Merge pull request #11771 from firefly-iii/release-1771652323

🤖 Automatically merge the PR into the develop branch.

.ci/php-cs-fixer/.php-cs-fixer.php

@@ -43,6 +43,7 @@ return $config->setRules(
         // rule sets
         '@PHP8x3Migration'               => true,
         '@PHP8x4Migration'               => true,
+        '@PHP8x5Migration'               => true,
         '@PhpCsFixer'                   => true,
         '@PhpCsFixer:risky'             => true,
         '@PSR12'                        => true,

.ci/php-cs-fixer/composer.json

@@ -1,5 +1,6 @@
 {
     "require": {
+        "php": ">=8.5.0",
         "friendsofphp/php-cs-fixer": "^3.12"
     }
 }

.ci/php-cs-fixer/composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "f1e0b38af4ded66da271a99d2bff5be8",
+    "content-hash": "35b5ad9b3c4e1ffe78ef9bec73987499",
     "packages": [
         {
             "name": "clue/ndjson-react",
@@ -402,16 +402,16 @@
         },
         {
             "name": "friendsofphp/php-cs-fixer",
-            "version": "v3.94.0",
+            "version": "v3.94.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git",
-                "reference": "883b20fb38c7866de9844ab6d0a205c423bde2d4"
+                "reference": "7787ceff91365ba7d623ec410b8f429cdebb4f63"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/883b20fb38c7866de9844ab6d0a205c423bde2d4",
-                "reference": "883b20fb38c7866de9844ab6d0a205c423bde2d4",
+                "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/7787ceff91365ba7d623ec410b8f429cdebb4f63",
+                "reference": "7787ceff91365ba7d623ec410b8f429cdebb4f63",
                 "shasum": ""
             },
             "require": {
@@ -494,7 +494,7 @@
             ],
             "support": {
                 "issues": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues",
-                "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.94.0"
+                "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.94.2"
             },
             "funding": [
                 {
@@ -502,7 +502,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2026-02-11T16:44:33+00:00"
+            "time": "2026-02-20T16:13:53+00:00"
         },
         {
             "name": "psr/container",
@@ -2683,7 +2683,9 @@
     "stability-flags": {},
     "prefer-stable": false,
     "prefer-lowest": false,
-    "platform": {},
+    "platform": {
+        "php": ">=8.5.0"
+    },
     "platform-dev": {},
     "plugin-api-version": "2.9.0"
 }

.github/mergify.yml

@@ -1,11 +1,4 @@
 pull_request_rules:
-  - name: Make sure PR are up to date before merging
-    description: This automatically updates PRs when they are out-of-date with the
-      base branch to avoid semantic conflicts (next step is using a merge
-      queue).
-    conditions: []
-    actions:
-      update:
   - name: Close all on main
     conditions:
       - base=main

.github/workflows/release.yml

@@ -10,7 +10,7 @@ on:
       phpversion:
         description: 'PHP version'
         required: true
-        default: '8.4'
+        default: '8.5'
   schedule:
     - cron: '0 3 * * MON'
 
@@ -42,7 +42,7 @@ jobs:
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
-          php-version: ${{ github.event.inputs.phpversion || '8.4' }}
+          php-version: ${{ github.event.inputs.phpversion || '8.5' }}
           extensions: mbstring, intl, zip, bcmath
       - name: Switch and pull
         run: |

app/Api/V1/Requests/Data/Bulk/TransactionRequest.php

@@ -61,7 +61,7 @@ class TransactionRequest extends FormRequest
 
     public function rules(): array
     {
-        return ['query' => ['required', 'min:1', 'max:255', 'json', new IsValidBulkClause(ClauseType::TRANSACTION)]];
+        return ['query' => ['required', 'min:1', 'max:255', 'json', new IsValidBulkClause(ClauseType::TRANSACTION->value)]];
     }
 
     public function withValidator(Validator $validator): void

app/Api/V1/Requests/Models/TransactionCurrency/UpdateRequest.php

@@ -63,6 +63,9 @@ class UpdateRequest extends FormRequest
     {
         /** @var TransactionCurrency $currency */
         $currency = $this->route()->parameter('currency_code');
+        if (is_string($currency)) {
+            $currency = TransactionCurrency::whereCode($currency)->first();
+        }
 
         return [
             'name'           => sprintf('min:1|max:255|unique:transaction_currencies,name,%d', $currency->id),

app/Console/Commands/Correction/CorrectsGroupAccounts.php

@@ -56,8 +56,8 @@ class CorrectsGroupAccounts extends Command
             }
         }
         $flags                    = new TransactionGroupEventFlags();
-        $flags->applyRules        = true;
-        $flags->fireWebhooks      = true;
+        $flags->applyRules        = false;
+        $flags->fireWebhooks      = false;
         $flags->recalculateCredit = true;
         $objects                  = new TransactionGroupEventObjects();
         foreach ($groups as $groupId) {

app/Console/Commands/System/CreatesDatabase.php

@@ -25,6 +25,7 @@ declare(strict_types=1);
 namespace FireflyIII\Console\Commands\System;
 
 use FireflyIII\Console\Commands\ShowsFriendlyMessages;
+use FireflyIII\Console\Commands\Tools\VerifiesDatabaseConnectionTrait;
 use Illuminate\Console\Command;
 use PDO;
 use PDOException;
@@ -32,6 +33,7 @@ use PDOException;
 class CreatesDatabase extends Command
 {
     use ShowsFriendlyMessages;
+    use VerifiesDatabaseConnectionTrait;
 
     protected $description = 'Tries to create the database if it doesn\'t exist yet.';
 
@@ -39,21 +41,27 @@ class CreatesDatabase extends Command
 
     public function handle(): int
     {
-        if ('mysql' !== env('DB_CONNECTION')) { // @phpstan-ignore larastan.noEnvCallsOutsideOfConfig */
-            $this->friendlyInfo(sprintf('CreateDB does not apply to "%s", skipped.', env('DB_CONNECTION')));
+        $connected = $this->verifyDatabaseConnection();
+        if (!$connected) {
+            $this->friendlyError('Failed to connect to the database. Is it up?');
+
+            return Command::FAILURE;
+        }
+        if ('mysql' !== config('database.default')) {
+            $this->friendlyInfo(sprintf('CreateDB does not apply to "%s", skipped.', config('database.default')));
 
             return 0;
         }
         // try to set up a raw connection:
-        $exists  = false;
-        $dsn     = sprintf('mysql:host=%s;port=%d;charset=utf8mb4', env('DB_HOST'), env('DB_PORT'));
+        $exists    = false;
+        $dsn       = sprintf('mysql:host=%s;port=%d;charset=utf8mb4', env('DB_HOST'), env('DB_PORT'));
 
         if ('' !== (string) env('DB_SOCKET')) {
             $dsn = sprintf('mysql:unix_socket=%s;charset=utf8mb4', env('DB_SOCKET'));
         }
         $this->friendlyLine(sprintf('DSN is %s', $dsn));
 
-        $options = [
+        $options   = [
             PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
             PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
             PDO::ATTR_EMULATE_PREPARES   => false,
@@ -71,7 +79,7 @@ class CreatesDatabase extends Command
         // only continue when no error.
         // with PDO, try to list DB's (
         /** @var array $stmt */
-        $stmt    = $pdo->query('SHOW DATABASES;');
+        $stmt      = $pdo->query('SHOW DATABASES;');
         // slightly more complex but less error-prone.
         foreach ($stmt as $row) {
             $name = $row['Database'] ?? false;

app/Console/Commands/Tools/ChecksForUpdates.php

@@ -0,0 +1,99 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * ChecksForUpdates.php
+ * Copyright (c) 2026 james@firefly-iii.org
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace FireflyIII\Console\Commands\Tools;
+
+use Carbon\Carbon;
+use FireflyIII\Console\Commands\ShowsFriendlyMessages;
+use FireflyIII\Services\FireflyIIIOrg\Update\UpdateRequestInterface;
+use FireflyIII\Support\Facades\FireflyConfig;
+use Illuminate\Console\Command;
+
+class ChecksForUpdates extends Command
+{
+    use ShowsFriendlyMessages;
+
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature   = 'firefly-iii:check-for-updates {--force}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Checks for Firefly III updates';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $build      = Carbon::createFromTimestamp(config('firefly.build_time'), config('app.timezone'));
+        $version    = config('firefly.version');
+
+        $this->friendlyLine(sprintf('You are running version "%s", built on %s', $version, $build->format('Y-m-d H:i')));
+        $permission = FireflyConfig::get('permission_update_check', -1)->data;
+        if (1 !== $permission && false === $this->option('force')) {
+            $this->friendlyWarning('Checking for updates is disabled. To overrule, use --force.');
+
+            return Command::SUCCESS;
+        }
+        if (str_contains(config('firefly.version'), 'develop')) {
+            $this->friendlyWarning('You are running a development version.');
+        }
+
+        /** @var UpdateRequestInterface $request */
+        $request    = app(UpdateRequestInterface::class);
+        // stable, alpha or beta
+        $info       = $request->getUpdateInformation($version, $build, 'stable');
+
+        if ('' !== $info->getError()) {
+            $this->friendlyError($info->getError());
+
+            return Command::FAILURE;
+        }
+        if (!$info->isNewVersionAvailable()) {
+            $this->friendlyInfo(trans('firefly.no_new_release_available'));
+
+            return Command::SUCCESS;
+        }
+        // if running develop, slightly different message.
+        if (str_contains($version, 'develop')) {
+            $this->friendlyInfo(trans('firefly.update_current_dev_older', ['version'     => $version, 'new_version' => $info->getNewVersion()]));
+
+            return Command::SUCCESS;
+        }
+        $this->friendlyInfo(trans('firefly.update_new_version_alert', [
+            'your_version' => $version,
+            'new_version'  => $info->getNewVersion(),
+            'date'         => $info->getPublishedAt()->format('Y-m-d H:i:s'),
+        ]));
+
+        return Command::SUCCESS;
+    }
+}

app/Console/Commands/Tools/VerifiesDatabaseConnection.php

@@ -0,0 +1,64 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * VerifiesDatabaseConnection.php
+ * Copyright (c) 2026 james@firefly-iii.org
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace FireflyIII\Console\Commands\Tools;
+
+use FireflyIII\Console\Commands\ShowsFriendlyMessages;
+use Illuminate\Console\Command;
+
+class VerifiesDatabaseConnection extends Command
+{
+    use ShowsFriendlyMessages;
+    use VerifiesDatabaseConnectionTrait;
+
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature   = 'firefly-iii:verify-database-connection';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command tries to connect to the database.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $connected = $this->verifyDatabaseConnection();
+        if ($connected) {
+            $this->friendlyPositive('Connected to the database.');
+
+            return Command::SUCCESS;
+        }
+        $this->friendlyError('Failed to connect to the database. Is it up?');
+
+        return Command::FAILURE;
+    }
+}

app/Console/Commands/Tools/VerifiesDatabaseConnectionTrait.php

@@ -0,0 +1,66 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * VerifiesDatabaseConnectionTrait.php
+ * Copyright (c) 2026 james@firefly-iii.org
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace FireflyIII\Console\Commands\Tools;
+
+use Exception;
+use Illuminate\Database\QueryException;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
+
+trait VerifiesDatabaseConnectionTrait
+{
+    protected function verifyDatabaseConnection(): bool
+    {
+        $loops     = 30;
+        $loop      = 0;
+        $queries   = ['pgsql'  => 'SELECT * FROM pg_catalog.pg_tables;', 'sqlite' => 'SELECT name FROM sqlite_schema;', 'mysql'  => 'SHOW TABLES;'];
+        $default   = config('database.default');
+        if (!array_key_exists($default, $queries)) {
+            $this->friendlyWarning(sprintf('Cannot validate database connection for "%s"', $default));
+
+            return true;
+        }
+        $query     = $queries[$default];
+        $connected = false;
+        Log::debug(sprintf('Connecting to database "%s"...', config('database.default')));
+        while (!$connected && $loop < $loops) {
+            try {
+                DB::select($query);
+                $connected = true;
+            } catch (QueryException $e) {
+                Log::error(sprintf('Loop #%d: connection failed: %s', $loop, $e->getMessage()));
+                $this->friendlyWarning(sprintf('Database connection attempt #%d failed. Sleep for 10 seconds...', $loop + 1));
+                sleep(10);
+            } catch (Exception $e) {
+                Log::error(sprintf('Loop #%d: not connected yet because of a %s: %s', $loop, get_class($e), $e->getMessage()));
+                $this->friendlyWarning(sprintf('Database connection attempt #%d failed. Sleep for 10 seconds...', $loop + 1));
+                sleep(10);
+            }
+            ++$loop;
+        }
+
+        return $connected;
+    }
+}

app/Console/Commands/Upgrade/UpgradesDatabase.php

@@ -94,6 +94,7 @@ class UpgradesDatabase extends Command
 
     private function callInitialCommands(): void
     {
+        $this->call('firefly-iii:verify-database-connection');
         $this->call('migrate', ['--seed'           => true, '--force'          => true, '--no-interaction' => true]);
         $this->call('upgrade:600-pgsql-sequences');
         $this->call('upgrade:480-decrypt-all');

app/Entities/AccountBalance.php

@@ -1,50 +0,0 @@
-<?php
-
-/*
- * AccountBalance.php
- * Copyright (c) 2024 james@firefly-iii.org.
- *
- * This file is part of Firefly III (https://github.com/firefly-iii).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see https://www.gnu.org/licenses/.
- */
-
-declare(strict_types=1);
-
-namespace FireflyIII\Entities;
-
-use FireflyIII\Models\Account;
-
-class AccountBalance
-{
-    public string $amount;
-    public string $currencyId;
-    public string $id;
-
-    public static function fromArray(): self
-    {
-        $balance             = new self();
-        $balance->id         = (string) random_int(1, 1000);
-        // $balance->name       = (string) random_int(1, 1000);
-        $balance->amount     = (string) random_int(1, 1000);
-        $balance->currencyId = '1';
-
-        return $balance;
-    }
-
-    public function getAccount(): Account
-    {
-        return Account::inRandomOrder()->first();
-    }
-}

app/Enums/ClauseType.php

@@ -27,9 +27,9 @@ namespace FireflyIII\Enums;
 /**
  * Class ClauseType
  */
-class ClauseType
+enum ClauseType: string
 {
-    public const string TRANSACTION = 'transaction';
-    public const string UPDATE      = 'update';
-    public const string WHERE       = 'where';
+    case TRANSACTION = 'transaction';
+    case UPDATE      = 'update';
+    case WHERE       = 'where';
 }

app/Events/Model/TransactionGroup/UserRequestedBatchProcessing.php

@@ -25,13 +25,14 @@ declare(strict_types=1);
 namespace FireflyIII\Events\Model\TransactionGroup;
 
 use FireflyIII\Events\Event;
-use Illuminate\Support\Facades\Log;
 
 class UserRequestedBatchProcessing extends Event
 {
+    public TransactionGroupEventObjects $objects;
+
     public function __construct(
         public TransactionGroupEventFlags $flags
     ) {
-        Log::debug(__METHOD__);
+        $this->objects = new TransactionGroupEventObjects();
     }
 }

app/Exceptions/Handler.php

@@ -208,6 +208,7 @@ class Handler extends ExceptionHandler
         }
 
         Log::debug(sprintf('Error "%s" has no Firefly III treatment, parent will handle.', $e::class));
+        Log::error($e->getMessage());
 
         return parent::render($request, $e);
     }

app/Generator/Chart/Basic/ChartJsGenerator.php

@@ -25,6 +25,7 @@ namespace FireflyIII\Generator\Chart\Basic;
 
 use FireflyIII\Support\ChartColour;
 use FireflyIII\Support\Facades\Steam;
+use Illuminate\Support\Facades\Log;
 
