Bumped version to 2.8.0

New Crowdin updates (#1265 )
* New translations messages.en.xlf (Italian) * New translations validators.en.xlf (Italian) * New translations messages.en.xlf (English) * New translations messages.en.xlf (English) * New translations messages.en.xlf (English) * New translations messages.en.xlf (English) * New translations messages.en.xlf (English) * New translations messages.en.xlf (German) * New translations messages.en.xlf (English)
2026-03-02 13:35:25 +01:00 · 2026-03-01 23:22:38 +01:00 · 2026-03-01 23:21:02 +01:00 · 2026-03-01 23:18:27 +01:00 · 2026-03-01 23:15:06 +01:00 · 2026-03-01 22:28:01 +01:00
1047 changed files with 129955 additions and 55357 deletions
--- a/.docker/frankenphp/conf.d/app.ini
+++ b/.docker/frankenphp/conf.d/app.ini
@@ -12,7 +12,7 @@ opcache.max_accelerated_files = 20000
 opcache.memory_consumption = 256
 opcache.enable_file_override = 1

-memory_limit = 256M
+memory_limit = 512M

 upload_max_filesize=256M
-post_max_size=300M
+post_max_size=300M
--- a/.docker/frankenphp/docker-entrypoint.sh
+++ b/.docker/frankenphp/docker-entrypoint.sh
@@ -26,6 +26,28 @@ if [ "$1" = 'frankenphp' ] || [ "$1" = 'php' ] || [ "$1" = 'bin/console' ]; then
 		composer install --prefer-dist --no-progress --no-interaction
 	fi

+	# Install additional composer packages if COMPOSER_EXTRA_PACKAGES is set
+	if [ -n "$COMPOSER_EXTRA_PACKAGES" ]; then
+		echo "Installing additional composer packages: $COMPOSER_EXTRA_PACKAGES"
+		# Note: COMPOSER_EXTRA_PACKAGES is intentionally not quoted to allow word splitting
+		# This enables passing multiple package names separated by spaces
+		# shellcheck disable=SC2086
+		composer require $COMPOSER_EXTRA_PACKAGES --no-install --no-interaction --no-progress
+		if [ $? -eq 0 ]; then
+			echo "Running composer install to install packages without dev dependencies..."
+			composer install --no-dev --no-interaction --no-progress --optimize-autoloader
+			if [ $? -eq 0 ]; then
+				echo "Successfully installed additional composer packages"
+			else
+				echo "Failed to install composer dependencies"
+				exit 1
+			fi
+		else
+			echo "Failed to add additional composer packages to composer.json"
+			exit 1
+		fi
+	fi
+
 	if grep -q ^DATABASE_URL= .env; then
 		echo "Waiting for database to be ready..."
 		ATTEMPTS_LEFT_TO_REACH_DATABASE=60
--- a/.docker/frankenphp/worker.Caddyfile
+++ b/.docker/frankenphp/worker.Caddyfile
@@ -1,4 +1,3 @@
 worker {
 	file ./public/index.php
-	env APP_RUNTIME Runtime\FrankenPhpSymfony\Runtime
 }
--- a/.docker/partdb-entrypoint.sh
+++ b/.docker/partdb-entrypoint.sh
@@ -39,8 +39,72 @@ if [ -d /var/www/html/var/db ]; then
    fi
 fi

-# Start PHP-FPM
-service php8.1-fpm start
+# Install additional composer packages if COMPOSER_EXTRA_PACKAGES is set
+if [ -n "$COMPOSER_EXTRA_PACKAGES" ]; then
+    echo "Installing additional composer packages: $COMPOSER_EXTRA_PACKAGES"
+    # Note: COMPOSER_EXTRA_PACKAGES is intentionally not quoted to allow word splitting
+    # This enables passing multiple package names separated by spaces
+    # shellcheck disable=SC2086
+    sudo -E -u www-data composer require $COMPOSER_EXTRA_PACKAGES --no-install --no-interaction --no-progress
+    if [ $? -eq 0 ]; then
+        echo "Running composer install to install packages without dev dependencies..."
+        sudo -E -u www-data composer install --no-dev --no-interaction --no-progress --optimize-autoloader
+        if [ $? -eq 0 ]; then
+            echo "Successfully installed additional composer packages"
+        else
+            echo "Failed to install composer dependencies"
+            exit 1
+        fi
+    else
+        echo "Failed to add additional composer packages to composer.json"
+        exit 1
+    fi
+fi
+
+# Start PHP-FPM (the PHP_VERSION is replaced by the configured version in the Dockerfile)
+php-fpmPHP_VERSION -F &
+
+
+# Run migrations if automigration is enabled via env variable DB_AUTOMIGRATE
+if [ "$DB_AUTOMIGRATE" = "true" ]; then
+		echo "Waiting for database to be ready..."
+		ATTEMPTS_LEFT_TO_REACH_DATABASE=60
+		until [ $ATTEMPTS_LEFT_TO_REACH_DATABASE -eq 0 ] || DATABASE_ERROR=$(sudo -E -u www-data php bin/console dbal:run-sql -q "SELECT 1" 2>&1); do
+			if [ $? -eq 255 ]; then
+				# If the Doctrine command exits with 255, an unrecoverable error occurred
+				ATTEMPTS_LEFT_TO_REACH_DATABASE=0
+				break
+			fi
+			sleep 1
+			ATTEMPTS_LEFT_TO_REACH_DATABASE=$((ATTEMPTS_LEFT_TO_REACH_DATABASE - 1))
+			echo "Still waiting for database to be ready... Or maybe the database is not reachable. $ATTEMPTS_LEFT_TO_REACH_DATABASE attempts left."
+		done
+
+		if [ $ATTEMPTS_LEFT_TO_REACH_DATABASE -eq 0 ]; then
+			echo "The database is not up or not reachable:"
+			echo "$DATABASE_ERROR"
+			exit 1
+		else
+			echo "The database is now ready and reachable"
+		fi
+
+    # Check if there are any available migrations to do, by executing doctrine:migrations:up-to-date
+    # and checking if the exit code is 0 (up to date) or 1 (not up to date)
+    if  sudo -E -u www-data php bin/console doctrine:migrations:up-to-date --no-interaction; then
+        echo "Database is up to date, no migrations necessary."
+    else
+        echo "Migrations available..."
+        echo "Do backup of database..."
+
+        sudo -E -u www-data mkdir -p /var/www/html/uploads/.automigration-backup/
+        # Backup the database
+        sudo -E -u www-data php bin/console partdb:backup -n --database /var/www/html/uploads/.automigration-backup/backup-$(date +%Y-%m-%d_%H-%M-%S).zip
+
+        # Check if there are any migration files
+        sudo -E -u www-data php bin/console doctrine:migrations:migrate --no-interaction
+    fi
+
+fi

 # first arg is `-f` or `--some-option` (taken from https://github.com/docker-library/php/blob/master/8.2/bullseye/apache/docker-php-entrypoint)
 if [ "${1#-}" != "$1" ]; then
@@ -48,4 +112,4 @@ if [ "${1#-}" != "$1" ]; then
 fi

 # Pass to the original entrypoint
-exec "$@"
+exec "$@"
--- a/.docker/symfony.conf
+++ b/.docker/symfony.conf
@@ -24,31 +24,10 @@
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

-        # Pass the configuration from the docker env to the PHP environment (here you should list all .env options)
-        PassEnv APP_ENV APP_DEBUG APP_SECRET REDIRECT_TO_HTTPS DISABLE_YEAR2038_BUG_CHECK
-        PassEnv TRUSTED_PROXIES TRUSTED_HOSTS LOCK_DSN
-        PassEnv DATABASE_URL ENFORCE_CHANGE_COMMENTS_FOR DATABASE_MYSQL_USE_SSL_CA DATABASE_MYSQL_SSL_VERIFY_CERT
-        PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR MAX_ATTACHMENT_FILE_SIZE DEFAULT_URI CHECK_FOR_UPDATES ATTACHMENT_DOWNLOAD_BY_DEFAULT
-        PassEnv MAILER_DSN ALLOW_EMAIL_PW_RESET EMAIL_SENDER_EMAIL EMAIL_SENDER_NAME
-        PassEnv HISTORY_SAVE_CHANGED_FIELDS HISTORY_SAVE_CHANGED_DATA HISTORY_SAVE_REMOVED_DATA HISTORY_SAVE_NEW_DATA
-        PassEnv ERROR_PAGE_ADMIN_EMAIL ERROR_PAGE_SHOW_HELP
-        PassEnv DEMO_MODE NO_URL_REWRITE_AVAILABLE FIXER_API_KEY BANNER
-        # In old version the SAML sp private key env, was wrongly named SAMLP_SP_PRIVATE_KEY, keep it for backward compatibility
-        PassEnv SAML_ENABLED SAML_BEHIND_PROXY SAML_ROLE_MAPPING SAML_UPDATE_GROUP_ON_LOGIN SAML_IDP_ENTITY_ID SAML_IDP_SINGLE_SIGN_ON_SERVICE SAML_IDP_SINGLE_LOGOUT_SERVICE SAML_IDP_X509_CERT SAML_SP_ENTITY_ID SAML_SP_X509_CERT SAML_SP_PRIVATE_KEY SAMLP_SP_PRIVATE_KEY
-        PassEnv TABLE_DEFAULT_PAGE_SIZE TABLE_PARTS_DEFAULT_COLUMNS
-
-        PassEnv PROVIDER_DIGIKEY_CLIENT_ID PROVIDER_DIGIKEY_SECRET PROVIDER_DIGIKEY_CURRENCY PROVIDER_DIGIKEY_LANGUAGE PROVIDER_DIGIKEY_COUNTRY
-        PassEnv PROVIDER_ELEMENT14_KEY PROVIDER_ELEMENT14_STORE_ID
-        PassEnv PROVIDER_TME_KEY PROVIDER_TME_SECRET PROVIDER_TME_CURRENCY PROVIDER_TME_LANGUAGE PROVIDER_TME_COUNTRY PROVIDER_TME_GET_GROSS_PRICES
-        PassEnv PROVIDER_OCTOPART_CLIENT_ID PROVIDER_OCTOPART_SECRET PROVIDER_OCTOPART_CURRENCY PROVIDER_OCTOPART_COUNTRY PROVIDER_OCTOPART_SEARCH_LIMIT PROVIDER_OCTOPART_ONLY_AUTHORIZED_SELLERS
-        PassEnv PROVIDER_MOUSER_KEY PROVIDER_MOUSER_SEARCH_OPTION PROVIDER_MOUSER_SEARCH_LIMIT PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE
-        PassEnv PROVIDER_LCSC_ENABLED PROVIDER_LCSC_CURRENCY
-        PassEnv EDA_KICAD_CATEGORY_DEPTH
-
        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
-</VirtualHost>
+</VirtualHost>
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,17 @@
+# editorconfig.org
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 4
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[{compose.yaml,compose.*.yaml}]
+indent_size = 2
+
+[*.md]
+trim_trailing_whitespace = false
--- a/.env
+++ b/.env
@@ -23,41 +23,17 @@ DATABASE_MYSQL_USE_SSL_CA=0
 # Only do this, if you know what you are doing!
 DATABASE_MYSQL_SSL_VERIFY_CERT=1

+# Emulate natural sorting of strings even on databases that do not support it (like SQLite, MySQL or MariaDB < 10.7)
+# This can be slow on big databases and might have some problems and quirks, so use it with caution
+DATABASE_EMULATE_NATURAL_SORT=0
+
 ###################################################################################
 # General settings
 ###################################################################################

-# The language to use serverwide as default (en, de, ru, etc.)
-DEFAULT_LANG="en"
-# The default timezone to use serverwide (e.g. Europe/Berlin)
-DEFAULT_TIMEZONE="Europe/Berlin"
-# The currency that is used inside the DB (and is assumed when no currency is set). This can not be changed later, so be sure to set it the currency used in your country
-BASE_CURRENCY="EUR"
-# The name of this installation. This will be shown as title in the browser and in the header of the website
-INSTANCE_NAME="Part-DB"
-# Allow users to download attachments to the server by providing an URL
-# This could be a potential security issue, as the user can retrieve any file the server has access to (via internet)
-ALLOW_ATTACHMENT_DOWNLOADS=0
-# Set this to 1, if the "download external files" checkbox should be checked by default for new attachments
-ATTACHMENT_DOWNLOAD_BY_DEFAULT=0
-# Use gravatars for user avatars, when user has no own avatar defined
-USE_GRAVATAR=0
-# The maximum allowed size for attachment files in bytes (you can use M for megabytes and G for gigabytes)
-# Please note that the php.ini setting upload_max_filesize also limits the maximum size of uploaded files
-MAX_ATTACHMENT_FILE_SIZE="100M"
-
-# The public reachable URL of this Part-DB installation. This is used for generating links in SAML and email templates
-# This must end with a slash!
+# The public reachable URL of this Part-DB installation. This is used for generating links in SAML and email templates or when no request context is available.
 DEFAULT_URI="https://partdb.changeme.invalid/"

-# With this option you can configure, where users are enforced to give a change reason, which will be logged
-# This is a comma separated list of values, see documentation for available values
-# Leave this empty, to make all change reasons optional
-ENFORCE_CHANGE_COMMENTS_FOR=""
-
-# Disable that if you do not want that Part-DB connects to GitHub to check for available updates, or if your server can not connect to the internet
-CHECK_FOR_UPDATES=1
-
 ###################################################################################
 # Email settings
 ###################################################################################
@@ -74,21 +50,6 @@ EMAIL_SENDER_NAME="Part-DB Mailer"
 # Set this to 1 to allow reset of a password per email
 ALLOW_EMAIL_PW_RESET=0

-######################################################################################
-# History/Eventlog settings
-######################################################################################
-# If you want to use full timetrave functionality all values below have to be set to 1
-
-# Save which fields were changed in a ElementEdited log entry
-HISTORY_SAVE_CHANGED_FIELDS=1
-# Save the old data in the  ElementEdited log entry (warning this could increase the database size in short time)
-HISTORY_SAVE_CHANGED_DATA=1
-# Save the data of an element that gets removed into log entry. This allows to undelete an element
-HISTORY_SAVE_REMOVED_DATA=1
-# Save the new data of an element that gets changed or added. This allows an easy comparison of the old and new data on the detail page
-# This option only becomes active when HISTORY_SAVE_CHANGED_DATA is set to 1
-HISTORY_SAVE_NEW_DATA=1
-
 ###################################################################################
 # Error pages settings
 ###################################################################################
@@ -98,93 +59,17 @@ ERROR_PAGE_ADMIN_EMAIL=''
 # If this is set to true, solutions to common problems are shown on error pages. Disable this, if you do not want your users to see them...
 ERROR_PAGE_SHOW_HELP=1

-##################################################################################
-# Part table settings
-##################################################################################
+###################################################################################
+# Update Manager settings
+###################################################################################

-# The default page size for the part table (set to -1 to show all parts on one page)
-TABLE_DEFAULT_PAGE_SIZE=50
-# Configure which columns will be visible by default in the parts table (and in which order).
-# This is a comma separated list of column names. See documentation for available values.
-TABLE_PARTS_DEFAULT_COLUMNS=name,description,category,footprint,manufacturer,storage_location,amount
+# Disable web-based updates from the Update Manager UI (0=enabled, 1=disabled).
+# When disabled, use the CLI command "php bin/console partdb:update" instead.
+DISABLE_WEB_UPDATES=1

-##################################################################################
-# Info provider settings
-##################################################################################
-
-# Digikey Provider:
-# You can get your client id and secret from https://developer.digikey.com/
-PROVIDER_DIGIKEY_CLIENT_ID=
-PROVIDER_DIGIKEY_SECRET=
-# The currency to get prices in
-PROVIDER_DIGIKEY_CURRENCY=EUR
-# The language to get results in (en, de, fr, it, es, zh, ja, ko)
-PROVIDER_DIGIKEY_LANGUAGE=en
-# The country to get results for
-PROVIDER_DIGIKEY_COUNTRY=DE
-
-# Farnell Provider:
-# You can get your API key from https://partner.element14.com/
-PROVIDER_ELEMENT14_KEY=
-# Configure the store domain you want to use. This decides the language and currency of results. You can get a list of available stores from https://partner.element14.com/docs/Product_Search_API_REST__Description
-PROVIDER_ELEMENT14_STORE_ID=de.farnell.com
-
-# TME Provider:
-# You can get your API key from https://developers.tme.eu/en/
-PROVIDER_TME_KEY=
-PROVIDER_TME_SECRET=
-# The currency to get prices in
-PROVIDER_TME_CURRENCY=EUR
-# The language to get results in (en, de, pl)
-PROVIDER_TME_LANGUAGE=en
-# The country to get results for
-PROVIDER_TME_COUNTRY=DE
-# Set this to 1 to get gross prices (including VAT) instead of net prices
-PROVIDER_TME_GET_GROSS_PRICES=1
-
-# Octopart / Nexar Provider:
-# You can get your API key from https://nexar.com/api
-PROVIDER_OCTOPART_CLIENT_ID=
-PROVIDER_OCTOPART_SECRET=
-# The currency and country to get prices for (you have to set both to get meaningful results)
-# 3 letter ISO currency code (e.g. EUR, USD, GBP)
-PROVIDER_OCTOPART_CURRENCY=EUR
-# 2 letter ISO country code (e.g. DE, US, GB)
-PROVIDER_OCTOPART_COUNTRY=DE
-# The number of results to get from Octopart while searching (please note that this counts towards your API limits)
-PROVIDER_OCTOPART_SEARCH_LIMIT=10
-# Set to false to include non authorized offers in the results
-PROVIDER_OCTOPART_ONLY_AUTHORIZED_SELLERS=1
-
-# Mouser Provider API V2:
-# You can get your API key from https://www.mouser.it/api-hub/
-PROVIDER_MOUSER_KEY=
-# Filter search results by RoHS compliance and stock availability:
-# Available options: None | Rohs | InStock | RohsAndInStock
-PROVIDER_MOUSER_SEARCH_OPTION='None'
-# The number of results to get from Mouser while searching (please note that this value is max 50)
-PROVIDER_MOUSER_SEARCH_LIMIT=50
-# It is recommended to leave this set to 'true'. The option is not really good doumented by Mouser:
-# Used when searching for keywords in the language specified when you signed up for Search API.
-PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE='true'
-
-# LCSC Provider:
-# LCSC does not provide an offical API, so this used the API LCSC uses to render their webshop.
-# LCSC did not intended the use of this API and it could break any time, so use it at your own risk.
-
-# We dont require an API key for LCSC, just set this to 1 to enable LCSC support
-PROVIDER_LCSC_ENABLED=0
-# The currency to get prices in (e.g. EUR, USD, etc.)
-PROVIDER_LCSC_CURRENCY=EUR
-
-##################################################################################
-# EDA integration related settings
-##################################################################################
-
-# This value determines the depth of the category tree, that is visible inside KiCad
-# 0 means that only the top level categories are visible. Set to a value > 0 to show more levels.
-# Set to -1, to show all parts of Part-DB inside a single category in KiCad
-EDA_KICAD_CATEGORY_DEPTH=0
+# Disable backup restore from the Update Manager UI (0=enabled, 1=disabled).
+# Restoring backups is a destructive operation that could overwrite your database.
+DISABLE_BACKUP_RESTORE=1

 ###################################################################################
 # SAML Single sign on-settings
@@ -238,16 +123,6 @@ NO_URL_REWRITE_AVAILABLE=0
 # Set to 1, if Part-DB should redirect all HTTP requests to HTTPS. You dont need to configure this, if your webserver already does this.
 REDIRECT_TO_HTTPS=0

-# If you want to use fixer.io for currency conversion, you have to set this to your API key
-FIXER_API_KEY=CHANGEME
-
-# Override value if you want to show to show a given text on homepage.
-# When this is empty the content of config/banner.md is used as banner
-BANNER=""
-
-APP_ENV=prod
-APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
-
 # Set this to zero, if you want to disable the year 2038 bug check on 32-bit systems (it will cause errors with current 32-bit PHP versions)
 DISABLE_YEAR2038_BUG_CHECK=0

@@ -265,3 +140,9 @@ LOCK_DSN=flock
 ###> nelmio/cors-bundle ###
 CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
 ###< nelmio/cors-bundle ###
+
+###> symfony/framework-bundle ###
+APP_ENV=prod
+APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
+APP_SHARE_DIR=var/share
+###< symfony/framework-bundle ###
--- a/.env.dev
+++ b/.env.dev
@@ -0,0 +1,4 @@
+
+###> symfony/framework-bundle ###
+APP_SECRET=318b5d659e07a0b3f96d9b3a83b254ca
+###< symfony/framework-bundle ###
--- a/.env.test
+++ b/.env.test
@@ -10,4 +10,6 @@ DATABASE_URL="sqlite:///%kernel.project_dir%/var/app_test.db"
 #DATABASE_URL=mysql://root:@127.0.0.1:3306/part-db

 # Disable update checks, as tests would fail, when github is not reachable
-CHECK_FOR_UPDATES=0
+CHECK_FOR_UPDATES=0
+
+INSTANCE_NAME="Part-DB"
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,186 @@
+# Copilot Instructions for Part-DB
+
+Part-DB is an Open-Source inventory management system for electronic components built with Symfony 7.4 and modern web technologies.
+
+## Technology Stack
+
+- **Backend**: PHP 8.2+, Symfony 7.4, Doctrine ORM
+- **Frontend**: Bootstrap 5, Hotwire Stimulus/Turbo, TypeScript, Webpack Encore
+- **Database**: MySQL 5.7+/MariaDB 10.4+/PostgreSQL 10+/SQLite
+- **Testing**: PHPUnit with DAMA Doctrine Test Bundle
+- **Code Quality**: Easy Coding Standard (ECS), PHPStan (level 5)
+
+## Project Structure
+
+- `src/`: PHP application code organized by purpose (Controller, Entity, Service, Form, etc.)
+- `assets/`: Frontend TypeScript/JavaScript and CSS files
+- `templates/`: Twig templates for views
+- `tests/`: PHPUnit tests mirroring the `src/` structure
+- `config/`: Symfony configuration files
+- `public/`: Web-accessible files
+- `translations/`: Translation files for multi-language support
+
+## Coding Standards
+
+### PHP Code
+
+- Follow [PSR-12](https://www.php-fig.org/psr/psr-12/) and [Symfony coding standards](https://symfony.com/doc/current/contributing/code/standards.html)
+- Use type hints for all parameters and return types
+- Always declare strict types: `declare(strict_types=1);` at the top of PHP files
+- Use PHPDoc blocks for complex logic or when type information is needed
+
+### TypeScript/JavaScript
+
+- Use TypeScript for new frontend code
+- Follow existing Stimulus controller patterns in `assets/controllers/`
+- Use Bootstrap 5 components and utilities
+- Leverage Hotwire Turbo for dynamic page updates
+
+### Naming Conventions
+
+- Entities: Use descriptive names that reflect database models (e.g., `Part`, `StorageLocation`)
+- Controllers: Suffix with `Controller` (e.g., `PartController`)
+- Services: Descriptive names reflecting their purpose (e.g., `PartService`, `LabelGenerator`)
+- Tests: Match the class being tested with `Test` suffix (e.g., `PartTest`, `PartControllerTest`)
+
+## Development Workflow
+
+### Dependencies
+
+- Install PHP dependencies: `composer install`
+- Install JS dependencies: `yarn install`
+- Build frontend assets: `yarn build` (production) or `yarn watch` (development)
+
+### Database
+
+- Create database: `php bin/console doctrine:database:create --env=dev`
+- Run migrations: `php bin/console doctrine:migrations:migrate --env=dev`
+- Load fixtures: `php bin/console partdb:fixtures:load -n --env=dev`
+
+Or use Makefile shortcuts:
+- `make dev-setup`: Complete development environment setup
+- `make dev-reset`: Reset development environment (cache clear + migrate)
+
+### Testing
+
+- Set up test environment: `make test-setup`
+- Run all tests: `php bin/phpunit`
+- Run specific test: `php bin/phpunit tests/Path/To/SpecificTest.php`
+- Run tests with coverage: `php bin/phpunit --coverage-html var/coverage`
+- Test environment uses SQLite by default for speed
+
+### Static Analysis
+
+- Run PHPStan: `composer phpstan` or `COMPOSER_MEMORY_LIMIT=-1 php -d memory_limit=1G vendor/bin/phpstan analyse src --level 5`
+- PHPStan configuration is in `phpstan.dist.neon`
+
+### Running the Application
+
+- Development server: `symfony serve` (requires Symfony CLI)
+- Or configure Apache/nginx to serve from `public/` directory
+- Set `APP_ENV=dev` in `.env.local` for development mode
+
+## Best Practices
+
+### Security
+
+- Always sanitize user input
+- Use Symfony's security component for authentication/authorization
+- Check permissions using the permission system before allowing actions
+- Never expose sensitive data in logs or error messages
+- Use parameterized queries (Doctrine handles this automatically)
+
+### Performance
+
+- Use Doctrine query builder for complex queries instead of DQL when possible
+- Lazy load relationships to avoid N+1 queries
+- Cache results when appropriate using Symfony's cache component
+- Use pagination for large result sets (DataTables integration available)
+
+### Database
+
+- Always create migrations for schema changes: `php bin/console make:migration`
+- Review migration files before running them
+- Use Doctrine annotations or attributes for entity mapping
+- Follow existing entity patterns for relationships and lifecycle callbacks
+
+### Frontend
+
+- Use Stimulus controllers for interactive components
+- Leverage Turbo for dynamic page updates without full page reloads
+- Use Bootstrap 5 classes for styling
+- Keep JavaScript modular and organized in controllers
+- Use the translation system for user-facing strings
+
+### Translations
+
+- Use translation keys, not hardcoded strings: `{{ 'part.info.title'|trans }}`
+- Add new translation keys to `translations/` files
+- Primary language is English (en)
+- Translations are managed via Crowdin, but can be edited locally if needed
+
+### Testing
+
+- Write unit tests for services and helpers
+- Write functional tests for controllers
+- Use fixtures for test data
+- Tests should be isolated and not depend on execution order
+- Mock external dependencies when appropriate
+- Follow existing test patterns in the repository
+
+## Common Patterns
+
+### Creating an Entity
+
+1. Create entity class in `src/Entity/` with Doctrine attributes
+2. Generate migration: `php bin/console make:migration`
+3. Review and run migration: `php bin/console doctrine:migrations:migrate`
+4. Create repository if needed in `src/Repository/`
+5. Add fixtures in `src/DataFixtures/` for testing
+
+### Adding a Form
+
+1. Create form type in `src/Form/`
+2. Extend `AbstractType` and implement `buildForm()` and `configureOptions()`
+3. Use in controller and render in Twig template
+4. Follow existing form patterns for consistency
+
+### Creating a Controller Action
+
+1. Add method to appropriate controller in `src/Controller/`
+2. Use route attributes for routing
+3. Check permissions using security voters
+4. Return Response or render Twig template
+5. Add corresponding template in `templates/`
+
+### Adding a Service
+
+1. Create service class in `src/Services/`
+2. Use dependency injection via constructor
+3. Tag service in `config/services.yaml` if needed
+4. Services are autowired by default
+
+## Important Notes
+
+- Part-DB uses fine-grained permissions - always check user permissions before actions
+- Multi-language support is critical - use translation keys everywhere
+- The application supports multiple database backends - write portable code
+- Responsive design is important - test on mobile/tablet viewports
+- Event system is used for logging changes - emit events when appropriate
+- API Platform is integrated for REST API endpoints
+
+## Multi-tenancy Considerations
+
+- Part-DB is designed as a single-tenant application with multiple users
+- User groups have different permission levels
+- Always scope queries to respect user permissions
+- Use the security context to get current user information
+
+## Resources
+
+- [Documentation](https://docs.part-db.de/)
+- [Contributing Guide](CONTRIBUTING.md)
+- [Symfony Documentation](https://symfony.com/doc/current/index.html)
+- [Doctrine Documentation](https://www.doctrine-project.org/projects/doctrine-orm/en/current/)
+- [Bootstrap 5 Documentation](https://getbootstrap.com/docs/5.1/)
+- [Hotwire Documentation](https://hotwired.dev/)
--- a/.github/workflows/assets_artifact_build.yml
+++ b/.github/workflows/assets_artifact_build.yml
@@ -1,5 +1,8 @@
 name: Build assets artifact

+permissions:
+    contents: read
+
 on:
  push:
    branches:
@@ -19,7 +22,7 @@ jobs:
      APP_ENV: prod

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
@@ -34,12 +37,12 @@ jobs:
        run: |
          echo "::set-output name=dir::$(composer config cache-files-dir)"

-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
-            ${{ runner.os }}-composer-  
+            ${{ runner.os }}-composer-

      - name: Install dependencies
        run: composer install --prefer-dist --no-progress --no-dev -a
@@ -48,7 +51,7 @@ jobs:
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"

-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
        with:
          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -57,9 +60,9 @@ jobs:
            ${{ runner.os }}-yarn-

      - name: Setup node
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
        with:
-          node-version: '18'
+          node-version: '20'

      - name: Install yarn dependencies
        run: yarn install
@@ -77,13 +80,13 @@ jobs:
        run: zip -r /tmp/partdb_assets.zip public/build/ vendor/

      - name: Upload assets artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: Only dependencies and built assets
          path: /tmp/partdb_assets.zip

      - name: Upload full artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: Full Part-DB including dependencies and built assets
          path: /tmp/partdb_with_assets.zip
--- a/.github/workflows/docker_build.yml
+++ b/.github/workflows/docker_build.yml
@@ -1,5 +1,8 @@
 name: Docker Image Build

+permissions:
+    contents: read
+
 on:
  #schedule:
  #  - cron: '0 10 * * *' # everyday at 10am
@@ -12,12 +15,24 @@ on:
      - 'v*.*.*-**'

 jobs:
-  docker:
-    runs-on: ubuntu-latest
+  build:
+    strategy:
+      matrix:
+        include:
+          - platform: linux/amd64
+            runner: ubuntu-latest
+            platform-slug: amd64
+          - platform: linux/arm64
+            runner: ubuntu-24.04-arm
+            platform-slug: arm64
+          - platform: linux/arm/v7
+            runner: ubuntu-24.04-arm
+            platform-slug: armv7
+    runs-on: ${{ matrix.runner }}
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
      -
        name: Docker meta
        id: docker_meta
@@ -29,13 +44,12 @@ jobs:
          # Mark the image build from master as latest (as we dont have really releases yet)
          tags: |
            type=edge,branch=master
-            type=ref,event=branch,
-            type=ref,event=tag,
+            type=ref,event=branch
+            type=ref,event=tag
            type=schedule
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
-            type=ref,event=branch
            type=ref,event=pr
          labels: |
            org.opencontainers.image.source=${{ github.event.repository.clone_url }}
@@ -46,12 +60,10 @@ jobs:
            org.opencontainers.image.source=https://github.com/Part-DB/Part-DB-symfony
            org.opencontainers.image.authors=Jan Böhmer
            org.opencontainers.licenses=AGPL-3.0-or-later
+          # Disable automatic 'latest' tag in build jobs - it will be created in merge job
+          flavor: |
+            latest=false

