha256:2a24c50840d89ded6c9a8fdc7b6ed3692ed4e86f1c4a4a938e1e92def92933e0 \
+    --hash=sha256:2de9d02f5bda03d27ede52e8cfe7b865b066fa49258cbab568720aa5be80a47d \
+    --hash=sha256:2feb1d960f760a575dbc5ab3b1c00504b24caaf6986e2dc2b01c09c87866a943 \
+    --hash=sha256:30924eb4c57903d5a7526b08ef4a584acc22ab1ffa085faceb521521d2de32dd \
+    --hash=sha256:316cc9b17edf613ac76b1f1f305d2a748f1b976b033b049a6ecdfd5612c70409 \
+    --hash=sha256:32d95b80260d79926f5fab3c41701dbb818fde1c9da590e77e571eefd14abe28 \
+    --hash=sha256:38025d9f30cf4634f8309c6874ef871b841eb3c347e90b0851f63d1ded5212da \
+    --hash=sha256:39da8adedf6942d76dc3e46653e52df937a3c4d6d18fdc94a7c29d263b1f5b50 \
+    --hash=sha256:3c0ef38c7a7014ffac184db9e04debe495d317cc9c6fb10071f7fefd93100a4f \
+    --hash=sha256:3d7954194c36e304e1523f55d7042c59dc53ec20dd4e9ea9d151f1b62b4415c0 \
+    --hash=sha256:3ee8a80d67a4334482d9712b8e83ca6b1d9bc7e351931252ebef5d8f7335a547 \
+    --hash=sha256:4093c631e96fdd49e0377a9c167bfd75b6d0bad2ace734c6eb20b348bc3ea180 \
+    --hash=sha256:43395e90523f9c23a3d5bdf004733246fba087f2948f87ab28015f12359ca6a0 \
+    --hash=sha256:43ce1b9935bfa1ede40028054d7f48b5469cd02733a365eec8a329ffd342915d \
+    --hash=sha256:4410f84b33374409552ac9b6903507cdb31cd30d2501fc5ca13d18f73548444a \
+    --hash=sha256:494994f807ba0b92092a163a0a283961369a65f6cbe01e8891132b7a320e61eb \
+    --hash=sha256:4d4a848d1837973bf0f4b5e54e3bec977d99be36a7895c61abb659301b02c112 \
+    --hash=sha256:4ed11165dd45ce798d99a136808a794a748d5dc38511303239d4e2363c0695dc \
+    --hash=sha256:4f3607b129417e111e30637af1b56f24f7a49e64763253bbc275c75fa887d4b2 \
+    --hash=sha256:510b5b1bfbe20e1a7b3baf5fed9e9451873559a976c1a78eebaa3b86c57b4265 \
+    --hash=sha256:524f35912131cc2cabb00edfd8d573b07f2d9f21fa824bd3fb19725a9cf06327 \
+    --hash=sha256:587ca6d3cef6e4e868102672d3bd9dc9698c309ba56d41c2b9c85bbb903cdb95 \
+    --hash=sha256:58d4b711689366d4a03ac7957ab8c28890415e267f9b6589969e74b6e42225ec \
+    --hash=sha256:5b3cc074004d968722f51e550b41a27be656ec48f8afaeeb45ebf65b561481dd \
+    --hash=sha256:5dab0844f2cf82be357a0eb11a9087f70c5430b2c241493fc122bb6f2bb0917c \
+    --hash=sha256:5e55da2c8724191e5b557f8e18943b1b4839b8efc3ef60d65985bcf6f587dd38 \
+    --hash=sha256:5eeb539606f18a0b232d4ba45adccde4125592f3f636a6182b4a8a436548b914 \
+    --hash=sha256:5f4d5ea15c9382135076d2fb28dde923352fe02951e66935a9efaac8f10e81b0 \
+    --hash=sha256:5fb2ce4b8045c78ebbc7b8f3c15062e435d47e7393cc57c25115cfd49883747a \
+    --hash=sha256:6172447e1b368dcbc458925e5ddaf9113477b0ed542df258d84fa28fc45ceea7 \
+    --hash=sha256:6967ced6730aed543b8673008b5a391c3b1076d834ca438bbd70635c73775368 \
+    --hash=sha256:6974f52a02321b36847cd19d1b8e381bf39939c21efd6ee2fc13a28b0d99348c \
+    --hash=sha256:6c3020404e0b5eefd7c9485ccf8393cfb75ec38ce75586e046573c9dc29967a0 \
+    --hash=sha256:6c6e0c425f22c1c719c42670d561ad682f7bfeeef918edea971a79ac5252437f \
+    --hash=sha256:70051525001750221daa10907c77830bc889cb6d865cc0b813d9db7fefc21451 \
+    --hash=sha256:7905193081db9bfa73b1219140b3d315831cbff0d8941f22da695832f0dd188f \
+    --hash=sha256:7bc37c4d6b87fb1017ea28c9508b36bbcb0c3d18b4260fcdf08b200c74a6aee8 \
+    --hash=sha256:7c4855522edb2e6ae7fdb58e07c3ba9111e7621a8956f481c68d5d979c93032e \
+    --hash=sha256:7e4c4629ddad63006efa0ef968c8e4751c5868ff0b1c5c40f76524e894c50248 \
+    --hash=sha256:7eedaa5d036d9336c95915035fb57422054014ebdeb6f3b42eac809928e40d0c \
+    --hash=sha256:7f4bf76817c14aa98cc6697ac02f3972cb8c3da93e9ef16b9c66573a68014f91 \
+    --hash=sha256:81de08ac11bcb85841e440c13611c00b67d3bf82698314928d0b676362546724 \
+    --hash=sha256:832436e59afb93e1836081a20f324cb185836c617659b07b129141a8426973c7 \
+    --hash=sha256:861bf317735688269936f755fa136a99d1ed526883859f86e41a5d43c61d8966 \
+    --hash=sha256:87a3044c3a35055527ac75e419dfa9f4f3667a1e887ee80360589eb8c90aabb9 \
+    --hash=sha256:890b5a14ce214389b2cc36ce82f3093f96f4cc730c1cffdbefff77a7c71f2a97 \
+    --hash=sha256:89f4988c7203739d48c6f806f1e87a1d96e0806d44f0fba61dba81392c9e474d \
+    --hash=sha256:8bf32b98b75c13ec7cf774164172683d6e7891088f6316e54425fde1efc276d5 \
+    --hash=sha256:8dadd1314583ec0bf2d1379f7008ad627cd6336625d6679cf2f8e67081b83acf \
+    --hash=sha256:901032ff242d479a0efa956d853d16875d42157f98951c0230f69e69f9c09bac \
+    --hash=sha256:9011560a466d2eb3f5a6e4929cf4a09be405c64154e12df0dd72713f6500e32b \
+    --hash=sha256:906bc3a79de8c4ae5b86d3d75a8b77e44404b0f4261714306e3ad248d8ab0951 \
+    --hash=sha256:919e32f147ae93a09fe064d77d5ebf4e35502a8df75c29fb05788528e330fe74 \
+    --hash=sha256:91d7cc2a76b5567591d12c01f019dd7afce6ba8cba6571187e21e2fc418ae648 \
+    --hash=sha256:929811df5462e182b13920da56c6e0284af407d1de637d8e536c5cd00a7daf60 \
+    --hash=sha256:949f3b7c29912693cee0afcf09acd6ebc04c57af949d9bf77d6101ebb61e388c \
+    --hash=sha256:a090ca607cbb6a34b0391776f0cb48062081f5f60ddcce5d11838e67a01928d1 \
+    --hash=sha256:a1fd8a29719ccce974d523580987b7f8229aeace506952fa9ce1d53a033873c8 \
+    --hash=sha256:a37b8f0391212d29b3a91a799c8e4a2855e0576911cdfb2515487e30e322253d \
+    --hash=sha256:a3daabb76a78f829cafc365531c972016e4aa8d5b4bf60660ad8ecee19df7ccc \
+    --hash=sha256:a469274ad18dc0e4d316eefa616d1d0c2ff9da369af19fa6f3daa4f09671fd61 \
+    --hash=sha256:a599669fd7c47233438a56936988a2478685e74854088ef5293802123b5b2460 \
+    --hash=sha256:a743e5a28af5f70f9c080380a5f908d4d21d40e8f0e0c8901604d15cfa9ba751 \
+    --hash=sha256:a77def80806c421b4b0af06f45d65a136e7ac0bdca3c09d9e2ea4e515367c7e9 \
+    --hash=sha256:a7e53012d2853a07a4a79c00643832161a910674a893d296c9f1259859a289d2 \
+    --hash=sha256:a93dde851926f4f2678e704fadeb39e16c35d8baebd5252c9fd94ce8ce68c4a0 \
+    --hash=sha256:aac0411d20e345dc0920bdec5548e438e999ff68d77564d5e9463a7ca9d3e7b1 \
+    --hash=sha256:ae15b066e5ad21366600ebec29a7ccbc86812ed267e4b28e860b8ca16a2bc474 \
+    --hash=sha256:aea440a510e14e818e67bfc4027880e2fb500c2ccb20ab21c7a7c8b5b4703d75 \
+    --hash=sha256:af6fa6817889314555aede9a919612b23739395ce767fe7fcbea9a80bf140fe5 \
+    --hash=sha256:b760c65308ff1e462f65d69c12e4ae085cff3b332d894637f6273a12a482d09f \
+    --hash=sha256:be36e3d172dc816333f33520154d708a2657ea63762ec16b62ece02ab5e4daf2 \
+    --hash=sha256:c247dd99d39e0338a604f8c2b3bc7061d5c2e9e2ac7ba9cc1be5a69cb6cd832f \
+    --hash=sha256:c5529b34c1c9d937168297f2c1fde7ebe9ebdd5e121297ff9c043bdb2ae3d6fb \
+    --hash=sha256:c8146669223164fc87a7e3de9f81e9423c67a79d6b3447994dfb9c95da16e2d6 \
+    --hash=sha256:c8fd5270e906eef71d4a8d19b7c6a43760c6abcfcc10c9101d14eb2357418de9 \
+    --hash=sha256:ca63e1890ede90b2e4454f9a65135a4d387a4585ff8282bb72964fab893f2111 \
+    --hash=sha256:caf9ee9a5775f3111642d33b86237b05808dafcd6268faa492250e9b78046eb2 \
+    --hash=sha256:cb1dac1770878ade83f2ccdf7d25e494f05c9165f5246b46a621cc849341dc01 \
+    --hash=sha256:cdad5b9014d83ca68c25d2e9444e28e967ef16e80f6b436918c700c117a85467 \
+    --hash=sha256:cdbc1fc1bc0bff1cef838eafe581b55bfbffaed4ed0318b724d0b71d4d377619 \
+    --hash=sha256:ceb64bbc6eac5a140ca649003756940f8d6a7c444a68af170b3187623b43bebf \
+    --hash=sha256:d0c5516f0aed654134a2fc936325cc2e642f8a0e096d075209672eb321cff408 \
+    --hash=sha256:d143fd47fad1db3d7c27a1b1d66162e855b5d50a89666af46e1679c496e8e579 \
+    --hash=sha256:d192f0f30804e55db0d0e0a35d83a9fead0e9a359a9ed0285dbacea60cc10a84 \
+    --hash=sha256:d2b35ca2c7f81d173d2fadc2f4f31e88cc5f7a39ae5b6db5513cf3383b0e0ec7 \
+    --hash=sha256:d342778ef319e1026af243ed0a07c97acf3bad33b9f29e7ae6a1f68fd083e90c \
+    --hash=sha256:d487f5432bf35b60ed625d7e1b448e2dc855422e87469e3f450aa5552b0eb284 \
+    --hash=sha256:d7702622a8b40c49bffb46e1e3ba2e81268d5c04a34f460978c6b5517a34dd52 \
+    --hash=sha256:db85ecf4e609a48f4b29055f1e144231b90edc90af7481aa731ba2d059226b1b \
+    --hash=sha256:de6551e370ef19f8de1807d0a9aa2cdfdce2e85ce88b122fe9f6b2b076837e59 \
+    --hash=sha256:e1140c64812cb9b06c922e77f1c26a75ec5e3f0fb2bf92cc8c58720dec276752 \
+    --hash=sha256:e4fe605b917c70283db7dfe5ada75e04561479075761a0b3866c081d035b01c1 \
+    --hash=sha256:e6a904cb26bfefc2f0a6f240bdf5233be78cd2488900a2f846f3c3ac8489ab80 \
+    --hash=sha256:e79e6520141d792237c70bcd7a3b122d00f2613769ae0cb61c52e89fd3443839 \
+    --hash=sha256:e84799f09591700a4154154cab9787452925578841a94321d5ee8fb9a9a328f0 \
+    --hash=sha256:e93dfc1a1165e385cc8239fab7c036fb2cd8093728cbd85097b284d7b99249a2 \
+    --hash=sha256:efa8b278894b14d6da122a72fefcebc28445f2d3f880ac59d46c90f4c13be9a3 \
+    --hash=sha256:f0d8a7a6b5983c2496e364b969f0e526647a06b075d034f3297dc66f3b360c64 \
+    --hash=sha256:f0db75f47be8b8abc8d9e31bc7aad0547ca26f24a54e6fd10231d623f183d089 \
+    --hash=sha256:f296c40e23065d0d6650c4aefe7470d2a25fffda489bcc3eb66083f3ac9f6643 \
+    --hash=sha256:f31859074d57b4639318523d6ffdca586ace54271a73ad23ad021acd807eb14b \
+    --hash=sha256:f66b5337fa213f1da0d9000bc8dc0cb5b896b726eefd9c6046f699b169c41b9e \
+    --hash=sha256:f733d788519c7e3e71f0855c96618720f5d3d60c3cb829d8bbb722dddce37985 \
+    --hash=sha256:fce1473f3ccc4187f75b4690cfc922628aed4d3dd013d047f95a9b3919a86596 \
+    --hash=sha256:fd5f17ff8f14003595ab414e45fce13d073e0762394f957182e69035c9f3d7c2 \
+    --hash=sha256:fdc3ff3bfccdc6b9cc7c342c03aa2400683f0cb891d46e94b64a197910dc4064
+    # via fonttools
+cffi==1.17.1 \
+    --hash=sha256:045d61c734659cc045141be4bae381a41d89b741f795af1dd018bfb532fd0df8 \
+    --hash=sha256:0984a4925a435b1da406122d4d7968dd861c1385afe3b45ba82b750f229811e2 \
+    --hash=sha256:0e2b1fac190ae3ebfe37b979cc1ce69c81f4e4fe5746bb401dca63a9062cdaf1 \
+    --hash=sha256:0f048dcf80db46f0098ccac01132761580d28e28bc0f78ae0d58048063317e15 \
+    --hash=sha256:1257bdabf294dceb59f5e70c64a3e2f462c30c7ad68092d01bbbfb1c16b1ba36 \
+    --hash=sha256:1c39c6016c32bc48dd54561950ebd6836e1670f2ae46128f67cf49e789c52824 \
+    --hash=sha256:1d599671f396c4723d016dbddb72fe8e0397082b0a77a4fab8028923bec050e8 \
+    --hash=sha256:28b16024becceed8c6dfbc75629e27788d8a3f9030691a1dbf9821a128b22c36 \
+    --hash=sha256:2bb1a08b8008b281856e5971307cc386a8e9c5b625ac297e853d36da6efe9c17 \
+    --hash=sha256:30c5e0cb5ae493c04c8b42916e52ca38079f1b235c2f8ae5f4527b963c401caf \
+    --hash=sha256:31000ec67d4221a71bd3f67df918b1f88f676f1c3b535a7eb473255fdc0b83fc \
+    --hash=sha256:386c8bf53c502fff58903061338ce4f4950cbdcb23e2902d86c0f722b786bbe3 \
+    --hash=sha256:3edc8d958eb099c634dace3c7e16560ae474aa3803a5df240542b305d14e14ed \
+    --hash=sha256:45398b671ac6d70e67da8e4224a065cec6a93541bb7aebe1b198a61b58c7b702 \
+    --hash=sha256:46bf43160c1a35f7ec506d254e5c890f3c03648a4dbac12d624e4490a7046cd1 \
+    --hash=sha256:4ceb10419a9adf4460ea14cfd6bc43d08701f0835e979bf821052f1805850fe8 \
+    --hash=sha256:51392eae71afec0d0c8fb1a53b204dbb3bcabcb3c9b807eedf3e1e6ccf2de903 \
+    --hash=sha256:5da5719280082ac6bd9aa7becb3938dc9f9cbd57fac7d2871717b1feb0902ab6 \
+    --hash=sha256:610faea79c43e44c71e1ec53a554553fa22321b65fae24889706c0a84d4ad86d \
+    --hash=sha256:636062ea65bd0195bc012fea9321aca499c0504409f413dc88af450b57ffd03b \
+    --hash=sha256:6883e737d7d9e4899a8a695e00ec36bd4e5e4f18fabe0aca0efe0a4b44cdb13e \
+    --hash=sha256:6b8b4a92e1c65048ff98cfe1f735ef8f1ceb72e3d5f0c25fdb12087a23da22be \
+    --hash=sha256:6f17be4345073b0a7b8ea599688f692ac3ef23ce28e5df79c04de519dbc4912c \
+    --hash=sha256:706510fe141c86a69c8ddc029c7910003a17353970cff3b904ff0686a5927683 \
+    --hash=sha256:72e72408cad3d5419375fc87d289076ee319835bdfa2caad331e377589aebba9 \
+    --hash=sha256:733e99bc2df47476e3848417c5a4540522f234dfd4ef3ab7fafdf555b082ec0c \
+    --hash=sha256:7596d6620d3fa590f677e9ee430df2958d2d6d6de2feeae5b20e82c00b76fbf8 \
+    --hash=sha256:78122be759c3f8a014ce010908ae03364d00a1f81ab5c7f4a7a5120607ea56e1 \
+    --hash=sha256:805b4371bf7197c329fcb3ead37e710d1bca9da5d583f5073b799d5c5bd1eee4 \
+    --hash=sha256:85a950a4ac9c359340d5963966e3e0a94a676bd6245a4b55bc43949eee26a655 \
+    --hash=sha256:8f2cdc858323644ab277e9bb925ad72ae0e67f69e804f4898c070998d50b1a67 \
+    --hash=sha256:9755e4345d1ec879e3849e62222a18c7174d65a6a92d5b346b1863912168b595 \
+    --hash=sha256:98e3969bcff97cae1b2def8ba499ea3d6f31ddfdb7635374834cf89a1a08ecf0 \
+    --hash=sha256:a08d7e755f8ed21095a310a693525137cfe756ce62d066e53f502a83dc550f65 \
+    --hash=sha256:a1ed2dd2972641495a3ec98445e09766f077aee98a1c896dcb4ad0d303628e41 \
+    --hash=sha256:a24ed04c8ffd54b0729c07cee15a81d964e6fee0e3d4d342a27b020d22959dc6 \
+    --hash=sha256:a45e3c6913c5b87b3ff120dcdc03f6131fa0065027d0ed7ee6190736a74cd401 \
+    --hash=sha256:a9b15d491f3ad5d692e11f6b71f7857e7835eb677955c00cc0aefcd0669adaf6 \
+    --hash=sha256:ad9413ccdeda48c5afdae7e4fa2192157e991ff761e7ab8fdd8926f40b160cc3 \
+    --hash=sha256:b2ab587605f4ba0bf81dc0cb08a41bd1c0a5906bd59243d56bad7668a6fc6c16 \
+    --hash=sha256:b62ce867176a75d03a665bad002af8e6d54644fad99a3c70905c543130e39d93 \
+    --hash=sha256:c03e868a0b3bc35839ba98e74211ed2b05d2119be4e8a0f224fba9384f1fe02e \
+    --hash=sha256:c59d6e989d07460165cc5ad3c61f9fd8f1b4796eacbd81cee78957842b834af4 \
+    --hash=sha256:c7eac2ef9b63c79431bc4b25f1cd649d7f061a28808cbc6c47b534bd789ef964 \
+    --hash=sha256:c9c3d058ebabb74db66e431095118094d06abf53284d9c81f27300d0e0d8bc7c \
+    --hash=sha256:ca74b8dbe6e8e8263c0ffd60277de77dcee6c837a3d0881d8c1ead7268c9e576 \
+    --hash=sha256:caaf0640ef5f5517f49bc275eca1406b0ffa6aa184892812030f04c2abf589a0 \
+    --hash=sha256:cdf5ce3acdfd1661132f2a9c19cac174758dc2352bfe37d98aa7512c6b7178b3 \
+    --hash=sha256:d016c76bdd850f3c626af19b0542c9677ba156e4ee4fccfdd7848803533ef662 \
+    --hash=sha256:d01b12eeeb4427d3110de311e1774046ad344f5b1a7403101878976ecd7a10f3 \
+    --hash=sha256:d63afe322132c194cf832bfec0dc69a99fb9bb6bbd550f161a49e9e855cc78ff \
+    --hash=sha256:da95af8214998d77a98cc14e3a3bd00aa191526343078b530ceb0bd710fb48a5 \
+    --hash=sha256:dd398dbc6773384a17fe0d3e7eeb8d1a21c2200473ee6806bb5e6a8e62bb73dd \
+    --hash=sha256:de2ea4b5833625383e464549fec1bc395c1bdeeb5f25c4a3a82b5a8c756ec22f \
+    --hash=sha256:de55b766c7aa2e2a3092c51e0483d700341182f08e67c63630d5b6f200bb28e5 \
+    --hash=sha256:df8b1c11f177bc2313ec4b2d46baec87a5f3e71fc8b45dab2ee7cae86d9aba14 \
+    --hash=sha256:e03eab0a8677fa80d646b5ddece1cbeaf556c313dcfac435ba11f107ba117b5d \
+    --hash=sha256:e221cf152cff04059d011ee126477f0d9588303eb57e88923578ace7baad17f9 \
+    --hash=sha256:e31ae45bc2e29f6b2abd0de1cc3b9d5205aa847cafaecb8af1476a609a2f6eb7 \
+    --hash=sha256:edae79245293e15384b51f88b00613ba9f7198016a5948b5dddf4917d4d26382 \
+    --hash=sha256:f1e22e8c4419538cb197e4dd60acc919d7696e5ef98ee4da4e01d3f8cfa4cc5a \
+    --hash=sha256:f3a2b4222ce6b60e2e8b337bb9596923045681d71e5a082783484d845390938e \
+    --hash=sha256:f6a16c31041f09ead72d69f583767292f750d24913dadacf5756b966aacb3f1a \
+    --hash=sha256:f75c7ab1f9e4aca5414ed4d8e5c0e303a34f4421f8a0d47a4d019ceff0ab6af4 \
+    --hash=sha256:f79fc4fc25f1c8698ff97788206bb3c2598949bfe0fef03d299eb1b5356ada99 \
+    --hash=sha256:f7f5baafcc48261359e14bcd6d9bff6d4b28d9103847c9e136694cb0501aef87 \
+    --hash=sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b
+    # via weasyprint
+cfgv==3.4.0 \
+    --hash=sha256:b7265b1f29fd3316bfcd2b330d63d024f2bfd8bcb8b0272f8e19a504856c48f9 \
+    --hash=sha256:e52591d4c5f5dead8e0f673fb16db7949d2cfb3f7da4582893288f0ded8fe560
+    # via pre-commit
+cssselect2==0.8.0 \
+    --hash=sha256:46fc70ebc41ced7a32cd42d58b1884d72ade23d21e5a4eaaf022401c13f0e76e \
+    --hash=sha256:7674ffb954a3b46162392aee2a3a0aedb2e14ecf99fcc28644900f4e6e3e9d3a
+    # via weasyprint
+distlib==0.4.0 \
+    --hash=sha256:9659f7d87e46584a30b5780e43ac7a2143098441670ff0a49d5f9034c54a6c16 \
+    --hash=sha256:feec40075be03a04501a973d81f633735b4b69f98b05450592310c0f401a4e0d
+    # via virtualenv
+filelock==3.18.0 \
+    --hash=sha256:adbc88eabb99d2fec8c9c1b229b171f18afa655400173ddc653d5d01501fb9f2 \
+    --hash=sha256:c401f4f8377c4464e6db25fff06205fd89bdd83b65eb0488ed1b160f780e21de
+    # via virtualenv
+fonttools==4.59.0 \
+    --hash=sha256:052444a5d0151878e87e3e512a1aa1a0ab35ee4c28afde0a778e23b0ace4a7de \
+    --hash=sha256:169b99a2553a227f7b5fea8d9ecd673aa258617f466b2abc6091fe4512a0dcd0 \
+    --hash=sha256:209b75943d158f610b78320eacb5539aa9e920bee2c775445b2846c65d20e19d \
+    --hash=sha256:21e606b2d38fed938dde871c5736822dd6bda7a4631b92e509a1f5cd1b90c5df \
+    --hash=sha256:241313683afd3baacb32a6bd124d0bce7404bc5280e12e291bae1b9bba28711d \
+    --hash=sha256:26731739daa23b872643f0e4072d5939960237d540c35c14e6a06d47d71ca8fe \
+    --hash=sha256:2e7cf8044ce2598bb87e44ba1d2c6e45d7a8decf56055b92906dc53f67c76d64 \
+    --hash=sha256:31003b6a10f70742a63126b80863ab48175fb8272a18ca0846c0482968f0588e \
+    --hash=sha256:332bfe685d1ac58ca8d62b8d6c71c2e52a6c64bc218dc8f7825c9ea51385aa01 \
+    --hash=sha256:37c377f7cb2ab2eca8a0b319c68146d34a339792f9420fca6cd49cf28d370705 \
+    --hash=sha256:37e01c6ec0c98599778c2e688350d624fa4770fbd6144551bd5e032f1199171c \
+    --hash=sha256:401b1941ce37e78b8fd119b419b617277c65ae9417742a63282257434fd68ea2 \
+    --hash=sha256:4536f2695fe5c1ffb528d84a35a7d3967e5558d2af58b4775e7ab1449d65767b \
+    --hash=sha256:4c908a7036f0f3677f8afa577bcd973e3e20ddd2f7c42a33208d18bee95cdb6f \
+    --hash=sha256:51ab1ff33c19e336c02dee1e9fd1abd974a4ca3d8f7eef2a104d0816a241ce97 \
+    --hash=sha256:524133c1be38445c5c0575eacea42dbd44374b310b1ffc4b60ff01d881fabb96 \
+    --hash=sha256:57bb7e26928573ee7c6504f54c05860d867fd35e675769f3ce01b52af38d48e2 \
+    --hash=sha256:60f6665579e909b618282f3c14fa0b80570fbf1ee0e67678b9a9d43aa5d67a37 \
+    --hash=sha256:62224a9bb85b4b66d1b46d45cbe43d71cbf8f527d332b177e3b96191ffbc1e64 \
+    --hash=sha256:6770d7da00f358183d8fd5c4615436189e4f683bdb6affb02cad3d221d7bb757 \
+    --hash=sha256:6801aeddb6acb2c42eafa45bc1cb98ba236871ae6f33f31e984670b749a8e58e \
+    --hash=sha256:70d6b3ceaa9cc5a6ac52884f3b3d9544e8e231e95b23f138bdb78e6d4dc0eae3 \
+    --hash=sha256:78813b49d749e1bb4db1c57f2d4d7e6db22c253cb0a86ad819f5dc197710d4b2 \
+    --hash=sha256:841b2186adce48903c0fef235421ae21549020eca942c1da773ac380b056ab3c \
+    --hash=sha256:84fc186980231a287b28560d3123bd255d3c6b6659828c642b4cf961e2b923d0 \
+    --hash=sha256:885bde7d26e5b40e15c47bd5def48b38cbd50830a65f98122a8fb90962af7cd1 \
+    --hash=sha256:8b4309a2775e4feee7356e63b163969a215d663399cce1b3d3b65e7ec2d9680e \
+    --hash=sha256:8d77f92438daeaddc05682f0f3dac90c5b9829bcac75b57e8ce09cb67786073c \
+    --hash=sha256:902425f5afe28572d65d2bf9c33edd5265c612ff82c69e6f83ea13eafc0dcbea \
+    --hash=sha256:9bcc1e77fbd1609198966ded6b2a9897bd6c6bcbd2287a2fc7d75f1a254179c5 \
+    --hash=sha256:a408c3c51358c89b29cfa5317cf11518b7ce5de1717abb55c5ae2d2921027de6 \
+    --hash=sha256:a9bf8adc9e1f3012edc8f09b08336272aec0c55bc677422273e21280db748f7c \
+    --hash=sha256:b818db35879d2edf7f46c7e729c700a0bce03b61b9412f5a7118406687cb151d \
+    --hash=sha256:b8974b2a266b54c96709bd5e239979cddfd2dbceed331aa567ea1d7c4a2202db \
+    --hash=sha256:be392ec3529e2f57faa28709d60723a763904f71a2b63aabe14fee6648fe3b14 \
+    --hash=sha256:d3972b13148c1d1fbc092b27678a33b3080d1ac0ca305742b0119b75f9e87e38 \
+    --hash=sha256:d40dcf533ca481355aa7b682e9e079f766f35715defa4929aeb5597f9604272e \
+    --hash=sha256:e93df708c69a193fc7987192f94df250f83f3851fda49413f02ba5dded639482 \
+    --hash=sha256:efd7e6660674e234e29937bc1481dceb7e0336bfae75b856b4fb272b5093c5d4 \
+    --hash=sha256:f9b3a78f69dcbd803cf2fb3f972779875b244c1115481dfbdd567b2c22b31f6b \
+    --hash=sha256:fa39475eaccb98f9199eccfda4298abaf35ae0caec676ffc25b3a5e224044464 \
+    --hash=sha256:fbce6dae41b692a5973d0f2158f782b9ad05babc2c2019a970a1094a23909b1b
+    # via weasyprint
+identify==2.6.13 \
+    --hash=sha256:60381139b3ae39447482ecc406944190f690d4a2997f2584062089848361b33b \
+    --hash=sha256:da8d6c828e773620e13bfa86ea601c5a5310ba4bcd65edf378198b56a1f9fb32
+    # via pre-commit
+nodeenv==1.9.1 \
+    --hash=sha256:6ec12890a2dab7946721edbfbcd91f3319c6ccc9aec47be7c7e6b7011ee6645f \
+    --hash=sha256:ba11c9782d29c27c70ffbdda2d7415098754709be8a7056d79a737cd901155c9
+    # via pre-commit
+numpy==2.2.6 \
+    --hash=sha256:038613e9fb8c72b0a41f025a7e4c3f0b7a1b5d768ece4796b674c8f3fe13efff \
+    --hash=sha256:0678000bb9ac1475cd454c6b8c799206af8107e310843532b04d49649c717a47 \
+    --hash=sha256:0811bb762109d9708cca4d0b13c4f67146e3c3b7cf8d34018c722adb2d957c84 \
+    --hash=sha256:0b605b275d7bd0c640cad4e5d30fa701a8d59302e127e5f79138ad62762c3e3d \
+    --hash=sha256:0bca768cd85ae743b2affdc762d617eddf3bcf8724435498a1e80132d04879e6 \
+    --hash=sha256:1bc23a79bfabc5d056d106f9befb8d50c31ced2fbc70eedb8155aec74a45798f \
+    --hash=sha256:287cc3162b6f01463ccd86be154f284d0893d2b3ed7292439ea97eafa8170e0b \
+    --hash=sha256:37c0ca431f82cd5fa716eca9506aefcabc247fb27ba69c5062a6d3ade8cf8f49 \
+    --hash=sha256:37e990a01ae6ec7fe7fa1c26c55ecb672dd98b19c3d0e1d1f326fa13cb38d163 \
+    --hash=sha256:389d771b1623ec92636b0786bc4ae56abafad4a4c513d36a55dce14bd9ce8571 \
+    --hash=sha256:3d70692235e759f260c3d837193090014aebdf026dfd167834bcba43e30c2a42 \
+    --hash=sha256:41c5a21f4a04fa86436124d388f6ed60a9343a6f767fced1a8a71c3fbca038ff \
+    --hash=sha256:481b49095335f8eed42e39e8041327c05b0f6f4780488f61286ed3c01368d491 \
+    --hash=sha256:4eeaae00d789f66c7a25ac5f34b71a7035bb474e679f410e5e1a94deb24cf2d4 \
+    --hash=sha256:55a4d33fa519660d69614a9fad433be87e5252f4b03850642f88993f7b2ca566 \
+    --hash=sha256:5a6429d4be8ca66d889b7cf70f536a397dc45ba6faeb5f8c5427935d9592e9cf \
+    --hash=sha256:5bd4fc3ac8926b3819797a7c0e2631eb889b4118a9898c84f585a54d475b7e40 \
+    --hash=sha256:5beb72339d9d4fa36522fc63802f469b13cdbe4fdab4a288f0c441b74272ebfd \
+    --hash=sha256:6031dd6dfecc0cf9f668681a37648373bddd6421fff6c66ec1624eed0180ee06 \
+    --hash=sha256:71594f7c51a18e728451bb50cc60a3ce4e6538822731b2933209a1f3614e9282 \
+    --hash=sha256:74d4531beb257d2c3f4b261bfb0fc09e0f9ebb8842d82a7b4209415896adc680 \
+    --hash=sha256:7befc596a7dc9da8a337f79802ee8adb30a552a94f792b9c9d18c840055907db \
+    --hash=sha256:894b3a42502226a1cac872f840030665f33326fc3dac8e57c607905773cdcde3 \
+    --hash=sha256:8e41fd67c52b86603a91c1a505ebaef50b3314de0213461c7a6e99c9a3beff90 \
+    --hash=sha256:8e9ace4a37db23421249ed236fdcdd457d671e25146786dfc96835cd951aa7c1 \
+    --hash=sha256:8fc377d995680230e83241d8a96def29f204b5782f371c532579b4f20607a289 \
+    --hash=sha256:9551a499bf125c1d4f9e250377c1ee2eddd02e01eac6644c080162c0c51778ab \
+    --hash=sha256:b0544343a702fa80c95ad5d3d608ea3599dd54d4632df855e4c8d24eb6ecfa1c \
+    --hash=sha256:b093dd74e50a8cba3e873868d9e93a85b78e0daf2e98c6797566ad8044e8363d \
+    --hash=sha256:b412caa66f72040e6d268491a59f2c43bf03eb6c96dd8f0307829feb7fa2b6fb \
+    --hash=sha256:b4f13750ce79751586ae2eb824ba7e1e8dba64784086c98cdbbcc6a42112ce0d \
+    --hash=sha256:b64d8d4d17135e00c8e346e0a738deb17e754230d7e0810ac5012750bbd85a5a \
+    --hash=sha256:ba10f8411898fc418a521833e014a77d3ca01c15b0c6cdcce6a0d2897e6dbbdf \
+    --hash=sha256:bd48227a919f1bafbdda0583705e547892342c26fb127219d60a5c36882609d1 \
+    --hash=sha256:c1f9540be57940698ed329904db803cf7a402f3fc200bfe599334c9bd84a40b2 \
+    --hash=sha256:c820a93b0255bc360f53eca31a0e676fd1101f673dda8da93454a12e23fc5f7a \
+    --hash=sha256:ce47521a4754c8f4593837384bd3424880629f718d87c5d44f8ed763edd63543 \
+    --hash=sha256:d042d24c90c41b54fd506da306759e06e568864df8ec17ccc17e9e884634fd00 \
+    --hash=sha256:de749064336d37e340f640b05f24e9e3dd678c57318c7289d222a8a2f543e90c \
+    --hash=sha256:e1dda9c7e08dc141e0247a5b8f49cf05984955246a327d4c48bda16821947b2f \
+    --hash=sha256:e29554e2bef54a90aa5cc07da6ce955accb83f21ab5de01a62c8478897b264fd \
+    --hash=sha256:e3143e4451880bed956e706a3220b4e5cf6172ef05fcc397f6f36a550b1dd868 \
+    --hash=sha256:e8213002e427c69c45a52bbd94163084025f533a55a59d6f9c5b820774ef3303 \
+    --hash=sha256:efd28d4e9cd7d7a8d39074a4d44c63eda73401580c5c76acda2ce969e0a38e83 \
+    --hash=sha256:f0fd6321b839904e15c46e0d257fdd101dd7f530fe03fd6359c1ea63738703f3 \
+    --hash=sha256:f1372f041402e37e5e633e586f62aa53de2eac8d98cbfb822806ce4bbefcb74d \