 /**
  * Class ChartJsGenerator.
@@ -92,14 +93,21 @@ class ChartJsGenerator implements GeneratorInterface
      *
      *  // it's five.
      */
-    public function multiSet(array $data): array
+    public function multiSet(array $data, array $labels = []): array
     {
         reset($data);
         $first     = current($data);
         if (!is_array($first)) {
             return [];
         }
-        $labels    = is_array($first['entries']) ? array_keys($first['entries']) : [];
+        Log::debug('Now in multiSet()');
+        if (0 !== count($labels)) {
+            Log::debug('Labels are given: ', $labels);
+        }
+        if (0 === count($labels)) {
+            $labels = is_array($first['entries']) ? array_keys($first['entries']) : [];
+            Log::debug('Labels are generated: ', $labels);
+        }
 
         $chartData = [
             'count'    => count($data),

app/Generator/Chart/Basic/GeneratorInterface.php

@@ -58,7 +58,7 @@ interface GeneratorInterface
      *
      *  // it's five.
      */
-    public function multiSet(array $data): array;
+    public function multiSet(array $data, array $labels = []): array;
 
     /**
      * Expects data as:.

app/Generator/Webhook/StandardMessageGenerator.php

@@ -192,6 +192,7 @@ class StandardMessageGenerator implements MessageGeneratorInterface
             case WebhookResponse::BUDGET->name:
                 $basicMessage['content'] = [];
                 if ($model instanceof Budget) {
+                    $model->refresh();
                     $enrichment              = new BudgetEnrichment();
                     $enrichment->setUser($model->user);
 
@@ -201,6 +202,7 @@ class StandardMessageGenerator implements MessageGeneratorInterface
                     $basicMessage['content'] = $transformer->transform($model);
                 }
                 if ($model instanceof BudgetLimit) {
+                    $model->refresh();
                     $user                    = $model->budget->user;
                     $enrichment              = new BudgetLimitEnrichment();
                     $enrichment->setUser($user);
@@ -224,6 +226,8 @@ class StandardMessageGenerator implements MessageGeneratorInterface
                 break;
 
             case WebhookResponse::TRANSACTIONS->name:
+                $model->refresh();
+
                 /** @var TransactionGroup $model */
                 $transformer             = new TransactionGroupTransformer();
 
@@ -243,6 +247,8 @@ class StandardMessageGenerator implements MessageGeneratorInterface
                 break;
 
             case WebhookResponse::ACCOUNTS->name:
+                $model->refresh();
+
                 /** @var TransactionGroup $model */
                 $accounts                = $this->collectAccounts($model);
                 $enrichment              = new AccountEnrichment();

app/Helpers/Update/UpdateTrait.php

@@ -24,7 +24,9 @@ declare(strict_types=1);
 
 namespace FireflyIII\Helpers\Update;
 
+use Carbon\Carbon;
 use FireflyIII\Services\FireflyIIIOrg\Update\UpdateRequestInterface;
+use FireflyIII\Services\FireflyIIIOrg\Update\UpdateResponse;
 use FireflyIII\Support\Facades\FireflyConfig;
 use Illuminate\Support\Facades\Log;
 
@@ -38,7 +40,7 @@ trait UpdateTrait
      * 'message' => 'A new version is available.
      * 'level' => 'info' / 'success' / 'error'
      */
-    public function getLatestRelease(): array
+    public function getLatestRelease(): UpdateResponse
     {
         Log::debug('Now in getLatestRelease()');
 
@@ -46,7 +48,9 @@ trait UpdateTrait
         $checker       = app(UpdateRequestInterface::class);
         $channelConfig = FireflyConfig::get('update_channel', 'stable');
         $channel       = (string) $channelConfig->data;
+        $build         = Carbon::createFromTimestamp(config('firefly.build_time'), config('app.timezone'));
+        $version       = config('firefly.version');
 
-        return $checker->getUpdateInformation($channel);
+        return $checker->getUpdateInformation($version, $build, $channel);
     }
 }

app/Http/Controllers/Admin/UpdateController.php

@@ -114,8 +114,27 @@ class UpdateController extends Controller
     public function updateCheck(): RedirectResponse
     {
         $release = $this->getLatestRelease();
+        $level   = 'info';
+        $message = trans('firefly.no_new_release_available');
+        if ('' !== $release->getError()) {
+            $level   = 'error';
+            $message = $release->getError();
+        }
+        if ($release->isNewVersionAvailable()) {
+            // if running develop, slightly different message.
+            if (str_contains(config('firefly.version'), 'develop')) {
+                $message = trans('firefly.update_current_dev_older', ['version'     => config('firefly.version'), 'new_version' => $release->getNewVersion()]);
+            }
+            if (!str_contains(config('firefly.version'), 'develop')) {
+                $message = trans('firefly.update_new_version_alert', [
+                    'your_version' => config('firefly.version'),
+                    'new_version'  => $release->getNewVersion(),
+                    'date'         => $release->getPublishedAt()->format('Y-m-d H:i:s'),
+                ]);
+            }
+        }
 
-        session()->flash($release['level'], $release['message']);
+        session()->flash($level, $message);
 
         return redirect(route('settings.update-check'));
     }

app/Http/Controllers/Auth/LoginController.php

@@ -190,6 +190,14 @@ class LoginController extends Controller
      */
     public function showLoginForm(Request $request): Factory|Redirector|RedirectResponse|View
     {
+        if ('remote_user_guard' === config('auth.defaults.guard')) {
+            $message = sprintf(
+                'Firefly III is configured to use the "remote user guard", but was unable to link you to a user. Are you sure the "%s" header is in place?',
+                config('auth.guard_header')
+            );
+
+            return view('errors.error', ['message' => $message]);
+        }
         Log::channel('audit')->info('Show login form (1.1).');
 
         $count             = DB::table('users')->count();

app/Http/Controllers/Chart/CategoryController.php

@@ -281,6 +281,6 @@ class CategoryController extends Controller
             }
         }
 
-        return $this->generator->multiSet($chartData);
+        return $this->generator->multiSet($chartData, array_values($periods));
     }
 }

app/Http/Controllers/Chart/CategoryReportController.php

@@ -45,11 +45,9 @@ class CategoryReportController extends Controller
     use AugumentData;
     use TransactionCalculation;
 
-    /** @var GeneratorInterface Chart generation methods. */
-    private $generator;
+    private GeneratorInterface $generator;
 
-    /** @var OperationsRepositoryInterface */
-    private $opsRepository;
+    private OperationsRepositoryInterface $opsRepository;
 
     /**
      * CategoryReportController constructor.

app/Http/Controllers/Controller.php

@@ -80,13 +80,13 @@ abstract class Controller extends BaseController
         View::share('FF_VERSION', config('firefly.version'));
         View::share('FF_BUILD_TIME', config('firefly.build_time'));
 
-        // this breaks when running < php 8.5 and is totally intentional.
-        //        $input            = ' James is cool';
-        //        $output           = $input
-        //            |> trim(...)
-        //            |> (fn (string $string) => str_replace(' ', '-', $string))
-        //            |> (fn (string $string) => str_replace(['.', '/', '…'], '', $string))
-        //            |> strtolower(...);
+        // this breaks when running < PHP 8.5 and is totally intentional.
+        $input            = ' James is cool';
+        $output           = $input
+            |> trim(...)
+            |> (fn (string $string) => str_replace(' ', '-', $string))
+            |> (fn (string $string) => str_replace(['.', '/', '…'], '', $string))
+            |> strtolower(...);
 
         // is webhooks enabled?
         View::share(

app/Http/Controllers/System/InstallController.php

@@ -58,6 +58,7 @@ class InstallController extends Controller
     private array $upgradeCommands      = [
         // there are 5 initial commands
         // Check 4 places: InstallController, Docker image, UpgradeDatabase, composer.json
+        'firefly-iii:create-database'        => [],
         'migrate'                            => ['--seed'  => true, '--force' => true],
         'generate-keys'                      => [], // an exception :(
         'firefly-iii:upgrade-database'       => [],

app/Http/Middleware/Authenticate.php

@@ -82,22 +82,25 @@ class Authenticate
     protected function authenticate($request, array $guards)
     {
         if (0 === count($guards)) {
-            // go for default guard:
-            // @noinspection PhpUndefinedMethodInspection
-            if ($this->auth->check()) {
-                // do an extra check on user object.
-                /** @noinspection PhpUndefinedMethodInspection */
-
-                /** @var User $user */
-                $user = $this->auth->authenticate();
+            Log::debug('in Authenticate::authenticate() with zero guards.');
+            // There are no guards defined, go for the default guard:
+            if (auth()->check()) {
+                Log::debug('User is authenticated.');
+                $user = auth()->user();
                 $this->validateBlockedUser($user, $guards);
-            }
 
+                return;
+            }
             // @noinspection PhpUndefinedMethodInspection
-            return $this->auth->authenticate();
+            $this->auth->authenticate();
+            if (!$this->auth->check()) {
+                throw new AuthenticationException('The user is not logged in but must be.', $guards);
+            }
         }
 
+        exit('five');
         foreach ($guards as $guard) {
+            exit('six');
             if ('api' !== $guard) {
                 $this->auth->guard($guard)->authenticate();
             }
@@ -111,6 +114,7 @@ class Authenticate
             }
         }
 
+        exit('seven');
         // this is a massive hack, but if the handler has the oauth exception
         // at this point we can report its error instead of a generic one.
         $message = 'Unauthenticated.';
@@ -143,5 +147,6 @@ class Authenticate
             // @phpstan-ignore-line (thinks function is undefined)
             throw new AuthenticationException('Blocked account.', $guards);
         }
+        Log::debug(sprintf('User #%d is not blocked.', $user->id));
     }
 }

app/Listeners/Model/TransactionGroup/SupportsGroupProcessingTrait.php

@@ -107,20 +107,10 @@ trait SupportsGroupProcessingTrait
         // remove generic statistics:
         $repository->deleteStatisticsForPrefix('all_', $dates);
 
-        // remove for no tag, no cat, etc.
-        if (0 === $objects->budgets->count()) {
-            Log::debug('No budgets, delete "no_category" stats.');
-            $repository->deleteStatisticsForPrefix('no_budget', $dates);
-        }
-        if (0 === $objects->categories->count()) {
-            Log::debug('No categories, delete "no_category" stats.');
-            $repository->deleteStatisticsForPrefix('no_category', $dates);
-        }
-        if (0 === $objects->tags->count()) {
-            Log::debug('No tags, delete "no_category" stats.');
-            $repository->deleteStatisticsForPrefix('no_tag', $dates);
-        }
-        Log::debug('Done with remove period statistics for all objects.');
+        // ALWAYS remove for no tag, no cat, etc.
+        $repository->deleteStatisticsForPrefix('no_budget', $dates);
+        $repository->deleteStatisticsForPrefix('no_category', $dates);
+        $repository->deleteStatisticsForPrefix('no_tag', $dates);
     }
 
     private function collectDatesFromJournals(Collection $journals): Collection

app/Listeners/Security/System/ChecksForNewVersion.php

@@ -76,8 +76,27 @@ class ChecksForNewVersion implements ShouldQueue
         // last check time was more than a week ago.
         Log::debug('Have not checked for a new version in a week!');
         $release       = $this->getLatestRelease();
+        $level         = 'info';
+        $message       = trans('firefly.no_new_release_available');
+        if ('' !== $release->getError()) {
+            $level   = 'error';
+            $message = $release->getError();
+        }
+        if ($release->isNewVersionAvailable()) {
+            // if running develop, slightly different message.
+            if (str_contains(config('firefly.version'), 'develop')) {
+                $message = trans('firefly.update_current_dev_older', ['version'     => config('firefly.version'), 'new_version' => $release->getNewVersion()]);
+            }
+            if (!str_contains(config('firefly.version'), 'develop')) {
+                $message = trans('firefly.update_new_version_alert', [
+                    'your_version' => config('firefly.version'),
+                    'new_version'  => $release->getNewVersion(),
+                    'date'         => $release->getPublishedAt()->format('Y-m-d H:i:s'),
+                ]);
+            }
+        }
 
-        session()->flash($release['level'], $release['message']);
+        session()->flash($level, $message);
         FireflyConfig::set('last_update_check', Carbon::now()->getTimestamp());
     }
 

app/Listeners/Security/System/NotifiesAboutNewInvitation.php

@@ -62,7 +62,7 @@ class NotifiesAboutNewInvitation implements ShouldQueue
         $url   = route('invite', [$invitee->invite_code]);
 
         try {
-            Mail::to($email)->send(new InvitationMail($invitee, $admin, $url));
+            Mail::to($email)->send(new InvitationMail($email, $admin, $url));
         } catch (Exception $e) {
             Log::error($e->getMessage());
             Log::error($e->getTraceAsString());

app/Models/AccountType.php

@@ -23,7 +23,6 @@ declare(strict_types=1);
 
 namespace FireflyIII\Models;
 
-use Deprecated;
 use FireflyIII\Support\Models\ReturnsIntegerIdTrait;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\HasMany;
@@ -32,65 +31,9 @@ class AccountType extends Model
 {
     use ReturnsIntegerIdTrait;
 
-    /** @deprecated */
-    #[Deprecated]
-    public const string ASSET            = 'Asset account';
+    protected $casts    = ['created_at' => 'datetime', 'updated_at' => 'datetime'];
 
-    /** @deprecated */
-    #[Deprecated]
-    public const string BENEFICIARY      = 'Beneficiary account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string CASH             = 'Cash account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string CREDITCARD       = 'Credit card';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string DEBT             = 'Debt';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string DEFAULT          = 'Default account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string EXPENSE          = 'Expense account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string IMPORT           = 'Import account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string INITIAL_BALANCE  = 'Initial balance account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string LIABILITY_CREDIT = 'Liability credit account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string LOAN             = 'Loan';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string MORTGAGE         = 'Mortgage';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string RECONCILIATION   = 'Reconciliation account';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string REVENUE          = 'Revenue account';
-
-    protected $casts                     = ['created_at' => 'datetime', 'updated_at' => 'datetime'];
-
-    protected $fillable                  = ['type'];
+    protected $fillable = ['type'];
 
     public function accounts(): HasMany
     {

app/Models/AutoBudget.php

@@ -24,7 +24,6 @@ declare(strict_types=1);
 
 namespace FireflyIII\Models;
 
-use Deprecated;
 use FireflyIII\Handlers\Observer\AutoBudgetObserver;
 use FireflyIII\Support\Models\ReturnsIntegerIdTrait;
 use Illuminate\Database\Eloquent\Attributes\ObservedBy;
@@ -39,20 +38,8 @@ class AutoBudget extends Model
     use ReturnsIntegerIdTrait;
     use SoftDeletes;
 