-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-        with:
-          platforms: 'arm64,arm'
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
@@ -64,13 +76,85 @@ jobs:
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -
-        name: Build and push
-        uses: docker/build-push-action@v5
+        name: Build and push by digest
+        id: build
+        uses: docker/build-push-action@v6
        with:
          context: .
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.docker_meta.outputs.tags }}
+          platforms: ${{ matrix.platform }}
          labels: ${{ steps.docker_meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          outputs: type=image,name=jbtronics/part-db1,push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
+          cache-from: type=gha,scope=build-${{ matrix.platform }}
+          cache-to: type=gha,mode=max,scope=build-${{ matrix.platform }}
+
+      -
+        name: Export digest
+        if: github.event_name != 'pull_request'
+        run: |
+          mkdir -p /tmp/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"
+
+      -
+        name: Upload digest
+        if: github.event_name != 'pull_request'
+        uses: actions/upload-artifact@v6
+        with:
+          name: digests-${{ matrix.platform-slug }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1
+
+  merge:
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    if: github.event_name != 'pull_request'
+    steps:
+      -
+        name: Download digests
+        uses: actions/download-artifact@v7
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      -
+        name: Docker meta
+        id: docker_meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            jbtronics/part-db1
+          tags: |
+            type=edge,branch=master
+            type=ref,event=branch
+            type=ref,event=tag
+            type=schedule
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=ref,event=pr
+
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      -
+        name: Create manifest list and push
+        working-directory: /tmp/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf 'jbtronics/part-db1@sha256:%s ' *)
+
+      -
+        name: Inspect image
+        run: |
+          docker buildx imagetools inspect jbtronics/part-db1:${{ steps.docker_meta.outputs.version }}
--- a/.github/workflows/docker_frankenphp.yml
+++ b/.github/workflows/docker_frankenphp.yml
@@ -1,5 +1,8 @@
 name: Docker Image Build (FrankenPHP)

+permissions:
+    contents: read
+
 on:
  #schedule:
  #  - cron: '0 10 * * *' # everyday at 10am
@@ -12,12 +15,24 @@ on:
      - 'v*.*.*-**'

 jobs:
-  docker:
-    runs-on: ubuntu-latest
+  build:
+    strategy:
+      matrix:
+        include:
+          - platform: linux/amd64
+            runner: ubuntu-latest
+            platform-slug: amd64
+          - platform: linux/arm64
+            runner: ubuntu-24.04-arm
+            platform-slug: arm64
+          - platform: linux/arm/v7
+            runner: ubuntu-24.04-arm
+            platform-slug: armv7
+    runs-on: ${{ matrix.runner }}
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
      -
        name: Docker meta
        id: docker_meta
@@ -29,13 +44,12 @@ jobs:
          # Mark the image build from master as latest (as we dont have really releases yet)
          tags: |
            type=edge,branch=master
-            type=ref,event=branch,
-            type=ref,event=tag,
+            type=ref,event=branch
+            type=ref,event=tag
            type=schedule
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
-            type=ref,event=branch
            type=ref,event=pr
          labels: |
            org.opencontainers.image.source=${{ github.event.repository.clone_url }}
@@ -46,12 +60,10 @@ jobs:
            org.opencontainers.image.source=https://github.com/Part-DB/Part-DB-server
            org.opencontainers.image.authors=Jan Böhmer
            org.opencontainers.licenses=AGPL-3.0-or-later
+          # Disable automatic 'latest' tag in build jobs - it will be created in merge job
+          flavor: |
+            latest=false

-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-        with:
-          platforms: 'arm64,arm'
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
@@ -64,14 +76,86 @@ jobs:
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -
-        name: Build and push
-        uses: docker/build-push-action@v5
+        name: Build and push by digest
+        id: build
+        uses: docker/build-push-action@v6
        with:
          context: .
          file: Dockerfile-frankenphp
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.docker_meta.outputs.tags }}
+          platforms: ${{ matrix.platform }}
          labels: ${{ steps.docker_meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          outputs: type=image,name=partdborg/part-db,push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
+          cache-from: type=gha,scope=build-${{ matrix.platform }}
+          cache-to: type=gha,mode=max,scope=build-${{ matrix.platform }}
+
+      -
+        name: Export digest
+        if: github.event_name != 'pull_request'
+        run: |
+          mkdir -p /tmp/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"
+
+      -
+        name: Upload digest
+        if: github.event_name != 'pull_request'
+        uses: actions/upload-artifact@v6
+        with:
+          name: digests-${{ matrix.platform-slug }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1
+
+  merge:
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    if: github.event_name != 'pull_request'
+    steps:
+      -
+        name: Download digests
+        uses: actions/download-artifact@v7
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      -
+        name: Docker meta
+        id: docker_meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            partdborg/part-db
+          tags: |
+            type=edge,branch=master
+            type=ref,event=branch
+            type=ref,event=tag
+            type=schedule
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=ref,event=pr
+
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      -
+        name: Create manifest list and push
+        working-directory: /tmp/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf 'partdborg/part-db@sha256:%s ' *)
+
+      -
+        name: Inspect image
+        run: |
+          docker buildx imagetools inspect partdborg/part-db:${{ steps.docker_meta.outputs.version }}
--- a/.github/workflows/static_analysis.yml
+++ b/.github/workflows/static_analysis.yml
@@ -1,5 +1,8 @@
 name: Static analysis

+permissions:
+    contents: read
+
 on:
  push:
    branches:
@@ -16,7 +19,7 @@ jobs:
    runs-on: ubuntu-22.04

    steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6

    - name: Setup PHP
      uses: shivammathur/setup-php@v2
@@ -30,20 +33,20 @@ jobs:
      id: composer-cache
      run: |
        echo "::set-output name=dir::$(composer config cache-files-dir)"
-    
-    - uses: actions/cache@v4
+
+    - uses: actions/cache@v5
      with:
        path: ${{ steps.composer-cache.outputs.dir }}
        key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
        restore-keys: |
-          ${{ runner.os }}-composer-  
+          ${{ runner.os }}-composer-

    - name: Install dependencies
      run: composer install --prefer-dist --no-progress

    - name: Lint config files
      run: ./bin/console lint:yaml config --parse-tags
-    
+
    - name: Lint twig templates
      run: ./bin/console lint:twig templates --env=prod

@@ -53,13 +56,13 @@ jobs:

    - name: Check dependencies for security
      uses: symfonycorp/security-checker-action@v5
-    
+
    - name: Check doctrine mapping
      run: ./bin/console doctrine:schema:validate --skip-sync -vvv --no-interaction

    # Use the -d option to raise the max nesting level
    - name: Generate dev container
      run: php -d xdebug.max_nesting_level=1000 ./bin/console cache:clear --env dev
-    
+
    - name: Run PHPstan
      run: composer phpstan
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -1,5 +1,8 @@
 name: PHPUnit Tests

+permissions:
+    contents: read
+
 on:
  push:
    branches:
@@ -9,16 +12,17 @@ on:
    branches:
      - '*'
      - "!l10n_*"
-    
+
 jobs:
  phpunit:
    name: PHPUnit and coverage Test (PHP ${{ matrix.php-versions }}, ${{ matrix.db-type }})
    runs-on: ubuntu-22.04

    strategy:
+      fail-fast: false
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3' ]
-        db-type: [ 'mysql', 'sqlite' ]
+        php-versions: ['8.2', '8.3', '8.4', '8.5' ]
+        db-type: [ 'mysql', 'sqlite', 'postgres' ]

    env:
      # Note that we set DATABASE URL later based on our db-type matrix value
@@ -30,15 +34,19 @@ jobs:

    steps:
      - name: Set Database env for MySQL
-        run: echo "DATABASE_URL=mysql://root:root@127.0.0.1:3306/test" >> $GITHUB_ENV
+        run: echo "DATABASE_URL=mysql://root:root@127.0.0.1:3306/partdb?serverVersion=8.0.35" >> $GITHUB_ENV
        if: matrix.db-type == 'mysql'

      - name: Set Database env for SQLite
        run: echo "DATABASE_URL="sqlite:///%kernel.project_dir%/var/app_test.db"" >> $GITHUB_ENV
        if: matrix.db-type == 'sqlite'

+      - name: Set Database env for PostgreSQL
+        run: echo "DATABASE_URL=postgresql://postgres:postgres @127.0.0.1:5432/partdb?serverVersion=14&charset=utf8" >> $GITHUB_ENV
+        if: matrix.db-type == 'postgres'
+
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
@@ -47,99 +55,103 @@ jobs:
          coverage: pcov
          ini-values: xdebug.max_nesting_level=1000
          extensions: mbstring, intl, gd, xsl, gmp, bcmath, :php-psr
-    
+
      - name: Start MySQL
        run: sudo systemctl start mysql.service
+        if: matrix.db-type == 'mysql'

-      #- name: Setup MySQL
+        # Replace the scram-sha-256 with trust for host connections, to avoid password authentication
+      - name: Start PostgreSQL
+        run: |
+          sudo sed -i 's/^\(host.*all.*all.*\)scram-sha-256/\1trust/' /etc/postgresql/14/main/pg_hba.conf
+          sudo systemctl start postgresql.service
+          sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';"
+        if: matrix.db-type == 'postgres'
+
+        #- name: Setup MySQL
      #  uses: mirromutth/mysql-action@v1.1
      #  with:
      #    mysql version: 5.7
      #    mysql database: 'part-db'
      #    mysql root password: '1234'
-        
+
      ## Setup caches
-      
+
      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "::set-output name=dir::$(composer config cache-files-dir)"
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: |
-            ${{ runner.os }}-composer-  
-      
+            ${{ runner.os }}-composer-
+
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"

-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
        with:
          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            ${{ runner.os }}-yarn-
-      
+
      - name: Install composer dependencies
        run: composer install --prefer-dist --no-progress
-    
+
      - name: Setup node
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
        with:
-          node-version: '18'
-    
+          node-version: '20'
+
      - name: Install yarn dependencies
        run: yarn install
-    
+
      - name: Build frontend
        run: yarn build
-    
+
      - name: Create DB
        run: php bin/console --env test doctrine:database:create --if-not-exists -n
-        if: matrix.db-type == 'mysql'
+        if: matrix.db-type == 'mysql' || matrix.db-type == 'postgres'

-      # Checkinf for existance is not supported for sqlite, so do it without it
-      - name: Create DB
-        run: php bin/console --env test doctrine:database:create -n
-        if: matrix.db-type == 'sqlite'
-    
      - name: Do migrations
        run: php bin/console --env test doctrine:migrations:migrate -n

      # Use our own custom fixtures loading command to circumvent some problems with reset the autoincrement values
      - name: Load fixtures
        run: php bin/console --env test partdb:fixtures:load -n
-    
+
      - name: Run PHPunit and generate coverage
        run: ./bin/phpunit --coverage-clover=coverage.xml
-      
+
      - name: Upload coverage
-        uses: codecov/codecov-action@v4
+        uses: codecov/codecov-action@v5
        with:
          env_vars: PHP_VERSION,DB_TYPE
          token: ${{ secrets.CODECOV_TOKEN }}
          fail_ci_if_error: true
-          
+
      - name: Test app:clean-attachments
        run: php bin/console partdb:attachments:clean-unused -n
-      
+
      - name: Test app:convert-bbcode
        run: php bin/console app:convert-bbcode -n
-      
+
      - name: Test app:show-logs
        run: php bin/console app:show-logs -n

      - name: Test check-requirements command
        run: php bin/console partdb:check-requirements -n

+      - name: Test partdb:backup command
+        run: php bin/console partdb:backup -n --full /tmp/test_backup.zip
+
      - name: Test legacy Part-DB import
        run: bash .github/assets/legacy_import/test_legacy_import.sh
        if: matrix.db-type == 'mysql' && matrix.php-versions == '8.2'
        env:
          DATABASE_URL: mysql://root:root@localhost:3306/legacy_db
-
-
-      
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@
 /.env.local
 /.env.local.php
 /.env.*.local
+/.env.local.bak
 /config/secrets/prod/prod.decrypt.private.php
 /public/bundles/
 /var/
@@ -41,9 +42,12 @@ yarn-error.log

 ###> phpunit/phpunit ###
 /phpunit.xml
-.phpunit.result.cache
+/.phpunit.cache/
 ###< phpunit/phpunit ###

 ###> phpstan/phpstan ###
 phpstan.neon
 ###< phpstan/phpstan ###
+
+.claude/
+CLAUDE.md
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,7 +1,7 @@
 # How to contribute

-Thank you for consider to contribute to Part-DB!
-Please read the text below, so your contributed content can be contributed easily to Part-DB.
+Thank you for considering contributing to Part-DB!
+Please read the text below, so your contributed content can be incorporated into Part-DB easily.

 You can contribute to Part-DB in various ways:
 * Report bugs and request new features via [issues](https://github.com/Part-DB/Part-DB-server/issues)
@@ -18,38 +18,38 @@ Part-DB uses translation keys (e.g. part.info.title) that are sorted by their us
 was translated in other languages (this is possible via the "Other languages" dropdown in the translation editor).

 ## Project structure
-Part-DB uses symfony's recommended [project structure](https://symfony.com/doc/current/best_practices.html).
+Part-DB uses Symfony's recommended [project structure](https://symfony.com/doc/current/best_practices.html).
 Interesting folders are:
-* `public`: Everything in this directory will be publicy accessible via web. Use this folder to serve static images.
-* `assets`: The frontend assets are saved here. You can find the javascript and CSS code here.
-* `src`: Part-DB's PHP code is saved here. Note that the sub directories are structured by the classes purposes (so use `Controller` Controllers, `Entities` for Database models, etc.)
-* `translations`: The translations used in Part-DB are saved here
+* `public`: Everything in this directory will be publicly accessible via web. Use this folder to serve static images.
+* `assets`: The frontend assets are saved here. You can find the JavaScript and CSS code here.
+* `src`: Part-DB's PHP code is saved here. Note that the subdirectories are structured by the classes' purposes (so use `Controller` for Controllers, `Entity` for Database models, etc.)
+* `translations`: The translations used in Part-DB are saved here.
 * `templates`: The templates (HTML) that are used by Twig to render the different pages. Email templates are also saved here.
-* `tests/`: Tests that can be run by PHPunit.
+* `tests/`: Tests that can be run by PHPUnit.

 ## Development environment
-For setting up an development you will need to install PHP, composer, a database server (MySQL or MariaDB) and yarn (which needs an nodejs environment).
-* Copy `.env` to `.env.local` and change `APP_ENV` to `APP_ENV=dev`. That way you will get development tools (symfony profiler) and other features that
+For setting up a development environment, you will need to install PHP, Composer, a database server (MySQL or MariaDB) and yarn (which needs a Node.js environment).
+* Copy `.env` to `.env.local` and change `APP_ENV` to `APP_ENV=dev`. That way you will get development tools (Symfony profiler) and other features that
 will simplify development.
-* Run `composer install` (without -o) to install PHP dependencies and `yarn install` to install frontend dependencies
-* Run `yarn watch`. The program will run in the background and compile the frontend files whenever you change something in the CSS or TypeScript files
-* For running Part-DB it is recommended to use [Symfony CLI](https://symfony.com/download). 
-That way you can run a correct configured webserver with `symfony serve`
+* Run `composer install` (without -o) to install PHP dependencies and `yarn install` to install frontend dependencies.
+* Run `yarn watch`. The program will run in the background and compile the frontend files whenever you change something in the CSS or TypeScript files.
+* For running Part-DB, it is recommended to use [Symfony CLI](https://symfony.com/download). 
+That way you can run a correctly configured webserver with `symfony serve`.

 ## Coding style
-Code should follow the [PSR12-Standard](https://www.php-fig.org/psr/psr-12/) and symfony's [coding standards](https://symfony.com/doc/current/contributing/code/standards.html).
+Code should follow the [PSR-12 Standard](https://www.php-fig.org/psr/psr-12/) and Symfony's [coding standards](https://symfony.com/doc/current/contributing/code/standards.html).

 Part-DB uses [Easy Coding Standard](https://github.com/symplify/easy-coding-standard) to check and fix coding style violations:
-* To check your code for valid code style run `vendor/bin/ecs check src/`
-* To fix violations run `vendor/bin/ecs check src/` (please checks afterwards if the code is valid afterwards)
+* To check your code for valid code style, run `vendor/bin/ecs check src/`
+* To fix violations, run `vendor/bin/ecs check src/ --fix` (please check afterwards if the code is still valid)

 ## GitHub actions
-Part-DB uses GitHub actions to run various tests and checks on the code:
+Part-DB uses GitHub Actions to run various tests and checks on the code:
 * Yarn dependencies can compile
-* PHPunit tests run successful
-* Config files, translations and templates has valid syntax
-* Doctrine schema valid
-* No known vulnerable dependecies are used
-* Static analysis successful (phpstan with `--level=2`)
+* PHPUnit tests run successfully
+* Config files, translations, and templates have valid syntax
+* Doctrine schema is valid
+* No known vulnerable dependencies are used
+* Static analysis is successful (phpstan with `--level=2`)

-Further the code coverage of the PHPunit tests is determined and uploaded to [CodeCov](https://codecov.io/gh/Part-DB/Part-DB-server).
+Further, the code coverage of the PHPUnit tests is determined and uploaded to [CodeCov](https://codecov.io/gh/Part-DB/Part-DB-server).
--- a/262
+++ b/262
@@ -1,22 +1,113 @@
-FROM debian:bullseye-slim
+# syntax=docker/dockerfile:1
+ARG BASE_IMAGE=debian:bookworm-slim
+ARG PHP_VERSION=8.4
+ARG NODE_VERSION=22
+# Node.js build stage for building frontend assets
+# Use native platform for build stage as it's platform-independent
+FROM --platform=$BUILDPLATFORM node:${NODE_VERSION}-bookworm-slim AS node-builder
+ARG TARGETARCH
+WORKDIR /app

-# Install needed dependencies for PHP build
-#RUN apt-get update &&  apt-get install -y pkg-config curl libcurl4-openssl-dev libicu-dev \
-#    libpng-dev libjpeg-dev libfreetype6-dev gnupg zip libzip-dev libjpeg62-turbo-dev libonig-dev libxslt-dev libwebp-dev vim \
-#    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
+# Install composer and minimal PHP for running Symfony commands
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer

-RUN apt-get update && apt-get -y install apt-transport-https lsb-release ca-certificates curl zip mariadb-client \
+# Use BuildKit cache mounts for apt in builder stage
+RUN --mount=type=cache,id=apt-cache-node-$TARGETARCH,target=/var/cache/apt \
+    --mount=type=cache,id=apt-lists-node-$TARGETARCH,target=/var/lib/apt/lists \
+    apt-get update && apt-get install -y --no-install-recommends \
+        php-cli \
+        php-xml \
+        php-mbstring \
+        unzip \
+        git \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Copy composer files and install dependencies (needed for Symfony UX assets)
+COPY composer.json composer.lock symfony.lock ./
+
+# Use BuildKit cache for Composer downloads
+RUN --mount=type=cache,id=composer-cache,target=/root/.cache/composer \
+    composer install --no-scripts --no-autoloader --no-dev --prefer-dist --ignore-platform-reqs
+
+# Copy all application files needed for cache warmup and webpack build
+COPY .env* ./
+COPY bin ./bin
+COPY config ./config
+COPY src ./src
+COPY translations ./translations
+COPY public ./public
+COPY assets ./assets
+COPY webpack.config.js ./
+
+# Generate autoloader
+RUN composer dump-autoload
+
+# Create required directories for cache warmup
+RUN mkdir -p var/cache var/log uploads public/media
+
+# Dump translations, which we need for cache warmup
+RUN php bin/console cache:warmup -n --env=prod 2>&1
+
+# Copy package files and install node dependencies
+COPY package.json yarn.lock ./
+# Use BuildKit cache for yarn/npm
+RUN --mount=type=cache,id=yarn-cache,target=/root/.cache/yarn \
+    --mount=type=cache,id=npm-cache,target=/root/.npm \
+    yarn install --network-timeout 600000
+
+# Build the assets
+RUN yarn build
+
+# Clean up
+RUN yarn cache clean && rm -rf node_modules/
+
+# Base stage for PHP
+FROM ${BASE_IMAGE} AS base
+ARG PHP_VERSION
+ARG TARGETARCH
+
+# Use BuildKit cache mounts for apt in base stage
+RUN --mount=type=cache,id=apt-cache-$TARGETARCH,target=/var/cache/apt \
+    --mount=type=cache,id=apt-lists-$TARGETARCH,target=/var/lib/apt/lists \
+    apt-get update && apt-get -y install \
+      apt-transport-https \
+      lsb-release \
+      ca-certificates \
+      curl \
+      zip \
+      mariadb-client \
+      postgresql-client \
    && curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg  \
    && sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' \
    && apt-get update && apt-get upgrade -y \
-    && apt-get install -y apache2 php8.1 php8.1-fpm php8.1-opcache php8.1-curl php8.1-gd php8.1-mbstring php8.1-xml php8.1-bcmath php8.1-intl php8.1-zip php8.1-xsl php8.1-sqlite3 php8.1-mysql gpg sudo \
-    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*;
+    && apt-get install -y \
+      apache2 \
+      php${PHP_VERSION} \
+      php${PHP_VERSION}-fpm \
+      php${PHP_VERSION}-opcache \
+      php${PHP_VERSION}-curl \
+      php${PHP_VERSION}-gd \
+      php${PHP_VERSION}-mbstring \
+      php${PHP_VERSION}-xml \
+      php${PHP_VERSION}-bcmath \
+      php${PHP_VERSION}-intl \
+      php${PHP_VERSION}-zip \
+      php${PHP_VERSION}-xsl \
+      php${PHP_VERSION}-sqlite3 \
+      php${PHP_VERSION}-mysql \
+      php${PHP_VERSION}-pgsql \
+      gpg \
+      sudo \
+    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/* \
+    && mkdir -p /var/www/html \
+    && chown -R www-data:www-data /var/www/html \
+    && rm -rvf /var/www/html/*

-ENV APACHE_CONFDIR /etc/apache2
-ENV APACHE_ENVVARS $APACHE_CONFDIR/envvars
+# Install composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer

-# Create workdir and set permissions if directory does not exists
-RUN mkdir -p /var/www/html && chown -R www-data:www-data /var/www/html
+ENV APACHE_CONFDIR=/etc/apache2
+ENV APACHE_ENVVARS=$APACHE_CONFDIR/envvars

 # Configure apache 2 (taken from https://github.com/docker-library/php/blob/master/8.2/bullseye/apache/Dockerfile)
 # generically convert lines like
@@ -25,93 +116,94 @@ RUN mkdir -p /var/www/html && chown -R www-data:www-data /var/www/html
 #   : ${APACHE_RUN_USER:=www-data}
 #   export APACHE_RUN_USER
 # so that they can be overridden at runtime ("-e APACHE_RUN_USER=...")
-RUN  sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS"; \
-      set -eux; . "$APACHE_ENVVARS";  \
-    # delete the "index.html" that installing Apache drops in here
-    	rm -rvf /var/www/html/*; \
-    	\
-    # logs should go to stdout / stderr
-    	ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log"; \
-    	ln -sfT /dev/stdout "$APACHE_LOG_DIR/access.log"; \
-    	ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log"; \
-        chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR";
+RUN sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS" && \
+    set -eux; . "$APACHE_ENVVARS" && \
+    ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log" && \
+    ln -sfT /dev/stdout "$APACHE_LOG_DIR/access.log" && \
+    ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log" && \
+    chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR"

-# Enable php-fpm
-RUN a2enmod proxy_fcgi setenvif && a2enconf php8.1-fpm
+# ---

+FROM scratch AS apache-config
+ARG PHP_VERSION
 # Configure php-fpm to log to stdout of the container (stdout of PID 1)
 # We have to use /proc/1/fd/1 because /dev/stdout or /proc/self/fd/1 does not point to the container stdout (because we use apache as entrypoint)
 # We also disable the clear_env option to allow the use of environment variables in php-fpm
-RUN { \
-    echo '[global]'; \
-    echo 'error_log = /proc/1/fd/1'; \
-    echo; \
-    echo '[www]'; \
-    echo 'access.log = /proc/1/fd/1'; \
-    echo 'catch_workers_output = yes'; \
-    echo 'decorate_workers_output = no'; \
-    echo 'clear_env = no'; \
-   } | tee "/etc/php/8.1/fpm/pool.d/zz-docker.conf"
+COPY <<EOF /etc/php/${PHP_VERSION}/fpm/pool.d/zz-docker.conf
+[global]
+error_log = /proc/1/fd/1
+
+[www]
+access.log = /proc/1/fd/1
+catch_workers_output = yes
+decorate_workers_output = no
+clear_env = no
+EOF

 # PHP files should be handled by PHP, and should be preferred over any other file type
-RUN { \
-		echo '<FilesMatch \.php$>'; \
-		echo '\tSetHandler application/x-httpd-php'; \
-		echo '</FilesMatch>'; \
-		echo; \
-		echo 'DirectoryIndex disabled'; \
-		echo 'DirectoryIndex index.php index.html'; \
-		echo; \
-		echo '<Directory /var/www/>'; \
-		echo '\tOptions -Indexes'; \
-		echo '\tAllowOverride All'; \
-		echo '</Directory>'; \
-	} | tee "$APACHE_CONFDIR/conf-available/docker-php.conf" \
-	&& a2enconf docker-php
+COPY <<EOF /etc/apache2/conf-available/docker-php.conf
+<FilesMatch \\.php$>
+	SetHandler application/x-httpd-php
+</FilesMatch>
+
+DirectoryIndex disabled
+DirectoryIndex index.php index.html
+
+<Directory /var/www/>
+	Options -Indexes
+	AllowOverride All
+</Directory>
+EOF

 # Enable opcache and configure it recommended for symfony (see https://symfony.com/doc/current/performance.html)
-RUN  \
-	{ \
-		echo 'opcache.memory_consumption=256'; \
-		echo 'opcache.max_accelerated_files=20000'; \
-		echo 'opcache.validate_timestamp=0'; \
-        # Configure Realpath cache for performance
-        echo 'realpath_cache_size=4096K'; \
-        echo 'realpath_cache_ttl=600'; \
-    } > /etc/php/8.1/fpm/conf.d/symfony-recommended.ini
+COPY <<EOF /etc/php/${PHP_VERSION}/fpm/conf.d/symfony-recommended.ini
+opcache.memory_consumption=256
+opcache.max_accelerated_files=20000
+opcache.validate_timestamp=0
+# Configure Realpath cache for performance
+realpath_cache_size=4096K
+realpath_cache_ttl=600
+EOF

-# Increase upload limit and enable preloading
-RUN  \
-	{ \
-		echo 'upload_max_filesize=256M'; \
-		echo 'post_max_size=300M'; \
-        echo 'opcache.preload_user=www-data'; \
-        echo 'opcache.preload=/var/www/html/config/preload.php'; \
-    } > /etc/php/8.1/fpm/conf.d/partdb.ini
+# Increase upload limit and enable preloading (disabled for now, as it does not seem to work properly, and require prod env anyway)
+COPY <<EOF /etc/php/${PHP_VERSION}/fpm/conf.d/partdb.ini
+upload_max_filesize=256M
+post_max_size=300M
+;opcache.preload_user=www-data
+;opcache.preload=/var/www/html/config/preload.php
+log_limit=8096
+EOF

-# Install node and yarn
-RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
-RUN curl -sL https://deb.nodesource.com/setup_18.x | bash - && apt-get update && apt-get install -y nodejs yarn && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
+COPY ./.docker/symfony.conf /etc/apache2/sites-available/symfony.conf

-# Install composer
-COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+# ---

+FROM base
+ARG PHP_VERSION

 # Set working dir
 WORKDIR /var/www/html
+COPY --from=apache-config / /
 COPY --chown=www-data:www-data . .

 # Setup apache2
-RUN a2dissite 000-default.conf
-COPY ./.docker/symfony.conf /etc/apache2/sites-available/symfony.conf
-RUN a2ensite symfony.conf
-RUN a2enmod rewrite
+RUN a2dissite 000-default.conf && \
+    a2ensite symfony.conf && \
+    a2enmod proxy_fcgi setenvif && \
+    a2enconf php${PHP_VERSION}-fpm && \
+    a2enconf docker-php && \
+    a2enmod rewrite

 # Install composer and yarn dependencies for Part-DB
 USER www-data
-RUN composer install -a --no-dev && composer clear-cache
-RUN yarn install --network-timeout 600000 && yarn build && yarn cache clean && rm -rf node_modules/
+# Use BuildKit cache for Composer when running as www-data by setting COMPOSER_CACHE_DIR
+RUN --mount=type=cache,id=composer-cache,target=/tmp/.composer-cache \
+    COMPOSER_CACHE_DIR=/tmp/.composer-cache composer install -a --no-dev && \
+    composer clear-cache
+
+# Copy built frontend assets from node-builder stage
+COPY --from=node-builder --chown=www-data:www-data /app/public/build ./public/build

 # Use docker env to output logs to stdout
 ENV APP_ENV=docker
@@ -119,15 +211,19 @@ ENV DATABASE_URL="sqlite:///%kernel.project_dir%/uploads/app.db"

 USER root

-# Copy entrypoint to /usr/local/bin and make it executable
-RUN cp ./.docker/partdb-entrypoint.sh /usr/local/bin/partdb-entrypoint.sh && chmod +x /usr/local/bin/partdb-entrypoint.sh
-# Copy apache2-foreground to /usr/local/bin and make it executable
-RUN cp ./.docker/apache2-foreground /usr/local/bin/apache2-foreground && chmod +x /usr/local/bin/apache2-foreground
+# Replace the php version placeholder in the entry point, with our php version
+RUN sed -i "s/PHP_VERSION/${PHP_VERSION}/g" ./.docker/partdb-entrypoint.sh
+
+# Copy entrypoint and apache2-foreground to /usr/local/bin and make it executable
+# Convert CRLF -> LF and install entrypoint scripts with executable mode
+RUN sed -i 's/\r$//' ./.docker/partdb-entrypoint.sh ./.docker/apache2-foreground && \
+    install -m 0755 ./.docker/partdb-entrypoint.sh /usr/local/bin/ && \
+    install -m 0755 ./.docker/apache2-foreground /usr/local/bin/
 ENTRYPOINT ["partdb-entrypoint.sh"]
-CMD ["apache2-foreground"]
+CMD ["/usr/local/bin/apache2-foreground"]

