Fix typo and copy-paste error (#942)

* Added Datamatrix and C93 label twigs

* Added new barcode placeholders to ckeditor plugin

---------

Co-authored-by: Jan Böhmer <mail@jan-boehmer.de>

.docker/frankenphp/Caddyfile

@@ -0,0 +1,55 @@
+{
+	{$CADDY_GLOBAL_OPTIONS}
+
+	frankenphp {
+		{$FRANKENPHP_CONFIG}
+	}
+
+	# https://caddyserver.com/docs/caddyfile/directives#sorting-algorithm
+	order mercure after encode
+	order vulcain after reverse_proxy
+	order php_server before file_server
+}
+
+{$CADDY_EXTRA_CONFIG}
+
+{$SERVER_NAME:localhost} {
+	log {
+		# Redact the authorization query parameter that can be set by Mercure
+		format filter {
+			wrap console
+			fields {
+				uri query {
+					replace authorization REDACTED
+				}
+			}
+		}
+	}
+
+	root * /app/public
+	encode zstd br gzip
+
+	mercure {
+		# Transport to use (default to Bolt)
+		transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
+		# Publisher JWT key
+		publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
+		# Subscriber JWT key
+		subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
+		# Allow anonymous subscribers (double-check that it's what you want)
+		anonymous
+		# Enable the subscription API (double-check that it's what you want)
+		subscriptions
+		# Extra directives
+		{$MERCURE_EXTRA_DIRECTIVES}
+	}
+
+	vulcain
+
+	{$CADDY_SERVER_EXTRA_DIRECTIVES}
+
+	# Disable Topics tracking if not enabled explicitly: https://github.com/jkarlin/topics
+	header ?Permissions-Policy "browsing-topics=()"
+
+	php_server
+}

.docker/frankenphp/conf.d/app.dev.ini

@@ -0,0 +1,5 @@
+; See https://docs.docker.com/desktop/networking/#i-want-to-connect-from-a-container-to-a-service-on-the-host
+; See https://github.com/docker/for-linux/issues/264
+; The `client_host` below may optionally be replaced with `discover_client_host=yes`
+; Add `start_with_request=yes` to start debug session on each request
+xdebug.client_host = host.docker.internal

.docker/frankenphp/conf.d/app.ini

@@ -0,0 +1,18 @@
+expose_php = 0
+date.timezone = UTC
+apc.enable_cli = 1
+session.use_strict_mode = 1
+zend.detect_unicode = 0
+
+; https://symfony.com/doc/current/performance.html
+realpath_cache_size = 4096K
+realpath_cache_ttl = 600
+opcache.interned_strings_buffer = 16
+opcache.max_accelerated_files = 20000
+opcache.memory_consumption = 256
+opcache.enable_file_override = 1
+
+memory_limit = 256M
+
+upload_max_filesize=256M
+post_max_size=300M

.docker/frankenphp/conf.d/app.prod.ini

@@ -0,0 +1,2 @@
+opcache.preload_user = root
+opcache.preload = /app/config/preload.php

.docker/frankenphp/docker-entrypoint.sh

@@ -0,0 +1,60 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = 'frankenphp' ] || [ "$1" = 'php' ] || [ "$1" = 'bin/console' ]; then
+	# Install the project the first time PHP is started
+	# After the installation, the following block can be deleted
+	if [ ! -f composer.json ]; then
+		rm -Rf tmp/
+		composer create-project "symfony/skeleton $SYMFONY_VERSION" tmp --stability="$STABILITY" --prefer-dist --no-progress --no-interaction --no-install
+
+		cd tmp
+		cp -Rp . ..
+		cd -
+		rm -Rf tmp/
+
+		composer require "php:>=$PHP_VERSION" runtime/frankenphp-symfony
+		composer config --json extra.symfony.docker 'true'
+
+		if grep -q ^DATABASE_URL= .env; then
+			echo "To finish the installation please press Ctrl+C to stop Docker Compose and run: docker compose up --build -d --wait"
+			sleep infinity
+		fi
+	fi
+
+	if [ -z "$(ls -A 'vendor/' 2>/dev/null)" ]; then
+		composer install --prefer-dist --no-progress --no-interaction
+	fi
+
+	if grep -q ^DATABASE_URL= .env; then
+		echo "Waiting for database to be ready..."
+		ATTEMPTS_LEFT_TO_REACH_DATABASE=60
+		until [ $ATTEMPTS_LEFT_TO_REACH_DATABASE -eq 0 ] || DATABASE_ERROR=$(php bin/console dbal:run-sql -q "SELECT 1" 2>&1); do
+			if [ $? -eq 255 ]; then
+				# If the Doctrine command exits with 255, an unrecoverable error occurred
+				ATTEMPTS_LEFT_TO_REACH_DATABASE=0
+				break
+			fi
+			sleep 1
+			ATTEMPTS_LEFT_TO_REACH_DATABASE=$((ATTEMPTS_LEFT_TO_REACH_DATABASE - 1))
+			echo "Still waiting for database to be ready... Or maybe the database is not reachable. $ATTEMPTS_LEFT_TO_REACH_DATABASE attempts left."
+		done
+
+		if [ $ATTEMPTS_LEFT_TO_REACH_DATABASE -eq 0 ]; then
+			echo "The database is not up or not reachable:"
+			echo "$DATABASE_ERROR"
+			exit 1
+		else
+			echo "The database is now ready and reachable"
+		fi
+
+		if [ "$( find ./migrations -iname '*.php' -print -quit )" ]; then
+			php bin/console doctrine:migrations:migrate --no-interaction
+		fi
+	fi
+
+	setfacl -R -m u:www-data:rwX -m u:"$(whoami)":rwX var
+	setfacl -dR -m u:www-data:rwX -m u:"$(whoami)":rwX var
+fi
+
+exec docker-php-entrypoint "$@"

.docker/frankenphp/worker.Caddyfile

@@ -0,0 +1,4 @@
+worker {
+	file ./public/index.php
+	env APP_RUNTIME Runtime\FrankenPhpSymfony\Runtime
+}

.docker/partdb-entrypoint.sh

@@ -39,8 +39,50 @@ if [ -d /var/www/html/var/db ]; then
     fi
 fi
 
-# Start PHP-FPM
-service php8.1-fpm start
+# Start PHP-FPM (the PHP_VERSION is replaced by the configured version in the Dockerfile)
+service phpPHP_VERSION-fpm start
+
+
+# Run migrations if automigration is enabled via env variable DB_AUTOMIGRATE
+if [ "$DB_AUTOMIGRATE" = "true" ]; then
+		echo "Waiting for database to be ready..."
+		ATTEMPTS_LEFT_TO_REACH_DATABASE=60
+		until [ $ATTEMPTS_LEFT_TO_REACH_DATABASE -eq 0 ] || DATABASE_ERROR=$(sudo -E -u www-data php bin/console dbal:run-sql -q "SELECT 1" 2>&1); do
+			if [ $? -eq 255 ]; then
+				# If the Doctrine command exits with 255, an unrecoverable error occurred
+				ATTEMPTS_LEFT_TO_REACH_DATABASE=0
+				break
+			fi
+			sleep 1
+			ATTEMPTS_LEFT_TO_REACH_DATABASE=$((ATTEMPTS_LEFT_TO_REACH_DATABASE - 1))
+			echo "Still waiting for database to be ready... Or maybe the database is not reachable. $ATTEMPTS_LEFT_TO_REACH_DATABASE attempts left."
+		done
+
+		if [ $ATTEMPTS_LEFT_TO_REACH_DATABASE -eq 0 ]; then
+			echo "The database is not up or not reachable:"
+			echo "$DATABASE_ERROR"
+			exit 1
+		else
+			echo "The database is now ready and reachable"
+		fi
+
+    # Check if there are any available migrations to do, by executing doctrine:migrations:up-to-date
+    # and checking if the exit code is 0 (up to date) or 1 (not up to date)
+    if  sudo -E -u www-data php bin/console doctrine:migrations:up-to-date --no-interaction; then
+        echo "Database is up to date, no migrations necessary."
+    else
+        echo "Migrations available..."
+        echo "Do backup of database..."
+
+        sudo -E -u www-data mkdir -p /var/www/html/uploads/.automigration-backup/
+        # Backup the database
+        sudo -E -u www-data php bin/console partdb:backup -n --database /var/www/html/uploads/.automigration-backup/backup-$(date +%Y-%m-%d_%H-%M-%S).zip
+
+        # Check if there are any migration files
+        sudo -E -u www-data php bin/console doctrine:migrations:migrate --no-interaction
+    fi
+
+fi
 
 # first arg is `-f` or `--some-option` (taken from https://github.com/docker-library/php/blob/master/8.2/bullseye/apache/docker-php-entrypoint)
 if [ "${1#-}" != "$1" ]; then

.docker/symfony.conf

@@ -25,16 +25,16 @@
         CustomLog ${APACHE_LOG_DIR}/access.log combined
 
         # Pass the configuration from the docker env to the PHP environment (here you should list all .env options)
-        PassEnv APP_ENV APP_DEBUG APP_SECRET
+        PassEnv APP_ENV APP_DEBUG APP_SECRET REDIRECT_TO_HTTPS DISABLE_YEAR2038_BUG_CHECK
         PassEnv TRUSTED_PROXIES TRUSTED_HOSTS LOCK_DSN
-        PassEnv DATABASE_URL ENFORCE_CHANGE_COMMENTS_FOR
-        PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR MAX_ATTACHMENT_FILE_SIZE DEFAULT_URI CHECK_FOR_UPDATES
+        PassEnv DATABASE_URL ENFORCE_CHANGE_COMMENTS_FOR DATABASE_MYSQL_USE_SSL_CA DATABASE_MYSQL_SSL_VERIFY_CERT
+        PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR MAX_ATTACHMENT_FILE_SIZE DEFAULT_URI CHECK_FOR_UPDATES ATTACHMENT_DOWNLOAD_BY_DEFAULT
         PassEnv MAILER_DSN ALLOW_EMAIL_PW_RESET EMAIL_SENDER_EMAIL EMAIL_SENDER_NAME
         PassEnv HISTORY_SAVE_CHANGED_FIELDS HISTORY_SAVE_CHANGED_DATA HISTORY_SAVE_REMOVED_DATA HISTORY_SAVE_NEW_DATA
         PassEnv ERROR_PAGE_ADMIN_EMAIL ERROR_PAGE_SHOW_HELP
         PassEnv DEMO_MODE NO_URL_REWRITE_AVAILABLE FIXER_API_KEY BANNER
         # In old version the SAML sp private key env, was wrongly named SAMLP_SP_PRIVATE_KEY, keep it for backward compatibility
-        PassEnv SAML_ENABLED SAML_ROLE_MAPPING SAML_UPDATE_GROUP_ON_LOGIN SAML_IDP_ENTITY_ID SAML_IDP_SINGLE_SIGN_ON_SERVICE SAML_IDP_SINGLE_LOGOUT_SERVICE SAML_IDP_X509_CERT SAML_SP_ENTITY_ID SAML_SP_X509_CERT SAML_SP_PRIVATE_KEY SAMLP_SP_PRIVATE_KEY
+        PassEnv SAML_ENABLED SAML_BEHIND_PROXY SAML_ROLE_MAPPING SAML_UPDATE_GROUP_ON_LOGIN SAML_IDP_ENTITY_ID SAML_IDP_SINGLE_SIGN_ON_SERVICE SAML_IDP_SINGLE_LOGOUT_SERVICE SAML_IDP_X509_CERT SAML_SP_ENTITY_ID SAML_SP_X509_CERT SAML_SP_PRIVATE_KEY SAMLP_SP_PRIVATE_KEY
         PassEnv TABLE_DEFAULT_PAGE_SIZE TABLE_PARTS_DEFAULT_COLUMNS
 
         PassEnv PROVIDER_DIGIKEY_CLIENT_ID PROVIDER_DIGIKEY_SECRET PROVIDER_DIGIKEY_CURRENCY PROVIDER_DIGIKEY_LANGUAGE PROVIDER_DIGIKEY_COUNTRY
@@ -42,6 +42,11 @@
         PassEnv PROVIDER_TME_KEY PROVIDER_TME_SECRET PROVIDER_TME_CURRENCY PROVIDER_TME_LANGUAGE PROVIDER_TME_COUNTRY PROVIDER_TME_GET_GROSS_PRICES
         PassEnv PROVIDER_OCTOPART_CLIENT_ID PROVIDER_OCTOPART_SECRET PROVIDER_OCTOPART_CURRENCY PROVIDER_OCTOPART_COUNTRY PROVIDER_OCTOPART_SEARCH_LIMIT PROVIDER_OCTOPART_ONLY_AUTHORIZED_SELLERS
         PassEnv PROVIDER_MOUSER_KEY PROVIDER_MOUSER_SEARCH_OPTION PROVIDER_MOUSER_SEARCH_LIMIT PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE
+        PassEnv PROVIDER_LCSC_ENABLED PROVIDER_LCSC_CURRENCY
+        PassEnv PROVIDER_OEMSECRETS_KEY PROVIDER_OEMSECRETS_COUNTRY_CODE PROVIDER_OEMSECRETS_CURRENCY PROVIDER_OEMSECRETS_ZERO_PRICE PROVIDER_OEMSECRETS_SET_PARAM PROVIDER_OEMSECRETS_SORT_CRITERIA
+        PassEnv PROVIDER_REICHELT_ENABLED PROVIDER_REICHELT_CURRENCY PROVIDER_REICHELT_COUNTRY PROVIDER_REICHELT_LANGUAGE PROVIDER_REICHELT_INCLUDE_VAT
+        PassEnv PROVIDER_POLLIN_ENABLED
+        PassEnv EDA_KICAD_CATEGORY_DEPTH
 
         # For most configuration files from conf-available/, which are
         # enabled or disabled at a global level, it is possible to

.dockerignore

@@ -5,6 +5,8 @@ tests/
 docs/
 .git
 
+/public/media/*
+
 ###> symfony/framework-bundle ###
 /.env.local
 /.env.local.php
@@ -42,3 +44,39 @@ yarn-error.log
 /phpunit.xml
 .phpunit.result.cache
 ###< phpunit/phpunit ###
+
+
+### From frankenphp
+
+**/*.log
+**/*.php~
+**/*.dist.php
+**/*.dist
+**/*.cache
+**/._*
+**/.dockerignore
+**/.DS_Store
+**/.git/
+**/.gitattributes
+**/.gitignore
+**/.gitmodules
+**/compose.*.yaml
+**/compose.*.yml
+**/compose.yaml
+**/compose.yml
+**/docker-compose.*.yaml
+**/docker-compose.*.yml
+**/docker-compose.yaml
+**/docker-compose.yml
+**/Dockerfile
+**/Thumbs.db
+.github/
+public/bundles/
+var/
+vendor/
+.editorconfig
+.env.*.local
+.env.local
+.env.local.php
+.env.test
+

.env

@@ -14,6 +14,19 @@ DATABASE_URL="sqlite:///%kernel.project_dir%/var/app.db"
 # Uncomment this line (and comment the line above to use a MySQL database
 #DATABASE_URL=mysql://root:@127.0.0.1:3306/part-db?serverVersion=5.7
 
+# Set this value to 1, if you want to use SSL to connect to the MySQL server. It will be tried to use the CA certificate
+# otherwise a CA bundle shipped with PHP will be used.
+# Leave it at 0, if you do not want to use SSL or if your server does not support it
+DATABASE_MYSQL_USE_SSL_CA=0
+
+# Set this value to 0, if you don't want to verify the CA certificate of the MySQL server
+# Only do this, if you know what you are doing!
+DATABASE_MYSQL_SSL_VERIFY_CERT=1
+
+# Emulate natural sorting of strings even on databases that do not support it (like SQLite, MySQL or MariaDB < 10.7)
+# This can be slow on big databases and might have some problems and quirks, so use it with caution
+DATABASE_EMULATE_NATURAL_SORT=0
+
 ###################################################################################
 # General settings
 ###################################################################################
@@ -29,13 +42,15 @@ INSTANCE_NAME="Part-DB"
 # Allow users to download attachments to the server by providing an URL
 # This could be a potential security issue, as the user can retrieve any file the server has access to (via internet)
 ALLOW_ATTACHMENT_DOWNLOADS=0
+# Set this to 1, if the "download external files" checkbox should be checked by default for new attachments
+ATTACHMENT_DOWNLOAD_BY_DEFAULT=0
 # Use gravatars for user avatars, when user has no own avatar defined
 USE_GRAVATAR=0
 # The maximum allowed size for attachment files in bytes (you can use M for megabytes and G for gigabytes)
 # Please note that the php.ini setting upload_max_filesize also limits the maximum size of uploaded files
 MAX_ATTACHMENT_FILE_SIZE="100M"
 
-# The public reachable URL of this Part-DB installation. This is used for generating links to the website in emails and so on
+# The public reachable URL of this Part-DB installation. This is used for generating links in SAML and email templates
 # This must end with a slash!
 DEFAULT_URI="https://partdb.changeme.invalid/"
 
@@ -128,7 +143,8 @@ PROVIDER_TME_CURRENCY=EUR
 PROVIDER_TME_LANGUAGE=en
 # The country to get results for
 PROVIDER_TME_COUNTRY=DE
-# Set this to 1 to get gross prices (including VAT) instead of net prices
+# [DEPRECATED] Set this to 1 to get gross prices (including VAT) instead of net prices
+# With private API keys, this option cannot be used anymore is ignored by Part-DB. The VAT inclusion depends on your TME account settings.
 PROVIDER_TME_GET_GROSS_PRICES=1
 
 # Octopart / Nexar Provider:
@@ -157,12 +173,89 @@ PROVIDER_MOUSER_SEARCH_LIMIT=50
 # Used when searching for keywords in the language specified when you signed up for Search API.
 PROVIDER_MOUSER_SEARCH_WITH_SIGNUP_LANGUAGE='true'
 
+# LCSC Provider:
+# LCSC does not provide an offical API, so this used the API LCSC uses to render their webshop.
+# LCSC did not intended the use of this API and it could break any time, so use it at your own risk.
+
+# We dont require an API key for LCSC, just set this to 1 to enable LCSC support
+PROVIDER_LCSC_ENABLED=0
+# The currency to get prices in (e.g. EUR, USD, etc.)
+PROVIDER_LCSC_CURRENCY=EUR
+
+# Oemsecrets Provider API 3.0.1:
+# You can get your API key from https://www.oemsecrets.com/api
+PROVIDER_OEMSECRETS_KEY=
+# The country you want the output for
+PROVIDER_OEMSECRETS_COUNTRY_CODE=DE
+# Available country code are:
+# AD, AE, AQ, AR, AT, AU, BE, BO, BR, BV, BY, CA, CH, CL, CN, CO, CZ, DE, DK, EC, EE, EH, 
+# ES, FI, FK, FO, FR, GB, GE, GF, GG, GI, GL, GR, GS, GY, HK, HM, HR, HU, IE, IM, IN, IS,
+# IT, JM, JP, KP, KR, KZ, LI, LK, LT, LU, MC, MD, ME, MK, MT, NL, NO, NZ, PE, PH, PL, PT, 
+# PY, RO, RS, RU, SB, SD, SE, SG, SI, SJ, SK, SM, SO, SR, SY, SZ, TC, TF, TG, TH, TJ, TK, 
+# TM, TN, TO, TR, TT, TV, TW, TZ, UA, UG, UM, US, UY, UZ, VA, VE, VG, VI, VN, VU, WF, YE, 
+# ZA, ZM, ZW
+#
+# The currency you want the prices to be displayed in
+PROVIDER_OEMSECRETS_CURRENCY=EUR
+# Available currency are:AUD, CAD, CHF, CNY, DKK, EUR, GBP, HKD, ILS, INR, JPY, KRW, NOK, 
+#                        NZD, RUB, SEK, SGD, TWD, USD
+#
+# If PROVIDER_OEMSECRETS_ZERO_PRICE is set to 0, distributors with zero prices 
+# will be discarded from the creation of a new part (set to 1 otherwise)
+PROVIDER_OEMSECRETS_ZERO_PRICE=0
+#
+# When PROVIDER_OEMSECRETS_SET_PARAM is set to 1 the parameters for the part are generated 
+# from the description transforming unstructured descriptions into structured parameters; 
+# each parameter in description should have the form: "...;name1:value1;name2:value2"
+PROVIDER_OEMSECRETS_SET_PARAM=1
+#
+# This environment variable determines the sorting criteria for product results.
+# The sorting process first arranges items based on the provided keyword.
+# Then, if set to 'C', it further sorts by completeness (prioritizing items with the most
+# detailed information). If set to 'M', it further sorts by manufacturer name.
+#If unset or set to any other value, no sorting is performed.
+PROVIDER_OEMSECRETS_SORT_CRITERIA=C
+
+
+# Reichelt provider:
+# Reichelt.com offers no official API, so this info provider webscrapes the website to extract info
+# It could break at any time, use it at your own risk
+# We dont require an API key for Reichelt, just set this to 1 to enable Reichelt support
+PROVIDER_REICHELT_ENABLED=0
+# The country to get prices for
+PROVIDER_REICHELT_COUNTRY=DE
+# The language to get results in (en, de, fr, nl, pl, it, es)
+PROVIDER_REICHELT_LANGUAGE=en
+# Include VAT in prices (set to 1 to include VAT, 0 to exclude VAT)
+PROVIDER_REICHELT_INCLUDE_VAT=1
+# The currency to get prices in (only for countries with countries other than EUR)
+PROVIDER_REICHELT_CURRENCY=EUR
+
+# Pollin provider:
+# Pollin.de offers no official API, so this info provider webscrapes the website to extract info
+# It could break at any time, use it at your own risk
+# We dont require an API key for Pollin, just set this to 1 to enable Pollin support
+PROVIDER_POLLIN_ENABLED=0
+
+##################################################################################
+# EDA integration related settings
+##################################################################################
+
+# This value determines the depth of the category tree, that is visible inside KiCad
+# 0 means that only the top level categories are visible. Set to a value > 0 to show more levels.
+# Set to -1, to show all parts of Part-DB inside a single category in KiCad
+EDA_KICAD_CATEGORY_DEPTH=0
+
 ###################################################################################
 # SAML Single sign on-settings
 ###################################################################################
 # Set this to 1 to enable SAML single sign on
+# Be also sure to set the correct values for DEFAULT_URI
 SAML_ENABLED=0
 
+# Set to 1, if your Part-DB installation is behind a reverse proxy and you want to use SAML
+SAML_BEHIND_PROXY=0
+
 # A JSON encoded array of role mappings in the form { "saml_role": PARTDB_GROUP_ID, "*": PARTDB_GROUP_ID }
 # The first match is used, so the order is important! Put the group mapping with the most privileges first.
 # Please not to only use single quotes to enclose the JSON string
@@ -202,6 +295,9 @@ DEMO_MODE=0
 # In that case all URL contains the index.php front controller in URL
 NO_URL_REWRITE_AVAILABLE=0
 
+# Set to 1, if Part-DB should redirect all HTTP requests to HTTPS. You dont need to configure this, if your webserver already does this.
+REDIRECT_TO_HTTPS=0
+
 # If you want to use fixer.io for currency conversion, you have to set this to your API key
 FIXER_API_KEY=CHANGEME
 
@@ -212,9 +308,11 @@ BANNER=""
 APP_ENV=prod
 APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
 
+# Set this to zero, if you want to disable the year 2038 bug check on 32-bit systems (it will cause errors with current 32-bit PHP versions)
+DISABLE_YEAR2038_BUG_CHECK=0
 
 # Set the trusted IPs here, when using an reverse proxy
-#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+#TRUSTED_PROXIES=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
 #TRUSTED_HOSTS='^(localhost|example\.com)$'
 
 

.env.test

@@ -5,5 +5,9 @@ SYMFONY_DEPRECATIONS_HELPER=999999
 PANTHER_APP_ENV=panther
 PANTHER_ERROR_SCREENSHOT_DIR=./var/error-screenshots
 
+DATABASE_URL="sqlite:///%kernel.project_dir%/var/app_test.db"
 # Doctrine automatically adds an _test suffix to database name in test env
-DATABASE_URL=mysql://root:@127.0.0.1:3306/part-db
+#DATABASE_URL=mysql://root:@127.0.0.1:3306/part-db
+
+# Disable update checks, as tests would fail, when github is not reachable
+CHECK_FOR_UPDATES=0

.github/workflows/assets_artifact_build.yml

@@ -27,14 +27,14 @@ jobs:
           php-version: '8.2'
           coverage: none
           ini-values: xdebug.max_nesting_level=1000
-          extensions: mbstring, intl, gd, xsl, gmp, bcmath
+          extensions: mbstring, intl, gd, xsl, gmp, bcmath, :php-psr
 
       - name: Get Composer Cache Directory
         id: composer-cache
         run: |
           echo "::set-output name=dir::$(composer config cache-files-dir)"
 
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -48,7 +48,7 @@ jobs:
         id: yarn-cache-dir-path
         run: echo "::set-output name=dir::$(yarn cache dir)"
 
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
         with:
           path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -57,7 +57,7 @@ jobs:
             ${{ runner.os }}-yarn-
 
       - name: Setup node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: '18'
 
@@ -77,13 +77,13 @@ jobs:
         run: zip -r /tmp/partdb_assets.zip public/build/ vendor/
 
       - name: Upload assets artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: Only dependencies and built assets
           path: /tmp/partdb_assets.zip
 
       - name: Upload full artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: Full Part-DB including dependencies and built assets
           path: /tmp/partdb_with_assets.zip

.github/workflows/docker_build.yml

@@ -65,7 +65,7 @@ jobs:
 
       -
         name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7

.github/workflows/docker_frankenphp.yml

@@ -0,0 +1,77 @@
+name: Docker Image Build (FrankenPHP)
+
+on:
+  #schedule:
+  #  - cron: '0 10 * * *' # everyday at 10am
+  push:
+    branches:
+      - '**'
+      - '!l10n_**'
+    tags:
+      - 'v*.*.*'
+      - 'v*.*.*-**'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Docker meta
+        id: docker_meta
+        uses: docker/metadata-action@v5
+        with:
+          # list of Docker images to use as base name for tags
+          images: |
+            partdborg/part-db
+          # Mark the image build from master as latest (as we dont have really releases yet)
+          tags: |
+            type=edge,branch=master
+            type=ref,event=branch,
+            type=ref,event=tag,
+            type=schedule
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=ref,event=branch
+            type=ref,event=pr
+          labels: |
+            org.opencontainers.image.source=${{ github.event.repository.clone_url }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.title=Part-DB
+            org.opencontainers.image.description=Part-DB is a web application for managing electronic components and your inventory.
+            org.opencontainers.image.url=https://github.com/Part-DB/Part-DB-server
+            org.opencontainers.image.source=https://github.com/Part-DB/Part-DB-server
+            org.opencontainers.image.authors=Jan Böhmer
+            org.opencontainers.licenses=AGPL-3.0-or-later
+
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: 'arm64,arm'
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      -
+        name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: Dockerfile-frankenphp
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.docker_meta.outputs.tags }}
+          labels: ${{ steps.docker_meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/static_analysis.yml

@@ -24,14 +24,14 @@ jobs:
         php-version: '8.2'
         coverage: none
         ini-values: xdebug.max_nesting_level=1000
-        extensions: mbstring, intl, gd, xsl, gmp, bcmath
+        extensions: mbstring, intl, gd, xsl, gmp, bcmath, :php-psr
 
     - name: Get Composer Cache Directory
       id: composer-cache
       run: |
         echo "::set-output name=dir::$(composer config cache-files-dir)"
     
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         path: ${{ steps.composer-cache.outputs.dir }}
         key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}