+    --hash=sha256:f2618db89be1b4e05f7a1a847a9c1c0abd63e63a1607d892dd54668dd92faf87 \
+    --hash=sha256:f447e6acb680fd307f40d3da4852208af94afdfab89cf850986c3ca00562f4fa \
+    --hash=sha256:f92729c95468a2f4f15e9bb94c432a9229d0d50de67304399627a943201baa2f \
+    --hash=sha256:f9f1adb22318e121c5c69a09142811a201ef17ab257a1e66ca3025065b7f53ae \
+    --hash=sha256:fc0c5673685c508a142ca65209b4e79ed6740a4ed6b2267dbba90f34b0b3cfda \
+    --hash=sha256:fc7b73d02efb0e18c000e9ad8b83480dfcd5dfd11065997ed4c6747470ae8915 \
+    --hash=sha256:fd83c01228a688733f1ded5201c678f0c53ecc1006ffbc404db9f7a899ac6249 \
+    --hash=sha256:fe27749d33bb772c80dcd84ae7e8df2adc920ae8297400dabec45f0dedb3f6de \
+    --hash=sha256:fee4236c876c4e8369388054d02d0e9bb84821feb1a64dd59e137e6511a551f8
+    # via opencv-python-headless
+opencv-python-headless==4.12.0.88 \
+    --hash=sha256:1e58d664809b3350c1123484dd441e1667cd7bed3086db1b9ea1b6f6cb20b50e \
+    --hash=sha256:236c8df54a90f4d02076e6f9c1cc763d794542e886c576a6fee46ec8ff75a7a9 \
+    --hash=sha256:365bb2e486b50feffc2d07a405b953a8f3e8eaa63865bc650034e5c71e7a5154 \
+    --hash=sha256:86b413bdd6c6bf497832e346cd5371995de148e579b9774f8eba686dee3f5528 \
+    --hash=sha256:aeb4b13ecb8b4a0beb2668ea07928160ea7c2cd2d9b5ef571bbee6bafe9cc8d0 \
+    --hash=sha256:cfdc017ddf2e59b6c2f53bc12d74b6b0be7ded4ec59083ea70763921af2b6c09 \
+    --hash=sha256:fde2cf5c51e4def5f2132d78e0c08f9c14783cd67356922182c6845b9af87dbd
+    # via -r .github\scripts\requirements_dev.in
+pdf2image==1.17.0 \
+    --hash=sha256:eaa959bc116b420dd7ec415fcae49b98100dda3dd18cd2fdfa86d09f112f6d57 \
+    --hash=sha256:ecdd58d7afb810dffe21ef2b1bbc057ef434dabbac6c33778a38a3f7744a27e2
+    # via -r .github\scripts\requirements_dev.in
+pillow==11.3.0 \
+    --hash=sha256:023f6d2d11784a465f09fd09a34b150ea4672e85fb3d05931d89f373ab14abb2 \
+    --hash=sha256:02a723e6bf909e7cea0dac1b0e0310be9d7650cd66222a5f1c571455c0a45214 \
+    --hash=sha256:040a5b691b0713e1f6cbe222e0f4f74cd233421e105850ae3b3c0ceda520f42e \
+    --hash=sha256:05f6ecbeff5005399bb48d198f098a9b4b6bdf27b8487c7f38ca16eeb070cd59 \
+    --hash=sha256:068d9c39a2d1b358eb9f245ce7ab1b5c3246c7c8c7d9ba58cfa5b43146c06e50 \
+    --hash=sha256:0743841cabd3dba6a83f38a92672cccbd69af56e3e91777b0ee7f4dba4385632 \
+    --hash=sha256:092c80c76635f5ecb10f3f83d76716165c96f5229addbd1ec2bdbbda7d496e06 \
+    --hash=sha256:0b275ff9b04df7b640c59ec5a3cb113eefd3795a8df80bac69646ef699c6981a \
+    --hash=sha256:0bce5c4fd0921f99d2e858dc4d4d64193407e1b99478bc5cacecba2311abde51 \
+    --hash=sha256:1019b04af07fc0163e2810167918cb5add8d74674b6267616021ab558dc98ced \
+    --hash=sha256:106064daa23a745510dabce1d84f29137a37224831d88eb4ce94bb187b1d7e5f \
+    --hash=sha256:118ca10c0d60b06d006be10a501fd6bbdfef559251ed31b794668ed569c87e12 \
+    --hash=sha256:13f87d581e71d9189ab21fe0efb5a23e9f28552d5be6979e84001d3b8505abe8 \
+    --hash=sha256:155658efb5e044669c08896c0c44231c5e9abcaadbc5cd3648df2f7c0b96b9a6 \
+    --hash=sha256:1904e1264881f682f02b7f8167935cce37bc97db457f8e7849dc3a6a52b99580 \
+    --hash=sha256:19d2ff547c75b8e3ff46f4d9ef969a06c30ab2d4263a9e287733aa8b2429ce8f \
+    --hash=sha256:1a992e86b0dd7aeb1f053cd506508c0999d710a8f07b4c791c63843fc6a807ac \
+    --hash=sha256:1b9c17fd4ace828b3003dfd1e30bff24863e0eb59b535e8f80194d9cc7ecf860 \
+    --hash=sha256:1c627742b539bba4309df89171356fcb3cc5a9178355b2727d1b74a6cf155fbd \
+    --hash=sha256:1cd110edf822773368b396281a2293aeb91c90a2db00d78ea43e7e861631b722 \
+    --hash=sha256:1f85acb69adf2aaee8b7da124efebbdb959a104db34d3a2cb0f3793dbae422a8 \
+    --hash=sha256:23cff760a9049c502721bdb743a7cb3e03365fafcdfc2ef9784610714166e5a4 \
+    --hash=sha256:2465a69cf967b8b49ee1b96d76718cd98c4e925414ead59fdf75cf0fd07df673 \
+    --hash=sha256:2a3117c06b8fb646639dce83694f2f9eac405472713fcb1ae887469c0d4f6788 \
+    --hash=sha256:2aceea54f957dd4448264f9bf40875da0415c83eb85f55069d89c0ed436e3542 \
+    --hash=sha256:2d6fcc902a24ac74495df63faad1884282239265c6839a0a6416d33faedfae7e \
+    --hash=sha256:30807c931ff7c095620fe04448e2c2fc673fcbb1ffe2a7da3fb39613489b1ddd \
+    --hash=sha256:30b7c02f3899d10f13d7a48163c8969e4e653f8b43416d23d13d1bbfdc93b9f8 \
+    --hash=sha256:3828ee7586cd0b2091b6209e5ad53e20d0649bbe87164a459d0676e035e8f523 \
+    --hash=sha256:3cee80663f29e3843b68199b9d6f4f54bd1d4a6b59bdd91bceefc51238bcb967 \
+    --hash=sha256:3e184b2f26ff146363dd07bde8b711833d7b0202e27d13540bfe2e35a323a809 \
+    --hash=sha256:41342b64afeba938edb034d122b2dda5db2139b9a4af999729ba8818e0056477 \
+    --hash=sha256:41742638139424703b4d01665b807c6468e23e699e8e90cffefe291c5832b027 \
+    --hash=sha256:4445fa62e15936a028672fd48c4c11a66d641d2c05726c7ec1f8ba6a572036ae \
+    --hash=sha256:45dfc51ac5975b938e9809451c51734124e73b04d0f0ac621649821a63852e7b \
+    --hash=sha256:465b9e8844e3c3519a983d58b80be3f668e2a7a5db97f2784e7079fbc9f9822c \
+    --hash=sha256:48d254f8a4c776de343051023eb61ffe818299eeac478da55227d96e241de53f \
+    --hash=sha256:4c834a3921375c48ee6b9624061076bc0a32a60b5532b322cc0ea64e639dd50e \
+    --hash=sha256:4c96f993ab8c98460cd0c001447bff6194403e8b1d7e149ade5f00594918128b \
+    --hash=sha256:504b6f59505f08ae014f724b6207ff6222662aab5cc9542577fb084ed0676ac7 \
+    --hash=sha256:527b37216b6ac3a12d7838dc3bd75208ec57c1c6d11ef01902266a5a0c14fc27 \
+    --hash=sha256:5418b53c0d59b3824d05e029669efa023bbef0f3e92e75ec8428f3799487f361 \
+    --hash=sha256:59a03cdf019efbfeeed910bf79c7c93255c3d54bc45898ac2a4140071b02b4ae \
+    --hash=sha256:5e05688ccef30ea69b9317a9ead994b93975104a677a36a8ed8106be9260aa6d \
+    --hash=sha256:6359a3bc43f57d5b375d1ad54a0074318a0844d11b76abccf478c37c986d3cfc \
+    --hash=sha256:643f189248837533073c405ec2f0bb250ba54598cf80e8c1e043381a60632f58 \
+    --hash=sha256:65dc69160114cdd0ca0f35cb434633c75e8e7fad4cf855177a05bf38678f73ad \
+    --hash=sha256:67172f2944ebba3d4a7b54f2e95c786a3a50c21b88456329314caaa28cda70f6 \
+    --hash=sha256:676b2815362456b5b3216b4fd5bd89d362100dc6f4945154ff172e206a22c024 \
+    --hash=sha256:6a418691000f2a418c9135a7cf0d797c1bb7d9a485e61fe8e7722845b95ef978 \
+    --hash=sha256:6abdbfd3aea42be05702a8dd98832329c167ee84400a1d1f61ab11437f1717eb \
+    --hash=sha256:6be31e3fc9a621e071bc17bb7de63b85cbe0bfae91bb0363c893cbe67247780d \
+    --hash=sha256:7107195ddc914f656c7fc8e4a5e1c25f32e9236ea3ea860f257b0436011fddd0 \
+    --hash=sha256:71f511f6b3b91dd543282477be45a033e4845a40278fa8dcdbfdb07109bf18f9 \
+    --hash=sha256:7859a4cc7c9295f5838015d8cc0a9c215b77e43d07a25e460f35cf516df8626f \
+    --hash=sha256:7966e38dcd0fa11ca390aed7c6f20454443581d758242023cf36fcb319b1a874 \
+    --hash=sha256:79ea0d14d3ebad43ec77ad5272e6ff9bba5b679ef73375ea760261207fa8e0aa \
+    --hash=sha256:7aee118e30a4cf54fdd873bd3a29de51e29105ab11f9aad8c32123f58c8f8081 \
+    --hash=sha256:7b161756381f0918e05e7cb8a371fff367e807770f8fe92ecb20d905d0e1c149 \
+    --hash=sha256:7c8ec7a017ad1bd562f93dbd8505763e688d388cde6e4a010ae1486916e713e6 \
+    --hash=sha256:7d1aa4de119a0ecac0a34a9c8bde33f34022e2e8f99104e47a3ca392fd60e37d \
+    --hash=sha256:7db51d222548ccfd274e4572fdbf3e810a5e66b00608862f947b163e613b67dd \
+    --hash=sha256:819931d25e57b513242859ce1876c58c59dc31587847bf74cfe06b2e0cb22d2f \
+    --hash=sha256:83e1b0161c9d148125083a35c1c5a89db5b7054834fd4387499e06552035236c \
+    --hash=sha256:857844335c95bea93fb39e0fa2726b4d9d758850b34075a7e3ff4f4fa3aa3b31 \
+    --hash=sha256:8797edc41f3e8536ae4b10897ee2f637235c94f27404cac7297f7b607dd0716e \
+    --hash=sha256:8924748b688aa210d79883357d102cd64690e56b923a186f35a82cbc10f997db \
+    --hash=sha256:89bd777bc6624fe4115e9fac3352c79ed60f3bb18651420635f26e643e3dd1f6 \
+    --hash=sha256:8dc70ca24c110503e16918a658b869019126ecfe03109b754c402daff12b3d9f \
+    --hash=sha256:91da1d88226663594e3f6b4b8c3c8d85bd504117d043740a8e0ec449087cc494 \
+    --hash=sha256:921bd305b10e82b4d1f5e802b6850677f965d8394203d182f078873851dada69 \
+    --hash=sha256:932c754c2d51ad2b2271fd01c3d121daaa35e27efae2a616f77bf164bc0b3e94 \
+    --hash=sha256:93efb0b4de7e340d99057415c749175e24c8864302369e05914682ba642e5d77 \
+    --hash=sha256:97afb3a00b65cc0804d1c7abddbf090a81eaac02768af58cbdcaaa0a931e0b6d \
+    --hash=sha256:97f07ed9f56a3b9b5f49d3661dc9607484e85c67e27f3e8be2c7d28ca032fec7 \
+    --hash=sha256:98a9afa7b9007c67ed84c57c9e0ad86a6000da96eaa638e4f8abe5b65ff83f0a \
+    --hash=sha256:9ab6ae226de48019caa8074894544af5b53a117ccb9d3b3dcb2871464c829438 \
+    --hash=sha256:9c412fddd1b77a75aa904615ebaa6001f169b26fd467b4be93aded278266b288 \
+    --hash=sha256:a1bc6ba083b145187f648b667e05a2534ecc4b9f2784c2cbe3089e44868f2b9b \
+    --hash=sha256:a418486160228f64dd9e9efcd132679b7a02a5f22c982c78b6fc7dab3fefb635 \
+    --hash=sha256:a4d336baed65d50d37b88ca5b60c0fa9d81e3a87d4a7930d3880d1624d5b31f3 \
+    --hash=sha256:a6444696fce635783440b7f7a9fc24b3ad10a9ea3f0ab66c5905be1c19ccf17d \
+    --hash=sha256:a7bc6e6fd0395bc052f16b1a8670859964dbd7003bd0af2ff08342eb6e442cfe \
+    --hash=sha256:b4b8f3efc8d530a1544e5962bd6b403d5f7fe8b9e08227c6b255f98ad82b4ba0 \
+    --hash=sha256:b5f56c3f344f2ccaf0dd875d3e180f631dc60a51b314295a3e681fe8cf851fbe \
+    --hash=sha256:be5463ac478b623b9dd3937afd7fb7ab3d79dd290a28e2b6df292dc75063eb8a \
+    --hash=sha256:c37d8ba9411d6003bba9e518db0db0c58a680ab9fe5179f040b0463644bc9805 \
+    --hash=sha256:c84d689db21a1c397d001aa08241044aa2069e7587b398c8cc63020390b1c1b8 \
+    --hash=sha256:c96d333dcf42d01f47b37e0979b6bd73ec91eae18614864622d9b87bbd5bbf36 \
+    --hash=sha256:cadc9e0ea0a2431124cde7e1697106471fc4c1da01530e679b2391c37d3fbb3a \
+    --hash=sha256:cc3e831b563b3114baac7ec2ee86819eb03caa1a2cef0b481a5675b59c4fe23b \
+    --hash=sha256:cd8ff254faf15591e724dc7c4ddb6bf4793efcbe13802a4ae3e863cd300b493e \
+    --hash=sha256:d000f46e2917c705e9fb93a3606ee4a819d1e3aa7a9b442f6444f07e77cf5e25 \
+    --hash=sha256:d9da3df5f9ea2a89b81bb6087177fb1f4d1c7146d583a3fe5c672c0d94e55e12 \
+    --hash=sha256:e5c5858ad8ec655450a7c7df532e9842cf8df7cc349df7225c60d5d348c8aada \
+    --hash=sha256:e67d793d180c9df62f1f40aee3accca4829d3794c95098887edc18af4b8b780c \
+    --hash=sha256:ea944117a7974ae78059fcc1800e5d3295172bb97035c0c1d9345fca1419da71 \
+    --hash=sha256:eb76541cba2f958032d79d143b98a3a6b3ea87f0959bbe256c0b5e416599fd5d \
+    --hash=sha256:ec1ee50470b0d050984394423d96325b744d55c701a439d2bd66089bff963d3c \
+    --hash=sha256:ee92f2fd10f4adc4b43d07ec5e779932b4eb3dbfbc34790ada5a6669bc095aa6 \
+    --hash=sha256:f0f5d8f4a08090c6d6d578351a2b91acf519a54986c055af27e7a93feae6d3f1 \
+    --hash=sha256:f1f182ebd2303acf8c380a54f615ec883322593320a9b00438eb842c1f37ae50 \
+    --hash=sha256:f8a5827f84d973d8636e9dc5764af4f0cf2318d26744b3d902931701b0d46653 \
+    --hash=sha256:f944255db153ebb2b19c51fe85dd99ef0ce494123f21b9db4877ffdfc5590c7c \
+    --hash=sha256:fdae223722da47b024b867c1ea0be64e0df702c5e0a60e27daad39bf960dd1e4 \
+    --hash=sha256:fe27fb049cdcca11f11a7bfda64043c37b30e6b91f10cb5bab275806c32f6ab3
+    # via
+    #   -r .github\scripts\requirements_dev.in
+    #   pdf2image
+    #   weasyprint
+platformdirs==4.3.8 \
+    --hash=sha256:3d512d96e16bcb959a814c9f348431070822a6496326a4be0911c40b5a74c2bc \
+    --hash=sha256:ff7059bb7eb1179e2685604f4aaf157cfd9535242bd23742eadc3c13542139b4
+    # via virtualenv
+pre-commit==4.3.0 \
+    --hash=sha256:2b0747ad7e6e967169136edffee14c16e148a778a54e4f967921aa1ebf2308d8 \
+    --hash=sha256:499fe450cc9d42e9d58e606262795ecb64dd05438943c62b66f6a8673da30b16
+    # via -r .github\scripts\requirements_dev.in
+pycparser==2.22 \
+    --hash=sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6 \
+    --hash=sha256:c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc
+    # via cffi
+pydyf==0.11.0 \
+    --hash=sha256:0aaf9e2ebbe786ec7a78ec3fbffa4cdcecde53fd6f563221d53c6bc1328848a3 \
+    --hash=sha256:394dddf619cca9d0c55715e3c55ea121a9bf9cbc780cdc1201a2427917b86b64
+    # via weasyprint
+pyphen==0.17.2 \
+    --hash=sha256:3a07fb017cb2341e1d9ff31b8634efb1ae4dc4b130468c7c39dd3d32e7c3affd \
+    --hash=sha256:f60647a9c9b30ec6c59910097af82bc5dd2d36576b918e44148d8b07ef3b4aa3
+    # via weasyprint
+pyyaml==6.0.2 \
+    --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \
+    --hash=sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48 \
+    --hash=sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086 \
+    --hash=sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e \
+    --hash=sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133 \
+    --hash=sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5 \
+    --hash=sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484 \
+    --hash=sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee \
+    --hash=sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5 \
+    --hash=sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68 \
+    --hash=sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a \
+    --hash=sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf \
+    --hash=sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99 \
+    --hash=sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8 \
+    --hash=sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85 \
+    --hash=sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19 \
+    --hash=sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc \
+    --hash=sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a \
+    --hash=sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1 \
+    --hash=sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317 \
+    --hash=sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c \
+    --hash=sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631 \
+    --hash=sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d \
+    --hash=sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652 \
+    --hash=sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5 \
+    --hash=sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e \
+    --hash=sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b \
+    --hash=sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8 \
+    --hash=sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476 \
+    --hash=sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706 \
+    --hash=sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563 \
+    --hash=sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237 \
+    --hash=sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b \
+    --hash=sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083 \
+    --hash=sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180 \
+    --hash=sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425 \
+    --hash=sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e \
+    --hash=sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f \
+    --hash=sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725 \
+    --hash=sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183 \
+    --hash=sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab \
+    --hash=sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774 \
+    --hash=sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725 \
+    --hash=sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e \
+    --hash=sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5 \
+    --hash=sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d \
+    --hash=sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290 \
+    --hash=sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44 \
+    --hash=sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed \
+    --hash=sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4 \
+    --hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \
+    --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
+    --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
+    # via pre-commit
+tinycss2==1.4.0 \
+    --hash=sha256:10c0972f6fc0fbee87c3edb76549357415e94548c1ae10ebccdea16fb404a9b7 \
+    --hash=sha256:3a49cf47b7675da0b15d0c6e1df8df4ebd96e9394bb905a5775adb0d884c5289
+    # via
+    #   cssselect2
+    #   weasyprint
+tinyhtml5==2.0.0 \
+    --hash=sha256:086f998833da24c300c414d9fe81d9b368fd04cb9d2596a008421cbc705fcfcc \
+    --hash=sha256:13683277c5b176d070f82d099d977194b7a1e26815b016114f581a74bbfbf47e
+    # via weasyprint
+unoserver==3.3.2 \
+    --hash=sha256:1eeb7467cf6b56b8eff3b576e2d1b2b2ff4e0eb2052e995ac80a1456de300639 \
+    --hash=sha256:87e144f903ee21951b2e06a97549450c13ed7eca5bcebad942d3352d4e882616
+    # via -r .github\scripts\requirements_dev.in
+virtualenv==20.33.1 \
+    --hash=sha256:07c19bc66c11acab6a5958b815cbcee30891cd1c2ccf53785a28651a0d8d8a67 \
+    --hash=sha256:1b44478d9e261b3fb8baa5e74a0ca3bc0e05f21aa36167bf9cbf850e542765b8
+    # via pre-commit
+weasyprint==66.0 \
+    --hash=sha256:82b0783b726fcd318e2c977dcdddca76515b30044bc7a830cc4fbe717582a6d0 \
+    --hash=sha256:da71dc87dc129ac9cffdc65e5477e90365ab9dbae45c744014ec1d06303dde40
+    # via -r .github\scripts\requirements_dev.in
+webencodings==0.5.1 \
+    --hash=sha256:a0af1213f3c2226497a97e2b3aa01a7e4bee4f403f95be16fc9acd2947514a78 \
+    --hash=sha256:b36a1c245f2d304965eb4e0a82848379241dc04b865afcc4aab16748587e1923
+    # via
+    #   cssselect2
+    #   tinycss2
+    #   tinyhtml5
+zopfli==0.2.3.post1 \
+    --hash=sha256:0aa5f90d6298bda02a95bc8dc8c3c19004d5a4e44bda00b67ca7431d857b4b54 \
+    --hash=sha256:0cc20b02a9531559945324c38302fd4ba763311632d0ec8a1a0aa9c10ea363e6 \
+    --hash=sha256:1d8cc06605519e82b16df090e17cb3990d1158861b2872c3117f1168777b81e4 \
+    --hash=sha256:1f990634fd5c5c8ced8edddd8bd45fab565123b4194d6841e01811292650acae \
+    --hash=sha256:2345e713260a350bea0b01a816a469ea356bc2d63d009a0d777691ecbbcf7493 \
+    --hash=sha256:2768c877f76c8a0e7519b1c86c93757f3c01492ddde55751e9988afb7eff64e1 \
+    --hash=sha256:29ea74e72ffa6e291b8c6f2504ce6c146b4fe990c724c1450eb8e4c27fd31431 \
+    --hash=sha256:34a99592f3d9eb6f737616b5bd74b48a589fdb3cb59a01a50d636ea81d6af272 \
+    --hash=sha256:3654bfc927bc478b1c3f3ff5056ed7b20a1a37fa108ca503256d0a699c03bbb1 \
+    --hash=sha256:3657e416ffb8f31d9d3424af12122bb251befae109f2e271d87d825c92fc5b7b \
+    --hash=sha256:37d011e92f7b9622742c905fdbed9920a1d0361df84142807ea2a528419dea7f \
+    --hash=sha256:3827170de28faf144992d3d4dcf8f3998fe3c8a6a6f4a08f1d42c2ec6119d2bb \
+    --hash=sha256:39e576f93576c5c223b41d9c780bbb91fd6db4babf3223d2a4fe7bf568e2b5a8 \
+    --hash=sha256:3a89277ed5f8c0fb2d0b46d669aa0633123aa7381f1f6118c12f15e0fb48f8ca \
+    --hash=sha256:3c163911f8bad94b3e1db0a572e7c28ba681a0c91d0002ea1e4fa9264c21ef17 \
+    --hash=sha256:3f0197b6aa6eb3086ae9e66d6dd86c4d502b6c68b0ec490496348ae8c05ecaef \
+    --hash=sha256:48dba9251060289101343110ab47c0756f66f809bb4d1ddbb6d5c7e7752115c5 \
+    --hash=sha256:4915a41375bdee4db749ecd07d985a0486eb688a6619f713b7bf6fbfd145e960 \
+    --hash=sha256:4c1226a7e2c7105ac31503a9bb97454743f55d88164d6d46bc138051b77f609b \
+    --hash=sha256:4e50ffac74842c1c1018b9b73875a0d0a877c066ab06bf7cccbaa84af97e754f \
+    --hash=sha256:518f1f4ed35dd69ce06b552f84e6d081f07c552b4c661c5312d950a0b764a58a \
+    --hash=sha256:5aad740b4d4fcbaaae4887823925166ffd062db3b248b3f432198fc287381d1a \
+    --hash=sha256:5f272186e03ad55e7af09ab78055535c201b1a0bcc2944edb1768298d9c483a4 \
+    --hash=sha256:5fcfc0dc2761e4fcc15ad5d273b4d58c2e8e059d3214a7390d4d3c8e2aee644e \
+    --hash=sha256:60db20f06c3d4c5934b16cfa62a2cc5c3f0686bffe0071ed7804d3c31ab1a04e \
+    --hash=sha256:615a8ac9dda265e9cc38b2a76c3142e4a9f30fea4a79c85f670850783bc6feb4 \
+    --hash=sha256:6482db9876c68faac2d20a96b566ffbf65ddaadd97b222e4e73641f4f8722fc4 \
+    --hash=sha256:6617fb10f9e4393b331941861d73afb119cd847e88e4974bdbe8068ceef3f73f \
+    --hash=sha256:676919fba7311125244eb0c4393679ac5fe856e5864a15d122bd815205369fa0 \
+    --hash=sha256:6c2d2bc8129707e34c51f9352c4636ca313b52350bbb7e04637c46c1818a2a70 \
+    --hash=sha256:71390dbd3fbf6ebea9a5d85ffed8c26ee1453ee09248e9b88486e30e0397b775 \
+    --hash=sha256:716cdbfc57bfd3d3e31a58e6246e8190e6849b7dbb7c4ce39ef8bbf0edb8f6d5 \
+    --hash=sha256:75a26a2307b10745a83b660c404416e984ee6fca515ec7f0765f69af3ce08072 \
+    --hash=sha256:7be5cc6732eb7b4df17305d8a7b293223f934a31783a874a01164703bc1be6cd \
+    --hash=sha256:7cce242b5df12b2b172489daf19c32e5577dd2fac659eb4b17f6a6efb446fd5c \
+    --hash=sha256:81c341d9bb87a6dbbb0d45d6e272aca80c7c97b4b210f9b6e233bf8b87242f29 \
+    --hash=sha256:89899641d4de97dbad8e0cde690040d078b6aea04066dacaab98e0b5a23573f2 \
+    --hash=sha256:8d5ab297d660b75c159190ce6d73035502310e40fd35170aed7d1a1aea7ddd65 \
+    --hash=sha256:8fbe5bcf10d01aab3513550f284c09fef32f342b36f56bfae2120a9c4d12c130 \
+    --hash=sha256:91a2327a4d7e77471fa4fbb26991c6de4a738c6fc6a33e09bb25f56a870a4b7b \
+    --hash=sha256:95a260cafd56b8fffa679918937401c80bb38e1681c448b988022e4c3610965d \
+    --hash=sha256:96484dc0f48be1c5d7ae9f38ed1ce41e3675fd506b27c11a6607f14b49101e99 \
+    --hash=sha256:9a6aec38a989bad7ddd1ef53f1265699e49e294d08231b5313d61293f3cd6237 \
+    --hash=sha256:9ba214f4f45bec195ee8559651154d3ac2932470b9d91c5715fc29c013349f8c \
+    --hash=sha256:9f4a7ec2770e6af05f5a02733fd3900f30a9cd58e5d6d3727e14c5bcd6e7d587 \
+    --hash=sha256:a1cf720896d2ce998bc8e051d4b4ce0d8bec007aab6243102e8e1d22a0b2fb3f \
+    --hash=sha256:a241a68581d34d67b40c425cce3d1fd211c092f99d9250947824ccba9f491949 \
+    --hash=sha256:a53b18797cdef27e019db595d66c4b077325afe2fd62145953275f53d84ce40c \
+    --hash=sha256:a82fc2dbebe6eb908b9c665e71496f8525c1bc4d2e3a7a7722ef2b128b6227c8 \
+    --hash=sha256:a86eb88e06bd87e1fff31dac878965c26b0c26db59ddcf78bb0379a954b120de \
+    --hash=sha256:aa588b21044f8a74e423d8c8a4c7fc9988501878aacced793467010039c50734 \
+    --hash=sha256:b05296e8bc88c92e2b21e0a9bae4740c1551ee613c1d93a51fd28a7a0b2b6fbb \
+    --hash=sha256:b0ec13f352ea5ae0fc91f98a48540512eed0767d0ec4f7f3cb92d92797983d18 \
+    --hash=sha256:b3df42f52502438ee973042cc551877d24619fa1cd38ef7b7e9ac74200daca8b \
+    --hash=sha256:b78008a69300d929ca2efeffec951b64a312e9a811e265ea4a907ab546d79fa6 \
+    --hash=sha256:b9026a21b6d41eb0e2e63f5bc1242c3fcc43ecb770963cda99a4307863dac12e \
+    --hash=sha256:bbe429fc50686bb2a2608a30843e36fbaa123462a5284f136c7d9e0145220bfd \
+    --hash=sha256:bfa1eb759e07d8b7aa7a310a2bc535e127ee70addf90dc8d4b946b593c3e51a8 \
+    --hash=sha256:c1e0ed5d84ffa2d677cc9582fc01e61dab2e7ef8b8996e055f0a76167b1b94df \
+    --hash=sha256:c4278d1873ce6e803e5d4f8d702fd3026bd67fca744aa98881324d1157ddf748 \
+    --hash=sha256:cac2b37ab21c2b36a10b685b1893ebd6b0f83ae26004838ac817680881576567 \
+    --hash=sha256:cbe6df25807227519debd1a57ab236f5f6bad441500e85b13903e51f93a43214 \
+    --hash=sha256:cd2c002f160502608dcc822ed2441a0f4509c52e86fcfd1a09e937278ed1ca14 \
+    --hash=sha256:e0137dd64a493ba6a4be37405cfd6febe650a98cc1e9dca8f6b8c63b1db11b41 \
+    --hash=sha256:e63d558847166543c2c9789e6f985400a520b7eacc4b99181668b2c3aeadd352 \
+    --hash=sha256:eb45a34f23da4f8bc712b6376ca5396914b0b7c09adbb001dad964eb7f3132f8 \
+    --hash=sha256:ecb7572df5372abce8073df078207d9d1749f20b8b136089916a4a0868d56051 \
+    --hash=sha256:f12000a6accdd4bf0a3fa6eaa1b1c7a7bc80af0a2edf3f89d770d3dcce1d0e22 \
+    --hash=sha256:f7d69c1a7168ad0e9cb864e8663acb232986a0c9c9cb9801f56bf6214f53a54d \
+    --hash=sha256:f815fcc2b2a457977724bad97fb4854022980f51ce7b136925e336b530545ae1 \
+    --hash=sha256:fc39f5c27f962ec8660d8d20c24762431131b5d8c672b44b0a54cf2b5bcde9b9
+    # via fonttools
+
+# The following packages are considered to be unsafe in a requirements file:
+pip==25.2 \
+    --hash=sha256:578283f006390f85bb6282dffb876454593d637f5d1be494b5202ce4877e71f2 \
+    --hash=sha256:6d67a2b4e7f14d8b31b8b52648866fa717f45a1eb70e83002f4331d07e953717
+    # via -r .github\scripts\requirements_dev.in
+setuptools==80.9.0 \
+    --hash=sha256:062d34222ad13e0cc312a4c02d73f059e86a4acbfbdea8f8f76b28c99f306922 \
+    --hash=sha256:f36b47402ecde768dbfafc46e8e4207b4360c654f1f3bb84475f0a28628fb19c
+    # via -r .github\scripts\requirements_dev.in