 # https://httpd.apache.org/docs/2.4/stopping.html#gracefulstop
 STOPSIGNAL SIGWINCH

 EXPOSE 80
-VOLUME ["/var/www/html/uploads", "/var/www/html/public/media"]
+VOLUME ["/var/www/html/uploads", "/var/www/html/public/media"]
--- a/103
+++ b/103
@@ -1,12 +1,84 @@
-FROM dunglas/frankenphp:1-php8.3 AS frankenphp_upstream
+ARG NODE_VERSION=22

-RUN apt-get update && apt-get -y install curl zip mariadb-client file acl git gettext ca-certificates gnupg \
-    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*;
-
-# Create workdir and set permissions if directory does not exists
-RUN mkdir -p /app
+# Node.js build stage for building frontend assets
+# Use native platform for build stage as it's platform-independent
+FROM --platform=$BUILDPLATFORM node:${NODE_VERSION}-bookworm-slim AS node-builder
+ARG TARGETARCH
 WORKDIR /app

+# Install composer and minimal PHP for running Symfony commands
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+
+# Use BuildKit cache mounts for apt in builder stage
+RUN --mount=type=cache,id=apt-cache-node-$TARGETARCH,target=/var/cache/apt \
+    --mount=type=cache,id=apt-lists-node-$TARGETARCH,target=/var/lib/apt/lists \
+    apt-get update && apt-get install -y --no-install-recommends \
+        php-cli \
+        php-xml \
+        php-mbstring \
+        unzip \
+        git \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Copy composer files and install dependencies (needed for Symfony UX assets)
+COPY composer.json composer.lock symfony.lock ./
+
+# Use BuildKit cache for Composer downloads
+RUN --mount=type=cache,id=composer-cache,target=/root/.cache/composer \
+    composer install --no-scripts --no-autoloader --no-dev --prefer-dist --ignore-platform-reqs
+
+# Copy all application files needed for cache warmup and webpack build
+COPY .env* ./
+COPY bin ./bin
+COPY config ./config
+COPY src ./src
+COPY translations ./translations
+COPY public ./public
+COPY assets ./assets
+COPY webpack.config.js ./
+
+# Generate autoloader
+RUN composer dump-autoload
+
+# Create required directories for cache warmup
+RUN mkdir -p var/cache var/log uploads public/media
+
+# Dump translations, which we need for cache warmup
+RUN php bin/console cache:warmup -n --env=prod 2>&1
+
+# Copy package files and install node dependencies
+COPY package.json yarn.lock ./
+
+# Use BuildKit cache for yarn/npm
+RUN --mount=type=cache,id=yarn-cache,target=/root/.cache/yarn \
+    --mount=type=cache,id=npm-cache,target=/root/.npm \
+    yarn install --network-timeout 600000
+
+
+# Build the assets
+RUN yarn build
+
+# Clean up
+RUN yarn cache clean && rm -rf node_modules/
+
+# FrankenPHP base stage
+FROM dunglas/frankenphp:1-php8.4 AS frankenphp_upstream
+ARG TARGETARCH
+RUN --mount=type=cache,id=apt-cache-$TARGETARCH,target=/var/cache/apt \
+    --mount=type=cache,id=apt-lists-$TARGETARCH,target=/var/lib/apt/lists \
+    apt-get update && apt-get -y install \
+      curl \
+      ca-certificates \
+      mariadb-client \
+      postgresql-client \
+      file \
+      acl \
+      git \
+      gettext \
+      gnupg \
+      zip \
+    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*;
+
 # Install PHP
 RUN set -eux; \
 	install-php-extensions \
@@ -17,6 +89,7 @@ RUN set -eux; \
 		zip \
        pdo_mysql \
        pdo_sqlite \
+        pdo_pgsql \
        gd \
        bcmath \
        xsl \
@@ -32,15 +105,13 @@ ENV FRANKENPHP_CONFIG="import worker.Caddyfile"

 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"

-# Install node and yarn
-RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
-RUN curl -sL https://deb.nodesource.com/setup_20.x | bash - && apt-get update && apt-get install -y nodejs yarn && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
-
 # Install composer
 ENV COMPOSER_ALLOW_SUPERUSER=1
 #COPY --from=composer:latest /usr/bin/composer /usr/bin/composer

+# Create workdir and set permissions if directory does not exists
+WORKDIR /app
+
 # prevent the reinstallation of vendors at every changes in the source code
 COPY --link composer.* symfony.* ./
 RUN set -eux; \
@@ -53,11 +124,11 @@ COPY --link . ./
 RUN set -eux; \
 	mkdir -p var/cache var/log; \
 	composer dump-autoload --classmap-authoritative --no-dev; \
-	composer dump-env prod; \
 	composer run-script --no-dev post-install-cmd; \
 	chmod +x bin/console; sync;

-RUN yarn install --network-timeout 600000 && yarn build && yarn cache clean && rm -rf node_modules/
+# Copy built frontend assets from node-builder stage
+COPY --from=node-builder /app/public/build ./public/build

 # Use docker env to output logs to stdout
 ENV APP_ENV=docker
@@ -76,10 +147,10 @@ VOLUME ["/var/www/html/uploads", "/var/www/html/public/media"]
 HEALTHCHECK --start-period=60s CMD curl -f http://localhost:2019/metrics || exit 1

 # See https://caddyserver.com/docs/conventions#file-locations for details
-ENV XDG_CONFIG_HOME /config
-ENV XDG_DATA_HOME /data
+ENV XDG_CONFIG_HOME=/config
+ENV XDG_DATA_HOME=/data

 EXPOSE 80
 EXPOSE 443
 EXPOSE 443/udp
-EXPOSE 2019
+EXPOSE 2019
--- a/91
+++ b/91
@@ -0,0 +1,91 @@
+# PartDB Makefile for Test Environment Management
+
+.PHONY: help deps-install lint format format-check test coverage pre-commit all test-typecheck \
+test-setup test-clean test-db-create test-db-migrate test-cache-clear test-fixtures test-run test-reset \
+section-dev dev-setup dev-clean dev-db-create dev-db-migrate dev-cache-clear dev-warmup dev-reset
+
+# Default target
+help: ## Show this help
+	@awk 'BEGIN {FS = ":.*##"}; /^[a-zA-Z0-9][a-zA-Z0-9_-]+:.*##/ {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
+
+# Dependencies
+deps-install: ## Install PHP dependencies with unlimited memory
+	@echo "📦 Installing PHP dependencies..."
+	COMPOSER_MEMORY_LIMIT=-1 composer install
+	yarn install
+	@echo "✅ Dependencies installed"
+
+# Complete test environment setup
+test-setup: test-clean test-db-create test-db-migrate test-fixtures ## Complete test setup (clean, create DB, migrate, fixtures)
+	@echo "✅ Test environment setup complete!"
+
+# Clean test environment
+test-clean: ## Clean test cache and database files
+	@echo "🧹 Cleaning test environment..."
+	rm -rf var/cache/test
+	rm -f var/app_test.db
+	@echo "✅ Test environment cleaned"
+
+# Create test database
+test-db-create: ## Create test database (if not exists)
+	@echo "🗄️  Creating test database..."
+	-php bin/console doctrine:database:create --if-not-exists --env test || echo "⚠️  Database creation failed (expected for SQLite) - continuing..."
+
+# Run database migrations for test environment
+test-db-migrate: ## Run database migrations for test environment
+	@echo "🔄 Running database migrations..."
+	COMPOSER_MEMORY_LIMIT=-1 php bin/console doctrine:migrations:migrate -n --env test
+
+# Clear test cache
+test-cache-clear: ## Clear test cache
+	@echo "🗑️  Clearing test cache..."
+	rm -rf var/cache/test
+	@echo "✅ Test cache cleared"
+
+# Load test fixtures
+test-fixtures: ## Load test fixtures
+	@echo "📦 Loading test fixtures..."
+	php bin/console partdb:fixtures:load -n --env test
+
+# Run PHPUnit tests
+test-run: ## Run PHPUnit tests
+	@echo "🧪 Running tests..."
+	php bin/phpunit
+
+# Quick test reset (clean + migrate + fixtures, skip DB creation)
+test-reset: test-cache-clear test-db-migrate test-fixtures
+	@echo "✅ Test environment reset complete!"
+
+test-typecheck: ## Run static analysis (PHPStan)
+	@echo "🧪 Running type checks..."
+	COMPOSER_MEMORY_LIMIT=-1 composer phpstan
+
+# Development helpers
+dev-setup: dev-clean dev-db-create dev-db-migrate dev-warmup ## Complete development setup (clean, create DB, migrate, warmup)
+	@echo "✅ Development environment setup complete!"
+
+dev-clean: ## Clean development cache and database files
+	@echo "🧹 Cleaning development environment..."
+	rm -rf var/cache/dev
+	rm -f var/app_dev.db
+	@echo "✅ Development environment cleaned"
+
+dev-db-create: ## Create development database (if not exists)
+	@echo "🗄️  Creating development database..."
+	-php bin/console doctrine:database:create --if-not-exists --env dev || echo "⚠️  Database creation failed (expected for SQLite) - continuing..."
+
+dev-db-migrate: ## Run database migrations for development environment
+	@echo "🔄 Running database migrations..."
+	COMPOSER_MEMORY_LIMIT=-1 php bin/console doctrine:migrations:migrate -n --env dev
+
+dev-cache-clear: ## Clear development cache
+	@echo "🗑️  Clearing development cache..."
+	rm -rf var/cache/dev
+	@echo "✅ Development cache cleared"
+
+dev-warmup: ## Warm up development cache
+	@echo "🔥 Warming up development cache..."
+	COMPOSER_MEMORY_LIMIT=-1 php -d memory_limit=1G bin/console cache:warmup --env dev -n
+
+dev-reset: dev-cache-clear dev-db-migrate ## Quick development reset (cache clear + migrate)
+	@echo "✅ Development environment reset complete!" 
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 ![Static analysis](https://github.com/Part-DB/Part-DB-symfony/workflows/Static%20analysis/badge.svg)
 [![codecov](https://codecov.io/gh/Part-DB/Part-DB-server/branch/master/graph/badge.svg)](https://codecov.io/gh/Part-DB/Part-DB-server)
 ![GitHub License](https://img.shields.io/github/license/Part-DB/Part-DB-symfony)
-![PHP Version](https://img.shields.io/badge/PHP-%3E%3D%208.1-green)
+![PHP Version](https://img.shields.io/badge/PHP-%3E%3D%208.2-green)

 ![Docker Pulls](https://img.shields.io/docker/pulls/jbtronics/part-db1)
 ![Docker Build Status](https://github.com/Part-DB/Part-DB-symfony/workflows/Docker%20Image%20Build/badge.svg)
@@ -29,8 +29,8 @@ If you want to test Part-DB without installing it, you can use [this](https://de

 You can log in with username: *user* and password: *user*.

-Every change to the master branch gets automatically deployed, so it represents the current development progress and is
-may not completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading
+Every change to the master branch gets automatically deployed, so it represents the current development progress and
+may not be completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading
 the page
 for the first time.

@@ -55,7 +55,7 @@ for the first time.
 * Event log: Track what changes happen to your inventory, track which user does what. Revert your parts to older
  versions.
 * Responsive design: You can use Part-DB on your PC, your tablet, and your smartphone using the same interface.
-* MySQL and SQLite are supported as database backends
+* MySQL, SQLite and PostgreSQL are supported as database backends
 * Support for rich text descriptions and comments in parts
 * Support for multiple currencies and automatic update of exchange rates supported
 * Powerful search and filter function, including parametric search (search for parts according to some specifications)
@@ -74,11 +74,11 @@ Part-DB is also used by small companies and universities for managing their inve
 ## Requirements

 * A **web server** (like Apache2 or nginx) that is capable of
-  running [Symfony 5](https://symfony.com/doc/current/reference/requirements.html),
-  this includes a minimum PHP version of **PHP 8.1**
-* A **MySQL** (at least 5.7) /**MariaDB** (at least 10.2.2) database server if you do not want to use SQLite.
-* Shell access to your server is highly suggested!
-* For building the client-side assets **yarn** and **nodejs** (>= 18.0) is needed.
+  running [Symfony 6](https://symfony.com/doc/current/reference/requirements.html),
+  this includes a minimum PHP version of **PHP 8.2**
+* A **MySQL** (at least 5.7) /**MariaDB** (at least 10.4) database server, or **PostgreSQL** 10+ if you do not want to use SQLite.
+* Shell access to your server is highly recommended!
+* For building the client-side assets **yarn** and **nodejs** (>= 20.0) is needed.

 ## Installation

@@ -142,7 +142,7 @@ There you will find various methods to support development on a monthly or a one

 ## Built with

-* [Symfony 5](https://symfony.com/): The main framework used for the serverside PHP
+* [Symfony 6](https://symfony.com/): The main framework used for the serverside PHP
 * [Bootstrap 5](https://getbootstrap.com/) and [Bootswatch](https://bootswatch.com/): Used as website theme
 * [Fontawesome](https://fontawesome.com/): Used as icon set
 * [Hotwire Stimulus](https://stimulus.hotwired.dev/) and [Hotwire Turbo](https://turbo.hotwired.dev/): Frontend
--- a/2
+++ b/2
@@ -1 +1 @@
-1.12.1
+2.8.0
--- a/assets/ckeditor/emojis.json
+++ b/assets/ckeditor/emojis.json
--- a/assets/ckeditor/html_label.js
+++ b/assets/ckeditor/html_label.js
@@ -1,66 +1,63 @@
-/**
- * @license Copyright (c) 2014-2022, CKSource Holding sp. z o.o. All rights reserved.
- * For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license
- */
-import ClassicEditor from '@ckeditor/ckeditor5-editor-classic/src/classiceditor.js';
-import Alignment from '@ckeditor/ckeditor5-alignment/src/alignment.js';
-import Autoformat from '@ckeditor/ckeditor5-autoformat/src/autoformat.js';
-import Base64UploadAdapter from '@ckeditor/ckeditor5-upload/src/adapters/base64uploadadapter.js';
-import BlockQuote from '@ckeditor/ckeditor5-block-quote/src/blockquote.js';
-import Bold from '@ckeditor/ckeditor5-basic-styles/src/bold.js';
-import Code from '@ckeditor/ckeditor5-basic-styles/src/code.js';
-import CodeBlock from '@ckeditor/ckeditor5-code-block/src/codeblock.js';
-import Essentials from '@ckeditor/ckeditor5-essentials/src/essentials.js';
-import FindAndReplace from '@ckeditor/ckeditor5-find-and-replace/src/findandreplace.js';
-import FontBackgroundColor from '@ckeditor/ckeditor5-font/src/fontbackgroundcolor.js';
-import FontColor from '@ckeditor/ckeditor5-font/src/fontcolor.js';
-import FontFamily from '@ckeditor/ckeditor5-font/src/fontfamily.js';
-import FontSize from '@ckeditor/ckeditor5-font/src/fontsize.js';
-import GeneralHtmlSupport from '@ckeditor/ckeditor5-html-support/src/generalhtmlsupport.js';
-import Heading from '@ckeditor/ckeditor5-heading/src/heading.js';
-import Highlight from '@ckeditor/ckeditor5-highlight/src/highlight.js';
-import HorizontalLine from '@ckeditor/ckeditor5-horizontal-line/src/horizontalline.js';
-import HtmlComment from '@ckeditor/ckeditor5-html-support/src/htmlcomment.js';
-import HtmlEmbed from '@ckeditor/ckeditor5-html-embed/src/htmlembed.js';
-import Image from '@ckeditor/ckeditor5-image/src/image.js';
-import ImageResize from '@ckeditor/ckeditor5-image/src/imageresize.js';
-import ImageStyle from '@ckeditor/ckeditor5-image/src/imagestyle.js';
-import ImageToolbar from '@ckeditor/ckeditor5-image/src/imagetoolbar.js';
-import ImageUpload from '@ckeditor/ckeditor5-image/src/imageupload.js';
-import Indent from '@ckeditor/ckeditor5-indent/src/indent.js';
-import IndentBlock from '@ckeditor/ckeditor5-indent/src/indentblock.js';
-import Italic from '@ckeditor/ckeditor5-basic-styles/src/italic.js';
-import Link from '@ckeditor/ckeditor5-link/src/link.js';
-import LinkImage from '@ckeditor/ckeditor5-link/src/linkimage.js';
-import List from '@ckeditor/ckeditor5-list/src/list.js';
-import ListProperties from '@ckeditor/ckeditor5-list/src/listproperties.js';
-import Markdown from '@ckeditor/ckeditor5-markdown-gfm/src/markdown.js';
-import MediaEmbed from '@ckeditor/ckeditor5-media-embed/src/mediaembed.js';
-import MediaEmbedToolbar from '@ckeditor/ckeditor5-media-embed/src/mediaembedtoolbar.js';
-import Paragraph from '@ckeditor/ckeditor5-paragraph/src/paragraph.js';
-import PasteFromOffice from '@ckeditor/ckeditor5-paste-from-office/src/pastefromoffice.js';
-import RemoveFormat from '@ckeditor/ckeditor5-remove-format/src/removeformat.js';
-import SourceEditing from '@ckeditor/ckeditor5-source-editing/src/sourceediting.js';
-import SpecialCharacters from '@ckeditor/ckeditor5-special-characters/src/specialcharacters.js';
-import SpecialCharactersArrows from '@ckeditor/ckeditor5-special-characters/src/specialcharactersarrows.js';
-import SpecialCharactersCurrency from '@ckeditor/ckeditor5-special-characters/src/specialcharacterscurrency.js';
-import SpecialCharactersEssentials from '@ckeditor/ckeditor5-special-characters/src/specialcharactersessentials.js';
-import SpecialCharactersLatin from '@ckeditor/ckeditor5-special-characters/src/specialcharacterslatin.js';
-import SpecialCharactersMathematical from '@ckeditor/ckeditor5-special-characters/src/specialcharactersmathematical.js';
-import SpecialCharactersText from '@ckeditor/ckeditor5-special-characters/src/specialcharacterstext.js';
-import Strikethrough from '@ckeditor/ckeditor5-basic-styles/src/strikethrough.js';
-import Subscript from '@ckeditor/ckeditor5-basic-styles/src/subscript.js';
-import Superscript from '@ckeditor/ckeditor5-basic-styles/src/superscript.js';
-import Table from '@ckeditor/ckeditor5-table/src/table.js';
-import TableCaption from '@ckeditor/ckeditor5-table/src/tablecaption.js';
-import TableCellProperties from '@ckeditor/ckeditor5-table/src/tablecellproperties';
-import TableColumnResize from '@ckeditor/ckeditor5-table/src/tablecolumnresize.js';
-import TableProperties from '@ckeditor/ckeditor5-table/src/tableproperties';
-import TableToolbar from '@ckeditor/ckeditor5-table/src/tabletoolbar.js';
-import Underline from '@ckeditor/ckeditor5-basic-styles/src/underline.js';
-import WordCount from '@ckeditor/ckeditor5-word-count/src/wordcount.js';
-import EditorWatchdog from '@ckeditor/ckeditor5-watchdog/src/editorwatchdog.js';
+import {ClassicEditor} from 'ckeditor5'
+import {Alignment} from 'ckeditor5';
+import {Autoformat} from 'ckeditor5';
+import {Base64UploadAdapter} from 'ckeditor5';
+import {BlockQuote} from 'ckeditor5';
+import {Bold} from 'ckeditor5';
+import {Code} from 'ckeditor5';
+import {CodeBlock} from 'ckeditor5';
+import {Essentials} from 'ckeditor5';
+import {FindAndReplace} from 'ckeditor5';
+import {FontBackgroundColor} from 'ckeditor5';
+import {FontColor} from 'ckeditor5';
+import {FontFamily} from 'ckeditor5';
+import {FontSize} from 'ckeditor5';
+import {GeneralHtmlSupport} from 'ckeditor5';
+import {Heading} from 'ckeditor5';
+import {Highlight} from 'ckeditor5';
+import {HorizontalLine} from 'ckeditor5';
+import {HtmlComment} from 'ckeditor5';
+import {HtmlEmbed} from 'ckeditor5';
+import {Image} from 'ckeditor5';
+import {ImageResize} from 'ckeditor5';
+import {ImageStyle} from 'ckeditor5';
+import {ImageToolbar} from 'ckeditor5';
+import {ImageUpload} from 'ckeditor5';
+import {Indent} from 'ckeditor5';
+import {IndentBlock} from 'ckeditor5';
+import {Italic} from 'ckeditor5';
+import {Link} from 'ckeditor5';
+import {LinkImage} from 'ckeditor5';
+import {List} from 'ckeditor5';
+import {ListProperties} from 'ckeditor5';
+import {Markdown} from 'ckeditor5';
+import {MediaEmbed} from 'ckeditor5';
+import {MediaEmbedToolbar} from 'ckeditor5';
+import {Paragraph} from 'ckeditor5';
+import {PasteFromOffice} from 'ckeditor5';
+import {RemoveFormat} from 'ckeditor5';
+import {SourceEditing} from 'ckeditor5';
+import {SpecialCharacters} from 'ckeditor5';
+import {SpecialCharactersArrows} from 'ckeditor5';
+import {SpecialCharactersCurrency} from 'ckeditor5';
+import {SpecialCharactersEssentials} from 'ckeditor5';
+import {SpecialCharactersLatin} from 'ckeditor5';
+import {SpecialCharactersMathematical} from 'ckeditor5';
+import {SpecialCharactersText} from 'ckeditor5';
+import {Strikethrough} from 'ckeditor5';
+import {Subscript} from 'ckeditor5';
+import {Superscript} from 'ckeditor5';
+import {Table} from 'ckeditor5';
+import {TableCaption} from 'ckeditor5';
+import {TableCellProperties} from 'ckeditor5';
+import {TableColumnResize} from 'ckeditor5';
+import {TableProperties} from 'ckeditor5';
+import {TableToolbar} from 'ckeditor5';
+import {Underline} from 'ckeditor5';
+import {WordCount} from 'ckeditor5';
+import {EditorWatchdog} from 'ckeditor5';
 import PartDBLabel from "./plugins/PartDBLabel/PartDBLabel";
+import SpecialCharactersGreek from "./plugins/special_characters_emoji";

 class Editor extends ClassicEditor {}

@@ -122,7 +119,8 @@ Editor.builtinPlugins = [
    Underline,
    WordCount,

-    PartDBLabel
+    PartDBLabel,
+    SpecialCharactersGreek
 ];

 // Editor configuration.
--- a/assets/ckeditor/markdown_full.js
+++ b/assets/ckeditor/markdown_full.js
@@ -2,68 +2,69 @@
 * @license Copyright (c) 2014-2022, CKSource Holding sp. z o.o. All rights reserved.
 * For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license
 */
-import ClassicEditor from '@ckeditor/ckeditor5-editor-classic/src/classiceditor.js';
-import Alignment from '@ckeditor/ckeditor5-alignment/src/alignment.js';
-import Autoformat from '@ckeditor/ckeditor5-autoformat/src/autoformat.js';
-import Base64UploadAdapter from '@ckeditor/ckeditor5-upload/src/adapters/base64uploadadapter.js';
-import BlockQuote from '@ckeditor/ckeditor5-block-quote/src/blockquote.js';
-import Bold from '@ckeditor/ckeditor5-basic-styles/src/bold.js';
-import Code from '@ckeditor/ckeditor5-basic-styles/src/code.js';
-import CodeBlock from '@ckeditor/ckeditor5-code-block/src/codeblock.js';
-import Essentials from '@ckeditor/ckeditor5-essentials/src/essentials.js';
-import FindAndReplace from '@ckeditor/ckeditor5-find-and-replace/src/findandreplace.js';
-import FontBackgroundColor from '@ckeditor/ckeditor5-font/src/fontbackgroundcolor.js';
-import FontColor from '@ckeditor/ckeditor5-font/src/fontcolor.js';
-import FontFamily from '@ckeditor/ckeditor5-font/src/fontfamily.js';
-import FontSize from '@ckeditor/ckeditor5-font/src/fontsize.js';
-import GeneralHtmlSupport from '@ckeditor/ckeditor5-html-support/src/generalhtmlsupport.js';
-import Heading from '@ckeditor/ckeditor5-heading/src/heading.js';
-import Highlight from '@ckeditor/ckeditor5-highlight/src/highlight.js';
-import HorizontalLine from '@ckeditor/ckeditor5-horizontal-line/src/horizontalline.js';
-import HtmlComment from '@ckeditor/ckeditor5-html-support/src/htmlcomment.js';
-import HtmlEmbed from '@ckeditor/ckeditor5-html-embed/src/htmlembed.js';
-import Image from '@ckeditor/ckeditor5-image/src/image.js';
-import ImageResize from '@ckeditor/ckeditor5-image/src/imageresize.js';
-import ImageStyle from '@ckeditor/ckeditor5-image/src/imagestyle.js';
-import ImageToolbar from '@ckeditor/ckeditor5-image/src/imagetoolbar.js';
-import ImageUpload from '@ckeditor/ckeditor5-image/src/imageupload.js';
-import Indent from '@ckeditor/ckeditor5-indent/src/indent.js';
-import IndentBlock from '@ckeditor/ckeditor5-indent/src/indentblock.js';
-import Italic from '@ckeditor/ckeditor5-basic-styles/src/italic.js';
-import Link from '@ckeditor/ckeditor5-link/src/link.js';
-import LinkImage from '@ckeditor/ckeditor5-link/src/linkimage.js';
-import List from '@ckeditor/ckeditor5-list/src/list.js';
-import ListProperties from '@ckeditor/ckeditor5-list/src/listproperties.js';
-import Markdown from '@ckeditor/ckeditor5-markdown-gfm/src/markdown.js';
-import MediaEmbed from '@ckeditor/ckeditor5-media-embed/src/mediaembed.js';
-import MediaEmbedToolbar from '@ckeditor/ckeditor5-media-embed/src/mediaembedtoolbar.js';
-import Paragraph from '@ckeditor/ckeditor5-paragraph/src/paragraph.js';
-import PasteFromOffice from '@ckeditor/ckeditor5-paste-from-office/src/pastefromoffice.js';
-import RemoveFormat from '@ckeditor/ckeditor5-remove-format/src/removeformat.js';
-import SourceEditing from '@ckeditor/ckeditor5-source-editing/src/sourceediting.js';
-import SpecialCharacters from '@ckeditor/ckeditor5-special-characters/src/specialcharacters.js';
-import SpecialCharactersArrows from '@ckeditor/ckeditor5-special-characters/src/specialcharactersarrows.js';
-import SpecialCharactersCurrency from '@ckeditor/ckeditor5-special-characters/src/specialcharacterscurrency.js';
-import SpecialCharactersEssentials from '@ckeditor/ckeditor5-special-characters/src/specialcharactersessentials.js';
-import SpecialCharactersLatin from '@ckeditor/ckeditor5-special-characters/src/specialcharacterslatin.js';
-import SpecialCharactersMathematical from '@ckeditor/ckeditor5-special-characters/src/specialcharactersmathematical.js';
-import SpecialCharactersText from '@ckeditor/ckeditor5-special-characters/src/specialcharacterstext.js';
-import Strikethrough from '@ckeditor/ckeditor5-basic-styles/src/strikethrough.js';
-import Subscript from '@ckeditor/ckeditor5-basic-styles/src/subscript.js';
-import Superscript from '@ckeditor/ckeditor5-basic-styles/src/superscript.js';
-import Table from '@ckeditor/ckeditor5-table/src/table.js';
-import TableCaption from '@ckeditor/ckeditor5-table/src/tablecaption.js';
-import TableCellProperties from '@ckeditor/ckeditor5-table/src/tablecellproperties';
-import TableColumnResize from '@ckeditor/ckeditor5-table/src/tablecolumnresize.js';
-import TableProperties from '@ckeditor/ckeditor5-table/src/tableproperties';
-import TableToolbar from '@ckeditor/ckeditor5-table/src/tabletoolbar.js';
-import Underline from '@ckeditor/ckeditor5-basic-styles/src/underline.js';
-import WordCount from '@ckeditor/ckeditor5-word-count/src/wordcount.js';
-import EditorWatchdog from '@ckeditor/ckeditor5-watchdog/src/editorwatchdog.js';
-import TodoList from '@ckeditor/ckeditor5-list/src/todolist';
+import {ClassicEditor} from 'ckeditor5';
+import {Alignment} from 'ckeditor5';
+import {Autoformat} from 'ckeditor5';
+import {Base64UploadAdapter} from 'ckeditor5';
+import {BlockQuote} from 'ckeditor5';
+import {Bold} from 'ckeditor5';
+import {Code} from 'ckeditor5';
+import {CodeBlock} from 'ckeditor5';
+import {Essentials} from 'ckeditor5';
+import {FindAndReplace} from 'ckeditor5';
+import {FontBackgroundColor} from 'ckeditor5';
+import {FontColor} from 'ckeditor5';
+import {FontFamily} from 'ckeditor5';
+import {FontSize} from 'ckeditor5';
+import {GeneralHtmlSupport} from 'ckeditor5';
+import {Heading} from 'ckeditor5';
+import {Highlight} from 'ckeditor5';
+import {HorizontalLine} from 'ckeditor5';
+import {HtmlComment} from 'ckeditor5';
+import {HtmlEmbed} from 'ckeditor5';
+import {Image} from 'ckeditor5';
+import {ImageResize} from 'ckeditor5';
+import {ImageStyle} from 'ckeditor5';
+import {ImageToolbar} from 'ckeditor5';
+import {ImageUpload} from 'ckeditor5';
+import {Indent} from 'ckeditor5';
+import {IndentBlock} from 'ckeditor5';
+import {Italic} from 'ckeditor5';
+import {Link} from 'ckeditor5';
+import {LinkImage} from 'ckeditor5';
+import {List} from 'ckeditor5';
+import {ListProperties} from 'ckeditor5';
+import {Markdown} from 'ckeditor5';
+import {MediaEmbed} from 'ckeditor5';
+import {MediaEmbedToolbar} from 'ckeditor5';
+import {Paragraph} from 'ckeditor5';
+import {PasteFromOffice} from 'ckeditor5';
+import {RemoveFormat} from 'ckeditor5';
+import {SourceEditing} from 'ckeditor5';
+import {SpecialCharacters} from 'ckeditor5';
+import {SpecialCharactersArrows} from 'ckeditor5';
+import {SpecialCharactersCurrency} from 'ckeditor5';
+import {SpecialCharactersEssentials} from 'ckeditor5';
+import {SpecialCharactersLatin} from 'ckeditor5';
+import {SpecialCharactersMathematical} from 'ckeditor5';
+import {SpecialCharactersText} from 'ckeditor5';
+import {Strikethrough} from 'ckeditor5';
+import {Subscript} from 'ckeditor5';
+import {Superscript} from 'ckeditor5';
+import {Table} from 'ckeditor5';
+import {TableCaption} from 'ckeditor5';
+import {TableCellProperties} from 'ckeditor5';
+import {TableColumnResize} from 'ckeditor5';
+import {TableProperties} from 'ckeditor5';
+import {TableToolbar} from 'ckeditor5';
+import {Underline} from 'ckeditor5';
+import {WordCount} from 'ckeditor5';
+import {EditorWatchdog} from 'ckeditor5';
+import {TodoList} from 'ckeditor5';

 import ExtendedMarkdown from "./plugins/extendedMarkdown.js";
-import SpecialCharactersEmoji from "./plugins/special_characters_emoji";
+import SpecialCharactersGreek from "./plugins/special_characters_emoji";
+import {Mention, Emoji} from "ckeditor5";

 class Editor extends ClassicEditor {}

@@ -117,9 +118,11 @@ Editor.builtinPlugins = [
    Underline,
    TodoList,

+    Mention, Emoji,
+
    //Our own extensions
    ExtendedMarkdown,
-    SpecialCharactersEmoji
+    SpecialCharactersGreek
 ];