.github/workflows/tests.yml

@@ -13,13 +13,13 @@ on:
 jobs:
   phpunit:
     name: PHPUnit and coverage Test (PHP ${{ matrix.php-versions }}, ${{ matrix.db-type }})
-    # Ubuntu 20.04 ships MySQL 8.0 which causes problems with login, so we just use ubuntu 18.04 for now...
     runs-on: ubuntu-22.04
 
     strategy:
+      fail-fast: false
       matrix:
-        php-versions: [ '8.1', '8.2' ]
-        db-type: [ 'mysql', 'sqlite' ]
+        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
+        db-type: [ 'mysql', 'sqlite', 'postgres' ]
 
     env:
       # Note that we set DATABASE URL later based on our db-type matrix value
@@ -27,16 +27,21 @@ jobs:
       SYMFONY_DEPRECATIONS_HELPER: disabled
       PHP_VERSION: ${{ matrix.php-versions }}
       DB_TYPE: ${{ matrix.db-type }}
+      CHECK_FOR_UPDATES: false  # Disable update checks for tests
 
     steps:
       - name: Set Database env for MySQL
-        run: echo "DATABASE_URL=mysql://root:root@127.0.0.1:3306/test" >> $GITHUB_ENV
+        run: echo "DATABASE_URL=mysql://root:root@127.0.0.1:3306/partdb?serverVersion=8.0.35" >> $GITHUB_ENV
         if: matrix.db-type == 'mysql'
 
       - name: Set Database env for SQLite
         run: echo "DATABASE_URL="sqlite:///%kernel.project_dir%/var/app_test.db"" >> $GITHUB_ENV
         if: matrix.db-type == 'sqlite'
 
+      - name: Set Database env for PostgreSQL
+        run: echo "DATABASE_URL=postgresql://postgres:postgres @127.0.0.1:5432/partdb?serverVersion=14&charset=utf8" >> $GITHUB_ENV
+        if: matrix.db-type == 'postgres'
+
       - name: Checkout
         uses: actions/checkout@v4
 
@@ -46,10 +51,19 @@ jobs:
           php-version: ${{ matrix.php-versions }}
           coverage: pcov
           ini-values: xdebug.max_nesting_level=1000
-          extensions: mbstring, intl, gd, xsl, gmp, bcmath        
+          extensions: mbstring, intl, gd, xsl, gmp, bcmath, :php-psr
     
       - name: Start MySQL
         run: sudo systemctl start mysql.service
+        if: matrix.db-type == 'mysql'
+
+        # Replace the scram-sha-256 with trust for host connections, to avoid password authentication
+      - name: Start PostgreSQL
+        run: |
+          sudo sed -i 's/^\(host.*all.*all.*\)scram-sha-256/\1trust/' /etc/postgresql/14/main/pg_hba.conf
+          sudo systemctl start postgresql.service
+          sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';"
+        if: matrix.db-type == 'postgres'
 
         #- name: Setup MySQL
       #  uses: mirromutth/mysql-action@v1.1
@@ -64,7 +78,7 @@ jobs:
         id: composer-cache
         run: |
           echo "::set-output name=dir::$(composer config cache-files-dir)"
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -75,7 +89,7 @@ jobs:
         id: yarn-cache-dir-path
         run: echo "::set-output name=dir::$(yarn cache dir)"
 
-      - uses: actions/cache@v3
+      - uses: actions/cache@v4
         id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
         with:
           path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
@@ -87,7 +101,7 @@ jobs:
         run: composer install --prefer-dist --no-progress
     
       - name: Setup node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: '18'
     
@@ -99,24 +113,20 @@ jobs:
     
       - name: Create DB
         run: php bin/console --env test doctrine:database:create --if-not-exists -n
-        if: matrix.db-type == 'mysql'
-
-      # Checkinf for existance is not supported for sqlite, so do it without it
-      - name: Create DB
-        run: php bin/console --env test doctrine:database:create -n
-        if: matrix.db-type == 'sqlite'
+        if: matrix.db-type == 'mysql' || matrix.db-type == 'postgres'
     
       - name: Do migrations
         run: php bin/console --env test doctrine:migrations:migrate -n
 
+      # Use our own custom fixtures loading command to circumvent some problems with reset the autoincrement values
       - name: Load fixtures
-        run: php bin/console --env test doctrine:fixtures:load -n
+        run: php bin/console --env test partdb:fixtures:load -n
     
       - name: Run PHPunit and generate coverage
         run: ./bin/phpunit --coverage-clover=coverage.xml
       
       - name: Upload coverage
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v5
         with:
           env_vars: PHP_VERSION,DB_TYPE
           token: ${{ secrets.CODECOV_TOKEN }}
@@ -134,11 +144,11 @@ jobs:
       - name: Test check-requirements command
         run: php bin/console partdb:check-requirements -n
 
+      - name: Test partdb:backup command
+        run: php bin/console partdb:backup -n --full /tmp/test_backup.zip
+
       - name: Test legacy Part-DB import
         run: bash .github/assets/legacy_import/test_legacy_import.sh
         if: matrix.db-type == 'mysql' && matrix.php-versions == '8.2'
         env:
           DATABASE_URL: mysql://root:root@localhost:3306/legacy_db
-
-
-      

Dockerfile

@@ -1,22 +1,64 @@
-FROM debian:bullseye-slim
+ARG BASE_IMAGE=debian:bookworm-slim
+ARG PHP_VERSION=8.3
+
+FROM ${BASE_IMAGE} AS base
+ARG PHP_VERSION
 
 # Install needed dependencies for PHP build
 #RUN apt-get update &&  apt-get install -y pkg-config curl libcurl4-openssl-dev libicu-dev \
 #    libpng-dev libjpeg-dev libfreetype6-dev gnupg zip libzip-dev libjpeg62-turbo-dev libonig-dev libxslt-dev libwebp-dev vim \
 #    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
 
-RUN apt-get update && apt-get -y install apt-transport-https lsb-release ca-certificates curl zip \
+RUN apt-get update && apt-get -y install \
+      apt-transport-https \
+      lsb-release \
+      ca-certificates \
+      curl \
+      zip \
+      mariadb-client \
+      postgresql-client \
     && curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg  \
     && sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' \
     && apt-get update && apt-get upgrade -y \
-    && apt-get install -y apache2 php8.1 php8.1-fpm php8.1-opcache php8.1-curl php8.1-gd php8.1-mbstring php8.1-xml php8.1-bcmath php8.1-intl php8.1-zip php8.1-xsl php8.1-sqlite3 php8.1-mysql gpg \
-    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*;
-
-ENV APACHE_CONFDIR /etc/apache2
-ENV APACHE_ENVVARS $APACHE_CONFDIR/envvars
-
+    && apt-get install -y \
+      apache2 \
+      php${PHP_VERSION} \
+      php${PHP_VERSION}-fpm \
+      php${PHP_VERSION}-opcache \
+      php${PHP_VERSION}-curl \
+      php${PHP_VERSION}-gd \
+      php${PHP_VERSION}-mbstring \
+      php${PHP_VERSION}-xml \
+      php${PHP_VERSION}-bcmath \
+      php${PHP_VERSION}-intl \
+      php${PHP_VERSION}-zip \
+      php${PHP_VERSION}-xsl \
+      php${PHP_VERSION}-sqlite3 \
+      php${PHP_VERSION}-mysql \
+      php${PHP_VERSION}-pgsql \
+      gpg \
+      sudo \
+    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/* \
 # Create workdir and set permissions if directory does not exists
-RUN mkdir -p /var/www/html && chown -R www-data:www-data /var/www/html
+    && mkdir -p /var/www/html \
+    && chown -R www-data:www-data /var/www/html \
+# delete the "index.html" that installing Apache drops in here
+    && rm -rvf /var/www/html/*
+
+# Install node and yarn
+RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
+    echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
+    curl -sL https://deb.nodesource.com/setup_20.x | bash - && \
+    apt-get update && apt-get install -y \
+      nodejs \
+      yarn \
+    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
+
+# Install composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+
+ENV APACHE_CONFDIR=/etc/apache2
+ENV APACHE_ENVVARS=$APACHE_CONFDIR/envvars
 
 # Configure apache 2 (taken from https://github.com/docker-library/php/blob/master/8.2/bullseye/apache/Dockerfile)
 # generically convert lines like
@@ -27,8 +69,6 @@ RUN mkdir -p /var/www/html && chown -R www-data:www-data /var/www/html
 # so that they can be overridden at runtime ("-e APACHE_RUN_USER=...")
 RUN  sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS"; \
       set -eux; . "$APACHE_ENVVARS";  \
-    # delete the "index.html" that installing Apache drops in here
-    	rm -rvf /var/www/html/*; \
     	\
     # logs should go to stdout / stderr
     	ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log"; \
@@ -36,82 +76,87 @@ RUN  sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS"
     	ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log"; \
         chown -R --no-dereference "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$APACHE_LOG_DIR";
 
-# Enable php-fpm
-RUN a2enmod proxy_fcgi setenvif && a2enconf php8.1-fpm
+# ---
 
+FROM scratch AS apache-config
+ARG PHP_VERSION
 # Configure php-fpm to log to stdout of the container (stdout of PID 1)
 # We have to use /proc/1/fd/1 because /dev/stdout or /proc/self/fd/1 does not point to the container stdout (because we use apache as entrypoint)
 # We also disable the clear_env option to allow the use of environment variables in php-fpm
-RUN { \
-    echo '[global]'; \
-    echo 'error_log = /proc/1/fd/1'; \
-    echo; \
-    echo '[www]'; \
-    echo 'access.log = /proc/1/fd/1'; \
-    echo 'catch_workers_output = yes'; \
-    echo 'decorate_workers_output = no'; \
-    echo 'clear_env = no'; \
-   } | tee "/etc/php/8.1/fpm/pool.d/zz-docker.conf"
+COPY <<EOF /etc/php/${PHP_VERSION}/fpm/pool.d/zz-docker.conf
+[global]
+error_log = /proc/1/fd/1
+
+[www]
+access.log = /proc/1/fd/1
+catch_workers_output = yes
+decorate_workers_output = no
+clear_env = no
+EOF
 
 # PHP files should be handled by PHP, and should be preferred over any other file type
-RUN { \
-		echo '<FilesMatch \.php$>'; \
-		echo '\tSetHandler application/x-httpd-php'; \
-		echo '</FilesMatch>'; \
-		echo; \
-		echo 'DirectoryIndex disabled'; \
-		echo 'DirectoryIndex index.php index.html'; \
-		echo; \
-		echo '<Directory /var/www/>'; \
-		echo '\tOptions -Indexes'; \
-		echo '\tAllowOverride All'; \
-		echo '</Directory>'; \
-	} | tee "$APACHE_CONFDIR/conf-available/docker-php.conf" \
-	&& a2enconf docker-php
+COPY <<EOF /etc/apache2/conf-available/docker-php.conf
+<FilesMatch \\.php$>
+	SetHandler application/x-httpd-php
+</FilesMatch>
+
+DirectoryIndex disabled
+DirectoryIndex index.php index.html
+
+<Directory /var/www/>
+	Options -Indexes
+	AllowOverride All
+</Directory>
+EOF
 
 # Enable opcache and configure it recommended for symfony (see https://symfony.com/doc/current/performance.html)
-RUN  \
-	{ \
-		echo 'opcache.memory_consumption=256'; \
-		echo 'opcache.max_accelerated_files=20000'; \
-		echo 'opcache.validate_timestamp=0'; \
+COPY <<EOF /etc/php/${PHP_VERSION}/fpm/conf.d/symfony-recommended.ini
+opcache.memory_consumption=256
+opcache.max_accelerated_files=20000
+opcache.validate_timestamp=0
 # Configure Realpath cache for performance
-        echo 'realpath_cache_size=4096K'; \
-        echo 'realpath_cache_ttl=600'; \
-    } > /etc/php/8.1/fpm/conf.d/symfony-recommended.ini
+realpath_cache_size=4096K
+realpath_cache_ttl=600
+EOF
 
 # Increase upload limit and enable preloading
-RUN  \
-	{ \
-		echo 'upload_max_filesize=256M'; \
-		echo 'post_max_size=300M'; \
-        echo 'opcache.preload_user=www-data'; \
-        echo 'opcache.preload=/var/www/html/config/preload.php'; \
-    } > /etc/php/8.1/fpm/conf.d/partdb.ini
+COPY <<EOF /etc/php/${PHP_VERSION}/fpm/conf.d/partdb.ini
+upload_max_filesize=256M
+post_max_size=300M
+opcache.preload_user=www-data
+opcache.preload=/var/www/html/config/preload.php
+log_limit=8096
+EOF
 
-# Install node and yarn
-RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
-RUN curl -sL https://deb.nodesource.com/setup_18.x | bash - && apt-get update && apt-get install -y nodejs yarn && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
+COPY ./.docker/symfony.conf /etc/apache2/sites-available/symfony.conf
 
-# Install composer
-COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+# ---
 
+FROM base
+ARG PHP_VERSION
 
 # Set working dir
 WORKDIR /var/www/html
+COPY --from=apache-config / /
 COPY --chown=www-data:www-data . .
 
 # Setup apache2
-RUN a2dissite 000-default.conf
-COPY ./.docker/symfony.conf /etc/apache2/sites-available/symfony.conf
-RUN a2ensite symfony.conf
-RUN a2enmod rewrite
+RUN a2dissite 000-default.conf && \
+    a2ensite symfony.conf && \
+# Enable php-fpm
+    a2enmod proxy_fcgi setenvif && \
+    a2enconf php${PHP_VERSION}-fpm && \
+    a2enconf docker-php && \
+    a2enmod rewrite
 
 # Install composer and yarn dependencies for Part-DB
 USER www-data
-RUN composer install -a --no-dev && composer clear-cache
-RUN yarn install --network-timeout 600000 && yarn build && yarn cache clean && rm -rf node_modules/
+RUN composer install -a --no-dev && \
+    composer clear-cache
+RUN yarn install --network-timeout 600000 && \
+    yarn build && \
+    yarn cache clean && \
+    rm -rf node_modules/
 
 # Use docker env to output logs to stdout
 ENV APP_ENV=docker
@@ -119,10 +164,12 @@ ENV DATABASE_URL="sqlite:///%kernel.project_dir%/uploads/app.db"
 
 USER root
 
-# Copy entrypoint to /usr/local/bin and make it executable
-RUN cp ./.docker/partdb-entrypoint.sh /usr/local/bin/partdb-entrypoint.sh && chmod +x /usr/local/bin/partdb-entrypoint.sh
-# Copy apache2-foreground to /usr/local/bin and make it executable
-RUN cp ./.docker/apache2-foreground /usr/local/bin/apache2-foreground && chmod +x /usr/local/bin/apache2-foreground
+# Replace the php version placeholder in the entry point, with our php version
+RUN sed -i "s/PHP_VERSION/${PHP_VERSION}/g" ./.docker/partdb-entrypoint.sh
+
+# Copy entrypoint and apache2-foreground to /usr/local/bin and make it executable
+RUN install ./.docker/partdb-entrypoint.sh /usr/local/bin && \
+    install ./.docker/apache2-foreground /usr/local/bin
 ENTRYPOINT ["partdb-entrypoint.sh"]
 CMD ["apache2-foreground"]
 

Dockerfile-frankenphp

@@ -0,0 +1,101 @@
+FROM dunglas/frankenphp:1-php8.3 AS frankenphp_upstream
+
+RUN apt-get update && apt-get -y install \
+      curl \
+      ca-certificates \
+      mariadb-client \
+      postgresql-client \
+      file \
+      acl \
+      git \
+      gettext \
+      gnupg \
+      zip \
+    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*;
+
+# Install node and yarn
+RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
+    echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
+    curl -sL https://deb.nodesource.com/setup_20.x | bash - && \
+    apt-get update && apt-get install -y \
+      nodejs yarn \
+    && apt-get -y autoremove && apt-get clean autoclean && rm -rf /var/lib/apt/lists/*
+
+# Install PHP
+RUN set -eux; \
+	install-php-extensions \
+		@composer \
+		apcu \
+		intl \
+		opcache \
+		zip \
+        pdo_mysql \
+        pdo_sqlite \
+        pdo_pgsql \
+        gd \
+        bcmath \
+        xsl \
+	;
+
+# Copy config files for php and caddy
+COPY --link .docker/frankenphp/conf.d/app.ini $PHP_INI_DIR/conf.d/
+COPY --chmod=755 .docker/frankenphp/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
+COPY --link .docker/frankenphp/Caddyfile /etc/caddy/Caddyfile
+COPY --link .docker/frankenphp/conf.d/app.prod.ini $PHP_INI_DIR/conf.d/
+COPY --link .docker/frankenphp/worker.Caddyfile /etc/caddy/worker.Caddyfile
+ENV FRANKENPHP_CONFIG="import worker.Caddyfile"
+
+RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
+
+# Install composer
+ENV COMPOSER_ALLOW_SUPERUSER=1
+#COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+
+# Create workdir and set permissions if directory does not exists
+WORKDIR /app
+
+# prevent the reinstallation of vendors at every changes in the source code
+COPY --link composer.* symfony.* ./
+RUN set -eux; \
+	composer install --no-cache --prefer-dist --no-dev --no-autoloader --no-scripts --no-progress
+
+# copy sources
+COPY --link . ./
+
+# Install composer and yarn dependencies for Part-DB
+RUN set -eux; \
+	mkdir -p var/cache var/log; \
+	composer dump-autoload --classmap-authoritative --no-dev; \
+	composer dump-env prod; \
+	composer run-script --no-dev post-install-cmd; \
+	chmod +x bin/console; sync;
+
+RUN yarn install --network-timeout 600000 && \
+    yarn build && \
+    yarn cache clean && \
+    rm -rf node_modules/
+
+# Use docker env to output logs to stdout
+ENV APP_ENV=docker
+ENV DATABASE_URL="sqlite:///%kernel.project_dir%/uploads/app.db"
+
+USER root
+
+ENTRYPOINT ["docker-entrypoint"]
+CMD ["frankenphp", "run", "--config", "/etc/caddy/Caddyfile"]
+
+# https://httpd.apache.org/docs/2.4/stopping.html#gracefulstop
+STOPSIGNAL SIGWINCH
+
+VOLUME ["/var/www/html/uploads", "/var/www/html/public/media"]
+
+HEALTHCHECK --start-period=60s CMD curl -f http://localhost:2019/metrics || exit 1
+
+# See https://caddyserver.com/docs/conventions#file-locations for details
+ENV XDG_CONFIG_HOME /config
+ENV XDG_DATA_HOME /data
+
+EXPOSE 80
+EXPOSE 443
+EXPOSE 443/udp
+EXPOSE 2019

README.md

@@ -9,7 +9,7 @@
 ![Docker Build Status](https://github.com/Part-DB/Part-DB-symfony/workflows/Docker%20Image%20Build/badge.svg)
 [![Crowdin](https://badges.crowdin.net/e/8325196085d4bee8c04b75f7c915452a/localized.svg)](https://part-db.crowdin.com/part-db)
 
-**[Documentation](https://docs.part-db.de/)** | **[Demo](https://part-db.herokuapp.com)** | **[Docker Image](https://hub.docker.com/r/jbtronics/part-db1)**
+**[Documentation](https://docs.part-db.de/)** | **[Demo](https://demo.part-db.de/)** | **[Docker Image](https://hub.docker.com/r/jbtronics/part-db1)**
 
 # Part-DB
 
@@ -24,13 +24,13 @@ for everybody.
 
 ## Demo
 
-If you want to test Part-DB without installing it, you can use [this](https://part-db.herokuapp.com) Heroku instance.
-(Or this link for the [German Version](https://part-db.herokuapp.com/de/)).
+If you want to test Part-DB without installing it, you can use [this](https://demo.part-db.de/) Heroku instance.
+(Or this link for the [German Version](https://demo.part-db.de/de/)).
 
 You can log in with username: *user* and password: *user*.
 
 Every change to the master branch gets automatically deployed, so it represents the current development progress and is
-maybe not completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading
+may not completely stable. Please mind, that the free Heroku instance is used, so it can take some time when loading
 the page
 for the first time.
 
@@ -39,10 +39,10 @@ for the first time.
 
 ## Features
 
-* Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer
+* Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer,
   and multiple store locations and price information. Parts can be grouped using tags. You can associate various files
   like datasheets or pictures with the parts.
-* Multi-Language support (currently German, English, Russian, Japanese and French (experimental))
+* Multi-language support (currently German, English, Russian, Japanese, French, Czech, Danish, and Chinese)
 * Barcodes/Labels generator for parts and storage locations, scan barcodes via webcam using the builtin barcode scanner
 * User system with groups and detailed (fine granular) permissions.
   Two-factor authentication is supported (Google Authenticator and Webauthn/U2F keys) and can be enforced for groups.
@@ -52,31 +52,33 @@ for the first time.
 * Import/Export system for parts and data structure. BOM import for projects from KiCAD is supported.
 * Project management: Create projects and assign parts to the bill of material (BOM), to show how often you could build
   this project and directly withdraw all components needed from DB
-* Event log: Track what changes happens to your inventory, track which user does what. Revert your parts to older
+* Event log: Track what changes happen to your inventory, track which user does what. Revert your parts to older
   versions.
-* Responsive design: You can use Part-DB on your PC, your tablet and your smartphone using the same interface.
-* MySQL and SQLite supported as database backends
+* Responsive design: You can use Part-DB on your PC, your tablet, and your smartphone using the same interface.
+* MySQL, SQLite and PostgreSQL are supported as database backends
 * Support for rich text descriptions and comments in parts
 * Support for multiple currencies and automatic update of exchange rates supported
 * Powerful search and filter function, including parametric search (search for parts according to some specifications)
 * Automatic thumbnail generation for pictures
-* Use cloud providers (like Octopart, Digikey, farnell or TME) to automatically get part information, datasheets and
+* Use cloud providers (like Octopart, Digikey, Farnell, LCSC or TME) to automatically get part information, datasheets, and
   prices for parts
 * API to access Part-DB from other applications/scripts
+* [Integration with KiCad](https://docs.part-db.de/usage/eda_integration.html): Use Part-DB as the central datasource for your
+  KiCad and see available parts from Part-DB directly inside KiCad.
 
-With these features Part-DB is useful to hobbyists, who want to keep track of their private electronic parts inventory,
-or makerspaces, where many users have should have (controlled) access to the shared inventory.
+With these features, Part-DB is useful to hobbyists, who want to keep track of their private electronic parts inventory,
+or maker spaces, where many users should have (controlled) access to the shared inventory.
 
 Part-DB is also used by small companies and universities for managing their inventory.
 
 ## Requirements
 
 * A **web server** (like Apache2 or nginx) that is capable of
-  running [Symfony 5](https://symfony.com/doc/current/reference/requirements.html),
+  running [Symfony 6](https://symfony.com/doc/current/reference/requirements.html),
   this includes a minimum PHP version of **PHP 8.1**
-* A **MySQL** (at least 5.7) /**MariaDB** (at least 10.2.2) database server if you do not want to use SQLite.
-* Shell access to your server is highly suggested!
-* For building the client side assets **yarn** and **nodejs** (>= 18.0) is needed.
+* A **MySQL** (at least 5.7) /**MariaDB** (at least 10.4) database server, or **PostgreSQL** 10+ if you do not want to use SQLite.
+* Shell access to your server is highly recommended!
+* For building the client-side assets **yarn** and **nodejs** (>= 18.0) is needed.
 
 ## Installation
 
@@ -86,8 +88,8 @@ read [this](https://docs.part-db.de/upgrade_legacy.html) first.
 *Hint:* A docker image is available under [jbtronics/part-db1](https://hub.docker.com/r/jbtronics/part-db1). How to set
 up Part-DB via docker is described [here](https://docs.part-db.de/installation/installation_docker.html).
 
-**Below you find some very rough outline of the installation process, see [here](https://docs.part-db.de/installation/)
-for a detailed guide how to install Part-DB.**
+**Below you find a very rough outline of the installation process, see [here](https://docs.part-db.de/installation/)
+for a detailed guide on how to install Part-DB.**
 
 1. Copy or clone this repository into a folder on your server.
 2. Configure your webserver to serve from the `public/` folder.
@@ -101,21 +103,17 @@ for a detailed guide how to install Part-DB.**
       In bigger instances with concurrent accesses, MySQL is more performant. This can not be changed easily later, so
       choose wisely.
 4. Install composer dependencies and generate autoload files: `composer install -o --no-dev`
-5. If you have put Part-DB into a subdirectory on your server (like `part-db/`), you have to edit the file
-   `webpack.config.js` and uncomment the lines (remove the `//` before the lines) `.setPublicPath('/part-db/build')` (
-   line 43) and
-   `.setManifestKeyPrefix('build/')` (line 44). You have to replace `/part-db` with your own path on line 44.
-6. Install client side dependencies and build it: `yarn install` and `yarn build`
-7. _Optional_ (speeds up first load): Warmup cache: `php bin/console cache:warmup`
-8. Upgrade database to new scheme (or create it, when it was empty): `php bin/console doctrine:migrations:migrate` and
+5. Install client side dependencies and build it: `yarn install` and `yarn build`
+6. _Optional_ (speeds up first load): Warmup cache: `php bin/console cache:warmup`
+7. Upgrade database to new scheme (or create it, when it was empty): `php bin/console doctrine:migrations:migrate` and
    follow the instructions given. During the process the password for the admin is user is shown. Copy it. **Caution**:
-   This steps tamper with your database and could potentially destroy it. So make sure to make a backup of your
+   These steps tamper with your database and could potentially destroy it. So make sure to make a backup of your
    database.
-9. You can configure Part-DB via `config/parameters.yaml`. You should check if settings match your expectations, after
+8. You can configure Part-DB via `config/parameters.yaml`. You should check if settings match your expectations after
    you installed/upgraded Part-DB. Check if `partdb.default_currency` matches your mainly used currency (this can not be
    changed after creating price information).
-   Run `php bin/console cache:clear` when you changed something.
-10. Access Part-DB in your browser (under the URL you put it) and login with user *admin*. Password is the one outputted
+   Run `php bin/console cache:clear` when you change something.
+9. Access Part-DB in your browser (under the URL you put it) and log in with user *admin*. Password is the one outputted
    during DB setup.
    If you can not remember the password, set a new one with `php bin/console app:set-password admin`. You can create
    new users with the admin user and start using Part-DB.
@@ -124,23 +122,23 @@ When you want to upgrade to a newer version, then just copy the new files into t
 and repeat the steps 4. to 7.
 
 Normally a random password is generated when the admin user is created during initial database creation,
-however you can set the initial admin password, by setting the `INITIAL_ADMIN_PW` env var.
+however, you can set the initial admin password, by setting the `INITIAL_ADMIN_PW` env var.
 
 You can configure Part-DB to your needs by changing environment variables in the `.env.local` file.
 See [here](https://docs.part-db.de/configuration.html) for more information.
 
 ### Reverse proxy
 
-If you are using a reverse proxy, you have to ensure that the proxies sets the `X-Forwarded-*` headers correctly, or you
+If you are using a reverse proxy, you have to ensure that the proxies set the `X-Forwarded-*` headers correctly, or you
 will get HTTP/HTTPS mixup and wrong hostnames.
 If the reverse proxy is on a different server (or it cannot access Part-DB via localhost) you have to set
-the `TRUSTED_PROXIES` env variable to match your reverse proxies IP-address (or IP block). You can do this in
+the `TRUSTED_PROXIES` env variable to match your reverse proxy's IP address (or IP block). You can do this in
 your `.env.local` or (when using docker) in your `docker-compose.yml` file.
 
 ## Donate for development
 
 If you want to donate to the Part-DB developer, see the sponsor button in the top bar (next to the repo name).
-There you will find various methods to support development on a monthly or a one time base.
+There you will find various methods to support development on a monthly or a one-time base.
 