-    /** @deprecated */
-    #[Deprecated]
-    public const int AUTO_BUDGET_ADJUSTED = 3;
-
-    /** @deprecated */
-    #[Deprecated]
-    public const int AUTO_BUDGET_RESET    = 1;
-
-    /** @deprecated */
-    #[Deprecated]
-    public const int AUTO_BUDGET_ROLLOVER = 2;
-
-    protected $casts                      = ['amount'        => 'string', 'native_amount' => 'string'];
-    protected $fillable                   = ['budget_id', 'amount', 'period', 'native_amount'];
+    protected $casts    = ['amount'        => 'string', 'native_amount' => 'string'];
+    protected $fillable = ['budget_id', 'amount', 'period', 'native_amount'];
 
     public function budget(): BelongsTo
     {

app/Models/RecurrenceRepetition.php

@@ -24,7 +24,6 @@ declare(strict_types=1);
 
 namespace FireflyIII\Models;
 
-use Deprecated;
 use FireflyIII\Support\Models\ReturnsIntegerIdTrait;
 use Illuminate\Database\Eloquent\Casts\Attribute;
 use Illuminate\Database\Eloquent\Model;
@@ -36,23 +35,7 @@ class RecurrenceRepetition extends Model
     use ReturnsIntegerIdTrait;
     use SoftDeletes;
 
-    /** @deprecated */
-    #[Deprecated]
-    public const int WEEKEND_DO_NOTHING    = 1;
-
-    /** @deprecated */
-    #[Deprecated]
-    public const int WEEKEND_SKIP_CREATION = 2;
-
-    /** @deprecated */
-    #[Deprecated]
-    public const int WEEKEND_TO_FRIDAY     = 3;
-
-    /** @deprecated */
-    #[Deprecated]
-    public const int WEEKEND_TO_MONDAY     = 4;
-
-    protected $casts                       = [
+    protected $casts    = [
         'created_at'        => 'datetime',
         'updated_at'        => 'datetime',
         'deleted_at'        => 'datetime',
@@ -62,9 +45,9 @@ class RecurrenceRepetition extends Model
         'weekend'           => 'int',
     ];
 
-    protected $fillable                    = ['recurrence_id', 'weekend', 'repetition_type', 'repetition_moment', 'repetition_skip'];
+    protected $fillable = ['recurrence_id', 'weekend', 'repetition_type', 'repetition_moment', 'repetition_skip'];
 
-    protected $table                       = 'recurrences_repetitions';
+    protected $table    = 'recurrences_repetitions';
 
     public function recurrence(): BelongsTo
     {

app/Models/Transaction.php

@@ -30,7 +30,6 @@ use Illuminate\Database\Eloquent\Attributes\ObservedBy;
 use Illuminate\Database\Eloquent\Attributes\Scope;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Casts\Attribute;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\BelongsToMany;
@@ -39,7 +38,6 @@ use Illuminate\Database\Eloquent\SoftDeletes;
 #[ObservedBy([TransactionObserver::class])]
 class Transaction extends Model
 {
-    use HasFactory;
     use ReturnsIntegerIdTrait;
     use SoftDeletes;
 

app/Models/TransactionJournal.php

@@ -34,7 +34,6 @@ use Illuminate\Database\Eloquent\Attributes\ObservedBy;
 use Illuminate\Database\Eloquent\Attributes\Scope;
 use Illuminate\Database\Eloquent\Builder as EloquentBuilder;
 use Illuminate\Database\Eloquent\Casts\Attribute;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
 use Illuminate\Database\Eloquent\Relations\BelongsToMany;
@@ -53,7 +52,6 @@ use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 #[ObservedBy([DeletedTransactionJournalObserver::class])]
 class TransactionJournal extends Model
 {
-    use HasFactory;
     use ReturnsIntegerIdTrait;
     use ReturnsIntegerUserIdTrait;
     use SoftDeletes;

app/Models/TransactionType.php

@@ -23,7 +23,6 @@ declare(strict_types=1);
 
 namespace FireflyIII\Models;
 
-use Deprecated;
 use FireflyIII\Enums\TransactionTypeEnum;
 use FireflyIII\Support\Models\ReturnsIntegerIdTrait;
 use Illuminate\Database\Eloquent\Model;
@@ -36,36 +35,8 @@ class TransactionType extends Model
     use ReturnsIntegerIdTrait;
     use SoftDeletes;
 
-    /** @deprecated */
-    #[Deprecated]
-    public const string DEPOSIT          = 'Deposit';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string INVALID          = 'Invalid';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string LIABILITY_CREDIT = 'Liability credit';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string OPENING_BALANCE  = 'Opening balance';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string RECONCILIATION   = 'Reconciliation';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string TRANSFER         = 'Transfer';
-
-    /** @deprecated */
-    #[Deprecated]
-    public const string WITHDRAWAL       = 'Withdrawal';
-
-    protected $casts                     = ['created_at' => 'datetime', 'updated_at' => 'datetime', 'deleted_at' => 'datetime'];
-    protected $fillable                  = ['type'];
+    protected $casts    = ['created_at' => 'datetime', 'updated_at' => 'datetime', 'deleted_at' => 'datetime'];
+    protected $fillable = ['type'];
 
     /**
      * Route binder. Converts the key in the URL to the specified object (or throw 404).

app/Notifications/NotificationSender.php

@@ -52,6 +52,7 @@ class NotificationSender
 
                 return;
             }
+            Log::error('Could not send notification :(.');
             Log::error($e->getMessage());
             Log::error($e->getTraceAsString());
         }

app/Policies/AccountPolicy.php

@@ -1,68 +0,0 @@
-<?php
-
-/*
- * AccountPolicy.php
- * Copyright (c) 2024 james@firefly-iii.org.
- *
- * This file is part of Firefly III (https://github.com/firefly-iii).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see https://www.gnu.org/licenses/.
- */
-
-declare(strict_types=1);
-
-namespace FireflyIII\Policies;
-
-use FireflyIII\Models\Account;
-use FireflyIII\User;
-use Illuminate\Support\Facades\Log;
-
-class AccountPolicy
-{
-    public function create(): bool
-    {
-        return auth()->check();
-    }
-
-    /**
-     * TODO needs better authentication, also for group.
-     */
-    public function view(User $user, Account $account): bool
-    {
-        return auth()->check() && $user->id === $account->user_id;
-    }
-
-    public function viewAccountBalances(User $user, Account $account): bool
-    {
-        return $this->view($user, $account);
-    }
-
-    /**
-     * Everybody can do this, but selection should limit to user.
-     */
-    public function viewAny(): bool
-    {
-        Log::debug(__METHOD__);
-
-        return auth()->check();
-    }
-
-    /**
-     * Everybody can do this, but selection should limit to user.
-     */
-    public function viewUser(User $user, Account $account): bool
-    {
-        return $this->view($user, $account);
-    }
-}

app/Policies/BalancePolicy.php

@@ -1,47 +0,0 @@
-<?php
-
-/*
- * BalancePolicy.php
- * Copyright (c) 2024 james@firefly-iii.org.
- *
- * This file is part of Firefly III (https://github.com/firefly-iii).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see https://www.gnu.org/licenses/.
- */
-
-declare(strict_types=1);
-
-namespace FireflyIII\Policies;
-
-use FireflyIII\Models\Account;
-use FireflyIII\User;
-
-class BalancePolicy
-{
-    /**
-     * TODO needs better authentication.
-     */
-    public function view(User $user, Account $account): bool
-    {
-        return auth()->check() && $user->id === $account->user_id;
-    }
-
-    /**
-     * Everybody can do this, but selection should limit to user.
-     */
-    public function viewAny(): bool
-    {
-        return auth()->check();
-    }
-}

app/Policies/UserPolicy.php

@@ -1,59 +0,0 @@
-<?php
-
-/*
- * UserPolicy.php
- * Copyright (c) 2024 james@firefly-iii.org.
- *
- * This file is part of Firefly III (https://github.com/firefly-iii).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see https://www.gnu.org/licenses/.
- */
-
-declare(strict_types=1);
-
-namespace FireflyIII\Policies;
-
-use FireflyIII\User;
-
-class UserPolicy
-{
-    /**
-     * TODO needs better authentication.
-     */
-    public function view(User $user, User $user1): bool
-    {
-        return true;
-
-        //        return auth()->check() && $user->id === $account->user_id;
-    }
-
-    public function viewAccounts(User $user): bool
-    {
-        return true;
-
-        //        return auth()->check();
-    }
-
-    /**
-     * Everybody can do this, but selection should limit to user.
-     *
-     * @return true
-     */
-    public function viewAny(): bool
-    {
-        return true;
-
-        //        return auth()->check();
-    }
-}

app/Providers/FireflyServiceProvider.php

@@ -53,6 +53,7 @@ use FireflyIII\Repositories\UserGroup\UserGroupRepository;
 use FireflyIII\Repositories\UserGroup\UserGroupRepositoryInterface;
 use FireflyIII\Repositories\Webhook\WebhookRepository;
 use FireflyIII\Repositories\Webhook\WebhookRepositoryInterface;
+use FireflyIII\Services\FireflyIIIOrg\Update\GitHubUpdateRequest;
 use FireflyIII\Services\FireflyIIIOrg\Update\UpdateRequest;
 use FireflyIII\Services\FireflyIIIOrg\Update\UpdateRequestInterface;
 use FireflyIII\Services\Password\PwndVerifierV2;
@@ -191,7 +192,8 @@ class FireflyServiceProvider extends ServiceProvider
         $this->app->bind(PopupReportInterface::class, PopupReport::class);
         $this->app->bind(ReportHelperInterface::class, ReportHelper::class);
         $this->app->bind(FiscalHelperInterface::class, FiscalHelper::class);
-        $this->app->bind(UpdateRequestInterface::class, UpdateRequest::class);
+        // $this->app->bind(UpdateRequestInterface::class, UpdateRequest::class);
+        $this->app->bind(UpdateRequestInterface::class, GitHubUpdateRequest::class);
 
         // webhooks:
         $this->app->bind(MessageGeneratorInterface::class, StandardMessageGenerator::class);

app/Providers/RouteServiceProvider.php

@@ -42,20 +42,18 @@ class RouteServiceProvider extends ServiceProvider
     #[Override]
     public function boot(): void
     {
-        $this->routes(function (): void {
-            Route::prefix('api')
-                ->middleware('api')
-                ->namespace($this->namespace)
-                ->group(base_path('routes/api.php'))
-            ;
-
-            Route::prefix('api/v1/cron')
-                ->middleware('api_basic')
-                ->namespace($this->namespace)
-                ->group(base_path('routes/api-noauth.php'))
-            ;
-
-            Route::middleware('web')->namespace($this->namespace)->group(base_path('routes/web.php'));
-        });
+        //        $this->routes(function (): void {
+        //            Route::prefix('api')
+        //                ->middleware('api')
+        //                ->namespace($this->namespace)
+        //                ->group(base_path('routes/api.php'))
+        //            ;
+        //            Route::prefix('api/v1/cron')
+        //                ->middleware('api_basic')
+        //                ->namespace($this->namespace)
+        //                ->group(base_path('routes/api-noauth.php'))
+        //            ;
+        //            Route::middleware('web')->namespace($this->namespace)->group(base_path('routes/web.php'));
+        //        });
     }
 }

app/Repositories/Budget/AvailableBudgetRepository.php

@@ -105,6 +105,22 @@ class AvailableBudgetRepository implements AvailableBudgetRepositoryInterface, U
         return $this->user->availableBudgets->find($id);
     }
 
+    #[Override]
+    public function findInRange(TransactionCurrency $currency, Carbon $start, Carbon $end): Collection
+    {
+        /** @var null|AvailableBudget */
+        return $this->user
+            ->availableBudgets()
+            ->where('transaction_currency_id', $currency->id)
+            // start date OR end date must be the same or equal to start or END respectively.
+            ->where(function ($q1) use ($start, $end): void {
+                $q1->whereBetween('start_date', [$start, $end]);
+                $q1->orWhereBetween('end_date', [$start, $end]);
+            })
+            ->get(['available_budgets.*'])
+        ;
+    }
+
     /**
      * Return a list of all available budgets (in all currencies) (for the selected period).
      */

app/Repositories/Budget/AvailableBudgetRepositoryInterface.php

@@ -62,6 +62,11 @@ interface AvailableBudgetRepositoryInterface
 
     public function findById(int $id): ?AvailableBudget;
 
+    /**
+     * Find existing ABs in this exact time range.
+     */
+    public function findInRange(TransactionCurrency $currency, Carbon $start, Carbon $end): Collection;
+
     /**
      * Return a list of all available budgets (in all currencies) (for the selected period).
      */

app/Repositories/Category/NoCategoryRepository.php

@@ -52,6 +52,7 @@ class NoCategoryRepository implements NoCategoryRepositoryInterface, UserGroupIn
         $collector->setUser($this->user)->setRange($start, $end)->setTypes([TransactionTypeEnum::WITHDRAWAL->value])->withoutCategory();
         if ($accounts instanceof Collection && $accounts->count() > 0) {
             $collector->setAccounts($accounts);
+            $collector->excludeDestinationAccounts($accounts); // to exclude withdrawals to liabilities.
         }
         $journals  = $collector->getExtractedJournals();
         $array     = [];
@@ -97,6 +98,7 @@ class NoCategoryRepository implements NoCategoryRepositoryInterface, UserGroupIn
         $collector->setUser($this->user)->setRange($start, $end)->setTypes([TransactionTypeEnum::DEPOSIT->value])->withoutCategory();
         if ($accounts instanceof Collection && $accounts->count() > 0) {
             $collector->setAccounts($accounts);
+            $collector->excludeSourceAccounts($accounts); // to prevent income from liabilities.
         }
         $journals  = $collector->getExtractedJournals();
         $array     = [];