 // Editor configuration.
@@ -148,6 +151,7 @@ Editor.defaultConfig = {
            'indent',
            '|',
            'specialCharacters',
+            "emoji",
            'horizontalLine',
            '|',
            'imageUpload',
--- a/assets/ckeditor/markdown_single_line.js
+++ b/assets/ckeditor/markdown_single_line.js
@@ -2,35 +2,36 @@
 * @license Copyright (c) 2014-2022, CKSource Holding sp. z o.o. All rights reserved.
 * For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license
 */
-import ClassicEditor from '@ckeditor/ckeditor5-editor-classic/src/classiceditor.js';
-import Autoformat from '@ckeditor/ckeditor5-autoformat/src/autoformat.js';
-import AutoLink from '@ckeditor/ckeditor5-link/src/autolink.js';
-import Bold from '@ckeditor/ckeditor5-basic-styles/src/bold.js';
-import Code from '@ckeditor/ckeditor5-basic-styles/src/code.js';
-import Essentials from '@ckeditor/ckeditor5-essentials/src/essentials.js';
-import FindAndReplace from '@ckeditor/ckeditor5-find-and-replace/src/findandreplace.js';
-import Highlight from '@ckeditor/ckeditor5-highlight/src/highlight.js';
-import Italic from '@ckeditor/ckeditor5-basic-styles/src/italic.js';
-import Link from '@ckeditor/ckeditor5-link/src/link.js';
-import Paragraph from '@ckeditor/ckeditor5-paragraph/src/paragraph.js';
-import RemoveFormat from '@ckeditor/ckeditor5-remove-format/src/removeformat.js';
-import SourceEditing from '@ckeditor/ckeditor5-source-editing/src/sourceediting.js';
-import SpecialCharacters from '@ckeditor/ckeditor5-special-characters/src/specialcharacters.js';
-import SpecialCharactersArrows from '@ckeditor/ckeditor5-special-characters/src/specialcharactersarrows.js';
-import SpecialCharactersCurrency from '@ckeditor/ckeditor5-special-characters/src/specialcharacterscurrency.js';
-import SpecialCharactersEssentials from '@ckeditor/ckeditor5-special-characters/src/specialcharactersessentials.js';
-import SpecialCharactersLatin from '@ckeditor/ckeditor5-special-characters/src/specialcharacterslatin.js';
-import SpecialCharactersMathematical from '@ckeditor/ckeditor5-special-characters/src/specialcharactersmathematical.js';
-import SpecialCharactersText from '@ckeditor/ckeditor5-special-characters/src/specialcharacterstext.js';
-import Strikethrough from '@ckeditor/ckeditor5-basic-styles/src/strikethrough.js';
-import Subscript from '@ckeditor/ckeditor5-basic-styles/src/subscript.js';
-import Superscript from '@ckeditor/ckeditor5-basic-styles/src/superscript.js';
-import Underline from '@ckeditor/ckeditor5-basic-styles/src/underline.js';
-import EditorWatchdog from '@ckeditor/ckeditor5-watchdog/src/editorwatchdog.js';
+import {ClassicEditor} from 'ckeditor5';
+import {Autoformat} from 'ckeditor5';
+import {AutoLink} from 'ckeditor5';
+import {Bold} from 'ckeditor5';
+import {Code} from 'ckeditor5';
+import {Essentials} from 'ckeditor5';
+import {FindAndReplace} from 'ckeditor5';
+import {Highlight} from 'ckeditor5';
+import {Italic} from 'ckeditor5';
+import {Link} from 'ckeditor5';
+import {Paragraph} from 'ckeditor5';
+import {RemoveFormat} from 'ckeditor5';
+import {SourceEditing} from 'ckeditor5';
+import {SpecialCharacters} from 'ckeditor5';
+import {SpecialCharactersArrows} from 'ckeditor5';
+import {SpecialCharactersCurrency} from 'ckeditor5';
+import {SpecialCharactersEssentials} from 'ckeditor5';
+import {SpecialCharactersLatin} from 'ckeditor5';
+import {SpecialCharactersMathematical} from 'ckeditor5';
+import {SpecialCharactersText} from 'ckeditor5';
+import {Strikethrough} from 'ckeditor5';
+import {Subscript} from 'ckeditor5';
+import {Superscript} from 'ckeditor5';
+import {Underline} from 'ckeditor5';
+import {EditorWatchdog} from 'ckeditor5';
+import {Mention, Emoji} from "ckeditor5";

 import ExtendedMarkdownInline from "./plugins/extendedMarkdownInline";
 import SingleLinePlugin from "./plugins/singleLine";
-import SpecialCharactersEmoji from "./plugins/special_characters_emoji";
+import SpecialCharactersGreek from "./plugins/special_characters_emoji";

 class Editor extends ClassicEditor {}

@@ -62,7 +63,8 @@ Editor.builtinPlugins = [

    ExtendedMarkdownInline,
    SingleLinePlugin,
-    SpecialCharactersEmoji
+    SpecialCharactersGreek,
+    Mention, Emoji
 ];

 // Editor configuration.
@@ -81,6 +83,7 @@ Editor.defaultConfig = {
            'link',
            'code',
            'specialCharacters',
+            'emoji',
            '|',
            'undo',
            'redo',
--- a/assets/ckeditor/plugins/PartDBLabel/PartDBLabel.js
+++ b/assets/ckeditor/plugins/PartDBLabel/PartDBLabel.js
@@ -22,7 +22,7 @@ import PartDBLabelEditing from "./PartDBLabelEditing";

 import "./PartDBLabel.css";

-import Plugin from "@ckeditor/ckeditor5-core/src/plugin";
+import {Plugin} from "ckeditor5";

 export default class PartDBLabel extends Plugin {
    static get requires() {
@@ -32,4 +32,4 @@ export default class PartDBLabel extends Plugin {
    static get pluginName() {
        return 'PartDBLabel';
    }
-}
+}
--- a/assets/ckeditor/plugins/PartDBLabel/PartDBLabelCommand.js
+++ b/assets/ckeditor/plugins/PartDBLabel/PartDBLabelCommand.js
@@ -17,7 +17,7 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import Command from '@ckeditor/ckeditor5-core/src/command';
+import {Command} from 'ckeditor5';

 export default class PartDBLabelCommand extends Command {
    execute( { value } ) {
@@ -47,4 +47,4 @@ export default class PartDBLabelCommand extends Command {

        this.isEnabled = isAllowed;
    }
-}
+}
--- a/assets/ckeditor/plugins/PartDBLabel/PartDBLabelEditing.js
+++ b/assets/ckeditor/plugins/PartDBLabel/PartDBLabelEditing.js
@@ -17,11 +17,11 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import Plugin from '@ckeditor/ckeditor5-core/src/plugin';
+import {Plugin} from 'ckeditor5';
 import PartDBLabelCommand from "./PartDBLabelCommand";

-import { toWidget } from '@ckeditor/ckeditor5-widget/src/utils';
-import Widget from '@ckeditor/ckeditor5-widget/src/widget';
+import { toWidget } from 'ckeditor5';
+import {Widget} from 'ckeditor5';

 export default class PartDBLabelEditing extends Plugin {
    static get requires() {                                                    // ADDED
@@ -102,4 +102,4 @@ export default class PartDBLabelEditing extends Plugin {
        }
    }

-}
+}
--- a/assets/ckeditor/plugins/PartDBLabel/PartDBLabelUI.js
+++ b/assets/ckeditor/plugins/PartDBLabel/PartDBLabelUI.js
@@ -17,14 +17,15 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import Plugin from '@ckeditor/ckeditor5-core/src/plugin';
+import {Plugin} from 'ckeditor5';

 require('./lang/de.js');
+require('./lang/en.js');

-import { addListToDropdown, createDropdown } from '@ckeditor/ckeditor5-ui/src/dropdown/utils';
+import { addListToDropdown, createDropdown } from 'ckeditor5';

-import Collection from '@ckeditor/ckeditor5-utils/src/collection';
-import Model from '@ckeditor/ckeditor5-ui/src/model';
+import {Collection} from 'ckeditor5';
+import {UIModel} from 'ckeditor5';

 export default class PartDBLabelUI extends Plugin {
    init() {
@@ -128,6 +129,8 @@ const PLACEHOLDERS = [
            ['[[BARCODE_QR]]', 'QR code linking to this element'],
            ['[[BARCODE_C128]]', 'Code 128 barcode linking to this element'],
            ['[[BARCODE_C39]]', 'Code 39 barcode linking to this element'],
+            ['[[BARCODE_C93]]', 'Code 93 barcode linking to this element'],
+            ['[[BARCODE_DATAMATRIX]]', 'Datamatrix code linking to this element'],
        ]
    },
    {
@@ -149,18 +152,28 @@ const PLACEHOLDERS = [
 function getDropdownItemsDefinitions(t) {
    const itemDefinitions = new Collection();

+    let first = true;
+
    for ( const group of PLACEHOLDERS) {
+
        //Add group header
-        itemDefinitions.add({
-            'type': 'separator',
-            model: new Model( {
-                withText: true,
-            })
-        });
+
+        //Skip separator for first group
+        if (!first) {
+
+            itemDefinitions.add({
+                'type': 'separator',
+                model: new UIModel( {
+                    withText: true,
+                })
+            });
+        } else {
+            first = false;
+        }

        itemDefinitions.add({
            type: 'button',
-            model: new Model( {
+            model: new UIModel( {
                label: t(group.label),
                withText: true,
                isEnabled: false,
@@ -171,7 +184,7 @@ function getDropdownItemsDefinitions(t) {
        for ( const entry of group.entries) {
            const definition = {
                type: 'button',
-                model: new Model( {
+                model: new UIModel( {
                    commandParam: entry[0],
                    label: t(entry[1]),
                    tooltip: entry[0],
@@ -185,4 +198,4 @@ function getDropdownItemsDefinitions(t) {
    }

    return itemDefinitions;
-}
+}
--- a/assets/ckeditor/plugins/PartDBLabel/lang/de.js
+++ b/assets/ckeditor/plugins/PartDBLabel/lang/de.js
@@ -17,15 +17,9 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-// Make sure that the global object is defined. If not, define it.
-window.CKEDITOR_TRANSLATIONS = window.CKEDITOR_TRANSLATIONS || {};
+import {add} from "ckeditor5";

-// Make sure that the dictionary for Polish translations exist.
-window.CKEDITOR_TRANSLATIONS[ 'de' ] = window.CKEDITOR_TRANSLATIONS[ 'de' ] || {};
-window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary =  window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary || {};
-
-// Extend the dictionary for Polish translations with your translations:
-Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
+add( "de", {
    'Label Placeholder': 'Label Platzhalter',
    'Part': 'Bauteil',

@@ -69,6 +63,8 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
    'QR code linking to this element': 'QR Code verknüpft mit diesem Element',
    'Code 128 barcode linking to this element': 'Code 128 Barcode verknüpft mit diesem Element',
    'Code 39 barcode linking to this element': 'Code 39 Barcode verknüpft mit diesem Element',
+    'Code 93 barcode linking to this element': 'Code 93 Barcode verknüpft mit diesem Element',
+    'Datamatrix code linking to this element': 'Datamatrix Code verknüpft mit diesem Element',

    'Location ID': 'Lagerort ID',
    'Name': 'Name',
@@ -86,5 +82,4 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
    'Instance name': 'Instanzname',
    'Target type': 'Zieltyp',
    'URL of this Part-DB instance': 'URL dieser Part-DB Instanz',
-
-} );
+});
--- a/assets/ckeditor/plugins/PartDBLabel/lang/en.js
+++ b/assets/ckeditor/plugins/PartDBLabel/lang/en.js
@@ -0,0 +1,84 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {add} from "ckeditor5";
+
+add( "en", {
+    'Label Placeholder': 'Label placeholder',
+    'Part': 'Part',
+
+    'Database ID': 'Database ID',
+    'Part name': 'Part name',
+    'Category': 'Category',
+    'Category (Full path)': 'Category (full path)',
+    'Manufacturer': 'Manufacturer',
+    'Manufacturer (Full path)': 'Manufacturer (full path)',
+    'Footprint': 'Footprint',
+    'Footprint (Full path)': 'Footprint (full path)',
+    'Mass': 'Mass',
+    'Manufacturer Product Number (MPN)': 'Manufacturer Product Number (MPN)',
+    'Internal Part Number (IPN)': 'Internal Part Number (IPN)',
+    'Tags': 'Tags',
+    'Manufacturing status': 'Manufacturing status',
+    'Description': 'Description',
+    'Description (plain text)': 'Description (plain text)',
+    'Comment': 'Comment',
+    'Comment (plain text)': 'Comment (plain text)',
+    'Last modified datetime': 'Last modified datetime',
+    'Creation datetime': 'Creation datetime',
+    'IPN as QR code': 'IPN as QR code',
+    'IPN as Code 128 barcode': 'IPN as Code 128 barcode',
+    'IPN as Code 39 barcode': 'IPN as Code 39 barcode',
+
+    'Lot ID': 'Lot ID',
+    'Lot name': 'Lot name',
+    'Lot comment': 'Lot comment',
+    'Lot expiration date': 'Lot expiration date',
+    'Lot amount': 'Lot amount',
+    'Storage location': 'Storage location',
+    'Storage location (Full path)': 'Storage location (full path)',
+    'Full name of the lot owner': 'Full name of the lot owner',
+    'Username of the lot owner': 'Username of the lot owner',
+
+    'Barcodes': 'Barcodes',
+    'Content of the 1D barcodes (like Code 39)': 'Content of the 1D barcodes (like Code 39)',
+    'Content of the 2D barcodes (QR codes)': 'Content of the 2D barcodes (QR codes)',
+    'QR code linking to this element': 'QR code linking to this element',
+    'Code 128 barcode linking to this element': 'Code 128 barcode linking to this element',
+    'Code 39 barcode linking to this element': 'Code 39 barcode linking to this element',
+    'Code 93 barcode linking to this element': 'Code 93 barcode linking to this element',
+    'Datamatrix code linking to this element': 'Datamatrix code linking to this element',
+
+    'Location ID': 'Location ID',
+    'Name': 'Name',
+    'Full path': 'Full path',
+    'Parent name': 'Parent name',
+    'Parent full path': 'Parent full path',
+    'Full name of the location owner': 'Full name of the location owner',
+    'Username of the location owner': 'Username of the location owner',
+
+    'Username': 'Username',
+    'Username (including name)': 'Username (including name)',
+    'Current datetime': 'Current datetime',
+    'Current date': 'Current date',
+    'Current time': 'Current time',
+    'Instance name': 'Instance name',
+    'Target type': 'Target type',
+    'URL of this Part-DB instance': 'URL of this Part-DB instance',
+} );
--- a/assets/ckeditor/plugins/extendedMarkdown.js
+++ b/assets/ckeditor/plugins/extendedMarkdown.js
@@ -17,8 +17,7 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import { Plugin } from 'ckeditor5/src/core';
-import GFMDataProcessor from '@ckeditor/ckeditor5-markdown-gfm/src/gfmdataprocessor';
+import { Plugin, MarkdownGfmDataProcessor } from 'ckeditor5';

 const ALLOWED_TAGS = [
 	//Common elements
@@ -34,7 +33,6 @@ const ALLOWED_TAGS = [

 	//Block elements
 	'span',
-	'p',
 	'img',


@@ -57,7 +55,7 @@ export default class ExtendedMarkdown extends Plugin {
 	constructor( editor ) {
 		super( editor );

-		editor.data.processor = new GFMDataProcessor( editor.data.viewDocument );
+		editor.data.processor = new MarkdownGfmDataProcessor( editor.data.viewDocument );
 		for (const tag of ALLOWED_TAGS) {
 			editor.data.processor.keepHtml(tag);
 		}
--- a/assets/ckeditor/plugins/extendedMarkdownInline.js
+++ b/assets/ckeditor/plugins/extendedMarkdownInline.js
@@ -17,8 +17,8 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import { Plugin } from 'ckeditor5/src/core';
-import GFMDataProcessor from '@ckeditor/ckeditor5-markdown-gfm/src/gfmdataprocessor';
+import {Plugin} from 'ckeditor5';
+import {MarkdownGfmDataProcessor} from 'ckeditor5';

 const ALLOWED_TAGS = [
 	//Common elements
@@ -46,7 +46,7 @@ export default class ExtendedMarkdownInline extends Plugin {
 	constructor( editor ) {
 		super( editor );

-		editor.data.processor = new GFMDataProcessor( editor.data.viewDocument );
+		editor.data.processor = new MarkdownGfmDataProcessor( editor.data.viewDocument );
 		for (const tag of ALLOWED_TAGS) {
 			editor.data.processor.keepHtml(tag);
 		}
--- a/assets/ckeditor/plugins/singleLine.js
+++ b/assets/ckeditor/plugins/singleLine.js
@@ -17,7 +17,7 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import Plugin from '@ckeditor/ckeditor5-core/src/plugin';
+import {Plugin} from 'ckeditor5';

 export default class SingleLinePlugin extends Plugin {
    init() {
@@ -42,7 +42,7 @@ export default class SingleLinePlugin extends Plugin {
            //We can not use the dataTransfer.setData method because the old object is somehow protected
            data.dataTransfer = new DataTransfer();
            data.dataTransfer.setData("text", cleaned);
-            
+
        }, { priority: 'high' } );
    }
-}
+}
--- a/assets/ckeditor/plugins/special_characters_emoji.js
+++ b/assets/ckeditor/plugins/special_characters_emoji.js
@@ -17,14 +17,12 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-import SpecialCharacters from '@ckeditor/ckeditor5-special-characters/src/specialcharacters';
-import SpecialCharactersEssentials from '@ckeditor/ckeditor5-special-characters/src/specialcharactersessentials';
+import SpecialCharacters from 'ckeditor5';
+import SpecialCharactersEssentials from 'ckeditor5';

-import Plugin from '@ckeditor/ckeditor5-core/src/plugin';
+import {Plugin} from 'ckeditor5';

-const emoji = require('emoji.json');
-
-export default class SpecialCharactersEmoji extends Plugin {
+export default class SpecialCharactersGreek extends Plugin {

    init() {
        const editor = this.editor;
@@ -32,9 +30,6 @@ export default class SpecialCharactersEmoji extends Plugin {

        //Add greek characters to special characters
        specialCharsPlugin.addItems('Greek', this.getGreek());
-
-        //Add Emojis to special characters
-        specialCharsPlugin.addItems('Emoji', this.getEmojis());
    }