 ## Built with
 

VERSION

@@ -1 +1 @@
-1.8.1
+1.17.1

assets/ckeditor/plugins/PartDBLabel/PartDBLabelUI.js

@@ -85,6 +85,9 @@ const PLACEHOLDERS = [
             ['[[COMMENT_T]]', 'Comment (plain text)'],
             ['[[LAST_MODIFIED]]', 'Last modified datetime'],
             ['[[CREATION_DATE]]', 'Creation datetime'],
+            ['[[IPN_BARCODE_QR]]', 'IPN as QR code'],
+            ['[[IPN_BARCODE_C128]]', 'IPN as Code 128 barcode'],
+            ['[[IPN_BARCODE_C39]]', 'IPN as Code 39 barcode'],
         ]
     },
     {
@@ -125,6 +128,8 @@ const PLACEHOLDERS = [
             ['[[BARCODE_QR]]', 'QR code linking to this element'],
             ['[[BARCODE_C128]]', 'Code 128 barcode linking to this element'],
             ['[[BARCODE_C39]]', 'Code 39 barcode linking to this element'],
+            ['[[BARCODE_C93]]', 'Code 93 barcode linking to this element'],
+            ['[[BARCODE_DATAMATRIX]]', 'Datamatrix code linking to this element'],
         ]
     },
     {

assets/ckeditor/plugins/PartDBLabel/lang/de.js

@@ -48,6 +48,9 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
     'Comment (plain text)': 'Kommentar (Nur-Text)',
     'Last modified datetime': 'Zuletzt geändert',
     'Creation datetime': 'Erstellt',
+    'IPN as QR code': 'IPN als QR Code',
+    'IPN as Code 128 barcode': 'IPN als Code 128 Barcode',
+    'IPN as Code 39 barcode': 'IPN als Code 39 Barcode',
 
     'Lot ID': 'Lot ID',
     'Lot name': 'Lot Name',
@@ -66,6 +69,8 @@ Object.assign( window.CKEDITOR_TRANSLATIONS[ 'de' ].dictionary, {
     'QR code linking to this element': 'QR Code verknüpft mit diesem Element',
     'Code 128 barcode linking to this element': 'Code 128 Barcode verknüpft mit diesem Element',
     'Code 39 barcode linking to this element': 'Code 39 Barcode verknüpft mit diesem Element',
+    'Code 93 barcode linking to this element': 'Code 93 Barcode verknüpft mit diesem Element',
+    'Datamatrix code linking to this element': 'Datamatrix Code verknüpft mit diesem Element',
 
     'Location ID': 'Lagerort ID',
     'Name': 'Name',

assets/controllers/common/hide_sidebar_controller.js

@@ -88,5 +88,8 @@ export default class extends Controller {
         } else {
             this.hideSidebar();
         }
+
+        //Hide the tootip on the button
+        this._toggle_button.blur();
     }
 }

assets/controllers/common/markdown_controller.js

@@ -20,18 +20,26 @@
 'use strict';
 
 import { Controller } from '@hotwired/stimulus';
-import { marked } from "marked";
+import { Marked } from "marked";
 import { mangle } from "marked-mangle";
 import { gfmHeadingId } from "marked-gfm-heading-id";
 import DOMPurify from 'dompurify';
 
 import "../../css/app/markdown.css";
 
-export default class extends Controller {
+export default class MarkdownController extends Controller {
+
+    static _marked = new Marked([
+        {
+            gfm: true,
+        },
+        gfmHeadingId(),
+        mangle(),
+    ])
+    ;
 
     connect()
     {
-        this.configureMarked();
         this.render();
 
         //Dispatch an event that we are now finished
@@ -45,7 +53,7 @@ export default class extends Controller {
         let raw = this.element.dataset['markdown'];
 
         //Apply purified parsed markdown
-        this.element.innerHTML = DOMPurify.sanitize(marked(this.unescapeHTML(raw)));
+        this.element.innerHTML = DOMPurify.sanitize(MarkdownController._marked.parse(this.unescapeHTML(raw)));
 
         for(let a of this.element.querySelectorAll('a')) {
             //Mark all links as external
@@ -81,8 +89,17 @@ export default class extends Controller {
     /**
      * Configure the marked parser
      */
-    configureMarked()
+    /*static newMarked()
     {
+        const marked = new Marked([
+            {
+                gfm: true,
+            },
+            gfmHeadingId(),
+            mangle(),
+            ])
+        ;
+
         marked.use(mangle());
         marked.use(gfmHeadingId({
         }));
@@ -90,5 +107,5 @@ export default class extends Controller {
         marked.setOptions({
             gfm: true,
         });
-    }
+    }*/
 }

assets/controllers/elements/attachment_autocomplete_controller.js

@@ -23,6 +23,12 @@ import "tom-select/dist/css/tom-select.bootstrap5.css";
 import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";
 
+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 export default class extends Controller {
     _tomSelect;
 
@@ -46,6 +52,12 @@ export default class extends Controller {
                     }
                     return '<div>' + escape(data.label) + '</div>';
                 }
+            },
+            plugins: {
+                'autoselect_typed': {},
+                'click_to_edit': {},
+                'clear_button': {},
+                "restore_on_backspace": {}
             }
         };
 

assets/controllers/elements/ckeditor_controller.js

@@ -53,6 +53,7 @@ export default class extends Controller {
 
         const config = {
             language: language,
+            licenseKey: "GPL",
         }
 
         const watchdog = new EditorWatchdog();
@@ -70,7 +71,9 @@ export default class extends Controller {
                         editor_div.classList.add(...new_classes.split(","));
                     }
 
-                    console.log(editor);
+                    //This return is important! Otherwise we get mysterious errors in the console
+                    //See: https://github.com/ckeditor/ckeditor5/issues/5897#issuecomment-628471302
+                    return editor;
                 })
                 .catch(error => {
                     console.error(error);

assets/controllers/elements/collection_type_controller.js

@@ -75,13 +75,49 @@ export default class extends Controller {
 
         //Insert new html after the last child element
         //If the table has a tbody, insert it there
+        //Afterwards return the newly created row
         if(targetTable.tBodies[0]) {
             targetTable.tBodies[0].insertAdjacentHTML('beforeend', newElementStr);
+            return targetTable.tBodies[0].lastElementChild;
         } else { //Otherwise just insert it
             targetTable.insertAdjacentHTML('beforeend', newElementStr);
+            return targetTable.lastElementChild;
         }
     }
 
+    /**
+     * This action opens a file dialog to select multiple files and then creates a new element for each file, where
+     * the file is assigned to the input field.
+     * This should only be used for attachments collection types
+     * @param event
+     */
+    uploadMultipleFiles(event) {
+        //Open a file dialog to select multiple files
+        const input = document.createElement('input');
+        input.type = 'file';
+        input.multiple = true;
+        input.click();
+
+        input.addEventListener('change', (event) => {
+            //Create a element for each file
+
+            for (let i = 0; i < input.files.length; i++) {
+                const file = input.files[i];
+
+                const newElement = this.createElement(event);
+                const rowInput = newElement.querySelector("input[type='file']");
+
+                //We can not directly assign the file to the input, so we have to create a new DataTransfer object
+                const dataTransfer = new DataTransfer();
+                dataTransfer.items.add(file);
+
+                rowInput.files = dataTransfer.files;
+            }
+
+        });
+
+    }
+
     /**
      * Similar to createEvent Pricedetails need some special handling to fill min amount
      * @param event

assets/controllers/elements/datatables/datatables_controller.js

@@ -24,18 +24,25 @@ import 'datatables.net-bs5/css/dataTables.bootstrap5.css'
 import 'datatables.net-buttons-bs5/css/buttons.bootstrap5.css'
 import 'datatables.net-fixedheader-bs5/css/fixedHeader.bootstrap5.css'
 import 'datatables.net-responsive-bs5/css/responsive.bootstrap5.css';
-import 'datatables.net-select-bs5/css/select.bootstrap5.css';
+
+//Use our own styles for the select extension which fit the bootstrap theme better
+//import 'datatables.net-select-bs5/css/select.bootstrap5.css';
+import '../../../css/components/datatables_select_bs5.css';
 
 //JS
 import 'datatables.net-bs5';
 import 'datatables.net-buttons-bs5';
 import 'datatables.net-buttons/js/buttons.colVis.js';
 import 'datatables.net-fixedheader-bs5';
-import 'datatables.net-select-bs5';
 import 'datatables.net-colreorder-bs5';
 import 'datatables.net-responsive-bs5';
 import '../../../js/lib/datatables';
 
+//import 'datatables.net-select-bs5';
+//Use the local version containing the fix for the select extension
+import '../../../js/lib/dataTables.select.mjs';
+
+
 const EVENT_DT_LOADED = 'dt:loaded';
 
 export default class extends Controller {
@@ -132,7 +139,7 @@ export default class extends Controller {
         if(this.isSelectable()) {
             options.select = {
                 style:    'multi+shift',
-                selector: 'td.select-checkbox'
+                selector: 'td.dt-select',
             };
         }
 
@@ -145,6 +152,12 @@ export default class extends Controller {
 
         //Fix height of the length selector
         promise.then((dt) => {
+
+            //Draw the rows to make sure the correct status text is displayed ("No matching records found" instead of "Loading...")
+            if (dt.data().length === 0) {
+                dt.rows().draw()
+            }
+
             //Find all length selectors (select with name dt_length), which are inside a label
             const lengthSelectors = document.querySelectorAll('label select[name="dt_length"]');
             //And remove the surrounding label, while keeping the select with all event handlers
@@ -180,27 +193,6 @@ export default class extends Controller {
             dt.fixedHeader.headerOffset($("#navbar").outerHeight());
         });
 
-        //Register event handler to selectAllRows checkbox if available
-        if (this.isSelectable()) {
-            promise.then((dt) => {
-               const selectAllCheckbox = this.element.querySelector('thead th.select-checkbox');
-               selectAllCheckbox.addEventListener('click', () => {
-                   if(selectAllCheckbox.parentElement.classList.contains('selected')) {
-                       dt.rows().deselect();
-                       selectAllCheckbox.parentElement.classList.remove('selected');
-                   } else {
-                       dt.rows().select();
-                       selectAllCheckbox.parentElement.classList.add('selected');
-                   }
-               });
-
-                //When any row is deselected, also deselect the selectAll checkbox
-                dt.on('deselect.dt', () => {
-                    selectAllCheckbox.parentElement.classList.remove('selected');
-                });
-            });
-        }
-
         //Allow to further configure the datatable
         promise.then(this._afterLoaded.bind(this));
 

assets/controllers/elements/delete_btn_controller.js

@@ -43,7 +43,8 @@ export default class extends Controller
         const message = this.element.dataset.deleteMessage;
         const title = this.element.dataset.deleteTitle;
 
-        const form = this.element;
+        //Use event target, to find the form, where the submit button was clicked
+        const form = event.target;
         const submitter = event.submitter;
         const that = this;
 

assets/controllers/elements/localStorage_checkbox_controller.js

@@ -0,0 +1,67 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+export default class extends Controller
+{
+    static values = {
+        id: String
+    }
+
+    connect() {
+        this.loadState()
+        this.element.addEventListener('change', () => {
+            this.saveState()
+        });
+    }
+
+    loadState() {
+        let storageKey = this.getStorageKey();
+        let value = localStorage.getItem(storageKey);
+        if (value === null) {
+            return;
+        }
+
+        if (value === 'true') {
+            this.element.checked = true
+        }
+        if (value === 'false') {
+            this.element.checked = false
+        }
+    }
+
+    saveState() {
+        let storageKey = this.getStorageKey();
+
+        if (this.element.checked) {
+            localStorage.setItem(storageKey, 'true');
+        } else {
+            localStorage.setItem(storageKey, 'false');
+        }
+    }
+
+    getStorageKey() {
+        if (this.hasIdValue) {
+            return 'persistent_checkbox_' + this.idValue
+        }
+
+        return 'persistent_checkbox_' + this.element.id;
+    }
+}

assets/controllers/elements/part_search_controller.js

@@ -0,0 +1,200 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2024 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import { Controller } from "@hotwired/stimulus";
+import { autocomplete } from '@algolia/autocomplete-js';
+//import "@algolia/autocomplete-theme-classic/dist/theme.css";
+import "../../css/components/autocomplete_bootstrap_theme.css";
+import { createLocalStorageRecentSearchesPlugin } from '@algolia/autocomplete-plugin-recent-searches';
+import {marked} from "marked";
+
+import {
+    trans,
+    SEARCH_PLACEHOLDER,
+    SEARCH_SUBMIT,
+    STATISTICS_PARTS
+} from '../../translator';
+
+
+/**
+ * This controller is responsible for the search fields in the navbar and the homepage.
+ * It uses the Algolia Autocomplete library to provide a fast and responsive search.
+ */
+export default class extends Controller {
+
+    static targets = ["input"];
+
+    _autocomplete;
+
+    // Highlight the search query in the results
+    _highlight = (text, query) => {
+        if (!text) return text;
+        if (!query) return text;
+
+        const HIGHLIGHT_PRE_TAG = '__aa-highlight__'
+        const HIGHLIGHT_POST_TAG = '__/aa-highlight__'
+
+        const escaped = query.replace(/[-/\\^$*+?.()|[\]{}]/g, '\\$&');
+        const regex = new RegExp(escaped, 'gi');
+
+        return text.replace(regex, (match) => `${HIGHLIGHT_PRE_TAG}${match}${HIGHLIGHT_POST_TAG}`);
+    }
+
+    initialize() {
+        // The endpoint for searching parts
+        const base_url = this.element.dataset.autocomplete;
+        // The URL template for the part detail pages
+        const part_detail_uri_template = this.element.dataset.detailUrl;
+
+        //The URL of the placeholder picture
+        const placeholder_image = this.element.dataset.placeholderImage;
+
+        //If the element is in navbar mode, or not
+        const navbar_mode = this.element.dataset.navbarMode === "true";
+
+        const that = this;
+
+        const recentSearchesPlugin = createLocalStorageRecentSearchesPlugin({
+            key: 'RECENT_SEARCH',
+            limit: 5,
+        });
+
+        this._autocomplete = autocomplete({
+            container: this.element,
+            //Place the panel in the navbar, if the element is in navbar mode
+            panelContainer: navbar_mode ? document.getElementById("navbar-search-form") : document.body,
+            panelPlacement: this.element.dataset.panelPlacement,
+            plugins: [recentSearchesPlugin],
+            openOnFocus: true,
+            placeholder: trans(SEARCH_PLACEHOLDER),
+            translations: {
+                submitButtonTitle: trans(SEARCH_SUBMIT)
+            },
+
+            // Use a navigator compatible with turbo:
+            navigator: {
+                navigate({ itemUrl }) {
+                    window.Turbo.visit(itemUrl, { action: "advance" });
+                },
+                navigateNewTab({ itemUrl }) {
+                    const windowReference = window.open(itemUrl, '_blank', 'noopener');
+
+                    if (windowReference) {
+                        windowReference.focus();
+                    }
+                },
+                navigateNewWindow({ itemUrl }) {
+                    window.open(itemUrl, '_blank', 'noopener');
+                },
+            },
+
+            // If the form is submitted, forward the term to the form
+            onSubmit({state, event, ...setters}) {
+                //Put the current text into each target input field
+                const input = that.inputTarget;
+
+                if (!input) {
+                    return;
+                }
+
+                //Do not submit the form, if the input is empty
+                if (state.query === "") {
+                    return;
+                }
+
+                input.value = state.query;
+                input.form.requestSubmit();
+            },
+
+
+            getSources({ query }) {
+                return [
+                    // The parts source
+                    {
+                        sourceId: 'parts',
+                        getItems() {
+                            const url = base_url.replace('__QUERY__', encodeURIComponent(query));
+
+                            const data = fetch(url)
+                                .then((response) => response.json())
+                                ;
+
+                            //Iterate over all fields besides the id and highlight them
+                            const fields = ["name", "description", "category", "footprint"];
+
+                            data.then((items) => {
+                                items.forEach((item) => {
+                                    for (const field of fields) {
+                                        item[field] = that._highlight(item[field], query);
+                                    }
+                                });
+                            });
+
+                            return data;
+                        },
+                        getItemUrl({ item }) {
+                            return part_detail_uri_template.replace('__ID__', item.id);
+                        },
+                        templates: {
+                            header({ html }) {
+                                return html`<span class="aa-SourceHeaderTitle">${trans(STATISTICS_PARTS)}</span>
+                                    <div class="aa-SourceHeaderLine" />`;
+                            },
+                            item({item, components, html}) {
+                                const details_url = part_detail_uri_template.replace('__ID__', item.id);
+
+                                return html`
+                                    <a class="aa-ItemLink" href="${details_url}">
+                                        <div class="aa-ItemContent">
+                                            <div class="aa-ItemIcon aa-ItemIcon--picture aa-ItemIcon--alignTop">
+                                                <img src="${item.image !== "" ? item.image : placeholder_image}" alt="${item.name}" width="30" height="30"/>
+                                            </div>
+                                            <div class="aa-ItemContentBody">
+                                                <div class="aa-ItemContentTitle">
+                                                    <b>
+                                                        ${components.Highlight({hit: item, attribute: 'name'})}
+                                                    </b>
+                                                </div>
+                                                <div class="aa-ItemContentDescription">
+                                                    ${components.Highlight({hit: item, attribute: 'description'})}
+                                                    ${item.category ? html`<p class="m-0"><span class="fa-solid fa-tags fa-fw"></span>${components.Highlight({hit: item, attribute: 'category'})}</p>` : ""}
+                                                    ${item.footprint ? html`<p class="m-0"><span class="fa-solid fa-microchip fa-fw"></span>${components.Highlight({hit: item, attribute: 'footprint'})}</p>` : ""}
+                                                </div>
+                                            </div>
+                                        </div>
+                                    </a>
+                                `;
+                            },
+                        },
+                    },
+                ];
+            },
+        });
+
+        //Try to find the input field and register a defocus handler. This is necessarry, as by default the autocomplete
+        //lib has problems when multiple inputs are present on the page. (see https://github.com/algolia/autocomplete/issues/1216)
+        const inputs = this.element.getElementsByClassName('aa-Input');
+        for (const input of inputs) {
+            input.addEventListener('blur', () => {
+                this._autocomplete.setIsOpen(false);
+            });
+        }
+
+    }
+}

assets/controllers/elements/part_select_controller.js

@@ -27,7 +27,7 @@ export default class extends Controller {
                     }
 
                     let tmp = '<div class="row m-0">' +
-                        "<div class='col-2 p-0 d-flex align-items-center'>" +
+                        "<div class='col-2 p-0 d-flex align-items-center' style='max-width: 80px;'>" +
                         (data.image ? "<img class='typeahead-image' src='" + data.image + "'/>" : "") +
                         "</div>" +
                         "<div class='col-10'>" +

assets/controllers/elements/static_file_autocomplete_controller.js

@@ -0,0 +1,106 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+import "tom-select/dist/css/tom-select.bootstrap5.css";
+import '../../css/components/tom-select_extensions.css';
+import TomSelect from "tom-select";
+
+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
+/**
+ * This is the frontend controller for StaticFileAutocompleteType form element.
+ * Basically it loads a text file from the given url (via data-url) and uses it as a source for the autocomplete.
+ * The file is just a list of strings, one per line, which will be used as the autocomplete options.
+ * Lines starting with # will be ignored.
+ */
+export default class extends Controller {
+    _tomSelect;
+
+    connect() {
+
+        let settings = {
+            persistent: false,
+            create: true,
+            maxItems: 1,
+            maxOptions: 100,
+            createOnBlur: true,
+            selectOnTab: true,
+            valueField: 'text',
+            searchField: 'text',
+            orderField: 'text',
+
+            //This a an ugly solution to disable the delimiter parsing of the TomSelect plugin
+            delimiter: 'VERY_L0NG_D€LIMITER_WHICH_WILL_NEVER_BE_ENCOUNTERED_IN_A_STRING',
+            plugins: {
+                'autoselect_typed': {},
+                'click_to_edit': {},
+                'clear_button': {},
+                'restore_on_backspace': {}
+            }
+        };
+
+        if (this.element.dataset.url) {
+            const url = this.element.dataset.url;
+            settings.load = (query, callback) => {
+                const self = this;
+                if (self.loading > 1) {
+                    callback();
+                    return;
+                }
+
+                fetch(url)
+                    .then(response => response.text())
+                    .then(text => {
+                        // Convert the text file to array
+                        let lines = text.split("\n");
+                        //Remove all lines beginning with #
+                        lines = lines.filter(x => !x.startsWith("#"));
+
+                        //Convert the array to an object, where each line is in the text field
+                        lines = lines.map(x => {
+                            return {text: x};
+                        });
+
+
+                        //Unset the load function to prevent endless recursion
+                        self._tomSelect.settings.load = null;
+
+                        callback(lines);
+                    }).catch(() => {
+                    callback();
+                });
+            };
+        }
+
+        this._tomSelect = new TomSelect(this.element, settings);
+    }
+
+    disconnect() {
+        super.disconnect();
+        //Destroy the TomSelect instance
+        this._tomSelect.destroy();
+    }
+
+}

assets/controllers/elements/structural_entity_select_controller.js

@@ -24,6 +24,8 @@ import {Controller} from "@hotwired/stimulus";
 
 import {trans, ENTITY_SELECT_GROUP_NEW_NOT_ADDED_TO_DB} from '../../translator.js'
 
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
 
 export default class extends Controller {
     _tomSelect;
@@ -38,11 +40,20 @@ export default class extends Controller {
         const allowAdd = this.element.getAttribute("data-allow-add") === "true";
         const addHint = this.element.getAttribute("data-add-hint") ?? "";
 
+
+
+
         let settings = {
             allowEmptyOption: true,
             selectOnTab: true,
             maxOptions: null,
             create: allowAdd ? this.createItem.bind(this) : false,
+            createFilter: this.createFilter.bind(this),
+
+            // This three options allow us to paste element names with commas: (see issue #538)
+            maxItems: 1,
+            delimiter: "$$VERY_LONG_DELIMITER_THAT_SHOULD_NEVER_APPEAR$$",
+            splitOn: null,
 
             searchField: [
                 {field: "text", weight : 2},
@@ -53,7 +64,21 @@ export default class extends Controller {
             render: {
                 item: this.renderItem.bind(this),
                 option: this.renderOption.bind(this),
-                option_create: function(data, escape) {
+                option_create: (data, escape)  => {
+                    //If the input starts with "->", we prepend the current selected value, for easier extension of existing values
+                    //This here handles the display part, while the createItem function handles the actual creation
+                    if (data.input.startsWith("->")) {
+                        //Get current selected value
+                        const current = this._tomSelect.getItem(this._tomSelect.getValue()).textContent.replaceAll("→", "->").trim();
+                        //Prepend it to the input
+                        if (current) {
+                            data.input = current + " " + data.input;
+                        } else {
+                            //If there is no current value, we remove the "->"
+                            data.input = data.input.substring(2);
+                        }
+                    }
+
                     return '<div class="create"><i class="fa-solid fa-plus fa-fw"></i>&nbsp;<strong>' + escape(data.input) + '</strong>&hellip;&nbsp;' +
                         '<small class="text-muted float-end">(' + addHint +')</small>' +
                         '</div>';
@@ -63,14 +88,39 @@ export default class extends Controller {
             //Add callbacks to update validity
             onInitialize: this.updateValidity.bind(this),
             onChange: this.updateValidity.bind(this),
+
+            plugins: {
+                "autoselect_typed": {},
+            }
         };
 
+        //Add clear button plugin, if an empty option is present
+        if (this.element.querySelector("option[value='']") !== null) {
+            settings.plugins["clear_button"] = {};
+        }
+
         this._tomSelect = new TomSelect(this.element, settings);
         //Do not do a sync here as this breaks the initial rendering of the empty option
         //this._tomSelect.sync();
     }
 
     createItem(input, callback) {
+
+        //If the input starts with "->", we prepend the current selected value, for easier extension of existing values
+        if (input.startsWith("->")) {
+            //Get current selected value
+            let current = this._tomSelect.getItem(this._tomSelect.getValue()).textContent.replaceAll("→", "->").trim();
+            //Replace no break spaces with normal spaces
+            current = current.replaceAll("\u00A0", " ");
+            //Prepend it to the input
+            if (current) {
+                input = current + " " + input;
+            } else {
+                //If there is no current value, we remove the "->"
+                input = input.substring(2);
+            }
+        }
+
         callback({
             //$%$ is a special value prefix, that is used to identify items, that are not yet in the DB
             value: '$%$' + input,
@@ -79,6 +129,31 @@ export default class extends Controller {
         });
     }
 
+    createFilter(input) {
+
+        //Normalize the input (replace spacing around arrows)
+        if (input.includes("->")) {
+            const inputs = input.split("->");
+            inputs.forEach((value, index) => {
+                inputs[index] = value.trim();
+            });
+            input = inputs.join("->");
+        } else {
+            input = input.trim();
+        }
+
+        const options = this._tomSelect.options;
+        //Iterate over all options and check if the input is already present
+        for (let index in options) {
+            const option = options[index];
+            if (option.path === input) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
 
     updateValidity() {
         //Mark this input as invalid, if the selected option is disabled

assets/controllers/elements/tagsinput_controller.js

@@ -23,14 +23,21 @@ import "tom-select/dist/css/tom-select.bootstrap5.css";
 import '../../css/components/tom-select_extensions.css';
 import TomSelect from "tom-select";
 
+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 export default class extends Controller {
     _tomSelect;
 
     connect() {
         let settings = {
             plugins: {
-                remove_button:{
-                }
+                remove_button:{},
+                'autoselect_typed': {},
+                'click_to_edit': {},
             },
             persistent: false,
             selectOnTab: true,

assets/controllers/elements/tree_controller.js

@@ -94,13 +94,15 @@ export default class extends Controller {
             showTags: this._showTags,
             data: data,
             showIcon: true,
+            preventUnselect: true,
+            allowReselect: true,
             onNodeSelected: (event) => {
                 const node = event.detail.node;
                 if (node.href) {
                     window.Turbo.visit(node.href, {action: "advance"});
+                    this._registerURLWatcher(node);
                 }
             },
-            //onNodeContextmenu: contextmenu_handler,
         }, [BS5Theme, BS53Theme, FAIconTheme]);
 
         this.treeTarget.addEventListener(EVENT_INITIALIZED, (event) => {
@@ -108,12 +110,42 @@ export default class extends Controller {
             const treeView = event.detail.treeView;
             treeView.revealNode(treeView.getSelected());
 
+            //Add the url watcher to all selected nodes
+            for (const node of treeView.getSelected()) {
+                this._registerURLWatcher(node);
+            }
+
             //Add contextmenu event listener to the tree, which allows us to open the links in a new tab with a right click
             treeView.getTreeElement().addEventListener("contextmenu", this._onContextMenu.bind(this));
         });
 
     }
 
+    _registerURLWatcher(node)
+    {
+        //Register a watcher for a location change, which will unselect the node, if the location changes
+        const desired_url = node.href;
+
+        //Ensure that the node is unselected, if the location changes
+        const unselectNode = () => {
+            //Parse url so we can properly compare them
+            const desired = new URL(node.href, window.location.origin);
+
+            //We only compare the pathname, because the hash and parameters should not matter
+            if(window.location.pathname !== desired.pathname) {
+                //The ignore parameter is important here, otherwise the node will not be unselected
+                node.setSelected(false, {silent: true, ignorePreventUnselect: true});
+
+                //Unregister the watcher
+                document.removeEventListener('turbo:load', unselectNode);
+            }
+        };
+
+        //Register the watcher via hotwire turbo
+        //We must just load to have the new url in window.location
+        document.addEventListener('turbo:load', unselectNode);
+    }
+
     _onContextMenu(event)
     {
         //Find the node that was clicked and open link in new tab

assets/controllers/pages/association_edit_type_select_controller.js

@@ -0,0 +1,44 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+export default class extends Controller {
+
+    static targets = [ "display", "select" ]
+
+    connect()
+    {
+        this.update();
+        this.selectTarget.addEventListener('change', this.update.bind(this));
+    }
+
+    update()
+    {
+        //If the select value is 0, then we show the input field
+        if( this.selectTarget.value === '0')
+        {
+            this.displayTarget.classList.remove('d-none');
+        }
+        else
+        {
+            this.displayTarget.classList.add('d-none');
+        }
+    }
+}

assets/controllers/pages/barcode_scan_controller.js

@@ -20,7 +20,7 @@
 import {Controller} from "@hotwired/stimulus";
 //import * as ZXing from "@zxing/library";
 