.github/scripts/requirements_pre_commit.txt

@@ -8,17 +8,17 @@ cfgv==3.4.0 \
     --hash=sha256:b7265b1f29fd3316bfcd2b330d63d024f2bfd8bcb8b0272f8e19a504856c48f9 \
     --hash=sha256:e52591d4c5f5dead8e0f673fb16db7949d2cfb3f7da4582893288f0ded8fe560
     # via pre-commit
-distlib==0.3.9 \
-    --hash=sha256:47f8c22fd27c27e25a65601af709b38e4f0a45ea4fc2e710f65755fa8caaaf87 \
-    --hash=sha256:a60f20dea646b8a33f3e7772f74dc0b2d0772d2837ee1342a00645c81edf9403
+distlib==0.4.0 \
+    --hash=sha256:9659f7d87e46584a30b5780e43ac7a2143098441670ff0a49d5f9034c54a6c16 \
+    --hash=sha256:feec40075be03a04501a973d81f633735b4b69f98b05450592310c0f401a4e0d
     # via virtualenv
 filelock==3.18.0 \
     --hash=sha256:adbc88eabb99d2fec8c9c1b229b171f18afa655400173ddc653d5d01501fb9f2 \
     --hash=sha256:c401f4f8377c4464e6db25fff06205fd89bdd83b65eb0488ed1b160f780e21de
     # via virtualenv
-identify==2.6.12 \
-    --hash=sha256:ad9672d5a72e0d2ff7c5c8809b62dfa60458626352fb0eb7b55e69bdc45334a2 \
-    --hash=sha256:d8de45749f1efb108badef65ee8386f0f7bb19a7f26185f74de6367bffbaf0e6
+identify==2.6.13 \
+    --hash=sha256:60381139b3ae39447482ecc406944190f690d4a2997f2584062089848361b33b \
+    --hash=sha256:da8d6c828e773620e13bfa86ea601c5a5310ba4bcd65edf378198b56a1f9fb32
     # via pre-commit
 nodeenv==1.9.1 \
     --hash=sha256:6ec12890a2dab7946721edbfbcd91f3319c6ccc9aec47be7c7e6b7011ee6645f \
@@ -28,9 +28,9 @@ platformdirs==4.3.8 \
     --hash=sha256:3d512d96e16bcb959a814c9f348431070822a6496326a4be0911c40b5a74c2bc \
     --hash=sha256:ff7059bb7eb1179e2685604f4aaf157cfd9535242bd23742eadc3c13542139b4
     # via virtualenv
-pre-commit==4.2.0 \
-    --hash=sha256:601283b9757afd87d40c4c4a9b2b5de9637a8ea02eaff7adc2d0fb4e04841146 \
-    --hash=sha256:a009ca7205f1eb497d10b845e52c838a98b6cdd2102a6c8e4540e94ee75c58bd
+pre-commit==4.3.0 \
+    --hash=sha256:2b0747ad7e6e967169136edffee14c16e148a778a54e4f967921aa1ebf2308d8 \
+    --hash=sha256:499fe450cc9d42e9d58e606262795ecb64dd05438943c62b66f6a8673da30b16
     # via -r .github\scripts\requirements_pre_commit.in
 pyyaml==6.0.2 \
     --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \
@@ -87,7 +87,11 @@ pyyaml==6.0.2 \
     --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \
     --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4
     # via pre-commit
-virtualenv==20.31.2 \
-    --hash=sha256:36efd0d9650ee985f0cad72065001e66d49a6f24eb44d98980f630686243cf11 \
-    --hash=sha256:e10c0a9d02835e592521be48b332b6caee6887f332c111aa79a09b9e79efc2af
+typing-extensions==4.14.1 \
+    --hash=sha256:38b39f4aeeab64884ce9f74c94263ef78f3c22467c8724005483154c26648d36 \
+    --hash=sha256:d1e1e3b58374dc93031d6eda2420a48ea44a36c2b4766a4fdeb3710755731d76
+    # via virtualenv
+virtualenv==20.34.0 \
+    --hash=sha256:341f5afa7eee943e4984a9207c025feedd768baff6753cd660c857ceb3e36026 \
+    --hash=sha256:44815b2c9dee7ed86e387b842a84f20b93f7f417f95886ca1996a72a4138eb1a
     # via pre-commit

.github/workflows/PR-Demo-Comment-with-react.yml

@@ -33,8 +33,6 @@ jobs:
       )
     outputs:
       pr_number: ${{ steps.get-pr.outputs.pr_number }}
-      pr_repository: ${{ steps.get-pr-info.outputs.repository }}
-      pr_ref: ${{ steps.get-pr-info.outputs.ref }}
       comment_id: ${{ github.event.comment.id }}
       disable_security: ${{ steps.check-security-flag.outputs.disable_security }}
       enable_pro: ${{ steps.check-pro-flag.outputs.enable_pro }}
@@ -46,7 +44,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Setup GitHub App Bot
         if: github.actor != 'dependabot[bot]'
@@ -66,29 +64,6 @@ jobs:
             console.log(`PR Number: ${prNumber}`);
             core.setOutput('pr_number', prNumber);
 
-      - name: Get PR repository and ref
-        id: get-pr-info
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
-        with:
-          script: |
-            const { owner, repo } = context.repo;
-            const prNumber = context.payload.issue.number;
-
-            const { data: pr } = await github.rest.pulls.get({
-              owner,
-              repo,
-              pull_number: prNumber,
-            });
-
-            // For forks, use the full repository name, for internal PRs use the current repo
-            const repository = pr.head.repo.fork ? pr.head.repo.full_name : `${owner}/${repo}`;
-
-            console.log(`PR Repository: ${repository}`);
-            console.log(`PR Branch: ${pr.head.ref}`);
-
-            core.setOutput('repository', repository);
-            core.setOutput('ref', pr.head.ref);
-
       - name: Check for security/login flag
         id: check-security-flag
         env:
@@ -157,7 +132,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Setup GitHub App Bot
         if: github.actor != 'dependabot[bot]'
@@ -169,14 +144,13 @@ jobs:
           private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
 
       - name: Checkout PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
-          repository: ${{ needs.check-comment.outputs.pr_repository }}
-          ref: ${{ needs.check-comment.outputs.pr_ref }}
+          ref: refs/pull/${{ needs.check-comment.outputs.pr_number }}/merge
           token: ${{ steps.setup-bot.outputs.token }}
 
       - name: Set up JDK
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"

.github/workflows/PR-Demo-cleanup.yml

@@ -26,7 +26,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout PR
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Setup GitHub App Bot
         if: github.actor != 'dependabot[bot]'

.github/workflows/ai_pr_title_review.yml

@@ -23,7 +23,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           fetch-depth: 0
 
@@ -87,7 +87,7 @@ jobs:
       - name: AI PR Title Analysis
         if: steps.actor.outputs.is_repo_dev == 'true'
         id: ai-title-analysis
-        uses: actions/ai-inference@0cbed4a10641c75090de5968e66d70eb4660f751 # v1.2.7
+        uses: actions/ai-inference@b81b2afb8390ee6839b494a404766bef6493c7d9 # v1.2.8
         with:
           model: openai/gpt-4o
           system-prompt-file: ".github/config/system-prompt.txt"

.github/workflows/auto-labelerV2.yml

@@ -17,7 +17,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Setup GitHub App Bot
         id: setup-bot

.github/workflows/build.yml

@@ -34,7 +34,7 @@ jobs:
       project: ${{ steps.changes.outputs.project }}
       openapi: ${{ steps.changes.outputs.openapi }}
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Check for file changes
         uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
@@ -61,16 +61,16 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK ${{ matrix.jdk-version }}
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: ${{ matrix.jdk-version }}
           distribution: "temurin"
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+        uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 
@@ -134,20 +134,22 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+        uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
 
       - name: Generate OpenAPI documentation
         run: ./gradlew :stirling-pdf:generateOpenApiDocs
-
+        env:
+          DISABLE_ADDITIONAL_FEATURES: true
+      
       - name: Upload OpenAPI Documentation
         uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
@@ -165,18 +167,21 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
-      - name: check the licenses for compatibility
+      - name: Check licenses for compatibility
         run: ./gradlew clean checkLicense
+        env:
+          DISABLE_ADDITIONAL_FEATURES: false
+          STIRLING_PDF_DESKTOP_UI: true
 
-      - name: FAILED - check the licenses for compatibility
+      - name: FAILED - Check licenses for compatibility
         if: failure()
         uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
@@ -211,10 +216,10 @@ jobs:
           egress-policy: audit
 
       - name: Checkout Repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up Java 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
@@ -260,16 +265,16 @@ jobs:
           egress-policy: audit
 
       - name: Checkout Repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
       - name: Set up Gradle
-        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+        uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 

.github/workflows/check_properties.yml

@@ -35,7 +35,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout main branch first
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Setup GitHub App Bot
         id: setup-bot

.github/workflows/dependency-review.yml

@@ -22,6 +22,6 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout Repository"
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: "Dependency Review"
-        uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1
+        uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4.7.3

.github/workflows/licenses-update.yml

@@ -36,7 +36,7 @@ jobs:
           egress-policy: audit
 
       - name: Check out code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           fetch-depth: 0
 
@@ -48,16 +48,19 @@ jobs:
           private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+        uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
 
       - name: Check licenses for compatibility
         run: ./gradlew clean checkLicense
+        env:
+          DISABLE_ADDITIONAL_FEATURES: false
+          STIRLING_PDF_DESKTOP_UI: true
 
       - name: Upload artifact on failure
         if: failure()

.github/workflows/manage-label.yml

@@ -20,7 +20,7 @@ jobs:
           egress-policy: audit
 
       - name: Check out the repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Run Labeler
         uses: crazy-max/ghaction-github-labeler@24d110aa46a59976b8a7f35518cb7f14f434c916 # v5.3.0

.github/workflows/multiOSReleases.yml

@@ -25,10 +25,10 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           distribution: 'temurin'
           java-version: '21'
@@ -64,15 +64,15 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 21
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "21"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+      - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 
@@ -115,7 +115,7 @@ jobs:
           egress-policy: audit
 
       - name: Download build artifacts
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
         with:
           name: stirling-${{ matrix.file_suffix }}binaries
 
@@ -152,15 +152,15 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 21
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "21"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+      - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 
@@ -243,7 +243,7 @@ jobs:
           egress-policy: audit
 
       - name: Download build artifacts
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
         with:
           name: ${{ matrix.platform }}binaries
 
@@ -306,7 +306,7 @@ jobs:
           egress-policy: audit
 
       - name: Download signed artifacts
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
       - name: Display structure of downloaded files
         run: ls -R
       - name: Upload binaries, attestations and signatures to Release and create GitHub Release

.github/workflows/pre_commit.yml

@@ -22,7 +22,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           fetch-depth: 0
 
@@ -48,7 +48,7 @@ jobs:
         continue-on-error: true
 
       - name: Set up JDK
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: 17
           distribution: "temurin"

.github/workflows/push-docker.yml

@@ -34,15 +34,15 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+      - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 

.github/workflows/releaseArtifacts.yml

@@ -27,15 +27,15 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+      - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 
@@ -88,7 +88,7 @@ jobs:
           egress-policy: audit
 
       - name: Download build artifacts
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
         with:
           name: binaries${{ matrix.file_suffix }}
       - name: Display structure of downloaded files
@@ -166,7 +166,7 @@ jobs:
           egress-policy: audit
 
       - name: Download signed artifacts
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
         with:
           name: signed${{ matrix.file_suffix }}
 

.github/workflows/scorecards.yml

@@ -39,7 +39,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           persist-credentials: false
 
@@ -74,6 +74,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
+        uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
         with:
           sarif_file: results.sarif

.github/workflows/sonarqube.yml

@@ -34,12 +34,12 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           fetch-depth: 0
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+        uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
 
       - name: Build and analyze with Gradle
         env:

.github/workflows/swagger.yml

@@ -30,15 +30,15 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK 17
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: "17"
           distribution: "temurin"
 
-      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+      - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
 
       - name: Generate Swagger documentation
         run: ./gradlew :stirling-pdf:generateOpenApiDocs

.github/workflows/sync_files.yml

@@ -36,7 +36,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Setup GitHub App Bot
         id: setup-bot

.github/workflows/testdriver.yml

@@ -29,16 +29,16 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up JDK
-        uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
+        uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: '17'
           distribution: 'temurin'
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
+        uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
         with:
           gradle-version: 8.14
 
@@ -116,8 +116,25 @@ jobs:
             docker-compose up -d
           EOF
 
+  files-changed:
+    if: always()
+    name: detect what files changed
+    runs-on: ubuntu-latest
+    timeout-minutes: 3
+    outputs:
+      frontend: ${{ steps.changes.outputs.frontend }}
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Check for file changes
+        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+        id: changes
+        with:
+          filters: ".github/config/.files.yaml"
+
   test:
-    needs: deploy
+    if: needs.files-changed.outputs.frontend == 'true'
+    needs: [deploy, files-changed]
     runs-on: ubuntu-latest
 
     steps:
@@ -126,18 +143,20 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up Node
         uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
         with:
           cache: 'npm'
+          cache-dependency-path: frontend/package-lock.json
 
       - name: Run TestDriver.ai
         uses: testdriverai/action@f0d0f45fdd684db628baa843fe9313f3ca3a8aa8 #1.1.3
         with:
           key: ${{secrets.TESTDRIVER_API_KEY}}
           prerun: |
+            cd frontend
             npm install
             npm run build
             npm install dashcam-chrome --save
@@ -167,6 +186,7 @@ jobs:
           sudo chmod 600 ../private.key
 
       - name: Cleanup deployment
+        if: always()
         run: |
           ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << EOF
             cd /stirling/test-${{ github.sha }}
@@ -174,3 +194,4 @@ jobs:
             cd /stirling
             rm -rf test-${{ github.sha }}
           EOF
+        continue-on-error: true # Ensure cleanup runs even if previous steps fail

.gitignore

@@ -200,3 +200,6 @@ id_ed25519.pub
 
 # node_modules
 node_modules/
+
+# weasyPrint
+**/LOCAL_APPDATA_FONTCONFIG_CACHE/**

DATABASE.md

@@ -5,7 +5,7 @@
 The newly introduced feature enhances the application with robust database backup and import capabilities. This feature is designed to ensure data integrity and provide a straightforward way to manage database backups. Here's how it works:
 
 1. Automatic Backup Creation
-   - The system automatically creates a database backup every day at midnight. This ensures that there is always a recent backup available, minimizing the risk of data loss.
+   - The system automatically creates a database backup on a configurable schedule (default: daily at midnight via `system.databaseBackup.cron`). This ensures that there is always a recent backup available, minimizing the risk of data loss.
 2. Manual Backup Export
    - Admin actions that modify the user database trigger a manual export of the database. This keeps the backup up-to-date with the latest changes and provides an extra layer of data security.
 3. Importing Database Backups