    getGreek() {
@@ -96,14 +91,4 @@ export default class SpecialCharactersEmoji extends Plugin {
            { title: 'san', character: 'Ϻ' },
        ];
    }
-
-    getEmojis() {
-        //Map our emoji data to the format the plugin expects
-        return emoji.map(emoji => {
-            return {
-                title: emoji.name,
-                character: emoji.char
-            };
-        });
-    }
-}
+}
--- a/assets/commands/kicad_populate_default_mappings.json
+++ b/assets/commands/kicad_populate_default_mappings.json
@@ -0,0 +1,206 @@
+{
+    "_comment": "Default KiCad footprint/symbol mappings for partdb:kicad:populate command. Based on KiCad 9.x standard libraries. Use --mapping-file to override or extend these mappings.",
+    "footprints": {
+        "SOT-23": "Package_TO_SOT_SMD:SOT-23",
+        "SOT-23-3": "Package_TO_SOT_SMD:SOT-23",
+        "SOT-23-5": "Package_TO_SOT_SMD:SOT-23-5",
+        "SOT-23-6": "Package_TO_SOT_SMD:SOT-23-6",
+        "SOT-223": "Package_TO_SOT_SMD:SOT-223-3_TabPin2",
+        "SOT-223-3": "Package_TO_SOT_SMD:SOT-223-3_TabPin2",
+        "SOT-89": "Package_TO_SOT_SMD:SOT-89-3",
+        "SOT-89-3": "Package_TO_SOT_SMD:SOT-89-3",
+        "SOT-323": "Package_TO_SOT_SMD:SOT-323_SC-70",
+        "SOT-363": "Package_TO_SOT_SMD:SOT-363_SC-70-6",
+        "TSOT-25": "Package_TO_SOT_SMD:SOT-23-5",
+        "SC-70-5": "Package_TO_SOT_SMD:SOT-353_SC-70-5",
+        "SC-70-6": "Package_TO_SOT_SMD:SOT-363_SC-70-6",
+        "TO-220": "Package_TO_SOT_THT:TO-220-3_Vertical",
+        "TO-220AB": "Package_TO_SOT_THT:TO-220-3_Vertical",
+        "TO-220AB-3": "Package_TO_SOT_THT:TO-220-3_Vertical",
+        "TO-220FP": "Package_TO_SOT_THT:TO-220F-3_Vertical",
+        "TO-247-3": "Package_TO_SOT_THT:TO-247-3_Vertical",
+        "TO-92": "Package_TO_SOT_THT:TO-92_Inline",
+        "TO-92-3": "Package_TO_SOT_THT:TO-92_Inline",
+        "TO-252": "Package_TO_SOT_SMD:TO-252-2",
+        "TO-252-2L": "Package_TO_SOT_SMD:TO-252-2",
+        "TO-252-3L": "Package_TO_SOT_SMD:TO-252-3",
+        "TO-263": "Package_TO_SOT_SMD:TO-263-2",
+        "TO-263-2": "Package_TO_SOT_SMD:TO-263-2",
+        "D2PAK": "Package_TO_SOT_SMD:TO-252-2",
+        "DPAK": "Package_TO_SOT_SMD:TO-252-2",
+        "SOIC-8": "Package_SO:SOIC-8_3.9x4.9mm_P1.27mm",
+        "ESOP-8": "Package_SO:SOIC-8_3.9x4.9mm_P1.27mm",
+        "SOIC-14": "Package_SO:SOIC-14_3.9x8.7mm_P1.27mm",
+        "SOIC-16": "Package_SO:SOIC-16_3.9x9.9mm_P1.27mm",
+        "TSSOP-8": "Package_SO:TSSOP-8_3x3mm_P0.65mm",
+        "TSSOP-14": "Package_SO:TSSOP-14_4.4x5mm_P0.65mm",
+        "TSSOP-16": "Package_SO:TSSOP-16_4.4x5mm_P0.65mm",
+        "TSSOP-16L": "Package_SO:TSSOP-16_4.4x5mm_P0.65mm",
+        "TSSOP-20": "Package_SO:TSSOP-20_4.4x6.5mm_P0.65mm",
+        "MSOP-8": "Package_SO:MSOP-8_3x3mm_P0.65mm",
+        "MSOP-10": "Package_SO:MSOP-10_3x3mm_P0.5mm",
+        "MSOP-16": "Package_SO:MSOP-16_3x4mm_P0.5mm",
+        "SO-5": "Package_TO_SOT_SMD:SOT-23-5",
+        "DIP-4": "Package_DIP:DIP-4_W7.62mm",
+        "DIP-6": "Package_DIP:DIP-6_W7.62mm",
+        "DIP-8": "Package_DIP:DIP-8_W7.62mm",
+        "DIP-14": "Package_DIP:DIP-14_W7.62mm",
+        "DIP-16": "Package_DIP:DIP-16_W7.62mm",
+        "DIP-18": "Package_DIP:DIP-18_W7.62mm",
+        "DIP-20": "Package_DIP:DIP-20_W7.62mm",
+        "DIP-24": "Package_DIP:DIP-24_W7.62mm",
+        "DIP-28": "Package_DIP:DIP-28_W7.62mm",
+        "DIP-40": "Package_DIP:DIP-40_W15.24mm",
+        "QFN-8": "Package_DFN_QFN:QFN-8-1EP_3x3mm_P0.65mm_EP1.55x1.55mm",
+        "QFN-12(3x3)": "Package_DFN_QFN:QFN-12-1EP_3x3mm_P0.5mm_EP1.65x1.65mm",
+        "QFN-16": "Package_DFN_QFN:QFN-16-1EP_3x3mm_P0.5mm_EP1.45x1.45mm",
+        "QFN-20": "Package_DFN_QFN:QFN-20-1EP_4x4mm_P0.5mm_EP2.5x2.5mm",
+        "QFN-24": "Package_DFN_QFN:QFN-24-1EP_4x4mm_P0.5mm_EP2.45x2.45mm",
+        "QFN-32": "Package_DFN_QFN:QFN-32-1EP_5x5mm_P0.5mm_EP3.45x3.45mm",
+        "QFN-48": "Package_DFN_QFN:QFN-48-1EP_7x7mm_P0.5mm_EP5.3x5.3mm",
+        "TQFP-32": "Package_QFP:TQFP-32_7x7mm_P0.8mm",
+        "TQFP-44": "Package_QFP:TQFP-44_10x10mm_P0.8mm",
+        "TQFP-48": "Package_QFP:TQFP-48_7x7mm_P0.5mm",
+        "TQFP-48(7x7)": "Package_QFP:TQFP-48_7x7mm_P0.5mm",
+        "TQFP-64": "Package_QFP:TQFP-64_10x10mm_P0.5mm",
+        "TQFP-100": "Package_QFP:TQFP-100_14x14mm_P0.5mm",
+        "LQFP-32": "Package_QFP:LQFP-32_7x7mm_P0.8mm",
+        "LQFP-48": "Package_QFP:LQFP-48_7x7mm_P0.5mm",
+        "LQFP-64": "Package_QFP:LQFP-64_10x10mm_P0.5mm",
+        "LQFP-100": "Package_QFP:LQFP-100_14x14mm_P0.5mm",
+
+        "SOD-123": "Diode_SMD:D_SOD-123",
+        "SOD-123F": "Diode_SMD:D_SOD-123F",
+        "SOD-123FL": "Diode_SMD:D_SOD-123F",
+        "SOD-323": "Diode_SMD:D_SOD-323",
+        "SOD-523": "Diode_SMD:D_SOD-523",
+        "SOD-882": "Diode_SMD:D_SOD-882",
+        "SOD-882D": "Diode_SMD:D_SOD-882",
+        "SMA(DO-214AC)": "Diode_SMD:D_SMA",
+        "SMA": "Diode_SMD:D_SMA",
+        "SMB": "Diode_SMD:D_SMB",
+        "SMC": "Diode_SMD:D_SMC",
+
+        "DO-35": "Diode_THT:D_DO-35_SOD27_P7.62mm_Horizontal",
+        "DO-35(DO-204AH)": "Diode_THT:D_DO-35_SOD27_P7.62mm_Horizontal",
+        "DO-41": "Diode_THT:D_DO-41_SOD81_P10.16mm_Horizontal",
+        "DO-201": "Diode_THT:D_DO-201_P15.24mm_Horizontal",
+
+        "DFN-2(0.6x1)": "Package_DFN_QFN:DFN-2-1EP_0.6x1.0mm_P0.65mm_EP0.2x0.55mm",
+        "DFN1006-2": "Package_DFN_QFN:DFN-2_1.0x0.6mm",
+        "DFN-6": "Package_DFN_QFN:DFN-6-1EP_2x2mm_P0.65mm_EP1x1.6mm",
+        "DFN-8": "Package_DFN_QFN:DFN-8-1EP_3x2mm_P0.5mm_EP1.3x1.5mm",
+
+        "0201": "Resistor_SMD:R_0201_0603Metric",
+        "0402": "Resistor_SMD:R_0402_1005Metric",
+        "0603": "Resistor_SMD:R_0603_1608Metric",
+        "0805": "Resistor_SMD:R_0805_2012Metric",
+        "1206": "Resistor_SMD:R_1206_3216Metric",
+        "1210": "Resistor_SMD:R_1210_3225Metric",
+        "1812": "Resistor_SMD:R_1812_4532Metric",
+        "2010": "Resistor_SMD:R_2010_5025Metric",
+        "2512": "Resistor_SMD:R_2512_6332Metric",
+        "2917": "Resistor_SMD:R_2917_7343Metric",
+        "2920": "Resistor_SMD:R_2920_7350Metric",
+
+        "CASE-A-3216-18(mm)": "Capacitor_Tantalum_SMD:CP_EIA-3216-18_Kemet-A",
+        "CASE-B-3528-21(mm)": "Capacitor_Tantalum_SMD:CP_EIA-3528-21_Kemet-B",
+        "CASE-C-6032-28(mm)": "Capacitor_Tantalum_SMD:CP_EIA-6032-28_Kemet-C",
+        "CASE-D-7343-31(mm)": "Capacitor_Tantalum_SMD:CP_EIA-7343-31_Kemet-D",
+        "CASE-E-7343-43(mm)": "Capacitor_Tantalum_SMD:CP_EIA-7343-43_Kemet-E",
+
+        "SMD,D4xL5.4mm": "Capacitor_SMD:CP_Elec_4x5.4",
+        "SMD,D5xL5.4mm": "Capacitor_SMD:CP_Elec_5x5.4",
+        "SMD,D6.3xL5.4mm": "Capacitor_SMD:CP_Elec_6.3x5.4",
+        "SMD,D6.3xL7.7mm": "Capacitor_SMD:CP_Elec_6.3x7.7",
+        "SMD,D8xL6.5mm": "Capacitor_SMD:CP_Elec_8x6.5",
+        "SMD,D8xL10mm": "Capacitor_SMD:CP_Elec_8x10",
+        "SMD,D10xL10mm": "Capacitor_SMD:CP_Elec_10x10",
+        "SMD,D10xL10.5mm": "Capacitor_SMD:CP_Elec_10x10.5",
+
+        "Through Hole,D5xL11mm": "Capacitor_THT:CP_Radial_D5.0mm_P2.00mm",
+        "Through Hole,D6.3xL11mm": "Capacitor_THT:CP_Radial_D6.3mm_P2.50mm",
+        "Through Hole,D8xL11mm": "Capacitor_THT:CP_Radial_D8.0mm_P3.50mm",
+        "Through Hole,D10xL16mm": "Capacitor_THT:CP_Radial_D10.0mm_P5.00mm",
+        "Through Hole,D10xL20mm": "Capacitor_THT:CP_Radial_D10.0mm_P5.00mm",
+        "Through Hole,D12.5xL20mm": "Capacitor_THT:CP_Radial_D12.5mm_P5.00mm",
+
+        "LED 3mm": "LED_THT:LED_D3.0mm",
+        "LED 5mm": "LED_THT:LED_D5.0mm",
+        "LED 0603": "LED_SMD:LED_0603_1608Metric",
+        "LED 0805": "LED_SMD:LED_0805_2012Metric",
+        "SMD5050-4P": "LED_SMD:LED_WS2812B_PLCC4_5.0x5.0mm_P3.2mm",
+        "SMD5050-6P": "LED_SMD:LED_WS2812B_PLCC4_5.0x5.0mm_P3.2mm",
+
+        "HC-49": "Crystal:Crystal_HC49-4H_Vertical",
+        "HC-49/U": "Crystal:Crystal_HC49-4H_Vertical",
+        "HC-49/S": "Crystal:Crystal_HC49-U_Vertical",
+        "HC-49/US": "Crystal:Crystal_HC49-U_Vertical",
+
+        "USB-A": "Connector_USB:USB_A_Stewart_SS-52100-001_Horizontal",
+        "USB-B": "Connector_USB:USB_B_OST_USB-B1HSxx_Horizontal",
+        "USB-Mini-B": "Connector_USB:USB_Mini-B_Lumberg_2486_01_Horizontal",
+        "USB-Micro-B": "Connector_USB:USB_Micro-B_Molex-105017-0001",
+        "USB-C": "Connector_USB:USB_C_Receptacle_GCT_USB4085",
+
+        "1x2 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x02_P2.54mm_Vertical",
+        "1x3 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x03_P2.54mm_Vertical",
+        "1x4 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x04_P2.54mm_Vertical",
+        "1x5 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x05_P2.54mm_Vertical",
+        "1x6 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x06_P2.54mm_Vertical",
+        "1x8 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x08_P2.54mm_Vertical",
+        "1x10 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_1x10_P2.54mm_Vertical",
+        "2x2 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_2x02_P2.54mm_Vertical",
+        "2x3 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_2x03_P2.54mm_Vertical",
+        "2x4 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_2x04_P2.54mm_Vertical",
+        "2x5 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_2x05_P2.54mm_Vertical",
+        "2x10 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_2x10_P2.54mm_Vertical",
+        "2x20 P2.54mm": "Connector_PinHeader_2.54mm:PinHeader_2x20_P2.54mm_Vertical",
+        "SIP-3-2.54mm": "Package_SIP:SIP-3_P2.54mm",
+        "SIP-4-2.54mm": "Package_SIP:SIP-4_P2.54mm",
+        "SIP-5-2.54mm": "Package_SIP:SIP-5_P2.54mm"
+    },
+    "categories": {
+        "Electrolytic": "Device:C_Polarized",
+        "Polarized": "Device:C_Polarized",
+        "Tantalum": "Device:C_Polarized",
+        "Zener": "Device:D_Zener",
+        "Schottky": "Device:D_Schottky",
+        "TVS": "Device:D_TVS",
+        "LED": "Device:LED",
+        "NPN": "Device:Q_NPN_BCE",
+        "PNP": "Device:Q_PNP_BCE",
+        "N-MOSFET": "Device:Q_NMOS_GDS",
+        "NMOS": "Device:Q_NMOS_GDS",
+        "N-MOS": "Device:Q_NMOS_GDS",
+        "P-MOSFET": "Device:Q_PMOS_GDS",
+        "PMOS": "Device:Q_PMOS_GDS",
+        "P-MOS": "Device:Q_PMOS_GDS",
+        "MOSFET": "Device:Q_NMOS_GDS",
+        "JFET": "Device:Q_NJFET_DSG",
+        "Ferrite": "Device:Ferrite_Bead",
+        "Crystal": "Device:Crystal",
+        "Oscillator": "Oscillator:Oscillator_Crystal",
+        "Fuse": "Device:Fuse",
+        "Transformer": "Device:Transformer_1P_1S",
+        "Resistor": "Device:R",
+        "Capacitor": "Device:C",
+        "Inductor": "Device:L",
+        "Diode": "Device:D",
+        "Transistor": "Device:Q_NPN_BCE",
+        "Voltage Regulator": "Regulator_Linear:LM317_TO-220",
+        "LDO": "Regulator_Linear:AMS1117-3.3",
+        "Op-Amp": "Amplifier_Operational:LM358",
+        "Comparator": "Comparator:LM393",
+        "Optocoupler": "Isolator:PC817",
+        "Relay": "Relay:Relay_DPDT",
+        "Connector": "Connector:Conn_01x02",
+        "Switch": "Switch:SW_Push",
+        "Button": "Switch:SW_Push",
+        "Potentiometer": "Device:R_POT",
+        "Trimpot": "Device:R_POT",
+        "Thermistor": "Device:Thermistor",
+        "Varistor": "Device:Varistor",
+        "Photo": "Device:LED"
+    }
+}
--- a/assets/controllers/backup_restore_controller.js
+++ b/assets/controllers/backup_restore_controller.js
@@ -0,0 +1,55 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import { Controller } from '@hotwired/stimulus';
+
+/**
+ * Stimulus controller for backup restore confirmation dialogs.
+ * Shows a confirmation dialog with backup details before allowing restore.
+ */
+export default class extends Controller {
+    static values = {
+        filename: { type: String, default: '' },
+        date: { type: String, default: '' },
+        confirmTitle: { type: String, default: 'Restore Backup' },
+        confirmMessage: { type: String, default: 'Are you sure you want to restore from this backup?' },
+        confirmWarning: { type: String, default: 'This will overwrite your current database. This action cannot be undone!' },
+    };
+
+    connect() {
+        this.element.addEventListener('submit', this.handleSubmit.bind(this));
+    }
+
+    handleSubmit(event) {
+        // Always prevent default first
+        event.preventDefault();
+
+        // Build confirmation message
+        const message = this.confirmTitleValue + '\n\n' +
+            'Backup: ' + this.filenameValue + '\n' +
+            'Date: ' + this.dateValue + '\n\n' +
+            this.confirmMessageValue + '\n\n' +
+            '⚠️ ' + this.confirmWarningValue;
+
+        // Only submit if user confirms
+        if (confirm(message)) {
+            this.element.submit();
+        }
+    }
+}
--- a/assets/controllers/bulk_import_controller.js
+++ b/assets/controllers/bulk_import_controller.js
@@ -0,0 +1,359 @@
+import { Controller } from "@hotwired/stimulus"
+import { generateCsrfHeaders } from "./csrf_protection_controller"
+
+export default class extends Controller {
+    static targets = ["progressBar", "progressText"]
+    static values = { 
+        jobId: Number,
+        partId: Number,
+        researchUrl: String,
+        researchAllUrl: String,
+        markCompletedUrl: String,
+        markSkippedUrl: String,
+        markPendingUrl: String
+    }
+
+    connect() {
+        // Auto-refresh progress if job is in progress
+        if (this.hasProgressBarTarget) {
+            this.startProgressUpdates()
+        }
+        
+        // Restore scroll position after page reload (if any)
+        this.restoreScrollPosition()
+    }
+
+    getHeaders() {
+        const headers = {
+            'Content-Type': 'application/json',
+            'X-Requested-With': 'XMLHttpRequest'
+        }
+
+        // Add CSRF headers if available
+        const form = document.querySelector('form')
+        if (form) {
+            const csrfHeaders = generateCsrfHeaders(form)
+            Object.assign(headers, csrfHeaders)
+        }
+
+        return headers
+    }
+
+    async fetchWithErrorHandling(url, options = {}, timeout = 30000) {
+        const controller = new AbortController()
+        const timeoutId = setTimeout(() => controller.abort(), timeout)
+        
+        try {
+            const response = await fetch(url, {
+                ...options,
+                headers: { ...this.getHeaders(), ...options.headers },
+                signal: controller.signal
+            })
+
+            clearTimeout(timeoutId)
+
+            if (!response.ok) {
+                const errorText = await response.text()
+                throw new Error(`Server error (${response.status}): ${errorText}`)
+            }
+
+            return await response.json()
+        } catch (error) {
+            clearTimeout(timeoutId)
+            
+            if (error.name === 'AbortError') {
+                throw new Error('Request timed out. Please try again.')
+            } else if (error.message.includes('Failed to fetch')) {
+                throw new Error('Network error. Please check your connection and try again.')
+            } else {
+                throw error
+            }
+        }
+    }
+
+    disconnect() {
+        if (this.progressInterval) {
+            clearInterval(this.progressInterval)
+        }
+    }
+
+    startProgressUpdates() {
+        // Progress updates are handled via page reload for better reliability
+        // No need for periodic updates since state changes trigger page refresh
+    }
+
+    restoreScrollPosition() {
+        const savedPosition = sessionStorage.getItem('bulkImportScrollPosition')
+        if (savedPosition) {
+            // Restore scroll position after a small delay to ensure page is fully loaded
+            setTimeout(() => {
+                window.scrollTo(0, parseInt(savedPosition))
+                // Clear the saved position so it doesn't interfere with normal navigation
+                sessionStorage.removeItem('bulkImportScrollPosition')
+            }, 100)
+        }
+    }
+
+    async markCompleted(event) {
+        const partId = event.currentTarget.dataset.partId
+        
+        try {
+            const url = this.markCompletedUrlValue.replace('__PART_ID__', partId)
+            const data = await this.fetchWithErrorHandling(url, { method: 'POST' })
+            
+            if (data.success) {
+                this.updateProgressDisplay(data)
+                this.markRowAsCompleted(partId)
+                
+                if (data.job_completed) {
+                    this.showJobCompletedMessage()
+                }
+            } else {
+                this.showErrorMessage(data.error || 'Failed to mark part as completed')
+            }
+        } catch (error) {
+            console.error('Error marking part as completed:', error)
+            this.showErrorMessage(error.message || 'Failed to mark part as completed')
+        }
+    }
+
+    async markSkipped(event) {
+        const partId = event.currentTarget.dataset.partId
+        const reason = prompt('Reason for skipping (optional):') || ''
+        
+        try {
+            const url = this.markSkippedUrlValue.replace('__PART_ID__', partId)
+            const data = await this.fetchWithErrorHandling(url, {
+                method: 'POST',
+                body: JSON.stringify({ reason })
+            })
+            
+            if (data.success) {
+                this.updateProgressDisplay(data)
+                this.markRowAsSkipped(partId)
+            } else {
+                this.showErrorMessage(data.error || 'Failed to mark part as skipped')
+            }
+        } catch (error) {
+            console.error('Error marking part as skipped:', error)
+            this.showErrorMessage(error.message || 'Failed to mark part as skipped')
+        }
+    }
+
+    async markPending(event) {
+        const partId = event.currentTarget.dataset.partId
+        
+        try {
+            const url = this.markPendingUrlValue.replace('__PART_ID__', partId)
+            const data = await this.fetchWithErrorHandling(url, { method: 'POST' })
+            
+            if (data.success) {
+                this.updateProgressDisplay(data)
+                this.markRowAsPending(partId)
+            } else {
+                this.showErrorMessage(data.error || 'Failed to mark part as pending')
+            }
+        } catch (error) {
+            console.error('Error marking part as pending:', error)
+            this.showErrorMessage(error.message || 'Failed to mark part as pending')
+        }
+    }
+
+    updateProgressDisplay(data) {
+        if (this.hasProgressBarTarget) {
+            this.progressBarTarget.style.width = `${data.progress}%`
+            this.progressBarTarget.setAttribute('aria-valuenow', data.progress)
+        }
+        
+        if (this.hasProgressTextTarget) {
+            this.progressTextTarget.textContent = `${data.completed_count} / ${data.total_count} completed`
+        }
+    }
+
+    markRowAsCompleted(partId) {
+        // Save scroll position and refresh page to show updated state
+        sessionStorage.setItem('bulkImportScrollPosition', window.scrollY.toString())
+        window.location.reload()
+    }
+
+    markRowAsSkipped(partId) {
+        // Save scroll position and refresh page to show updated state
+        sessionStorage.setItem('bulkImportScrollPosition', window.scrollY.toString())
+        window.location.reload()
+    }
+
+    markRowAsPending(partId) {
+        // Save scroll position and refresh page to show updated state
+        sessionStorage.setItem('bulkImportScrollPosition', window.scrollY.toString())
+        window.location.reload()
+    }
+
+    showJobCompletedMessage() {
+        const alert = document.createElement('div')
+        alert.className = 'alert alert-success alert-dismissible fade show'
+        alert.innerHTML = `
+            <i class="fas fa-check-circle"></i>
+            Job completed! All parts have been processed.
+            <button type="button" class="btn-close" data-bs-dismiss="alert"></button>
+        `
+        
+        const container = document.querySelector('.card-body')
+        container.insertBefore(alert, container.firstChild)
+    }
+
+    async researchPart(event) {
+        event.preventDefault()
+        event.stopPropagation()
+        
+        const partId = event.currentTarget.dataset.partId
+        const spinner = event.currentTarget.querySelector(`[data-research-spinner="${partId}"]`)
+        const button = event.currentTarget
+        
+        // Show loading state
+        if (spinner) {
+            spinner.style.display = 'inline-block'
+        }
+        button.disabled = true
+        
+        try {
+            const url = this.researchUrlValue.replace('__PART_ID__', partId)
+            const controller = new AbortController()
+            const timeoutId = setTimeout(() => controller.abort(), 30000) // 30 second timeout
+            
+            const response = await fetch(url, {
+                method: 'POST',
+                headers: this.getHeaders(),
+                signal: controller.signal
+            })
+
+            clearTimeout(timeoutId)
+
+            if (!response.ok) {
+                const errorText = await response.text()
+                throw new Error(`Server error (${response.status}): ${errorText}`)
+            }
+
+            const data = await response.json()
+            
+            if (data.success) {
+                this.showSuccessMessage(`Research completed for part. Found ${data.results_count} results.`)
+                // Save scroll position and reload to show updated results
+                sessionStorage.setItem('bulkImportScrollPosition', window.scrollY.toString())
+                window.location.reload()
+            } else {
+                this.showErrorMessage(data.error || 'Research failed')
+            }
+        } catch (error) {
+            console.error('Error researching part:', error)
+            
+            if (error.name === 'AbortError') {
+                this.showErrorMessage('Research timed out. Please try again.')
+            } else if (error.message.includes('Failed to fetch')) {
+                this.showErrorMessage('Network error. Please check your connection and try again.')
+            } else {
+                this.showErrorMessage(error.message || 'Research failed due to an unexpected error')
+            }
+        } finally {
+            // Hide loading state
+            if (spinner) {
+                spinner.style.display = 'none'
+            }
+            button.disabled = false
+        }
+    }
+
+    async researchAllParts(event) {
+        event.preventDefault()
+        event.stopPropagation()
+        
+        const spinner = document.getElementById('research-all-spinner')
+        const button = event.currentTarget
+        
+        // Show loading state
+        if (spinner) {
+            spinner.style.display = 'inline-block'
+        }
+        button.disabled = true
+        
+        try {
+            const controller = new AbortController()
+            const timeoutId = setTimeout(() => controller.abort(), 120000) // 2 minute timeout for bulk operations
+            
+            const response = await fetch(this.researchAllUrlValue, {
+                method: 'POST',
+                headers: this.getHeaders(),
+                signal: controller.signal
+            })
+
+            clearTimeout(timeoutId)
+
+            if (!response.ok) {
+                const errorText = await response.text()
+                throw new Error(`Server error (${response.status}): ${errorText}`)
+            }
+
+            const data = await response.json()
+            
+            if (data.success) {
+                this.showSuccessMessage(`Research completed for ${data.researched_count} parts.`)
+                // Save scroll position and reload to show updated results
+                sessionStorage.setItem('bulkImportScrollPosition', window.scrollY.toString())
+                window.location.reload()
+            } else {
+                this.showErrorMessage(data.error || 'Bulk research failed')
+            }
+        } catch (error) {
+            console.error('Error researching all parts:', error)
+            
+            if (error.name === 'AbortError') {
+                this.showErrorMessage('Bulk research timed out. This may happen with large batches. Please try again or process smaller batches.')
+            } else if (error.message.includes('Failed to fetch')) {
+                this.showErrorMessage('Network error. Please check your connection and try again.')
+            } else {
+                this.showErrorMessage(error.message || 'Bulk research failed due to an unexpected error')
+            }
+        } finally {
+            // Hide loading state
+            if (spinner) {
+                spinner.style.display = 'none'
+            }
+            button.disabled = false
+        }
+    }
+
+    showSuccessMessage(message) {
+        this.showToast('success', message)
+    }
+
+    showErrorMessage(message) {
+        this.showToast('error', message)
+    }
+
+    showToast(type, message) {
+        // Create a simple alert that doesn't disrupt layout
+        const alertId = 'alert-' + Date.now()
+        const iconClass = type === 'success' ? 'fa-check-circle' : 'fa-exclamation-triangle'
+        const alertClass = type === 'success' ? 'alert-success' : 'alert-danger'
+        
+        const alertHTML = `
+            <div class="alert ${alertClass} alert-dismissible fade show position-fixed" 
+                 style="top: 20px; right: 20px; z-index: 9999; max-width: 400px;" 
+                 id="${alertId}">
+                <i class="fas ${iconClass} me-2"></i>
+                ${message}
+                <button type="button" class="btn-close" onclick="this.parentElement.remove()" aria-label="Close"></button>
+            </div>
+        `
+        
+        // Add alert to body
+        document.body.insertAdjacentHTML('beforeend', alertHTML)
+        
+        // Auto-remove after 5 seconds
+        setTimeout(() => {
+            const alertElement = document.getElementById(alertId)
+            if (alertElement) {
+                alertElement.remove()
+            }
+        }, 5000)
+    }
+}
--- a/assets/controllers/bulk_job_manage_controller.js
+++ b/assets/controllers/bulk_job_manage_controller.js
@@ -0,0 +1,92 @@
+import { Controller } from "@hotwired/stimulus"
+import { generateCsrfHeaders } from "./csrf_protection_controller"
+
+export default class extends Controller {
+    static values = {
+        deleteUrl: String,
+        stopUrl: String,
+        deleteConfirmMessage: String,
+        stopConfirmMessage: String
+    }
+
+    connect() {
+        // Controller initialized
+    }
+    getHeaders() {
+        const headers = {
+            'X-Requested-With': 'XMLHttpRequest'
+        }
+
+        // Add CSRF headers if available
+        const form = document.querySelector('form')
+        if (form) {
+            const csrfHeaders = generateCsrfHeaders(form)
+            Object.assign(headers, csrfHeaders)
+        }
+
+        return headers
+    }
+    async deleteJob(event) {
+        const jobId = event.currentTarget.dataset.jobId
+        const confirmMessage = this.deleteConfirmMessageValue || 'Are you sure you want to delete this job?'
+        
+        if (confirm(confirmMessage)) {
+            try {
+                const deleteUrl = this.deleteUrlValue.replace('__JOB_ID__', jobId)
+                
+                const response = await fetch(deleteUrl, {
+                    method: 'DELETE',
+                    headers: this.getHeaders()
+                })
+                
+                if (!response.ok) {
+                    const errorText = await response.text()
+                    throw new Error(`HTTP ${response.status}: ${errorText}`)
+                }
+                
+                const data = await response.json()
+                
+                if (data.success) {
+                    location.reload()
+                } else {
+                    alert('Error deleting job: ' + (data.error || 'Unknown error'))
+                }
+            } catch (error) {
+                console.error('Error deleting job:', error)
+                alert('Error deleting job: ' + error.message)
+            }
+        }
+    }
+
+    async stopJob(event) {
+        const jobId = event.currentTarget.dataset.jobId
+        const confirmMessage = this.stopConfirmMessageValue || 'Are you sure you want to stop this job?'
+        
+        if (confirm(confirmMessage)) {
+            try {
+                const stopUrl = this.stopUrlValue.replace('__JOB_ID__', jobId)
+                
+                const response = await fetch(stopUrl, {
+                    method: 'POST',
+                    headers: this.getHeaders()
+                })
+                
+                if (!response.ok) {
+                    const errorText = await response.text()
+                    throw new Error(`HTTP ${response.status}: ${errorText}`)
+                }
+                
+                const data = await response.json()
+                
+                if (data.success) {
+                    location.reload()
+                } else {
+                    alert('Error stopping job: ' + (data.error || 'Unknown error'))
+                }
+            } catch (error) {
+                console.error('Error stopping job:', error)
+                alert('Error stopping job: ' + error.message)
+            }
+        }
+    }
+}
--- a/assets/controllers/common/hide_sidebar_controller.js
+++ b/assets/controllers/common/hide_sidebar_controller.js
@@ -88,5 +88,8 @@ export default class extends Controller {
        } else {
            this.hideSidebar();
        }
+
+        //Hide the tootip on the button
+        this._toggle_button.blur();
    }
 }
--- a/assets/controllers/common/markdown_controller.js
+++ b/assets/controllers/common/markdown_controller.js
@@ -56,12 +56,16 @@ export default class MarkdownController extends Controller {
        this.element.innerHTML = DOMPurify.sanitize(MarkdownController._marked.parse(this.unescapeHTML(raw)));

        for(let a of this.element.querySelectorAll('a')) {
-            //Mark all links as external
-            a.classList.add('link-external');
-            //Open links in new tag
-            a.setAttribute('target', '_blank');
-            //Dont track
-            a.setAttribute('rel', 'noopener');
+            // test if link is absolute
+            var r = new RegExp('^(?:[a-z+]+:)?//', 'i');
+            if (r.test(a.getAttribute('href'))) {
+                //Mark all links as external
+                a.classList.add('link-external');
+                //Open links in new tag
+                a.setAttribute('target', '_blank');
+                //Dont track
+                a.setAttribute('rel', 'noopener');
+            }
        }

        //Apply bootstrap styles to tables
@@ -108,4 +112,4 @@ export default class MarkdownController extends Controller {
            gfm: true,
        });
    }*/
-}
+}
--- a/assets/controllers/common/toast_controller.js
+++ b/assets/controllers/common/toast_controller.js
@@ -20,6 +20,10 @@
 import { Controller } from '@hotwired/stimulus';
 import { Toast } from 'bootstrap';

+/**
+ * The purpose of this controller, is to show all containers.
+ * They should already be added via turbo-streams, but have to be called for to show them.
+ */
 export default class extends Controller {
    connect() {
        //Move all toasts from the page into our toast container and show them
@@ -33,4 +37,4 @@ export default class extends Controller {
        const toast = new Toast(this.element);
        toast.show();
    }
-}
+}
--- a/assets/controllers/csrf_protection_controller.js
+++ b/assets/controllers/csrf_protection_controller.js
@@ -0,0 +1,81 @@
+const nameCheck = /^[-_a-zA-Z0-9]{4,22}$/;
+const tokenCheck = /^[-_/+a-zA-Z0-9]{24,}$/;
+
+// Generate and double-submit a CSRF token in a form field and a cookie, as defined by Symfony's SameOriginCsrfTokenManager
+// Use `form.requestSubmit()` to ensure that the submit event is triggered. Using `form.submit()` will not trigger the event
+// and thus this event-listener will not be executed.
+document.addEventListener('submit', function (event) {
+    generateCsrfToken(event.target);
+}, true);
+
+// When @hotwired/turbo handles form submissions, send the CSRF token in a header in addition to a cookie
+// The `framework.csrf_protection.check_header` config option needs to be enabled for the header to be checked
+document.addEventListener('turbo:submit-start', function (event) {
+    const h = generateCsrfHeaders(event.detail.formSubmission.formElement);
+    Object.keys(h).map(function (k) {
+        event.detail.formSubmission.fetchRequest.headers[k] = h[k];
+    });
+});
+
+// When @hotwired/turbo handles form submissions, remove the CSRF cookie once a form has been submitted
+document.addEventListener('turbo:submit-end', function (event) {
+    removeCsrfToken(event.detail.formSubmission.formElement);
+});
+
+export function generateCsrfToken (formElement) {
+    const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
+
+    if (!csrfField) {
+        return;
+    }
+
+    let csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
+    let csrfToken = csrfField.value;
+
+    if (!csrfCookie && nameCheck.test(csrfToken)) {
+        csrfField.setAttribute('data-csrf-protection-cookie-value', csrfCookie = csrfToken);
+        csrfField.defaultValue = csrfToken = btoa(String.fromCharCode.apply(null, (window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18))));
+    }
+    csrfField.dispatchEvent(new Event('change', { bubbles: true }));
+
+    if (csrfCookie && tokenCheck.test(csrfToken)) {
+        const cookie = csrfCookie + '_' + csrfToken + '=' + csrfCookie + '; path=/; samesite=strict';
+        document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
+    }
+}
+
+export function generateCsrfHeaders (formElement) {
+    const headers = {};
+    const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
+
+    if (!csrfField) {
+        return headers;
+    }
+
+    const csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
+
+    if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
+        headers[csrfCookie] = csrfField.value;
+    }
+
+    return headers;
+}
+
+export function removeCsrfToken (formElement) {
+    const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
+
+    if (!csrfField) {
+        return;
+    }
+
+    const csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
+
+    if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
+        const cookie = csrfCookie + '_' + csrfField.value + '=0; path=/; samesite=strict; max-age=0';
+
+        document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
+    }
+}
+
+/* stimulusFetch: 'lazy' */
+export default 'csrf-protection-controller';
--- a/assets/controllers/elements/attachment_autocomplete_controller.js
+++ b/assets/controllers/elements/attachment_autocomplete_controller.js
@@ -23,11 +23,22 @@ import "tom-select/dist/css/tom-select.bootstrap5.css";
 import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";

+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 export default class extends Controller {
    _tomSelect;

    connect() {

+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }
+
        let settings = {
            persistent: false,
            create: true,
@@ -36,6 +47,7 @@ export default class extends Controller {
            selectOnTab: true,
            //This a an ugly solution to disable the delimiter parsing of the TomSelect plugin
            delimiter: 'VERY_L0NG_D€LIMITER_WHICH_WILL_NEVER_BE_ENCOUNTERED_IN_A_STRING',
+            dropdownParent: dropdownParent,
            render: {
                item: (data, escape) => {
                    return '<span>' + escape(data.label) + '</span>';
@@ -46,6 +58,12 @@ export default class extends Controller {
                    }
                    return '<div>' + escape(data.label) + '</div>';
                }
+            },
+            plugins: {
+                'autoselect_typed': {},
+                'click_to_edit': {},
+                'clear_button': {},
+                "restore_on_backspace": {}
            }
        };

--- a/assets/controllers/elements/ckeditor_controller.js
+++ b/assets/controllers/elements/ckeditor_controller.js
@@ -23,10 +23,32 @@ import { default as FullEditor } from "../../ckeditor/markdown_full";
 import { default as SingleLineEditor} from "../../ckeditor/markdown_single_line";
 import { default as HTMLLabelEditor } from "../../ckeditor/html_label";

-import EditorWatchdog from '@ckeditor/ckeditor5-watchdog/src/editorwatchdog';
+import {EditorWatchdog} from 'ckeditor5';

+import "ckeditor5/ckeditor5.css";;
 import "../../css/components/ckeditor.css";

+const translationContext = require.context(
+    'ckeditor5/translations',
+    false,
+    //Only load the translation files we will really need
+    /(de|it|fr|ru|ja|cs|da|zh|pl|hu)\.js$/
+);
+
+function loadTranslation(language) {
+    if (!language || language === 'en') {
+        return null;
+    }
+    const lang = language.slice(0, 2);
+    const path = `./${lang}.js`;
+    if (translationContext.keys().includes(path)) {
+        const module = translationContext(path);
+        return module.default;
+    } else {
+        return null;
+    }
+}
+
 /* stimulusFetch: 'lazy' */
 export default class extends Controller {
    connect() {
@@ -51,8 +73,22 @@ export default class extends Controller {

        const language = document.body.dataset.locale ?? "en";

+        const emojiURL = new URL('../../ckeditor/emojis.json', import.meta.url).href;
+
        const config = {
            language: language,
+            licenseKey: "GPL",
+
+            emoji: {
+                definitionsUrl: emojiURL
+            }
+        }
+
+        //Load translations if not english
+        let translations = loadTranslation(language);
+        if (translations) {
+            //Keep existing translations (e.g. from other plugins), if any
+            config.translations = [window.CKEDITOR_TRANSLATIONS, translations];
        }

        const watchdog = new EditorWatchdog();
@@ -70,6 +106,15 @@ export default class extends Controller {
                        editor_div.classList.add(...new_classes.split(","));
                    }

+                    // Automatic synchronization of source input
+                    editor.model.document.on("change:data", () => {
+                        editor.updateSourceElement();
+
+                        // Dispatch the input event for further treatment
+                        const event = new Event("input");
+                        this.element.dispatchEvent(event);
+                    });
+
                    //This return is important! Otherwise we get mysterious errors in the console
                    //See: https://github.com/ckeditor/ckeditor5/issues/5897#issuecomment-628471302
                    return editor;
@@ -83,4 +128,4 @@ export default class extends Controller {
            console.error(error);
        });
    }
-}
+}
--- a/assets/controllers/elements/collection_type_controller.js
+++ b/assets/controllers/elements/collection_type_controller.js
@@ -21,6 +21,7 @@ import {Controller} from "@hotwired/stimulus";

 import * as bootbox from "bootbox";
 import "../../css/components/bootbox_extensions.css";
+import accept from "attr-accept";

 export default class extends Controller {
    static values = {
@@ -73,15 +74,33 @@ export default class extends Controller {
        const newElementStr = this.htmlDecode(prototype.replace(regex, this.generateUID()));