-import {Html5QrcodeScanner, Html5Qrcode} from "html5-qrcode";
+import {Html5QrcodeScanner, Html5Qrcode} from "@part-db/html5-qrcode";
 
 /* stimulusFetch: 'lazy' */
 export default class extends Controller {
@@ -50,7 +50,7 @@ export default class extends Controller {
         });
 
         this._scanner = new Html5QrcodeScanner(this.element.id, {
-            fps: 2,
+            fps: 10,
             qrbox: qrboxFunction,
             experimentalFeatures: {
                 //This option improves reading quality on android chrome
@@ -61,6 +61,11 @@ export default class extends Controller {
         this._scanner.render(this.onScanSuccess.bind(this));
     }
 
+    disconnect() {
+        this._scanner.pause();
+        this._scanner.clear();
+    }
+
     onScanSuccess(decodedText, decodedResult) {
         //Put our decoded Text into the input box
         document.getElementById('scan_dialog_input').value = decodedText;

assets/controllers/pages/latex_preview_controller.js

@@ -25,9 +25,20 @@ import "katex/dist/katex.css";
 export default class extends Controller {
     static targets = ["input", "preview"];
 
+    static values = {
+        unit: {type: Boolean, default: false} //Render as upstanding (non-italic) text, useful for units
+    }
+
     updatePreview()
     {
-        katex.render(this.inputTarget.value, this.previewTarget, {
+        let value = "";
+        if (this.unitValue) {
+            value = "\\mathrm{" + this.inputTarget.value + "}";
+        } else {
+            value = this.inputTarget.value;
+        }
+
+        katex.render(value, this.previewTarget, {
             throwOnError: false,
         });
     }

assets/controllers/pages/parameters_autocomplete_controller.js

@@ -22,6 +22,13 @@ import TomSelect from "tom-select";
 import katex from "katex";
 import "katex/dist/katex.css";
 
+
+import TomSelect_click_to_edit from '../../tomselect/click_to_edit/click_to_edit'
+import TomSelect_autoselect_typed from '../../tomselect/autoselect_typed/autoselect_typed'
+
+TomSelect.define('click_to_edit', TomSelect_click_to_edit)
+TomSelect.define('autoselect_typed', TomSelect_autoselect_typed)
+
 /* stimulusFetch: 'lazy' */
 export default class extends Controller
 {
@@ -53,7 +60,10 @@ export default class extends Controller
     connect() {
         const settings = {
             plugins: {
-                clear_button:{}
+                'autoselect_typed': {},
+                'click_to_edit': {},
+                'clear_button': {},
+                'restore_on_backspace': {}
             },
             persistent: false,
             maxItems: 1,

assets/controllers/pages/part_merge_modal_controller.js

@@ -0,0 +1,68 @@
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Controller} from "@hotwired/stimulus";
+
+export default class extends Controller
+{
+    static targets = ['link', 'mode', 'otherSelect'];
+    static values = {
+        targetId: Number,
+    };
+
+    connect() {
+    }
+
+    update() {
+        const link = this.linkTarget;
+        const other_select = this.otherSelectTarget;
+
+        //Extract the mode using the mode radio buttons (we filter the array to get the checked one)
+        const mode = (this.modeTargets.filter((e)=>e.checked))[0].value;
+
+        if (other_select.value === '') {
+            link.classList.add('disabled');
+            return;
+        }
+
+        //Extract href template from data attribute on link target
+        let href = link.getAttribute('data-href-template');
+
+        let target, other;
+        if (mode === '1') {
+            target = this.targetIdValue;
+            other = other_select.value;
+        } else if (mode === '2') {
+            target = other_select.value;
+            other = this.targetIdValue;
+        } else {
+            throw 'Invalid mode';
+        }
+
+        //Replace placeholder with actual target id
+        href = href.replace('__target__', target);
+        //Replace placeholder with selected value of the select (the event sender)
+        href = href.replace('__other__', other);
+
+        //Assign new href to link
+        link.setAttribute('href', href);
+        //Make link clickable
+        link.classList.remove('disabled');
+    }
+}

assets/css/app/helpers.css

@@ -112,3 +112,10 @@ ul.structural_link li a:hover {
     background-color: var(--bs-success);
     border-color: var(--bs-success);
 }
+
+/***********************************************
+ * Katex rendering with same height as text
+ ***********************************************/
+.katex-same-height-as-text .katex {
+    font-size: 1.0em;
+}

assets/css/app/images.css

@@ -51,7 +51,6 @@
 .part-table-image {
     max-height: 40px;
     object-fit: contain;
-    width: 100%;
 }
 
 .part-info-image {

assets/css/app/layout.css

@@ -108,8 +108,8 @@ body {
 .back-to-top {
     cursor: pointer;
     position: fixed;
-    bottom: 20px;
-    right: 20px;
+    bottom: 60px;
+    right: 40px;
     display:none;
     z-index: 1030;
 }

assets/css/app/tables.css

@@ -63,10 +63,6 @@ table.dataTable > tbody > tr.selected > td > a {
     margin-block-end: 0;
 }
 
-.card-footer-table {
-    padding-top: 0;
-}
-
 table.dataTable {
     margin-top: 0 !important;
 }
@@ -84,7 +80,7 @@ th.select-checkbox {
  * Datatables definitions/overrides
  ********************************************************************/
 
-.dataTables_length {
+.dt-length {
     display: inline-flex;
 }
 
@@ -94,6 +90,16 @@ table.dataTable tr.selected td.select-checkbox:after
     margin-top: -20px !important;
 }
 
+/** Show pagination right aligned */
+.dt-paging .pagination {
+    justify-content: flex-end;
+}
+
+/** Fix table row coloring */
+table.table.dataTable > :not(caption) > * > * {
+    background-color: var(--bs-table-bg);
+}
+
 
 /******************************************************
 Classes for Datatables export
@@ -104,52 +110,3 @@ Classes for Datatables export
 .export-helper{
     display: none;
 }
-
-/******************************************************
- * Styling for the select all checkbox in the parts table
- * Should match the styling of the select checkbox
- ******************************************************/
-table.dataTable > thead > tr > th.select-checkbox {
-    position: relative;
-}
-table.dataTable > thead > tr > th.select-checkbox:before,
-table.dataTable > thead > tr > th.select-checkbox:after {
-    display: block;
-    position: absolute;
-    top: 0.9em;
-    left: 50%;
-    width: 1em !important;
-    height: 1em !important;
-    box-sizing: border-box;
-}
-table.dataTable > thead > tr > th.select-checkbox:before {
-    content: " ";
-    margin-top: -5px;
-    margin-left: -6px;
-    border: 2px solid var(--bs-tertiary-color);
-    border-radius: 3px;
-}
-
-table.dataTable > tbody > tr > td.select-checkbox:before, table.dataTable > tbody > tr > th.select-checkbox:before {
-    border: 2px solid var(--bs-tertiary-color) !important;
-}
-
-table.dataTable > tbody > tr > td.select-checkbox:before, table.dataTable > tbody > tr > td.select-checkbox:after, table.dataTable > tbody > tr > th.select-checkbox:before, table.dataTable > tbody > tr > th.select-checkbox:after {
-    width: 1em !important;
-    height: 1em !important;
-}
-
-table.dataTable > thead > tr.selected > th.select-checkbox:after {
-    content: "✓";
-    font-size: 20px;
-    margin-top: -20px;
-    margin-left: -6px;
-    text-align: center;
-    /*text-shadow: 1px 1px #B0BED9, -1px -1px #B0BED9, 1px -1px #B0BED9, -1px 1px #B0BED9; */
-}
-table.dataTable.compact > thead > tr > th.select-checkbox:before {
-    margin-top: -12px;
-}
-table.dataTable.compact > thead > tr.selected > th.select-checkbox:after {
-    margin-top: -16px;
-}

assets/css/components/ckeditor.css

@@ -24,9 +24,8 @@
 /** Should be the same settings, as in label_style.css */
 .ck-html-label .ck-content {
     font-family: "DejaVu Sans Mono", monospace;
-    font-size: 12px;
+    font-size: 12pt;
     line-height: 1.0;
-    font-size-adjust: 1.5;
 }
 
 .ck-html-label .ck-content p {

assets/css/components/datatables_select_bs5.css

@@ -0,0 +1,69 @@
+/******************************************************************************************
+* This styles the checkboxes of the select extension exactly like the ones in bootstrap 5
+******************************************************************************************/
+
+table.dataTable > tbody > tr > .selected {
+    background-color: var(--bs-primary-bg-subtle) !important;
+    color: white;
+}
+table.dataTable > tbody > tr > .dt-select {
+    text-align: center;
+    vertical-align: middle;
+}
+table.dataTable > thead > tr > .dt-select {
+    text-align: center;
+}
+table.dataTable input.dt-select-checkbox {
+    --bs-form-check-bg: var(--bs-body-bg);
+    flex-shrink: 0;
+    width: 1em;
+    height: 1em;
+    margin-top: 0.25em;
+    vertical-align: top;
+    -webkit-appearance: none;
+    -moz-appearance: none;
+    appearance: none;
+    background-color: var(--bs-form-check-bg);
+    background-image: var(--bs-form-check-bg-image);
+    background-repeat: no-repeat;
+    background-position: center;
+    background-size: contain;
+    border: var(--bs-border-width) solid var(--bs-border-color);
+    -webkit-print-color-adjust: exact;
+    color-adjust: exact;
+    print-color-adjust: exact;
+    border-radius: 0.25em;
+}
+
+table.dataTable input.dt-select-checkbox:checked {
+    background-color: rgb(var(--bs-secondary-rgb));
+    border-color: rgb(var(--bs-secondary-rgb));
+    --bs-form-check-bg-image: url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 20 20'%3e%3cpath fill='none' stroke='%23fff' stroke-linecap='round' stroke-linejoin='round' stroke-width='3' d='m6 10 3 3 6-6'/%3e%3c/svg%3e");
+}
+
+table.dataTable input.dt-select-checkbox:indeterminate {
+    background-color: rgb(var(--bs-secondary-rgb));
+    border-color: rgb(var(--bs-secondary-rgb));
+    --bs-form-check-bg-image: url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 20 20'%3e%3cpath fill='none' stroke='%23fff' stroke-linecap='round' stroke-linejoin='round' stroke-width='3' d='M6 10h8'/%3e%3c/svg%3e");
+}
+
+
+
+
+div.dt-container span.select-info,
+div.dt-container span.select-item {
+    margin-left: 0.5em;
+}
+
+
+@media screen and (max-width: 640px) {
+    div.dt-container span.select-info,
+    div.dt-container span.select-item {
+        margin-left: 0;
+        display: block;
+    }
+}
+table.dataTable.table-sm tbody td.select-checkbox::before {
+    margin-top: -9px;
+}
+

assets/js/app.js

@@ -44,4 +44,18 @@ import "./register_events";
 import "./tristate_checkboxes";
 
 //Define jquery globally
-window.$ = window.jQuery = require("jquery")
+window.$ = window.jQuery = require("jquery");
+
+//Use the local WASM file for the ZXing library
+import {
+    setZXingModuleOverrides,
+} from "barcode-detector/pure";
+import  wasmFile from "../../node_modules/zxing-wasm/dist/reader/zxing_reader.wasm";
+setZXingModuleOverrides({
+    locateFile: (path, prefix) => {
+        if (path.endsWith(".wasm")) {
+            return wasmFile;
+        }
+        return prefix + path;
+    },
+});

assets/js/lib/datatables.js

@@ -98,6 +98,15 @@
                     dtOpts = config.options(dtOpts);
                 }
 
+                //Choose the column where the className contains "select-column" and apply the select extension to its render field
+                //Added for Part-DB
+                for (let column of dtOpts.columns) {
+                    if (column.className && column.className.includes('dt-select')) {
+                        column.render = $.fn.dataTable.render.select();
+                    }
+                }
+
+
                 root.html(data.template);
                 dt = $('table', root).DataTable(dtOpts);
                 if (config.state !== 'none') {

assets/js/register_events.js

@@ -21,6 +21,7 @@
 
 import {Dropdown} from "bootstrap";
 import ClipboardJS from "clipboard";
+import {Modal} from "bootstrap";
 
 class RegisterEventHelper {
     constructor() {
@@ -31,9 +32,11 @@ class RegisterEventHelper {
         //Initialize ClipboardJS
         this.registerLoadHandler(() => {
             new ClipboardJS('.btn');
-        })
+        });
 
         this.registerModalDropRemovalOnFormSubmit();
+
+
     }
 
     registerModalDropRemovalOnFormSubmit() {
@@ -43,6 +46,15 @@ class RegisterEventHelper {
             if (back_drop) {
                 back_drop.remove();
             }
+
+            //Remove scroll-lock if it is still active
+            if (document.body.classList.contains('modal-open')) {
+                document.body.classList.remove('modal-open');
+
+                //Remove the padding-right and overflow:hidden from the body
+                document.body.style.paddingRight = '';
+                document.body.style.overflow = '';
+            }
         });
     }
 

assets/js/tab_remember.js

@@ -19,7 +19,7 @@
 
 "use strict";
 
-import {Tab, Dropdown} from "bootstrap";
+import {Tab, Dropdown, Collapse} from "bootstrap";
 import tab from "bootstrap/js/src/tab";
 
 /**
@@ -54,6 +54,7 @@ class TabRememberHelper {
         const first_element = merged[0] ?? null;
         if(first_element) {
             this.revealElementOnTab(first_element);
+            this.revealElementInCollapse(first_element);
         }
     }
 
@@ -62,10 +63,20 @@ class TabRememberHelper {
      * @param event
      */
     onInvalid(event) {
+        this.revealElementInCollapse(event.target);
         this.revealElementOnTab(event.target);
         this.revealElementInDropdown(event.target);
     }
 
+    revealElementInCollapse(element) {
+        let collapse = element.closest('.collapse');
+
+        if(collapse) {
+            let bs_collapse = Collapse.getOrCreateInstance(collapse);
+            bs_collapse.show();
+        }
+    }
+
     revealElementInDropdown(element) {
         let dropdown = element.closest('.dropdown-menu');
 

assets/tomselect/autoselect_typed/autoselect_typed.js

@@ -0,0 +1,63 @@
+/**
+ * Autoselect Typed plugin for Tomselect
+ *
+ * This plugin allows automatically selecting an option matching the typed text when the Tomselect element goes out of
+ * focus (is blurred) and/or when the delimiter is typed.
+ *
+ * #select_on_blur option
+ * Tomselect natively supports the "createOnBlur" option. This option picks up any remaining text in the input field
+ * and uses it to create a new option and selects that option. It does behave a bit strangely though, in that it will
+ * not select an already existing option when the input is blurred, so if you typed something that matches an option in
+ * the list and then click outside the box (without pressing enter) the entered text is just removed (unless you have
+ * allow duplicates on in which case it will create a new option).
+ * This plugin fixes that, such that Tomselect will first try to select an option matching the remaining uncommitted
+ * text and only when no matching option is found tries to create a new one (if createOnBlur and create is on)
+ *
+ * #select_on_delimiter option
+ * Normally when typing the delimiter (space by default) Tomselect will try to create a new option (and select it) (if
+ * create is on), but if the typed text matches an option (and allow duplicates is off) it refuses to react at all until
+ * you press enter. With this option, the delimiter will also allow selecting an option, not just creating it.
+ */
+function select_current_input(self){
+    if(self.isLocked){
+        return
+    }
+
+    const val = self.inputValue()
+    //Do nothing if the input is empty
+    if (!val) {
+        return
+    }
+
+    if (self.options[val]) {
+        self.addItem(val)
+        self.setTextboxValue()
+    }
+}
+
+export default function(plugin_options_) {
+    const plugin_options = Object.assign({
+        //Autoselect the typed text when the input element goes out of focus
+        select_on_blur: true,
+        //Autoselect the typed text when the delimiter is typed
+        select_on_delimiter: true,
+    }, plugin_options_);
+
+    const self = this
+
+    if(plugin_options.select_on_blur) {
+        this.hook("before", "onBlur", function () {
+            select_current_input(self)
+        })
+    }
+
+    if(plugin_options.select_on_delimiter) {
+        this.hook("before", "onKeyPress", function (e) {
+            const character = String.fromCharCode(e.keyCode || e.which);
+            if (self.settings.mode === 'multi' && character === self.settings.delimiter) {
+                select_current_input(self)
+            }
+        })
+    }
+
+}

assets/tomselect/click_to_edit/click_to_edit.js

@@ -0,0 +1,93 @@
+/**
+ * click_to_edit plugin for Tomselect
+ *
+ * This plugin allows editing (and selecting text in) any selected item by clicking it.
+ *
+ * Usually, when the user typed some text and created an item in Tomselect that item cannot be edited anymore. To make
+ * a change, the item has to be deleted and retyped completely. There is also generally no way to copy text out of a
+ * tomselect item. The "restore_on_backspace" plugin improves that somewhat, by allowing the user to edit an item after
+ * pressing backspace. However, it is somewhat confusing to first have to focus the field an then hit backspace in order
+ * to copy a piece of text. It may also not be immediately obvious for editing.
+ * This plugin transforms an item into editable text when it is clicked, e.g. when the user tries to place the caret
+ * within an item or when they try to drag across the text to highlight it.
+ * It also plays nice with the remove_button plugin which still removes (deselects) an option entirely.
+ *
+ * It is recommended to also enable the autoselect_typed plugin when using this plugin. Without it, the text in the
+ * input field (i.e. the item that was just clicked) is lost when the user clicks outside the field. Also, when the user
+ * clicks an option (making it text) and then tries to enter another one by entering the delimiter (e.g. space) nothing
+ * happens until enter is pressed or the text is changed from what it was.
+ */
+
+/**
+ * Return a dom element from either a dom query string, jQuery object, a dom element or html string
+ * https://stackoverflow.com/questions/494143/creating-a-new-dom-element-from-an-html-string-using-built-in-dom-methods-or-pro/35385518#35385518
+ *
+ * param query should be {}
+ */
+const getDom = query => {
+    if (query.jquery) {
+        return query[0];
+    }
+    if (query instanceof HTMLElement) {
+        return query;
+    }
+    if (isHtmlString(query)) {
+        var tpl = document.createElement('template');
+        tpl.innerHTML = query.trim(); // Never return a text node of whitespace as the result
+        return tpl.content.firstChild;
+    }
+    return document.querySelector(query);
+};
+const isHtmlString = arg => {
+    if (typeof arg === 'string' && arg.indexOf('<') > -1) {
+        return true;
+    }
+    return false;
+};
+
+function plugin(plugin_options_) {
+    const self = this
+
+    const plugin_options = Object.assign({
+        //If there is unsubmitted text in the input field, should that text be automatically used to select a matching
+        //element? If this is off, clicking on item1 and then clicking on item2 will result in item1 being deselected
+        auto_select_before_edit: true,
+        //If there is unsubmitted text in the input field, should that text be automatically used to create a matching
+        //element if no matching element was found or auto_select_before_edit is off?
+        auto_create_before_edit: true,
+        //customize this function to change which text the item is replaced with when clicking on it
+        text: option => {
+            return option[self.settings.labelField];
+        }
+    }, plugin_options_);
+
+
+    self.hook('after', 'setupTemplates', () => {
+        const orig_render_item = self.settings.render.item;
+        self.settings.render.item = (data, escape) => {
+            const item = getDom(orig_render_item.call(self, data, escape));
+
+            item.addEventListener('click', evt => {
+                    if (self.isLocked) {
+                        return;
+                    }
+                    const val = self.inputValue();
+
+                    if (self.options[val]) {
+                        self.addItem(val)
+                    } else if (self.settings.create) {
+                        self.createItem();
+                    }
+                    const option = self.options[item.dataset.value]
+                    self.setTextboxValue(plugin_options.text.call(self, option));
+                    self.focus();
+                    self.removeItem(item);
+                }
+            );
+
+            return item;
+        }
+    });
+
+}
+export { plugin as default };

bin/console

@@ -4,6 +4,17 @@
 use App\Kernel;
 use Symfony\Bundle\FrameworkBundle\Console\Application;
 
+if (!is_dir(dirname(__DIR__).'/vendor')) {
+    throw new LogicException('Dependencies are missing. Try running "composer install".');
+}
+
+//Increase xdebug.max_nesting_level to 1000 if required (see issue #411)
+//Check if xdebug extension is active, and xdebug.max_nesting_level is set to 256 or lower
+if (extension_loaded('xdebug') && ((int) ini_get('xdebug.max_nesting_level')) <= 256) {
+    //Increase xdebug.max_nesting_level to 1000
+    ini_set('xdebug.max_nesting_level', '1000');
+}
+
 if (!is_file(dirname(__DIR__).'/vendor/autoload_runtime.php')) {
     throw new LogicException('Symfony Runtime is missing. Try running "composer require symfony/runtime".');
 }

bin/phpunit

@@ -6,9 +6,13 @@ if (!ini_get('date.timezone')) {
 }
 
 if (is_file(dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit')) {
+    if (PHP_VERSION_ID >= 80000) {
+        require dirname(__DIR__).'/vendor/phpunit/phpunit/phpunit';
+    } else {
         define('PHPUNIT_COMPOSER_INSTALL', dirname(__DIR__).'/vendor/autoload.php');
         require PHPUNIT_COMPOSER_INSTALL;
         PHPUnit\TextUI\Command::main();
+    }
 } else {
     if (!is_file(dirname(__DIR__).'/vendor/symfony/phpunit-bridge/bin/simple-phpunit.php')) {
         echo "Unable to find the `simple-phpunit.php` script in `vendor/symfony/phpunit-bridge/bin/`.\n";

codecov.yml

@@ -5,4 +5,5 @@ coverage:
   status:
     project:
       default:
-        threshold: 5%
+        threshold: 10%
+        target: 40%

composer.json

@@ -1,4 +1,5 @@
 {
+    "name": "part-db/part-db-server",
     "type": "project",
     "license": "AGPL-3.0-or-later",
     "require": {
@@ -10,22 +11,24 @@
         "ext-intl": "*",
         "ext-json": "*",
         "ext-mbstring": "*",
+        "amphp/http-client": "^5.1",
         "api-platform/core": "^3.1",
         "beberlei/doctrineextensions": "^1.2",
-        "brick/math": "^0.11.0",
+        "brick/math": "0.12.1 as 0.11.0",
+        "composer/ca-bundle": "^1.5",
         "composer/package-versions-deprecated": "^1.11.99.5",
-        "doctrine/annotations": "1.14.3",
-        "doctrine/data-fixtures": "^1.6.6",
-        "doctrine/dbal": "^3.4.6",
+        "doctrine/data-fixtures": "^2.0.0",
+        "doctrine/dbal": "^4.0.0",
         "doctrine/doctrine-bundle": "^2.0",
         "doctrine/doctrine-migrations-bundle": "^3.0",
-        "doctrine/orm": "^2.16",
-        "dompdf/dompdf": "dev-master#87bea32efe0b0db309e1d31537201f64d5508280 as v2.0.3",
+        "doctrine/orm": "^3.2.0",
+        "dompdf/dompdf": "^v3.0.0",
         "erusev/parsedown": "^1.7",
         "florianv/swap": "^4.0",
         "florianv/swap-bundle": "dev-master",
         "gregwar/captcha-bundle": "^2.1.0",
-        "jbtronics/2fa-webauthn": "^v2.0.0",
+        "hshn/base64-encoded-file": "^5.0",
+        "jbtronics/2fa-webauthn": "^v2.2.0",
         "jbtronics/dompdf-font-loader-bundle": "^1.0.0",
         "jfcherng/php-diff": "^6.14",
         "knpuniversity/oauth2-client-bundle": "^2.15",
@@ -37,12 +40,11 @@
         "nelmio/cors-bundle": "^2.3",
         "nelmio/security-bundle": "^3.0",
         "nyholm/psr7": "^1.1",
-        "ocramius/proxy-manager": "2.2.*",
-        "omines/datatables-bundle": "^0.7.2",
+        "omines/datatables-bundle": "^0.9.1",
+        "paragonie/sodium_compat": "^1.21",
         "part-db/label-fonts": "^1.0",
-        "php-translation/symfony-bundle": "^0.14.0",
-        "phpdocumentor/reflection-docblock": "^5.2",
-        "phpstan/phpdoc-parser": "^1.23",
+        "rhukster/dom-sanitizer": "^1.0",
+        "runtime/frankenphp-symfony": "^0.2.0",
         "s9e/text-formatter": "^2.1",
         "scheb/2fa-backup-code": "^6.8.0",
         "scheb/2fa-bundle": "^6.8.0",
@@ -51,65 +53,66 @@
         "shivas/versioning-bundle": "^4.0",
         "spatie/db-dumper": "^3.3.1",
         "symfony/apache-pack": "^1.0",
-        "symfony/asset": "6.3.*",
-        "symfony/console": "6.3.*",
-        "symfony/dotenv": "6.3.*",
-        "symfony/expression-language": "6.3.*",
+        "symfony/asset": "6.4.*",
+        "symfony/console": "6.4.*",
+        "symfony/css-selector": "6.4.*",
+        "symfony/dom-crawler": "6.4.*",
+        "symfony/dotenv": "6.4.*",
+        "symfony/expression-language": "6.4.*",
         "symfony/flex": "^v2.3.1",
-        "symfony/form": "6.3.*",
-        "symfony/framework-bundle": "6.3.*",
-        "symfony/http-client": "6.3.*",
-        "symfony/http-kernel": "6.3.*",
-        "symfony/mailer": "6.3.*",
+        "symfony/form": "6.4.*",
+        "symfony/framework-bundle": "6.4.*",
+        "symfony/http-client": "6.4.*",
+        "symfony/http-kernel": "6.4.*",
+        "symfony/mailer": "6.4.*",
         "symfony/monolog-bundle": "^3.1",
-        "symfony/process": "6.3.*",
-        "symfony/property-access": "6.3.*",
-        "symfony/property-info": "6.3.*",
-        "symfony/proxy-manager-bridge": "6.3.*",
-        "symfony/rate-limiter": "6.3.*",
-        "symfony/runtime": "6.3.*",
-        "symfony/security-bundle": "6.3.*",
-        "symfony/serializer": "6.3.*",
-        "symfony/translation": "6.3.*",
-        "symfony/twig-bundle": "6.3.*",
+        "symfony/polyfill-php82": "^1.28",
+        "symfony/process": "6.4.*",
+        "symfony/property-access": "6.4.*",
+        "symfony/property-info": "6.4.*",
+        "symfony/rate-limiter": "6.4.*",
+        "symfony/runtime": "6.4.*",
+        "symfony/security-bundle": "6.4.*",
+        "symfony/serializer": "6.4.*",
+        "symfony/string": "6.4.*",
+        "symfony/translation": "6.4.*",
+        "symfony/twig-bundle": "6.4.*",
         "symfony/ux-translator": "^2.10",
         "symfony/ux-turbo": "^2.0",
-        "symfony/validator": "6.3.*",
-        "symfony/web-link": "6.3.*",
+        "symfony/validator": "6.4.*",
+        "symfony/web-link": "6.4.*",
         "symfony/webpack-encore-bundle": "^v2.0.1",
-        "symfony/yaml": "6.3.*",
-        "tecnickcom/tc-lib-barcode": "^1.15",
+        "symfony/yaml": "6.4.*",
+        "tecnickcom/tc-lib-barcode": "^2.1.4",
         "twig/cssinliner-extra": "^3.0",
-        "twig/extra-bundle": "^3.0",
-        "twig/html-extra": "^3.0",
+        "twig/extra-bundle": "^3.8",
+        "twig/html-extra": "^3.8",
         "twig/inky-extra": "^3.0",
-        "twig/intl-extra": "^3.0",
-        "twig/markdown-extra": "^3.0",
-        "web-auth/webauthn-symfony-bundle": "^4.0.0",
-        "webmozart/assert": "^1.4"
+        "twig/intl-extra": "^3.8",
+        "twig/markdown-extra": "^3.8",
+        "twig/string-extra": "^3.8",
+        "web-auth/webauthn-symfony-bundle": "^4.0.0"
     },
     "require-dev": {
-        "dama/doctrine-test-bundle": "^7.0",
-        "doctrine/doctrine-fixtures-bundle": "^3.2",
-        "ekino/phpstan-banned-code": "^v1.0.0",
+        "dama/doctrine-test-bundle": "^v8.0.0",
+        "doctrine/doctrine-fixtures-bundle": "^4.0.0",
+        "ekino/phpstan-banned-code": "^v3.0.0",
+        "jbtronics/translation-editor-bundle": "^1.0",
         "phpstan/extension-installer": "^1.0",
-        "phpstan/phpstan": "^1.4.7",
-        "phpstan/phpstan-doctrine": "^1.2.11",
-        "phpstan/phpstan-strict-rules": "^1.5",
-        "phpstan/phpstan-symfony": "^1.1.7",
+        "phpstan/phpstan": "^2.0.4",
+        "phpstan/phpstan-doctrine": "^2.0.1",
+        "phpstan/phpstan-strict-rules": "^2.0.1",
+        "phpstan/phpstan-symfony": "^2.0.0",
         "phpunit/phpunit": "^9.5",
-        "psalm/plugin-symfony": "^v5.0.1",
-        "rector/rector": "^0.18.0",
+        "rector/rector": "^2.0.4",
         "roave/security-advisories": "dev-latest",
-        "symfony/browser-kit": "6.3.*",
-        "symfony/css-selector": "6.3.*",
-        "symfony/debug-bundle": "6.3.*",
+        "symfony/browser-kit": "6.4.*",
+        "symfony/debug-bundle": "6.4.*",
         "symfony/maker-bundle": "^1.13",
-        "symfony/phpunit-bridge": "6.3.*",
-        "symfony/stopwatch": "6.3.*",
-        "symfony/web-profiler-bundle": "6.3.*",
-        "symplify/easy-coding-standard": "^12.0",
-        "vimeo/psalm": "^5.6.0"
+        "symfony/phpunit-bridge": "6.4.*",
+        "symfony/stopwatch": "6.4.*",
+        "symfony/web-profiler-bundle": "6.4.*",
+        "symplify/easy-coding-standard": "^12.0"
     },
     "suggest": {
         "ext-bcmath": "Used to improve price calculation performance",
@@ -160,7 +163,8 @@
     "extra": {
         "symfony": {
             "allow-contrib": false,
-            "require": "6.3.*"
+            "require": "6.4.*",
+            "docker": true
         }
     }
 }