app/Services/FireflyIIIOrg/Update/GitHubUpdateRequest.php

@@ -0,0 +1,219 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * GitHubUpdateRequest.php
+ * Copyright (c) 2026 james@firefly-iii.org
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace FireflyIII\Services\FireflyIIIOrg\Update;
+
+use Carbon\Carbon;
+use GuzzleHttp\Client;
+use GuzzleHttp\Exception\ClientException;
+use Illuminate\Support\Facades\Log;
+use Override;
+
+class GitHubUpdateRequest implements UpdateRequestInterface
+{
+    private string $currentVersion = '1.0.0';
+    private Carbon $currentBuild;
+    private string $channel        = 'stable';
+    private bool   $localDebug     = false;
+
+    #[Override]
+    public function getUpdateInformation(string $currentVersion, Carbon $currentBuild, string $channel): UpdateResponse
+    {
+        $this->currentVersion = $currentVersion;
+        $this->channel        = $channel;
+        $this->currentBuild   = $currentBuild;
+        Log::debug(sprintf('Now in getUpdateInformation(%s, %s)', $currentVersion, $channel));
+
+        $response             = new UpdateResponse();
+        $releases             = $this->getReleases();
+        $filtered             = $this->filterReleases($releases);
+
+        Log::debug(sprintf('Left with %d release(s) to compare', count($filtered)));
+
+        if (0 === count($filtered)) {
+            $response->setNewVersionAvailable(false);
+
+            return $response;
+        }
+
+        $newest               = $this->getNewest($filtered);
+
+        Log::debug(sprintf('Newest release is "%s" released on %s', $newest['version'], $newest['published_at']->format('Y-m-d H:i')));
+
+        $response->setNewVersion($newest['version']);
+        $response->setPublishedAt($newest['published_at']);
+
+        // main question, is this release newer than the current one?
+        // if current version is "develop", compare date.
+        if (str_contains($currentVersion, 'develop')) {
+            Log::debug(sprintf('Compare with current version "%s", built on %s', $currentVersion, $currentBuild->format('Y-m-d H:i')));
+            if ($currentBuild->gt($newest['published_at'])) {
+                Log::debug(sprintf(
+                    'Current build %s is older than newest build %s, so a new release is available.',
+                    $currentBuild->format('Y-m-d H:i'),
+                    $newest['published_at']->format('Y-m-d H:i')
+                ));
+                $response->setNewVersionAvailable(true);
+
+                return $response;
+            }
+            if ($currentBuild->lt($newest['published_at'])) {
+                Log::debug(sprintf(
+                    'Current build %s is newer than newest build %s, so NO new release is available.',
+                    $currentBuild->format('Y-m-d H:i'),
+                    $newest['published_at']->format('Y-m-d H:i')
+                ));
+                $response->setNewVersionAvailable(false);
+
+                return $response;
+            }
+
+            return $response;
+        }
+
+        // if not, compare version.
+        $res                  = version_compare($newest['version'], $currentVersion);
+        if ($res < 1) {
+            $response->setNewVersionAvailable(false);
+
+            return $response;
+        }
+        if (1 === $res) {
+            $response->setNewVersionAvailable(true);
+
+            return $response;
+        }
+
+        return $response;
+    }
+
+    private function filterReleases(array $releases): array
+    {
+        $return = [];
+
+        /** @var array $release */
+        foreach ($releases as $release) {
+            if ($release['published_at']->lte($this->currentBuild)) {
+                Log::debug(sprintf('Skip older version "%s"', $release['version']));
+
+                continue;
+            }
+            // if channel is stable, and version is "alpha", continue.
+            // if channel is stable, and version is "beta", continue.
+            // if channel is beta, and version is "alpha", continue.
+            if (('stable' === $this->channel || 'beta' === $this->channel) && str_contains($release['version'], 'alpha')) {
+                Log::debug(sprintf('Skip version "%s"', $release['version']));
+
+                continue;
+            }
+            if ('stable' === $this->channel && str_contains($release['version'], 'beta')) {
+                Log::debug(sprintf('Skip version "%s"', $release['version']));
+
+                continue;
+            }
+            $return[] = $release;
+        }
+
+        return $return;
+    }
+
+    private function getNewest(array $releases): array
+    {
+        $latest = ['version'      => '1.0.0', 'published_at' => now()->startOfYear()];
+        foreach ($releases as $release) {
+            Log::debug(sprintf('Comparing current version "%s" with latest version "%s"', $release['version'], $latest['version']));
+            if (str_contains($release['version'], 'develop') || str_contains($latest['version'], 'develop')) {
+                Log::debug('Compare based on build time.');
+                // compare build times.
+                if ($latest['published_at']->lt($release['published_at'])) {
+                    Log::debug(sprintf(
+                        'Current date "%s" is newer than latest date "%s"',
+                        $release['published_at']->format('Y-m-d H:i'),
+                        $latest['published_at']->format('Y-m-d H:i')
+                    ));
+                    $latest = $release;
+                }
+            }
+            if (!str_contains($release['version'], 'develop') && !str_contains($latest['version'], 'develop')) {
+                Log::debug('[a] Compare based on version.');
+                // compare version.
+                $res = version_compare($release['version'], $latest['version']);
+                if (1 === $res) {
+                    Log::debug(sprintf('Version "%s" is newer than version "%s".', $release['version'], $latest['version']));
+                    $latest = $release;
+                }
+            }
+        }
+        Log::debug(sprintf('Latest version seems to be "%s", released at %s', $latest['version'], $latest['published_at']->format('Y-m-d H:i')));
+
+        return $latest;
+    }
+
+    private function getReleases(): array
+    {
+        $client = new Client();
+        $opts   = ['headers'   => ['User-Agent' => 'FireflyIII/'.config('firefly.version')]];
+        $return = [];
+        $body   = '';
+        if ($this->localDebug && file_exists('json.json')) {
+            $body = file_get_contents('json.json');
+        }
+        if (!$this->localDebug) {
+            try {
+                $res = $client->get('https://api.github.com/repos/firefly-iii/firefly-iii/releases', $opts);
+            } catch (ClientException $e) {
+                Log::error($e->getMessage());
+
+                return [];
+            }
+            Log::debug('Successfully contacted GitHub');
+            $body = (string) $res->getBody();
+        }
+
+        if (!json_validate($body)) {
+            Log::debug('GitHub returned invalid JSON');
+
+            return [];
+        }
+        $json   = json_decode($body, true);
+
+        /** @var array $release */
+        foreach ($json as $release) {
+            $version   = $release['tag_name'];
+            $version   = 'v' === $version[0] ? substr($version, 1) : $version;
+            $published = Carbon::parse($release['published_at']);
+
+            // always skip "develop" releases, unless user is also running develop.
+            if (str_contains($version, 'develop') && !str_contains($this->currentVersion, 'develop')) {
+                Log::debug(sprintf('Skip version "%s"', $release['tag_name']));
+
+                continue;
+            }
+
+            $return[]  = ['version'      => $version, 'published_at' => $published];
+        }
+
+        return $return;
+    }
+}

app/Services/FireflyIIIOrg/Update/UpdateRequestInterface.php

@@ -24,10 +24,12 @@ declare(strict_types=1);
 
 namespace FireflyIII\Services\FireflyIIIOrg\Update;
 
+use Carbon\Carbon;
+
 /**
  * Interface UpdateRequestInterface
  */
 interface UpdateRequestInterface
 {
-    public function getUpdateInformation(string $channel): array;
+    public function getUpdateInformation(string $currentVersion, Carbon $currentBuild, string $channel): UpdateResponse;
 }

app/Services/FireflyIIIOrg/Update/UpdateResponse.php

@@ -0,0 +1,75 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * UpdateResponse.php
+ * Copyright (c) 2026 james@firefly-iii.org
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace FireflyIII\Services\FireflyIIIOrg\Update;
+
+use Carbon\Carbon;
+
+class UpdateResponse
+{
+    private bool   $newVersionAvailable = false;
+    private string $error               = '';
+    private string $newVersion          = '1.0.0';
+    private Carbon $publishedAt;
+
+    public function getError(): string
+    {
+        return $this->error;
+    }
+
+    public function getNewVersion(): string
+    {
+        return $this->newVersion;
+    }
+
+    public function getPublishedAt(): Carbon
+    {
+        return $this->publishedAt;
+    }
+
+    public function isNewVersionAvailable(): bool
+    {
+        return $this->newVersionAvailable;
+    }
+
+    public function setError(string $error): void
+    {
+        $this->error = $error;
+    }
+
+    public function setNewVersion(string $newVersion): void
+    {
+        $this->newVersion = $newVersion;
+    }
+
+    public function setNewVersionAvailable(bool $newVersionAvailable): void
+    {
+        $this->newVersionAvailable = $newVersionAvailable;
+    }
+
+    public function setPublishedAt(Carbon $publishedAt): void
+    {
+        $this->publishedAt = $publishedAt;
+    }
+}

app/Support/Authentication/RemoteUserGuard.php

@@ -84,7 +84,8 @@ class RemoteUserGuard implements Guard
         if (null === $userID || '' === $userID) {
             Log::error(sprintf('No user in header "%s".', $header));
 
-            throw new FireflyException('The guard header was unexpectedly empty. See the logs.');
+            // throw new FireflyException('The guard header was unexpectedly empty. See the logs.');
+            return;
         }
 
         Log::debug(sprintf('User ID found in header is "%s"', $userID));

app/Support/Cronjobs/UpdateCheckCronjob.php

@@ -75,12 +75,12 @@ class UpdateCheckCronjob extends AbstractCronjob
         // last check time was more than a week ago.
         Log::debug('Have not checked for a new version in a week!');
         $release            = $this->getLatestRelease();
-        if ('error' === $release['level']) {
+        if ('' !== $release->getError()) {
             // get stuff from job:
             $this->jobFired     = true;
             $this->jobErrored   = true;
             $this->jobSucceeded = false;
-            $this->message      = $release['message'];
+            $this->message      = $release->getError();
 
             return;
         }
@@ -88,6 +88,23 @@ class UpdateCheckCronjob extends AbstractCronjob
         $this->jobFired     = true;
         $this->jobErrored   = false;
         $this->jobSucceeded = false;
-        $this->message      = $release['message'];
+        $this->message      = trans('firefly.no_new_release_available');
+
+        if ($release->isNewVersionAvailable()) {
+            // if running develop, slightly different message.
+            if (str_contains(config('firefly.version'), 'develop')) {
+                $this->message = trans('firefly.update_current_dev_older', [
+                    'version'     => config('firefly.version'),
+                    'new_version' => $release->getNewVersion(),
+                ]);
+            }
+            if (!str_contains(config('firefly.version'), 'develop')) {
+                $this->message = trans('firefly.update_new_version_alert', [
+                    'your_version' => config('firefly.version'),
+                    'new_version'  => $release->getNewVersion(),
+                    'date'         => $release->getPublishedAt()->format('Y-m-d H:i:s'),
+                ]);
+            }
+        }
     }
 }

app/Support/Export/ExportDataGenerator.php

@@ -138,6 +138,42 @@ class ExportDataGenerator
 
     // @phpstan-ignore-line
 
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
     public function __construct()
     {
         $this->accounts = new Collection();

app/Support/JsonApi/Enrichments/AvailableBudgetEnrichment.php

@@ -65,6 +65,24 @@ class AvailableBudgetEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private readonly bool $convertToPrimary; // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
@@ -90,6 +108,24 @@ class AvailableBudgetEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $currencies            = [];
     private array $currencyIds           = [];
     private array $ids                   = [];

app/Support/JsonApi/Enrichments/BudgetLimitEnrichment.php

@@ -65,6 +65,24 @@ class BudgetLimitEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $currencies  = [];
     private array $currencyIds = [];
     private Carbon $end;

app/Support/JsonApi/Enrichments/PiggyBankEnrichment.php

@@ -67,6 +67,24 @@ class PiggyBankEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $accounts      = []; // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
@@ -92,6 +110,24 @@ class PiggyBankEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $amounts       = [];
     private Collection $collection;
     private array $currencies    = [];

app/Support/JsonApi/Enrichments/PiggyBankEventEnrichment.php

@@ -62,6 +62,24 @@ class PiggyBankEventEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $accountIds        = []; // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
@@ -87,6 +105,24 @@ class PiggyBankEventEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private Collection $collection;
     private array $currencies        = [];
     private array $groupIds          = [];

app/Support/JsonApi/Enrichments/SubscriptionEnrichment.php

@@ -71,6 +71,24 @@ class SubscriptionEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private readonly bool $convertToPrimary;
     private ?Carbon $end             = null;
     private array   $mappedObjects   = [];

app/Support/JsonApi/Enrichments/TransactionGroupEnrichment.php

@@ -103,6 +103,42 @@ class TransactionGroupEnrichment implements EnrichmentInterface
 
     // @phpstan-ignore-line
 
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
+    // @phpstan-ignore-line
+
     public function __construct()
     {
         $this->dateFields      = ['interest_date', 'book_date', 'process_date', 'due_date', 'payment_date', 'invoice_date'];

app/Support/JsonApi/Enrichments/WebhookEnrichment.php

@@ -67,6 +67,24 @@ class WebhookEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $ids               = []; // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
@@ -92,6 +110,24 @@ class WebhookEnrichment implements EnrichmentInterface
     // @phpstan-ignore-line
     // @phpstan-ignore-line
     // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
+    // @phpstan-ignore-line
     private array $responses         = [];
     private array $triggers          = [];
     private array $webhookDeliveries = [];

app/Support/Models/AvailableBudgetCalculator.php

@@ -131,33 +131,42 @@ class AvailableBudgetCalculator
 
     private function refreshAvailableBudget(Carbon $start): void
     {
-        $end             = Navigation::endOfPeriod($start, $this->viewRange);
+        $end              = Navigation::endOfPeriod($start, $this->viewRange);
         Log::debug(sprintf('refreshAvailableBudget(%s), end is %s', $start->format('Y-m-d'), $end->format('Y-m-d')));
-        $availableBudget = $this->abRepository->find($this->currency, $start, $end);
 
-        if (null !== $availableBudget) {
-            Log::debug('Found available budget for this period, will update it.');
-            $this->abRepository->recalculateAmount($availableBudget);
+        if ($end->lt($start)) {
+            Log::error(sprintf('%s is less than %s, stop.', $start->format('Y-m-d'), $end->format('Y-m-d')));
 
             return;
         }
+
+        $availableBudget  = $this->abRepository->find($this->currency, $start, $end);
+        $availableBudgets = $this->abRepository->findInRange($this->currency, $start, $end);
+
+        Log::debug(sprintf('Found #%d', $availableBudget->id));
+        foreach ($availableBudgets as $item) {
+            Log::debug(sprintf(
+                'findInRange found available budget #%d (%s - %s), will update it.',
+                $item->id,
+                $item->start_date->format('Y-m-d'),
+                $item->end_date->format('Y-m-d')
+            ));
+            $this->abRepository->recalculateAmount($availableBudget);
+        }
         if (!$this->create) {
             Log::debug('Can stop here. have not been asked to create an available budget.');
 
             return;
         }
-        if ($end->lt($start)) {
-            Log::error(sprintf('%s is less than %s, stop.', $start->format('Y-m-d'), $end->format('Y-m-d')));
-
-            return;
+        if (null === $availableBudget) {
+            Log::debug(sprintf('Will create new available budget for period %s to %s', $start->format('Y-m-d'), $end->format('Y-m-d')));
+            $availableBudget = $this->abRepository->store([
+                'start'       => $start,
+                'end'         => $end,
+                'currency_id' => $this->currency->id,
+                'amount'      => '1',
+            ]);
+            $this->abRepository->recalculateAmount($availableBudget);
         }
-        Log::debug(sprintf('Will create new available budget for period %s to %s', $start->format('Y-m-d'), $end->format('Y-m-d')));
-        $availableBudget = $this->abRepository->store([
-            'start'       => $start,
-            'end'         => $end,
-            'currency_id' => $this->currency->id,
-            'amount'      => '1',
-        ]);
-        $this->abRepository->recalculateAmount($availableBudget);
     }
 }

app/Support/Search/OperatorQuerySearch.php

@@ -2217,7 +2217,7 @@ class OperatorQuerySearch implements SearchInterface
                     // changed from includeTags to includeAnyTags for #8632
                     $ids                          = array_values($tags->pluck('id')->toArray());
                     $index                        = count($this->includeAnyTags);
-                    $this->includeAnyTags[$index] = array_unique(array_merge($this->includeAnyTags[$index], $ids));
+                    $this->includeAnyTags[$index] = array_unique(array_merge($this->includeAnyTags[$index] ?? [], $ids));
                 }
 