Dockerfile.dev

@@ -34,10 +34,10 @@ ENV SETUPTOOLS_USE_DISTUTILS=local \
     TMP=/tmp/stirling-pdf
 
 # Installation der benötigten Python-Pakete
+COPY .github/scripts/requirements_dev.txt /tmp/requirements_dev.txt
 RUN python3 -m venv --system-site-packages /opt/venv \
   && . /opt/venv/bin/activate \
-  && pip install --no-cache-dir --upgrade pip setuptools \
-  && pip install --no-cache-dir WeasyPrint pdf2image pillow unoserver opencv-python-headless pre-commit
+  && pip install --no-cache-dir --require-hashes -r /tmp/requirements_dev.txt
 
 # Füge den venv-Pfad zur globalen PATH-Variable hinzu, damit die Tools verfügbar sind
 ENV PATH="/opt/venv/bin:$PATH"

README.md

@@ -120,31 +120,31 @@ Stirling-PDF currently supports 40 languages!
 | Azerbaijani (Azərbaycan Dili) (az_AZ)        | ![62%](https://geps.dev/progress/62)   |
 | Basque (Euskara) (eu_ES)                     | ![36%](https://geps.dev/progress/36)   |
 | Bulgarian (Български) (bg_BG)                | ![68%](https://geps.dev/progress/68)   |
-| Catalan (Català) (ca_CA)                     | ![68%](https://geps.dev/progress/68)   |
+| Catalan (Català) (ca_CA)                     | ![67%](https://geps.dev/progress/67)   |
 | Croatian (Hrvatski) (hr_HR)                  | ![60%](https://geps.dev/progress/60)   |
-| Czech (Česky) (cs_CZ)                        | ![70%](https://geps.dev/progress/70)   |
+| Czech (Česky) (cs_CZ)                        | ![69%](https://geps.dev/progress/69)   |
 | Danish (Dansk) (da_DK)                       | ![61%](https://geps.dev/progress/61)   |
 | Dutch (Nederlands) (nl_NL)                   | ![60%](https://geps.dev/progress/60)   |
 | English (English) (en_GB)                    | ![100%](https://geps.dev/progress/100) |
 | English (US) (en_US)                         | ![100%](https://geps.dev/progress/100) |
-| French (Français) (fr_FR)                    | ![89%](https://geps.dev/progress/89)   |
-| German (Deutsch) (de_DE)                     | ![98%](https://geps.dev/progress/98)   |
+| French (Français) (fr_FR)                    | ![88%](https://geps.dev/progress/88)   |
+| German (Deutsch) (de_DE)                     | ![97%](https://geps.dev/progress/97)   |
 | Greek (Ελληνικά) (el_GR)                     | ![67%](https://geps.dev/progress/67)   |
 | Hindi (हिंदी) (hi_IN)                          | ![67%](https://geps.dev/progress/67)   |
-| Hungarian (Magyar) (hu_HU)                   | ![97%](https://geps.dev/progress/97)   |
+| Hungarian (Magyar) (hu_HU)                   | ![99%](https://geps.dev/progress/99)   |
 | Indonesian (Bahasa Indonesia) (id_ID)        | ![62%](https://geps.dev/progress/62)   |
 | Irish (Gaeilge) (ga_IE)                      | ![68%](https://geps.dev/progress/68)   |
 | Italian (Italiano) (it_IT)                   | ![98%](https://geps.dev/progress/98)   |
-| Japanese (日本語) (ja_JP)                    | ![93%](https://geps.dev/progress/93)   |
+| Japanese (日本語) (ja_JP)                    | ![92%](https://geps.dev/progress/92)   |
 | Korean (한국어) (ko_KR)                      | ![67%](https://geps.dev/progress/67)   |
 | Norwegian (Norsk) (no_NB)                    | ![66%](https://geps.dev/progress/66)   |
 | Persian (فارسی) (fa_IR)                      | ![64%](https://geps.dev/progress/64)   |
 | Polish (Polski) (pl_PL)                      | ![72%](https://geps.dev/progress/72)   |
-| Portuguese (Português) (pt_PT)               | ![69%](https://geps.dev/progress/69)   |
+| Portuguese (Português) (pt_PT)               | ![68%](https://geps.dev/progress/68)   |
 | Portuguese Brazilian (Português) (pt_BR)     | ![76%](https://geps.dev/progress/76)   |
 | Romanian (Română) (ro_RO)                    | ![57%](https://geps.dev/progress/57)   |
 | Russian (Русский) (ru_RU)                    | ![88%](https://geps.dev/progress/88)   |
-| Serbian Latin alphabet (Srpski) (sr_LATN_RS) | ![95%](https://geps.dev/progress/95)   |
+| Serbian Latin alphabet (Srpski) (sr_LATN_RS) | ![94%](https://geps.dev/progress/94)   |
 | Simplified Chinese (简体中文) (zh_CN)         | ![93%](https://geps.dev/progress/93)   |
 | Slovakian (Slovensky) (sk_SK)                | ![51%](https://geps.dev/progress/51)   |
 | Slovenian (Slovenščina) (sl_SI)              | ![71%](https://geps.dev/progress/71)   |
@@ -152,9 +152,9 @@ Stirling-PDF currently supports 40 languages!
 | Swedish (Svenska) (sv_SE)                    | ![65%](https://geps.dev/progress/65)   |
 | Thai (ไทย) (th_TH)                           | ![59%](https://geps.dev/progress/59)   |
 | Tibetan (བོད་ཡིག་) (bo_CN)                     | ![65%](https://geps.dev/progress/65) |
-| Traditional Chinese (繁體中文) (zh_TW)        | ![97%](https://geps.dev/progress/97)   |
-| Turkish (Türkçe) (tr_TR)                     | ![80%](https://geps.dev/progress/80)   |
-| Ukrainian (Українська) (uk_UA)               | ![71%](https://geps.dev/progress/71)   |
+| Traditional Chinese (繁體中文) (zh_TW)        | ![99%](https://geps.dev/progress/99)   |
+| Turkish (Türkçe) (tr_TR)                     | ![99%](https://geps.dev/progress/99)   |
+| Ukrainian (Українська) (uk_UA)               | ![70%](https://geps.dev/progress/70)   |
 | Vietnamese (Tiếng Việt) (vi_VN)              | ![57%](https://geps.dev/progress/57)   |
 | Malayalam (മലയാളം) (ml_IN)              | ![73%](https://geps.dev/progress/73)   |
 

app/common/build.gradle

@@ -39,7 +39,7 @@ dependencies {
     api "org.apache.pdfbox:pdfbox:$pdfboxVersion"
     api 'jakarta.servlet:jakarta.servlet-api:6.1.0'
     api 'org.snakeyaml:snakeyaml-engine:2.10'
-    api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.9"
-    api 'jakarta.mail:jakarta.mail-api:2.1.3'
+    api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.12"
+    api 'jakarta.mail:jakarta.mail-api:2.1.4'
     runtimeOnly 'org.eclipse.angus:angus-mail:2.0.4'
 }

app/common/src/main/java/stirling/software/common/annotations/AutoJobPostMapping.java

@@ -3,6 +3,7 @@ package stirling.software.common.annotations;
 import java.lang.annotation.*;
 
 import org.springframework.core.annotation.AliasFor;
+import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
@@ -37,7 +38,7 @@ public @interface AutoJobPostMapping {
 
     /** MIME types this endpoint accepts. Defaults to {@code multipart/form-data}. */
     @AliasFor(annotation = RequestMapping.class, attribute = "consumes")
-    String[] consumes() default {"multipart/form-data"};
+    String[] consumes() default {MediaType.MULTIPART_FORM_DATA_VALUE};
 
     /**
      * Maximum execution time in milliseconds before the job is aborted. A negative value means "use

app/common/src/main/java/stirling/software/common/aop/AutoJobAspect.java

@@ -19,7 +19,6 @@ import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.annotations.AutoJobPostMapping;
 import stirling.software.common.model.api.PDFFile;
-import stirling.software.common.service.FileOrUploadService;
 import stirling.software.common.service.FileStorage;
 import stirling.software.common.service.JobExecutorService;
 
@@ -34,7 +33,6 @@ public class AutoJobAspect {
 
     private final JobExecutorService jobExecutorService;
     private final HttpServletRequest request;
-    private final FileOrUploadService fileOrUploadService;
     private final FileStorage fileStorage;
 
     @Around("@annotation(autoJobPostMapping)")
@@ -53,7 +51,8 @@ public class AutoJobAspect {
         boolean trackProgress = autoJobPostMapping.trackProgress();
 
         log.debug(
-                "AutoJobPostMapping execution with async={}, timeout={}, retryCount={}, trackProgress={}",
+                "AutoJobPostMapping execution with async={}, timeout={}, retryCount={},"
+                        + " trackProgress={}",
                 async,
                 timeout > 0 ? timeout : "default",
                 retryCount,
@@ -148,7 +147,8 @@ public class AutoJobAspect {
                         } catch (Throwable ex) {
                             lastException = ex;
                             log.error(
-                                    "AutoJobAspect caught exception during job execution (attempt {}/{}): {}",
+                                    "AutoJobAspect caught exception during job execution (attempt"
+                                            + " {}/{}): {}",
                                     currentAttempt,
                                     maxRetries,
                                     ex.getMessage(),

app/common/src/main/java/stirling/software/common/configuration/AppConfig.java

@@ -8,6 +8,7 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Properties;
 import java.util.function.Predicate;
+import java.util.stream.Stream;
 
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -51,6 +52,14 @@ public class AppConfig {
     @Value("${server.port:8080}")
     private String serverPort;
 
+    @Value("${v2}")
+    public boolean v2Enabled;
+
+    @Bean
+    public boolean v2Enabled() {
+        return v2Enabled;
+    }
+
     @Bean
     @ConditionalOnProperty(name = "system.customHTMLFiles", havingValue = "true")
     public SpringTemplateEngine templateEngine(ResourceLoader resourceLoader) {
@@ -120,7 +129,7 @@ public class AppConfig {
     public boolean rateLimit() {
         String rateLimit = System.getProperty("rateLimit");
         if (rateLimit == null) rateLimit = System.getenv("rateLimit");
-        return (rateLimit != null) ? Boolean.valueOf(rateLimit) : false;
+        return Boolean.parseBoolean(rateLimit);
     }
 
     @Bean(name = "RunningInDocker")
@@ -140,8 +149,8 @@ public class AppConfig {
         if (!Files.exists(mountInfo)) {
             return true;
         }
-        try {
-            return Files.lines(mountInfo).anyMatch(line -> line.contains(" /configs "));
+        try (Stream<String> lines = Files.lines(mountInfo)) {
+            return lines.anyMatch(line -> line.contains(" /configs "));
         } catch (IOException e) {
             return false;
         }

app/common/src/main/java/stirling/software/common/configuration/ConfigInitializer.java

@@ -23,10 +23,30 @@ import stirling.software.common.util.YamlHelper;
 @Slf4j
 public class ConfigInitializer {
 
+    private static final int MIN_SETTINGS_FILE_LINES = 31;
+
     public void ensureConfigExists() throws IOException, URISyntaxException {
         // 1) If settings file doesn't exist, create from template
         Path destPath = Paths.get(InstallationPathConfig.getSettingsPath());
-        if (Files.notExists(destPath)) {
+
+        boolean settingsFileExists = Files.exists(destPath);
+
+        long lineCount = settingsFileExists ? Files.readAllLines(destPath).size() : 0;
+
+        log.info("Current settings file line count: {}", lineCount);
+
+        if (!settingsFileExists || lineCount < MIN_SETTINGS_FILE_LINES) {
+            if (settingsFileExists) {
+                // move settings.yml to settings.yml.{timestamp}.bak
+                Path backupPath =
+                        Paths.get(
+                                InstallationPathConfig.getSettingsPath()
+                                        + "."
+                                        + System.currentTimeMillis()
+                                        + ".bak");
+                Files.move(destPath, backupPath, StandardCopyOption.REPLACE_EXISTING);
+                log.info("Moved existing settings file to backup: {}", backupPath);
+            }
             Files.createDirectories(destPath.getParent());
             try (InputStream in =
                     getClass().getClassLoader().getResourceAsStream("settings.yml.template")) {

app/common/src/main/java/stirling/software/common/configuration/InstallationPathConfig.java

@@ -14,12 +14,17 @@ public class InstallationPathConfig {
     private static final String CONFIG_PATH;
     private static final String CUSTOM_FILES_PATH;
     private static final String CLIENT_WEBUI_PATH;
-    private static final String SCRIPTS_PATH;
     private static final String PIPELINE_PATH;
 
     // Config paths
     private static final String SETTINGS_PATH;
     private static final String CUSTOM_SETTINGS_PATH;
+    private static final String SCRIPTS_PATH;
+    private static final String BACKUP_PATH;
+
+    // Backup paths
+    private static final String BACKUP_DB_PATH;
+    private static final String BACKUP_PRIVATE_KEY_PATH;
 
     // Custom file paths
     private static final String STATIC_PATH;
@@ -40,6 +45,11 @@ public class InstallationPathConfig {
         SETTINGS_PATH = CONFIG_PATH + "settings.yml";
         CUSTOM_SETTINGS_PATH = CONFIG_PATH + "custom_settings.yml";
         SCRIPTS_PATH = CONFIG_PATH + "scripts" + File.separator;
+        BACKUP_PATH = CONFIG_PATH + "backup" + File.separator;
+
+        // Initialize backup paths
+        BACKUP_DB_PATH = BACKUP_PATH + "db" + File.separator;
+        BACKUP_PRIVATE_KEY_PATH = BACKUP_PATH + "keys" + File.separator;
 
         // Initialize custom file paths
         STATIC_PATH = CUSTOM_FILES_PATH + "static" + File.separator;
@@ -120,4 +130,12 @@ public class InstallationPathConfig {
     public static String getSignaturesPath() {
         return SIGNATURES_PATH;
     }
+
+    public static String getPrivateKeyPath() {
+        return BACKUP_PRIVATE_KEY_PATH;
+    }
+
+    public static String getBackupPath() {
+        return BACKUP_DB_PATH;
+    }
 }

app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java

@@ -41,6 +41,7 @@ import stirling.software.common.model.oauth2.GitHubProvider;
 import stirling.software.common.model.oauth2.GoogleProvider;
 import stirling.software.common.model.oauth2.KeycloakProvider;
 import stirling.software.common.model.oauth2.Provider;
+import stirling.software.common.service.SsrfProtectionService.SsrfProtectionLevel;
 import stirling.software.common.util.ValidationUtils;
 
 @Data
@@ -119,6 +120,7 @@ public class ApplicationProperties {
         private long loginResetTimeMinutes;
         private String loginMethod = "all";
         private String customGlobalAPIKey;
+        private Jwt jwt = new Jwt();
 
         public Boolean isAltLogin() {
             return saml2.getEnabled() || oauth2.getEnabled();
@@ -298,6 +300,15 @@ public class ApplicationProperties {
                 }
             }
         }
+
+        @Data
+        public static class Jwt {
+            private boolean enableKeystore = true;
+            private boolean enableKeyRotation = false;
+            private boolean enableKeyCleanup = true;
+            private int keyRetentionDays = 7;
+            private boolean secureCookie;
+        }
     }
 
     @Data
@@ -318,12 +329,18 @@ public class ApplicationProperties {
         private CustomPaths customPaths = new CustomPaths();
         private String fileUploadLimit;
         private TempFileManagement tempFileManagement = new TempFileManagement();
+        private DatabaseBackup databaseBackup = new DatabaseBackup();
 
         public boolean isAnalyticsEnabled() {
             return this.getEnableAnalytics() != null && this.getEnableAnalytics();
         }
     }
 
+    @Data
+    public static class DatabaseBackup {
+        private String cron = "0 0 0 * * ?"; // daily at midnight
+    }
+
     @Data
     public static class CustomPaths {
         private Pipeline pipeline = new Pipeline();
@@ -380,7 +397,7 @@ public class ApplicationProperties {
         @Data
         public static class UrlSecurity {
             private boolean enabled = true;
-            private String level = "MEDIUM"; // MAX, MEDIUM, OFF
+            private SsrfProtectionLevel level = SsrfProtectionLevel.MEDIUM; // MAX, MEDIUM, OFF
             private List<String> allowedDomains = new ArrayList<>();
             private List<String> blockedDomains = new ArrayList<>();
             private List<String> internalTlds =

app/common/src/main/java/stirling/software/common/model/FileInfo.java

@@ -8,9 +8,11 @@ import java.util.Locale;
 
 import lombok.AllArgsConstructor;
 import lombok.Data;
+import lombok.NoArgsConstructor;
 
-@AllArgsConstructor
 @Data
+@NoArgsConstructor
+@AllArgsConstructor
 public class FileInfo {
     private static final DateTimeFormatter DATE_FORMATTER =
             DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");

app/common/src/main/java/stirling/software/common/model/InputStreamTemplateResource.java

@@ -7,14 +7,14 @@ import java.io.Reader;
 
 import org.thymeleaf.templateresource.ITemplateResource;
 
-public class InputStreamTemplateResource implements ITemplateResource {
-    private InputStream inputStream;
-    private String characterEncoding;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
 
-    public InputStreamTemplateResource(InputStream inputStream, String characterEncoding) {
-        this.inputStream = inputStream;
-        this.characterEncoding = characterEncoding;
-    }
+@RequiredArgsConstructor
+@Getter
+public class InputStreamTemplateResource implements ITemplateResource {
+    private final InputStream inputStream;
+    private final String characterEncoding;
 
     @Override
     public Reader reader() throws IOException {

app/common/src/main/java/stirling/software/common/model/PdfMetadata.java

@@ -2,11 +2,15 @@ package stirling.software.common.model;
 
 import java.util.Calendar;
 
+import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
+import lombok.NoArgsConstructor;
 
 @Data
 @Builder
+@NoArgsConstructor
+@AllArgsConstructor
 public class PdfMetadata {
     private String author;
     private String producer;

app/common/src/main/java/stirling/software/common/model/api/PDFFile.java

@@ -1,5 +1,6 @@
 package stirling.software.common.model.api;
 
+import org.springframework.http.MediaType;
 import org.springframework.web.multipart.MultipartFile;
 
 import io.swagger.v3.oas.annotations.media.Schema;
@@ -14,7 +15,7 @@ import lombok.NoArgsConstructor;
 public class PDFFile {
     @Schema(
             description = "The input PDF file",
-            contentMediaType = "application/pdf",
+            contentMediaType = MediaType.APPLICATION_PDF_VALUE,
             format = "binary")
     private MultipartFile fileInput;
 

app/common/src/main/java/stirling/software/common/service/JobExecutorService.java

@@ -227,7 +227,8 @@ public class JobExecutorService {
             if (result instanceof byte[]) {
                 // Store byte array directly to disk to avoid double memory consumption
                 String fileId = fileStorage.storeBytes((byte[]) result, "result.pdf");
-                taskManager.setFileResult(jobId, fileId, "result.pdf", "application/pdf");
+                taskManager.setFileResult(
+                        jobId, fileId, "result.pdf", MediaType.APPLICATION_PDF_VALUE);
                 log.debug("Stored byte[] result with fileId: {}", fileId);
 
                 // Let the byte array get collected naturally in the next GC cycle
@@ -239,7 +240,7 @@ public class JobExecutorService {
                 if (body instanceof byte[]) {
                     // Extract filename from content-disposition header if available
                     String filename = "result.pdf";
-                    String contentType = "application/pdf";
+                    String contentType = MediaType.APPLICATION_PDF_VALUE;
 
                     if (response.getHeaders().getContentDisposition() != null) {
                         String disposition =
@@ -252,8 +253,10 @@ public class JobExecutorService {
                         }
                     }
 
-                    if (response.getHeaders().getContentType() != null) {
-                        contentType = response.getHeaders().getContentType().toString();
+                    MediaType mediaType = response.getHeaders().getContentType();
+
+                    if (mediaType != null) {
+                        contentType = mediaType.toString();
                     }
 
                     // Store byte array directly to disk
@@ -274,7 +277,7 @@ public class JobExecutorService {
                             if (fileId != null && !fileId.isEmpty()) {
                                 // Try to get filename and content type
                                 String filename = "result.pdf";
-                                String contentType = "application/pdf";
+                                String contentType = MediaType.APPLICATION_PDF_VALUE;
 
                                 try {
                                     java.lang.reflect.Method getOriginalFileName =
@@ -315,8 +318,7 @@ public class JobExecutorService {
                     // Store generic result
                     taskManager.setResult(jobId, body);
                 }
-            } else if (result instanceof MultipartFile) {
-                MultipartFile file = (MultipartFile) result;
+            } else if (result instanceof MultipartFile file) {
                 String fileId = fileStorage.storeFile(file);
                 taskManager.setFileResult(
                         jobId, fileId, file.getOriginalFilename(), file.getContentType());
@@ -333,7 +335,7 @@ public class JobExecutorService {
                         if (fileId != null && !fileId.isEmpty()) {
                             // Try to get filename and content type
                             String filename = "result.pdf";
-                            String contentType = "application/pdf";
+                            String contentType = MediaType.APPLICATION_PDF_VALUE;
 
                             try {
                                 java.lang.reflect.Method getOriginalFileName =
@@ -396,9 +398,8 @@ public class JobExecutorService {
                             HttpHeaders.CONTENT_DISPOSITION,
                             "form-data; name=\"attachment\"; filename=\"result.pdf\"")
                     .body(result);
-        } else if (result instanceof MultipartFile) {
+        } else if (result instanceof MultipartFile file) {
             // Return MultipartFile content
-            MultipartFile file = (MultipartFile) result;
             return ResponseEntity.ok()
                     .contentType(MediaType.parseMediaType(file.getContentType()))
                     .header(

app/common/src/main/java/stirling/software/common/service/SsrfProtectionService.java

@@ -1,5 +1,7 @@
 package stirling.software.common.service;
 
+import java.net.Inet4Address;
+import java.net.Inet6Address;
 import java.net.InetAddress;
 import java.net.URI;
 import java.net.UnknownHostException;
@@ -51,21 +53,17 @@ public class SsrfProtectionService {
 
         SsrfProtectionLevel level = parseProtectionLevel(config.getLevel());
 
-        switch (level) {
-            case OFF:
-                return true;
-            case MAX:
-                return isMaxSecurityAllowed(trimmedUrl, config);
-            case MEDIUM:
-                return isMediumSecurityAllowed(trimmedUrl, config);
-            default:
-                return false;
-        }
+        return switch (level) {
+            case OFF -> true;
+            case MAX -> isMaxSecurityAllowed(trimmedUrl, config);
+            case MEDIUM -> isMediumSecurityAllowed(trimmedUrl, config);
+            default -> false;
+        };
     }
 
-    private SsrfProtectionLevel parseProtectionLevel(String level) {
+    private SsrfProtectionLevel parseProtectionLevel(SsrfProtectionLevel level) {
         try {
-            return SsrfProtectionLevel.valueOf(level.toUpperCase());
+            return SsrfProtectionLevel.valueOf(level.name());
         } catch (IllegalArgumentException e) {
             log.warn("Invalid SSRF protection level '{}', defaulting to MEDIUM", level);
             return SsrfProtectionLevel.MEDIUM;
@@ -172,15 +170,62 @@ public class SsrfProtectionService {
     }
 
     private boolean isPrivateAddress(InetAddress address) {
-        return address.isSiteLocalAddress()
-                || address.isAnyLocalAddress()
-                || isPrivateIPv4Range(address.getHostAddress());
+        if (address.isAnyLocalAddress() || address.isLoopbackAddress()) {
+            return true;
+        }
+
+        if (address instanceof Inet4Address) {
+            return isPrivateIPv4Range(address.getHostAddress());
+        }
+
+        if (address instanceof Inet6Address addr6) {
+            if (addr6.isLinkLocalAddress() || addr6.isSiteLocalAddress()) {
+                return true;
+            }
+
+            byte[] bytes = addr6.getAddress();
+            if (isIpv4MappedAddress(bytes)) {
+                String ipv4 =
+                        (bytes[12] & 0xff)
+                                + "."
+                                + (bytes[13] & 0xff)
+                                + "."
+                                + (bytes[14] & 0xff)
+                                + "."
+                                + (bytes[15] & 0xff);
+                return isPrivateIPv4Range(ipv4);
+            }
+
+            int firstByte = bytes[0] & 0xff;
+            // Check for IPv6 unique local addresses (fc00::/7)
+            if ((firstByte & 0xfe) == 0xfc) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private boolean isIpv4MappedAddress(byte[] addr) {
+        if (addr.length != 16) {
+            return false;
+        }
+        for (int i = 0; i < 10; i++) {
+            if (addr[i] != 0) {
+                return false;
+            }
+        }
+        // For IPv4-mapped IPv6 addresses, bytes 10 and 11 must be 0xff (i.e., address is
+        // ::ffff:w.x.y.z)
+        return addr[10] == (byte) 0xff && addr[11] == (byte) 0xff;
     }
 
     private boolean isPrivateIPv4Range(String ip) {
+        // Includes RFC1918, loopback, link-local, and unspecified addresses
         return ip.startsWith("10.")
                 || ip.startsWith("192.168.")
                 || (ip.startsWith("172.") && isInRange172(ip))
+                || ip.startsWith("169.254.")
                 || ip.startsWith("127.")
                 || "0.0.0.0".equals(ip);
     }
@@ -192,17 +237,31 @@ public class SsrfProtectionService {
                 int secondOctet = Integer.parseInt(parts[1]);
                 return secondOctet >= 16 && secondOctet <= 31;
             } catch (NumberFormatException e) {
-                return false;
             }
         }
         return false;
     }
 
     private boolean isCloudMetadataAddress(String ip) {
+        String normalizedIp = normalizeIpv4MappedAddress(ip);
         // Cloud metadata endpoints for AWS, GCP, Azure, Oracle Cloud, and IBM Cloud
-        return ip.startsWith("169.254.169.254") // AWS/GCP/Azure
-                || ip.startsWith("fd00:ec2::254") // AWS IPv6
-                || ip.startsWith("169.254.169.253") // Oracle Cloud
-                || ip.startsWith("169.254.169.250"); // IBM Cloud
+        return normalizedIp.startsWith("169.254.169.254") // AWS/GCP/Azure
+                || normalizedIp.startsWith("fd00:ec2::254") // AWS IPv6
+                || normalizedIp.startsWith("169.254.169.253") // Oracle Cloud
+                || normalizedIp.startsWith("169.254.169.250"); // IBM Cloud
+    }
+
+    private String normalizeIpv4MappedAddress(String ip) {
+        if (ip == null) {
+            return "";
+        }
+        if (ip.startsWith("::ffff:")) {
+            return ip.substring(7);
+        }
+        int lastColon = ip.lastIndexOf(':');
+        if (lastColon >= 0 && ip.indexOf('.') > lastColon) {
+            return ip.substring(lastColon + 1);
+        }
+        return ip;
     }
 }