config/bundles.php

@@ -18,13 +18,11 @@ return [
     DAMA\DoctrineTestBundle\DAMADoctrineTestBundle::class => ['test' => true],
     Twig\Extra\TwigExtraBundle\TwigExtraBundle::class => ['all' => true],
     Gregwar\CaptchaBundle\GregwarCaptchaBundle::class => ['all' => true],
-    Translation\Bundle\TranslationBundle::class => ['all' => true],
     Florianv\SwapBundle\FlorianvSwapBundle::class => ['all' => true],
     Nelmio\SecurityBundle\NelmioSecurityBundle::class => ['all' => true],
     Symfony\UX\Turbo\TurboBundle::class => ['all' => true],
     Jbtronics\TFAWebauthn\TFAWebauthnBundle::class => ['all' => true],
     Scheb\TwoFactorBundle\SchebTwoFactorBundle::class => ['all' => true],
-    SpomkyLabs\CborBundle\SpomkyLabsCborBundle::class => ['all' => true],
     Webauthn\Bundle\WebauthnBundle::class => ['all' => true],
     Nbgrp\OneloginSamlBundle\NbgrpOneloginSamlBundle::class => ['all' => true],
     Symfony\UX\StimulusBundle\StimulusBundle::class => ['all' => true],
@@ -33,4 +31,5 @@ return [
     KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
     Nelmio\CorsBundle\NelmioCorsBundle::class => ['all' => true],
     ApiPlatform\Symfony\Bundle\ApiPlatformBundle::class => ['all' => true],
+    Jbtronics\TranslationEditorBundle\JbtronicsTranslationEditorBundle::class => ['dev' => true],
 ];

config/packages/api_platform.yaml

@@ -1,12 +1,18 @@
 api_platform:
-
   title: 'Part-DB API'
   description: 'API of Part-DB'
-
   version: '0.1.0'
 
-#  eager_loading:
-#    max_joins: 100
+  formats:
+    jsonld: ['application/ld+json']
+    json:   ['application/json']
+    jsonapi: ['application/vnd.api+json']
+
+  docs_formats:
+    jsonld: ['application/ld+json']
+    jsonopenapi: ['application/vnd.openapi+json']
+    html: ['text/html']
+    json:   ['application/vnd.openapi+json']
 
   swagger:
     api_keys:
@@ -22,5 +28,14 @@ api_platform:
         vary: ['Content-Type', 'Authorization', 'Origin']
     extra_properties:
         standard_put: true
+        rfc_7807_compliant_errors: true
 
     pagination_client_items_per_page: true # Allow clients to override the default items per page
+
+  keep_legacy_inflector: false
+  # Need to be true, or some tests will fail
+  use_symfony_listeners: true
+
+  serializer:
+    # Change this to false later, to remove the hydra prefix on the API
+    hydra_prefix: true

config/packages/dama_doctrine_test_bundle.yaml

@@ -0,0 +1,5 @@
+when@test:
+    dama_doctrine_test:
+        enable_static_connection: true
+        enable_static_meta_data_cache: true
+        enable_static_query_cache: true

config/packages/datatables.yaml

@@ -8,15 +8,14 @@ datatables:
 
     # Set options, as documented at https://datatables.net/reference/option/
     options:
-        lengthMenu : [[10, 25, 50, 100, -1], [10, 25, 50, 100, "All"]]
+        lengthMenu : [[10, 25, 50, 100], [10, 25, 50, 100]] # We add the "All" option, when part tables are generated
         pageLength: '%partdb.table.default_page_size%'   # Set to -1 to disable pagination (i.e. show all rows) by default
-        #dom: "<'row' <'col-sm-12' tr>><'row' <'col-sm-6'l><'col-sm-6 text-right'pif>>"
-        dom: "  <'row'<'col mb-2 input-group' B l> <'col mb-2' <'pull-end' p>>>
+        dom: "  <'row' <'col mb-2 input-group flex-nowrap' B l > <'col-auto mb-2' < p >>>
                     <'card'
                         rt
                         <'card-footer card-footer-table text-muted' i >
                     >
-                        <'row'<'col mt-2 input-group' B l> <'col mt-2' <'pull-right' p>>>"
+                <'row' <'col mt-2 input-group flex-nowrap' B l > <'col-auto mt-2' < p >>>"
         pagingType: 'simple_numbers'
         searching: true
         stateSave: true

config/packages/dev/php_translation.yaml

@@ -1,5 +0,0 @@
-translation:
-    symfony_profiler:
-        enabled: true
-    webui:
-        enabled: true

config/packages/doctrine.yaml

@@ -2,19 +2,33 @@ doctrine:
     dbal:
         url: '%env(resolve:DATABASE_URL)%'
 
+        # Required for DAMA doctrine test bundle
+        use_savepoints: true
+
         # IMPORTANT: You MUST configure your server version,
         # either here or in the DATABASE_URL env var (see .env file)
 
         types:
+            # UTC datetimes
             datetime:
                 class: App\Doctrine\Types\UTCDateTimeType
             date:
                 class: App\Doctrine\Types\UTCDateTimeType
+
+            datetime_immutable:
+                class: App\Doctrine\Types\UTCDateTimeImmutableType
+            date_immutable:
+                class: App\Doctrine\Types\UTCDateTimeImmutableType
+
             big_decimal:
                 class: App\Doctrine\Types\BigDecimalType
             tinyint:
                 class: App\Doctrine\Types\TinyIntType
 
+            # This was removed in doctrine/orm 4.0 but we need it for the WebauthnKey entity
+            array:
+                class: App\Doctrine\Types\ArrayType
+        
         schema_filter: ~^(?!internal)~
         # Only enable this when needed
         profiling_collect_backtrace: false
@@ -26,20 +40,24 @@ doctrine:
         validate_xml_mapping: true
         naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
         auto_mapping: true
+        controller_resolver:
+            auto_mapping: true
         mappings:
             App:
-                is_bundle: false
                 type: attribute
+                is_bundle: false
                 dir: '%kernel.project_dir%/src/Entity'
                 prefix: 'App\Entity'
                 alias: App
 
         dql:
             string_functions:
-                regexp: DoctrineExtensions\Query\Mysql\Regexp
-                ifnull: DoctrineExtensions\Query\Mysql\IfNull
+                regexp: App\Doctrine\Functions\Regexp
                 field:  DoctrineExtensions\Query\Mysql\Field
                 field2: App\Doctrine\Functions\Field2
+                natsort: App\Doctrine\Functions\Natsort
+                array_position: App\Doctrine\Functions\ArrayPosition
+                ilike: App\Doctrine\Functions\ILike
 
 when@test:
     doctrine:

config/packages/framework.yaml

@@ -2,9 +2,10 @@
 framework:
     secret: '%env(APP_SECRET)%'
     csrf_protection: true
+    annotations: false
     handle_all_throwables: true
 
-    # We set this header by ourself, so we can disable it here
+    # We set this header by ourselves, so we can disable it here
     disallow_search_engine_index: false
 
     # Must be set to true, to enable the change of HTTP method via _method parameter, otherwise our delete routines does not work anymore
@@ -26,7 +27,6 @@ framework:
         handler_id: null
         cookie_secure: auto
         cookie_samesite: lax
-        storage_factory_id: session.storage.factory.native
 
     #esi: true
     #fragments: true

config/packages/monolog.yaml

@@ -50,7 +50,6 @@ when@prod:
                 type: stream
                 path: "%kernel.logs_dir%/%kernel.environment%.log"
                 level: debug
-                formatter: monolog.formatter.json
             console:
                 type: console
                 process_psr_3_messages: false
@@ -74,7 +73,6 @@ when@docker:
                 type: stream
                 path: "php://stderr"
                 level: debug
-                formatter: monolog.formatter.json
             console:
                 type: console
                 process_psr_3_messages: false

config/packages/nbgrp_onelogin_saml.yaml

@@ -5,6 +5,7 @@ parameters:
   saml.sp.privateKey: '%env(string:SAML_SP_PRIVATE_KEY)%'
 
 nbgrp_onelogin_saml:
+  use_proxy_vars: '%env(bool:SAML_BEHIND_PROXY)%'
   onelogin_settings:
     default:
       # Basic settings
@@ -31,7 +32,7 @@ nbgrp_onelogin_saml:
         privateKey: '%env(string:default:saml.sp.privateKey:string:SAMLP_SP_PRIVATE_KEY)%'
 
       # Optional settings
-      #baseurl: 'http://myapp.com'
+      baseurl: '%partdb.default_uri%saml/'
       strict: true
       debug: false
       security:

config/packages/nelmio_security.yaml

@@ -51,12 +51,16 @@ nelmio_security:
             img-src:
                 - '*'
                 - 'data:'
+                # Required for be able to load pictures in the QR code scanner
+                - 'blob:'
             style-src:
                 - 'self'
                 - 'unsafe-inline'
                 - 'data:'
             script-src:
                 - 'self'
+                # Required for loading the Wasm for the barcode scanner:
+                - 'wasm-unsafe-eval'
             object-src:
                 - 'self'
                 - 'data:'

config/packages/php_translation.yaml

@@ -1,11 +0,0 @@
-translation:
-    locales: ["en", "de"]
-    edit_in_place:
-        enabled: false
-        config_name: app
-    configs:
-        app:
-            dirs: ["%kernel.project_dir%/templates", "%kernel.project_dir%/src"]
-            output_dir: "%kernel.project_dir%/translations"
-            excluded_names: ["*TestCase.php", "*Test.php"]
-            excluded_dirs: [cache, data, logs]

config/packages/scheb_2fa.yaml

@@ -6,7 +6,7 @@ scheb_two_factor:
         server_name: '$$DOMAIN$$'       # This field is replaced by the domain name of the server in DecoratedGoogleAuthenticator
         issuer: '%partdb.title%'        # Issuer name used in QR code
         digits: 6                       # Number of digits in authentication code
-        window: 1                       # How many codes before/after the current one would be accepted as valid
+        leeway: 5                       # Acceptable time drift in seconds
         template: security/2fa_form.html.twig
 
     backup_codes:

config/packages/security.yaml

@@ -19,7 +19,7 @@ security:
             provider: app_user_provider
             lazy: true
             user_checker: App\Security\UserChecker
-            entry_point: form_login
+            entry_point: App\Security\AuthenticationEntryPoint
 
             # Enable user impersonation
             switch_user: { role: CAN_SWITCH_USER }
@@ -71,3 +71,5 @@ security:
         - { path: "^/\\w{2}/tree", role: PUBLIC_ACCESS }
         # Restrict access to API to users, which has the API access permission
         - { path: "^/api", allow_if: 'is_granted("@api.access_api") and is_authenticated()' }
+        # Restrict access to KICAD to users, which has API access permission
+        - { path: "^/kicad-api", allow_if: 'is_granted("@api.access_api") and is_authenticated()' }

config/packages/twig.yaml

@@ -20,6 +20,7 @@ twig:
         avatar_helper: '@App\Services\UserSystem\UserAvatarHelper'
         available_themes: '%partdb.available_themes%'
         saml_enabled: '%partdb.saml.enabled%'
+        part_preview_generator: '@App\Services\Attachments\PartPreviewGenerator'
 
 when@test:
     twig:

config/parameters.yaml

@@ -11,11 +11,13 @@ parameters:
   partdb.banner: '%env(trim:string:BANNER)%'                  # The info text shown in the homepage, if empty config/banner.md is used
   partdb.default_currency: '%env(string:BASE_CURRENCY)%'      # The currency that is used inside the DB (and is assumed when no currency is set). This can not be changed later, so be sure to set it the currency used in your country
   partdb.global_theme: ''                                     # The theme to use globally (see public/build/themes/ for choices, use name without .css). Set to '' for default bootstrap theme
-  partdb.locale_menu: ['en', 'de', 'it', 'fr', 'ru', 'ja']    # The languages that are shown in user drop down menu
+  partdb.locale_menu: ['en', 'de', 'it', 'fr', 'ru', 'ja', 'cs', 'da', 'zh', 'pl']    # The languages that are shown in user drop down menu
   partdb.enforce_change_comments_for: '%env(csv:ENFORCE_CHANGE_COMMENTS_FOR)%' # The actions for which a change comment is required (e.g. "part_edit", "part_create", etc.). If this is empty, change comments are not required at all.
 
   partdb.default_uri: '%env(string:DEFAULT_URI)%'             # The default URI to use for the Part-DB instance (e.g. https://part-db.example.com/). This is used for generating links in emails
 
+  partdb.db.emulate_natural_sort: '%env(bool:DATABASE_EMULATE_NATURAL_SORT)%' # If this is set to true, natural sorting is emulated on platforms that do not support it natively. This can be slow on large datasets.
+
   ######################################################################################################################
   # Users and Privacy
   ######################################################################################################################
@@ -35,6 +37,7 @@ parameters:
   # Attachments and files
   ######################################################################################################################
   partdb.attachments.allow_downloads: '%env(bool:ALLOW_ATTACHMENT_DOWNLOADS)%'    # Allow users to download attachments to server. Warning: This can be dangerous, because via that feature attackers maybe can access ressources on your intranet!
+  partdb.attachments.download_by_default: '%env(bool:ATTACHMENT_DOWNLOAD_BY_DEFAULT)%' # If this is set the 'download external files' checkbox is set by default for new attachments (only if allow_downloads is set to true)
   partdb.attachments.dir.media: 'public/media/'                                   # The folder where uploaded attachment files are saved (must be in public folder)
   partdb.attachments.dir.secure: 'uploads/'                                       # The folder where secured attachment files are saved (must not be in public/)
   partdb.attachments.max_file_size: '%env(string:MAX_ATTACHMENT_FILE_SIZE)%'      # The maximum size of an attachment file (in bytes, you can use M for megabytes and G for gigabytes)
@@ -114,6 +117,8 @@ parameters:
   env(USE_GRAVATAR): '0'
   env(MAX_ATTACHMENT_FILE_SIZE): '100M'
 
+  env(REDIRECT_TO_HTTPS): 0
+
   env(ENFORCE_CHANGE_COMMENTS_FOR): ''
 
   env(ERROR_PAGE_ADMIN_EMAIL): ''
@@ -141,3 +146,6 @@ parameters:
   env(HISTORY_SAVE_REMOVED_DATA): 1
   env(HISTORY_SAVE_NEW_DATA): 1
 
+  env(EDA_KICAD_CATEGORY_DEPTH): 0
+
+  env(DATABASE_EMULATE_NATURAL_SORT): 0

config/routes/dev/php_translation.yaml

@@ -1,6 +0,0 @@
-_translation_webui:
-    resource: '@TranslationBundle/Resources/config/routing_webui.yaml'
-    prefix: /admin
-
-_translation_profiler:
-    resource: '@TranslationBundle/Resources/config/routing_symfony_profiler.yaml'

config/routes/jbtronics_translation_editor.yaml

@@ -0,0 +1,3 @@
+when@dev:
+  translation_editor:
+    resource: '@JbtronicsTranslationEditorBundle/config/routes.php'

config/routes/php_translation.yaml

@@ -1,3 +0,0 @@
-_translation_edit_in_place:
-    resource: '@TranslationBundle/Resources/config/routing_edit_in_place.yaml'
-    prefix: /admin

config/routes/security.yaml

@@ -0,0 +1,3 @@
+_security_logout:
+    resource: security.route_loader.logout
+    type: service

config/services.yaml

@@ -76,23 +76,18 @@ services:
             # Only the event classes specified here are saved to DB (set to []) to log all events
             $whitelist: []
 
-    App\EventSubscriber\LogSystem\EventLoggerSubscriber:
+    App\EventListener\LogSystem\EventLoggerListener:
         arguments:
             $save_changed_fields: '%env(bool:HISTORY_SAVE_CHANGED_FIELDS)%'
             $save_changed_data: '%env(bool:HISTORY_SAVE_CHANGED_DATA)%'
             $save_removed_data: '%env(bool:HISTORY_SAVE_REMOVED_DATA)%'
             $save_new_data: '%env(bool:HISTORY_SAVE_NEW_DATA)%'
-        tags:
-            - { name: 'doctrine.event_subscriber' }
-
-    App\EventSubscriber\LogSystem\LogDBMigrationSubscriber:
-        tags:
-            - { name: 'doctrine.event_subscriber' }
 
     App\Form\AttachmentFormType:
         arguments:
             $allow_attachments_download: '%partdb.attachments.allow_downloads%'
             $max_file_size: '%partdb.attachments.max_file_size%'
+            $download_by_default: '%partdb.attachments.download_by_default%'
 
     App\Services\Attachments\AttachmentSubmitHandler:
         arguments:
@@ -140,6 +135,19 @@ services:
             $saml_role_mapping: '%env(json:SAML_ROLE_MAPPING)%'
             $update_group_on_login: '%env(bool:SAML_UPDATE_GROUP_ON_LOGIN)%'
 
+
+    security.access_token_extractor.header.token:
+        class: Symfony\Component\Security\Http\AccessToken\HeaderAccessTokenExtractor
+        arguments:
+            $tokenType: 'Token'
+
+    security.access_token_extractor.main:
+        class: Symfony\Component\Security\Http\AccessToken\ChainAccessTokenExtractor
+        arguments:
+            $accessTokenExtractors:
+                - '@security.access_token_extractor.header'
+                - '@security.access_token_extractor.header.token'
+
     ####################################################################################################################
     # Cache
     ####################################################################################################################
@@ -293,6 +301,21 @@ services:
             $options: '%env(string:PROVIDER_MOUSER_SEARCH_OPTION)%'
             $search_limit: '%env(int:PROVIDER_MOUSER_SEARCH_LIMIT)%'
 
+    App\Services\InfoProviderSystem\Providers\LCSCProvider:
+        arguments:
+            $enabled: '%env(bool:PROVIDER_LCSC_ENABLED)%'
+            $currency: '%env(string:PROVIDER_LCSC_CURRENCY)%'
+
+    App\Services\InfoProviderSystem\Providers\OEMSecretsProvider:
+        arguments:
+            $api_key: '%env(string:PROVIDER_OEMSECRETS_KEY)%'
+            $country_code: '%env(string:PROVIDER_OEMSECRETS_COUNTRY_CODE)%'
+            $currency: '%env(PROVIDER_OEMSECRETS_CURRENCY)%'
+            $zero_price: '%env(PROVIDER_OEMSECRETS_ZERO_PRICE)%'
+            $set_param: '%env(PROVIDER_OEMSECRETS_SET_PARAM)%'
+            $sort_criteria: '%env(PROVIDER_OEMSECRETS_SORT_CRITERIA)%'
+
+
     ####################################################################################################################
     # API system
     ####################################################################################################################
@@ -302,6 +325,13 @@ services:
             $global_locale: '%partdb.locale%'
             $global_timezone: '%partdb.timezone%'
 
+    ####################################################################################################################
+    # EDA system
+    ####################################################################################################################
+    App\Services\EDA\KiCadHelper:
+        arguments:
+            $category_depth: '%env(int:EDA_KICAD_CATEGORY_DEPTH)%'
+
     ####################################################################################################################
     # Symfony overrides
     ####################################################################################################################
@@ -349,6 +379,10 @@ services:
             $partdb_banner: '%partdb.banner%'
             $project_dir: '%kernel.project_dir%'
 
+    App\Doctrine\Middleware\MySQLSSLConnectionMiddlewareWrapper:
+        arguments:
+            $enabled: '%env(bool:DATABASE_MYSQL_USE_SSL_CA)%'
+            $verify: '%env(bool:DATABASE_MYSQL_SSL_VERIFY_CERT)%'
 
     ####################################################################################################################
     # Monolog
@@ -376,4 +410,4 @@ when@test:
             arguments:
                 - '@doctrine.fixtures.loader'
                 - '@doctrine'
-                - { default: '@App\Doctrine\Purger\ResetAutoIncrementPurgerFactory' }
+                - { default: '@App\Doctrine\Purger\DoNotUsePurgerFactory' }

docs/api/authentication.md

@@ -11,17 +11,16 @@ To use API endpoints, the external application has to authenticate itself, so th
 the data and which permissions
 the application should have during the access. Authentication is always bound to a specific user, so the external
 applications is acting on behalf of a
-specific user. This user limits the permissions of the application, so that it can only access data, which the user is
+specific user. This user limits the permissions of the application so that it can only access data, which the user is
 allowed to access.
 
 The only method currently available for authentication is to use API tokens:
 
 ## API tokens
 
-An API token is a long alphanumeric string, which is bound to a specific user and can be used to authenticate as this
-user, when accessing the API.
-The API token is passed via the `Authentication` HTTP header during the API request, like the
-following: `Authentication: Bearer tcp_sdjfks....`.
+An API token is a long alphanumeric string, which is bound to a specific user and can be used to authenticate as this user when accessing the API.
+The API token is passed via the `Authorization` HTTP header during the API request, like the
+following: `Authorization: Bearer tcp_sdjfks....`.
 
 {: .important }
 > Everybody who knows the API token can access the API as the user, which is bound to the token. So you should treat the
@@ -36,7 +35,7 @@ not access the API anymore with this token.
 ### Token permissions and scopes
 
 API tokens are ultimately limited by the permissions of the user, which belongs to the token. That means that the token
-can only access data, which the user is allowed to access, no matter the token permissions.
+can only access data, that the user is allowed to access, no matter the token permissions.
 
 But you can further limit the permissions of a token by choosing a specific scope for the token. The scope defines which
 subset of permissions the token has, which can be less than the permissions of the user. For example, you can have a
@@ -50,15 +49,15 @@ change anything in the database.
 > Only use the full or admin scope, if you really need it, as they could potentially be used to do a lot of damage to
 > your Part-DB instance.
 
-Following token scopes are available:
+The following token scopes are available:
 
 * **Read-Only**: The token can only read non-sensitive data (like parts, but no users or groups) from the API and can
   not change anything.
 * **Edit**: The token can read and write non-sensitive data via the API. This includes creating, updating and deleting
   data. This should be enough for most applications.
 * **Admin**: The token can read and write all data via the API, including sensitive data like users and groups. This
-  should only be used for trusted applications, which need to access sensitive data, and perform administrative actions.
-* **Full**: The token can do anything the user can do, including changing the users password and create new tokens. This
+  should only be used for trusted applications, which need to access sensitive data and perform administrative actions.
+* **Full**: The token can do anything the user can do, including changing the user's password and creating new tokens. This
   should only be used for highly trusted applications!!
 
 Please note, that in early versions of the API, there might be no endpoints yet, to really perform the actions, which

docs/api/intro.md

@@ -29,15 +29,14 @@ features and how to use them.
 
 The API is available under the `/api` path, but not reachable without proper permissions.
 You have to give the users, which should be able to access the API the proper permissions (Miscellaneous -> API).
-Please note that there are two relevant permissions, the first one allows users to access the `/api/` path at all and
-showing the documentation,
-and the second one allows them to create API tokens which is needed for authentication of external applications.
+Please note that there are two relevant permissions, the first one allows users to access the `/api/` path at all and show the documentation,
+and the second one allows them to create API tokens which are needed for the authentication of external applications.
 
 ## Authentication
 
 To use API endpoints, the external application has to authenticate itself, so that Part-DB knows which user is accessing
 the data and
-which permissions the application should have. Basically this is done by creating an API token for a user and then
+which permissions the application should have. Basically, this is done by creating an API token for a user and then
 passing it on every request
 with the `Authorization` header as bearer token, so you add a header `Authorization: Bearer <your token>`.
 
@@ -46,11 +45,10 @@ See [Authentication chapter]({% link api/authentication.md %}) for more details.
 ## API endpoints
 
 The API is split into different endpoints, which are reachable under the `/api/` path of your Part-DB instance (
-so `https://your-part-db.local/api/`).
-There are various endpoints for each entity type (like `part`, `manufacturer`, etc.), which allow you to read and write
-data and some special endpoints like `search` or `statistics`.
+e.g. `https://your-part-db.local/api/`).
+There are various endpoints for each entity type (like `part`, `manufacturer`, etc.), which allow you to read and write data, and some special endpoints like `search` or `statistics`.
 
-For example all API endpoints for managing categories are available under `/api/categories/`. Depending on the exact
+For example, all API endpoints for managing categories are available under `/api/categories/`. Depending on the exact
 path and the HTTP method used, you can read, create, update or delete categories.
 For most entities, there are endpoints like this:
 
@@ -66,29 +64,28 @@ For most entities, there are endpoints like this:
 A full (interactive) list of endpoints can be displayed when visiting the `/api/` path in your browser, when you are
 logged in with a user, which is allowed to access the API.
 There is also a link to this page, on the user settings page in the API token section.
-This documentation also list all available fields for each entity type and the allowed operations.
+This documentation also lists all available fields for each entity type and the allowed operations.
 
 ## Formats
 
 The API supports different formats for the request and response data, which you can control via the `Accept`
 and `Content-Type` headers.
 You should use [JSON-LD](https://json-ld.org/) as format, which is basically JSON with some additional metadata, which
-allows
-to describe the data in a more structured way and also allows to link between different entities. You can achieve this
+allows you to describe the data in a more structured way and also allows to link between different entities. You can achieve this
 by setting `Accept: application/ld+json` header to the API requests.
 