                 break;
@@ -2252,7 +2252,7 @@ class OperatorQuerySearch implements SearchInterface
                 if ($tags->count() > 0) {
                     $ids                          = array_values($tags->pluck('id')->toArray());
                     $index                        = count($this->includeAnyTags);
-                    $this->includeAnyTags[$index] = array_unique(array_merge($this->includeAnyTags[$index], $ids));
+                    $this->includeAnyTags[$index] = array_unique(array_merge($this->includeAnyTags[$index] ?? [], $ids));
                 }
 
                 break;

app/TransactionRules/Actions/UpdatePiggyBank.php

@@ -246,7 +246,7 @@ class UpdatePiggyBank implements ActionInterface
             Log::warning(sprintf('Cannot remove %s from piggy bank.', $amount));
             $currency = $accountRepository->getAccountCurrency($account) ?? Amount::getPrimaryCurrency();
             event(new RuleActionFailedOnArray($this->action, $array, trans('rules.cannot_remove_from_piggy', [
-                'amount' => Amount::formatAnything($amount, $currency, false),
+                'amount' => Amount::formatAnything($currency, $amount, false),
                 'name'   => $piggyBank->name,
             ])));
 

app/Transformers/ObjectGroupTransformer.php

@@ -51,8 +51,8 @@ class ObjectGroupTransformer extends AbstractTransformer
 
         return [
             'id'         => (string) $objectGroup->id,
-            'created_at' => $objectGroup->created_at?->toAtomString(),
-            'updated_at' => $objectGroup->updated_at?->toAtomString(),
+            'created_at' => $objectGroup->created_at->toAtomString(),
+            'updated_at' => $objectGroup->updated_at->toAtomString(),
             'title'      => $objectGroup->title,
             'order'      => $objectGroup->order,
             'links'      => [['rel' => 'self', 'uri' => '/object_groups/'.$objectGroup->id]],

app/Transformers/PiggyBankEventTransformer.php

@@ -66,8 +66,8 @@ class PiggyBankEventTransformer extends AbstractTransformer
 
         return [
             'id'                              => (string) $event->id,
-            'created_at'                      => $event->created_at?->toAtomString(),
-            'updated_at'                      => $event->updated_at?->toAtomString(),
+            'created_at'                      => $event->created_at->toAtomString(),
+            'updated_at'                      => $event->updated_at->toAtomString(),
             'amount'                          => $amount,
             'pc_amount'                       => $primaryAmount,
 

bootstrap/app.php

@@ -33,10 +33,8 @@ use FireflyIII\Http\Middleware\Range;
 use FireflyIII\Http\Middleware\RedirectIfAuthenticated;
 use FireflyIII\Http\Middleware\SecureHeaders;
 use FireflyIII\Http\Middleware\StartFireflyIIISession;
-use FireflyIII\Http\Middleware\TrustProxies;
 use FireflyIII\Http\Middleware\VerifyCsrfToken;
 use Illuminate\Contracts\Debug\ExceptionHandler;
-use Illuminate\Contracts\Http\Kernel;
 use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
 use Illuminate\Foundation\Application;
 use Illuminate\Foundation\Configuration\Exceptions;
@@ -47,7 +45,6 @@ use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
 use Illuminate\Foundation\Http\Middleware\TrimStrings;
 use Illuminate\Http\Middleware\HandleCors;
 use Illuminate\Http\Middleware\ValidatePostSize;
-use Illuminate\Routing\Middleware\SubstituteBindings;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
 use Laravel\Passport\Http\Middleware\CreateFreshApiToken;
 use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
@@ -92,116 +89,99 @@ if (!function_exists('stringIsEqual')) {
 $app = Application::configure(basePath: dirname(__DIR__))
                   ->withRouting(
                       web     : __DIR__ . '/../routes/web.php',
+                      api     : __DIR__ . '/../routes/api.php',
                       commands: __DIR__ . '/../routes/console.php',
-                      health  : '/health',
+                      health  : '/up',
                   )
                   ->withMiddleware(function (Middleware $middleware): void {
 
                       // overrule the standard middleware
                       $middleware->use(
                           [
-                                           InvokeDeferredCallbacks::class,
-                                           \Illuminate\Http\Middleware\TrustProxies::class, // use the DEFAULT middleware for this.
-                                           HandleCors::class,
-                                           PreventRequestsDuringMaintenance::class,
-                                           ValidatePostSize::class,
-                                           TrimStrings::class,
-                                           ConvertEmptyStringsToNull::class,
-                                           SecureHeaders::class, // is a Firefly III specific middleware class.
-                                       ]
+                              InvokeDeferredCallbacks::class,
+                              \Illuminate\Http\Middleware\TrustProxies::class, // use the DEFAULT middleware for this.
+                              HandleCors::class,
+                              PreventRequestsDuringMaintenance::class,
+                              ValidatePostSize::class,
+                              TrimStrings::class,
+                              ConvertEmptyStringsToNull::class,
+                              SecureHeaders::class, // is a Firefly III specific middleware class.
+                          ]
                       );
 
-                      // overrule the web group
+                      // append and extend the default "web" middleware
+                      // to include our own custom "StartFireflyIIISession" class.
+                      // this class in turns contains a better "previous URL" feature.
+                      // See https://laravel.com/docs/12.x/middleware for the default list.
                       $middleware->group('web',
                                          [
                                              EncryptCookies::class,
                                              AddQueuedCookiesToResponse::class,
-                                             StartFireflyIIISession::class,
+                                             StartFireflyIIISession::class, // this is different.
                                              ShareErrorsFromSession::class,
                                              VerifyCsrfToken::class,
-                                             SubstituteBindings::class,
+                                             Binder::class, // this is also different.
                                              CreateFreshApiToken::class,
                                          ]
                       );
-                      // new group?
-                      $middleware->group('binders-only',
-                                                 [
-                                                     Installer::class,
-                                                     EncryptCookies::class,
-                                                     AddQueuedCookiesToResponse::class,
-                                                     Binder::class,
-                                                 ]);
 
-                      //
-                      $middleware->appendToGroup('user-not-logged-in', [
-                          Installer::class,
-                          EncryptCookies::class,
-                          AddQueuedCookiesToResponse::class,
-                          StartFireflyIIISession::class,
-                          ShareErrorsFromSession::class,
-                          VerifyCsrfToken::class,
-                          Binder::class,
-                          RedirectIfAuthenticated::class,
-                      ]);
+                      // the default API group only contains "substitute bindings" middleware
+                      // so here we replace the entire API group and add more sensible stuff.
+                      $middleware->group('api',
+                                         [
+                                             AcceptHeaders::class,
+                                             // EnsureFrontendRequestsAreStateful::class,
+                                             'auth:api',
+                                             Binder::class,
+                          ]
+                      );
+                      $middleware->appendToGroup('api_basic', [AcceptHeaders::class, Binder::class]);
 
-                      // more
-                      $middleware->appendToGroup('user-logged-in-no-2fa', [
-                          Installer::class,
-                          EncryptCookies::class,
-                          AddQueuedCookiesToResponse::class,
-                          StartFireflyIIISession::class,
-                          ShareErrorsFromSession::class,
-                          VerifyCsrfToken::class,
-                          Binder::class,
-                          Authenticate::class,
-                      ]);
 
-                      // simple auth
+                      // "simple auth" means the user must be logged in and present,
+                      // but does not have to be 2FA authenticated. This is so all users
+                      // can always log out, for example.
                       $middleware->appendToGroup('user-simple-auth', [
-                          EncryptCookies::class,
-                          AddQueuedCookiesToResponse::class,
-                          StartFireflyIIISession::class,
-                          ShareErrorsFromSession::class,
-                          VerifyCsrfToken::class,
-                          Binder::class,
                           Authenticate::class,
                       ]);
 
-                      // user full auth
+                      // This middleware is added for all routes where the user MUST have full authentication.
+                      // this includes 2FA etc.
+                      // incidentally, this group also includes the range middleware and the message thing.
                       $middleware->appendToGroup('user-full-auth', [
-                          EncryptCookies::class,
-                          AddQueuedCookiesToResponse::class,
-                          StartFireflyIIISession::class,
-                          ShareErrorsFromSession::class,
-                          VerifyCsrfToken::class,
                           Authenticate::class,
                           MFAMiddleware::class,
                           Range::class,
-                          Binder::class,
                           InterestingMessage::class,
-                          CreateFreshApiToken::class,
                       ]);
-
-                      // admin
+                      // This middleware is added to ensure that the user is not only logged in and
+                      // authenticated (with MFA and everything), but also admin.
                       $middleware->appendToGroup('admin', [
-                          EncryptCookies::class,
-                          AddQueuedCookiesToResponse::class,
-                          StartFireflyIIISession::class,
-                          ShareErrorsFromSession::class,
-                          VerifyCsrfToken::class,
                           Authenticate::class,
-                          // AuthenticateTwoFactor::class,
+                          MFAMiddleware::class,
                           IsAdmin::class,
                           Range::class,
-                          Binder::class,
-                          CreateFreshApiToken::class,
+                          InterestingMessage::class,
                       ]);
 
-                      // api
-                      $middleware->appendToGroup('api', [AcceptHeaders::class, EnsureFrontendRequestsAreStateful::class, 'auth:api,sanctum', Binder::class]);
-                      // api basic,
-                      $middleware->appendToGroup('api_basic', [AcceptHeaders::class, Binder::class]);
+                      // if the user is not logged in, this group applies.
+                      // on top of everything else of course.
+                      $middleware->appendToGroup('user-not-logged-in', [
+                          Installer::class,
+                          RedirectIfAuthenticated::class,
+                      ]);
 
+                      // the "binders only" group does not need or ask for authentication
+                      // it just makes sure strings from routes are bound to objects if possible.
+                      $middleware->group('binders-only',
+                                         [
+                                             Installer::class,
+                                             EncryptCookies::class,
+                                             AddQueuedCookiesToResponse::class,
+                                             Binder::class,
+                                         ]);
+
+                      // $middleware->priority([StartFireflyIIISession::class, ShareErrorsFromSession::class, Authenticate::class, Binder::class, Authorize::class]);
                   })
                   ->withEvents(discover: [
                                              __DIR__ . '/../app/Listeners',

changelog.md

@@ -3,6 +3,47 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## v6.5.0 - 2026-02-20
+
+> [!IMPORTANT]  
+> This release is the same as 6.4.23, but only works on PHP 8.5 and higher. To continue using the latest version of Firefly III, you must upgrade to (at least) PHP 8.5.0, or switch to the Docker containers. Read more about Firefly III's release and support schedule in [`releases.md`](releases.md).
+
+### Added
+- Support for PHP 8.5
+
+### Removed
+- Support for PHP 8.4 and earlier
+
+## v6.4.23 - 2026-02-20
+
+> [!WARNING]
+> If no pressing issues get reported, this release will be followed by **v6.5.0**. It will be exactly the same but require PHP 8.5.
+
+### Fixed
+- [Issue 11734](https://github.com/firefly-iii/firefly-iii/issues/11734) (Cache is not cleared for "no category" overview monthly blocks) reported by @JC5
+- [Issue 11735](https://github.com/firefly-iii/firefly-iii/issues/11735) (health endpoint no longer performant) reported by @grgar
+- [Discussion 11736](https://github.com/orgs/firefly-iii/discussions/11736) (Deposit from a Liability & the default financial report) started by @dratze98
+- [Issue 11738](https://github.com/firefly-iii/firefly-iii/issues/11738) (API endpoint `api/v1/batch/finish` does not work) reported by @JC5
+- [Issue 11744](https://github.com/firefly-iii/firefly-iii/issues/11744) (Webhook and rule execution for imported transactions) reported by @mleck28
+- [Issue 11752](https://github.com/firefly-iii/firefly-iii/issues/11752) (ErrorException in OperatorQuerySearch.php when using tag_starts or tag_ends operators via API) reported by @travelr
+- [Issue 11757](https://github.com/firefly-iii/firefly-iii/issues/11757) ("Remember Me" cookie expires after 1 minute) reported by @michaeljandrews
+- Invitee mail message would error out, reported over mail. Thanks!
+
+## v6.4.22
+
+This release and several previous ones fix authentication problems mainly. Cleaning up the libraries that make up Firefly III's excellent security (with me standing on the shoulders of giants) means that many edge cases that worked in the past no longer worked. Notable issues are listed below. 
+
+As far as I know it all works as it should, but feel free to open new issues when necessary. My apologies for the mess.
+
+### Fixed
+
+- Removed Laravel Sanctum as it was unused.
+- Migrated away from Laravel 10's kernel and bootstrap structure.
+- Fixed remote user guard for console and unauthenticated routes (like `/up` and `health`)
+- [Issue 11710](https://github.com/firefly-iii/firefly-iii/issues/11710) (Firefly throws error on startup and when trying to use importer) reported by @avee87
+- [Issue 11712](https://github.com/firefly-iii/firefly-iii/issues/11712) (`RemoteUserGuard` regression in v6.4.19 blocks `/health` endpoint and internal Artisan commands) reported by @Dual-0
+- [Issue 11720](https://github.com/firefly-iii/firefly-iii/issues/11720) (`RemoteUserGuard` regression from v6.4.19 (including v6.4.21) blocks `/health` endpoint) reported by @rjhenry
+
 ## v6.4.21
 
 ### Added

composer.json

@@ -65,7 +65,7 @@
         }
     ],
     "require": {
-        "php": ">=8.4",
+        "php": ">=8.5",
         "ext-bcmath": "*",
         "ext-curl": "*",
         "ext-fileinfo": "*",
@@ -90,7 +90,6 @@
         "laravel-notification-channels/pushover": "^4.0",
         "laravel/framework": "^12",
         "laravel/passport": "^12.0",
-        "laravel/sanctum": "^4.1",
         "laravel/slack-notification-channel": "^3.3",
         "laravel/ui": "^4.2",
         "league/commonmark": "^2",
@@ -128,6 +127,7 @@
         "rector/rector": "^2.0",
         "thecodingmachine/phpstan-safe-rule": "^1.4"
     },
+
     "suggest": {},
     "autoload": {
         "psr-4": {
@@ -197,7 +197,12 @@
             "php-http/discovery": true
         },
         "platform": {
-            "php": "8.4"
+            "php": "8.5"
+        },
+        "audit": {
+            "ignore": {
+                "PKSA-y2cr-5h3j-g3ys": "Keys are not generated."
+            }
         }
     }
 }