+        let ret = null;
+
        //Insert new html after the last child element
        //If the table has a tbody, insert it there
        //Afterwards return the newly created row
        if(targetTable.tBodies[0]) {
            targetTable.tBodies[0].insertAdjacentHTML('beforeend', newElementStr);
-            return targetTable.tBodies[0].lastElementChild;
+            ret = targetTable.tBodies[0].lastElementChild;
        } else { //Otherwise just insert it
            targetTable.insertAdjacentHTML('beforeend', newElementStr);
-            return targetTable.lastElementChild;
+            ret = targetTable.lastElementChild;
+        }
+
+        //Trigger an event to notify other components that a new element has been created, so they can for example initialize select2 on it
+        targetTable.dispatchEvent(new CustomEvent("collection:elementAdded", {bubbles: true}));
+
+        this.focusNumberInput(ret);
+
+        return ret;
+
+    }
+
+    focusNumberInput(element) {
+        const fields = element.querySelectorAll("input[type=number]");
+        //Focus the first available number input field to open the numeric keyboard on mobile devices
+        if(fields.length > 0) {
+            fields[0].focus();
        }
    }

@@ -112,6 +131,33 @@ export default class extends Controller {
                dataTransfer.items.add(file);

                rowInput.files = dataTransfer.files;
+
+                //Check the file extension and find the corresponding attachment type based on the data-filetype_filter attribute
+                const attachmentTypeSelect = newElement.querySelector("select");
+                if (attachmentTypeSelect) {
+                    let foundMatch = false;
+                    for (let j = 0; j < attachmentTypeSelect.options.length; j++) {
+                        const option = attachmentTypeSelect.options[j];
+                        //skip disabled options
+                        if (option.disabled) {
+                            continue;
+                        }
+
+                        const filter = option.getAttribute('data-filetype_filter');
+                        if (filter) {
+                            if (accept({name: file.name, type: file.type}, filter)) {
+                                attachmentTypeSelect.value = option.value;
+                                foundMatch = true;
+                                break;
+                            }
+                        } else { //If no filter is set, chose this option until we find a better match
+                            if (!foundMatch) {
+                                attachmentTypeSelect.value = option.value;
+                                foundMatch = true;
+                            }
+                        }
+                    }
+                }
            }

        });
@@ -189,4 +235,4 @@ export default class extends Controller {
            del();
        }
    }
-}
+}
--- a/assets/controllers/elements/datatables/datatables_controller.js
+++ b/assets/controllers/elements/datatables/datatables_controller.js
@@ -108,11 +108,19 @@ export default class extends Controller {
            const raw_order = saved_state.order;

            settings.initial_order = raw_order.map((order) => {
+                //Skip if direction is empty, as this is the default, otherwise datatables server is confused when the order is sent in the request, but the initial order is set to an empty direction
+                if (order[1] === '') {
+                    return null;
+                }
+
                return {
                    column: order[0],
                    dir: order[1]
                }
            });
+
+            //Remove null values from the initial_order array
+            settings.initial_order = settings.initial_order.filter(order => order !== null);
        }

        let options = {
--- a/assets/controllers/elements/datatables/parts_controller.js
+++ b/assets/controllers/elements/datatables/parts_controller.js
@@ -45,8 +45,10 @@ export default class extends DatatablesController {
        //Hide/Unhide panel with the selection tools
        if (count > 0) {
            selectPanel.classList.remove('d-none');
+            selectPanel.classList.add('sticky-select-bar');
        } else {
            selectPanel.classList.add('d-none');
+            selectPanel.classList.remove('sticky-select-bar');
        }

        //Update selection count text
--- a/assets/controllers/elements/ipn_suggestion_controller.js
+++ b/assets/controllers/elements/ipn_suggestion_controller.js
@@ -0,0 +1,250 @@
+import { Controller } from "@hotwired/stimulus";
+import "../../css/components/autocomplete_bootstrap_theme.css";
+
+export default class extends Controller {
+    static targets = ["input"];
+    static values = {
+        partId: Number,
+        partCategoryId: Number,
+        partDescription: String,
+        suggestions: Object,
+        commonSectionHeader: String, // Dynamic header for common Prefixes
+        partIncrementHeader: String, // Dynamic header for new possible part increment
+        suggestUrl: String,
+    };
+
+    connect() {
+        this.configureAutocomplete();
+        this.watchCategoryChanges();
+        this.watchDescriptionChanges();
+    }
+
+    templates = {
+        commonSectionHeader({ title, html }) {
+            return html`
+                <section class="aa-Source">
+                    <div class="aa-SourceHeader">
+                        <span class="aa-SourceHeaderTitle">${title}</span>
+                        <div class="aa-SourceHeaderLine"></div>
+                    </div>
+                </section>
+            `;
+        },
+        partIncrementHeader({ title, html }) {
+            return html`
+                <section class="aa-Source">
+                    <div class="aa-SourceHeader">
+                        <span class="aa-SourceHeaderTitle">${title}</span>
+                        <div class="aa-SourceHeaderLine"></div>
+                    </div>
+                </section>
+            `;
+        },
+        list({ html }) {
+            return html`
+                <ul class="aa-List" role="listbox"></ul>
+            `;
+        },
+        item({ suggestion, description, html }) {
+            return html`
+                <li class="aa-Item" role="option" data-suggestion="${suggestion}" aria-selected="false">
+                    <div class="aa-ItemWrapper">
+                        <div class="aa-ItemContent">
+                            <div class="aa-ItemIcon aa-ItemIcon--noBorder">
+                                <svg viewBox="0 0 24 24" fill="currentColor">
+                                    <path d="M12 21c4.971 0 9-4.029 9-9s-4.029-9-9-9-9 4.029-9 9 4.029 9 9 9z"></path>
+                                </svg>
+                            </div>
+                            <div class="aa-ItemContentBody">
+                                <div class="aa-ItemContentTitle">${suggestion}</div>
+                                <div class="aa-ItemContentDescription">${description}</div>
+                            </div>
+                        </div>
+                    </div>
+                </li>
+            `;
+        },
+    };
+
+    configureAutocomplete() {
+        const inputField = this.inputTarget;
+        const commonPrefixes = this.suggestionsValue.commonPrefixes || [];
+        const prefixesPartIncrement = this.suggestionsValue.prefixesPartIncrement || [];
+        const commonHeader = this.commonSectionHeaderValue;
+        const partIncrementHeader = this.partIncrementHeaderValue;
+
+        if (!inputField || (!commonPrefixes.length && !prefixesPartIncrement.length)) return;
+
+        // Check whether the panel should be created at the update
+        if (this.isPanelInitialized) {
+            const existingPanel = inputField.parentNode.querySelector(".aa-Panel");
+            if (existingPanel) {
+                // Only remove the panel in the update phase
+
+                existingPanel.remove();
+            }
+        }
+
+        // Create panel
+        const panel = document.createElement("div");
+        panel.classList.add("aa-Panel");
+        panel.style.display = "none";
+
+        // Create panel layout
+        const panelLayout = document.createElement("div");
+        panelLayout.classList.add("aa-PanelLayout", "aa-Panel--scrollable");
+
+        // Section for prefixes part increment
+        if (prefixesPartIncrement.length) {
+            const partIncrementSection = document.createElement("section");
+            partIncrementSection.classList.add("aa-Source");
+
+            const partIncrementHeaderHtml = this.templates.partIncrementHeader({
+                title: partIncrementHeader,
+                html: String.raw,
+            });
+            partIncrementSection.innerHTML += partIncrementHeaderHtml;
+
+            const partIncrementList = document.createElement("ul");
+            partIncrementList.classList.add("aa-List");
+            partIncrementList.setAttribute("role", "listbox");
+
+            prefixesPartIncrement.forEach((prefix) => {
+                const itemHTML = this.templates.item({
+                    suggestion: prefix.title,
+                    description: prefix.description,
+                    html: String.raw,
+                });
+                partIncrementList.innerHTML += itemHTML;
+            });
+
+            partIncrementSection.appendChild(partIncrementList);
+            panelLayout.appendChild(partIncrementSection);
+        }
+
+        // Section for common prefixes
+        if (commonPrefixes.length) {
+            const commonSection = document.createElement("section");
+            commonSection.classList.add("aa-Source");
+
+            const commonSectionHeader = this.templates.commonSectionHeader({
+                title: commonHeader,
+                html: String.raw,
+            });
+            commonSection.innerHTML += commonSectionHeader;
+
+            const commonList = document.createElement("ul");
+            commonList.classList.add("aa-List");
+            commonList.setAttribute("role", "listbox");
+
+            commonPrefixes.forEach((prefix) => {
+                const itemHTML = this.templates.item({
+                    suggestion: prefix.title,
+                    description: prefix.description,
+                    html: String.raw,
+                });
+                commonList.innerHTML += itemHTML;
+            });
+
+            commonSection.appendChild(commonList);
+            panelLayout.appendChild(commonSection);
+        }
+
+        panel.appendChild(panelLayout);
+        inputField.parentNode.appendChild(panel);
+
+        inputField.addEventListener("focus", () => {
+            panel.style.display = "block";
+        });
+
+        inputField.addEventListener("blur", () => {
+            setTimeout(() => {
+                panel.style.display = "none";
+            }, 100);
+        });
+
+        // Selection of an item
+        panelLayout.addEventListener("mousedown", (event) => {
+            const target = event.target.closest("li");
+
+            if (target) {
+                inputField.value = target.dataset.suggestion;
+                panel.style.display = "none";
+            }
+        });
+
+        this.isPanelInitialized = true;
+    };
+
+    watchCategoryChanges() {
+        const categoryField = document.querySelector('[data-ipn-suggestion="categoryField"]');
+        const descriptionField = document.querySelector('[data-ipn-suggestion="descriptionField"]');
+        this.previousCategoryId = Number(this.partCategoryIdValue);
+
+        if (categoryField) {
+            categoryField.addEventListener("change", () => {
+                const categoryId = Number(categoryField.value);
+                const description = String(descriptionField?.value ?? '');
+
+                // Check whether the category has changed compared to the previous ID
+                if (categoryId !== this.previousCategoryId) {
+                    this.fetchNewSuggestions(categoryId, description);
+                    this.previousCategoryId = categoryId;
+                }
+            });
+        }
+    }
+
+    watchDescriptionChanges() {
+        const categoryField = document.querySelector('[data-ipn-suggestion="categoryField"]');
+        const descriptionField = document.querySelector('[data-ipn-suggestion="descriptionField"]');
+        this.previousDescription = String(this.partDescriptionValue);
+
+        if (descriptionField) {
+            descriptionField.addEventListener("input", () => {
+                const categoryId = Number(categoryField.value);
+                const description = String(descriptionField?.value ?? '');
+
+                // Check whether the description has changed compared to the previous one
+                if (description !== this.previousDescription) {
+                    this.fetchNewSuggestions(categoryId, description);
+                    this.previousDescription = description;
+                }
+            });
+        }
+    }
+
+    fetchNewSuggestions(categoryId, description) {
+        const baseUrl = this.suggestUrlValue;
+        const partId = this.partIdValue;
+        const truncatedDescription = description.length > 150 ? description.substring(0, 150) : description;
+        const encodedDescription = this.base64EncodeUtf8(truncatedDescription);
+        const url = `${baseUrl}?partId=${partId}&categoryId=${categoryId}` + (description !== '' ? `&description=${encodedDescription}` : '');
+
+        fetch(url, {
+            method: "GET",
+            headers: {
+                "Content-Type": "application/json",
+                "Accept": "application/json",
+            },
+        })
+            .then((response) => {
+                if (!response.ok) {
+                    throw new Error(`Error when calling up the IPN-suggestions: ${response.status}`);
+                }
+                return response.json();
+            })
+            .then((data) => {
+                this.suggestionsValue = data;
+                this.configureAutocomplete();
+            })
+            .catch((error) => {
+                console.error("Errors when loading the new IPN-suggestions:", error);
+            });
+    };
+
+    base64EncodeUtf8(text) {
+        const utf8Bytes = new TextEncoder().encode(text);
+        return btoa(String.fromCharCode(...utf8Bytes));
+    };
+}
--- a/assets/controllers/elements/nonprintable_char_input_controller.js
+++ b/assets/controllers/elements/nonprintable_char_input_controller.js
@@ -0,0 +1,106 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2026 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+/**
+ * Purpose of this controller is to allow users to input non-printable characters like EOT, FS, etc. in a form field and submit them correctly with the form.
+ * The visible input field encodes non-printable characters via their Unicode Control picture representation, e.g. \n becomes ␊ and \t becomes ␉, so that they can be displayed in the input field without breaking the form submission.
+ * The actual value of the field, which is submitted with the form, is stored in a hidden input and contains the non-printable characters in their original form.
+ */
+export default class extends Controller {
+
+    _hiddenInput;
+
+    connect() {
+        this.element.addEventListener("input", this._update.bind(this));
+
+        // We use a hidden input to store the actual value of the field, which is submitted with the form.
+        // The visible input is just for user interaction and can contain non-printable characters, which are not allowed in the hidden input.
+        this._hiddenInput = document.createElement("input");
+        this._hiddenInput.type = "hidden";
+        this._hiddenInput.name = this.element.name;
+        this.element.removeAttribute("name");
+        this.element.parentNode.insertBefore(this._hiddenInput, this.element.nextSibling);
+
+        this.element.addEventListener("keypress", this._onKeyPress.bind(this));
+    }
+
+    /**
+     * Ensures that non-printable characters like EOT, FS, etc. gets added to the input value when the user types them
+     * @param event
+     * @private
+     */
+    _onKeyPress(event) {
+        const ALLOWED_INPUT_CODES = [4, 28, 29, 30, 31]; //EOT, FS, GS, RS, US
+
+        if (!ALLOWED_INPUT_CODES.includes(event.keyCode)) {
+            return;
+        }
+
+        event.preventDefault();
+
+        const char = String.fromCharCode(event.keyCode);
+        this.element.value += char;
+
+        this._update();
+
+
+    }
+
+    _update() {
+        //Chrome workaround: Remove a leading ∠ character (U+2220) that appears when the user types a non-printable character at the beginning of the input field.
+        if (this.element.value.startsWith("∠")) {
+            this.element.value = this.element.value.substring(1);
+        }
+
+        // Remove non-printable characters from the input value and store them in the hidden input
+        const normalizedValue = this.decodeNonPrintableChars(this.element.value);
+        this._hiddenInput.value = normalizedValue;
+
+        // Encode non-printable characters in the visible input to their Unicode Control picture representation
+        const encodedValue = this.encodeNonPrintableChars(normalizedValue);
+        if (encodedValue !== this.element.value) {
+            this.element.value = encodedValue;
+        }
+    }
+
+    /**
+     * Encodes non-printable characters in the given string via their Unicode Control picture representation, e.g. \n becomes ␊ and \t becomes ␉.
+     * This allows us to display non-printable characters in the input field without breaking the form submission.
+     * @param str
+     */
+    encodeNonPrintableChars(str) {
+        return str.replace(/[\x00-\x1F\x7F]/g, (char) => {
+            const code = char.charCodeAt(0);
+            return String.fromCharCode(0x2400 + code);
+        });
+    }
+
+    /**
+     * Decodes the Unicode Control picture representation of non-printable characters back to their original form, e.g. ␊ becomes \n and ␉ becomes \t.
+     * @param str
+     */
+    decodeNonPrintableChars(str) {
+        return str.replace(/[\u2400-\u241F\u2421]/g, (char) => {
+            const code = char.charCodeAt(0) - 0x2400;
+            return String.fromCharCode(code);
+        });
+    }
+}
--- a/assets/controllers/elements/part_search_controller.js
+++ b/assets/controllers/elements/part_search_controller.js
@@ -26,9 +26,6 @@ import {marked} from "marked";

 import {
    trans,
-    SEARCH_PLACEHOLDER,
-    SEARCH_SUBMIT,
-    STATISTICS_PARTS
 } from '../../translator';


@@ -82,9 +79,9 @@ export default class extends Controller {
            panelPlacement: this.element.dataset.panelPlacement,
            plugins: [recentSearchesPlugin],
            openOnFocus: true,
-            placeholder: trans(SEARCH_PLACEHOLDER),
+            placeholder: trans("search.placeholder"),
            translations: {
-                submitButtonTitle: trans(SEARCH_SUBMIT)
+                submitButtonTitle: trans("search.submit")
            },

            // Use a navigator compatible with turbo:
@@ -153,7 +150,7 @@ export default class extends Controller {
                        },
                        templates: {
                            header({ html }) {
-                                return html`<span class="aa-SourceHeaderTitle">${trans(STATISTICS_PARTS)}</span>
+                                return html`<span class="aa-SourceHeaderTitle">${trans("part.labelp")}</span>
                                    <div class="aa-SourceHeaderLine" />`;
                            },
                            item({item, components, html}) {
@@ -186,5 +183,15 @@ export default class extends Controller {
                ];
            },
        });
+
+        //Try to find the input field and register a defocus handler. This is necessarry, as by default the autocomplete
+        //lib has problems when multiple inputs are present on the page. (see https://github.com/algolia/autocomplete/issues/1216)
+        const inputs = this.element.getElementsByClassName('aa-Input');
+        for (const input of inputs) {
+            input.addEventListener('blur', () => {
+                this._autocomplete.setIsOpen(false);
+            });
+        }
+
    }
-}
+}
--- a/assets/controllers/elements/part_select_controller.js
+++ b/assets/controllers/elements/part_select_controller.js
@@ -10,12 +10,19 @@ export default class extends Controller {

    connect() {

+        //Check if tomselect is inside an modal and do not attach the dropdown to body in that case (as it breaks the modal)
+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }
+
        let settings = {
            allowEmptyOption: true,
-            plugins: ['dropdown_input'],
+            plugins: ['dropdown_input', this.element.required ? null : 'clear_button'],
            searchField: ["name", "description", "category", "footprint"],
            valueField: "id",
            labelField: "name",
+            dropdownParent: dropdownParent,
            preload: "focus",
            render: {
                item: (data, escape) => {
@@ -71,4 +78,4 @@ export default class extends Controller {
        //Destroy the TomSelect instance
        this._tomSelect.destroy();
    }
-}
+}
--- a/assets/controllers/elements/password_strength_estimate_controller.js
+++ b/assets/controllers/elements/password_strength_estimate_controller.js
@@ -25,8 +25,7 @@ import * as zxcvbnEnPackage from '@zxcvbn-ts/language-en';
 import * as zxcvbnDePackage from '@zxcvbn-ts/language-de';
 import * as zxcvbnFrPackage from '@zxcvbn-ts/language-fr';
 import * as zxcvbnJaPackage from '@zxcvbn-ts/language-ja';
-import {trans, USER_PASSWORD_STRENGTH_VERY_WEAK, USER_PASSWORD_STRENGTH_WEAK, USER_PASSWORD_STRENGTH_MEDIUM,
-    USER_PASSWORD_STRENGTH_STRONG, USER_PASSWORD_STRENGTH_VERY_STRONG} from '../../translator.js';
+import {trans} from '../../translator.js';

 /* stimulusFetch: 'lazy' */
 export default class extends Controller {
@@ -89,23 +88,23 @@ export default class extends Controller {

        switch (level) {
            case 0:
-                text = trans(USER_PASSWORD_STRENGTH_VERY_WEAK);
+                text = trans("user.password_strength.very_weak");
                classes = "bg-danger badge-danger";
                break;
            case 1:
-                text = trans(USER_PASSWORD_STRENGTH_WEAK);
+                text = trans("user.password_strength.weak");
                classes = "bg-warning badge-warning";
                break;
            case 2:
-                text = trans(USER_PASSWORD_STRENGTH_MEDIUM)
+                text = trans("user.password_strength.medium");
                classes = "bg-info badge-info";
                break;
            case 3:
-                text = trans(USER_PASSWORD_STRENGTH_STRONG);
+                text = trans("user.password_strength.strong");
                classes = "bg-primary badge-primary";
                break;
            case 4:
-                text = trans(USER_PASSWORD_STRENGTH_VERY_STRONG);
+                text = trans("user.password_strength.very_strong");
                classes = "bg-success badge-success";
                break;
            default:
@@ -120,4 +119,4 @@ export default class extends Controller {
        this.badgeTarget.classList.add("badge");
        this.badgeTarget.classList.add(...classes.split(" "));
    }
-}
+}
--- a/assets/controllers/elements/select_controller.js
+++ b/assets/controllers/elements/select_controller.js
@@ -38,11 +38,17 @@ export default class extends Controller {
            this._emptyMessage = this.element.getAttribute('title');
        }

+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }

        let settings = {
+            plugins: ["clear_button"],
            allowEmptyOption: true,
            selectOnTab: true,
            maxOptions: null,
+            dropdownParent: dropdownParent,

            render: {
                item: this.renderItem.bind(this),
@@ -50,7 +56,24 @@ export default class extends Controller {
            }
        };

+        //Load the drag_drop plugin if the select is ordered
+        if (this.element.dataset.orderedValue) {
+            settings.plugins.push('drag_drop');
+            settings.plugins.push("caret_position");
+        }
+
+        //If multiple items can be selected, enable the remove_button plugin
+        if (this.element.multiple) {
+            settings.plugins.push('remove_button');
+        }
+
        this._tomSelect = new TomSelect(this.element, settings);
+
+        //If the select is ordered, we need to update the value field (with the decoded value from the orderedValue field)
+        if (this.element.dataset.orderedValue) {
+            const data = JSON.parse(this.element.dataset.orderedValue);
+            this._tomSelect.setValue(data);
+        }
    }

    getTomSelect() {
@@ -90,4 +113,4 @@ export default class extends Controller {
        //Destroy the TomSelect instance
        this._tomSelect.destroy();
    }
-}
+}
--- a/assets/controllers/elements/select_multiple_controller.js
+++ b/assets/controllers/elements/select_multiple_controller.js
@@ -20,13 +20,21 @@
 import {Controller} from "@hotwired/stimulus";
 import TomSelect from "tom-select";

+// TODO: Merge with select_controller.js
+
 export default class extends Controller {
    _tomSelect;

    connect() {
+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }
+
        this._tomSelect = new TomSelect(this.element, {
            maxItems: 1000,
            allowEmptyOption: true,
+            dropdownParent: dropdownParent,
            plugins: ['remove_button'],
        });
    }
@@ -37,4 +45,4 @@ export default class extends Controller {
        this._tomSelect.destroy();
    }

-}
+}
--- a/assets/controllers/elements/static_file_autocomplete_controller.js
+++ b/assets/controllers/elements/static_file_autocomplete_controller.js
@@ -23,6 +23,12 @@ import "tom-select/dist/css/tom-select.bootstrap5.css";
 import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";

+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 /**
 * This is the frontend controller for StaticFileAutocompleteType form element.
 * Basically it loads a text file from the given url (via data-url) and uses it as a source for the autocomplete.
@@ -34,6 +40,11 @@ export default class extends Controller {

    connect() {

+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }
+
        let settings = {
            persistent: false,
            create: true,
@@ -44,9 +55,16 @@ export default class extends Controller {
            valueField: 'text',
            searchField: 'text',
            orderField: 'text',
+            dropdownParent: dropdownParent,

            //This a an ugly solution to disable the delimiter parsing of the TomSelect plugin
-            delimiter: 'VERY_L0NG_D€LIMITER_WHICH_WILL_NEVER_BE_ENCOUNTERED_IN_A_STRING'
+            delimiter: 'VERY_L0NG_D€LIMITER_WHICH_WILL_NEVER_BE_ENCOUNTERED_IN_A_STRING',
+            plugins: {
+                'autoselect_typed': {},
+                'click_to_edit': {},
+                'clear_button': {},
+                'restore_on_backspace': {}
+            }
        };

        if (this.element.dataset.url) {
--- a/assets/controllers/elements/structural_entity_select_controller.js
+++ b/assets/controllers/elements/structural_entity_select_controller.js
@@ -22,8 +22,10 @@ import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";
 import {Controller} from "@hotwired/stimulus";

-import {trans, ENTITY_SELECT_GROUP_NEW_NOT_ADDED_TO_DB} from '../../translator.js'
+import {trans} from '../../translator.js'

+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)

 export default class extends Controller {
    _tomSelect;
@@ -38,16 +40,24 @@ export default class extends Controller {
        const allowAdd = this.element.getAttribute("data-allow-add") === "true";
        const addHint = this.element.getAttribute("data-add-hint") ?? "";

+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }
+
+
        let settings = {
            allowEmptyOption: true,
            selectOnTab: true,
            maxOptions: null,
            create: allowAdd ? this.createItem.bind(this) : false,
+            createFilter: this.createFilter.bind(this),

            // This three options allow us to paste element names with commas: (see issue #538)
            maxItems: 1,
            delimiter: "$$VERY_LONG_DELIMITER_THAT_SHOULD_NEVER_APPEAR$$",
            splitOn: null,
+            dropdownParent: dropdownParent,

            searchField: [
                {field: "text", weight : 2},
@@ -58,7 +68,21 @@ export default class extends Controller {
            render: {
                item: this.renderItem.bind(this),
                option: this.renderOption.bind(this),
-                option_create: function(data, escape) {
+                option_create: (data, escape)  => {
+                    //If the input starts with "->", we prepend the current selected value, for easier extension of existing values
+                    //This here handles the display part, while the createItem function handles the actual creation
+                    if (data.input.startsWith("->")) {
+                        //Get current selected value
+                        const current = this._tomSelect.getItem(this._tomSelect.getValue()).textContent.replaceAll("→", "->").trim();
+                        //Prepend it to the input
+                        if (current) {
+                            data.input = current + " " + data.input;
+                        } else {
+                            //If there is no current value, we remove the "->"
+                            data.input = data.input.substring(2);
+                        }
+                    }
+
                    return '<div class="create"><i class="fa-solid fa-plus fa-fw"></i>&nbsp;<strong>' + escape(data.input) + '</strong>&hellip;&nbsp;' +
                        '<small class="text-muted float-end">(' + addHint +')</small>' +
                        '</div>';
@@ -68,14 +92,39 @@ export default class extends Controller {
            //Add callbacks to update validity
            onInitialize: this.updateValidity.bind(this),
            onChange: this.updateValidity.bind(this),
+
+            plugins: {
+                "autoselect_typed": {},
+            }
        };

+        //Add clear button plugin, if an empty option is present
+        if (this.element.querySelector("option[value='']") !== null) {
+            settings.plugins["clear_button"] = {};
+        }
+
        this._tomSelect = new TomSelect(this.element, settings);
        //Do not do a sync here as this breaks the initial rendering of the empty option
        //this._tomSelect.sync();
    }

    createItem(input, callback) {
+
+        //If the input starts with "->", we prepend the current selected value, for easier extension of existing values
+        if (input.startsWith("->")) {
+            //Get current selected value
+            let current = this._tomSelect.getItem(this._tomSelect.getValue()).textContent.replaceAll("→", "->").trim();
+            //Replace no break spaces with normal spaces
+            current = current.replaceAll("\u00A0", " ");
+            //Prepend it to the input
+            if (current) {
+                input = current + " " + input;
+            } else {
+                //If there is no current value, we remove the "->"
+                input = input.substring(2);
+            }
+        }
+
        callback({
            //$%$ is a special value prefix, that is used to identify items, that are not yet in the DB
            value: '$%$' + input,
@@ -84,6 +133,31 @@ export default class extends Controller {
        });
    }

+    createFilter(input) {
+
+        //Normalize the input (replace spacing around arrows)
+        if (input.includes("->")) {
+            const inputs = input.split("->");
+            inputs.forEach((value, index) => {
+                inputs[index] = value.trim();
+            });
+            input = inputs.join("->");
+        } else {
+            input = input.trim();
+        }
+
+        const options = this._tomSelect.options;
+        //Iterate over all options and check if the input is already present
+        for (let index in options) {
+            const option = options[index];
+            if (option.path === input) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+

    updateValidity() {
        //Mark this input as invalid, if the selected option is disabled
@@ -130,7 +204,7 @@ export default class extends Controller {

        if (data.not_in_db_yet) {
            //Not yet added items are shown italic and with a badge
-            name += "<i><b>" + escape(data.text) + "</b></i>" + "<span class='ms-3 badge bg-info badge-info'>" + trans(ENTITY_SELECT_GROUP_NEW_NOT_ADDED_TO_DB) + "</span>";
+            name += "<i><b>" + escape(data.text) + "</b></i>" + "<span class='ms-3 badge bg-info badge-info'>" + trans("entity.select.group.new_not_added_to_DB") + "</span>";
        } else {
            name += "<b>" + escape(data.text) + "</b>";
        }
--- a/assets/controllers/elements/tagsinput_controller.js
+++ b/assets/controllers/elements/tagsinput_controller.js
@@ -23,19 +23,32 @@ import "tom-select/dist/css/tom-select.bootstrap5.css";
 import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";