app/common/src/main/java/stirling/software/common/util/ChecksumUtils.java

@@ -0,0 +1,301 @@
+package stirling.software.common.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.ByteBuffer;
+import java.nio.ByteOrder;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+import java.util.LinkedHashMap;
+import java.util.Locale;
+import java.util.Map;
+import java.util.zip.Adler32;
+import java.util.zip.CRC32;
+import java.util.zip.Checksum;
+
+import lombok.experimental.UtilityClass;
+
+@UtilityClass
+public class ChecksumUtils {
+
+    /** Shared buffer size for streaming I/O. */
+    private static final int BUFFER_SIZE = 8192;
+
+    /** Mask to extract the lower 32 bits of a long value (unsigned int). */
+    private static final long UNSIGNED_32_BIT_MASK = 0xFFFFFFFFL;
+
+    /**
+     * Computes a checksum for the given file using the chosen algorithm and returns a lowercase hex
+     * string.
+     *
+     * <p>For digest algorithms (e.g., SHA-256, SHA-1, MD5), this returns the digest as hex. For
+     * 32-bit {@link Checksum} algorithms ("CRC32", "ADLER32"), this returns an 8-character
+     * lowercase hex string of the unsigned 32-bit value.
+     *
+     * @param path file to read
+     * @param algorithm algorithm name (case-insensitive). Special values: "CRC32", "ADLER32".
+     * @return hex string of the checksum
+     * @throws IOException if the file cannot be read
+     */
+    public static String checksum(Path path, String algorithm) throws IOException {
+        try (InputStream is = Files.newInputStream(path)) {
+            return checksum(is, algorithm);
+        }
+    }
+
+    /**
+     * Computes a checksum for the given stream using the chosen algorithm and returns a lowercase
+     * hex string.
+     *
+     * <p><strong>Note:</strong> This method does <em>not</em> close the provided stream.
+     *
+     * @param is input stream (not closed by this method)
+     * @param algorithm algorithm name (case-insensitive). Special values: "CRC32", "ADLER32".
+     * @return hex string of the checksum
+     * @throws IOException if reading from the stream fails
+     */
+    public static String checksum(InputStream is, String algorithm) throws IOException {
+        switch (algorithm.toUpperCase(Locale.ROOT)) {
+            case "CRC32":
+                return checksumChecksum(is, new CRC32());
+            case "ADLER32":
+                return checksumChecksum(is, new Adler32());
+            default:
+                return toHex(checksumBytes(is, algorithm));
+        }
+    }
+
+    /**
+     * Computes a checksum for the given file using the chosen algorithm and returns a Base64
+     * encoded string.
+     *
+     * <p>For digest algorithms this is the Base64 of the raw digest bytes. For 32-bit checksum
+     * algorithms ("CRC32", "ADLER32"), this is the Base64 of the 4-byte big-endian unsigned value.
+     *
+     * @param path file to read
+     * @param algorithm algorithm name (case-insensitive). Special values: "CRC32", "ADLER32".
+     * @return Base64-encoded checksum bytes
+     * @throws IOException if the file cannot be read
+     */
+    public static String checksumBase64(Path path, String algorithm) throws IOException {
+        try (InputStream is = Files.newInputStream(path)) {
+            return checksumBase64(is, algorithm);
+        }
+    }
+
+    /**
+     * Computes a checksum for the given stream using the chosen algorithm and returns a Base64
+     * encoded string.
+     *
+     * <p><strong>Note:</strong> This method does <em>not</em> close the provided stream.
+     *
+     * @param is input stream (not closed by this method)
+     * @param algorithm algorithm name (case-insensitive). Special values: "CRC32", "ADLER32".
+     * @return Base64-encoded checksum bytes
+     * @throws IOException if reading from the stream fails
+     */
+    public static String checksumBase64(InputStream is, String algorithm) throws IOException {
+        switch (algorithm.toUpperCase(Locale.ROOT)) {
+            case "CRC32":
+                return Base64.getEncoder().encodeToString(checksumChecksumBytes(is, new CRC32()));
+            case "ADLER32":
+                return Base64.getEncoder().encodeToString(checksumChecksumBytes(is, new Adler32()));
+            default:
+                return Base64.getEncoder().encodeToString(checksumBytes(is, algorithm));
+        }
+    }
+
+    /**
+     * Computes multiple checksums for the given file in a single pass over the data.
+     *
+     * <p>Returns a map from algorithm name to lowercase hex string. Order of results follows the
+     * order of the provided {@code algorithms}.
+     *
+     * @param path file to read
+     * @param algorithms algorithm names (case-insensitive). Special: "CRC32", "ADLER32".
+     * @return map of algorithm → hex string
+     * @throws IOException if the file cannot be read
+     */
+    public static Map<String, String> checksums(Path path, String... algorithms)
+            throws IOException {
+        try (InputStream is = Files.newInputStream(path)) {
+            return checksums(is, algorithms);
+        }
+    }
+
+    /**
+     * Computes multiple checksums for the given stream in a single pass over the data.
+     *
+     * <p><strong>Note:</strong> This method does <em>not</em> close the provided stream.
+     *
+     * @param is input stream (not closed by this method)
+     * @param algorithms algorithm names (case-insensitive). Special: "CRC32", "ADLER32".
+     * @return map of algorithm → hex string
+     * @throws IOException if reading from the stream fails
+     */
+    public static Map<String, String> checksums(InputStream is, String... algorithms)
+            throws IOException {
+        // Use LinkedHashMap to preserve the order of requested algorithms in the result.
+        Map<String, MessageDigest> digests = new LinkedHashMap<>();
+        Map<String, Checksum> checksums = new LinkedHashMap<>();
+
+        for (String algorithm : algorithms) {
+            String key = algorithm; // keep original key for output
+            switch (algorithm.toUpperCase(Locale.ROOT)) {
+                case "CRC32":
+                    checksums.put(key, new CRC32());
+                    break;
+                case "ADLER32":
+                    checksums.put(key, new Adler32());
+                    break;
+                default:
+                    try {
+                        // For MessageDigest, pass the original name (case-insensitive per JCA)
+                        digests.put(key, MessageDigest.getInstance(algorithm));
+                    } catch (NoSuchAlgorithmException e) {
+                        throw new IllegalStateException("Unsupported algorithm: " + algorithm, e);
+                    }
+            }
+        }
+
+        byte[] buffer = new byte[BUFFER_SIZE];
+        int read;
+        while ((read = is.read(buffer)) != -1) {
+            for (MessageDigest digest : digests.values()) {
+                digest.update(buffer, 0, read);
+            }
+            for (Checksum cs : checksums.values()) {
+                cs.update(buffer, 0, read);
+            }
+        }
+
+        Map<String, String> results = new LinkedHashMap<>();
+        for (Map.Entry<String, MessageDigest> entry : digests.entrySet()) {
+            results.put(entry.getKey(), toHex(entry.getValue().digest()));
+        }
+        for (Map.Entry<String, Checksum> entry : checksums.entrySet()) {
+            // Keep value as long and mask to ensure unsigned hex formatting.
+            long unsigned32 = entry.getValue().getValue() & UNSIGNED_32_BIT_MASK;
+            results.put(entry.getKey(), String.format("%08x", unsigned32));
+        }
+        return results;
+    }
+
+    /**
+     * Compares the checksum of a file with an expected hex string (case-insensitive).
+     *
+     * @param path file to read
+     * @param algorithm algorithm name (case-insensitive). Special: "CRC32", "ADLER32".
+     * @param expected expected hex string (case-insensitive)
+     * @return {@code true} if they match, otherwise {@code false}
+     * @throws IOException if the file cannot be read
+     */
+    public static boolean matches(Path path, String algorithm, String expected) throws IOException {
+        try (InputStream is = Files.newInputStream(path)) {
+            return matches(is, algorithm, expected);
+        }
+    }
+
+    /**
+     * Compares the checksum of a stream with an expected hex string (case-insensitive).
+     *
+     * <p><strong>Note:</strong> This method does <em>not</em> close the provided stream.
+     *
+     * @param is input stream (not closed by this method)
+     * @param algorithm algorithm name (case-insensitive). Special: "CRC32", "ADLER32".
+     * @param expected expected hex string (case-insensitive)
+     * @return {@code true} if they match, otherwise {@code false}
+     * @throws IOException if reading from the stream fails
+     */
+    public static boolean matches(InputStream is, String algorithm, String expected)
+            throws IOException {
+        return checksum(is, algorithm).equalsIgnoreCase(expected);
+    }
+
+    // ---------- Internal helpers ----------
+
+    /**
+     * Computes a MessageDigest over a stream and returns the raw digest bytes.
+     *
+     * @param is input stream (not closed)
+     * @param algorithm JCA MessageDigest algorithm (e.g., "SHA-256")
+     * @return raw digest bytes
+     * @throws IOException if reading fails
+     * @throws IllegalStateException if the algorithm is unsupported
+     */
+    private static byte[] checksumBytes(InputStream is, String algorithm) throws IOException {
+        try {
+            MessageDigest digest = MessageDigest.getInstance(algorithm);
+            byte[] buffer = new byte[BUFFER_SIZE];
+            int read;
+            while ((read = is.read(buffer)) != -1) {
+                digest.update(buffer, 0, read);
+            }
+            return digest.digest();
+        } catch (NoSuchAlgorithmException e) {
+            // Keep the message explicit to aid debugging
+            throw new IllegalStateException("Unsupported algorithm: " + algorithm, e);
+        }
+    }
+
+    /**
+     * Computes a 32-bit {@link Checksum} over a stream and returns the lowercase 8-char hex of the
+     * unsigned 32-bit value.
+     *
+     * @param is input stream (not closed)
+     * @param checksum checksum implementation (CRC32, Adler32, etc.)
+     * @return 8-character lowercase hex (big-endian representation)
+     * @throws IOException if reading fails
+     */
+    private static String checksumChecksum(InputStream is, Checksum checksum) throws IOException {
+        byte[] buffer = new byte[BUFFER_SIZE];
+        int read;
+        while ((read = is.read(buffer)) != -1) {
+            checksum.update(buffer, 0, read);
+        }
+        // Keep as long and mask to ensure correct unsigned representation.
+        long unsigned32 = checksum.getValue() & UNSIGNED_32_BIT_MASK;
+        return String.format("%08x", unsigned32);
+    }
+
+    /**
+     * Computes a 32-bit {@link Checksum} over a stream and returns the raw 4-byte big-endian
+     * representation of the unsigned 32-bit value.
+     *
+     * <p>Cast to int already truncates to the lower 32 bits; the sign is irrelevant because we
+     * serialize the bit pattern directly into 4 bytes.
+     *
+     * @param is input stream (not closed)
+     * @param checksum checksum implementation (CRC32, Adler32, etc.)
+     * @return 4 bytes (big-endian)
+     * @throws IOException if reading fails
+     */
+    private static byte[] checksumChecksumBytes(InputStream is, Checksum checksum)
+            throws IOException {
+        byte[] buffer = new byte[BUFFER_SIZE];
+        int read;
+        while ((read = is.read(buffer)) != -1) {
+            checksum.update(buffer, 0, read);
+        }
+        // Cast keeps only the lower 32 bits; mask is unnecessary here.
+        int v = (int) checksum.getValue();
+        return ByteBuffer.allocate(4).order(ByteOrder.BIG_ENDIAN).putInt(v).array();
+    }
+
+    /**
+     * Converts bytes to a lowercase hex string.
+     *
+     * @param hash the byte array to convert
+     * @return the lowercase hex string
+     */
+    private static String toHex(byte[] hash) {
+        StringBuilder sb = new StringBuilder(hash.length * 2);
+        for (byte b : hash) {
+            sb.append(String.format("%02x", b));
+        }
+        return sb.toString();
+    }
+}

app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java

@@ -4,7 +4,6 @@ import org.owasp.html.AttributePolicy;
 import org.owasp.html.HtmlPolicyBuilder;
 import org.owasp.html.PolicyFactory;
 import org.owasp.html.Sanitizers;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import stirling.software.common.model.ApplicationProperties;
@@ -16,7 +15,6 @@ public class CustomHtmlSanitizer {
     private final SsrfProtectionService ssrfProtectionService;
     private final ApplicationProperties applicationProperties;
 
-    @Autowired
     public CustomHtmlSanitizer(
             SsrfProtectionService ssrfProtectionService,
             ApplicationProperties applicationProperties) {

app/common/src/main/java/stirling/software/common/util/EmlParser.java

@@ -12,6 +12,8 @@ import java.util.List;
 import java.util.Properties;
 import java.util.regex.Pattern;
 
+import org.springframework.http.MediaType;
+
 import lombok.Data;
 import lombok.experimental.UtilityClass;
 
@@ -28,8 +30,8 @@ public class EmlParser {
             Pattern.compile("=\\?([^?]+)\\?([BbQq])\\?([^?]*)\\?=");
 
     private static final String DISPOSITION_ATTACHMENT = "attachment";
-    private static final String TEXT_PLAIN = "text/plain";
-    private static final String TEXT_HTML = "text/html";
+    private static final String TEXT_PLAIN = MediaType.TEXT_PLAIN_VALUE;
+    private static final String TEXT_HTML = MediaType.TEXT_HTML_VALUE;
     private static final String MULTIPART_PREFIX = "multipart/";
 
     private static final String HEADER_CONTENT_TYPE = "content-type:";
@@ -69,12 +71,12 @@ public class EmlParser {
         if (isJakartaMailAvailable()) {
             return extractEmailContentAdvanced(emlBytes, request, customHtmlSanitizer);
         } else {
-            return extractEmailContentBasic(emlBytes, request, customHtmlSanitizer);
+            return extractEmailContentBasic(emlBytes, customHtmlSanitizer);
         }
     }
 
     private static EmailContent extractEmailContentBasic(
-            byte[] emlBytes, EmlToPdfRequest request, CustomHtmlSanitizer customHtmlSanitizer) {
+            byte[] emlBytes, CustomHtmlSanitizer customHtmlSanitizer) {
         String emlContent = new String(emlBytes, StandardCharsets.UTF_8);
         EmailContent content = new EmailContent();
 
@@ -121,7 +123,7 @@ public class EmlParser {
             return extractFromMimeMessage(message, request, customHtmlSanitizer);
 
         } catch (ReflectiveOperationException e) {
-            return extractEmailContentBasic(emlBytes, request, customHtmlSanitizer);
+            return extractEmailContentBasic(emlBytes, customHtmlSanitizer);
         }
     }
 

app/common/src/main/java/stirling/software/common/util/EmlProcessingUtils.java

@@ -8,6 +8,8 @@ import java.util.Map;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+import org.springframework.http.MediaType;
+
 import lombok.experimental.UtilityClass;
 
 import stirling.software.common.model.api.converters.EmlToPdfRequest;
@@ -33,10 +35,10 @@ public class EmlProcessingUtils {
     // MIME type detection
     private static final Map<String, String> EXTENSION_TO_MIME_TYPE =
             Map.of(
-                    ".png", "image/png",
-                    ".jpg", "image/jpeg",
-                    ".jpeg", "image/jpeg",
-                    ".gif", "image/gif",
+                    ".png", MediaType.IMAGE_PNG_VALUE,
+                    ".jpg", MediaType.IMAGE_JPEG_VALUE,
+                    ".jpeg", MediaType.IMAGE_JPEG_VALUE,
+                    ".gif", MediaType.IMAGE_GIF_VALUE,
                     ".bmp", "image/bmp",
                     ".webp", "image/webp",
                     ".svg", "image/svg+xml",
@@ -81,8 +83,8 @@ public class EmlProcessingUtils {
                             || lowerContent.contains("bcc:");
             boolean hasMimeStructure =
                     lowerContent.contains("multipart/")
-                            || lowerContent.contains("text/plain")
-                            || lowerContent.contains("text/html")
+                            || lowerContent.contains(MediaType.TEXT_PLAIN_VALUE)
+                            || lowerContent.contains(MediaType.TEXT_HTML_VALUE)
                             || lowerContent.contains("boundary=");
 
             int headerCount = 0;
@@ -464,7 +466,7 @@ public class EmlProcessingUtils {
             }
         }
 
-        return "image/png";
+        return MediaType.IMAGE_PNG_VALUE; // Default MIME type
     }
 
     public static String decodeUrlEncoded(String encoded) {

app/common/src/main/java/stirling/software/common/util/PDFService.java

@@ -0,0 +1,35 @@
+package stirling.software.common.util;
+
+import java.io.IOException;
+import java.util.List;
+
+import org.apache.pdfbox.multipdf.PDFMergerUtility;
+import org.apache.pdfbox.pdmodel.PDDocument;
+import org.springframework.stereotype.Service;
+
+import lombok.RequiredArgsConstructor;
+
+import stirling.software.common.service.CustomPDFDocumentFactory;
+
+@Service
+@RequiredArgsConstructor
+public class PDFService {
+
+    private final CustomPDFDocumentFactory pdfDocumentFactory;
+
+    /*
+     * Merge multiple PDF documents into a single PDF document
+     *
+     * @param documents List of PDDocument to be merged
+     * @return Merged PDDocument
+     * @throws IOException If an error occurs during merging
+     */
+    public PDDocument mergeDocuments(List<PDDocument> documents) throws IOException {
+        PDDocument merged = pdfDocumentFactory.createNewDocument();
+        PDFMergerUtility merger = new PDFMergerUtility();
+        for (PDDocument doc : documents) {
+            merger.appendDocument(merged, doc);
+        }
+        return merged;
+    }
+}

app/common/src/main/java/stirling/software/common/util/PDFToFile.java

@@ -36,7 +36,7 @@ public class PDFToFile {
 
     public ResponseEntity<byte[]> processPdfToMarkdown(MultipartFile inputFile)
             throws IOException, InterruptedException {
-        if (!"application/pdf".equals(inputFile.getContentType())) {
+        if (!MediaType.APPLICATION_PDF_VALUE.equals(inputFile.getContentType())) {
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
         }
 
@@ -153,7 +153,7 @@ public class PDFToFile {
 
     public ResponseEntity<byte[]> processPdfToHtml(MultipartFile inputFile)
             throws IOException, InterruptedException {
-        if (!"application/pdf".equals(inputFile.getContentType())) {
+        if (!MediaType.APPLICATION_PDF_VALUE.equals(inputFile.getContentType())) {
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
         }
 
@@ -223,7 +223,7 @@ public class PDFToFile {
             MultipartFile inputFile, String outputFormat, String libreOfficeFilter)
             throws IOException, InterruptedException {
 
-        if (!"application/pdf".equals(inputFile.getContentType())) {
+        if (!MediaType.APPLICATION_PDF_VALUE.equals(inputFile.getContentType())) {
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
         }
 

app/common/src/main/java/stirling/software/common/util/PdfAttachmentHandler.java

@@ -37,6 +37,7 @@ import org.apache.pdfbox.pdmodel.interactive.annotation.PDAppearanceStream;
 import org.apache.pdfbox.text.PDFTextStripper;
 import org.apache.pdfbox.text.TextPosition;
 import org.jetbrains.annotations.NotNull;
+import org.springframework.http.MediaType;
 import org.springframework.web.multipart.MultipartFile;
 
 import lombok.Data;
@@ -118,7 +119,7 @@ public class PdfAttachmentHandler {
             public String getContentType() {
                 return attachment.getContentType() != null
                         ? attachment.getContentType()
-                        : "application/octet-stream";
+                        : MediaType.APPLICATION_OCTET_STREAM_VALUE;
             }
 
             @Override

app/common/src/main/java/stirling/software/common/util/PdfUtils.java

@@ -29,6 +29,7 @@ import org.apache.pdfbox.pdmodel.graphics.image.PDImageXObject;
 import org.apache.pdfbox.rendering.ImageType;
 import org.apache.pdfbox.rendering.PDFRenderer;
 import org.apache.pdfbox.text.PDFTextStripper;
+import org.springframework.http.MediaType;
 import org.springframework.web.multipart.MultipartFile;
 
 import io.github.pixee.security.Filenames;
@@ -142,7 +143,8 @@ public class PdfUtils {
             ImageType colorType,
             boolean singleImage,
             int DPI,
-            String filename)
+            String filename,
+            boolean includeAnnotations)
             throws IOException, Exception {
 
         // Validate and limit DPI to prevent excessive memory usage
@@ -155,7 +157,8 @@ public class PdfUtils {
         if (DPI > maxSafeDpi) {
             throw ExceptionUtils.createIllegalArgumentException(
                     "error.dpiExceedsLimit",
-                    "DPI value {0} exceeds maximum safe limit of {1}. High DPI values can cause memory issues and crashes. Please use a lower DPI value.",
+                    "DPI value {0} exceeds maximum safe limit of {1}. High DPI values can cause"
+                            + " memory issues and crashes. Please use a lower DPI value.",
                     DPI,
                     maxSafeDpi);
         }
@@ -163,6 +166,9 @@ public class PdfUtils {
         try (PDDocument document = pdfDocumentFactory.load(inputStream)) {
             PDFRenderer pdfRenderer = new PDFRenderer(document);
             pdfRenderer.setSubsamplingAllowed(true);
+            if (!includeAnnotations) {
+                pdfRenderer.setAnnotationsFilter(annotation -> false);
+            }
             int pageCount = document.getNumberOfPages();
 
             // Create a ByteArrayOutputStream to save the image(s) to
@@ -192,7 +198,9 @@ public class PdfUtils {
                                                 .contains("Maximum size of image exceeded")) {
                                     throw ExceptionUtils.createIllegalArgumentException(
                                             "error.pageTooBigForDpi",
-                                            "PDF page {0} is too large to render at {1} DPI. Please try a lower DPI value (recommended: 150 or less).",
+                                            "PDF page {0} is too large to render at {1} DPI. Please"
+                                                    + " try a lower DPI value (recommended: 150 or"
+                                                    + " less).",
                                             i + 1,
                                             DPI);
                                 }
@@ -237,7 +245,10 @@ public class PdfUtils {
                                                 .contains("Maximum size of image exceeded")) {
                                     throw ExceptionUtils.createIllegalArgumentException(
                                             "error.pageTooBigExceedsArray",
-                                            "PDF page {0} is too large to render at {1} DPI. The resulting image would exceed Java's maximum array size. Please try a lower DPI value (recommended: 150 or less).",
+                                            "PDF page {0} is too large to render at {1} DPI. The"
+                                                    + " resulting image would exceed Java's maximum"
+                                                    + " array size. Please try a lower DPI value"
+                                                    + " (recommended: 150 or less).",
                                             i + 1,
                                             DPI);
                                 }
@@ -278,7 +289,9 @@ public class PdfUtils {
                                                 .contains("Maximum size of image exceeded")) {
                                     throw ExceptionUtils.createIllegalArgumentException(
                                             "error.pageTooBigForDpi",
-                                            "PDF page {0} is too large to render at {1} DPI. Please try a lower DPI value (recommended: 150 or less).",
+                                            "PDF page {0} is too large to render at {1} DPI. Please"
+                                                    + " try a lower DPI value (recommended: 150 or"
+                                                    + " less).",
                                             i + 1,
                                             DPI);
                                 }
@@ -311,7 +324,8 @@ public class PdfUtils {
                                     && e.getMessage().contains("Maximum size of image exceeded")) {
                                 throw ExceptionUtils.createIllegalArgumentException(
                                         "error.pageTooBigForDpi",
-                                        "PDF page {0} is too large to render at {1} DPI. Please try a lower DPI value (recommended: 150 or less).",
+                                        "PDF page {0} is too large to render at {1} DPI. Please try"
+                                                + " a lower DPI value (recommended: 150 or less).",
                                         i + 1,
                                         DPI);
                             }
@@ -362,7 +376,9 @@ public class PdfUtils {
                         && e.getMessage().contains("Maximum size of image exceeded")) {
                     throw ExceptionUtils.createIllegalArgumentException(
                             "error.pageTooBigFor300Dpi",
-                            "PDF page {0} is too large to render at 300 DPI. The resulting image would exceed Java's maximum array size. Please use a lower DPI value for PDF-to-image conversion.",
+                            "PDF page {0} is too large to render at 300 DPI. The resulting image"
+                                    + " would exceed Java's maximum array size. Please use a lower DPI"
+                                    + " value for PDF-to-image conversion.",
                             page + 1);
                 }
                 throw e;
@@ -431,7 +447,7 @@ public class PdfUtils {
                             ImageProcessingUtils.convertColorType(image, colorType);
                     // Use JPEGFactory if it's JPEG since JPEG is lossy
                     PDImageXObject pdImage =
-                            (contentType != null && "image/jpeg".equals(contentType))
+                            (contentType != null && MediaType.IMAGE_JPEG_VALUE.equals(contentType))
                                     ? JPEGFactory.createFromImage(doc, convertedImage)
                                     : LosslessFactory.createFromImage(doc, convertedImage);
                     addImageToDocument(doc, pdImage, fitOption, autoRotate);

app/common/src/main/java/stirling/software/common/util/ProcessExecutor.java

@@ -15,6 +15,8 @@ import java.util.concurrent.TimeUnit;
 
 import io.github.pixee.security.BoundedLineReader;
 
+import lombok.Getter;
+import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.model.ApplicationProperties;
@@ -303,6 +305,8 @@ public class ProcessExecutor {
         OCR_MY_PDF
     }
 
+    @Setter
+    @Getter
     public class ProcessExecutorResult {
         int rc;
         String messages;
@@ -311,21 +315,5 @@ public class ProcessExecutor {
             this.rc = rc;
             this.messages = messages;
         }
-
-        public int getRc() {
-            return rc;
-        }
-
-        public void setRc(int rc) {
-            this.rc = rc;
-        }
-
-        public String getMessages() {
-            return messages;
-        }
-
-        public void setMessages(String messages) {
-            this.messages = messages;
-        }
     }
 }

app/common/src/main/java/stirling/software/common/util/RequestUriUtils.java

@@ -14,8 +14,10 @@ public class RequestUriUtils {
                 || requestURI.startsWith(contextPath + "/images/")
                 || requestURI.startsWith(contextPath + "/public/")
                 || requestURI.startsWith(contextPath + "/pdfjs/")
+                || requestURI.startsWith(contextPath + "/pdfjs-legacy/")
                 || requestURI.startsWith(contextPath + "/login")
                 || requestURI.startsWith(contextPath + "/error")
+                || requestURI.startsWith(contextPath + "/favicon")
                 || requestURI.endsWith(".svg")
                 || requestURI.endsWith(".png")
                 || requestURI.endsWith(".ico")

app/common/src/main/java/stirling/software/common/util/TempFile.java

@@ -4,6 +4,7 @@ import java.io.File;
 import java.io.IOException;
 import java.nio.file.Path;
 
+import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 
 /**
@@ -14,17 +15,13 @@ import lombok.extern.slf4j.Slf4j;
 public class TempFile implements AutoCloseable {
 
     private final TempFileManager manager;
-    private final File file;
+    @Getter private final File file;
 
     public TempFile(TempFileManager manager, String suffix) throws IOException {
         this.manager = manager;
         this.file = manager.createTempFile(suffix);
     }
 
-    public File getFile() {
-        return file;
-    }
-
     public Path getPath() {
         return file.toPath();
     }

app/common/src/main/java/stirling/software/common/util/TempFileRegistry.java

@@ -13,6 +13,7 @@ import java.util.stream.Collectors;
 
 import org.springframework.stereotype.Component;
 
+import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 
 /**
@@ -24,8 +25,22 @@ import lombok.extern.slf4j.Slf4j;
 public class TempFileRegistry {
 
     private final ConcurrentMap<Path, Instant> registeredFiles = new ConcurrentHashMap<>();
+
+    /**
+     * -- GETTER -- Get all registered third-party temporary files.
+     *
+     * @return Set of third-party file paths
+     */
+    @Getter
     private final Set<Path> thirdPartyTempFiles =
             Collections.newSetFromMap(new ConcurrentHashMap<>());
+
+    /**
+     * -- GETTER -- Get all registered temporary directories.
+     *
+     * @return Set of temporary directory paths
+     */
+    @Getter
     private final Set<Path> tempDirectories = Collections.newSetFromMap(new ConcurrentHashMap<>());
 
     /**
@@ -133,24 +148,6 @@ public class TempFileRegistry {
                 .collect(Collectors.toSet());
     }
 
-    /**
-     * Get all registered third-party temporary files.
-     *
-     * @return Set of third-party file paths
-     */
-    public Set<Path> getThirdPartyTempFiles() {
-        return thirdPartyTempFiles;
-    }
-
-    /**
-     * Get all registered temporary directories.
-     *
-     * @return Set of temporary directory paths
-     */
-    public Set<Path> getTempDirectories() {
-        return tempDirectories;
-    }
-
     /**
      * Check if a file is registered in the registry.
      *

app/common/src/main/java/stirling/software/common/util/WebResponseUtils.java

@@ -4,6 +4,8 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Path;
 