 To get plain JSON without any metadata or links, use the `Accept: application/json` header.
 
 Without an `Accept` header (e.g. when you call the endpoint in a browser), the API will return an HTML page with the
 documentation, so be sure to include the desired `Accept` header in your API requests.
-If you can not control the `Accept` header, you can add an `.json` or `.jsonld` suffix to the URL to enforce a JSON or
+If you can not control the `Accept` header, you can add a `.json` or `.jsonld` suffix to the URL to enforce a JSON or
 JSON-LD response (e.g. `/api/parts.jsonld`).
 
 ## OpenAPI schema
 
 Part-DB provides a [OpenAPI](https://swagger.io/specification/) (formally Swagger) schema for the API
 under `/api/docs.json` (so `https://your-part-db.local/api/docs.json`).
-This schema is a machine-readable description of the API, which can be imported in software to test the API or even
+This schema is a machine-readable description of the API, which can be imported into software to test the API or even
 automatically generate client libraries for the API.
 
 API generators which can generate a client library for the API from the schema are available for many programming
@@ -120,14 +117,10 @@ See [API Platform docs](https://api-platform.com/docs/core/pagination) for more
 ## Filtering results / Searching
 
 When retrieving a list of entities, you can restrict the results by various filters. Almost all entities have a search
-filter,
-which allows you to only include entities, which (text) fields match the given search term: For example if you only want
-to
-get parts, with the Name "BC547", you can use `/api/parts.jsonld?name=BC547`. You can use `%` as wildcard for multiple
-characters
-in the search term (Be sure to properly encode the search term, if you use special characters). For example if you want
-to get all parts,
-whose name starts with "BC", you can use `/api/parts.jsonld?name=BC%25` (the `%25` is the url encoded version of `%`).
+filter, which allows you to only include entities, which (text) fields match the given search term: For example, if you only want
+to get parts, with the Name "BC547", you can use `/api/parts.jsonld?name=BC547`. You can use `%` as a wildcard for multiple
+characters in the search term (Be sure to properly encode the search term, if you use special characters). For example, if you want
+to get all parts, whose name starts with "BC", you can use `/api/parts.jsonld?name=BC%25` (the `%25` is the url encoded version of `%`).
 
 There are other filters available for some entities, allowing you to search on other fields, or restricting the results
 by numeric values or dates. See the endpoint documentation for the available filters.
@@ -136,8 +129,8 @@ by numeric values or dates. See the endpoint documentation for the available fil
 
 To get all parts with a certain category, manufacturer, etc. you can use the `category`, `manufacturer`, etc. query
 parameters of the `/api/parts` endpoint.
-They are so-called entity filters and accept a comma separated list of IDs of the entities you want to filter by.
-For example if you want to get all parts with the category "Resistor" (Category ID 1) and "Capacitor" (Category ID 2),
+They are so-called entity filters and accept a comma-separated list of IDs of the entities you want to filter by.
+For example, if you want to get all parts with the category "Resistor" (Category ID 1) and "Capacitor" (Category ID 2),
 you can use `/api/parts.jsonld?category=1,2`.
 
 Suffix an id with `+` to suffix, to include all direct children categories of the given category. Use the `++` suffix to
@@ -150,7 +143,7 @@ See the endpoint documentation for the available entity filters.
 ## Ordering results
 
 When retrieving a list of entities, you can order the results by various fields using the `order` query parameter.
-For example if you want to get all parts ordered by their name, you can use `/api/parts/?order[name]=asc`. You can use
+For example, if you want to get all parts ordered by their name, you can use `/api/parts/?order[name]=asc`. You can use
 this parameter multiple times to order by multiple fields.
 
 See the endpoint documentation for the available fields to order by.
@@ -161,12 +154,12 @@ Sometimes you only want to get a subset of the properties of an entity, for exam
 part, but not all the other properties.
 You can achieve this using the `properties[]` query parameter with the name of the field you want to get. You can use
 this parameter multiple times to get multiple fields.
-For example if you only want to get the name and the description of a part, you can
+For example, if you only want to get the name and the description of a part, you can
 use `/api/parts/123?properties[]=name&properties[]=description`.
-It is also possible to use this filters on list endpoints (get collection), to only get a subset of the properties of
+It is also possible to use these filters on list endpoints (get collection), to only get a subset of the properties of
 all entities in the collection.
 
-See [API Platform docs](https://api-platform.com/docs/core/filters/#property-filter) for more infos.
+See [API Platform docs](https://api-platform.com/docs/core/filters/#property-filter) for more info.
 
 ## Change comment
 
@@ -174,5 +167,63 @@ Similar to the changes using Part-DB web interface, you can add a change comment
 which will be
 visible in the log of the entity.
 
-You can pass the text for this via the `_comment` query parameter (beware the proper encoding). For
+You can pass the text for this via the `_comment` query parameter (beware of the proper encoding). For
 example `/api/parts/123?_comment=This%20is%20a%20change%20comment`.
+
+## Creating attachments and parameters
+
+To create attachments and parameters, use the POST endpoint. Internally there are different types of attachments and
+parameters, for each entity type, where the attachments or parameters are used (e.g. PartAttachment for parts, etc.).
+The type of the attachment or parameter is automatically determined by the `element` property of the request data if a
+IRI is passed. You can use the `_type` property to explicitly set the type of the attachment or parameter (the value must
+be the value of the `@type` property of the owning entity. e.g. `Part` for parts).
+
+For example, to create an attachment on a part, you can use the following request:  
+
+```
+POST /api/attachments
+
+{
+    "name": "front68",
+    "attachment_type": "/api/attachment_types/1",
+    "url": "https://invalid.invalid/test.url",
+    "element": "/api/parts/123"
+}
+```
+
+## Uploading files to attachments
+
+To upload files to the attachments you can use the special `upload` property of the attachment entity during write operations (POST, PUT, PATCH).
+Under `data` you can pass a base64 encoded string of the file content, and under `filename` the name of the file.
+Using the `private` property you can control if the file is the attachment should be stored privately or public.
+
+For example, to upload a file to an attachment, you can use the following request:
+
+```
+PATCH /api/attachments/123
+
+{
+  "upload": {
+    "data": "data:@file/octet-stream;base64,LS0gcGhwTXlB[...]",
+    "filename": "test.csv",
+    "private": false
+  },
+  "name": "Rename attachment"
+}
+```
+
+This also works for creating new attachments, by including the `upload` property in the request data along with the other properties.
+
+Using the `downloadUrl` property of `upload` you can say Part-DB to upload the file specified at the URL set on the attachment.
+
+```
+PATCH /api/attachments/123
+
+{
+  "upload": {
+    "downloadUrl": true
+  },
+  "url": "https://host.invalid/myfile.pdf"
+}
+
+```

docs/concepts.md

@@ -11,55 +11,55 @@ This page explains the different concepts of Part-DB and what their intended use
 1. TOC
 {:toc}
 
-## Part managment
+## Part management
 
 ### Part
 
 A part is the central concept of Part-DB. A part represents a single kind (or type) of a thing, like an electronic
 component, a device, a book or similar (depending on what you use Part-DB for). A part entity just represents a certain
-type of thing, so if you have 1000 times an BC547 transistor you would create ONE part with the name BC547 and set its
+type of thing, so if you have 1000 times a BC547 transistor you would create ONE part with the name BC547 and set its
 quantity to 1000. The individual quantities (so a single BC547 transistor) of a part, should be indistinguishable from
-each other, so that it does not matter which one of your 1000 things of Part you use.
-A part entity have many fields, which can be used to describe it better. Most of the fields are optional:
+each other so that it does not matter which one of your 1000 things of Part you use.
+A part entity has many fields, which can be used to describe it better. Most of the fields are optional:
 
-* **Name** (Required): The name of the part or how you want to call it. This could be a manufacturer provided name, or a
-  name you thought of your self. The name have to be unique in a single category.
-* **Description**: A short (single-line) description of what this part is/does. For longer information you should use
+* **Name** (Required): The name of the part or how you want to call it. This could be a manufacturer-provided name, or a
+  name you thought of yourself. Each name needs to be unique and must exist in a single category.
+* **Description**: A short (single-line) description of what this part is/does. For longer information, you should use
   the comment field or the specifications
 * **Category** (Required): The category (see there) to which this part belongs to.
-* **Tags**: The list of tags this part belong to. Tags can be used to group parts logically (similar to the category),
+* **Tags**: The list of tags this part belongs to. Tags can be used to group parts logically (similar to the category),
   but tags are much less strict and formal (they don't have to be defined forehands) and you can assign multiple tags to
   a part. When clicking on a tag, a list with all parts which have the same tag, is shown.
 * **Min Instock**: *Not really implemented yet*. Parts where the total instock is below this value, will show up for
   ordering.
 * **Footprint**: See there. Useful especially for electronic parts, which have one of the common electronic footprints (
-  like DIP8, SMD0805 or similar). If a part has no explicit defined preview picture, the preview picture of its
+  like DIP8, SMD0805 or similar). If a part has no explicitly defined preview picture, the preview picture of its
   footprint will be shown instead in tables.
 * **Manufacturer**: The manufacturer which has manufactured (not sold) this part. See Manufacturer entity for more info.
 * **Manufacturer part number** (MPN): If you have used your own name for a part, you can put the part number the
-  manufacturer uses in this field, so that you can find a part also under its manufacturer number.
+  manufacturer uses in this field so that you can find a part also under its manufacturer number.
 * **Link to product page**: If you want to link to the manufacturer website of a part, and it is not possible to
   determine it automatically from the part name, set in the manufacturer entity (or no manufacturer is set), you can set
   the link here for each part individually.
 * **Manufacturing Status**: The manufacturing status of this part, meaning the information about where the part is in
   its manufacturing lifecycle.
-* **Needs review**: If you think parts information maybe are inaccurate or incomplete and needs some later
-  review/checking, you can set this flag. A part with this flag is marked, so that users know the information are not
+* **Needs review**: If you think parts information may be inaccurate or incomplete and needs some later
+  review/checking, you can set this flag. A part with this flag is marked, so that users know the information is not
   completely trustworthy.
 * **Favorite**: Parts with this flag are highlighted in parts lists
 * **Mass**: The mass of a single piece of this part (so of a single transistor). Given in grams.
-* **Internal Part number** (IPN): Each part is automatically assigned a numerical ID which identifies a part in the
+* **Internal Part number** (IPN): Each part is automatically assigned a numerical ID that identifies a part in the
   database. This ID depends on when a part was created and can not be changed. If you want to assign your own unique
   identifiers, or sync parts identifiers with the identifiers of another database you can use this field.
 
 ### Stock / Part lot
 
-A part can have many stock at multiple different locations. This is represented by part lots / stocks, which consists
-basically of a storage location (so where are the parts of this lot are stored) and an amount (how many parts are there).
+A part can have many stocks at multiple different locations. This is represented by part lots/stocks, which consists
+basically of a storage location (so where the parts of this lot are stored) and an amount (how many parts are there).
 
 ### Purchase Information
 
-The purchase information describe where the part can be bought (at which vendors) and to which prices.
+The purchase information describes where the part can be bought (at which vendors) and at which prices.
 The first part (the order information) describes at which supplier the part can be bought and which is the name of the
 part under which you can order the part there.
 An order information can contain multiple price information, which describes the prices for the part at the supplier
@@ -67,13 +67,13 @@ including bulk discount, etc.
 
 ### Parameters
 
-Parameters represents various specifications / parameters of a part, like the maximum current of a diode, etc. The
+Parameters represent various specifications/parameters of a part, like the maximum current of a diode, etc. The
 advantage of using parameters instead of just putting the data in the comment field or so, is that you can filter for
-parameters values (including ranges and more) later on.
-Parameters describe can describe numeric values and/or text values for which they can be filtered. This basically allows
+parameter's values (including ranges and more) later on.
+Parameters can describe numeric values and/or text values for which they can be filtered. This allows
 you to define custom fields on a part.
 
-Using the group field a parameter allows you to group parameters together in the info page later (all parameters with
+Using the group field as a parameter allows you to group parameters together on the info page later (all parameters with
 the same group value will be shown under the same group title).
 
 ## Core data
@@ -99,17 +99,17 @@ possible category tree could look like this:
 
 ### Supplier
 
-A Supplier is a vendor / distributor where you can buy/order parts. Price information of parts are associated with a
+A Supplier is a vendor/distributor where you can buy/order parts. Price information of parts is associated with a
 supplier.
 
 ### Manufacturer
 
-A manufacturer represents the company that manufacturer / build various parts (not necessary sell them). If the
-manufacturer also sell the parts, you have to create a supplier for that.
+A manufacturer represents the company that manufacturers/builds various parts (not necessarily sell them). If the
+manufacturer also sells the parts, you have to create a supplier for that.
 
 ### Storage location
 
-A storage location represents a place where parts can be stored. This could be a box, a shelf or other things (like the
+A storage location represents a place where parts can be stored. This could be a box, a shelf, or other things (like the
 SMD feeder of a machine or so).
 
 Storage locations are hierarchical to represent storage locations contained in each other.
@@ -129,12 +129,12 @@ Storage locations should be defined down to the smallest possible location, to m
 
 ### Footprint
 
-In electronics many components have one of the common components cases / footprints. The footprint entity describes such
+In electronics, many components have one of the common components cases/footprints. The footprint entity describes such
 common footprints, which can be assigned to parts.
-You can assign an image (and an 3D model) as an attachment to a footprint, which will be used as preview for parts with
+You can assign an image (and a 3D model) as an attachment to a footprint, which will be used as preview for parts with
 this footprint, even if the parts do not have an explicitly assigned preview image.
 
-Footprints are a hierarchically which allows you to build logical sorted trees. An example tree could look like this:
+Footprints are hierarchically which allows you to build logically sorted trees. An example tree could look like this:
 
 * Through-Hole components
     * DIP
@@ -153,17 +153,20 @@ Footprints are a hierarchically which allows you to build logical sorted trees.
 ### Measurement Unit
 
 By default, part in stock is counted in number of individual parts, which is fine for things like electronic components,
-which exists only in integer quantities. However, if you have things with fractional units like the length of a wire or
+which exist only in integer quantities. However, if you have things with fractional units like the length of a wire or
 the volume of a liquid, you have to define a measurement unit.
-The measurement unit represents a physical quantity like mass, volume or length.
+The measurement unit represents a physical quantity like mass, volume, or length.
 
-You can define a short unit for it (like m for Meters, or g for gramms) which will be shown, when a quantity of a part
+You can define a short unit for it (like m for Meters, or g for grams) which will be shown when a quantity of a part
 with this unit is shown.
 
+In order to cover wider use cases and allow you to define measurement units further, it is possible to define parameters
+associated to a measurement unit. These parameters are distinct from a part's parameters and are not inherited.
+
 ### Currency
 
 By default, all prices are set in the base currency configured for the instance (by default euros). If you want to use
-multiple currencies together (as e.g. vendors use foreign currencies for their price, and you do not want to update the
+multiple currencies together (e.g. vendors use foreign currencies for their price, and you do not want to update the
 prices for every exchange rate change), you have to define these currencies here.
 
 You can set an exchange rate here in terms of the base currency (or fetch it from the internet if configured). The
@@ -173,7 +176,7 @@ exchange rate will be used to show users the prices in their preferred currency.
 
 ### Attachment
 
-An attachment is a file that can be associated with another entity (like a Part, Storelocation, User, etc.). This could
+An attachment is a file that can be associated with another entity (like a Part, location, User, etc.). This could
 for example be a datasheet in a Part, the logo of a vendor or some CAD drawing of a footprint.
 
 An attachment has an attachment type (see below), which groups the attachments logically (and optionally restricts the
@@ -183,9 +186,9 @@ the webserver downloads the file from the supplied website and stores it locally
 
 By default, all uploaded files, are accessible for everyone (even non-logged-in users), if the link is known. If your
 Part-DB instance is publicly available, and you want to store private/sensitive files on it, you should mark the
-attachment as "Private attachment". Private attachments are only accessible to users, which has the permission to access
+attachment as "Private attachment". Private attachments are only accessible to users, which has permission to access
 private attachments.
-Please not, that no thumbnails are generated for private attachments, which can have a performance impact.
+Please note, that no thumbnails are generated for private attachments, which can have a performance impact.
 
 Part-DB ships some preview images for various common footprints like DIP-8 and others, as internal resources. These can
 be accessed/searched by typing the keyword in the URL field of a part and choosing one of the choices from the dropdown.
@@ -195,35 +198,35 @@ be accessed/searched by typing the keyword in the URL field of a part and choosi
 Most entities with attachments allow you to select one of the defined attachments as "Preview image". You can select an
 image attachment here, that previews the entity, this could be a picture of a Part, the logo of a manufacturer or
 supplier, the schematic symbol of a category or the image of a footprint.
-The preview image will be shown in various locations together with the entities name.
+The preview image will be shown in various locations together with the entity's name.
 
-Please note that as long as the picture is not secret, it should be stored on the Part-DB instance (by upload, or
-letting Part-DB download the file) and *not* be marked as a private attachments, so that thumbnails can be generated for
+Please note that as long as the picture is not secret, it should be stored on the Part-DB instance (by uploading, or
+letting Part-DB download the file) and *not* be marked as a private attachment, so that thumbnails can be generated for
 the picture (which improves performance).
 
 ### Attachment types
 
 Attachment types define logical groups of attachments. For example, you could define an attachment group "Datasheets"
 where all datasheets of Parts, Footprints, etc. belong in, "Pictures" for preview images and more.
-You can define file type restrictions, which file types and extensions are allowed for files with that attachment type.
+You can define file type restrictions, and which file types and extensions are allowed for files with that attachment type.
 
 ## User System
 
 ### User
 
-Each person which should be able to use Part-DB (by logging in) is represented by a user entity, which defines things
-like access rights, the password, and other things. For security reasons, every person which will use Part-DB should use
-its own personal account with a secret password. This allows to track activity of the users via the log.
+Each person who should be able to use Part-DB (by logging in) is represented by a user entity, which defines things
+like access rights, the password, and other things. For security reasons, every person who will use Part-DB should use
+their own personal account with a secret password. This allows to track activity of the users via the log.
 
-There is a special user called `anonymous`, whose access rights are used to determine what a non-logged in user can do.
+There is a special user called `anonymous`, whose access rights are used to determine what a non-logged-in user can do.
 Normally the anonymous user should be the most restricted user.
 
 For simplification of access management users can be assigned to groups.
 
 ### Group
 
-A group is entity, to which users can be assigned to. This can be used to logically group users by for example
-organisational structures and to simplify permissions management, as you can define groups with access rights for common
+A group is an entity, to which users can be assigned to. This can be used to logically group users by for example
+organizational structures and to simplify permissions management, as you can define groups with access rights for common
 use cases and then just assign users to them, without the need to change every permission on the users individually.
 
 ## Labels
@@ -231,9 +234,9 @@ use cases and then just assign users to them, without the need to change every p
 ### Label profiles
 
 A label profile represents a template for a label (for a storage location, a part or part lot). It consists of a size, a
-barcode type and the content. There are various placeholders which can be inserted in the text content and which will be
-used replaced with data for the actual thing.
+barcode type and the content. There are various placeholders that can be inserted in the text content and which will be 
+replaced with data for the actual thing.
 
 You do not have to define a label profile to generate labels (you can just set the settings on the fly in the label
-dialog), however if you want to generate many labels, it is recommended to save the settings as label profile, to save
+dialog), however, if you want to generate many labels, it is recommended to save the settings as a label profile, to save
 it for later usage. This ensures that all generated labels look the same.

docs/configuration.md

@@ -6,19 +6,19 @@ nav_order: 5
 
 # Configuration
 
-Part-DBs behavior can be configured to your needs. There are different kind of configuration options: Options which are
-user changeable (changeable dynamically via frontend), options which can be configured by environment variables, and
-options which are only configurable via symfony config files.
+Part-DBs behavior can be configured to your needs. There are different kinds of configuration options: Options, which are
+user-changeable (changeable dynamically via frontend), options that can be configured by environment variables, and
+options that are only configurable via Symfony config files.
 
 ## User changeable
 
-Following things can be changed for every user and a user can change it for himself (if he has the correct permission
-for it). Configuration is either possible via the users own setting page (where you can also change the password) or via
+The following things can be changed for every user and a user can change it for himself (if he has the correct permission
+for it). Configuration is either possible via the user's own settings page (where you can also change the password) or via
 the user admin page:
 
-* **Language**: The language that the users prefers, and which will be used when no language is explicitly specified.
-  Language can still always be changed via the language selector. By default, the global configured language is used.
-* **Timezone**: The timezone which the user resides in and in which all dates and times should be shown. By default, the
+* **Language**: The language that the users prefer, and which will be used when no language is explicitly specified.
+  Language can still always be changed via the language selector. By default, the globally configured language is used.
+* **Timezone**: The timezone in which the user resides and in which all dates and times should be shown. By default, the
   globally configured language.
 * **Theme**: The theme to use for the front end. Allows the user to choose the front end design, he prefers.
 * **Preferred currency**: One of the defined currencies, in which all prices should be shown, if possible. Prices with
@@ -28,16 +28,27 @@ the user admin page:
 
 The following configuration options can only be changed by the server administrator, by either changing the server
 variables, changing the `.env.local` file or setting env for your docker container. Here are just the most important
-options listed, see `.env` file for full list of possible env variables.
+options listed, see `.env` file for the full list of possible env variables.
 
 ### General options
 
-* `DATABASE_URL`: Configures the database which Part-DB uses. For mysql use a string in the form
-  of `mysql://<USERNAME>:<PASSWORD>@<HOST>:<PORT>/<TABLE_NAME>` here
-  (e.g. `DATABASE_URL=mysql://user:password@127.0.0.1:3306/part-db`). For sqlite use the following format to specify the
+* `DATABASE_URL`: Configures the database which Part-DB uses:
+   * For MySQL (or MariaDB) use a string in the form of `mysql://<USERNAME>:<PASSWORD>@<HOST>:<PORT>/<TABLE_NAME>` here
+  (e.g. `DATABASE_URL=mysql://user:password@127.0.0.1:3306/part-db`).
+   * For SQLite use the following format to specify the
   absolute path where it should be located `sqlite:///path/part/app.db`. You can use `%kernel.project_dir%` as
   placeholder for the Part-DB root folder (e.g. `sqlite:///%kernel.project_dir%/var/app.db`)
-* `DEFAULT_LANG`: The default language to use server wide (when no language is explicitly specified by a user or via
+   * For Postgresql use a string in the form of `DATABASE_URL=postgresql://user:password@127.0.0.1:5432/part-db?serverVersion=x.y`.
+
+     Please note that **`serverVersion=x.y`** variable is required due to dependency of Symfony framework.
+
+* `DATABASE_MYSQL_USE_SSL_CA`: If this value is set to `1` or `true` and a MySQL connection is used, then the connection
+ is encrypted by SSL/TLS and the server certificate is verified against the system CA certificates or the CA certificate
+bundled with Part-DB. Set `DATABASE_MYSQL_SSL_VERIFY_CERT` if you want to accept all certificates.
+* `DATABASE_EMULATE_NATURAL_SORT` (default 0): If set to 1, Part-DB will emulate natural sorting, even if the database 
+  does not support it natively. However this is much slower than the native sorting, and contain bugs or quirks, so use
+  it only, if you have to.
+* `DEFAULT_LANG`: The default language to use server-wide (when no language is explicitly specified by a user or via
   language chooser). Must be something like `en`, `de`, `fr`, etc.
 * `DEFAULT_TIMEZONE`: The default timezone to use globally, when a user has no timezone specified. Must be something
   like `Europe/Berlin`. See [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) under TZ Database name
@@ -50,14 +61,17 @@ options listed, see `.env` file for full list of possible env variables.
 * `INSTANCE_NAME`: The name of your installation. It will be shown as a title in the navbar and other places. By
   default `Part-DB`, but you can customize it to something likes `ExampleCorp. Inventory`.
 * `ALLOW_ATTACHMENT_DOWNLOADS` (allowed values `0` or `1`): By setting this option to 1, users can make Part-DB directly
-  download a file specified as a URL and create it as local file. Please note that this allows users access to all
+  download a file specified as a URL and create it as a local file. Please note that this allows users access to all
   resources publicly available to the server (so full access to other servers in the same local network), which could
   be a security risk.
+* `ATTACHMENT_DOWNLOAD_BY_DEFAULT`: When this is set to 1, the "download external file" checkbox is checked by default
+  when adding a new attachment. Otherwise, it is unchecked by default. Use this if you wanna download all attachments
+  locally by default. Attachment download is only possible, when `ALLOW_ATTACHMENT_DOWNLOADS` is set to 1.
 * `USE_GRAVATAR`: Set to `1` to use [gravatar.com](https://gravatar.com/) images for user avatars (as long as they have
   not set their own picture). The users browsers have to download the pictures from a third-party (gravatar) server, so
   this might be a privacy risk.
 * `MAX_ATTACHMENT_FILE_SIZE`: The maximum file size (in bytes) for attachments. You can use the suffix `K`, `M` or `G`
-  to specify the size in kilobytes, megabytes or gigabytes. By default `100M` (100 megabytes). Please note that this
+  to specify the size in kilobytes, megabytes or gigabytes. By default `100M` (100 megabytes). Please note that this is
   only the limit of Part-DB. You still need to configure the php.ini `upload_max_filesize` and `post_max_size` to allow
   bigger files to be uploaded.
 * `DEFAULT_URI`: The default URI base to use for the Part-DB, when no URL can be determined from the browser request.
@@ -65,8 +79,8 @@ options listed, see `.env` file for full list of possible env variables.
   emails and other places, where the URL is needed. It is also used, when SAML is enabled.s If you are using a reverse
   proxy, you should set this to the URL of the reverse proxy (e.g. `https://part-db.example.com`). **This value must end
   with a slash**.
-* `ENFORCE_CHANGE_COMMENTS_FOR`: With this option you can configure, where users are enforced to give a change reason,
-  which will be written to the log. This is a comma separated list of values (e.g. `part_edit,part_delete`). Leave empty
+* `ENFORCE_CHANGE_COMMENTS_FOR`: With this option, you can configure, where users are enforced to give a change reason,
+  which will be written to the log. This is a comma-separated list of values (e.g. `part_edit,part_delete`). Leave empty
   to make change comments optional everywhere. Possible values are:
     * `part_edit`: Edit operation of an existing part
     * `part_delete`: Delete operation of an existing part
@@ -77,6 +91,10 @@ options listed, see `.env` file for full list of possible env variables.
     * `datastructure_create`: Creation of a new datastructure (e.g. category, manufacturer, ...)
 * `CHECK_FOR_UPDATES` (default `1`): Set this to 0, if you do not want Part-DB to connect to GitHub to check for new
   versions, or if your server can not connect to the internet.
+* `APP_SECRET`: This variable is a configuration parameter used for various security-related purposes,
+  particularly for securing and protecting various aspects of your application. It's a secret key that is used for
+  cryptographic operations and security measures (session management, CSRF protection, etc..). Therefore this
+  value should be handled as confidential data and not shared publicly.
 
 ### E-Mail settings
 
@@ -85,7 +103,7 @@ options listed, see `.env` file for full list of possible env variables.
   mail account, you can use the following syntax `MAILER_DSN=smtp://user:password@smtp.mailserver.invalid:587`
 * `EMAIL_SENDER_EMAIL`: The email address from which emails should be sent from (in most cases this has to be the same
   as the email address used for SMTP access)
-* `EMAIL_SENDER_NAME`: Similar to `EMAIL_SENDER_EMAIL` but this allows you to specify the name from which the mails are
+* `EMAIL_SENDER_NAME`: Similar to `EMAIL_SENDER_EMAIL`, but this allows you to specify the name from which the mails are
   sent from.
 * `ALLOW_EMAIL_PW_RESET`: Set this value to true, if you want to allow users to reset their password via an email
   notification. You have to configure the mail provider first before via the MAILER_DSN setting.
@@ -99,15 +117,15 @@ options listed, see `.env` file for full list of possible env variables.
   Also specify the default order of the columns. This is a comma separated list of column names. Available columns
   are: `name`, `id`, `ipn`, `description`, `category`, `footprint`, `manufacturer`, `storage_location`, `amount`, `minamount`, `partUnit`, `addedDate`, `lastModified`, `needs_review`, `favorite`, `manufacturing_status`, `manufacturer_product_number`, `mass`, `tags`, `attachments`, `edit`.
 