+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 export default class extends Controller {
    _tomSelect;

    connect() {
+        let dropdownParent = "body";
+        if (this.element.closest('.modal')) {
+            dropdownParent = null
+        }
+
        let settings = {
            plugins: {
-                remove_button:{
-                }
+                remove_button:{},
+                'autoselect_typed': {},
+                'click_to_edit': {},
            },
            persistent: false,
            selectOnTab: true,
            createOnBlur: true,
            create: true,
+            dropdownParent: dropdownParent,
        };

        if(this.element.dataset.autocomplete) {
@@ -66,4 +79,4 @@ export default class extends Controller {
        //Destroy the TomSelect instance
        this._tomSelect.destroy();
    }
-}
+}
--- a/assets/controllers/field_mapping_controller.js
+++ b/assets/controllers/field_mapping_controller.js
@@ -0,0 +1,136 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+    static targets = ["tbody", "addButton", "submitButton"]
+    static values = { 
+        mappingIndex: Number,
+        maxMappings: Number,
+        prototype: String,
+        maxMappingsReachedMessage: String
+    }
+
+    connect() {
+        this.updateAddButtonState()
+        this.updateFieldOptions()
+        this.attachEventListeners()
+    }
+
+    attachEventListeners() {
+        // Add event listeners to existing field selects
+        const fieldSelects = this.tbodyTarget.querySelectorAll('select[name*="[field]"]')
+        fieldSelects.forEach(select => {
+            select.addEventListener('change', this.updateFieldOptions.bind(this))
+        })
+
+        // Note: Add button click is handled by Stimulus action in template (data-action="click->field-mapping#addMapping")
+        // No manual event listener needed
+
+        // Form submit handler
+        const form = this.element.querySelector('form')
+        if (form && this.hasSubmitButtonTarget) {
+            form.addEventListener('submit', this.handleFormSubmit.bind(this))
+        }
+    }
+
+    addMapping() {
+        const currentMappings = this.tbodyTarget.querySelectorAll('.mapping-row').length
+
+        if (currentMappings >= this.maxMappingsValue) {
+            alert(this.maxMappingsReachedMessageValue)
+            return
+        }
+
+        const newRowHtml = this.prototypeValue.replace(/__name__/g, this.mappingIndexValue)
+        const tempDiv = document.createElement('div')
+        tempDiv.innerHTML = newRowHtml
+
+        const fieldWidget = tempDiv.querySelector('select[name*="[field]"]') || tempDiv.children[0]
+        const providerWidget = tempDiv.querySelector('select[name*="[providers]"]') || tempDiv.children[1]
+        const priorityWidget = tempDiv.querySelector('input[name*="[priority]"]') || tempDiv.children[2]
+
+        const newRow = document.createElement('tr')
+        newRow.className = 'mapping-row'
+        newRow.innerHTML = `
+            <td>${fieldWidget ? fieldWidget.outerHTML : ''}</td>
+            <td>${providerWidget ? providerWidget.outerHTML : ''}</td>
+            <td>${priorityWidget ? priorityWidget.outerHTML : ''}</td>
+            <td>
+                <button type="button" class="btn btn-danger btn-sm" data-action="click->field-mapping#removeMapping">
+                    <i class="fas fa-trash"></i>
+                </button>
+            </td>
+        `
+
+        this.tbodyTarget.appendChild(newRow)
+        this.mappingIndexValue++
+
+        const newFieldSelect = newRow.querySelector('select[name*="[field]"]')
+        if (newFieldSelect) {
+            newFieldSelect.value = ''
+            newFieldSelect.addEventListener('change', this.updateFieldOptions.bind(this))
+        }
+
+        this.updateFieldOptions()
+        this.updateAddButtonState()
+    }
+
+    removeMapping(event) {
+        const row = event.target.closest('tr')
+        row.remove()
+        this.updateFieldOptions()
+        this.updateAddButtonState()
+    }
+
+    updateFieldOptions() {
+        const fieldSelects = this.tbodyTarget.querySelectorAll('select[name*="[field]"]')
+        
+        const selectedFields = Array.from(fieldSelects)
+            .map(select => select.value)
+            .filter(value => value && value !== '')
+        
+        fieldSelects.forEach(select => {
+            Array.from(select.options).forEach(option => {
+                const isCurrentValue = option.value === select.value
+                const isEmptyOption = !option.value || option.value === ''
+                const isAlreadySelected = selectedFields.includes(option.value)
+                
+                if (!isEmptyOption && isAlreadySelected && !isCurrentValue) {
+                    option.disabled = true
+                    option.style.display = 'none'
+                } else {
+                    option.disabled = false
+                    option.style.display = ''
+                }
+            })
+        })
+    }
+
+    updateAddButtonState() {
+        const currentMappings = this.tbodyTarget.querySelectorAll('.mapping-row').length
+        
+        if (this.hasAddButtonTarget) {
+            if (currentMappings >= this.maxMappingsValue) {
+                this.addButtonTarget.disabled = true
+                this.addButtonTarget.title = this.maxMappingsReachedMessageValue
+            } else {
+                this.addButtonTarget.disabled = false
+                this.addButtonTarget.title = ''
+            }
+        }
+    }
+
+    handleFormSubmit(event) {
+        if (this.hasSubmitButtonTarget) {
+            this.submitButtonTarget.disabled = true
+            
+            // Disable the entire form to prevent changes during processing
+            const form = event.target
+            const formElements = form.querySelectorAll('input, select, textarea, button')
+            formElements.forEach(element => {
+                if (element !== this.submitButtonTarget) {
+                    element.disabled = true
+                }
+            })
+        }
+    }
+}
--- a/assets/controllers/helpers/form_cleanup_controller.js
+++ b/assets/controllers/helpers/form_cleanup_controller.js
@@ -62,6 +62,6 @@ export default class extends Controller {
            element.disabled = true;
        }

-        form.submit();
+        form.requestSubmit();
    }
-}
+}
--- a/assets/controllers/helpers/scan_special_char_controller.js
+++ b/assets/controllers/helpers/scan_special_char_controller.js
@@ -0,0 +1,136 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2026 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import { Controller } from "@hotwired/stimulus"
+
+/**
+ * This controller listens for a special non-printable character (SOH / ASCII 1) to be entered anywhere on the page,
+ * which is then used as a trigger to submit the following characters as a barcode / scan input.
+ */
+export default class extends Controller {
+    connect() {
+        // Optional: Log to confirm global attachment
+        console.log("Scanner listener active")
+
+        this.isCapturing = false
+        this.buffer = ""
+
+        window.addEventListener("keypress", this.handleKeydown.bind(this))
+    }
+
+    initialize() {
+        this.isCapturing = false
+        this.buffer = ""
+        this.timeoutId = null
+    }
+
+    handleKeydown(event) {
+
+        // Ignore if the user is typing in a form field
+        const isInput = ["INPUT", "TEXTAREA", "SELECT"].includes(event.target.tagName) ||
+            event.target.isContentEditable;
+        if (isInput) return
+
+        // 1. Detect Start of Header (SOH / Ctrl+A)
+        if (event.key === "\x01" || event.keyCode === 1) {
+            this.startCapturing(event)
+            return
+        }
+
+        // 2. Process characters if in capture mode
+        if (this.isCapturing) {
+            this.resetTimeout() // Push the expiration back with every keypress
+
+            if (event.key === "Enter" || event.keyCode === 13) {
+
+                this.finishCapturing(event)
+            } else if (event.key.length === 1) {
+                this.buffer += event.key
+            }
+        }
+    }
+
+    startCapturing(event) {
+        this.isCapturing = true
+        this.buffer = ""
+        this.resetTimeout()
+        event.preventDefault()
+        console.debug("Scan character detected. Capture started...")
+    }
+
+    finishCapturing(event) {
+        event.preventDefault()
+        const data = this.buffer;
+        this.stopCapturing()
+        this.processCapture(data)
+    }
+
+    stopCapturing() {
+        this.isCapturing = false
+        this.buffer = ""
+        if (this.timeoutId) clearTimeout(this.timeoutId)
+        console.debug("Capture cleared/finished.")
+    }
+
+    resetTimeout() {
+        if (this.timeoutId) clearTimeout(this.timeoutId)
+
+        this.timeoutId = setTimeout(() => {
+            if (this.isCapturing) {
+                console.warn("Capture timed out. Resetting buffer.")
+                this.stopCapturing()
+            }
+        }, 500)
+    }
+
+    processCapture(data) {
+        if (!data) return
+
+        console.debug("Captured scan data: " + data)
+
+        const scanInput = document.getElementById("scan_dialog_input");
+        if (scanInput) { //When we are on the scan dialog page, submit the form there
+            this._submitScanForm(data);
+        } else {  //Otherwise use our own form (e.g. on the part list page)
+            this.element.querySelector("input[name='input']").value = data;
+            this.element.requestSubmit();
+        }
+
+
+    }
+
+    _submitScanForm(data) {
+        const scanInput = document.getElementById("scan_dialog_input");
+        if (!scanInput) {
+            console.error("Scan input field not found!")
+            return;
+        }
+
+        scanInput.value = data;
+        scanInput.dispatchEvent(new Event('input', { bubbles: true }));
+
+        const form = document.getElementById("scan_dialog_form");
+        if (!form) {
+            console.error("Scan form not found!")
+            return;
+        }
+
+        form.requestSubmit();
+    }
+}
--- a/assets/controllers/pages/barcode_scan_controller.js
+++ b/assets/controllers/pages/barcode_scan_controller.js
@@ -20,18 +20,32 @@
 import {Controller} from "@hotwired/stimulus";
 //import * as ZXing from "@zxing/library";

-import {Html5QrcodeScanner, Html5Qrcode} from "html5-qrcode";
+import {Html5QrcodeScanner, Html5Qrcode} from "@part-db/html5-qrcode";
+import { generateCsrfToken, generateCsrfHeaders } from "../csrf_protection_controller";

 /* stimulusFetch: 'lazy' */
+
 export default class extends Controller {
-
-    //codeReader = null;
-
    _scanner = null;
-
+    _submitting = false;
+    _lastDecodedText = "";
+    _onInfoChange = null;

    connect() {
-        console.log('Init Scanner');
+
+        // Prevent double init if connect fires twice
+        if (this._scanner) return;
+
+        // clear last decoded barcode when state changes on info box
+        const info = document.getElementById("scan_dialog_info_mode");
+        if (info) {
+            this._onInfoChange = () => {
+                this._lastDecodedText = "";
+            };
+            info.addEventListener("change", this._onInfoChange);
+        }
+
+        const isMobile = window.matchMedia("(max-width: 768px)").matches;

        //This function ensures, that the qrbox is 70% of the total viewport
        let qrboxFunction = function(viewfinderWidth, viewfinderHeight) {
@@ -45,26 +59,67 @@ export default class extends Controller {
        }

        //Try to get the number of cameras. If the number is 0, then the promise will fail, and we show the warning dialog
-        Html5Qrcode.getCameras().catch((devices) => {
-                document.getElementById('scanner-warning').classList.remove('d-none');
+        Html5Qrcode.getCameras().catch(() => {
+            document.getElementById("scanner-warning")?.classList.remove("d-none");
        });

        this._scanner = new Html5QrcodeScanner(this.element.id, {
-            fps: 2,
+            fps: 10,
            qrbox: qrboxFunction,
+            // Key change: shrink preview height on mobile
+            ...(isMobile ? { aspectRatio: 1.0 } : {}),
            experimentalFeatures: {
                //This option improves reading quality on android chrome
-                useBarCodeDetectorIfSupported: true
-            }
+                useBarCodeDetectorIfSupported: true,
+            },
        }, false);

        this._scanner.render(this.onScanSuccess.bind(this));
    }

-    onScanSuccess(decodedText, decodedResult) {
-        //Put our decoded Text into the input box
-        document.getElementById('scan_dialog_input').value = decodedText;
-        //Submit form
-        document.getElementById('scan_dialog_form').submit();
+    disconnect() {
+
+        // If we already stopped/cleared before submit, nothing to do.
+        const scanner = this._scanner;
+        this._scanner = null;
+        this._lastDecodedText = "";
+
+        // Unbind info-mode change handler (always do this, even if scanner is null)
+        const info = document.getElementById("scan_dialog_info_mode");
+        if (info && this._onInfoChange) {
+            info.removeEventListener("change", this._onInfoChange);
+        }
+        this._onInfoChange = null;
+
+        if (!scanner) return;
+
+        try {
+            const p = scanner.clear?.();
+            if (p && typeof p.then === "function") p.catch(() => {});
+        } catch (_) {
+            // ignore
+        }
    }
-}
+
+
+    onScanSuccess(decodedText) {
+        if (!decodedText) return;
+
+        const normalized = String(decodedText).trim();
+        if (!normalized) return;
+
+        // scan once per barcode
+        if (normalized === this._lastDecodedText) return;
+
+        // Mark as handled immediately (prevents spam even if callback fires repeatedly)
+        this._lastDecodedText = normalized;
+
+        const input = document.getElementById('scan_dialog_input');
+        input.value = decodedText;
+        //Trigger nonprintable char input controller to update the hidden input value
+        input.dispatchEvent(new Event('input', { bubbles: true }));
+
+        //Submit form
+        document.getElementById('scan_dialog_form').requestSubmit();
+    }
+}
--- a/assets/controllers/pages/latex_preview_controller.js
+++ b/assets/controllers/pages/latex_preview_controller.js
@@ -25,9 +25,23 @@ import "katex/dist/katex.css";
 export default class extends Controller {
    static targets = ["input", "preview"];

+    static values = {
+        unit: {type: Boolean, default: false} //Render as upstanding (non-italic) text, useful for units
+    }
+
    updatePreview()
    {
-        katex.render(this.inputTarget.value, this.previewTarget, {
+        let value = "";
+        if (this.unitValue) {
+            //Escape percentage signs
+            value = this.inputTarget.value.replace(/%/g, '\\%');
+
+            value = "\\mathrm{" + value + "}";
+        } else {
+            value = this.inputTarget.value;
+        }
+
+        katex.render(value, this.previewTarget, {
            throwOnError: false,
        });
    }
--- a/assets/controllers/pages/parameters_autocomplete_controller.js
+++ b/assets/controllers/pages/parameters_autocomplete_controller.js
@@ -22,6 +22,13 @@ import TomSelect from "tom-select";
 import katex from "katex";
 import "katex/dist/katex.css";

+
+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 /* stimulusFetch: 'lazy' */
 export default class extends Controller
 {
@@ -53,7 +60,10 @@ export default class extends Controller
    connect() {
        const settings = {
            plugins: {
-                clear_button:{}
+                'autoselect_typed': {},
+                'click_to_edit': {},
+                'clear_button': {},
+                'restore_on_backspace': {}
            },
            persistent: false,
            maxItems: 1,
@@ -75,7 +85,9 @@ export default class extends Controller
                        tmp += '<span>' + katex.renderToString(data.symbol) + '</span>'
                    }
                    if (data.unit) {
-                        tmp += '<span class="ms-2">' + katex.renderToString('[' + data.unit + ']') + '</span>'
+                        let unit  = data.unit.replace(/%/g, '\\%');
+                        unit = "\\mathrm{" + unit + "}";
+                        tmp += '<span class="ms-2">' + katex.renderToString('[' + unit + ']') + '</span>'
                    }


--- a/assets/controllers/pages/part_stocktake_modal_controller.js
+++ b/assets/controllers/pages/part_stocktake_modal_controller.js
@@ -0,0 +1,27 @@
+import {Controller} from "@hotwired/stimulus";
+import {Modal} from "bootstrap";
+
+export default class extends Controller
+{
+    connect() {
+        this.element.addEventListener('show.bs.modal', event => this._handleModalOpen(event));
+    }
+
+    _handleModalOpen(event) {
+        // Button that triggered the modal
+        const button = event.relatedTarget;
+
+        const amountInput = this.element.querySelector('input[name="amount"]');
+
+        // Extract info from button attributes
+        const lotID = button.getAttribute('data-lot-id');
+        const lotAmount = button.getAttribute('data-lot-amount');
+
+        //Find the expected amount field and set the value to the lot amount
+        const expectedAmountInput = this.element.querySelector('#stocktake-modal-expected-amount');
+        expectedAmountInput.textContent = lotAmount;
+
+        //Set the action and lotID inputs in the form
+        this.element.querySelector('input[name="lot_id"]').setAttribute('value', lotID);
+    }
+}
--- a/assets/controllers/pages/part_withdraw_modal_controller.js
+++ b/assets/controllers/pages/part_withdraw_modal_controller.js
@@ -5,6 +5,7 @@ export default class extends Controller
 {
    connect() {
        this.element.addEventListener('show.bs.modal', event => this._handleModalOpen(event));
+        this.element.addEventListener('shown.bs.modal', event => this._handleModalShown(event));
    }

    _handleModalOpen(event) {
@@ -61,4 +62,8 @@ export default class extends Controller
            amountInput.setAttribute('max', lotAmount);
        }
    }
+
+    _handleModalShown(event) {
+        this.element.querySelector('input[name="amount"]').focus();
+    }
 }
--- a/assets/controllers/pages/synonyms_collection_controller.js
+++ b/assets/controllers/pages/synonyms_collection_controller.js
@@ -0,0 +1,68 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2022 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import { Controller } from '@hotwired/stimulus';
+
+export default class extends Controller {
+    static targets = ['items'];
+    static values = {
+        prototype: String,
+        prototypeName: { type: String, default: '__name__' },
+        index: { type: Number, default: 0 },
+    };
+
+    connect() {
+        if (!this.hasIndexValue || Number.isNaN(this.indexValue)) {
+            this.indexValue = this.itemsTarget?.children.length || 0;
+        }
+    }
+
+    add(event) {
+        event.preventDefault();
+
+        const encodedProto = this.prototypeValue || '';
+        const placeholder = this.prototypeNameValue || '__name__';
+        if (!encodedProto || !this.itemsTarget) return;
+
+        const protoHtml = this._decodeHtmlAttribute(encodedProto);
+
+        const idx = this.indexValue;
+        const html = protoHtml.replace(new RegExp(placeholder, 'g'), String(idx));
+
+        const wrapper = document.createElement('div');
+        wrapper.innerHTML = html;
+        const newItem = wrapper.firstElementChild;
+        if (newItem) {
+            this.itemsTarget.appendChild(newItem);
+            this.indexValue = idx + 1;
+        }
+    }
+
+    remove(event) {
+        event.preventDefault();
+        const row = event.currentTarget.closest('.tc-item');
+        if (row) row.remove();
+    }
+
+    _decodeHtmlAttribute(str) {
+        const tmp = document.createElement('textarea');
+        tmp.innerHTML = str;
+        return tmp.value || tmp.textContent || '';
+    }
+}
--- a/assets/controllers/toggle_password_controller.js
+++ b/assets/controllers/toggle_password_controller.js
@@ -0,0 +1,86 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import { Controller } from '@hotwired/stimulus';
+import '../css/components/toggle_password.css';
+
+export default class extends Controller {
+    static values = {
+        visibleLabel: { type: String, default: 'Show' },
+        visibleIcon: { type: String, default: 'Default' },
+        hiddenLabel: { type: String, default: 'Hide' },
+        hiddenIcon: { type: String, default: 'Default' },
+        buttonClasses: Array,
+    };
+
+    isDisplayed = false;
+    visibleIcon = `<svg xmlns="http://www.w3.org/2000/svg" class="toggle-password-icon" viewBox="0 0 20 20" fill="currentColor">
+<path d="M10 12a2 2 0 100-4 2 2 0 000 4z" />
+<path fill-rule="evenodd" d="M.458 10C1.732 5.943 5.522 3 10 3s8.268 2.943 9.542 7c-1.274 4.057-5.064 7-9.542 7S1.732 14.057.458 10zM14 10a4 4 0 11-8 0 4 4 0 018 0z" clip-rule="evenodd" />
+</svg>`;
+    hiddenIcon = `<svg xmlns="http://www.w3.org/2000/svg" class="toggle-password-icon" viewBox="0 0 20 20" fill="currentColor">
+<path fill-rule="evenodd" d="M3.707 2.293a1 1 0 00-1.414 1.414l14 14a1 1 0 001.414-1.414l-1.473-1.473A10.014 10.014 0 0019.542 10C18.268 5.943 14.478 3 10 3a9.958 9.958 0 00-4.512 1.074l-1.78-1.781zm4.261 4.26l1.514 1.515a2.003 2.003 0 012.45 2.45l1.514 1.514a4 4 0 00-5.478-5.478z" clip-rule="evenodd" />
+<path d="M12.454 16.697L9.75 13.992a4 4 0 01-3.742-3.741L2.335 6.578A9.98 9.98 0 00.458 10c1.274 4.057 5.065 7 9.542 7 .847 0 1.669-.105 2.454-.303z" />
+</svg>`;
+
+    connect() {
+        if (this.visibleIconValue !== 'Default') {
+            this.visibleIcon = this.visibleIconValue;
+        }
+
+        if (this.hiddenIconValue !== 'Default') {
+            this.hiddenIcon = this.hiddenIconValue;
+        }
+
+        const button = this.createButton();
+
+        this.element.insertAdjacentElement('afterend', button);
+        this.dispatchEvent('connect', { element: this.element, button });
+    }
+
+    /**
+     * @returns {HTMLButtonElement}
+     */
+    createButton() {
+        const button = document.createElement('button');
+        button.type = 'button';
+        button.classList.add(...this.buttonClassesValue);
+        button.setAttribute('tabindex', '-1');
+        button.addEventListener('click', this.toggle.bind(this));
+        button.innerHTML = `${this.visibleIcon} ${this.visibleLabelValue}`;
+        return button;
+    }
+
+    /**
+     * Toggle input type between "text" or "password" and update label accordingly
+     */
+    toggle(event) {
+        this.isDisplayed = !this.isDisplayed;
+        const toggleButtonElement = event.currentTarget;
+        toggleButtonElement.innerHTML = this.isDisplayed
+            ? `${this.hiddenIcon} ${this.hiddenLabelValue}`
+            : `${this.visibleIcon} ${this.visibleLabelValue}`;
+        this.element.setAttribute('type', this.isDisplayed ? 'text' : 'password');
+        this.dispatchEvent(this.isDisplayed ? 'show' : 'hide', { element: this.element, button: toggleButtonElement });
+    }
+
+    dispatchEvent(name, payload) {
+        this.dispatch(name, { detail: payload, prefix: 'toggle-password' });
+    }
+}
--- a/assets/controllers/update_confirm_controller.js
+++ b/assets/controllers/update_confirm_controller.js
@@ -0,0 +1,81 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import { Controller } from '@hotwired/stimulus';
+
+/**
+ * Stimulus controller for update/downgrade confirmation dialogs.
+ * Intercepts form submission and shows a confirmation dialog before proceeding.
+ */
+export default class extends Controller {
+    static values = {
+        isDowngrade: { type: Boolean, default: false },
+        targetVersion: { type: String, default: '' },
+        confirmUpdate: { type: String, default: 'Are you sure you want to update Part-DB?' },
+        confirmDowngrade: { type: String, default: 'Are you sure you want to downgrade Part-DB?' },
+        downgradeWarning: { type: String, default: 'WARNING: This version does not include the Update Manager.' },
+        minUpdateManagerVersion: { type: String, default: '2.6.0' },
+    };
+
+    connect() {
+        this.element.addEventListener('submit', this.handleSubmit.bind(this));
+    }
+
+    handleSubmit(event) {
+        // Always prevent default first
+        event.preventDefault();
+
+        const targetClean = this.targetVersionValue.replace(/^v/, '');
+        let message;
+
+        if (this.isDowngradeValue) {
+            // Check if downgrading to a version without Update Manager
+            if (this.compareVersions(targetClean, this.minUpdateManagerVersionValue) < 0) {
+                message = this.confirmDowngradeValue + '\n\n⚠️ ' + this.downgradeWarningValue;
+            } else {
+                message = this.confirmDowngradeValue;
+            }
+        } else {
+            message = this.confirmUpdateValue;
+        }
+
+        // Only submit if user confirms
+        if (confirm(message)) {
+            // Remove the event listener to prevent infinite loop, then submit
+            this.element.removeEventListener('submit', this.handleSubmit.bind(this));
+            this.element.submit();
+        }
+    }
+
+    /**
+     * Compare two version strings (e.g., "2.5.0" vs "2.6.0")
+     * Returns -1 if v1 < v2, 0 if equal, 1 if v1 > v2
+     */
+    compareVersions(v1, v2) {
+        const parts1 = v1.split('.').map(Number);
+        const parts2 = v2.split('.').map(Number);
+        for (let i = 0; i < Math.max(parts1.length, parts2.length); i++) {
+            const p1 = parts1[i] || 0;
+            const p2 = parts2[i] || 0;
+            if (p1 < p2) return -1;
+            if (p1 > p2) return 1;
+        }
+        return 0;
+    }
+}
--- a/assets/css/app/bs-overrides.css
+++ b/assets/css/app/bs-overrides.css
@@ -120,4 +120,11 @@ ins {
 del {
    background-color: #f09595;
    font-weight: bold;
-}
+}
+
+/****************************************
+ * Password toggle
+ ****************************************/
+.toggle-password-button {
+    top: 0.7rem !important;
+}
--- a/assets/css/app/helpers.css
+++ b/assets/css/app/helpers.css
@@ -111,4 +111,11 @@ ul.structural_link li a:hover {
 .permission-checkbox:checked {
    background-color: var(--bs-success);
    border-color: var(--bs-success);
+}
+
+/***********************************************
+ * Katex rendering with same height as text
+ ***********************************************/
+.katex-same-height-as-text .katex {
+    font-size: 1.0em;
 }
--- a/assets/css/app/images.css
+++ b/assets/css/app/images.css
@@ -18,8 +18,8 @@
 */

 .hoverpic {
-    min-width: 10px;
-    max-width: 30px;
+    min-width: var(--table-image-preview-min-size, 20px);
+    max-width: var(--table-image-preview-max-size, 35px);
    display: block;
    margin-left: auto;
    margin-right: auto;
@@ -49,9 +49,8 @@
 }

 .part-table-image {
-    max-height: 40px;
+    max-height: calc(1.2*var(--table-image-preview-max-size, 35px)); /** Aspect ratio of maximum 1.2 */
    object-fit: contain;
-    width: 100%;
 }

 .part-info-image {
@@ -59,6 +58,12 @@
    object-fit: contain;
 }

+@media (max-width: 768px) {
+    .part-info-image {
+        max-height: 100px;
+    }
+}
+
 .object-fit-cover {
    object-fit: cover;
-}
+}
--- a/assets/css/app/layout.css
+++ b/assets/css/app/layout.css
@@ -108,8 +108,8 @@ body {
 .back-to-top {
    cursor: pointer;
    position: fixed;
-    bottom: 20px;
-    right: 20px;
+    bottom: 60px;
+    right: 40px;
    display:none;
    z-index: 1030;
 }
@@ -133,7 +133,7 @@ showing the sidebar (on devices with md or higher)
 */
 #sidebar-toggle-button {
    position: fixed;
-    left: 3px;
+    left: 2px;
    bottom: 50%;
 }

--- a/assets/css/app/tables.css
+++ b/assets/css/app/tables.css
@@ -17,6 +17,16 @@
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

+/****************************************
+ * Action bar
+ ****************************************/
+
+.sticky-select-bar {
+    position: sticky;
+    top: 120px;
+    z-index: 1000; /* Ensure the bar is above other content */
+}
+
 /****************************************
 * Tables
 ****************************************/
@@ -63,10 +73,6 @@ table.dataTable > tbody > tr.selected > td > a {
    margin-block-end: 0;
 }

-.card-footer-table {
-    padding-top: 0;
-}
-
 table.dataTable {
    margin-top: 0 !important;
 }
@@ -88,6 +94,11 @@ th.select-checkbox {
    display: inline-flex;
 }

+/** Add spacing between column visibility button and length menu */
+.buttons-colvis {
+    margin-right: 0.2em !important;
+}
+
 /** Fix datatables select-checkbox position */
 table.dataTable tr.selected td.select-checkbox:after
 {
@@ -113,4 +124,26 @@ Classes for Datatables export
 #export-messageTop,
 .export-helper{
    display: none;
-}
+}
+
+/**********************************************************
+* Table row highlighting tools
+***********************************************************/
+
+.row-highlight {
+    box-shadow: 0 4px 15px rgba(0,0,0,0.20); /* Adds depth */
+    position: relative;
+    z-index: 1; /* Ensures the shadow overlaps other rows */
+    border-left: 5px solid var(--bs-primary); /* Adds a vertical accent bar */
+}
+
+@keyframes pulse-highlight {
+    0% { outline: 2px solid transparent; }
+    50% { outline: 2px solid var(--bs-primary); }
+    100% { outline: 2px solid transparent; }
+}
+
+.row-pulse {
+    animation: pulse-highlight 1s ease-in-out;
+    animation-iteration-count: 3;
+}
--- a/assets/css/components/ckeditor.css
+++ b/assets/css/components/ckeditor.css
@@ -24,9 +24,8 @@
 /** Should be the same settings, as in label_style.css */
 .ck-html-label .ck-content {
    font-family: "DejaVu Sans Mono", monospace;
-    font-size: 12px;
+    font-size: 12pt;
    line-height: 1.0;
-    font-size-adjust: 1.5;
 }

 .ck-html-label .ck-content p {
@@ -72,6 +71,8 @@
    --ck-color-button-on-hover-background: var(--bs-secondary-bg);
    --ck-color-button-on-active-background: var(--bs-secondary-bg);
    --ck-color-button-on-disabled-background: var(--bs-secondary-bg);
-    --ck-color-button-on-color:	var(--bs-primary)
+    --ck-color-button-on-color:	var(--bs-primary);

-}
+    --ck-content-font-color: var(--ck-color-base-text);
+
+}
--- a/assets/css/components/toggle_password.css
+++ b/assets/css/components/toggle_password.css
@@ -0,0 +1,41 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+.toggle-password-container {
+    position: relative;
+}
+.toggle-password-icon {
+    height: 1rem;
+    width: 1rem;
+}
+.toggle-password-button {
+    align-items: center;
+    background-color: transparent;
+    border: none;
+    column-gap: 0.25rem;
+    display: flex;
+    flex-direction: row;
+    font-size: 0.875rem;
+    justify-items: center;
+    height: 1rem;
+    line-height: 1.25rem;
+    position: absolute;
+    right: 0.5rem;
+    top: -1.25rem;
+}
--- a/assets/js/app.js
+++ b/assets/js/app.js
@@ -28,7 +28,7 @@ import '../css/app/treeview.css';
 import '../css/app/images.css';

 // start the Stimulus application
-import '../bootstrap';
+import '../stimulus_bootstrap';

 // Need jQuery? Install it with "yarn add jquery", then uncomment to require it.
 const $ = require('jquery');
@@ -44,4 +44,18 @@ import "./register_events";
 import "./tristate_checkboxes";

 //Define jquery globally
-window.$ = window.jQuery = require("jquery")
+global.$ = global.jQuery = require("jquery");
+
+//Use the local WASM file for the ZXing library
+import {
+    setZXingModuleOverrides,
+} from "barcode-detector/ponyfill";
+import  wasmFile from "../../node_modules/zxing-wasm/dist/reader/zxing_reader.wasm";
+setZXingModuleOverrides({
+    locateFile: (path, prefix) => {
+        if (path.endsWith(".wasm")) {
+            return wasmFile;
+        }
+        return prefix + path;
+    },
+});
--- a/assets/js/lib/datatables.js
+++ b/assets/js/lib/datatables.js
@@ -75,11 +75,10 @@
                            request._dt = config.name;

                            //Try to resolve the original column index when the column was reordered (using the ColReorder plugin)
-                            //Only do this when _ColReorder_iOrigCol is available
-                            if (settings.aoColumns && settings.aoColumns.length && settings.aoColumns[0]._ColReorder_iOrigCol !== undefined) {
+                            if (dt.colReorder && dt.colReorder.transpose) {
                                if (request.order && request.order.length) {
                                    request.order.forEach(function (order) {
-                                        order.column = settings.aoColumns[order.column]._ColReorder_iOrigCol;
+                                        order.column = dt.colReorder.transpose(order.column, "toOriginal");
                                    });
                                }
                            }
--- a/assets/js/register_events.js
+++ b/assets/js/register_events.js
@@ -21,19 +21,27 @@

 import {Dropdown} from "bootstrap";
 import ClipboardJS from "clipboard";
+import {Modal} from "bootstrap";

 class RegisterEventHelper {
    constructor() {
        this.registerTooltips();
        this.configureDropdowns();
-        this.registerSpecialCharInput();
+        
+        // Only register special character input if enabled in configuration
+        const keybindingsEnabled = document.body.dataset.keybindingsSpecialCharacters !== 'false';
+        if (keybindingsEnabled) {
+            this.registerSpecialCharInput();
+        }