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.springframework.http.HttpHeaders;
@@ -11,9 +13,13 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.mvc.method.annotation.StreamingResponseBody;
 
 import io.github.pixee.security.Filenames;
 
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
 public class WebResponseUtils {
 
     public static ResponseEntity<byte[]> baosToWebResponse(
@@ -64,4 +70,59 @@ public class WebResponseUtils {
 
         return baosToWebResponse(baos, docName);
     }
+
+    /**
+     * Convert a File to a web response (PDF default).
+     *
+     * @param outputTempFile The temporary file to be sent as a response.
+     * @param docName The name of the document.
+     * @return A ResponseEntity containing the file as a resource.
+     */
+    public static ResponseEntity<StreamingResponseBody> pdfFileToWebResponse(
+            TempFile outputTempFile, String docName) throws IOException {
+        return fileToWebResponse(outputTempFile, docName, MediaType.APPLICATION_PDF);
+    }
+
+    /**
+     * Convert a File to a web response (ZIP default).
+     *
+     * @param outputTempFile The temporary file to be sent as a response.
+     * @param docName The name of the document.
+     * @return A ResponseEntity containing the file as a resource.
+     */
+    public static ResponseEntity<StreamingResponseBody> zipFileToWebResponse(
+            TempFile outputTempFile, String docName) throws IOException {
+        return fileToWebResponse(outputTempFile, docName, MediaType.APPLICATION_OCTET_STREAM);
+    }
+
+    /**
+     * Convert a File to a web response with explicit media type (e.g., ZIP).
+     *
+     * @param outputTempFile The temporary file to be sent as a response.
+     * @param docName The name of the document.
+     * @param mediaType The content type to set on the response.
+     * @return A ResponseEntity containing the file as a resource.
+     */
+    public static ResponseEntity<StreamingResponseBody> fileToWebResponse(
+            TempFile outputTempFile, String docName, MediaType mediaType) throws IOException {
+
+        Path path = outputTempFile.getFile().toPath().normalize();
+        long len = Files.size(path);
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(mediaType);
+        headers.setContentLength(len);
+        headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + docName + "\"");
+
+        StreamingResponseBody body =
+                os -> {
+                    try (os) {
+                        Files.copy(path, os);
+                        os.flush();
+                    } finally {
+                        outputTempFile.close();
+                    }
+                };
+
+        return new ResponseEntity<>(body, headers, HttpStatus.OK);
+    }
 }

app/common/src/test/java/stirling/software/common/annotations/AutoJobPostMappingIntegrationTest.java

@@ -29,7 +29,6 @@ import jakarta.servlet.http.HttpServletRequest;
 
 import stirling.software.common.aop.AutoJobAspect;
 import stirling.software.common.model.api.PDFFile;
-import stirling.software.common.service.FileOrUploadService;
 import stirling.software.common.service.FileStorage;
 import stirling.software.common.service.JobExecutorService;
 import stirling.software.common.service.JobQueue;
@@ -44,8 +43,6 @@ class AutoJobPostMappingIntegrationTest {
 
     @Mock private HttpServletRequest request;
 
-    @Mock private FileOrUploadService fileOrUploadService;
-
     @Mock private FileStorage fileStorage;
 
     @Mock private ResourceMonitor resourceMonitor;
@@ -54,8 +51,7 @@ class AutoJobPostMappingIntegrationTest {
 
     @BeforeEach
     void setUp() {
-        autoJobAspect =
-                new AutoJobAspect(jobExecutorService, request, fileOrUploadService, fileStorage);
+        autoJobAspect = new AutoJobAspect(jobExecutorService, request, fileStorage);
     }
 
     @Mock private ProceedingJoinPoint joinPoint;

app/common/src/test/java/stirling/software/common/model/ApplicationPropertiesLogicTest.java

@@ -179,7 +179,7 @@ class ApplicationPropertiesLogicTest {
         assertEquals(30, t.getOcrMyPdfTimeoutMinutes());
     }
 
-    @Deprecated
+    @Deprecated(since = "0.45.0")
     @Test
     void enterprise_metadata_defaults() {
         ApplicationProperties.EnterpriseEdition ee = new ApplicationProperties.EnterpriseEdition();

app/common/src/test/java/stirling/software/common/model/ApplicationPropertiesSaml2HttpTest.java

@@ -11,6 +11,7 @@ import java.nio.file.Path;
 import org.junit.jupiter.api.Test;
 import org.springframework.core.io.FileSystemResource;
 import org.springframework.core.io.Resource;
+import org.springframework.http.MediaType;
 
 import okhttp3.mockwebserver.MockResponse;
 import okhttp3.mockwebserver.MockWebServer;
@@ -23,7 +24,7 @@ class ApplicationPropertiesSaml2HttpTest {
             server.enqueue(
                     new MockResponse()
                             .setResponseCode(200)
-                            .addHeader("Content-Type", "application/xml")
+                            .addHeader("Content-Type", MediaType.APPLICATION_XML_VALUE)
                             .setBody("<EntityDescriptor/>"));
             server.start();
 

app/common/src/test/java/stirling/software/common/model/FileInfoTest.java

@@ -0,0 +1,111 @@
+package stirling.software.common.model;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import java.io.File;
+import java.time.LocalDateTime;
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
+
+public class FileInfoTest {
+
+    @ParameterizedTest(name = "{index}: fileSize={0}")
+    @CsvSource({
+        "0, '0 Bytes'",
+        "1023, '1023 Bytes'",
+        "1024, '1.00 KB'",
+        "1048575, '1024.00 KB'", // Do we really want this as result?
+        "1048576, '1.00 MB'",
+        "1073741823, '1024.00 MB'", // Do we really want this as result?
+        "1073741824, '1.00 GB'"
+    })
+    void testGetFormattedFileSize(long fileSize, String expectedFormattedSize) {
+        FileInfo fileInfo =
+                new FileInfo(
+                        "example.txt",
+                        File.separator
+                                + "path"
+                                + File.separator
+                                + "to"
+                                + File.separator
+                                + "example.txt",
+                        LocalDateTime.now(),
+                        fileSize,
+                        LocalDateTime.now().minusDays(1));
+
+        assertEquals(expectedFormattedSize, fileInfo.getFormattedFileSize());
+    }
+
+    @Test
+    void testGetFilePathAsPath() {
+        FileInfo fileInfo =
+                new FileInfo(
+                        "test.pdf",
+                        File.separator + "tmp" + File.separator + "test.pdf",
+                        LocalDateTime.now(),
+                        1234,
+                        LocalDateTime.now().minusDays(2));
+        assertEquals(
+                File.separator + "tmp" + File.separator + "test.pdf",
+                fileInfo.getFilePathAsPath().toString());
+    }
+
+    @Test
+    void testGetFormattedModificationDate() {
+        LocalDateTime modDate = LocalDateTime.of(2024, 6, 1, 15, 30, 45);
+        FileInfo fileInfo =
+                new FileInfo(
+                        "file.txt",
+                        File.separator + "file.txt",
+                        modDate,
+                        100,
+                        LocalDateTime.of(2024, 5, 31, 10, 0, 0));
+        assertEquals("2024-06-01 15:30:45", fileInfo.getFormattedModificationDate());
+    }
+
+    @Test
+    void testGetFormattedCreationDate() {
+        LocalDateTime creationDate = LocalDateTime.of(2023, 12, 25, 8, 15, 0);
+        FileInfo fileInfo =
+                new FileInfo(
+                        "holiday.txt",
+                        File.separator + "holiday.txt",
+                        LocalDateTime.of(2024, 1, 1, 0, 0, 0),
+                        500,
+                        creationDate);
+        assertEquals("2023-12-25 08:15:00", fileInfo.getFormattedCreationDate());
+    }
+
+    @Test
+    void testGettersAndSetters() {
+        LocalDateTime now = LocalDateTime.now();
+        FileInfo fileInfo =
+                new FileInfo(
+                        "doc.pdf",
+                        File.separator + "docs" + File.separator + "doc.pdf",
+                        now,
+                        2048,
+                        now.minusDays(1));
+        // Test getters
+        assertEquals("doc.pdf", fileInfo.getFileName());
+        assertEquals(File.separator + "docs" + File.separator + "doc.pdf", fileInfo.getFilePath());
+        assertEquals(now, fileInfo.getModificationDate());
+        assertEquals(2048, fileInfo.getFileSize());
+        assertEquals(now.minusDays(1), fileInfo.getCreationDate());
+
+        // Test setters
+        fileInfo.setFileName("new.pdf");
+        fileInfo.setFilePath(File.separator + "new" + File.separator + "new.pdf");
+        fileInfo.setModificationDate(now.plusDays(1));
+        fileInfo.setFileSize(4096);
+        fileInfo.setCreationDate(now.minusDays(2));
+
+        assertEquals("new.pdf", fileInfo.getFileName());
+        assertEquals(File.separator + "new" + File.separator + "new.pdf", fileInfo.getFilePath());
+        assertEquals(now.plusDays(1), fileInfo.getModificationDate());
+        assertEquals(4096, fileInfo.getFileSize());
+        assertEquals(now.minusDays(2), fileInfo.getCreationDate());
+    }
+}

app/common/src/test/java/stirling/software/common/model/InputStreamTemplateResourceTest.java

@@ -0,0 +1,94 @@
+package stirling.software.common.model;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.io.Reader;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
+import java.util.Arrays;
+
+import org.junit.jupiter.api.Test;
+
+public class InputStreamTemplateResourceTest {
+
+    @Test
+    void gettersReturnProvidedFields() {
+        byte[] data = {1, 2, 3};
+        InputStream is = new ByteArrayInputStream(data);
+        String encoding = "UTF-8";
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(is, encoding);
+
+        assertSame(is, resource.getInputStream());
+        assertEquals(encoding, resource.getCharacterEncoding());
+    }
+
+    @Test
+    void fieldsAreFinal() throws NoSuchFieldException {
+        Field inputStreamField = InputStreamTemplateResource.class.getDeclaredField("inputStream");
+        Field characterEncodingField =
+                InputStreamTemplateResource.class.getDeclaredField("characterEncoding");
+
+        assertTrue(Modifier.isFinal(inputStreamField.getModifiers()));
+        assertTrue(Modifier.isFinal(characterEncodingField.getModifiers()));
+    }
+
+    @Test
+    void noSetterMethodsPresent() {
+        long setterCount =
+                Arrays.stream(InputStreamTemplateResource.class.getDeclaredMethods())
+                        .filter(method -> method.getName().startsWith("set"))
+                        .count();
+
+        assertEquals(0, setterCount, "InputStreamTemplateResource should not have setter methods");
+    }
+
+    @Test
+    void readerReturnsCorrectContent() throws Exception {
+        String content = "Hello, world!";
+        InputStream is = new ByteArrayInputStream(content.getBytes("UTF-8"));
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(is, "UTF-8");
+
+        try (Reader reader = resource.reader()) {
+            char[] buffer = new char[content.length()];
+            int read = reader.read(buffer);
+            assertEquals(content.length(), read);
+            assertEquals(content, new String(buffer));
+        }
+    }
+
+    @Test
+    void relativeThrowsUnsupportedOperationException() {
+        InputStream is = new ByteArrayInputStream(new byte[0]);
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(is, "UTF-8");
+        assertThrows(UnsupportedOperationException.class, () -> resource.relative("other"));
+    }
+
+    @Test
+    void getDescriptionReturnsExpectedString() {
+        InputStream is = new ByteArrayInputStream(new byte[0]);
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(is, "UTF-8");
+        assertEquals("InputStream resource [Stream]", resource.getDescription());
+    }
+
+    @Test
+    void getBaseNameReturnsExpectedString() {
+        InputStream is = new ByteArrayInputStream(new byte[0]);
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(is, "UTF-8");
+        assertEquals("streamResource", resource.getBaseName());
+    }
+
+    @Test
+    void existsReturnsTrueWhenInputStreamNotNull() {
+        InputStream is = new ByteArrayInputStream(new byte[0]);
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(is, "UTF-8");
+        assertTrue(resource.exists());
+    }
+
+    @Test
+    void existsReturnsFalseWhenInputStreamIsNull() {
+        InputStreamTemplateResource resource = new InputStreamTemplateResource(null, "UTF-8");
+        assertFalse(resource.exists());
+    }
+}

app/common/src/test/java/stirling/software/common/service/CustomPDFDocumentFactoryTest.java

@@ -1,12 +1,12 @@
 package stirling.software.common.service;
 
 import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.*;
 import static stirling.software.common.service.SpyPDFDocumentFactory.*;
 
 import java.io.*;
 import java.nio.file.*;
-import java.nio.file.Files;
 import java.util.Arrays;
 
 import org.apache.pdfbox.Loader;
@@ -18,9 +18,11 @@ import org.junit.jupiter.api.parallel.Execution;
 import org.junit.jupiter.api.parallel.ExecutionMode;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.CsvSource;
+import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockMultipartFile;
 
 import stirling.software.common.model.api.PDFFile;
+import stirling.software.common.service.SpyPDFDocumentFactory.StrategyType;
 
 @TestInstance(TestInstance.Lifecycle.PER_CLASS)
 @TestMethodOrder(MethodOrderer.OrderAnnotation.class)
@@ -73,7 +75,7 @@ class CustomPDFDocumentFactoryTest {
     void testStrategy_MultipartFile(int sizeMB, StrategyType expected) throws IOException {
         byte[] inflated = inflatePdf(basePdfBytes, sizeMB);
         MockMultipartFile multipart =
-                new MockMultipartFile("file", "doc.pdf", "application/pdf", inflated);
+                new MockMultipartFile("file", "doc.pdf", MediaType.APPLICATION_PDF_VALUE, inflated);
         try (PDDocument doc = factory.load(multipart)) {
             Assertions.assertEquals(expected, factory.lastStrategyUsed);
         }
@@ -84,7 +86,7 @@ class CustomPDFDocumentFactoryTest {
     void testStrategy_PDFFile(int sizeMB, StrategyType expected) throws IOException {
         byte[] inflated = inflatePdf(basePdfBytes, sizeMB);
         MockMultipartFile multipart =
-                new MockMultipartFile("file", "doc.pdf", "application/pdf", inflated);
+                new MockMultipartFile("file", "doc.pdf", MediaType.APPLICATION_PDF_VALUE, inflated);
         PDFFile pdfFile = new PDFFile();
         pdfFile.setFileInput(multipart);
         try (PDDocument doc = factory.load(pdfFile)) {

app/common/src/test/java/stirling/software/common/service/FileStorageTest.java

@@ -2,6 +2,8 @@ package stirling.software.common.service;
 
 import static org.junit.jupiter.api.Assertions.*;
 import static org.mockito.AdditionalAnswers.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.*;
 
 import java.io.IOException;
@@ -15,6 +17,7 @@ import org.junit.jupiter.api.io.TempDir;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
+import org.springframework.http.MediaType;
 import org.springframework.test.util.ReflectionTestUtils;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -36,7 +39,7 @@ class FileStorageTest {
         // Create a mock MultipartFile
         mockFile = mock(MultipartFile.class);
         when(mockFile.getOriginalFilename()).thenReturn("test.pdf");
-        when(mockFile.getContentType()).thenReturn("application/pdf");
+        when(mockFile.getContentType()).thenReturn(MediaType.APPLICATION_PDF_VALUE);
     }
 
     @Test

app/common/src/test/java/stirling/software/common/service/TaskManagerTest.java

@@ -13,6 +13,7 @@ import org.junit.jupiter.api.Test;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
+import org.springframework.http.MediaType;
 import org.springframework.test.util.ReflectionTestUtils;
 
 import stirling.software.common.model.job.JobResult;
@@ -77,7 +78,7 @@ class TaskManagerTest {
         taskManager.createTask(jobId);
         String fileId = "file-id";
         String originalFileName = "test.pdf";
-        String contentType = "application/pdf";
+        String contentType = MediaType.APPLICATION_PDF_VALUE;
         long fileSize = 1024L;
 
         // Mock the fileStorage.getFileSize() call
@@ -185,7 +186,8 @@ class TaskManagerTest {
         // 2. Create completed successful job with file
         String successFileJobId = "success-file-job";
         taskManager.createTask(successFileJobId);
-        taskManager.setFileResult(successFileJobId, "file-id", "test.pdf", "application/pdf");
+        taskManager.setFileResult(
+                successFileJobId, "file-id", "test.pdf", MediaType.APPLICATION_PDF_VALUE);
 
         // 3. Create completed successful job without file
         String successJobId = "success-job";
@@ -235,7 +237,7 @@ class TaskManagerTest {
                 ResultFile.builder()
                         .fileId("file-id")
                         .fileName("test.pdf")
-                        .contentType("application/pdf")
+                        .contentType(MediaType.APPLICATION_PDF_VALUE)
                         .fileSize(1024L)
                         .build();
         ReflectionTestUtils.setField(oldJob, "resultFiles", java.util.List.of(resultFile));

app/common/src/test/java/stirling/software/common/util/ChecksumUtilsTest.java

@@ -0,0 +1,66 @@
+package stirling.software.common.util;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+import java.util.Map;
+
+import org.junit.jupiter.api.Test;
+
+public class ChecksumUtilsTest {
+
+    @Test
+    void computeChecksums_basic() throws Exception {
+        byte[] data = "hello".getBytes(StandardCharsets.UTF_8);
+
+        // MD5 (hex)
+        try (InputStream is = new ByteArrayInputStream(data)) {
+            assertEquals("5d41402abc4b2a76b9719d911017c592", ChecksumUtils.checksum(is, "MD5"));
+        }
+
+        // MD5 (Base64)
+        try (InputStream is = new ByteArrayInputStream(data)) {
+            assertEquals("XUFAKrxLKna5cZ2REBfFkg==", ChecksumUtils.checksumBase64(is, "MD5"));
+        }
+
+        // MD5 + CRC32 (hex map)
+        try (InputStream is = new ByteArrayInputStream(data)) {
+            Map<String, String> map = ChecksumUtils.checksums(is, "MD5", "CRC32");
+            assertEquals("5d41402abc4b2a76b9719d911017c592", map.get("MD5"));
+            assertEquals("3610a686", map.get("CRC32"));
+        }
+    }
+
+    @Test
+    void crc32_base64_bigEndianBytes_forHello() throws Exception {
+        // CRC32("hello") = 0x3610A686 → bytes: 36 10 A6 86 → Base64: "NhCmhg=="
+        byte[] data = "hello".getBytes(StandardCharsets.UTF_8);
+        try (InputStream is = new ByteArrayInputStream(data)) {
+            assertEquals("NhCmhg==", ChecksumUtils.checksumBase64(is, "CRC32"));
+        }
+    }
+
+    @Test
+    void crc32_unsignedFormatting_highBitSet() throws Exception {
+        // CRC32 of single zero byte (0x00) is 0xD202EF8D (>= 0x8000_0000)
+        byte[] data = new byte[] {0x00};
+
+        // Hex (unsigned, 8 chars, lowercase)
+        try (InputStream is = new ByteArrayInputStream(data)) {
+            assertEquals("d202ef8d", ChecksumUtils.checksum(is, "CRC32"));
+        }
+
+        // Base64 of the 4-byte big-endian representation
+        try (InputStream is = new ByteArrayInputStream(data)) {
+            assertEquals("0gLvjQ==", ChecksumUtils.checksumBase64(is, "CRC32"));
+        }
+
+        // matches(..) must be case-insensitive for hex
+        try (InputStream is = new ByteArrayInputStream("hello".getBytes(StandardCharsets.UTF_8))) {
+            assertTrue(ChecksumUtils.matches(is, "CRC32", "3610A686")); // uppercase expected
+        }
+    }
+}

app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java

@@ -586,7 +586,10 @@ class EmlToPdfTest {
             when(mockPdDocument.getNumberOfPages()).thenReturn(1);
 
             try (MockedStatic<FileToPdf> fileToPdf =
-                    mockStatic(FileToPdf.class, org.mockito.Mockito.withSettings().lenient())) {
+                    mockStatic(
+                            FileToPdf.class,
+                            org.mockito.Mockito.withSettings()
+                                    .defaultAnswer(org.mockito.Answers.RETURNS_DEFAULTS))) {
                 fileToPdf
                         .when(
                                 () ->
@@ -657,7 +660,10 @@ class EmlToPdfTest {
             when(mockPdDocument.getNumberOfPages()).thenReturn(1);
 
             try (MockedStatic<FileToPdf> fileToPdf =
-                    mockStatic(FileToPdf.class, org.mockito.Mockito.withSettings().lenient())) {
+                    mockStatic(
+                            FileToPdf.class,
+                            org.mockito.Mockito.withSettings()
+                                    .defaultAnswer(org.mockito.Answers.RETURNS_DEFAULTS))) {
                 fileToPdf
                         .when(
                                 () ->
@@ -724,7 +730,10 @@ class EmlToPdfTest {
             String errorMessage = "Conversion failed";
 
             try (MockedStatic<FileToPdf> fileToPdf =
-                    mockStatic(FileToPdf.class, org.mockito.Mockito.withSettings().lenient())) {
+                    mockStatic(
+                            FileToPdf.class,
+                            org.mockito.Mockito.withSettings()
+                                    .defaultAnswer(org.mockito.Answers.RETURNS_DEFAULTS))) {
                 fileToPdf
                         .when(
                                 () ->

app/common/src/test/java/stirling/software/common/util/FileInfoTest.java

@@ -1,35 +0,0 @@
-package stirling.software.common.util;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
-import java.time.LocalDateTime;
-
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.CsvSource;
-
-import stirling.software.common.model.FileInfo;
-
-public class FileInfoTest {
-
-    @ParameterizedTest(name = "{index}: fileSize={0}")
-    @CsvSource({
-        "0, '0 Bytes'",
-        "1023, '1023 Bytes'",
-        "1024, '1.00 KB'",
-        "1048575, '1024.00 KB'", // Do we really want this as result?
-        "1048576, '1.00 MB'",
-        "1073741823, '1024.00 MB'", // Do we really want this as result?
-        "1073741824, '1.00 GB'"
-    })
-    void testGetFormattedFileSize(long fileSize, String expectedFormattedSize) {
-        FileInfo fileInfo =
-                new FileInfo(
-                        "example.txt",
-                        "/path/to/example.txt",
-                        LocalDateTime.now(),
-                        fileSize,
-                        LocalDateTime.now().minusDays(1));
-
-        assertEquals(expectedFormattedSize, fileInfo.getFormattedFileSize());
-    }
-}

app/common/src/test/java/stirling/software/common/util/PDFToFileTest.java

@@ -25,6 +25,7 @@ import org.mockito.Mock;
 import org.mockito.MockedStatic;
 import org.mockito.junit.jupiter.MockitoExtension;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.mock.web.MockMultipartFile;
 import org.springframework.web.multipart.MultipartFile;
@@ -57,7 +58,10 @@ class PDFToFileTest {
         // Prepare
         MultipartFile nonPdfFile =
                 new MockMultipartFile(
-                        "file", "test.txt", "text/plain", "This is not a PDF".getBytes());
+                        "file",
+                        "test.txt",
+                        MediaType.TEXT_PLAIN_VALUE,
+                        "This is not a PDF".getBytes());
 
         // Execute
         ResponseEntity<byte[]> response = pdfToFile.processPdfToMarkdown(nonPdfFile);
@@ -71,7 +75,10 @@ class PDFToFileTest {
         // Prepare
         MultipartFile nonPdfFile =
                 new MockMultipartFile(
-                        "file", "test.txt", "text/plain", "This is not a PDF".getBytes());
+                        "file",
+                        "test.txt",
+                        MediaType.TEXT_PLAIN_VALUE,
+                        "This is not a PDF".getBytes());
 
         // Execute
         ResponseEntity<byte[]> response = pdfToFile.processPdfToHtml(nonPdfFile);
@@ -86,7 +93,10 @@ class PDFToFileTest {
         // Prepare
         MultipartFile nonPdfFile =
                 new MockMultipartFile(
-                        "file", "test.txt", "text/plain", "This is not a PDF".getBytes());
+                        "file",
+                        "test.txt",
+                        MediaType.TEXT_PLAIN_VALUE,
+                        "This is not a PDF".getBytes());
 
         // Execute
         ResponseEntity<byte[]> response =
@@ -102,7 +112,10 @@ class PDFToFileTest {
         // Prepare
         MultipartFile pdfFile =
                 new MockMultipartFile(
-                        "file", "test.pdf", "application/pdf", "Fake PDF content".getBytes());
+                        "file",
+                        "test.pdf",
+                        MediaType.APPLICATION_PDF_VALUE,
+                        "Fake PDF content".getBytes());
 
         // Execute with invalid format
         ResponseEntity<byte[]> response =
@@ -120,7 +133,10 @@ class PDFToFileTest {
             // Create a mock PDF file
             MultipartFile pdfFile =
                     new MockMultipartFile(
-                            "file", "test.pdf", "application/pdf", "Fake PDF content".getBytes());
+                            "file",
+                            "test.pdf",
+                            MediaType.APPLICATION_PDF_VALUE,
+                            "Fake PDF content".getBytes());
 
             // Create a mock HTML output file
             Path htmlOutputFile = tempDir.resolve("test.html");
@@ -168,7 +184,7 @@ class PDFToFileTest {
                     new MockMultipartFile(
                             "file",
                             "multipage.pdf",
-                            "application/pdf",
+                            MediaType.APPLICATION_PDF_VALUE,
                             "Fake PDF content".getBytes());
 
             // Setup ProcessExecutor mock
@@ -245,7 +261,10 @@ class PDFToFileTest {
             // Create a mock PDF file
             MultipartFile pdfFile =
                     new MockMultipartFile(
-                            "file", "test.pdf", "application/pdf", "Fake PDF content".getBytes());
+                            "file",
+                            "test.pdf",
+                            MediaType.APPLICATION_PDF_VALUE,
+                            "Fake PDF content".getBytes());
 
             // Setup ProcessExecutor mock
             mockedStaticProcessExecutor
@@ -324,7 +343,7 @@ class PDFToFileTest {
                     new MockMultipartFile(
                             "file",
                             "document.pdf",
-                            "application/pdf",
+                            MediaType.APPLICATION_PDF_VALUE,
                             "Fake PDF content".getBytes());
 
             // Setup ProcessExecutor mock
@@ -386,7 +405,7 @@ class PDFToFileTest {
                     new MockMultipartFile(
                             "file",
                             "document.pdf",
-                            "application/pdf",
+                            MediaType.APPLICATION_PDF_VALUE,
                             "Fake PDF content".getBytes());
 
             // Setup ProcessExecutor mock
@@ -472,7 +491,7 @@ class PDFToFileTest {
                     new MockMultipartFile(
                             "file",
                             "document.pdf",
-                            "application/pdf",
+                            MediaType.APPLICATION_PDF_VALUE,
                             "Fake PDF content".getBytes());
 
             // Setup ProcessExecutor mock
@@ -531,7 +550,10 @@ class PDFToFileTest {
             // Create a mock PDF file with no filename
             MultipartFile pdfFile =
                     new MockMultipartFile(
-                            "file", "", "application/pdf", "Fake PDF content".getBytes());
+                            "file",
+                            "",
+                            MediaType.APPLICATION_PDF_VALUE,
+                            "Fake PDF content".getBytes());
 
             // Setup ProcessExecutor mock
             mockedStaticProcessExecutor

app/common/src/test/java/stirling/software/common/util/WebResponseUtilsTest.java

@@ -48,7 +48,8 @@ public class WebResponseUtilsTest {
         try {
             byte[] fileContent = "Sample file content".getBytes();
             MockMultipartFile file =
-                    new MockMultipartFile("file", "sample.txt", "text/plain", fileContent);
+                    new MockMultipartFile(
+                            "file", "sample.txt", MediaType.TEXT_PLAIN_VALUE, fileContent);
 