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "c4e7dd2df7bae96ea6e4df82530411b9",
+    "content-hash": "350d2b33cd703d3e5731ff7501e20d7c",
     "packages": [
         {
             "name": "bacon/bacon-qr-code",
@@ -1878,16 +1878,16 @@
         },
         {
             "name": "laravel/framework",
-            "version": "v12.51.0",
+            "version": "v12.52.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/laravel/framework.git",
-                "reference": "ce4de3feb211e47c4f959d309ccf8a2733b1bc16"
+                "reference": "d5511fa74f4608dbb99864198b1954042aa8d5a7"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/laravel/framework/zipball/ce4de3feb211e47c4f959d309ccf8a2733b1bc16",
-                "reference": "ce4de3feb211e47c4f959d309ccf8a2733b1bc16",
+                "url": "https://api.github.com/repos/laravel/framework/zipball/d5511fa74f4608dbb99864198b1954042aa8d5a7",
+                "reference": "d5511fa74f4608dbb99864198b1954042aa8d5a7",
                 "shasum": ""
             },
             "require": {
@@ -2096,7 +2096,7 @@
                 "issues": "https://github.com/laravel/framework/issues",
                 "source": "https://github.com/laravel/framework"
             },
-            "time": "2026-02-10T18:20:19+00:00"
+            "time": "2026-02-17T17:07:04+00:00"
         },
         {
             "name": "laravel/passport",
@@ -2233,69 +2233,6 @@
             },
             "time": "2026-02-06T12:17:10+00:00"
         },
-        {
-            "name": "laravel/sanctum",
-            "version": "v4.3.1",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/laravel/sanctum.git",
-                "reference": "e3b85d6e36ad00e5db2d1dcc27c81ffdf15cbf76"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/laravel/sanctum/zipball/e3b85d6e36ad00e5db2d1dcc27c81ffdf15cbf76",
-                "reference": "e3b85d6e36ad00e5db2d1dcc27c81ffdf15cbf76",
-                "shasum": ""
-            },
-            "require": {
-                "ext-json": "*",
-                "illuminate/console": "^11.0|^12.0|^13.0",
-                "illuminate/contracts": "^11.0|^12.0|^13.0",
-                "illuminate/database": "^11.0|^12.0|^13.0",
-                "illuminate/support": "^11.0|^12.0|^13.0",
-                "php": "^8.2",
-                "symfony/console": "^7.0|^8.0"
-            },
-            "require-dev": {
-                "mockery/mockery": "^1.6",
-                "orchestra/testbench": "^9.15|^10.8|^11.0",
-                "phpstan/phpstan": "^1.10"
-            },
-            "type": "library",
-            "extra": {
-                "laravel": {
-                    "providers": [
-                        "Laravel\\Sanctum\\SanctumServiceProvider"
-                    ]
-                }
-            },
-            "autoload": {
-                "psr-4": {
-                    "Laravel\\Sanctum\\": "src/"
-                }
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Taylor Otwell",
-                    "email": "taylor@laravel.com"
-                }
-            ],
-            "description": "Laravel Sanctum provides a featherweight authentication system for SPAs and simple APIs.",
-            "keywords": [
-                "auth",
-                "laravel",
-                "sanctum"
-            ],
-            "support": {
-                "issues": "https://github.com/laravel/sanctum/issues",
-                "source": "https://github.com/laravel/sanctum"
-            },
-            "time": "2026-02-07T17:19:31+00:00"
-        },
         {
             "name": "laravel/serializable-closure",
             "version": "v2.0.9",
@@ -3985,39 +3922,36 @@
         },
         {
             "name": "nunomaduro/collision",
-            "version": "v8.8.3",
+            "version": "v8.9.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/nunomaduro/collision.git",
-                "reference": "1dc9e88d105699d0fee8bb18890f41b274f6b4c4"
+                "reference": "a1ed3fa530fd60bc515f9303e8520fcb7d4bd935"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/nunomaduro/collision/zipball/1dc9e88d105699d0fee8bb18890f41b274f6b4c4",
-                "reference": "1dc9e88d105699d0fee8bb18890f41b274f6b4c4",
+                "url": "https://api.github.com/repos/nunomaduro/collision/zipball/a1ed3fa530fd60bc515f9303e8520fcb7d4bd935",
+                "reference": "a1ed3fa530fd60bc515f9303e8520fcb7d4bd935",
                 "shasum": ""
             },
             "require": {
-                "filp/whoops": "^2.18.1",
-                "nunomaduro/termwind": "^2.3.1",
+                "filp/whoops": "^2.18.4",
+                "nunomaduro/termwind": "^2.4.0",
                 "php": "^8.2.0",
-                "symfony/console": "^7.3.0"
+                "symfony/console": "^7.4.4 || ^8.0.4"
             },
             "conflict": {
-                "laravel/framework": "<11.44.2 || >=13.0.0",
-                "phpunit/phpunit": "<11.5.15 || >=13.0.0"
+                "laravel/framework": "<11.48.0 || >=14.0.0",
+                "phpunit/phpunit": "<11.5.50 || >=14.0.0"
             },
             "require-dev": {
-                "brianium/paratest": "^7.8.3",
-                "larastan/larastan": "^3.4.2",
-                "laravel/framework": "^11.44.2 || ^12.18",
-                "laravel/pint": "^1.22.1",
-                "laravel/sail": "^1.43.1",
-                "laravel/sanctum": "^4.1.1",
-                "laravel/tinker": "^2.10.1",
-                "orchestra/testbench-core": "^9.12.0 || ^10.4",
-                "pestphp/pest": "^3.8.2 || ^4.0.0",
-                "sebastian/environment": "^7.2.1 || ^8.0"
+                "brianium/paratest": "^7.8.5",
+                "larastan/larastan": "^3.9.2",
+                "laravel/framework": "^11.48.0 || ^12.52.0",
+                "laravel/pint": "^1.27.1",
+                "orchestra/testbench-core": "^9.12.0 || ^10.9.0",
+                "pestphp/pest": "^3.8.5 || ^4.4.1 || ^5.0.0",
+                "sebastian/environment": "^7.2.1 || ^8.0.3 || ^9.0.0"
             },
             "type": "library",
             "extra": {
@@ -4080,35 +4014,35 @@
                     "type": "patreon"
                 }
             ],
-            "time": "2025-11-20T02:55:25+00:00"
+            "time": "2026-02-17T17:33:08+00:00"
         },
         {
             "name": "nunomaduro/termwind",
-            "version": "v2.3.3",
+            "version": "v2.4.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/nunomaduro/termwind.git",
-                "reference": "6fb2a640ff502caace8e05fd7be3b503a7e1c017"
+                "reference": "712a31b768f5daea284c2169a7d227031001b9a8"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/nunomaduro/termwind/zipball/6fb2a640ff502caace8e05fd7be3b503a7e1c017",
-                "reference": "6fb2a640ff502caace8e05fd7be3b503a7e1c017",
+                "url": "https://api.github.com/repos/nunomaduro/termwind/zipball/712a31b768f5daea284c2169a7d227031001b9a8",
+                "reference": "712a31b768f5daea284c2169a7d227031001b9a8",
                 "shasum": ""
             },
             "require": {
                 "ext-mbstring": "*",
                 "php": "^8.2",
-                "symfony/console": "^7.3.6"
+                "symfony/console": "^7.4.4 || ^8.0.4"
             },
             "require-dev": {
-                "illuminate/console": "^11.46.1",
-                "laravel/pint": "^1.25.1",
+                "illuminate/console": "^11.47.0",
+                "laravel/pint": "^1.27.1",
                 "mockery/mockery": "^1.6.12",
-                "pestphp/pest": "^2.36.0 || ^3.8.4 || ^4.1.3",
+                "pestphp/pest": "^2.36.0 || ^3.8.4 || ^4.3.2",
                 "phpstan/phpstan": "^1.12.32",
                 "phpstan/phpstan-strict-rules": "^1.6.2",
-                "symfony/var-dumper": "^7.3.5",
+                "symfony/var-dumper": "^7.3.5 || ^8.0.4",
                 "thecodingmachine/phpstan-strict-rules": "^1.0.0"
             },
             "type": "library",
@@ -4140,7 +4074,7 @@
                     "email": "enunomaduro@gmail.com"
                 }
             ],
-            "description": "Its like Tailwind CSS, but for the console.",
+            "description": "It's like Tailwind CSS, but for the console.",
             "keywords": [
                 "cli",
                 "console",
@@ -4151,7 +4085,7 @@
             ],
             "support": {
                 "issues": "https://github.com/nunomaduro/termwind/issues",
-                "source": "https://github.com/nunomaduro/termwind/tree/v2.3.3"
+                "source": "https://github.com/nunomaduro/termwind/tree/v2.4.0"
             },
             "funding": [
                 {
@@ -4167,7 +4101,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2025-11-20T02:34:59+00:00"
+            "time": "2026-02-16T23:10:27+00:00"
         },
         {
             "name": "nyholm/psr7",
@@ -9648,16 +9582,16 @@
         },
         {
             "name": "thecodingmachine/safe",
-            "version": "v3.3.0",
+            "version": "v3.4.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/thecodingmachine/safe.git",
-                "reference": "2cdd579eeaa2e78e51c7509b50cc9fb89a956236"
+                "reference": "705683a25bacf0d4860c7dea4d7947bfd09eea19"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/thecodingmachine/safe/zipball/2cdd579eeaa2e78e51c7509b50cc9fb89a956236",
-                "reference": "2cdd579eeaa2e78e51c7509b50cc9fb89a956236",
+                "url": "https://api.github.com/repos/thecodingmachine/safe/zipball/705683a25bacf0d4860c7dea4d7947bfd09eea19",
+                "reference": "705683a25bacf0d4860c7dea4d7947bfd09eea19",
                 "shasum": ""
             },
             "require": {
@@ -9767,7 +9701,7 @@
             "description": "PHP core functions that throw exceptions instead of returning FALSE on error",
             "support": {
                 "issues": "https://github.com/thecodingmachine/safe/issues",
-                "source": "https://github.com/thecodingmachine/safe/tree/v3.3.0"
+                "source": "https://github.com/thecodingmachine/safe/tree/v3.4.0"
             },
             "funding": [
                 {
@@ -9778,12 +9712,16 @@
                     "url": "https://github.com/shish",
                     "type": "github"
                 },
+                {
+                    "url": "https://github.com/silasjoisten",
+                    "type": "github"
+                },
                 {
                     "url": "https://github.com/staabm",
                     "type": "github"
                 }
             ],
-            "time": "2025-05-14T06:15:44+00:00"
+            "time": "2026-02-04T18:08:13+00:00"
         },
         {
             "name": "tijsverkoyen/css-to-inline-styles",
@@ -10532,16 +10470,16 @@
         },
         {
             "name": "fruitcake/laravel-debugbar",
-            "version": "v4.0.8",
+            "version": "v4.0.9",
             "source": {
                 "type": "git",
                 "url": "https://github.com/fruitcake/laravel-debugbar.git",
-                "reference": "ad7a5b11c11bf7773c9acd04d0fe0d79a229b1c7"
+                "reference": "4eee2f032172fd6548028395d7a1adbd8eae2ba0"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/fruitcake/laravel-debugbar/zipball/ad7a5b11c11bf7773c9acd04d0fe0d79a229b1c7",
-                "reference": "ad7a5b11c11bf7773c9acd04d0fe0d79a229b1c7",
+                "url": "https://api.github.com/repos/fruitcake/laravel-debugbar/zipball/4eee2f032172fd6548028395d7a1adbd8eae2ba0",
+                "reference": "4eee2f032172fd6548028395d7a1adbd8eae2ba0",
                 "shasum": ""
             },
             "require": {
@@ -10618,7 +10556,7 @@
             ],
             "support": {
                 "issues": "https://github.com/fruitcake/laravel-debugbar/issues",
-                "source": "https://github.com/fruitcake/laravel-debugbar/tree/v4.0.8"
+                "source": "https://github.com/fruitcake/laravel-debugbar/tree/v4.0.9"
             },
             "funding": [
                 {
@@ -10630,7 +10568,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2026-02-14T13:26:03+00:00"
+            "time": "2026-02-17T08:14:13+00:00"
         },
         {
             "name": "hamcrest/hamcrest-php",
@@ -11916,16 +11854,16 @@
         },
         {
             "name": "phpunit/phpunit",
-            "version": "12.5.11",
+            "version": "12.5.14",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/phpunit.git",
-                "reference": "9b518cb40f9474572c9f0178e96ff3dc1cf02bf1"
+                "reference": "47283cfd98d553edcb1353591f4e255dc1bb61f0"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/9b518cb40f9474572c9f0178e96ff3dc1cf02bf1",
-                "reference": "9b518cb40f9474572c9f0178e96ff3dc1cf02bf1",
+                "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/47283cfd98d553edcb1353591f4e255dc1bb61f0",
+                "reference": "47283cfd98d553edcb1353591f4e255dc1bb61f0",
                 "shasum": ""
             },
             "require": {
@@ -11994,7 +11932,7 @@
             "support": {
                 "issues": "https://github.com/sebastianbergmann/phpunit/issues",
                 "security": "https://github.com/sebastianbergmann/phpunit/security/policy",
-                "source": "https://github.com/sebastianbergmann/phpunit/tree/12.5.11"
+                "source": "https://github.com/sebastianbergmann/phpunit/tree/12.5.14"
             },
             "funding": [
                 {
@@ -12018,20 +11956,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2026-02-10T12:32:02+00:00"
+            "time": "2026-02-18T12:38:40+00:00"
         },
         {
             "name": "rector/rector",
-            "version": "2.3.6",
+            "version": "2.3.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/rectorphp/rector.git",
-                "reference": "ca9ebb81d280cd362ea39474dabd42679e32ca6b"
+                "reference": "9c46ad17f57963932c9788fd1b0f1d07ff450370"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/rectorphp/rector/zipball/ca9ebb81d280cd362ea39474dabd42679e32ca6b",
-                "reference": "ca9ebb81d280cd362ea39474dabd42679e32ca6b",
+                "url": "https://api.github.com/repos/rectorphp/rector/zipball/9c46ad17f57963932c9788fd1b0f1d07ff450370",
+                "reference": "9c46ad17f57963932c9788fd1b0f1d07ff450370",
                 "shasum": ""
             },
             "require": {
@@ -12070,7 +12008,7 @@
             ],
             "support": {
                 "issues": "https://github.com/rectorphp/rector/issues",
-                "source": "https://github.com/rectorphp/rector/tree/2.3.6"
+                "source": "https://github.com/rectorphp/rector/tree/2.3.7"
             },
             "funding": [
                 {
@@ -12078,7 +12016,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2026-02-06T14:25:06+00:00"
+            "time": "2026-02-19T14:44:16+00:00"
         },
         {
             "name": "sebastian/cli-parser",
@@ -13202,7 +13140,7 @@
     "prefer-stable": false,
     "prefer-lowest": false,
     "platform": {
-        "php": ">=8.4",
+        "php": ">=8.5",
         "ext-bcmath": "*",
         "ext-curl": "*",
         "ext-fileinfo": "*",
@@ -13221,7 +13159,7 @@
     },
     "platform-dev": {},
     "platform-overrides": {
-        "php": "8.4"
+        "php": "8.5"
     },
     "plugin-api-version": "2.9.0"
 }

config/auth.php

@@ -64,7 +64,7 @@ return [
         'web'               => [
             'driver'   => 'session',
             'provider' => 'users',
-            'remember' => true,
+            'remember' => 364 * 24 * 60, // 364 days.
         ],
         'remote_user_guard' => [
             'driver'   => 'remote_user_guard',

config/bulk.php

@@ -25,11 +25,11 @@ declare(strict_types=1);
 use FireflyIII\Enums\ClauseType;
 
 return [
-    ClauseType::TRANSACTION => [
-        ClauseType::WHERE  => [
+    ClauseType::TRANSACTION->value => [
+        ClauseType::WHERE->value  => [
             'account_id' => 'required|numeric|belongsToUser:accounts,id',
         ],
-        ClauseType::UPDATE => [
+        ClauseType::UPDATE->value => [
             'account_id' => 'required|numeric|belongsToUser:accounts,id',
         ],
     ],

config/firefly.php

@@ -78,8 +78,8 @@ return [
         'running_balance_column' => (bool)envNonEmpty('USE_RUNNING_BALANCE', true), // this is only the default value, is not used.
         // see cer.php for exchange rates feature flag.
     ],
-    'version'                              => 'develop/2026-02-15',
-    'build_time'                           => 1771138014,
+    'version'                              => 'develop/2026-02-21',
+    'build_time'                           => 1771652199,
     'api_version'                          => '2.1.0', // field is no longer used.
     'db_version'                           => 28, // field is no longer used.
 