-### History/Eventlog related settings
+### History/Eventlog-related settings
 
 The following options are used to configure, which (and how much) data is written to the system log:
 
-* `HISTORY_SAVE_CHANGED_FIELDS`: When this option is set to true, the name of the fields which are changed, are saved to
+* `HISTORY_SAVE_CHANGED_FIELDS`: When this option is set to true, the name of the fields that are changed, are saved to
   the DB (so for example it is logged that a user has changed, that the user has changed the name and description of the
   field, but not the data/content of these changes)
 * `HISTORY_SAVE_CHANGED_DATA`: When this option is set to true, the changed data is saved to log (so it is logged, that
-  a user has changed the name of a part and what the name was before). This can increase database size, when you have a
+  a user has changed the name of a part and what the name was before). This can increase database size when you have a
   lot of changes to entities.
 * `HISTORY_SAVE_REMOVED_DATA`: When this option is set to true, removed data is saved to log, meaning that you can
   easily undelete an entity, when it was removed accidentally.
@@ -120,28 +138,38 @@ then `HISTORY_SAVE_CHANGED_FIELDS`, `HISTORY_SAVE_CHANGED_DATA` and `HISTORY_SAV
 
 ### Error pages settings
 
-* `ERROR_PAGE_ADMIN_EMAIL`: You can set an email-address here, which is shown on the error page, who should be contacted
+* `ERROR_PAGE_ADMIN_EMAIL`: You can set an email address here, which is shown on the error page, who should be contacted
   about the issue (e.g. an IT support email of your company)
 * `ERROR_PAGE_SHOW_HELP`: Set this 0, to disable the solution hints shown on an error page. These hints should not
-  contain sensitive information, but could confuse end-users.
+  contain sensitive information but could confuse end-users.
+
+### EDA related settings
+
+* `EDA_KICAD_CATEGORY_DEPTH`: A number, which determines how many levels of Part-DB categories should be shown inside KiCad.
+   All parts in the selected category and all subcategories are shown in KiCad.
+   For performance reason this value should not be too high. The default is 0, which means that only the top level categories are shown in KiCad.
+   All parts in the selected category and all subcategories are shown in KiCad. Set this to a higher value, if you want to show more categories in KiCad.
+   When you set this value to -1, all parts are shown inside a single category in KiCad.
 
 ### SAML SSO settings
 
 The following settings can be used to enable and configure Single-Sign on via SAML. This allows users to log in to
 Part-DB without entering a username and password, but instead they are redirected to a SAML Identity Provider (IdP) and
-are logged in automatically. This is especially useful, when you want to use Part-DB in a company, where all users have
+are logged in automatically. This is especially useful when you want to use Part-DB in a company, where all users have
 a SAML account (e.g. via Active Directory or LDAP).
 You can find more advanced settings in the `config/packages/hslavich_onelogin_saml.yaml` file. Please note that this
 file is not backed up by the backup script, so you have to back up it manually, if you want to keep your changes. If you
 want to edit it on docker, you have to map the file to a volume.
 
 * `SAML_ENABLED`: When this is set to 1, SAML SSO is enabled and the SSO Login button is shown in the login form. You
-  have to configure the SAML settings below, before you can use this feature.
-* `SAML_ROLE_MAPPING`: A [JSON](https://en.wikipedia.org/wiki/JSON) encoded map which specifies how Part-DB should
+  have to configure the SAML settings below before you can use this feature.
+* `SAML_BEHIND_PROXY`: Set this to 1, if Part-DB is behind a reverse proxy. See [here]({% link installation/reverse-proxy.md %})
+  for more information. Otherwise, leave it to 0 (default.)
+* `SAML_ROLE_MAPPING`: A [JSON](https://en.wikipedia.org/wiki/JSON)-encoded map which specifies how Part-DB should
   convert the user roles given by SAML attribute `group` should be converted to a Part-DB group (specified by ID). You
   can use a wildcard `*` to map all otherwise unmapped roles to a certain group.
   Example: `{"*": 1, "admin": 2, "editor": 3}`. This would map all roles to the group with ID 1, except the
-  role `admin`, which is mapped to the group with ID 2 and the role `editor`, which is mapped to the group with ID 3.
+  role `admin`, which is mapped to the group with ID 2, and the role `editor`, which is mapped to the group with ID 3.
 * `SAML_UPDATE_GROUP_ON_LOGIN`: When this is enabled the group of the user is updated on every login of the user based
   on the SAML role attributes. When this is disabled, the group is only assigned on the first login of the user, and a
   Part-DB administrator can change the group afterward by editing the user.
@@ -169,24 +197,31 @@ want to edit it on docker, you have to map the file to a volume.
 The settings prefixes with `PROVIDER_*` are used to configure the information providers.
 See the [information providers]({% link usage/information_provider_system.md %}) page for more information.
 
-### Other / less used options
+### Other / less-used options
 
 * `TRUSTED_PROXIES`: Set the IP addresses (or IP blocks) of trusted reverse proxies here. This is needed to get correct
   IP information (see [here](https://symfony.com/doc/current/deployment/proxies.html) for more info).
 * `TRUSTED_HOSTS`: To prevent `HTTP Host header attacks` you can set a regex containing all host names via which Part-DB
   should be accessible. If accessed via the wrong hostname, an error will be shown.
 * `DEMO_MODE`: Set Part-DB into demo mode, which forbids users to change their passwords and settings. Used for the demo
-  instance, should not be needed for normal installations.
+  instance. This should not be needed for normal installations.
 * `NO_URL_REWRITE_AVAILABLE` (allowed values `true` or `false`): Set this value to true, if your webserver does not
-  support rewrite. In this case, all URL paths will contain index.php/, which is needed then. Normally this setting do
+  support rewrite. In this case, all URL paths will contain index.php/, which is needed then. Normally this setting does
   not need to be changed.
+* `REDIRECT_TO_HTTPS`: If this is set to true, all requests to http will be redirected to https. This is useful if your
+  web server does not already do this (like the one used in the demo instance). If your web server already redirects to
+  https, you don't need to set this. Ensure that Part-DB is accessible via HTTPS before you enable this setting.
 * `FIXER_API_KEY`: If you want to automatically retrieve exchange rates for base currencies other than euros, you have to
   configure an exchange rate provider API. [Fixer.io](https://fixer.io/) is preconfigured, and you just have to register
   there and set the retrieved API key in this environment variable.
 * `APP_ENV`: This value should always be set to `prod` in normal use. Set it to `dev` to enable debug/development
   mode. (**You should not do this on a publicly accessible server, as it will leak sensitive information!**)
 * `BANNER`: You can configure the text that should be shown as the banner on the homepage. Useful especially for docker
-  container. In all other applications you can just change the `config/banner.md` file.
+  containers. In all other applications you can just change the `config/banner.md` file.
+* `DISABLE_YEAR2038_BUG_CHECK`: If set to `1`, the year 2038 bug check is disabled on 32-bit systems, and dates after
+2038 are no longer forbidden. However this will lead to 500 error messages when rendering dates after 2038 as all current
+32-bit PHP versions can not format these dates correctly. This setting is for the case that future PHP versions will
+handle this correctly on 32-bit systems. 64-bit systems are not affected by this bug, and the check is always disabled.
 
 ## Banner
 
@@ -199,8 +234,7 @@ markdown (and even some subset of HTML) syntax to format the text.
 You can also configure some options via the `config/parameters.yaml` file. This should normally not need,
 and you should know what you are doing, when you change something here. You should expect, that you will have to do some
 manual merge, when you have changed something here and update to a newer version of Part-DB. It is possible that
-configuration
-options here will change or completely removed in future versions of Part-DB.
+configuration options here will change or be  completely removed in future versions of Part-DB.
 
 If you change something here, you have to clear the cache, before the changes will take effect with the
 command `bin/console cache:clear`.

docs/index.md

@@ -12,8 +12,8 @@ It is installed on a web server and so can be accessed with any browser without
 {: .important-title }
 > Demo
 >
-> If you want to test Part-DB without installing it, you can use [this](https://part-db.herokuapp.com) Heroku instance.
-> (Or this link for the [German Version](https://part-db.herokuapp.com/de/)).
+> If you want to test Part-DB without installing it, you can use [this](https://demo.part-db.de/) Heroku instance.
+> (Or this link for the [German Version](https://demo.part-db.de/de/)).
 >
 > You can log in with username: **user** and password: **user**, to change/create data.
 >
@@ -25,10 +25,10 @@ It is installed on a web server and so can be accessed with any browser without
 
 ## Features
 
-* Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer
+* Inventory management of your electronic parts. Each part can be assigned to a category, footprint, manufacturer,
   and multiple store locations and price information. Parts can be grouped using tags. You can associate various files
   like datasheets or pictures with the parts.
-* Multi-Language support (currently German, English, Russian, Japanese and French (experimental))
+* Multi-language support (currently German, English, Russian, Japanese and French (experimental))
 * Barcodes/Labels generator for parts and storage locations, scan barcodes via webcam using the builtin barcode scanner
 * User system with groups and detailed (fine granular) permissions.
   Two-factor authentication is supported (Google Authenticator and Webauthn/U2F keys) and can be enforced for groups.
@@ -41,14 +41,16 @@ It is installed on a web server and so can be accessed with any browser without
 * Event log: Track what changes happens to your inventory, track which user does what. Revert your parts to older
   versions.
 * Responsive design: You can use Part-DB on your PC, your tablet and your smartphone using the same interface.
-* MySQL and SQLite supported as database backends
+* MySQL, SQLite and PostgreSQL are supported as database backends
 * Support for rich text descriptions and comments in parts
 * Support for multiple currencies and automatic update of exchange rates supported
 * Powerful search and filter function, including parametric search (search for parts according to some specifications)
 * Easy migration from an existing PartKeepr instance (see [here]({%link partkeepr_migration.md %}))
-* Use cloud providers (like Octopart, Digikey, farnell or TME) to automatically get part information, datasheets and
+* Use cloud providers (like Octopart, Digikey, Farnell or TME) to automatically get part information, datasheets and
   prices for parts (see [here]({% link usage/information_provider_system.md %}))
 * API to access Part-DB from other applications/scripts
+* [Integration with KiCad]({%link usage/eda_integration.md %}): Use Part-DB as central datasource for your
+  KiCad and see available   parts from Part-DB directly inside KiCad.
 
 With these features Part-DB is useful to hobbyists, who want to keep track of their private electronic parts inventory,
 or makerspaces, where many users have should have (controlled) access to the shared inventory.

docs/installation/choosing_database.md

@@ -7,10 +7,18 @@ nav_order: 1
 
 # Choosing database: SQLite or MySQL
 
-Part-DB saves its data in a [relational (SQL) database](https://en.wikipedia.org/wiki/Relational_database). Part-DB
-supports either the use of [SQLite](https://www.sqlite.org/index.html)
-or [MySQL](https://www.mysql.com/) / [MariaDB](https://mariadb.org/) (which are mostly the same, except for some minor
-differences).
+Part-DB saves its data in a [relational (SQL) database](https://en.wikipedia.org/wiki/Relational_database).
+
+For this multiple database types are supported, currently these are:
+
+* [SQLite](https://www.sqlite.org/index.html)
+* [MySQL](https://www.mysql.com/) / [MariaDB](https://mariadb.org/) (which are mostly the same, except for some minor
+  differences)
+* [PostgreSQL](https://www.postgresql.org/)
+
+All these database types allow for the same basic functionality and allow Part-DB to run. However, there are some minor
+differences between them, which might be important for you. Therefore the pros and cons of the different database types
+are listed here.
 
 {: .important }
 You have to choose between the database types before you start using Part-DB and **you can not change it (easily) after
@@ -18,27 +26,157 @@ you have started creating data**. So you should choose the database type for you
 
 ## Comparison
 
-**SQLite** is the default database type which is configured out of the box. All data is saved in a single file (
-normally `var/app.db` in the Part-DB folder) and no additional installation or configuration besides Part-DB is needed.
-To use **MySQL/MariaDB** as database, you have to install and configure the MySQL server, configure it and create a
-database and user for Part-DB, which needs some additional work. When using docker you need an additional docker
-container, and volume for the data
+### SQLite
 
-When using **SQLite** The database can be backuped easily by just copying the SQLite file to a safe place. Ideally the *
-*MySQL** database has to be dumped to a SQL file (using `mysqldump`). The `console partdb:backup` command can do this
-automatically
+#### Pros
 
-However, SQLite does not support certain operations like regex search, which has to be emulated by PHP and therefore are
-pretty slow compared to the same operation at MySQL. In future there might be features that may only be available, when
-using MySQL.
+* **Easy to use**: No additional installation or configuration is needed, just start Part-DB and it will work out of the box
+* **Easy backup**: Just copy the SQLite file to a safe place, and you have a backup, which you can restore by copying it
+  back. No need to work with SQL dumps
 
-In general MySQL might perform better for big Part-DB instances with many entries, lots of users and high activity, than
-SQLite.
+#### Cons
 
-## Conclusion and Suggestion
+* **Performance**: SQLite is not as fast as MySQL or PostgreSQL, especially when using complex queries or many users.
+* **Emulated RegEx search**: SQLite does not support RegEx search natively. Part-DB can emulate it, however that is pretty slow.
+* **Emualted natural sorting**: SQLite does not support natural sorting natively. Part-DB can emulate it, but it is pretty slow.
+* **Limitations with Unicode**: SQLite has limitations in comparisons and sorting of Unicode characters, which might lead to
+  unexpected behavior when using non-ASCII characters in your data. For example `µ` (micro sign) is not seen as equal to 
+  `μ` (greek minuscule mu), therefore searching for `µ` (micro sign) will not find parts containing `μ` (mu) and vice versa.
+  The other databases behave more intuitive in this case.
+* **No advanced features**: SQLite do no support many of the advanced features of MySQL or PostgreSQL, which might be utilized
+  in future versions of Part-DB
+
+
+### MySQL/MariaDB
+
+**If possible, it is recommended to use MariaDB 10.7+ (instead of MySQL), as it supports natural sorting of columns natively.**
+
+#### Pros
+
+* **Performance**: Compared to SQLite, MySQL/MariaDB will probably perform better, especially in large databases with many
+  users and high activity.
+* **Natural Sorting**: MariaDB 10.7+ supports natural sorting of columns. On other databases it has to be emulated, which is pretty
+  slow.
+* **Native RegEx search**: MySQL supports RegEx search natively, which is faster than emulating it in PHP.
+* **Advanced features**: MySQL/MariaDB supports many advanced features, which might be utilized in future versions of Part-DB.
+* **Full Unicode support**: MySQL/MariaDB has better support for Unicode characters, which makes it more intuitive to use
+  non-ASCII characters in your data.
+
+#### Cons
+
+* **Additional installation and configuration**: You have to install and configure the MySQL server, create a database and
+  user for Part-DB, which needs some additional work compared to SQLite.
+* **Backup**: The MySQL database has to be dumped to a SQL file (using `mysqldump`). The `console partdb:backup` command can automate this.
+
+
+### PostgreSQL
+
+#### Pros
+* **Performance**: PostgreSQL is known for its performance, especially in large databases with many users and high activity.
+* **Advanced features**: PostgreSQL supports many advanced features, which might be utilized in future versions of Part-DB.
+* **Full Unicode support**: PostgreSQL has better support for Unicode characters, which makes it more intuitive to use
+  non-ASCII characters in your data.
+* **Native RegEx search**: PostgreSQL supports RegEx search natively, which is faster than emulating it in PHP.
+* **Native Natural Sorting**: PostgreSQL supports natural sorting of columns natively in all versions and in general the support for it
+  is better than on MariaDB.
+* **Support of transactional DDL**: PostgreSQL supports transactional DDL, which means that if you encounter a problem during a schema change,
+the database will automatically rollback the changes. On MySQL/MariaDB you have to manually rollback the changes, by restoring from a database backup.
+
+#### Cons
+* **New backend**: The support of postgresql is new, and it was not tested as much as the other backends. There might be some bugs caused by this.
+* **Additional installation and configuration**: You have to install and configure the PostgreSQL server, create a database and
+  user for Part-DB, which needs some additional work compared to SQLite.
+* **Backup**: The PostgreSQL database has to be dumped to a SQL file (using `pg_dump`). The `console partdb:backup` command can automate this.
+
+
+## Recommendation
 
 When you are a hobbyist and use Part-DB for your own small inventory management with only you as user (or maybe sometimes
-a few other people), then the easy-to-use SQLite database will be fine.
+a few other people), then the easy-to-use SQLite database will be fine, as long as you can live with the limitations, stated above.
+However using MariaDB (or PostgreSQL), has no disadvantages in that situation (besides the initial setup requirements), so you might
+want to use it, to be prepared for future use cases.
 
-When you are planning to have a very big database, with a lot of entries and many users which regularly (and
-concurrently) using Part-DB you should maybe use MySQL as this will scale better.
+When you are planning to have a very big database, with a lot of entries and many users which regularly using Part-DB, then you should
+use MariaDB or PostgreSQL, as they will perform better in that situation and allow for more advanced features.
+If you should use MariaDB or PostgreSQL depends on your personal preference and what you already have installed on your servers and 
+what you are familiar with.
+
+## Using the different databases
+
+The only difference in using the different databases, is a different value in the `DATABASE_URL` environment variable in the `.env.local` file
+or in the `DATABASE_URL` environment variable in your server or container configuration. It has the shape of a URL, where the scheme (the part before `://`)
+is the database type, and the rest is connection information.
+
+**The env var format below is for the `env.local` file. It might work differently for other env configuration. E.g. in a docker-compose file you have to remove the quotes!**
+
+### SQLite
+
+```shell
+DATABASE_URL="sqlite:///%kernel.project_dir%/var/app.db"
+```
+
+Here you just need to configure the path to the SQLite file, which is created by Part-DB when performing the database migrations.
+The `%kernel.project_dir%` is a placeholder for the path to the project directory, which is replaced by the actual path by Symfony, so that you do not
+need to specify the path manually. In the example the database will be created as `app.db` in the `var` directory of your Part-DB installation folder.
+
+### MySQL/MariaDB
+
+```shell
+DATABASE_URL="mysql://user:password@127.0.0.1:3306/database?serverVersion=8.0.37"
+```
+
+Here you have to replace `user`, `password` and `database` with the credentials of the MySQL/MariaDB user and the database name you want to use.
+The host (here 127.0.0.1) and port should also be specified according to your MySQL/MariaDB server configuration.
+
+In the `serverVersion` parameter you can specify the version of the MySQL/MariaDB server you are using, in the way the server returns it 
+(e.g. `8.0.37` for MySQL and `10.4.14-MariaDB`). If you do not know it, you can leave the default value.
+
+If you want to use a unix socket for the connection instead of a TCP connnection, you can specify the socket path in the `unix_socket` parameter.
+```shell
+DATABASE_URL="mysql://user:password@localhost/database?serverVersion=8.0.37&unix_socket=/var/run/mysqld/mysqld.sock"
+```
+
+### PostgreSQL
+
+```shell
+DATABASE_URL="postgresql://db_user:db_password@127.0.0.1:5432/db_name?serverVersion=12.19&charset=utf8"
+```
+
+Here you have to replace `db_user`, `db_password` and `db_name` with the credentials of the PostgreSQL user and the database name you want to use.
+The host (here 127.0.0.1) and port should also be specified according to your PostgreSQL server configuration.
+
+In the `serverVersion` parameter you can specify the version of the PostgreSQL server you are using, in the way the server returns it
+(e.g. `12.19 (Debian 12.19-1.pgdg120+1)`). If you do not know it, you can leave the default value.
+
+The `charset` parameter specify the character set of the database. It should be set to `utf8` to ensure that all characters are stored correctly.
+
+If you want to use a unix socket for the connection instead of a TCP connnection, you can specify the socket path in the `host` parameter.
+```shell
+DATABASE_URL="postgresql://db_user@localhost/db_name?serverVersion=16.6&charset=utf8&host=/var/run/postgresql"
+```
+
+
+## Natural Sorting
+
+Natural sorting is the sorting of strings in a way that numbers are sorted by their numerical value, not by their ASCII value.
+
+For example in the classical binary sorting the string `DIP-4`, `DIP-8`, `DIP-16`, `DIP-28` would be sorted as following:
+
+* `DIP-16`
+* `DIP-28`
+* `DIP-4`
+* `DIP-8`
+
+In natural sorting, it would be sorted as:
+
+* `DIP-4`
+* `DIP-8`
+* `DIP-16`
+* `DIP-28`
+
+Part-DB can sort names in part tables and tree views naturally. PostgreSQL and MariaDB 10.7+ support natural sorting natively,
+and it is automatically used if available.
+
+For SQLite and MySQL < 10.7 it has to be emulated if wanted, which is pretty slow. Therefore it has to be explicity enabled by setting the
+`DATABASE_EMULATE_NATURAL_SORT` environment variable to `1`. If it is 0 the classical binary sorting is used, on these databases. The emulations
+might have some quirks and issues, so it is recommended to use a database which supports natural sorting natively, if you want to use it.

docs/installation/index.md

@@ -7,3 +7,5 @@ has_children: true
 
 # Installation
 Below you can find some guides to install Part-DB.
+
+For the hobbyists without much experience, we recommend the docker installation or direct installation on debian.

docs/installation/installation_docker.md

@@ -16,11 +16,14 @@ where docker is available (especially recommended for Windows and macOS).
 > network.
 > If you want to expose Part-DB to the internet, you have to configure a reverse proxy with an SSL certificate!
 
+It is recommended to install Part-DB on a 64-bit system, as the 32-bit version of PHP is affected by the
+[Year 2038 problem](https://en.wikipedia.org/wiki/Year_2038_problem) and can not handle dates after 2038 correctly.
+
 ## Docker-compose
 
 Docker-compose configures the needed images and automatically creates the needed containers and volumes.
 
-1. Install docker and docker-compose like described under https://docs.docker.com/compose/install/
+1. Install docker and docker-compose as described under https://docs.docker.com/compose/install/
 2. Create a folder where the Part-DB data should live
 3. Create a file named docker-compose.yaml with the following content:
 
@@ -45,10 +48,17 @@ services:
       # In docker env logs will be redirected to stderr
       - APP_ENV=docker
       
+      # Uncomment this, if you want to use the automatic database migration feature. With this you have you do not have to
+      # run the doctrine:migrations:migrate commands on installation or upgrade. A database backup is written to the uploads/
+      # folder (under .automigration-backup), so you can restore it, if the migration fails.
+      # This feature is currently experimental, so use it at your own risk!
+      # - DB_AUTOMIGRATE=true
+
       # You can configure Part-DB using environment variables
       # Below you can find the most essential ones predefined
-      # However you can add add any other environment configuration you want here
+      # However you can add any other environment configuration you want here
       # See .env file for all available options or https://docs.part-db.de/configuration.html
+      # !!! Do not use quotes around the values, as they will be interpreted as part of the value and this will lead to errors !!!
 
       # The language to use serverwide as default (en, de, ru, etc.)
       - DEFAULT_LANG=en
@@ -65,12 +75,15 @@ services:
       # Use gravatars for user avatars, when user has no own avatar defined
       - USE_GRAVATAR=0
 
-      # Override value if you want to show to show a given text on homepage.
+      # Override value if you want to show a given text on homepage.
       # When this is empty the content of config/banner.md is used as banner
       #- BANNER=This is a test banner<br>with a line break
+    
+      # If you use a reverse proxy in front of Part-DB, you must configure the trusted proxies IP addresses here (see reverse proxy documentation for more information):
+      # - TRUSTED_PROXIES=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16  
 ```
 
-4. Customize the settings by changing the environment variables (or add new ones). See [Configuration]({% link
+4. Customize the settings by changing the environment variables (or adding new ones). See [Configuration]({% link
    configuration.md %}) for more information.
 5. Inside the folder, run
 
@@ -86,10 +99,10 @@ docker exec --user=www-data partdb php bin/console doctrine:migrations:migrate
 
 and watch for the password output
 
-6. Part-DB is available under `http://localhost:8080` and you can log in with username `admin` and the password shown
+6. Part-DB is available under `http://localhost:8080` and you can log in with the username `admin` and the password shown
    before
 
-The docker image uses a SQLite database and all data (database, uploads and other media) is put into folders relative to
+The docker image uses a SQLite database and all data (database, uploads, and other media) is put into folders relative to
 the docker-compose.yml.
 
 ### MySQL
@@ -123,6 +136,12 @@ services:
       # In docker env logs will be redirected to stderr
       - APP_ENV=docker
 
+       # Uncomment this, if you want to use the automatic database migration feature. With this you have you do not have to
+       # run the doctrine:migrations:migrate commands on installation or upgrade. A database backup is written to the uploads/
+       # folder (under .automigration-backup), so you can restore it, if the migration fails.
+       # This feature is currently experimental, so use it at your own risk!
+       # - DB_AUTOMIGRATE=true
+
       # You can configure Part-DB using environment variables
       # Below you can find the most essential ones predefined
       # However you can add add any other environment configuration you want here
@@ -150,7 +169,8 @@ services:
   database:
     container_name: partdb_database
     image: mysql:8.0
-    command: --default-authentication-plugin=mysql_native_password
+    restart: unless-stopped
+    command: --default-authentication-plugin=mysql_native_password --log-bin-trust-function-creators=1
     environment:
       # Change this Password
       MYSQL_ROOT_PASSWORD: SECRET_ROOT_PASSWORD
@@ -178,25 +198,29 @@ docker exec --user=www-data partdb php bin/console doctrine:migrations:migrate
 
 ## Direct use of docker image
 
-You can use the `jbtronics/part-db1:master` image directly. You have to expose the port 80 to a host port and configure
+You can use the `jbtronics/part-db1:master` image directly. You have to expose port 80 to a host port and configure
 volumes for `/var/www/html/uploads` and `/var/www/html/public/media`.
 
 If you want to use SQLite database (which is default), you have to configure Part-DB to put the database file in a
 mapped volume via the `DATABASE_URL` environment variable.
-For example if you set `DATABASE_URL=sqlite:///%kernel.project_dir%/var/db/app.db` then you will have to map
+For example, if you set `DATABASE_URL=sqlite:///%kernel.project_dir%/var/db/app.db` then you will have to map
 the `/var/www/html/var/db/` folder to the docker container (see docker-compose.yaml for example).
 
-You also have to create the database like described above in step 4.
+You also have to create the database as described above in step 4.
 
 ## Running console commands
 
 You can run the console commands described in README by
 executing `docker exec --user=www-data -it partdb bin/console [command]`
 
+{: .warning }
+> If you run a root console inside the container, and wanna execute commands on the webserver behalf, be sure to use `sudo -E` command (with the `-E` flag) to preserve env variables from the current shell.
+> Otherwise Part-DB console might use the wrong configuration to execute commands.
+
 ## Troubleshooting
 
-*Login not possible. Login page is just reloading and no error message is shown or something like "CSFR token invalid"*:
+*Login is not possible. Login page is just reloading and no error message is shown or something like "CSFR token invalid"*:
 
-Clear all cookies in your browser or use an inkognito tab for Part-DB.
-This related to the fact that Part-DB can not set cookies via HTTP, after some webpage has set cookies before under
-localhost via https. This is a security mechanism of the browser and can not be bypassed by Part-DB.
+Clear all cookies in your browser or use an incognito tab for Part-DB.
+This is related to the fact that Part-DB can not set cookies via HTTP after some webpages have set cookies before under
+localhost via HTTPS. This is a security mechanism of the browser and can not be bypassed by Part-DB.

docs/installation/installation_guide-debian.md

@@ -8,9 +8,9 @@ nav_order: 4
 # Part-DB installation guide for Debian 11 (Bullseye)
 
 This guide shows you how to install Part-DB directly on Debian 11 using apache2 and SQLite. This guide should work with
-recent Ubuntu and other Debian based distributions with little to no changes.
+recent Ubuntu and other Debian-based distributions with little to no changes.
 Depending on what you want to do, using the prebuilt docker images may be a better choice, as you don't need to install
-this many dependencies. See [here]({% link installation/installation_docker.md %}) for more information of the docker
+this many dependencies. See [here]({% link installation/installation_docker.md %}) for more information on the docker
 installation.
 
 {: .warning }
@@ -18,6 +18,9 @@ installation.
 > network.
 > If you want to expose Part-DB to the internet, you HAVE to configure an SSL connection!
 
+It is recommended to install Part-DB on a 64-bit system, as the 32-bit version of PHP is affected by the 
+[Year 2038 problem](https://en.wikipedia.org/wiki/Year_2038_problem) and can not handle dates after 2038 correctly.
+
 ## Installation with SQLite database
 
 ### Install prerequisites
@@ -30,8 +33,8 @@ sudo apt install git curl zip ca-certificates software-properties-common apt-tra
 
 ### Install PHP and apache2
 
-Part-DB is written in [PHP](https://php.net) and therefore needs an PHP interpreter to run. Part-DB needs PHP 8.1 or
-higher, however it is recommended to use the most recent version of PHP for performance reasons and future
+Part-DB is written in [PHP](https://php.net) and therefore needs a PHP interpreter to run. Part-DB needs PHP 8.1 or
+higher. However, it is recommended to use the most recent version of PHP for performance reasons and future
 compatibility.
 
 As Debian 11 does not ship PHP 8.1 in its default repositories, we have to add a repository for it. You can skip this
@@ -46,7 +49,7 @@ sudo curl -sSL https://packages.sury.org/php/README.txt | sudo bash -x
 sudo apt update && sudo apt upgrade
 ```
 