             ResponseEntity<byte[]> responseEntity =
                     WebResponseUtils.multiPartFileToWebResponse(file);

app/common/src/test/java/stirling/software/common/util/misc/CustomColorReplaceStrategyTest.java

@@ -8,6 +8,7 @@ import java.lang.reflect.Method;
 
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
+import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockMultipartFile;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -24,7 +25,10 @@ class CustomColorReplaceStrategyTest {
         // Create a mock file
         mockFile =
                 new MockMultipartFile(
-                        "file", "test.pdf", "application/pdf", "test pdf content".getBytes());
+                        "file",
+                        "test.pdf",
+                        MediaType.APPLICATION_PDF_VALUE,
+                        "test pdf content".getBytes());
 
         // Initialize strategy with custom colors
         strategy =

app/common/src/test/java/stirling/software/common/util/misc/InvertFullColorStrategyTest.java

@@ -24,6 +24,7 @@ import org.apache.pdfbox.pdmodel.graphics.color.PDDeviceRGB;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.springframework.core.io.InputStreamResource;
+import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockMultipartFile;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -38,7 +39,9 @@ class InvertFullColorStrategyTest {
     void setUp() throws Exception {
         // Create a simple PDF document for testing
         byte[] pdfBytes = createSimplePdfWithRectangle();
-        mockPdfFile = new MockMultipartFile("file", "test.pdf", "application/pdf", pdfBytes);
+        mockPdfFile =
+                new MockMultipartFile(
+                        "file", "test.pdf", MediaType.APPLICATION_PDF_VALUE, pdfBytes);
 
         // Create the strategy instance
         strategy = new InvertFullColorStrategy(mockPdfFile, ReplaceAndInvert.FULL_INVERSION);

app/common/src/test/java/stirling/software/common/util/misc/ReplaceAndInvertColorStrategyTest.java

@@ -7,6 +7,7 @@ import java.io.IOException;
 
 import org.junit.jupiter.api.Test;
 import org.springframework.core.io.InputStreamResource;
+import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockMultipartFile;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -35,7 +36,10 @@ class ReplaceAndInvertColorStrategyTest {
         // Arrange
         MultipartFile mockFile =
                 new MockMultipartFile(
-                        "file", "test.pdf", "application/pdf", "test content".getBytes());
+                        "file",
+                        "test.pdf",
+                        MediaType.APPLICATION_PDF_VALUE,
+                        "test content".getBytes());
         ReplaceAndInvert replaceAndInvert = ReplaceAndInvert.CUSTOM_COLOR;
 
         // Act
@@ -56,7 +60,7 @@ class ReplaceAndInvertColorStrategyTest {
         // Arrange
         byte[] content = "test pdf content".getBytes();
         MultipartFile mockFile =
-                new MockMultipartFile("file", "test.pdf", "application/pdf", content);
+                new MockMultipartFile("file", "test.pdf", MediaType.APPLICATION_PDF_VALUE, content);
         ReplaceAndInvert replaceAndInvert = ReplaceAndInvert.CUSTOM_COLOR;
 
         ReplaceAndInvertColorStrategy strategy =
@@ -74,10 +78,16 @@ class ReplaceAndInvertColorStrategyTest {
         // Arrange
         MultipartFile mockFile1 =
                 new MockMultipartFile(
-                        "file1", "test1.pdf", "application/pdf", "content1".getBytes());
+                        "file1",
+                        "test1.pdf",
+                        MediaType.APPLICATION_PDF_VALUE,
+                        "content1".getBytes());
         MultipartFile mockFile2 =
                 new MockMultipartFile(
-                        "file2", "test2.pdf", "application/pdf", "content2".getBytes());
+                        "file2",
+                        "test2.pdf",
+                        MediaType.APPLICATION_PDF_VALUE,
+                        "content2".getBytes());
 
         // Act
         ReplaceAndInvertColorStrategy strategy =

app/core/.gitignore

@@ -170,6 +170,10 @@ out/
 *.jks
 *.asc
 
+# test-cert
+!**/test/resources/certs/test-cert.*
+!**/test/resources/certs/test-key.*
+
 # SSH Keys
 *.pub
 *.priv

app/core/build.gradle

@@ -58,7 +58,7 @@ dependencies {
     implementation 'commons-io:commons-io:2.20.0'
     implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion"
     implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion"
-    implementation 'io.micrometer:micrometer-core:1.15.2'
+    implementation 'io.micrometer:micrometer-core:1.15.3'
     implementation 'com.google.zxing:core:3.5.3'
     implementation "org.commonmark:commonmark:$commonmarkVersion" // https://mvnrepository.com/artifact/org.commonmark/commonmark
     implementation "org.commonmark:commonmark-ext-gfm-tables:$commonmarkVersion"
@@ -114,11 +114,6 @@ sourceSets {
     }
     test {
         java {
-            if (System.getenv('DOCKER_ENABLE_SECURITY') == 'false' || System.getenv('DISABLE_ADDITIONAL_FEATURES') == 'true'
-                || (project.hasProperty('DISABLE_ADDITIONAL_FEATURES')
-                && System.getProperty('DISABLE_ADDITIONAL_FEATURES') == 'true')) {
-                exclude 'stirling/software/proprietary/security/**'
-            }
             if (System.getenv('STIRLING_PDF_DESKTOP_UI') == 'false') {
                 exclude 'stirling/software/SPDF/UI/impl/**'
             }

app/core/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java

@@ -42,11 +42,25 @@ import org.bouncycastle.operator.OperatorCreationException;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
 
+import lombok.Getter;
+import lombok.Setter;
+
 public abstract class CreateSignatureBase implements SignatureInterface {
     private PrivateKey privateKey;
-    private Certificate[] certificateChain;
-    private String tsaUrl;
-    private boolean externalSigning;
+    @Getter private Certificate[] certificateChain;
+    @Setter private String tsaUrl;
+
+    /**
+     * Specifies whether the external signing scenario should be used. If set to {@code true},
+     * external signing will be performed and {@link SignatureInterface} will be used for signing.
+     * If set to {@code false}, internal signing will be performed.
+     *
+     * <p>Default: {@code false}
+     *
+     * @param externalSigning {@code true} if external signing should be performed; {@code false}
+     *     for internal signing
+     */
+    @Setter @Getter private boolean externalSigning;
 
     /**
      * Initialize the signature creator with a keystore (pkcs12) and pin that should be used for the
@@ -97,18 +111,10 @@ public abstract class CreateSignatureBase implements SignatureInterface {
         this.privateKey = privateKey;
     }
 
-    public Certificate[] getCertificateChain() {
-        return certificateChain;
-    }
-
     public final void setCertificateChain(final Certificate[] certificateChain) {
         this.certificateChain = certificateChain;
     }
 
-    public void setTsaUrl(String tsaUrl) {
-        this.tsaUrl = tsaUrl;
-    }
-
     /**
      * SignatureInterface sample implementation.
      *
@@ -151,20 +157,4 @@ public abstract class CreateSignatureBase implements SignatureInterface {
             throw new IOException(e);
         }
     }
-
-    public boolean isExternalSigning() {
-        return externalSigning;
-    }
-
-    /**
-     * Set if external signing scenario should be used. If {@code false}, SignatureInterface would
-     * be used for signing.
-     *
-     * <p>Default: {@code false}
-     *
-     * @param externalSigning {@code true} if external signing should be performed
-     */
-    public void setExternalSigning(boolean externalSigning) {
-        this.externalSigning = externalSigning;
-    }
 }

app/core/src/main/java/stirling/software/SPDF/SPDFApplication.java

@@ -27,7 +27,6 @@ import stirling.software.SPDF.UI.WebBrowser;
 import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.configuration.ConfigInitializer;
 import stirling.software.common.configuration.InstallationPathConfig;
-import stirling.software.common.model.ApplicationProperties;
 import stirling.software.common.util.UrlUtils;
 
 @Slf4j
@@ -46,17 +45,14 @@ public class SPDFApplication {
 
     private final AppConfig appConfig;
     private final Environment env;
-    private final ApplicationProperties applicationProperties;
     private final WebBrowser webBrowser;
 
     public SPDFApplication(
             AppConfig appConfig,
             Environment env,
-            ApplicationProperties applicationProperties,
             @Autowired(required = false) WebBrowser webBrowser) {
         this.appConfig = appConfig;
         this.env = env;
-        this.applicationProperties = applicationProperties;
         this.webBrowser = webBrowser;
     }
 

app/core/src/main/java/stirling/software/SPDF/config/CleanUrlInterceptor.java

@@ -20,6 +20,8 @@ public class CleanUrlInterceptor implements HandlerInterceptor {
                     "endpoints",
                     "logout",
                     "error",
+                    "days",
+                    "date",
                     "errorOAuth",
                     "file",
                     "messageType",

app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java

@@ -9,6 +9,7 @@ import java.util.concurrent.ConcurrentHashMap;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Service;
 
+import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.common.model.ApplicationProperties;
@@ -19,7 +20,7 @@ public class EndpointConfiguration {
 
     private static final String REMOVE_BLANKS = "remove-blanks";
     private final ApplicationProperties applicationProperties;
-    private Map<String, Boolean> endpointStatuses = new ConcurrentHashMap<>();
+    @Getter private Map<String, Boolean> endpointStatuses = new ConcurrentHashMap<>();
     private Map<String, Set<String>> endpointGroups = new ConcurrentHashMap<>();
     private Set<String> disabledGroups = new HashSet<>();
     private Map<String, Set<String>> endpointAlternatives = new ConcurrentHashMap<>();
@@ -46,10 +47,6 @@ public class EndpointConfiguration {
         endpointStatuses.put(endpoint, false);
     }
 
-    public Map<String, Boolean> getEndpointStatuses() {
-        return endpointStatuses;
-    }
-
     public boolean isEndpointEnabled(String endpoint) {
         String original = endpoint;
         if (endpoint.startsWith("/")) {

app/core/src/main/java/stirling/software/SPDF/config/EndpointInspector.java

@@ -6,8 +6,6 @@ import java.util.Map;
 import java.util.Set;
 import java.util.TreeSet;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationListener;
 import org.springframework.context.event.ContextRefreshedEvent;
@@ -18,11 +16,12 @@ import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
 import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
 
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
 @Component
 @RequiredArgsConstructor
+@Slf4j
 public class EndpointInspector implements ApplicationListener<ContextRefreshedEvent> {
-    private static final Logger logger = LoggerFactory.getLogger(EndpointInspector.class);
 
     private final ApplicationContext applicationContext;
     private final Set<String> validGetEndpoints = new HashSet<>();
@@ -71,13 +70,13 @@ public class EndpointInspector implements ApplicationListener<ContextRefreshedEv
             }
 
             if (validGetEndpoints.isEmpty()) {
-                logger.warn("No endpoints discovered. Adding common endpoints as fallback.");
+                log.warn("No endpoints discovered. Adding common endpoints as fallback.");
                 validGetEndpoints.add("/");
                 validGetEndpoints.add("/api/**");
                 validGetEndpoints.add("/**");
             }
         } catch (Exception e) {
-            logger.error("Error discovering endpoints", e);
+            log.error("Error discovering endpoints", e);
         }
     }
 
@@ -203,10 +202,10 @@ public class EndpointInspector implements ApplicationListener<ContextRefreshedEv
     private void logAllEndpoints() {
         Set<String> sortedEndpoints = new TreeSet<>(validGetEndpoints);
 
-        logger.info("=== BEGIN: All discovered GET endpoints ===");
+        log.info("=== BEGIN: All discovered GET endpoints ===");
         for (String endpoint : sortedEndpoints) {
-            logger.info("Endpoint: {}", endpoint);
+            log.info("Endpoint: {}", endpoint);
         }
-        logger.info("=== END: All discovered GET endpoints ===");
+        log.info("=== END: All discovered GET endpoints ===");
     }
 }

app/core/src/main/java/stirling/software/SPDF/controller/api/AnalysisController.java

@@ -11,6 +11,7 @@ import org.apache.pdfbox.pdmodel.PDPageTree;
 import org.apache.pdfbox.pdmodel.encryption.PDEncryption;
 import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotation;
 import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;
+import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.*;
 
 import io.swagger.v3.oas.annotations.Operation;
@@ -29,7 +30,7 @@ public class AnalysisController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(value = "/page-count", consumes = "multipart/form-data")
+    @PostMapping(value = "/page-count", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get PDF page count",
             description = "Returns total number of pages in PDF. Input:PDF Output:JSON Type:SISO")
@@ -39,7 +40,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/basic-info", consumes = "multipart/form-data")
+    @PostMapping(value = "/basic-info", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get basic PDF information",
             description = "Returns page count, version, file size. Input:PDF Output:JSON Type:SISO")
@@ -53,7 +54,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/document-properties", consumes = "multipart/form-data")
+    @PostMapping(value = "/document-properties", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get PDF document properties",
             description = "Returns title, author, subject, etc. Input:PDF Output:JSON Type:SISO")
@@ -76,7 +77,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/page-dimensions", consumes = "multipart/form-data")
+    @PostMapping(value = "/page-dimensions", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get page dimensions for all pages",
             description = "Returns width and height of each page. Input:PDF Output:JSON Type:SISO")
@@ -96,7 +97,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/form-fields", consumes = "multipart/form-data")
+    @PostMapping(value = "/form-fields", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get form field information",
             description =
@@ -119,7 +120,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/annotation-info", consumes = "multipart/form-data")
+    @PostMapping(value = "/annotation-info", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get annotation information",
             description = "Returns count and types of annotations. Input:PDF Output:JSON Type:SISO")
@@ -143,7 +144,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/font-info", consumes = "multipart/form-data")
+    @PostMapping(value = "/font-info", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get font information",
             description =
@@ -165,7 +166,7 @@ public class AnalysisController {
         }
     }
 
-    @PostMapping(value = "/security-info", consumes = "multipart/form-data")
+    @PostMapping(value = "/security-info", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Get security information",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/CropController.java

@@ -10,6 +10,7 @@ import org.apache.pdfbox.pdmodel.PDPageContentStream;
 import org.apache.pdfbox.pdmodel.PDPageContentStream.AppendMode;
 import org.apache.pdfbox.pdmodel.common.PDRectangle;
 import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -33,7 +34,7 @@ public class CropController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(value = "/crop", consumes = "multipart/form-data")
+    @PostMapping(value = "/crop", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Crops a PDF document",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/EditTableOfContentsController.java

@@ -27,7 +27,9 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 
+import lombok.Getter;
 import lombok.RequiredArgsConstructor;
+import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
 
 import stirling.software.SPDF.model.api.EditTableOfContentsRequest;
@@ -44,7 +46,7 @@ public class EditTableOfContentsController {
     private final CustomPDFDocumentFactory pdfDocumentFactory;
     private final ObjectMapper objectMapper;
 
-    @PostMapping(value = "/extract-bookmarks", consumes = "multipart/form-data")
+    @PostMapping(value = "/extract-bookmarks", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Extract PDF Bookmarks",
             description = "Extracts bookmarks/table of contents from a PDF document as JSON.")
@@ -152,7 +154,7 @@ public class EditTableOfContentsController {
         return bookmark;
     }
 
-    @PostMapping(value = "/edit-table-of-contents", consumes = "multipart/form-data")
+    @PostMapping(value = "/edit-table-of-contents", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Edit Table of Contents",
             description = "Add or edit bookmarks/table of contents in a PDF document.")
@@ -234,33 +236,11 @@ public class EditTableOfContentsController {
     }
 
     // Inner class to represent bookmarks in JSON
+    @Setter
+    @Getter
     public static class BookmarkItem {
         private String title;
         private int pageNumber;
         private List<BookmarkItem> children = new ArrayList<>();
-
-        public String getTitle() {
-            return title;
-        }
-
-        public void setTitle(String title) {
-            this.title = title;
-        }
-
-        public int getPageNumber() {
-            return pageNumber;
-        }
-
-        public void setPageNumber(int pageNumber) {
-            this.pageNumber = pageNumber;
-        }
-
-        public List<BookmarkItem> getChildren() {
-            return children;
-        }
-
-        public void setChildren(List<BookmarkItem> children) {
-            this.children = children;
-        }
     }
 }

app/core/src/main/java/stirling/software/SPDF/controller/api/MergeController.java

@@ -1,6 +1,5 @@
 package stirling.software.SPDF.controller.api;
 
-import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
@@ -20,12 +19,14 @@ import org.apache.pdfbox.pdmodel.interactive.documentnavigation.outline.PDOutlin
 import org.apache.pdfbox.pdmodel.interactive.form.PDAcroForm;
 import org.apache.pdfbox.pdmodel.interactive.form.PDField;
 import org.apache.pdfbox.pdmodel.interactive.form.PDSignatureField;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.mvc.method.annotation.StreamingResponseBody;
 
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
@@ -36,8 +37,9 @@ import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.api.general.MergePdfsRequest;
 import stirling.software.common.service.CustomPDFDocumentFactory;
 import stirling.software.common.util.ExceptionUtils;
-import stirling.software.common.util.GeneralUtils;
 import stirling.software.common.util.PdfErrorUtils;
+import stirling.software.common.util.TempFile;
+import stirling.software.common.util.TempFileManager;
 import stirling.software.common.util.WebResponseUtils;
 
 @RestController
@@ -48,6 +50,7 @@ import stirling.software.common.util.WebResponseUtils;
 public class MergeController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
+    private final TempFileManager tempFileManager;
 
     // Merges a list of PDDocument objects into a single PDDocument
     public PDDocument mergeDocuments(List<PDDocument> documents) throws IOException {
@@ -62,56 +65,54 @@ public class MergeController {
 
     // Returns a comparator for sorting MultipartFile arrays based on the given sort type
     private Comparator<MultipartFile> getSortComparator(String sortType) {
-        switch (sortType) {
-            case "byFileName":
-                return Comparator.comparing(MultipartFile::getOriginalFilename);
-            case "byDateModified":
-                return (file1, file2) -> {
-                    try {
-                        BasicFileAttributes attr1 =
-                                Files.readAttributes(
-                                        Paths.get(file1.getOriginalFilename()),
-                                        BasicFileAttributes.class);
-                        BasicFileAttributes attr2 =
-                                Files.readAttributes(
-                                        Paths.get(file2.getOriginalFilename()),
-                                        BasicFileAttributes.class);
-                        return attr1.lastModifiedTime().compareTo(attr2.lastModifiedTime());
-                    } catch (IOException e) {
-                        return 0; // If there's an error, treat them as equal
-                    }
-                };
-            case "byDateCreated":
-                return (file1, file2) -> {
-                    try {
-                        BasicFileAttributes attr1 =
-                                Files.readAttributes(
-                                        Paths.get(file1.getOriginalFilename()),
-                                        BasicFileAttributes.class);
-                        BasicFileAttributes attr2 =
-                                Files.readAttributes(
-                                        Paths.get(file2.getOriginalFilename()),
-                                        BasicFileAttributes.class);
-                        return attr1.creationTime().compareTo(attr2.creationTime());
-                    } catch (IOException e) {
-                        return 0; // If there's an error, treat them as equal
-                    }
-                };
-            case "byPDFTitle":
-                return (file1, file2) -> {
-                    try (PDDocument doc1 = pdfDocumentFactory.load(file1);
-                            PDDocument doc2 = pdfDocumentFactory.load(file2)) {
-                        String title1 = doc1.getDocumentInformation().getTitle();
-                        String title2 = doc2.getDocumentInformation().getTitle();
-                        return title1.compareTo(title2);
-                    } catch (IOException e) {
-                        return 0;
-                    }
-                };
-            case "orderProvided":
-            default:
-                return (file1, file2) -> 0; // Default is the order provided
-        }
+        return switch (sortType) {
+            case "byFileName" -> Comparator.comparing(MultipartFile::getOriginalFilename);
+            case "byDateModified" ->
+                    (file1, file2) -> {
+                        try {
+                            BasicFileAttributes attr1 =
+                                    Files.readAttributes(
+                                            Paths.get(file1.getOriginalFilename()),
+                                            BasicFileAttributes.class);
+                            BasicFileAttributes attr2 =
+                                    Files.readAttributes(
+                                            Paths.get(file2.getOriginalFilename()),
+                                            BasicFileAttributes.class);
+                            return attr1.lastModifiedTime().compareTo(attr2.lastModifiedTime());
+                        } catch (IOException e) {
+                            return 0; // If there's an error, treat them as equal
+                        }
+                    };
+            case "byDateCreated" ->
+                    (file1, file2) -> {
+                        try {
+                            BasicFileAttributes attr1 =
+                                    Files.readAttributes(
+                                            Paths.get(file1.getOriginalFilename()),
+                                            BasicFileAttributes.class);
+                            BasicFileAttributes attr2 =
+                                    Files.readAttributes(
+                                            Paths.get(file2.getOriginalFilename()),
+                                            BasicFileAttributes.class);
+                            return attr1.creationTime().compareTo(attr2.creationTime());
+                        } catch (IOException e) {
+                            return 0; // If there's an error, treat them as equal
+                        }
+                    };
+            case "byPDFTitle" ->
+                    (file1, file2) -> {
+                        try (PDDocument doc1 = pdfDocumentFactory.load(file1);
+                                PDDocument doc2 = pdfDocumentFactory.load(file2)) {
+                            String title1 = doc1.getDocumentInformation().getTitle();
+                            String title2 = doc2.getDocumentInformation().getTitle();
+                            return title1.compareTo(title2);
+                        } catch (IOException e) {
+                            return 0;
+                        }
+                    };
+            case "orderProvided" -> (file1, file2) -> 0; // Default is the order provided
+            default -> (file1, file2) -> 0; // Default is the order provided
+        };
     }
 
     // Adds a table of contents to the merged document using filenames as chapter titles
@@ -154,17 +155,18 @@ public class MergeController {
         }
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/merge-pdfs")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/merge-pdfs")
     @Operation(
             summary = "Merge multiple PDF files into one",
             description =
                     "This endpoint merges multiple PDF files into a single PDF file. The merged"
                             + " file will contain all pages from the input files in the order they were"
                             + " provided. Input:PDF Output:PDF Type:MISO")
-    public ResponseEntity<byte[]> mergePdfs(@ModelAttribute MergePdfsRequest request)
+    public ResponseEntity<StreamingResponseBody> mergePdfs(@ModelAttribute MergePdfsRequest request)
             throws IOException {
         List<File> filesToDelete = new ArrayList<>(); // List of temporary files to delete
-        File mergedTempFile = null;
+        TempFile mergedTempFile = null;
+        TempFile outputTempFile = null;
         PDDocument mergedDocument = null;
 
         boolean removeCertSign = Boolean.TRUE.equals(request.getRemoveCertSign());
@@ -182,14 +184,14 @@ public class MergeController {
             for (MultipartFile multipartFile : files) {
                 totalSize += multipartFile.getSize();
                 File tempFile =
-                        GeneralUtils.convertMultipartFileToFile(
+                        tempFileManager.convertMultipartFileToFile(
                                 multipartFile); // Convert MultipartFile to File
                 filesToDelete.add(tempFile); // Add temp file to the list for later deletion
                 mergerUtility.addSource(tempFile); // Add source file to the merger utility
             }
 
-            mergedTempFile = Files.createTempFile("merged-", ".pdf").toFile();
-            mergerUtility.setDestinationFileName(mergedTempFile.getAbsolutePath());
+            mergedTempFile = new TempFile(tempFileManager, ".pdf");
+            mergerUtility.setDestinationFileName(mergedTempFile.getFile().getAbsolutePath());
 
             try {
                 mergerUtility.mergeDocuments(
@@ -204,7 +206,7 @@ public class MergeController {
             }
 
             // Load the merged PDF document
-            mergedDocument = pdfDocumentFactory.load(mergedTempFile);
+            mergedDocument = pdfDocumentFactory.load(mergedTempFile.getFile());
 
             // Remove signatures if removeCertSign is true
             if (removeCertSign) {
@@ -213,7 +215,7 @@ public class MergeController {
                 if (acroForm != null) {
                     List<PDField> fieldsToRemove =
                             acroForm.getFields().stream()
-                                    .filter(field -> field instanceof PDSignatureField)
+                                    .filter(PDSignatureField.class::isInstance)
                                     .toList();
 
                     if (!fieldsToRemove.isEmpty()) {
@@ -229,16 +231,15 @@ public class MergeController {
                 addTableOfContents(mergedDocument, files);
             }
 
-            // Save the modified document to a new ByteArrayOutputStream
-            ByteArrayOutputStream baos = new ByteArrayOutputStream();
-            mergedDocument.save(baos);
+            // Save the modified document to a temporary file
+            outputTempFile = new TempFile(tempFileManager, ".pdf");
+            mergedDocument.save(outputTempFile.getFile());
 
             String mergedFileName =
                     files[0].getOriginalFilename().replaceFirst("[.][^.]+$", "")
                             + "_merged_unsigned.pdf";
-            return WebResponseUtils.baosToWebResponse(
-                    baos, mergedFileName); // Return the modified PDF
-
+            return WebResponseUtils.pdfFileToWebResponse(
+                    outputTempFile, mergedFileName); // Return the modified PDF as stream
         } catch (Exception ex) {
             if (ex instanceof IOException && PdfErrorUtils.isCorruptedPdfError((IOException) ex)) {
                 log.warn("Corrupted PDF detected in merge pdf process: {}", ex.getMessage());
@@ -251,12 +252,10 @@ public class MergeController {
                 mergedDocument.close(); // Close the merged document
             }
             for (File file : filesToDelete) {
-                if (file != null) {
-                    Files.deleteIfExists(file.toPath()); // Delete temporary files
-                }
+                tempFileManager.deleteTempFile(file); // Delete temporary files
             }
             if (mergedTempFile != null) {
-                Files.deleteIfExists(mergedTempFile.toPath());
+                mergedTempFile.close();
             }
         }
     }

app/core/src/main/java/stirling/software/SPDF/controller/api/MultiPageLayoutController.java

@@ -11,6 +11,7 @@ import org.apache.pdfbox.pdmodel.PDPageContentStream;
 import org.apache.pdfbox.pdmodel.common.PDRectangle;
 import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;
 import org.apache.pdfbox.util.Matrix;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -36,7 +37,7 @@ public class MultiPageLayoutController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(value = "/multi-page-layout", consumes = "multipart/form-data")
+    @PostMapping(value = "/multi-page-layout", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Merge multiple pages of a PDF document into a single page",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/PdfImageRemovalController.java

@@ -4,6 +4,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 
 import org.apache.pdfbox.pdmodel.PDDocument;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -46,7 +47,7 @@ public class PdfImageRemovalController {
      *     content type and filename.
      * @throws IOException If an error occurs while processing the PDF file.
      */
-    @PostMapping(consumes = "multipart/form-data", value = "/remove-image-pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/remove-image-pdf")
     @Operation(
             summary = "Remove images from file to reduce the file size.",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/PdfOverlayController.java

@@ -39,7 +39,7 @@ public class PdfOverlayController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(value = "/overlay-pdfs", consumes = "multipart/form-data")
+    @PostMapping(value = "/overlay-pdfs", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Overlay PDF files in various modes",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/RearrangePagesPDFController.java

@@ -7,6 +7,7 @@ import java.util.List;
 
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -38,7 +39,7 @@ public class RearrangePagesPDFController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/remove-pages")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/remove-pages")
     @Operation(
             summary = "Remove pages from a PDF file",
             description =
@@ -237,7 +238,7 @@ public class RearrangePagesPDFController {
         }
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/rearrange-pages")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/rearrange-pages")
     @Operation(
             summary = "Rearrange pages in a PDF file",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/RotationController.java