package-lock.json

@@ -2620,9 +2620,9 @@
             }
         },
         "node_modules/@rollup/rollup-android-arm-eabi": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.57.1.tgz",
-            "integrity": "sha512-A6ehUVSiSaaliTxai040ZpZ2zTevHYbvu/lDoeAteHI8QnaosIzm4qwtezfRg1jOYaUmnzLX1AOD6Z+UJjtifg==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.58.0.tgz",
+            "integrity": "sha512-mr0tmS/4FoVk1cnaeN244A/wjvGDNItZKR8hRhnmCzygyRXYtKF5jVDSIILR1U97CTzAYmbgIj/Dukg62ggG5w==",
             "cpu": [
                 "arm"
             ],
@@ -2634,9 +2634,9 @@
             ]
         },
         "node_modules/@rollup/rollup-android-arm64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.57.1.tgz",
-            "integrity": "sha512-dQaAddCY9YgkFHZcFNS/606Exo8vcLHwArFZ7vxXq4rigo2bb494/xKMMwRRQW6ug7Js6yXmBZhSBRuBvCCQ3w==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.58.0.tgz",
+            "integrity": "sha512-+s++dbp+/RTte62mQD9wLSbiMTV+xr/PeRJEc/sFZFSBRlHPNPVaf5FXlzAL77Mr8FtSfQqCN+I598M8U41ccQ==",
             "cpu": [
                 "arm64"
             ],
@@ -2648,9 +2648,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-arm64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.57.1.tgz",
-            "integrity": "sha512-crNPrwJOrRxagUYeMn/DZwqN88SDmwaJ8Cvi/TN1HnWBU7GwknckyosC2gd0IqYRsHDEnXf328o9/HC6OkPgOg==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.58.0.tgz",
+            "integrity": "sha512-MFWBwTcYs0jZbINQBXHfSrpSQJq3IUOakcKPzfeSznONop14Pxuqa0Kg19GD0rNBMPQI2tFtu3UzapZpH0Uc1Q==",
             "cpu": [
                 "arm64"
             ],
@@ -2662,9 +2662,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-x64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.57.1.tgz",
-            "integrity": "sha512-Ji8g8ChVbKrhFtig5QBV7iMaJrGtpHelkB3lsaKzadFBe58gmjfGXAOfI5FV0lYMH8wiqsxKQ1C9B0YTRXVy4w==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.58.0.tgz",
+            "integrity": "sha512-yiKJY7pj9c9JwzuKYLFaDZw5gma3fI9bkPEIyofvVfsPqjCWPglSHdpdwXpKGvDeYDms3Qal8qGMEHZ1M/4Udg==",
             "cpu": [
                 "x64"
             ],
@@ -2676,9 +2676,9 @@
             ]
         },
         "node_modules/@rollup/rollup-freebsd-arm64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.57.1.tgz",
-            "integrity": "sha512-R+/WwhsjmwodAcz65guCGFRkMb4gKWTcIeLy60JJQbXrJ97BOXHxnkPFrP+YwFlaS0m+uWJTstrUA9o+UchFug==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.58.0.tgz",
+            "integrity": "sha512-x97kCoBh5MOevpn/CNK9W1x8BEzO238541BGWBc315uOlN0AD/ifZ1msg+ZQB05Ux+VF6EcYqpiagfLJ8U3LvQ==",
             "cpu": [
                 "arm64"
             ],
@@ -2690,9 +2690,9 @@
             ]
         },
         "node_modules/@rollup/rollup-freebsd-x64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.57.1.tgz",
-            "integrity": "sha512-IEQTCHeiTOnAUC3IDQdzRAGj3jOAYNr9kBguI7MQAAZK3caezRrg0GxAb6Hchg4lxdZEI5Oq3iov/w/hnFWY9Q==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.58.0.tgz",
+            "integrity": "sha512-Aa8jPoZ6IQAG2eIrcXPpjRcMjROMFxCt1UYPZZtCxRV68WkuSigYtQ/7Zwrcr2IvtNJo7T2JfDXyMLxq5L4Jlg==",
             "cpu": [
                 "x64"
             ],
@@ -2704,9 +2704,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.57.1.tgz",
-            "integrity": "sha512-F8sWbhZ7tyuEfsmOxwc2giKDQzN3+kuBLPwwZGyVkLlKGdV1nvnNwYD0fKQ8+XS6hp9nY7B+ZeK01EBUE7aHaw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.58.0.tgz",
+            "integrity": "sha512-Ob8YgT5kD/lSIYW2Rcngs5kNB/44Q2RzBSPz9brf2WEtcGR7/f/E9HeHn1wYaAwKBni+bdXEwgHvUd0x12lQSA==",
             "cpu": [
                 "arm"
             ],
@@ -2718,9 +2718,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.57.1.tgz",
-            "integrity": "sha512-rGfNUfn0GIeXtBP1wL5MnzSj98+PZe/AXaGBCRmT0ts80lU5CATYGxXukeTX39XBKsxzFpEeK+Mrp9faXOlmrw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.58.0.tgz",
+            "integrity": "sha512-K+RI5oP1ceqoadvNt1FecL17Qtw/n9BgRSzxif3rTL2QlIu88ccvY+Y9nnHe/cmT5zbH9+bpiJuG1mGHRVwF4Q==",
             "cpu": [
                 "arm"
             ],
@@ -2732,9 +2732,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.57.1.tgz",
-            "integrity": "sha512-MMtej3YHWeg/0klK2Qodf3yrNzz6CGjo2UntLvk2RSPlhzgLvYEB3frRvbEF2wRKh1Z2fDIg9KRPe1fawv7C+g==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.58.0.tgz",
+            "integrity": "sha512-T+17JAsCKUjmbopcKepJjHWHXSjeW7O5PL7lEFaeQmiVyw4kkc5/lyYKzrv6ElWRX/MrEWfPiJWqbTvfIvjM1Q==",
             "cpu": [
                 "arm64"
             ],
@@ -2746,9 +2746,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-musl": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.57.1.tgz",
-            "integrity": "sha512-1a/qhaaOXhqXGpMFMET9VqwZakkljWHLmZOX48R0I/YLbhdxr1m4gtG1Hq7++VhVUmf+L3sTAf9op4JlhQ5u1Q==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.58.0.tgz",
+            "integrity": "sha512-cCePktb9+6R9itIJdeCFF9txPU7pQeEHB5AbHu/MKsfH/k70ZtOeq1k4YAtBv9Z7mmKI5/wOLYjQ+B9QdxR6LA==",
             "cpu": [
                 "arm64"
             ],
@@ -2760,9 +2760,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-loong64-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.57.1.tgz",
-            "integrity": "sha512-QWO6RQTZ/cqYtJMtxhkRkidoNGXc7ERPbZN7dVW5SdURuLeVU7lwKMpo18XdcmpWYd0qsP1bwKPf7DNSUinhvA==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.58.0.tgz",
+            "integrity": "sha512-iekUaLkfliAsDl4/xSdoCJ1gnnIXvoNz85C8U8+ZxknM5pBStfZjeXgB8lXobDQvvPRCN8FPmmuTtH+z95HTmg==",
             "cpu": [
                 "loong64"
             ],
@@ -2774,9 +2774,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-loong64-musl": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.57.1.tgz",
-            "integrity": "sha512-xpObYIf+8gprgWaPP32xiN5RVTi/s5FCR+XMXSKmhfoJjrpRAjCuuqQXyxUa/eJTdAE6eJ+KDKaoEqjZQxh3Gw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.58.0.tgz",
+            "integrity": "sha512-68ofRgJNl/jYJbxFjCKE7IwhbfxOl1muPN4KbIqAIe32lm22KmU7E8OPvyy68HTNkI2iV/c8y2kSPSm2mW/Q9Q==",
             "cpu": [
                 "loong64"
             ],
@@ -2788,9 +2788,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-ppc64-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.57.1.tgz",
-            "integrity": "sha512-4BrCgrpZo4hvzMDKRqEaW1zeecScDCR+2nZ86ATLhAoJ5FQ+lbHVD3ttKe74/c7tNT9c6F2viwB3ufwp01Oh2w==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.58.0.tgz",
+            "integrity": "sha512-dpz8vT0i+JqUKuSNPCP5SYyIV2Lh0sNL1+FhM7eLC457d5B9/BC3kDPp5BBftMmTNsBarcPcoz5UGSsnCiw4XQ==",
             "cpu": [
                 "ppc64"
             ],
@@ -2802,9 +2802,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-ppc64-musl": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.57.1.tgz",
-            "integrity": "sha512-NOlUuzesGauESAyEYFSe3QTUguL+lvrN1HtwEEsU2rOwdUDeTMJdO5dUYl/2hKf9jWydJrO9OL/XSSf65R5+Xw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.58.0.tgz",
+            "integrity": "sha512-4gdkkf9UJ7tafnweBCR/mk4jf3Jfl0cKX9Np80t5i78kjIH0ZdezUv/JDI2VtruE5lunfACqftJ8dIMGN4oHew==",
             "cpu": [
                 "ppc64"
             ],
@@ -2816,9 +2816,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.57.1.tgz",
-            "integrity": "sha512-ptA88htVp0AwUUqhVghwDIKlvJMD/fmL/wrQj99PRHFRAG6Z5nbWoWG4o81Nt9FT+IuqUQi+L31ZKAFeJ5Is+A==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.58.0.tgz",
+            "integrity": "sha512-YFS4vPnOkDTD/JriUeeZurFYoJhPf9GQQEF/v4lltp3mVcBmnsAdjEWhr2cjUCZzZNzxCG0HZOvJU44UGHSdzw==",
             "cpu": [
                 "riscv64"
             ],
@@ -2830,9 +2830,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-musl": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.57.1.tgz",
-            "integrity": "sha512-S51t7aMMTNdmAMPpBg7OOsTdn4tySRQvklmL3RpDRyknk87+Sp3xaumlatU+ppQ+5raY7sSTcC2beGgvhENfuw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.58.0.tgz",
+            "integrity": "sha512-x2xgZlFne+QVNKV8b4wwaCS8pwq3y14zedZ5DqLzjdRITvreBk//4Knbcvm7+lWmms9V9qFp60MtUd0/t/PXPw==",
             "cpu": [
                 "riscv64"
             ],
@@ -2844,9 +2844,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-s390x-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.57.1.tgz",
-            "integrity": "sha512-Bl00OFnVFkL82FHbEqy3k5CUCKH6OEJL54KCyx2oqsmZnFTR8IoNqBF+mjQVcRCT5sB6yOvK8A37LNm/kPJiZg==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.58.0.tgz",
+            "integrity": "sha512-jIhrujyn4UnWF8S+DHSkAkDEO3hLX0cjzxJZPLF80xFyzyUIYgSMRcYQ3+uqEoyDD2beGq7Dj7edi8OnJcS/hg==",
             "cpu": [
                 "s390x"
             ],
@@ -2858,9 +2858,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.57.1.tgz",
-            "integrity": "sha512-ABca4ceT4N+Tv/GtotnWAeXZUZuM/9AQyCyKYyKnpk4yoA7QIAuBt6Hkgpw8kActYlew2mvckXkvx0FfoInnLg==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.58.0.tgz",
+            "integrity": "sha512-+410Srdoh78MKSJxTQ+hZ/Mx+ajd6RjjPwBPNd0R3J9FtL6ZA0GqiiyNjCO9In0IzZkCNrpGymSfn+kgyPQocg==",
             "cpu": [
                 "x64"
             ],
@@ -2872,9 +2872,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-musl": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.57.1.tgz",
-            "integrity": "sha512-HFps0JeGtuOR2convgRRkHCekD7j+gdAuXM+/i6kGzQtFhlCtQkpwtNzkNj6QhCDp7DRJ7+qC/1Vg2jt5iSOFw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.58.0.tgz",
+            "integrity": "sha512-ZjMyby5SICi227y1MTR3VYBpFTdZs823Rs/hpakufleBoufoOIB6jtm9FEoxn/cgO7l6PM2rCEl5Kre5vX0QrQ==",
             "cpu": [
                 "x64"
             ],
@@ -2886,9 +2886,9 @@
             ]
         },
         "node_modules/@rollup/rollup-openbsd-x64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.57.1.tgz",
-            "integrity": "sha512-H+hXEv9gdVQuDTgnqD+SQffoWoc0Of59AStSzTEj/feWTBAnSfSD3+Dql1ZruJQxmykT/JVY0dE8Ka7z0DH1hw==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.58.0.tgz",
+            "integrity": "sha512-ds4iwfYkSQ0k1nb8LTcyXw//ToHOnNTJtceySpL3fa7tc/AsE+UpUFphW126A6fKBGJD5dhRvg8zw1rvoGFxmw==",
             "cpu": [
                 "x64"
             ],
@@ -2900,9 +2900,9 @@
             ]
         },
         "node_modules/@rollup/rollup-openharmony-arm64": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.57.1.tgz",
-            "integrity": "sha512-4wYoDpNg6o/oPximyc/NG+mYUejZrCU2q+2w6YZqrAs2UcNUChIZXjtafAiiZSUc7On8v5NyNj34Kzj/Ltk6dQ==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.58.0.tgz",
+            "integrity": "sha512-fd/zpJniln4ICdPkjWFhZYeY/bpnaN9pGa6ko+5WD38I0tTqk9lXMgXZg09MNdhpARngmxiCg0B0XUamNw/5BQ==",
             "cpu": [
                 "arm64"
             ],
@@ -2914,9 +2914,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-arm64-msvc": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.57.1.tgz",
-            "integrity": "sha512-O54mtsV/6LW3P8qdTcamQmuC990HDfR71lo44oZMZlXU4tzLrbvTii87Ni9opq60ds0YzuAlEr/GNwuNluZyMQ==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.58.0.tgz",
+            "integrity": "sha512-YpG8dUOip7DCz3nr/JUfPbIUo+2d/dy++5bFzgi4ugOGBIox+qMbbqt/JoORwvI/C9Kn2tz6+Bieoqd5+B1CjA==",
             "cpu": [
                 "arm64"
             ],
@@ -2928,9 +2928,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-ia32-msvc": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.57.1.tgz",
-            "integrity": "sha512-P3dLS+IerxCT/7D2q2FYcRdWRl22dNbrbBEtxdWhXrfIMPP9lQhb5h4Du04mdl5Woq05jVCDPCMF7Ub0NAjIew==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.58.0.tgz",
+            "integrity": "sha512-b9DI8jpFQVh4hIXFr0/+N/TzLdpBIoPzjt0Rt4xJbW3mzguV3mduR9cNgiuFcuL/TeORejJhCWiAXe3E/6PxWA==",
             "cpu": [
                 "ia32"
             ],
@@ -2942,9 +2942,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-gnu": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.57.1.tgz",
-            "integrity": "sha512-VMBH2eOOaKGtIJYleXsi2B8CPVADrh+TyNxJ4mWPnKfLB/DBUmzW+5m1xUrcwWoMfSLagIRpjUFeW5CO5hyciQ==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.58.0.tgz",
+            "integrity": "sha512-CSrVpmoRJFN06LL9xhkitkwUcTZtIotYAF5p6XOR2zW0Zz5mzb3IPpcoPhB02frzMHFNo1reQ9xSF5fFm3hUsQ==",
             "cpu": [
                 "x64"
             ],
@@ -2956,9 +2956,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-msvc": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.57.1.tgz",
-            "integrity": "sha512-mxRFDdHIWRxg3UfIIAwCm6NzvxG0jDX/wBN6KsQFTvKFqqg9vTrWUE68qEjHt19A5wwx5X5aUi2zuZT7YR0jrA==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.58.0.tgz",
+            "integrity": "sha512-QFsBgQNTnh5K0t/sBsjJLq24YVqEIVkGpfN2VHsnN90soZyhaiA9UUHufcctVNL4ypJY0wrwad0wslx2KJQ1/w==",
             "cpu": [
                 "x64"
             ],
@@ -3246,13 +3246,13 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "25.2.3",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.2.3.tgz",
-            "integrity": "sha512-m0jEgYlYz+mDJZ2+F4v8D1AyQb+QzsNqRuI7xg1VQX/KlKS0qT9r1Mo16yo5F/MtifXFgaofIFsdFMox2SxIbQ==",
+            "version": "25.3.0",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-25.3.0.tgz",
+            "integrity": "sha512-4K3bqJpXpqfg2XKGK9bpDTc6xO/xoUP/RBWS7AtRMug6zZFaRekiLzjVtAoZMquxoAbzBvy5nxQ7veS5eYzf8A==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "undici-types": "~7.16.0"
+                "undici-types": "~7.18.0"
             }
         },
         "node_modules/@types/node-forge": {