-Now you can install PHP 8.1 and required packages (change the 8.1 in the package version according to the version you
+Now you can install PHP 8.1 and the required packages (change the 8.1 in the package version according to the version you
 want to use):
 
 ```bash
@@ -57,8 +60,8 @@ The apache2 webserver should be already installed with this command and configur
 
 ### Install composer
 
-Part-DB uses [composer](https://getcomposer.org/) to install required PHP libraries. As the versions shipped in the
-repositories is pretty old we install it manually:
+Part-DB uses [composer](https://getcomposer.org/) to install required PHP libraries. As the version shipped in the
+repositories is pretty old, we will install it manually:
 
 ```bash
 # Download composer installer script
@@ -72,7 +75,7 @@ chmod +x /usr/local/bin/composer
 ### Install yarn and nodejs
 
 To build the front end (the user interface) Part-DB uses [yarn](https://yarnpkg.com/). As it depends on Node.js and the
-shipped versions are pretty old, we install new versions from official Node.js repository:
+shipped versions are pretty old, we install new versions from the official Node.js repository:
 
 ```bash
 # Add recent node repository (nodejs 18 is supported until 2025)
@@ -102,7 +105,7 @@ later.
 git clone https://github.com/Part-DB/Part-DB-symfony.git /var/www/partdb
 ```
 
-By default, you are now on the latest development version. In most cases you want to use the latest stable version. You
+By default, you are now on the latest development version. In most cases, you want to use the latest stable version. You
 can switch to the latest stable version (tagged) by running the following command:
 
 ```bash
@@ -110,7 +113,7 @@ can switch to the latest stable version (tagged) by running the following comman
 git checkout $(git describe --tags $(git rev-list --tags --max-count=1))
 ```
 
-Alternatively you can check out a specific version by running (
+Alternatively, you can check out a specific version by running (
 see [GitHub Releases page](https://github.com/Part-DB/Part-DB-server/releases) for a list of available versions):
 
 ```bash
@@ -176,12 +179,12 @@ To check if everything is installed, run the following command:
 sudo -u www-data php bin/console partdb:check-requirements
 ```
 
-The most things should be green, and no red ones. Yellow messages means optional dependencies which are not important
+Most things should be green, and no red ones. Yellow messages mean optional dependencies which are not important
 but can improve performance and functionality.
 
 ### Create a database for Part-DB
 
-Part-DB by default uses a file based sqlite database to store the data. Use the following command to create the
+Part-DB by default uses a file-based SQLite database to store the data. Use the following command to create the
 database. The database will normally be created at `/var/www/partdb/var/app.db`.
 
 ```bash
@@ -191,8 +194,7 @@ sudo -u www-data php bin/console doctrine:migrations:migrate
 The command will warn you about schema changes and potential data loss. Continue with typing `yes`.
 
 The command will output several lines of information. Somewhere should be a yellow background message
-like `The initial password for the "admin" user is: f502481134`. Write down this password as you will need it later for
-initial login.
+like `The initial password for the "admin" user is: f502481134`. Write down this password as you will need it later for the initial login.
 
 ### Configure apache2 to show Part-DB
 
@@ -248,7 +250,7 @@ sudo service apache2 restart
 ```
 
 and Part-DB should now be available under `http://YourServerIP` (or `http://partdb.lan` if you configured DNS in your
-network to point on the server).
+network to point to the server).
 
 ### Login to Part-DB
 
@@ -288,7 +290,7 @@ sudo -u www-data php bin/console cache:clear
 
 ## MySQL/MariaDB database
 
-To use a MySQL database, follow the steps from above (except the creation of database, we will do this later).
+To use a MySQL database, follow the steps from above (except the creation of the database, we will do this later).
 Debian 11 does not ship MySQL in its repositories anymore, so we use the compatible MariaDB instead:
 
 1. Install maria-db with:
@@ -340,7 +342,7 @@ exit
    Change it to the following (you have to replace `YOUR_SECRET_PASSWORD` with the password you have chosen in step 3):
 
 ```
-DATABASE_URL=DATABASE_URL=mysql://partdb:YOUR_SECRET_PASSWORD@127.0.0.1:3306/partdb
+DATABASE_URL=mysql://partdb:YOUR_SECRET_PASSWORD@127.0.0.1:3306/partdb
 ```
 
 5. Create the database schema with:

docs/installation/kubernetes.md

@@ -0,0 +1,42 @@
+---
+title: Kubernetes / Helm
+layout: default
+parent: Installation
+nav_order: 5
+---
+
+# Kubernetes / Helm Charts
+
+If you are using Kubernetes, you can use the [helm charts](https://helm.sh/) provided in this [repository](https://github.com/Part-DB/helm-charts).
+
+## Usage
+
+[Helm](https://helm.sh) must be installed to use the charts.  Please refer to
+Helm's [documentation](https://helm.sh/docs) to get started.
+
+Once Helm has been set up correctly, add the repo as follows:
+
+`helm repo add part-db https://part-db.github.io/helm-charts`
+
+If you had already added this repo earlier, run `helm repo update` to retrieve
+the latest versions of the packages.  You can then run `helm search repo
+part-db` to see the charts.
+
+To install the part-db chart:
+
+    helm install my-part-db part-db/part-db
+
+To uninstall the chart:
+
+    helm delete my-part-db
+
+This repository is also available at [ArtifactHUB](https://artifacthub.io/packages/search?repo=part-db).
+
+## Configuration
+
+See the README in the [chart directory](https://github.com/Part-DB/helm-charts/tree/main/charts/part-db) for more
+information on the available configuration options.
+
+## Bugreports
+
+If you find issues related to the helm charts, please open an issue in the [helm-charts repository](https://github.com/Part-DB/helm-charts).

docs/installation/nginx.md

@@ -13,7 +13,7 @@ configured.
 
 ## Setup
 
-1. Install composer and yarn like described in the [apache guide]({% link installation/installation_guide-debian.md
+1. Install composer and yarn as described in the [apache guide]({% link installation/installation_guide-debian.md
    %}#install-composer).
 2. Create a folder for Part-DB and install and configure it as described
 3. Instead of creating the config for apache, add the following snippet to your nginx config:
@@ -53,6 +53,11 @@ server {
         return 404;
     }
     
+    # Set Content-Security-Policy for svg files, to block embedded javascript in there
+    location ~* \.svg$ {
+        add_header Content-Security-Policy "default-src 'self'; script-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'none';";
+    }
+
     error_log /var/log/nginx/parts.error.log;
     access_log /var/log/nginx/parts.access.log;
 

docs/installation/proxmox.md

@@ -0,0 +1,31 @@
+---
+title: Proxmox VE LXC
+layout: default
+parent: Installation
+nav_order: 6
+---
+
+# Proxmox VE LXC
+
+{: .warning }
+> The proxmox VE LXC script for Part-DB is developed and maintained by [Proxmox VE Helper-Scripts](https://community-scripts.github.io/ProxmoxVE/)
+> and not by the Part-DB developers. Keep in mind that the script is not officially supported by the Part-DB developers.
+
+If you are using Proxmox VE you can use the scripts provided by [Proxmox VE Helper-Scripts community](https://community-scripts.github.io/ProxmoxVE/scripts?id=part-db)
+to easily install Part-DB in a LXC container.
+
+## Usage
+
+To create a new LXC container with Part-DB, you can use the following command in the Proxmox VE shell:
+
+```bash
+bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/part-db.sh)"
+```
+
+The same command can be used to update an existing Part-DB container.
+
+See the [helper script website](https://community-scripts.github.io/ProxmoxVE/scripts?id=part-db) for more information.
+
+## Bugreports
+
+If you find issues related to the proxmox VE LXC script, please open an issue in the [Proxmox VE Helper-Scripts repository](https://github.com/community-scripts/ProxmoxVE).

docs/installation/reverse-proxy.md

@@ -21,3 +21,20 @@ TRUSTED_PROXIES=192.168.2.10
 
 Set the `DEFAULT_URI` environment variable to the URL of your Part-DB installation, available from the outside (so via
 the reverse proxy).
+
+## Part-DB in a subpath via reverse proxy
+
+If you put Part-DB into a subpath via the reverse proxy, you have to configure your webserver to include `X-Forwarded-Prefix` in the request headers.
+For example if you put Part-DB behind a reverse proxy with the URL `https://example.com/partdb`, you have to set the `X-Forwarded-Prefix` header to `/partdb`.
+
+In apache, you can do this by adding the following line to your virtual host configuration:
+
+```
+RequestHeader set X-Forwarded-Prefix "/partdb"
+```
+
+and in nginx, you can do this by adding the following line to your server configuration:
+
+```
+proxy_set_header X-Forwarded-Prefix "/partdb";
+```

docs/installation/saml_sso.md

@@ -48,7 +48,7 @@ the [Keycloak Getting Started Guide](https://www.keycloak.org/docs/latest/gettin
    *It is recommended to set this value to the domain name of your Part-DB installation, with an attached `/sp` (
    e.g. `https://partdb.yourdomain.invalid/sp`)*.
    The name field should be set to something human-readable, like `Part-DB`.
-3. Click on `Save` to create the new client.
+3. Click on `Save` to create a new client.
 
 ### Configure the SAML client
 
@@ -56,7 +56,7 @@ the [Keycloak Getting Started Guide](https://www.keycloak.org/docs/latest/gettin
     * Set `Home URL` to the homepage of your Part-DB installation (e.g. `https://partdb.yourdomain.invalid/`).
     * Set `Valid redirect URIs` to your homepage with a wildcard at the end (
       e.g. `https://partdb.yourdomain.invalid/*`).
-    * Set `Valid post logout redirect URIs` to `+` to allow all urls from the `Valid redirect URIs`.
+    * Set `Valid post logout redirect URIs` to `+` to allow all URLs from the `Valid redirect URIs`.
     * Set `Name ID format` to `username`
     * Ensure `Force POST binding` is enabled.
     * Ensure `Sign documents` is enabled.
@@ -136,7 +136,7 @@ as the SAML user, but no password set. The user will be marked as a SAML user, s
 future. However, in other aspects the user is a normal user, so Part-DB admins can set permissions for SAML users like
 for any other user and override permissions assigned via groups.
 
-For large organizations you maybe want to automatically assign permissions to SAML users based on the roles or
+For large organizations, you maybe want to automatically assign permissions to SAML users based on the roles or
 groups configured in the identity provider. For this purpose Part-DB allows you to map SAML roles or groups to Part-DB
 groups. See the next section for details.
 
@@ -144,11 +144,11 @@ groups. See the next section for details.
 
 Part-DB allows you to configure a mapping between SAML roles or groups and Part-DB groups. This allows you to
 automatically assign permissions to SAML users based on the roles or groups configured in the identity provider. For
-example if a user at your SAML provider has the role `admin`, you can configure Part-DB to assign the `admin` group to
+example, if a user at your SAML provider has the role `admin`, you can configure Part-DB to assign the `admin` group to
 this user. This will give the user all permissions of the `admin` group.
 
-For this you need first have to create the groups in Part-DB, to which you want to assign the users and configure their
-permissions. You will need the IDs of the groups, which you can find in the `System->Group` page of Part-DB in the Info
+For this, you need first have to create the groups in Part-DB, to which you want to assign the users and configure their
+permissions. You will need the IDs of the groups, which you can find on the `System->Group` page of Part-DB in the Info
 tab.
 
 The map is provided as [JSON](https://en.wikipedia.org/wiki/JSON) encoded map between the SAML role and the group ID,
@@ -158,7 +158,7 @@ you can configure via the `.env.local` or `docker-compose.yml` file. Please note
 string in single quotes here, as JSON itself uses double quotes (
 e.g. `SAML_ROLE_MAPPING='{ "*": 2, "editor": 3, "admin": 1 }`).
 
-For example if you want to assign the group with ID 1 (by default admin) to every SAML user which has the role `admin`,
+For example, if you want to assign the group with ID 1 (by default admin) to every SAML user which has the role `admin`,
 the role with ID 3 (by default editor) to every SAML user with the role `editor` and everybody else to the group with ID
 2 (by default readonly), you can configure the following map:
 
@@ -176,9 +176,9 @@ If you want to assign users with a certain role to an empty group, provide the g
 valid group ID, so the user will not be assigned to any group.
 
 The SAML roles (or groups depending on your configuration), have to be supplied via a SAML attribute `group`. You have
-to configure your SAML identity provider to provide this attribute. For example in Keycloak you can configure this
-attribute in the `Client scopes` page. Select the `sp-dedicated` client scope (or create a new one) and click
-on `Add mappers`. Select `Role mapping` or `Group membership`, change the field name and click `Add`. Now Part-DB will
+to configure your SAML identity provider to provide this attribute. For example, in Keycloak you can configure this
+attribute on the `Client scopes` page. Select the `sp-dedicated` client scope (or create a new one) and click
+on `Add mappers`. Select `Role mapping` or `Group membership`, change the field name, and click `Add`. Now Part-DB will
 be provided with the groups of the user based on the Keycloak user database.
 
 By default, the group is assigned to the user on the first login and updated on every login based on the SAML
@@ -203,12 +203,12 @@ provide these attributes, you can use to automatically fill the corresponding fi
 
 ## Use SAML Login for existing users
 
-Part-DB distinguishes between local users and SAML users. Local users are users, which can log in via Part-DB login form
-and which use the password (hash) saved in the Part-DB database. SAML users are stored in the database too (they are
+Part-DB distinguishes between local users and SAML users. Local users are users, that can log in via the Part-DB login form
+and use the password (hash) saved in the Part-DB database. SAML users are stored in the database too (they are
 created on the first login of the user via SAML), but they use the SAML identity provider to authenticate the user and
 have no password stored in the database. When you try you will get an error message.
 
-For security reasons it is not possible to authenticate via SAML as a local user (and vice versa). So if you have
+For security reasons, it is not possible to authenticate via SAML as a local user (and vice versa). So if you have
 existing users in your Part-DB database and want them to be able to log in via SAML in the future, you can use
 the `php bin/console partdb:user:convert-to-saml-user username` command to convert them to SAML users. This will remove
 the password hash from the database and mark them as SAML users, so they can log in via SAML in the future.
@@ -230,3 +230,8 @@ Normally you don't have to change anything here.
 Please note that this file is not saved by the Part-DB backup tool, so you have to save it manually if you want to keep
 your changes. On docker containers you have to configure a volume mapping for it.
 
+## SAML behind a reverse proxy
+
+If you are running Part-DB behind a reverse proxy, configure the `TRUSTED_PROXIES` environment and other reverse proxy
+settings as described in the [reverse proxy guide]({% link installation/reverse-proxy.md %}).
+If you want to use SAML you also need to set `SAML_BEHIND_PROXY` to `true` to enable the SAML proxy mode.

docs/partkeepr_migration.md

@@ -12,34 +12,34 @@ nav_order: 101
 This guide describes how to migrate from [PartKeepr](https://partkeepr.org/) to Part-DB.
 
 Part-DB has a built-in migration tool, which can be used to migrate the data from an existing PartKeepr instance to
-a new Part-DB instance. Most of the data can be migrated, however there are some limitations, you can find below.
+a new Part-DB instance. Most of the data can be migrated, however, there are some limitations, that you can find below.
 
 ## What can be imported
 
 * Data structures (Categories, Footprints, Storage Locations, Manufacturers, Distributors, Part Measurement Units)
-* Basic part information's (Name, Description, Comment, etc.)
-* Attachments and images of parts, projects, footprints, manufacturers and storage locations
+* Basic part information (Name, Description, Comment, etc.)
+* Attachments and images of parts, projects, footprints, manufacturers, and storage locations
 * Part prices (distributor infos)
 * Part parameters
 * Projects (including parts and attachments)
-* Users (optional): Passwords however will be not migrated, and need to be reset later
+* Users (optional): Passwords however will not be migrated, and need to be reset later
 
 ## What can't be imported
 
-* Metaparts (A dummy version of the metapart will be created in Part-DB, however it will not function as metapart)
+* Metaparts (A dummy version of the metapart will be created in Part-DB, however, it will not function as metapart)
 * Multiple manufacturers per part (only the last manufacturer of a part will be migrated)
-* Overage information for project parts (the overage info will be set as comment in the project BOM, but will have no
+* Overage information for project parts (the overage info will be set as a comment in the project BOM, but will have no
   effect)
 * Batch Jobs
 * Parameter Units (the units will be written into the parameters)
 * Project Reports and Project Runs
-* Stock history
+* Stock History
 * Any kind of PartKeepr preferences
 
 ## How to migrate
 
-1. Install Part-DB like described in the installation guide. You can use any database backend you want (mysql or
-   sqlite). Run the database migration, but do not create any new data yet.
+1. Install Part-DB as described in the installation guide. You can use any database backend you want (MySQL or
+   SQLite). Run the database migration, but do not create any new data yet.
 2. Export your PartKeepr database as XML file using [mysqldump](https://dev.mysql.com/doc/refman/8.0/en/mysqldump.html):
    When the MySQL database is running on the local computer, and you are root you can just run the
    command `mysqldump --xml PARTKEEPR_DATABASE --result-file pk.xml`.
@@ -47,7 +47,7 @@ a new Part-DB instance. Most of the data can be migrated, however there are some
    run `mysqldump --xml -h PARTKEEPR_HOST -u PARTKEEPR_USER -p PARTKEEPR_DATABASE`, where you replace `PARTKEEPR_HOST`
    with the hostname of your MySQL database and `PARTKEEPR_USER` with the username of MySQL user which has access to the
    PartKeepr database. You will be asked for the MySQL user password.
-3. Go the Part-DB main folder and run the command `php bin/console partdb:migrations:import-partkeepr path/to/pk.xml`.
+3. Go to the Part-DB main folder and run the command `php bin/console partdb:migrations:import-partkeepr path/to/pk.xml`.
    This step will delete all existing data in the Part-DB database and import the contents of PartKeepr.
 4. Copy the contents of `data/files/` from your PartKeepr installation to the `uploads/` folder of your Part-DB
    installation and the contents of `data/images` from PartKeepr to `public/media/` of Part-DB.
@@ -63,5 +63,5 @@ option on the database import command (step 3):
 
 All imported users of PartKeepr will be assigned to a new group "PartKeepr Users", which has normal user permissions (so
 editing data, but no administrative tasks). You can change the group and permissions later in Part-DB users management.
-Passwords can not be imported from PartKeepr and all imported users get marked as disabled user. So to allow users to
+Passwords can not be imported from PartKeepr and all imported users get marked as disabled. So to allow users to
 log in, you need to enable them in the user management and assign a password.

docs/troubleshooting.md

@@ -16,7 +16,7 @@ on how to fix the problem. If you have a problem that is not listed here, please
 
 If you encounter an error, try the following steps:
 
-* Clear cache of Part-DB with the console command:
+* Clear the cache of Part-DB with the console command:
 
 ```bash
 php bin/console cache:clear
@@ -30,7 +30,7 @@ php bin/console doctrine:migrations:migrate
 
 If this does not help, please [open an issue on GitHub](https://github.com/Part-DB/Part-DB-symfony).
 
-## Search for user and reset password:
+## Search for the user and reset the password:
 
 You can list all users with the following command: `php bin/console partdb:users:list`
 To reset the password of a user you can use the following

docs/upgrade_legacy.md

@@ -16,37 +16,34 @@ sections carefully before proceeding to upgrade.
 
 ## Changes
 
-* PHP 7.4 or higher is required now (Part-DB 0.5 required PHP 5.4+, Part-DB 0.6 PHP 7.0).
-  PHP 7.4 (or newer) is shipped by all current major Linux distros now (and can be installed by third party sources on
-  others),
-  Releases are available for Windows too, so almost everybody should be able to use PHP 7.4
-* **Console access highly required.** The installation of composer and frontend dependencies require console access,
-  also more sensitive stuff like database migration work via CLI now, so you should have console access on your server.
+* PHP 8.1 or higher is required now (Part-DB 0.5 required PHP 5.4+, Part-DB 0.6 PHP 7.0).
+  Releases are available for Windows too, so almost everybody should be able to use PHP 8.1
+* **Console access is highly recommended.** The installation of composer and frontend dependencies require console access,
+  also more sensitive stuff like database migration works via CLI now, so you should have console access on your server.
 * Markdown/HTML is now used instead of BBCode for rich text in description and command fields.
   It is possible to migrate your existing BBCode to Markdown
   via `php bin/console php bin/console partdb:migrations:convert-bbcode`.
-* Server exceptions are not logged to event log anymore. For security reasons (exceptions can contain sensitive
-  information)
-  exceptions are only logged to server log (by default under './var/log'), so only the server admins can access it.
-* Profile labels are now saved in Database (before they were saved in a separate JSON file). **The profiles of legacy
+* Server exceptions are not logged into event log anymore. For security reasons (exceptions can contain sensitive
+  information) exceptions are only logged to server log (by default under './var/log'), so only the server admins can access it.
+* Profile labels are now saved in the database (before they were saved in a separate JSON file). **The profiles of legacy
   Part-DB versions can not be imported into new Part-DB 1.0**
-* Label placeholders now use the `[[PLACEHOLDER]]` format instead of `%PLACEHOLDER%`. Also, some placeholders has
+* Label placeholders now use the `[[PLACEHOLDER]]` format instead of `%PLACEHOLDER%`. Also, some placeholders have
   changed.
-* Configuration is now done via configuration files / environment variables instead of the WebUI (this maybe change in
+* Configuration is now done via configuration files/environment variables instead of the WebUI (this may change in
   the future).
-* Database updated are now done via console instead of the WebUI
+* Database updates are now done via console instead of the WebUI
 * Permission system changed: **You will have to newly set the permissions of all users and groups!**
-* Import / Export file format changed. Fields must be english now (unlike in legacy Part-DB versions, where german
+* Import / Export file format changed. Fields must be English now (unlike in legacy Part-DB versions, where German
   fields in CSV were possible)
-  and you maybe have to change the header line/field names of your CSV files.
+  and you may have to change the header line/field names of your CSV files.
 
 ## Missing features
 
-* No possibility to mark parts for ordering (yet)
+* No possibility of marking parts for ordering (yet)
 * No support for 3D models of footprints (yet)
-* No possibility to disable footprints, manufacturers globally (or per category). This should not have a big impact,
+* No possibility to disable footprints, manufacturers globally (or per category). This should not have a big impact
   when you forbid users to edit/create them.
-* No resistor calculator or SMD labels tools
+* No resistor calculator or SMD label tools
 
 ## Upgrade process
 
@@ -58,12 +55,12 @@ sections carefully before proceeding to upgrade.
 > Beware that all user and group permissions will be reset, and you have to set the permissions again
 > the new Part-DB as many permissions changed, and automatic migration is not possible.
 
-1. Upgrade your existing Part-DB version the newest Part-DB 0.5.* version (at the moment Part-DB 0.5.8), like described
+1. Upgrade your existing Part-DB version the newest Part-DB 0.5.* version (at the moment Part-DB 0.5.8), as described
    in the old Part-DB's repository.
 2. Make a backup of your database and attachments. If something goes wrong during migration, you can use this backup to
    start over. If you have some more complex permission configuration, you maybe want to do screenshots of it, so you
    can redo it again later.
-3. Set up the new Part-DB like described in installation section. You will need to do the setup for a MySQL instance (
+3. Set up the new Part-DB as described in the installation section. You will need to do the setup for a MySQL instance (
    either via docker or direct installation). Set the `DATABASE_URL` environment variable in your `.env.local` (
    or `docker-compose.yaml`) to your existing database. (
    e.g. `DATABASE_URL=mysql://PARTDB_USER:PASSWORD@localhost:3306/DATABASE_NAME`)

docs/usage/backup_restore.md

@@ -7,8 +7,8 @@ parent: Usage
 # Backup and Restore Data
 
 When working productively you should back up the data and configuration of Part-DB regularly to prevent data loss. This
-is also useful, if you want to migrate your Part-DB instance from one server to another. In that case you just have to
-back up the data on server 1, move the backup to server 2, install Part-DB on server 2 and restore the backup.
+is also useful if you want to migrate your Part-DB instance from one server to another. In that case, you just have to
+back up the data on server 1, move the backup to server 2, install Part-DB on server 2, and restore the backup.
 
 ## Backup (automatic / Part-DB supported)
 
@@ -23,11 +23,11 @@ To back up all possible data, run the following
 command: `php bin/console partdb:backup --full /path/to/backup/partdb_backup.zip`.
 
 It is possible to do only partial backups (config, attachments, or database). See `php bin/console partdb:backup --help`
-for more infos about these options.
+for more info about these options.
 
 ## Backup (manual)
 
-There are 3 parts which have to be backup-ed: The configuration files, which contains the instance specific options, the
+3 parts have to be backup-ed: The configuration files, which contain the instance-specific options, the
 uploaded files of attachments, and the database containing the most data of Part-DB.
 Everything else like thumbnails and cache files, are recreated automatically when needed.
 
@@ -42,7 +42,7 @@ You have to recursively copy the `uploads/` folder and the `public/media` folder
 
 ### Database
 
-#### Sqlite
+#### SQLite
 
 If you are using sqlite, it is sufficient to just copy your `app.db` from your database location (normally `var/app.db`)
 to your backup location.
@@ -55,8 +55,8 @@ interface (`mysqldump -uBACKUP -pPASSWORD DATABASE`)
 
 ## Restore
 
-Install Part-DB as usual as described in the installation section, except the database creation / migration part. You
-have to use the same database type (sqlite or mysql) as on the back-up server instance.
+Install Part-DB as usual as described in the installation section, except for the database creation/migration part. You
+have to use the same database type (SQLite or MySQL) as on the backuped server instance.
 
 ### Restore configuration
 
@@ -69,7 +69,7 @@ Copy the `uploads/` and the `public/media/` folder from your backup into your ne
 
 ### Restore database
 
-#### Sqlite
+#### SQLite
 
 Copy the backup-ed `app.db` into the database folder normally `var/app.db` in Part-DB root folder.