        //Initialize ClipboardJS
        this.registerLoadHandler(() => {
            new ClipboardJS('.btn');
-        })
+        });

        this.registerModalDropRemovalOnFormSubmit();
+
+
    }

    registerModalDropRemovalOnFormSubmit() {
@@ -43,6 +51,15 @@ class RegisterEventHelper {
            if (back_drop) {
                back_drop.remove();
            }
+
+            //Remove scroll-lock if it is still active
+            if (document.body.classList.contains('modal-open')) {
+                document.body.classList.remove('modal-open');
+
+                //Remove the padding-right and overflow:hidden from the body
+                document.body.style.paddingRight = '';
+                document.body.style.overflow = '';
+            }
        });
    }

--- a/assets/js/tristate_checkboxes.js
+++ b/assets/js/tristate_checkboxes.js
@@ -56,7 +56,8 @@ class TristateHelper {

        document.addEventListener("turbo:load", listener);
        document.addEventListener("turbo:render", listener);
+        document.addEventListener("collection:elementAdded", listener);
    }
 }

-export default new TristateHelper();
+export default new TristateHelper();
--- a/assets/js/webauthn_tfa.js
+++ b/assets/js/webauthn_tfa.js
@@ -198,6 +198,7 @@ class WebauthnTFA {
    {
        const resultField = document.getElementById('_auth_code');
        resultField.value = JSON.stringify(data)
+        //requestSubmit() do not work here, probably because the submit is considered invalid. But as we do not use CSFR tokens, it should be fine.
        form.submit();
    }

@@ -232,4 +233,4 @@ class WebauthnTFA {
    }
 }

-window.webauthnTFA = new WebauthnTFA();
+window.webauthnTFA = new WebauthnTFA();
--- a/assets/stimulus_bootstrap.js
+++ b/assets/stimulus_bootstrap.js
--- a/assets/tomselect/autoselect_typed/autoselect_typed.js
+++ b/assets/tomselect/autoselect_typed/autoselect_typed.js
@@ -0,0 +1,63 @@
+/**
+ * Autoselect Typed plugin for Tomselect
+ *
+ * This plugin allows automatically selecting an option matching the typed text when the Tomselect element goes out of
+ * focus (is blurred) and/or when the delimiter is typed.
+ *
+ * #select_on_blur option
+ * Tomselect natively supports the "createOnBlur" option. This option picks up any remaining text in the input field
+ * and uses it to create a new option and selects that option. It does behave a bit strangely though, in that it will
+ * not select an already existing option when the input is blurred, so if you typed something that matches an option in
+ * the list and then click outside the box (without pressing enter) the entered text is just removed (unless you have
+ * allow duplicates on in which case it will create a new option).
+ * This plugin fixes that, such that Tomselect will first try to select an option matching the remaining uncommitted
+ * text and only when no matching option is found tries to create a new one (if createOnBlur and create is on)
+ *
+ * #select_on_delimiter option
+ * Normally when typing the delimiter (space by default) Tomselect will try to create a new option (and select it) (if
+ * create is on), but if the typed text matches an option (and allow duplicates is off) it refuses to react at all until
+ * you press enter. With this option, the delimiter will also allow selecting an option, not just creating it.
+ */
+function select_current_input(self){
+    if(self.isLocked){
+        return
+    }
+
+    const val = self.inputValue()
+    //Do nothing if the input is empty
+    if (!val) {
+        return
+    }
+
+    if (self.options[val]) {
+        self.addItem(val)
+        self.setTextboxValue()
+    }
+}
+
+export default function(plugin_options_) {
+    const plugin_options = Object.assign({
+        //Autoselect the typed text when the input element goes out of focus
+        select_on_blur: true,
+        //Autoselect the typed text when the delimiter is typed
+        select_on_delimiter: true,
+    }, plugin_options_);
+
+    const self = this
+
+    if(plugin_options.select_on_blur) {
+        this.hook("before", "onBlur", function () {
+            select_current_input(self)
+        })
+    }
+
+    if(plugin_options.select_on_delimiter) {
+        this.hook("before", "onKeyPress", function (e) {
+            const character = String.fromCharCode(e.keyCode || e.which);
+            if (self.settings.mode === 'multi' && character === self.settings.delimiter) {
+                select_current_input(self)
+            }
+        })
+    }
+
+}
--- a/assets/tomselect/click_to_edit/click_to_edit.js
+++ b/assets/tomselect/click_to_edit/click_to_edit.js
@@ -0,0 +1,93 @@
+/**
+ * click_to_edit plugin for Tomselect
+ *
+ * This plugin allows editing (and selecting text in) any selected item by clicking it.
+ *
+ * Usually, when the user typed some text and created an item in Tomselect that item cannot be edited anymore. To make
+ * a change, the item has to be deleted and retyped completely. There is also generally no way to copy text out of a
+ * tomselect item. The "restore_on_backspace" plugin improves that somewhat, by allowing the user to edit an item after
+ * pressing backspace. However, it is somewhat confusing to first have to focus the field an then hit backspace in order
+ * to copy a piece of text. It may also not be immediately obvious for editing.
+ * This plugin transforms an item into editable text when it is clicked, e.g. when the user tries to place the caret
+ * within an item or when they try to drag across the text to highlight it.
+ * It also plays nice with the remove_button plugin which still removes (deselects) an option entirely.
+ *
+ * It is recommended to also enable the autoselect_typed plugin when using this plugin. Without it, the text in the
+ * input field (i.e. the item that was just clicked) is lost when the user clicks outside the field. Also, when the user
+ * clicks an option (making it text) and then tries to enter another one by entering the delimiter (e.g. space) nothing
+ * happens until enter is pressed or the text is changed from what it was.
+ */
+
+/**
+ * Return a dom element from either a dom query string, jQuery object, a dom element or html string
+ * https://stackoverflow.com/questions/494143/creating-a-new-dom-element-from-an-html-string-using-built-in-dom-methods-or-pro/35385518#35385518
+ *
+ * param query should be {}
+ */
+const getDom = query => {
+    if (query.jquery) {
+        return query[0];
+    }
+    if (query instanceof HTMLElement) {
+        return query;
+    }
+    if (isHtmlString(query)) {
+        var tpl = document.createElement('template');
+        tpl.innerHTML = query.trim(); // Never return a text node of whitespace as the result
+        return tpl.content.firstChild;
+    }
+    return document.querySelector(query);
+};
+const isHtmlString = arg => {
+    if (typeof arg === 'string' && arg.indexOf('<') > -1) {
+        return true;
+    }
+    return false;
+};
+
+function plugin(plugin_options_) {
+    const self = this
+
+    const plugin_options = Object.assign({
+        //If there is unsubmitted text in the input field, should that text be automatically used to select a matching
+        //element? If this is off, clicking on item1 and then clicking on item2 will result in item1 being deselected
+        auto_select_before_edit: true,
+        //If there is unsubmitted text in the input field, should that text be automatically used to create a matching
+        //element if no matching element was found or auto_select_before_edit is off?
+        auto_create_before_edit: true,
+        //customize this function to change which text the item is replaced with when clicking on it
+        text: option => {
+            return option[self.settings.labelField];
+        }
+    }, plugin_options_);
+
+
+    self.hook('after', 'setupTemplates', () => {
+        const orig_render_item = self.settings.render.item;
+        self.settings.render.item = (data, escape) => {
+            const item = getDom(orig_render_item.call(self, data, escape));
+
+            item.addEventListener('click', evt => {
+                    if (self.isLocked) {
+                        return;
+                    }
+                    const val = self.inputValue();
+
+                    if (self.options[val]) {
+                        self.addItem(val)
+                    } else if (self.settings.create) {
+                        self.createItem();
+                    }
+                    const option = self.options[item.dataset.value]
+                    self.setTextboxValue(plugin_options.text.call(self, option));
+                    self.focus();
+                    self.removeItem(item);
+                }
+            );
+
+            return item;
+        }
+    });
+
+}
+export { plugin as default };
--- a/assets/translator.js
+++ b/assets/translator.js
@@ -1,5 +1,6 @@
-import { localeFallbacks } from '../var/translations/configuration';
-import { trans, getLocale, setLocale, setLocaleFallbacks } from '@symfony/ux-translator';
+import { createTranslator } from '@symfony/ux-translator';
+import { messages, localeFallbacks } from '../var/translations/index.js';
+
 /*
 * This file is part of the Symfony UX Translator package.
 *
@@ -9,8 +10,12 @@ import { trans, getLocale, setLocale, setLocaleFallbacks } from '@symfony/ux-tra
 * If you use TypeScript, you can rename this file to "translator.ts" to take advantage of types checking.
 */

-setLocaleFallbacks(localeFallbacks);
+const translator = createTranslator({
+    messages,
+    localeFallbacks,
+});

-export { trans };
-
-export * from '../var/translations';
+// Wrapper function with default domain set to 'frontend'
+export const trans = (id, parameters = {}, domain = 'frontend', locale = null) => {
+    return translator.trans(id, parameters, domain, locale);
+};
--- a/bin/console
+++ b/bin/console
@@ -4,6 +4,10 @@
 use App\Kernel;
 use Symfony\Bundle\FrameworkBundle\Console\Application;

+if (!is_dir(dirname(__DIR__).'/vendor')) {
+    throw new LogicException('Dependencies are missing. Try running "composer install".');
+}
+
 //Increase xdebug.max_nesting_level to 1000 if required (see issue #411)
 //Check if xdebug extension is active, and xdebug.max_nesting_level is set to 256 or lower
 if (extension_loaded('xdebug') && ((int) ini_get('xdebug.max_nesting_level')) <= 256) {
--- a/bin/phpunit
+++ b/bin/phpunit
@@ -1,23 +1,4 @@
 #!/usr/bin/env php
 <?php

-if (!ini_get('date.timezone')) {
-    ini_set('date.timezone', 'UTC');
-}
-
-if (is_file(dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit')) {
-    if (PHP_VERSION_ID >= 80000) {
-        require dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit';
-    } else {
-        define('PHPUNIT_COMPOSER_INSTALL', dirname(__DIR__).'/vendor/autoload.php');
-        require PHPUNIT_COMPOSER_INSTALL;
-        PHPUnit\TextUI\Command::main();
-    }
-} else {
-    if (!is_file(dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php')) {
-        echo "Unable to find the `simple-phpunit.php` script in `vendor/symfony/phpunit-bridge/bin/`.\n";
-        exit(1);
-    }
-
-    require dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php';
-}
+require dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit';
--- a/composer.json
+++ b/composer.json
@@ -1,8 +1,9 @@
 {
+    "name": "part-db/part-db-server",
    "type": "project",
    "license": "AGPL-3.0-or-later",
    "require": {
-        "php": "^8.1",
+        "php": "^8.2",
        "ext-ctype": "*",
        "ext-dom": "*",
        "ext-gd": "*",
@@ -10,80 +11,85 @@
        "ext-intl": "*",
        "ext-json": "*",
        "ext-mbstring": "*",
-        "api-platform/core": "^3.1",
+        "ext-zip": "*",
+        "amphp/http-client": "^5.1",
+        "api-platform/doctrine-orm": "^4.1",
+        "api-platform/json-api": "^4.0.0",
+        "api-platform/symfony": "^4.0.0",
        "beberlei/doctrineextensions": "^1.2",
-        "brick/math": "0.12.1 as 0.11.0",
-        "composer/ca-bundle": "^1.3",
+        "brick/math": "^0.14.8",
+        "brick/schema": "^0.2.0",
+        "composer/ca-bundle": "^1.5",
        "composer/package-versions-deprecated": "^1.11.99.5",
-        "doctrine/annotations": "1.14.3",
-        "doctrine/data-fixtures": "^1.6.6",
-        "doctrine/dbal": "^3.4.6",
+        "doctrine/data-fixtures": "^2.0.0",
+        "doctrine/dbal": "^4.0.0",
        "doctrine/doctrine-bundle": "^2.0",
        "doctrine/doctrine-migrations-bundle": "^3.0",
-        "doctrine/orm": "^2.16",
-        "dompdf/dompdf": "^v3.0.0",
-        "erusev/parsedown": "^1.7",
-        "florianv/swap": "^4.0",
-        "florianv/swap-bundle": "dev-master",
+        "doctrine/orm": "^3.2.0",
+        "dompdf/dompdf": "^3.1.2",
        "gregwar/captcha-bundle": "^2.1.0",
-        "hshn/base64-encoded-file": "^5.0",
-        "jbtronics/2fa-webauthn": "^v2.2.0",
+        "hshn/base64-encoded-file": "^6.0",
+        "jbtronics/2fa-webauthn": "^3.0.0",
        "jbtronics/dompdf-font-loader-bundle": "^1.0.0",
+        "jbtronics/settings-bundle": "^3.0.0",
        "jfcherng/php-diff": "^6.14",
        "knpuniversity/oauth2-client-bundle": "^2.15",
+        "league/commonmark": "^2.7",
        "league/csv": "^9.8.0",
        "league/html-to-markdown": "^5.0.1",
        "liip/imagine-bundle": "^2.2",
-        "nbgrp/onelogin-saml-bundle": "^1.3",
+        "maennchen/zipstream-php": "2.1",
+        "nbgrp/onelogin-saml-bundle": "^v2.0.2",
        "nelexa/zip": "^4.0",
        "nelmio/cors-bundle": "^2.3",
        "nelmio/security-bundle": "^3.0",
        "nyholm/psr7": "^1.1",
-        "ocramius/proxy-manager": "2.2.*",
-        "omines/datatables-bundle": "^0.8.0",
+        "omines/datatables-bundle": "^0.10.0",
        "part-db/label-fonts": "^1.0",
-        "php-translation/symfony-bundle": "^0.14.0",
-        "phpdocumentor/reflection-docblock": "^5.2",
-        "phpstan/phpdoc-parser": "^1.23",
-        "runtime/frankenphp-symfony": "^0.2.0",
+        "part-db/swap-bundle": "^6.0.0",
+        "phpoffice/phpspreadsheet": "^5.0.0",
+        "rhukster/dom-sanitizer": "^1.0",
        "s9e/text-formatter": "^2.1",
-        "scheb/2fa-backup-code": "^6.8.0",
-        "scheb/2fa-bundle": "^6.8.0",
-        "scheb/2fa-google-authenticator": "^6.8.0",
-        "scheb/2fa-trusted-device": "^6.8.0",
+        "scheb/2fa-backup-code": "^v7.11.0",
+        "scheb/2fa-bundle": "^v7.11.0",
+        "scheb/2fa-google-authenticator": "^v7.11.0",
+        "scheb/2fa-trusted-device": "^v7.11.0",
        "shivas/versioning-bundle": "^4.0",
        "spatie/db-dumper": "^3.3.1",
        "symfony/apache-pack": "^1.0",
-        "symfony/asset": "6.4.*",
-        "symfony/console": "6.4.*",
-        "symfony/dotenv": "6.4.*",
-        "symfony/expression-language": "6.4.*",
+        "symfony/asset": "7.4.*",
+        "symfony/console": "7.4.*",
+        "symfony/css-selector": "7.4.*",
+        "symfony/dom-crawler": "7.4.*",
+        "symfony/dotenv": "7.4.*",
+        "symfony/expression-language": "7.4.*",
        "symfony/flex": "^v2.3.1",
-        "symfony/form": "6.4.*",
-        "symfony/framework-bundle": "6.4.*",
-        "symfony/http-client": "6.4.*",
-        "symfony/http-kernel": "6.4.*",
-        "symfony/mailer": "6.4.*",
-        "symfony/monolog-bundle": "^3.1",
-        "symfony/polyfill-php82": "^1.28",
-        "symfony/process": "6.4.*",
-        "symfony/property-access": "6.4.*",
-        "symfony/property-info": "6.4.*",
-        "symfony/proxy-manager-bridge": "6.4.*",
-        "symfony/rate-limiter": "6.4.*",
-        "symfony/runtime": "6.4.*",
-        "symfony/security-bundle": "6.4.*",
-        "symfony/serializer": "6.4.*",
-        "symfony/string": "6.4.*",
-        "symfony/translation": "6.4.*",
-        "symfony/twig-bundle": "6.4.*",
-        "symfony/ux-translator": "^2.10",
+        "symfony/form": "7.4.*",
+        "symfony/framework-bundle": "7.4.*",
+        "symfony/http-client": "7.4.*",
+        "symfony/http-kernel": "7.4.*",
+        "symfony/mailer": "7.4.*",
+        "symfony/monolog-bundle": "^4.0",
+        "symfony/process": "7.4.*",
+        "symfony/property-access": "7.4.*",
+        "symfony/property-info": "7.4.*",
+        "symfony/rate-limiter": "7.4.*",
+        "symfony/runtime": "7.4.*",
+        "symfony/security-bundle": "7.4.*",
+        "symfony/serializer": "7.4.*",
+        "symfony/string": "7.4.*",
+        "symfony/translation": "7.4.*",
+        "symfony/twig-bundle": "7.4.*",
+        "symfony/type-info": "7.4.*",
+        "symfony/ux-translator": "^2.32.0",
        "symfony/ux-turbo": "^2.0",
-        "symfony/validator": "6.4.*",
-        "symfony/web-link": "6.4.*",
+        "symfony/validator": "7.4.*",
+        "symfony/web-link": "7.4.*",
        "symfony/webpack-encore-bundle": "^v2.0.1",
-        "symfony/yaml": "6.4.*",
+        "symfony/yaml": "7.4.*",
+        "symplify/easy-coding-standard": "^13.0",
        "tecnickcom/tc-lib-barcode": "^2.1.4",
+        "tiendanube/gtinvalidation": "^1.0",
        "twig/cssinliner-extra": "^3.0",
        "twig/extra-bundle": "^3.8",
        "twig/html-extra": "^3.8",
@@ -91,42 +97,45 @@
        "twig/intl-extra": "^3.8",
        "twig/markdown-extra": "^3.8",
        "twig/string-extra": "^3.8",
-        "web-auth/webauthn-symfony-bundle": "^4.0.0",
-        "webmozart/assert": "^1.4"
+        "web-auth/webauthn-symfony-bundle": "^5.0.0"
    },
    "require-dev": {
        "dama/doctrine-test-bundle": "^v8.0.0",
-        "doctrine/doctrine-fixtures-bundle": "^3.2",
-        "ekino/phpstan-banned-code": "^v1.0.0",
+        "doctrine/doctrine-fixtures-bundle": "^4.0.0",
+        "ekino/phpstan-banned-code": "^v3.0.0",
+        "jbtronics/translation-editor-bundle": "^1.0",
        "phpstan/extension-installer": "^1.0",
-        "phpstan/phpstan": "^1.4.7",
-        "phpstan/phpstan-doctrine": "^1.2.11",
-        "phpstan/phpstan-strict-rules": "^1.5",
-        "phpstan/phpstan-symfony": "^1.1.7",
-        "phpunit/phpunit": "^9.5",
-        "psalm/plugin-symfony": "^v5.0.1",
-        "rector/rector": "^0.18.0",
+        "phpstan/phpstan": "^2.0.4",
+        "phpstan/phpstan-doctrine": "^2.0.1",
+        "phpstan/phpstan-strict-rules": "^2.0.1",
+        "phpstan/phpstan-symfony": "^2.0.0",
+        "phpunit/phpunit": "^11.5.0",
+        "rector/rector": "^2.0.4",
        "roave/security-advisories": "dev-latest",
-        "symfony/browser-kit": "6.4.*",
-        "symfony/css-selector": "6.4.*",
-        "symfony/debug-bundle": "6.4.*",
+        "symfony/browser-kit": "7.4.*",
+        "symfony/debug-bundle": "7.4.*",
        "symfony/maker-bundle": "^1.13",
-        "symfony/phpunit-bridge": "6.4.*",
-        "symfony/stopwatch": "6.4.*",
-        "symfony/web-profiler-bundle": "6.4.*",
-        "symplify/easy-coding-standard": "^12.0",
-        "vimeo/psalm": "^5.6.0"
+        "symfony/phpunit-bridge": "7.4.*",
+        "symfony/stopwatch": "7.4.*",
+        "symfony/web-profiler-bundle": "7.4.*"
+    },
+    "replace": {
+        "symfony/polyfill-mbstring": "*",
+        "symfony/polyfill-php74": "*",
+        "symfony/polyfill-php80": "*",
+        "symfony/polyfill-php81": "*",
+        "symfony/polyfill-php82": "*"
    },
    "suggest": {
        "ext-bcmath": "Used to improve price calculation performance",
-        "ext-gmp": "Used to improve price calculation performanice"
+        "ext-gmp": "Used to improve price calculation performance"
    },
    "config": {
        "preferred-install": {
            "*": "dist"
        },
        "platform": {
-            "php": "8.1.0"
+            "php": "8.2.0"
        },
        "sort-packages": true,
        "allow-plugins": {
@@ -158,7 +167,7 @@
        "post-update-cmd": [
            "@auto-scripts"
        ],
-        "phpstan": "vendor/bin/phpstan analyse src --level 5 --memory-limit 1G"
+        "phpstan": "php -d memory_limit=1G vendor/bin/phpstan analyse src --level 5"
    },
    "conflict": {
        "symfony/symfony": "*"
@@ -166,7 +175,7 @@
    "extra": {
        "symfony": {
            "allow-contrib": false,
-            "require": "6.4.*",
+            "require": "7.4.*",
            "docker": true
        }
    }
--- a/composer.lock
+++ b/composer.lock
--- a/config/banner.md
+++ b/config/banner.md
@@ -1,14 +1,4 @@
-Welcome to Part-DB.
- 
-<small>If you want to change this banner, edit `config/banner.md` file or set the `BANNER` environment variable.</small>
+**Attention**:
+Since Version 2.0.0 this file is no longer used.

-<blockquote class="pb-0">
-<p style="font-size: 12px">
-And God said <br>
-$\nabla \cdot \vec{D} = \rho$, 
-$\nabla \cdot \vec{B} = 0$, 
-$\nabla \times \vec{E} = -\frac{\partial \vec{B}}{\partial t}$, 
-$\nabla \times \vec{H} = \vec{j} + \frac{\partial \vec{D}}{\partial t}$,  <br>
-and then there was light.
-</p>
-</blockquote>
+You can now set the banner text directly in the admin interface, or by setting the `BANNER` environment variable.
--- a/config/bundles.php
+++ b/config/bundles.php
@@ -18,7 +18,6 @@ return [
    DAMA\DoctrineTestBundle\DAMADoctrineTestBundle::class => ['test' => true],
    Twig\Extra\TwigExtraBundle\TwigExtraBundle::class => ['all' => true],
    Gregwar\CaptchaBundle\GregwarCaptchaBundle::class => ['all' => true],
-    Translation\Bundle\TranslationBundle::class => ['all' => true],
    Florianv\SwapBundle\FlorianvSwapBundle::class => ['all' => true],
    Nelmio\SecurityBundle\NelmioSecurityBundle::class => ['all' => true],
    Symfony\UX\Turbo\TurboBundle::class => ['all' => true],
@@ -31,5 +30,7 @@ return [
    Jbtronics\DompdfFontLoaderBundle\DompdfFontLoaderBundle::class => ['all' => true],
    KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
    Nelmio\CorsBundle\NelmioCorsBundle::class => ['all' => true],
+    Jbtronics\SettingsBundle\JbtronicsSettingsBundle::class => ['all' => true],
+    Jbtronics\TranslationEditorBundle\JbtronicsTranslationEditorBundle::class => ['dev' => true],
    ApiPlatform\Symfony\Bundle\ApiPlatformBundle::class => ['all' => true],
 ];
--- a/config/packages/api_platform.yaml
+++ b/config/packages/api_platform.yaml
@@ -32,5 +32,9 @@ api_platform:

    pagination_client_items_per_page: true # Allow clients to override the default items per page

-  keep_legacy_inflector: false
-  event_listeners_backward_compatibility_layer: false
+  # Need to be true, or some tests will fail
+  use_symfony_listeners: true
+
+  serializer:
+    # Change this to false later, to remove the hydra prefix on the API
+    hydra_prefix: true
--- a/config/packages/cache.yaml
+++ b/config/packages/cache.yaml
@@ -23,3 +23,7 @@ framework:

            info_provider.cache:
                adapter: cache.app
+
+            cache.settings:
+                adapter: cache.app
+                tags: true
--- a/config/packages/csrf.yaml
+++ b/config/packages/csrf.yaml
@@ -0,0 +1,12 @@
+# Enable stateless CSRF protection for forms and logins/logouts
+framework:
+    form:
+        csrf_protection:
+            token_id: submit
+
+    csrf_protection:
+        check_header: true
+        stateless_token_ids:
+            - submit
+            - authenticate
+            - logout
--- a/config/packages/datatables.yaml
+++ b/config/packages/datatables.yaml
@@ -8,17 +8,17 @@ datatables:

    # Set options, as documented at https://datatables.net/reference/option/
    options:
-        lengthMenu : [[10, 25, 50, 100, -1], [10, 25, 50, 100, "All"]]
-        pageLength: '%partdb.table.default_page_size%'   # Set to -1 to disable pagination (i.e. show all rows) by default
-        #dom: "<'row' <'col-sm-12' tr>><'row' <'col-sm-6'l><'col-sm-6 text-right'pif>>"
-        dom: "  <'row'<'col mb-2 input-group' B l> <'col mb-2' <'pull-end' p>>>
-                        <'card'
-                            rt
-                            <'card-footer card-footer-table text-muted' i >
-                        >
-                        <'row'<'col mt-2 input-group' B l> <'col mt-2' <'pull-right' p>>>"
+        lengthMenu : [[10, 25, 50, 100], [10, 25, 50, 100]] # We add the "All" option, when part tables are generated
+        #pageLength: '%partdb.table.default_page_size%'   # Set to -1 to disable pagination (i.e. show all rows) by default
+        pageLength: 50 #TODO
+        dom: "  <'row' <'col mb-2 input-group flex-nowrap' B l > <'col-auto mb-2' < p >>>
+                    <'card'
+                        rt
+                        <'card-footer card-footer-table text-muted' i >
+                    >
+                <'row' <'col mt-2 input-group flex-nowrap' B l > <'col-auto mt-2' < p >>>"
        pagingType: 'simple_numbers'
-        searching: true
+        searching: false
        stateSave: true


--- a/config/packages/dev/php_translation.yaml
+++ b/config/packages/dev/php_translation.yaml
@@ -1,5 +0,0 @@
-translation:
-    symfony_profiler:
-        enabled: true
-    webui:
-        enabled: true
--- a/config/packages/doctrine.php
+++ b/config/packages/doctrine.php
@@ -0,0 +1,35 @@
+<?php
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2025 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+use Symfony\Config\DoctrineConfig;
+
+/**
+ * This class extends the default doctrine ORM configuration to enable native lazy objects on PHP 8.4+.
+ * We have to do this in a PHP file, because the yaml file does not support conditionals on PHP version.
+ */
+
+return static function(DoctrineConfig $doctrine) {
+    //On PHP 8.4+ we can use native lazy objects, which are much more efficient than proxies.
+    if (PHP_VERSION_ID >= 80400) {
+        $doctrine->orm()->enableNativeLazyObjects(true);
+    }
+};
--- a/config/packages/doctrine.yaml
+++ b/config/packages/doctrine.yaml
@@ -9,15 +9,22 @@ doctrine:
        # either here or in the DATABASE_URL env var (see .env file)

        types:
+            # UTC datetimes
            datetime:
                class: App\Doctrine\Types\UTCDateTimeType
            date:
                class: App\Doctrine\Types\UTCDateTimeType
+
+            datetime_immutable:
+                class: App\Doctrine\Types\UTCDateTimeImmutableType
+            date_immutable:
+                class: App\Doctrine\Types\UTCDateTimeImmutableType
+
            big_decimal:
                class: App\Doctrine\Types\BigDecimalType
            tinyint:
                class: App\Doctrine\Types\TinyIntType
-        
+
        schema_filter: ~^(?!internal)~
        # Only enable this when needed
        profiling_collect_backtrace: false
@@ -28,7 +35,11 @@ doctrine:
        report_fields_where_declared: true
        validate_xml_mapping: true
        naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
+        identity_generation_preferences:
+            Doctrine\DBAL\Platforms\PostgreSQLPlatform: identity
        auto_mapping: true
+        controller_resolver:
+            auto_mapping: true
        mappings:
            App:
                type: attribute
@@ -39,10 +50,12 @@ doctrine:

        dql:
            string_functions:
-                regexp: DoctrineExtensions\Query\Mysql\Regexp
-                ifnull: DoctrineExtensions\Query\Mysql\IfNull
+                regexp: App\Doctrine\Functions\Regexp
                field:  DoctrineExtensions\Query\Mysql\Field
                field2: App\Doctrine\Functions\Field2
+                natsort: App\Doctrine\Functions\Natsort
+                array_position: App\Doctrine\Functions\ArrayPosition
+                ilike: App\Doctrine\Functions\ILike

 when@test:
    doctrine:
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -1,9 +1,7 @@
+# yaml-language-server: $schema=../../vendor/symfony/dependency-injection/Loader/schema/services.schema.json
 # see https://symfony.com/doc/current/reference/configuration/framework.html
 framework:
    secret: '%env(APP_SECRET)%'
-    csrf_protection: true
-    annotations: false
-    handle_all_throwables: true

    # We set this header by ourselves, so we can disable it here
    disallow_search_engine_index: false
@@ -11,6 +9,7 @@ framework:
    # Must be set to true, to enable the change of HTTP method via _method parameter, otherwise our delete routines does not work anymore
    # TODO: Rework delete routines to work without _method parameter as it is not recommended anymore (see https://github.com/symfony/symfony/issues/45278)
    http_method_override: true
+    allowed_http_method_override: ['DELETE']

    # Allow users to configure trusted hosts via .env variables
    # see https://symfony.com/doc/current/reference/configuration/framework.html#trusted-hosts
@@ -30,8 +29,11 @@ framework:

    #esi: true
    #fragments: true
-    php_errors:
-        log: true
+
+
+    form: { csrf_protection: { token_id: 'submit' } }
+    csrf_protection:
+        stateless_token_ids: ['submit', 'authenticate', 'logout']

 when@test:
    framework:
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .12.1
 .8.0