@@ -5,6 +5,7 @@ import java.io.IOException;
 import org.apache.pdfbox.pdmodel.PDDocument;
 import org.apache.pdfbox.pdmodel.PDPage;
 import org.apache.pdfbox.pdmodel.PDPageTree;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -31,7 +32,7 @@ public class RotationController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/rotate-pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/rotate-pdf")
     @Operation(
             summary = "Rotate a PDF file",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/ScalePagesController.java

@@ -12,6 +12,7 @@ import org.apache.pdfbox.pdmodel.PDPageContentStream;
 import org.apache.pdfbox.pdmodel.common.PDRectangle;
 import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;
 import org.apache.pdfbox.util.Matrix;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -38,7 +39,7 @@ public class ScalePagesController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(value = "/scale-pages", consumes = "multipart/form-data")
+    @PostMapping(value = "/scale-pages", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Change the size of a PDF page/document",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/SplitPDFController.java

@@ -30,6 +30,8 @@ import lombok.extern.slf4j.Slf4j;
 import stirling.software.SPDF.model.api.PDFWithPageNums;
 import stirling.software.common.service.CustomPDFDocumentFactory;
 import stirling.software.common.util.ExceptionUtils;
+import stirling.software.common.util.TempFile;
+import stirling.software.common.util.TempFileManager;
 import stirling.software.common.util.WebResponseUtils;
 
 @RestController
@@ -40,8 +42,9 @@ import stirling.software.common.util.WebResponseUtils;
 public class SplitPDFController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
+    private final TempFileManager tempFileManager;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/split-pages")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/split-pages")
     @Operation(
             summary = "Split a PDF file into separate documents",
             description =
@@ -55,8 +58,11 @@ public class SplitPDFController {
         PDDocument document = null;
         Path zipFile = null;
         List<ByteArrayOutputStream> splitDocumentsBoas = new ArrayList<>();
+        String filename;
+        TempFile outputTempFile = null;
 
         try {
+            outputTempFile = new TempFile(tempFileManager, ".zip");
 
             MultipartFile file = request.getFileInput();
             String pages = request.getPageNumbers();
@@ -105,12 +111,11 @@ public class SplitPDFController {
             // closing the original document
             document.close();
 
-            zipFile = Files.createTempFile("split_documents", ".zip");
-
-            String filename =
+            filename =
                     Filenames.toSimpleFileName(file.getOriginalFilename())
                             .replaceFirst("[.][^.]+$", "");
-            try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {
+            try (ZipOutputStream zipOut =
+                    new ZipOutputStream(Files.newOutputStream(outputTempFile.getPath()))) {
                 // loop through the split documents and write them to the zip file
                 for (int i = 0; i < splitDocumentsBoas.size(); i++) {
                     String fileName = filename + "_" + (i + 1) + ".pdf";
@@ -125,19 +130,13 @@ public class SplitPDFController {
 
                     log.debug("Wrote split document {} to zip file", fileName);
                 }
-            } catch (Exception e) {
-                log.error("Failed writing to zip", e);
-                throw e;
             }
-
-            log.debug("Successfully created zip file with split documents: {}", zipFile.toString());
-            byte[] data = Files.readAllBytes(zipFile);
-            Files.deleteIfExists(zipFile);
-
-            // return the Resource in the response
+            log.debug(
+                    "Successfully created zip file with split documents: {}",
+                    outputTempFile.getPath());
+            byte[] data = Files.readAllBytes(outputTempFile.getPath());
             return WebResponseUtils.bytesToWebResponse(
                     data, filename + ".zip", MediaType.APPLICATION_OCTET_STREAM);
-
         } finally {
             try {
                 // Close the main document
@@ -152,9 +151,9 @@ public class SplitPDFController {
                     }
                 }
 
-                // Delete temporary zip file
-                if (zipFile != null) {
-                    Files.deleteIfExists(zipFile);
+                // Close the output temporary file
+                if (outputTempFile != null) {
+                    outputTempFile.close();
                 }
             } catch (Exception e) {
                 log.error("Error while cleaning up resources", e);

app/core/src/main/java/stirling/software/SPDF/controller/api/SplitPdfByChaptersController.java

@@ -117,7 +117,7 @@ public class SplitPdfByChaptersController {
         return bookmarks;
     }
 
-    @PostMapping(value = "/split-pdf-by-chapters", consumes = "multipart/form-data")
+    @PostMapping(value = "/split-pdf-by-chapters", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Split PDFs by Chapters",
             description = "Splits a PDF into chapters and returns a ZIP file.")

app/core/src/main/java/stirling/software/SPDF/controller/api/SplitPdfBySectionsController.java

@@ -2,8 +2,8 @@ package stirling.software.SPDF.controller.api;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.io.OutputStream;
 import java.nio.file.Files;
-import java.nio.file.Path;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.zip.ZipEntry;
@@ -24,6 +24,7 @@ import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.mvc.method.annotation.StreamingResponseBody;
 
 import io.github.pixee.security.Filenames;
 import io.swagger.v3.oas.annotations.Operation;
@@ -33,6 +34,9 @@ import lombok.RequiredArgsConstructor;
 
 import stirling.software.SPDF.model.api.SplitPdfBySectionsRequest;
 import stirling.software.common.service.CustomPDFDocumentFactory;
+import stirling.software.common.util.PDFService;
+import stirling.software.common.util.TempFile;
+import stirling.software.common.util.TempFileManager;
 import stirling.software.common.util.WebResponseUtils;
 
 @RestController
@@ -42,16 +46,18 @@ import stirling.software.common.util.WebResponseUtils;
 public class SplitPdfBySectionsController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
+    private final TempFileManager tempFileManager;
+    private final PDFService pdfService;
 
-    @PostMapping(value = "/split-pdf-by-sections", consumes = "multipart/form-data")
+    @PostMapping(value = "/split-pdf-by-sections", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Split PDF pages into smaller sections",
             description =
                     "Split each page of a PDF into smaller sections based on the user's choice"
                             + " (halves, thirds, quarters, etc.), both vertically and horizontally."
                             + " Input:PDF Output:ZIP-PDF Type:SISO")
-    public ResponseEntity<byte[]> splitPdf(@ModelAttribute SplitPdfBySectionsRequest request)
-            throws Exception {
+    public ResponseEntity<StreamingResponseBody> splitPdf(
+            @ModelAttribute SplitPdfBySectionsRequest request) throws Exception {
         List<ByteArrayOutputStream> splitDocumentsBoas = new ArrayList<>();
 
         MultipartFile file = request.getFileInput();
@@ -67,10 +73,14 @@ public class SplitPdfBySectionsController {
                 Filenames.toSimpleFileName(file.getOriginalFilename())
                         .replaceFirst("[.][^.]+$", "");
         if (merge) {
-            MergeController mergeController = new MergeController(pdfDocumentFactory);
-            ByteArrayOutputStream baos = new ByteArrayOutputStream();
-            mergeController.mergeDocuments(splitDocuments).save(baos);
-            return WebResponseUtils.bytesToWebResponse(baos.toByteArray(), filename + "_split.pdf");
+            TempFile tempFile = new TempFile(tempFileManager, ".pdf");
+            try (PDDocument merged = pdfService.mergeDocuments(splitDocuments);
+                    OutputStream out = Files.newOutputStream(tempFile.getPath())) {
+                merged.save(out);
+                for (PDDocument d : splitDocuments) d.close();
+                sourceDocument.close();
+            }
+            return WebResponseUtils.pdfFileToWebResponse(tempFile, filename + "_split.pdf");
         }
         for (PDDocument doc : splitDocuments) {
             ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -81,10 +91,9 @@ public class SplitPdfBySectionsController {
 
         sourceDocument.close();
 
-        Path zipFile = Files.createTempFile("split_documents", ".zip");
-        byte[] data;
-
-        try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {
+        TempFile zipTempFile = new TempFile(tempFileManager, ".zip");
+        try (ZipOutputStream zipOut =
+                new ZipOutputStream(Files.newOutputStream(zipTempFile.getPath()))) {
             int pageNum = 1;
             for (int i = 0; i < splitDocumentsBoas.size(); i++) {
                 ByteArrayOutputStream baos = splitDocumentsBoas.get(i);
@@ -98,15 +107,8 @@ public class SplitPdfBySectionsController {
 
                 if (sectionNum == horiz * verti) pageNum++;
             }
-
-            zipOut.finish();
-            data = Files.readAllBytes(zipFile);
-            return WebResponseUtils.bytesToWebResponse(
-                    data, filename + "_split.zip", MediaType.APPLICATION_OCTET_STREAM);
-
-        } finally {
-            Files.deleteIfExists(zipFile);
         }
+        return WebResponseUtils.zipFileToWebResponse(zipTempFile, filename + "_split.zip");
     }
 
     public List<PDDocument> splitPdfPages(

app/core/src/main/java/stirling/software/SPDF/controller/api/SplitPdfBySizeController.java

@@ -28,6 +28,8 @@ import stirling.software.SPDF.model.api.general.SplitPdfBySizeOrCountRequest;
 import stirling.software.common.service.CustomPDFDocumentFactory;
 import stirling.software.common.util.ExceptionUtils;
 import stirling.software.common.util.GeneralUtils;
+import stirling.software.common.util.TempFile;
+import stirling.software.common.util.TempFileManager;
 import stirling.software.common.util.WebResponseUtils;
 
 @RestController
@@ -38,8 +40,9 @@ import stirling.software.common.util.WebResponseUtils;
 public class SplitPdfBySizeController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
+    private final TempFileManager tempFileManager;
 
-    @PostMapping(value = "/split-by-size-or-count", consumes = "multipart/form-data")
+    @PostMapping(value = "/split-by-size-or-count", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
     @Operation(
             summary = "Auto split PDF pages into separate documents based on size or count",
             description =
@@ -54,89 +57,68 @@ public class SplitPdfBySizeController {
         log.debug("Starting PDF split process with request: {}", request);
         MultipartFile file = request.getFileInput();
 
-        Path zipFile = Files.createTempFile("split_documents", ".zip");
-        log.debug("Created temporary zip file: {}", zipFile);
-
         String filename =
                 Filenames.toSimpleFileName(file.getOriginalFilename())
                         .replaceFirst("[.][^.]+$", "");
         log.debug("Base filename for output: {}", filename);
 
-        byte[] data = null;
-        try {
-            log.debug("Reading input file bytes");
-            byte[] pdfBytes = file.getBytes();
-            log.debug("Successfully read {} bytes from input file", pdfBytes.length);
+        try (TempFile zipTempFile = new TempFile(tempFileManager, ".zip")) {
+            Path zipFile = zipTempFile.getPath();
+            log.debug("Created temporary zip file: {}", zipFile);
+            try {
+                log.debug("Reading input file bytes");
+                byte[] pdfBytes = file.getBytes();
+                log.debug("Successfully read {} bytes from input file", pdfBytes.length);
 
-            log.debug("Creating ZIP output stream");
-            try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {
-                log.debug("Loading PDF document");
-                try (PDDocument sourceDocument = pdfDocumentFactory.load(pdfBytes)) {
-                    log.debug(
-                            "Successfully loaded PDF with {} pages",
-                            sourceDocument.getNumberOfPages());
+                log.debug("Creating ZIP output stream");
+                try (ZipOutputStream zipOut = new ZipOutputStream(Files.newOutputStream(zipFile))) {
+                    log.debug("Loading PDF document");
+                    try (PDDocument sourceDocument = pdfDocumentFactory.load(pdfBytes)) {
+                        log.debug(
+                                "Successfully loaded PDF with {} pages",
+                                sourceDocument.getNumberOfPages());
 
-                    int type = request.getSplitType();
-                    String value = request.getSplitValue();
-                    log.debug("Split type: {}, Split value: {}", type, value);
+                        int type = request.getSplitType();
+                        String value = request.getSplitValue();
+                        log.debug("Split type: {}, Split value: {}", type, value);
 
-                    if (type == 0) {
-                        log.debug("Processing split by size");
-                        long maxBytes = GeneralUtils.convertSizeToBytes(value);
-                        log.debug("Max bytes per document: {}", maxBytes);
-                        handleSplitBySize(sourceDocument, maxBytes, zipOut, filename);
-                    } else if (type == 1) {
-                        log.debug("Processing split by page count");
-                        int pageCount = Integer.parseInt(value);
-                        log.debug("Pages per document: {}", pageCount);
-                        handleSplitByPageCount(sourceDocument, pageCount, zipOut, filename);
-                    } else if (type == 2) {
-                        log.debug("Processing split by document count");
-                        int documentCount = Integer.parseInt(value);
-                        log.debug("Total number of documents: {}", documentCount);
-                        handleSplitByDocCount(sourceDocument, documentCount, zipOut, filename);
-                    } else {
-                        log.error("Invalid split type: {}", type);
-                        throw ExceptionUtils.createIllegalArgumentException(
-                                "error.invalidArgument",
-                                "Invalid argument: {0}",
-                                "split type: " + type);
+                        if (type == 0) {
+                            log.debug("Processing split by size");
+                            long maxBytes = GeneralUtils.convertSizeToBytes(value);
+                            log.debug("Max bytes per document: {}", maxBytes);
+                            handleSplitBySize(sourceDocument, maxBytes, zipOut, filename);
+                        } else if (type == 1) {
+                            log.debug("Processing split by page count");
+                            int pageCount = Integer.parseInt(value);
+                            log.debug("Pages per document: {}", pageCount);
+                            handleSplitByPageCount(sourceDocument, pageCount, zipOut, filename);
+                        } else if (type == 2) {
+                            log.debug("Processing split by document count");
+                            int documentCount = Integer.parseInt(value);
+                            log.debug("Total number of documents: {}", documentCount);
+                            handleSplitByDocCount(sourceDocument, documentCount, zipOut, filename);
+                        } else {
+                            log.error("Invalid split type: {}", type);
+                            throw ExceptionUtils.createIllegalArgumentException(
+                                    "error.invalidArgument",
+                                    "Invalid argument: {0}",
+                                    "split type: " + type);
+                        }
+                        log.debug("PDF splitting completed successfully");
                     }
-
-                    log.debug("PDF splitting completed successfully");
-                } catch (Exception e) {
-                    ExceptionUtils.logException("PDF document loading or processing", e);
-                    throw e;
                 }
-            } catch (IOException e) {
-                log.error("Error creating or writing to ZIP file", e);
-                throw e;
-            }
 
-        } catch (Exception e) {
-            ExceptionUtils.logException("PDF splitting process", e);
-            throw e; // Re-throw to ensure proper error response
-        } finally {
-            try {
-                log.debug("Reading ZIP file data");
-                data = Files.readAllBytes(zipFile);
+                byte[] data = Files.readAllBytes(zipFile);
                 log.debug("Successfully read {} bytes from ZIP file", data.length);
-            } catch (IOException e) {
-                log.error("Error reading ZIP file data", e);
-            }
 
-            try {
-                log.debug("Deleting temporary ZIP file");
-                boolean deleted = Files.deleteIfExists(zipFile);
-                log.debug("Temporary ZIP file deleted: {}", deleted);
-            } catch (IOException e) {
-                log.error("Error deleting temporary ZIP file", e);
+                log.debug("Returning response with {} bytes of data", data.length);
+                return WebResponseUtils.bytesToWebResponse(
+                        data, filename + ".zip", MediaType.APPLICATION_OCTET_STREAM);
+            } catch (Exception e) {
+                ExceptionUtils.logException("PDF splitting process", e);
+                throw e; // Re-throw to ensure proper error response
             }
         }
-
-        log.debug("Returning response with {} bytes of data", data != null ? data.length : 0);
-        return WebResponseUtils.bytesToWebResponse(
-                data, filename + ".zip", MediaType.APPLICATION_OCTET_STREAM);
     }
 
     private void handleSplitBySize(

app/core/src/main/java/stirling/software/SPDF/controller/api/ToSinglePageController.java

@@ -10,6 +10,7 @@ import org.apache.pdfbox.pdmodel.PDPage;
 import org.apache.pdfbox.pdmodel.PDPageContentStream;
 import org.apache.pdfbox.pdmodel.common.PDRectangle;
 import org.apache.pdfbox.pdmodel.graphics.form.PDFormXObject;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -33,7 +34,7 @@ public class ToSinglePageController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf-to-single-page")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf-to-single-page")
     @Operation(
             summary = "Convert a multi-page PDF into a single long page PDF",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertEmlToPDF.java

@@ -40,7 +40,7 @@ public class ConvertEmlToPDF {
     private final TempFileManager tempFileManager;
     private final CustomHtmlSanitizer customHtmlSanitizer;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/eml/pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/eml/pdf")
     @Operation(
             summary = "Convert EML to PDF",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertHtmlToPDF.java

@@ -1,5 +1,6 @@
 package stirling.software.SPDF.controller.api.converters;
 
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -36,7 +37,7 @@ public class ConvertHtmlToPDF {
 
     private final CustomHtmlSanitizer customHtmlSanitizer;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/html/pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/html/pdf")
     @Operation(
             summary = "Convert an HTML or ZIP (containing HTML and CSS) to PDF",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertImgPDFController.java

@@ -51,7 +51,7 @@ public class ConvertImgPDFController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf/img")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf/img")
     @Operation(
             summary = "Convert PDF to image(s)",
             description =
@@ -66,6 +66,7 @@ public class ConvertImgPDFController {
         String colorType = request.getColorType();
         int dpi = request.getDpi();
         String pageNumbers = request.getPageNumbers();
+        boolean includeAnnotations = Boolean.TRUE.equals(request.getIncludeAnnotations());
         Path tempFile = null;
         Path tempOutputDir = null;
         Path tempPdfPath = null;
@@ -101,7 +102,8 @@ public class ConvertImgPDFController {
                             colorTypeResult,
                             singleImage,
                             dpi,
-                            filename);
+                            filename,
+                            includeAnnotations);
             if (result == null || result.length == 0) {
                 log.error("resultant bytes for {} is null, error converting ", filename);
             }
@@ -211,7 +213,7 @@ public class ConvertImgPDFController {
         }
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/img/pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/img/pdf")
     @Operation(
             summary = "Convert images to a PDF file",
             description =
@@ -242,7 +244,7 @@ public class ConvertImgPDFController {
 
     private String getMediaType(String imageFormat) {
         String mimeType = URLConnection.guessContentTypeFromName("." + imageFormat);
-        return "null".equals(mimeType) ? "application/octet-stream" : mimeType;
+        return "null".equals(mimeType) ? MediaType.APPLICATION_OCTET_STREAM_VALUE : mimeType;
     }
 
     /**

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertMarkdownToPdf.java

@@ -10,6 +10,7 @@ import org.commonmark.node.Node;
 import org.commonmark.parser.Parser;
 import org.commonmark.renderer.html.AttributeProvider;
 import org.commonmark.renderer.html.HtmlRenderer;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -45,7 +46,7 @@ public class ConvertMarkdownToPdf {
 
     private final CustomHtmlSanitizer customHtmlSanitizer;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/markdown/pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/markdown/pdf")
     @Operation(
             summary = "Convert a Markdown file to PDF",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertOfficeController.java

@@ -5,12 +5,14 @@ import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.nio.file.StandardCopyOption;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
 
+import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.FilenameUtils;
 import org.apache.pdfbox.pdmodel.PDDocument;
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -23,7 +25,9 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
+import stirling.software.SPDF.config.EndpointConfiguration;
 import stirling.software.common.configuration.RuntimePathConfig;
 import stirling.software.common.model.api.GeneralFile;
 import stirling.software.common.service.CustomPDFDocumentFactory;
@@ -36,59 +40,130 @@ import stirling.software.common.util.WebResponseUtils;
 @Tag(name = "Convert", description = "Convert APIs")
 @RequestMapping("/api/v1/convert")
 @RequiredArgsConstructor
+@Slf4j
 public class ConvertOfficeController {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
     private final RuntimePathConfig runtimePathConfig;
     private final CustomHtmlSanitizer customHtmlSanitizer;
+    private final EndpointConfiguration endpointConfiguration;
+
+    private boolean isUnoconvertAvailable() {
+        return endpointConfiguration.isGroupEnabled("Unoconvert")
+                || endpointConfiguration.isGroupEnabled("Python");
+    }
 
     public File convertToPdf(MultipartFile inputFile) throws IOException, InterruptedException {
-        // Check for valid file extension
+        // Check for valid file extension and sanitize filename
         String originalFilename = Filenames.toSimpleFileName(inputFile.getOriginalFilename());
-        if (originalFilename == null
-                || !isValidFileExtension(FilenameUtils.getExtension(originalFilename))) {
-            throw new IllegalArgumentException("Invalid file extension");
+        if (originalFilename == null || originalFilename.isBlank()) {
+            throw new IllegalArgumentException("Missing original filename");
         }
 
-        // Save the uploaded file to a temporary location
-        Path tempInputFile =
-                Files.createTempFile("input_", "." + FilenameUtils.getExtension(originalFilename));
+        // Check for valid file extension
+        String extension = FilenameUtils.getExtension(originalFilename);
+        if (extension == null || !isValidFileExtension(extension)) {
+            throw new IllegalArgumentException("Invalid file extension");
+        }
+        String extensionLower = extension.toLowerCase();
+
+        String baseName = FilenameUtils.getBaseName(originalFilename);
+        if (baseName == null || baseName.isBlank()) {
+            baseName = "input";
+        }
+
+        // create temporary working directory
+        Path workDir = Files.createTempDirectory("office2pdf_");
+        Path inputPath = workDir.resolve(baseName + "." + extensionLower);
+        Path outputPath = workDir.resolve(baseName + ".pdf");
 
         // Check if the file is HTML and apply sanitization if needed
-        String fileExtension = FilenameUtils.getExtension(originalFilename).toLowerCase();
-        if ("html".equals(fileExtension) || "htm".equals(fileExtension)) {
+        if ("html".equals(extensionLower) || "htm".equals(extensionLower)) {
             // Read and sanitize HTML content
             String htmlContent = new String(inputFile.getBytes(), StandardCharsets.UTF_8);
             String sanitizedHtml = customHtmlSanitizer.sanitize(htmlContent);
-            Files.write(tempInputFile, sanitizedHtml.getBytes(StandardCharsets.UTF_8));
+            Files.writeString(inputPath, sanitizedHtml, StandardCharsets.UTF_8);
         } else {
-            inputFile.transferTo(tempInputFile);
+            // copy file content
+            Files.copy(inputFile.getInputStream(), inputPath, StandardCopyOption.REPLACE_EXISTING);
         }
 
-        // Prepare the output file path
-        Path tempOutputFile = Files.createTempFile("output_", ".pdf");
-
         try {
-            // Run the LibreOffice command
-            List<String> command =
-                    new ArrayList<>(
-                            Arrays.asList(
-                                    runtimePathConfig.getUnoConvertPath(),
-                                    "--port",
-                                    "2003",
-                                    "--convert-to",
-                                    "pdf",
-                                    tempInputFile.toString(),
-                                    tempOutputFile.toString()));
-            ProcessExecutorResult returnCode =
-                    ProcessExecutor.getInstance(ProcessExecutor.Processes.LIBRE_OFFICE)
-                            .runCommandWithOutputHandling(command);
+            ProcessExecutorResult result;
+            // Run Unoconvert command
+            if (isUnoconvertAvailable()) {
+                // Unoconvert: schreibe direkt in outputPath innerhalb des workDir
+                List<String> command = new ArrayList<>();
+                command.add(runtimePathConfig.getUnoConvertPath());
+                command.add("--port");
+                command.add("2003");
+                command.add("--convert-to");
+                command.add("pdf");
+                command.add(inputPath.toString());
+                command.add(outputPath.toString());
 
-            // Read the converted PDF file
-            return tempOutputFile.toFile();
+                result =
+                        ProcessExecutor.getInstance(ProcessExecutor.Processes.LIBRE_OFFICE)
+                                .runCommandWithOutputHandling(command);
+            } // Run soffice command
+            else {
+                List<String> command = new ArrayList<>();
+                command.add("soffice");
+                command.add("--headless");
+                command.add("--nologo");
+                command.add("--convert-to");
+                command.add("pdf:writer_pdf_Export");
+                command.add("--outdir");
+                command.add(workDir.toString());
+                command.add(inputPath.toString());
+
+                result =
+                        ProcessExecutor.getInstance(ProcessExecutor.Processes.LIBRE_OFFICE)
+                                .runCommandWithOutputHandling(command);
+            }
+
+            // Check the result
+            if (result == null) {
+                throw new IllegalStateException("Converter returned no result");
+            }
+            if (result.getRc() != 0) {
+                throw new IllegalStateException("Conversion failed (exit " + result.getRc() + ")");
+            }
+
+            if (!Files.exists(outputPath)) {
+                // Some LibreOffice versions may deviate with exotic names – as a fallback, we try
+                // to find any .pdf in the workDir
+                try (var stream = Files.list(workDir)) {
+                    Path fallback =
+                            stream.filter(
+                                            p ->
+                                                    p.getFileName()
+                                                            .toString()
+                                                            .toLowerCase()
+                                                            .endsWith(".pdf"))
+                                    .findFirst()
+                                    .orElse(null);
+                    if (fallback == null) {
+                        throw new IllegalStateException("No PDF produced.");
+                    }
+                    // Move the found PDF to the expected outputPath
+                    Files.move(fallback, outputPath, StandardCopyOption.REPLACE_EXISTING);
+                }
+            }
+
+            // Check if the output file is empty
+            if (Files.size(outputPath) == 0L) {
+                throw new IllegalStateException("Produced PDF is empty");
+            }
+
+            return outputPath.toFile();
         } finally {
             // Clean up the temporary files
-            if (tempInputFile != null) Files.deleteIfExists(tempInputFile);
+            try {
+                Files.deleteIfExists(inputPath);
+            } catch (IOException e) {
+                log.warn("Failed to delete temp input file: {}", inputPath, e);
+            }
         }
     }
 
@@ -97,7 +172,7 @@ public class ConvertOfficeController {
         return fileExtension.matches(extensionPattern);
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/file/pdf")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/file/pdf")
     @Operation(
             summary = "Convert a file to a PDF using LibreOffice",
             description =
@@ -119,7 +194,9 @@ public class ConvertOfficeController {
                                     .replaceFirst("[.][^.]+$", "")
                             + "_convertedToPDF.pdf");
         } finally {
-            if (file != null) file.delete();
+            if (file != null && file.getParent() != null) {
+                FileUtils.deleteDirectory(file.getParentFile());
+            }
         }
     }
 }

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertPDFToHtml.java

@@ -1,5 +1,6 @@
 package stirling.software.SPDF.controller.api.converters;
 
+import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -18,7 +19,7 @@ import stirling.software.common.util.PDFToFile;
 @RequestMapping("/api/v1/convert")
 public class ConvertPDFToHtml {
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf/html")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf/html")
     @Operation(
             summary = "Convert PDF to HTML",
             description =

app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertPDFToOffice.java

@@ -34,7 +34,7 @@ public class ConvertPDFToOffice {
 
     private final CustomPDFDocumentFactory pdfDocumentFactory;
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf/presentation")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf/presentation")
     @Operation(
             summary = "Convert PDF to Presentation format",
             description =
@@ -49,7 +49,7 @@ public class ConvertPDFToOffice {
         return pdfToFile.processPdfToOfficeFormat(inputFile, outputFormat, "impress_pdf_import");
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf/text")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf/text")
     @Operation(
             summary = "Convert PDF to Text or RTF format",
             description =
@@ -77,7 +77,7 @@ public class ConvertPDFToOffice {
         }
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf/word")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf/word")
     @Operation(
             summary = "Convert PDF to Word document",
             description =
@@ -91,7 +91,7 @@ public class ConvertPDFToOffice {
         return pdfToFile.processPdfToOfficeFormat(inputFile, outputFormat, "writer_pdf_import");
     }
 
-    @PostMapping(consumes = "multipart/form-data", value = "/pdf/xml")
+    @PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE, value = "/pdf/xml")
     @Operation(
             summary = "Convert PDF to XML",
             description =