@@ -3747,9 +3747,9 @@
             }
         },
         "node_modules/acorn": {
-            "version": "8.15.0",
-            "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
-            "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
+            "version": "8.16.0",
+            "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.16.0.tgz",
+            "integrity": "sha512-UVJyE9MttOsBQIDKw1skb9nAwQuR5wuGD3+82K6JgJlm/Y+KI92oNsMNGZCYdDsVtRHSak0pcV5Dno5+4jh9sw==",
             "dev": true,
             "license": "MIT",
             "bin": {
@@ -3779,9 +3779,9 @@
             "license": "MIT"
         },
         "node_modules/ajv": {
-            "version": "6.12.6",
-            "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-            "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+            "version": "6.14.0",
+            "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+            "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -3938,9 +3938,9 @@
             }
         },
         "node_modules/asn1.js/node_modules/bn.js": {
-            "version": "4.12.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-            "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+            "version": "4.12.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+            "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
             "dev": true,
             "license": "MIT"
         },
@@ -4145,13 +4145,16 @@
             "license": "MIT"
         },
         "node_modules/baseline-browser-mapping": {
-            "version": "2.9.19",
-            "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.19.tgz",
-            "integrity": "sha512-ipDqC8FrAl/76p2SSWKSI+H9tFwm7vYqXQrItCuiVPt26Km0jS+NzSsBWAaBusvSbQcfJG+JitdMm+wZAgTYqg==",
+            "version": "2.10.0",
+            "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.10.0.tgz",
+            "integrity": "sha512-lIyg0szRfYbiy67j9KN8IyeD7q7hcmqnJ1ddWmNt19ItGpNN64mnllmxUNFIOdOm6by97jlL6wfpTTJrmnjWAA==",
             "dev": true,
             "license": "Apache-2.0",
             "bin": {
-                "baseline-browser-mapping": "dist/cli.js"
+                "baseline-browser-mapping": "dist/cli.cjs"
+            },
+            "engines": {
+                "node": ">=6.0.0"
             }
         },
         "node_modules/batch": {
@@ -4192,9 +4195,9 @@
             "license": "MIT"
         },
         "node_modules/bn.js": {
-            "version": "5.2.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.2.tgz",
-            "integrity": "sha512-v2YAxEmKaBLahNwE1mjp4WON6huMNeuDvagFZW+ASCuA/ku0bXR9hSMw0XpiqMoA3+rmnyck/tPRSFQkoC9Cuw==",
+            "version": "5.2.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.3.tgz",
+            "integrity": "sha512-EAcmnPkxpntVL+DS7bO1zhcZNvCkxqtkd0ZY53h06GNQ3DEkkGZ/gKgmDv6DdZQGj9BgfSPKtJJ7Dp1GPP8f7w==",
             "dev": true,
             "license": "MIT"
         },
@@ -4240,6 +4243,22 @@
             "dev": true,
             "license": "MIT"
         },
+        "node_modules/body-parser/node_modules/qs": {
+            "version": "6.14.2",
+            "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
+            "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
+            "dev": true,
+            "license": "BSD-3-Clause",
+            "dependencies": {
+                "side-channel": "^1.1.0"
+            },
+            "engines": {
+                "node": ">=0.6"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/ljharb"
+            }
+        },
         "node_modules/bonjour-service": {
             "version": "1.3.0",
             "resolved": "https://registry.npmjs.org/bonjour-service/-/bonjour-service-1.3.0.tgz",
@@ -5078,9 +5097,9 @@
             }
         },
         "node_modules/create-ecdh/node_modules/bn.js": {
-            "version": "4.12.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-            "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+            "version": "4.12.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+            "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
             "dev": true,
             "license": "MIT"
         },
@@ -5205,9 +5224,9 @@
             }
         },
         "node_modules/css-loader": {
-            "version": "7.1.3",
-            "resolved": "https://registry.npmjs.org/css-loader/-/css-loader-7.1.3.tgz",
-            "integrity": "sha512-frbERmjT0UC5lMheWpJmMilnt9GEhbZJN/heUb7/zaJYeIzj5St9HvDcfshzzOqbsS+rYpMk++2SD3vGETDSyA==",
+            "version": "7.1.4",
+            "resolved": "https://registry.npmjs.org/css-loader/-/css-loader-7.1.4.tgz",
+            "integrity": "sha512-vv3J9tlOl04WjiMvHQI/9tmIrCxVrj6PFbHemBB1iihpeRbi/I4h033eoFIhwxBBqLhI0KYFS7yvynBFhIZfTw==",
             "dev": true,
             "license": "MIT",
             "peer": true,
@@ -5229,7 +5248,7 @@
                 "url": "https://opencollective.com/webpack"
             },
             "peerDependencies": {
-                "@rspack/core": "0.x || 1.x",
+                "@rspack/core": "0.x || ^1.0.0 || ^2.0.0-0",
                 "webpack": "^5.27.0"
             },
             "peerDependenciesMeta": {
@@ -5589,9 +5608,9 @@
             }
         },
         "node_modules/diffie-hellman/node_modules/bn.js": {
-            "version": "4.12.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-            "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+            "version": "4.12.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+            "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
             "dev": true,
             "license": "MIT"
         },
@@ -5783,9 +5802,9 @@
             "license": "MIT"
         },
         "node_modules/electron-to-chromium": {
-            "version": "1.5.286",
-            "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.286.tgz",
-            "integrity": "sha512-9tfDXhJ4RKFNerfjdCcZfufu49vg620741MNs26a9+bhLThdB+plgMeou98CAaHu/WATj2iHOOHTp1hWtABj2A==",
+            "version": "1.5.302",
+            "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.302.tgz",
+            "integrity": "sha512-sM6HAN2LyK82IyPBpznDRqlTQAtuSaO+ShzFiWTvoMJLHyZ+Y39r8VMfHzwbU8MVBzQ4Wdn85+wlZl2TLGIlwg==",
             "dev": true,
             "license": "ISC"
         },
@@ -5806,9 +5825,9 @@
             }
         },
         "node_modules/elliptic/node_modules/bn.js": {
-            "version": "4.12.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-            "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+            "version": "4.12.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+            "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
             "dev": true,
             "license": "MIT"
         },
@@ -6191,6 +6210,22 @@
             "dev": true,
             "license": "MIT"
         },
+        "node_modules/express/node_modules/qs": {
+            "version": "6.14.2",
+            "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
+            "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
+            "dev": true,
+            "license": "BSD-3-Clause",
+            "dependencies": {
+                "side-channel": "^1.1.0"
+            },
+            "engines": {
+                "node": ">=0.6"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/ljharb"
+            }
+        },
         "node_modules/fast-deep-equal": {
             "version": "3.1.3",
             "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
@@ -7118,9 +7153,9 @@
             }
         },
         "node_modules/i18next": {
-            "version": "25.8.7",
-            "resolved": "https://registry.npmjs.org/i18next/-/i18next-25.8.7.tgz",
-            "integrity": "sha512-ttxxc5+67S/0hhoeVdEgc1lRklZhdfcUSEPp1//uUG2NB88X3667gRsDar+ZWQFdysnOsnb32bcoMsa4mtzhkQ==",
+            "version": "25.8.13",
+            "resolved": "https://registry.npmjs.org/i18next/-/i18next-25.8.13.tgz",
+            "integrity": "sha512-E0vzjBY1yM+nsFrtgkjLhST2NBkirkvOVoQa0MSldhsuZ3jUge7ZNpuwG0Cfc74zwo5ZwRzg3uOgT+McBn32iA==",
             "funding": [
                 {
                     "type": "individual",
@@ -7888,9 +7923,9 @@
             }
         },
         "node_modules/launch-editor": {
-            "version": "2.12.0",
-            "resolved": "https://registry.npmjs.org/launch-editor/-/launch-editor-2.12.0.tgz",
-            "integrity": "sha512-giOHXoOtifjdHqUamwKq6c49GzBdLjvxrd2D+Q4V6uOHopJv7p9VJxikDsQ/CBXZbEITgUqSVHXLTG3VhPP1Dg==",
+            "version": "2.13.0",
+            "resolved": "https://registry.npmjs.org/launch-editor/-/launch-editor-2.13.0.tgz",
+            "integrity": "sha512-u+9asUHMJ99lA15VRMXw5XKfySFR9dGXwgsgS14YTbUq3GITP58mIM32At90P5fZ+MUId5Yw+IwI/yKub7jnCQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -8185,9 +8220,9 @@
             }
         },
         "node_modules/miller-rabin/node_modules/bn.js": {
-            "version": "4.12.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-            "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+            "version": "4.12.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+            "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
             "dev": true,
             "license": "MIT"
         },
@@ -9703,9 +9738,9 @@
             }
         },
         "node_modules/public-encrypt/node_modules/bn.js": {
-            "version": "4.12.2",
-            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.2.tgz",
-            "integrity": "sha512-n4DSx829VRTRByMRGdjQ9iqsN0Bh4OolPsFnaZBLcbi8iXcB+kJ9s7EnRt4wILZNV3kPLHkRVfOc/HvhC3ovDw==",
+            "version": "4.12.3",
+            "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.12.3.tgz",
+            "integrity": "sha512-fGTi3gxV/23FTYdAoUtLYp6qySe2KE3teyZitipKNRuVYcBkoP/bB3guXN/XVKUe9mxCHXnc9C4ocyz8OmgN0g==",
             "dev": true,
             "license": "MIT"
         },
@@ -9717,9 +9752,9 @@
             "license": "MIT"
         },
         "node_modules/qs": {
-            "version": "6.14.2",
-            "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz",
-            "integrity": "sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
+            "version": "6.15.0",
+            "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.0.tgz",
+            "integrity": "sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==",
             "dev": true,
             "license": "BSD-3-Clause",
             "dependencies": {
@@ -10103,9 +10138,9 @@
             }
         },
         "node_modules/rollup": {
-            "version": "4.57.1",
-            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.57.1.tgz",
-            "integrity": "sha512-oQL6lgK3e2QZeQ7gcgIkS2YZPg5slw37hYufJ3edKlfQSGGm8ICoxswK15ntSzF/a8+h7ekRy7k7oWc3BQ7y8A==",
+            "version": "4.58.0",
+            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.58.0.tgz",
+            "integrity": "sha512-wbT0mBmWbIvvq8NeEYWWvevvxnOyhKChir47S66WCxw1SXqhw7ssIYejnQEVt7XYQpsj2y8F9PM+Cr3SNEa0gw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -10119,31 +10154,31 @@
                 "npm": ">=8.0.0"
             },
             "optionalDependencies": {
-                "@rollup/rollup-android-arm-eabi": "4.57.1",
-                "@rollup/rollup-android-arm64": "4.57.1",
-                "@rollup/rollup-darwin-arm64": "4.57.1",
-                "@rollup/rollup-darwin-x64": "4.57.1",
-                "@rollup/rollup-freebsd-arm64": "4.57.1",
-                "@rollup/rollup-freebsd-x64": "4.57.1",
-                "@rollup/rollup-linux-arm-gnueabihf": "4.57.1",
-                "@rollup/rollup-linux-arm-musleabihf": "4.57.1",
-                "@rollup/rollup-linux-arm64-gnu": "4.57.1",
-                "@rollup/rollup-linux-arm64-musl": "4.57.1",
-                "@rollup/rollup-linux-loong64-gnu": "4.57.1",
-                "@rollup/rollup-linux-loong64-musl": "4.57.1",
-                "@rollup/rollup-linux-ppc64-gnu": "4.57.1",
-                "@rollup/rollup-linux-ppc64-musl": "4.57.1",
-                "@rollup/rollup-linux-riscv64-gnu": "4.57.1",
-                "@rollup/rollup-linux-riscv64-musl": "4.57.1",
-                "@rollup/rollup-linux-s390x-gnu": "4.57.1",
-                "@rollup/rollup-linux-x64-gnu": "4.57.1",
-                "@rollup/rollup-linux-x64-musl": "4.57.1",
-                "@rollup/rollup-openbsd-x64": "4.57.1",
-                "@rollup/rollup-openharmony-arm64": "4.57.1",
-                "@rollup/rollup-win32-arm64-msvc": "4.57.1",
-                "@rollup/rollup-win32-ia32-msvc": "4.57.1",
-                "@rollup/rollup-win32-x64-gnu": "4.57.1",
-                "@rollup/rollup-win32-x64-msvc": "4.57.1",
+                "@rollup/rollup-android-arm-eabi": "4.58.0",
+                "@rollup/rollup-android-arm64": "4.58.0",
+                "@rollup/rollup-darwin-arm64": "4.58.0",
+                "@rollup/rollup-darwin-x64": "4.58.0",
+                "@rollup/rollup-freebsd-arm64": "4.58.0",
+                "@rollup/rollup-freebsd-x64": "4.58.0",
+                "@rollup/rollup-linux-arm-gnueabihf": "4.58.0",
+                "@rollup/rollup-linux-arm-musleabihf": "4.58.0",
+                "@rollup/rollup-linux-arm64-gnu": "4.58.0",
+                "@rollup/rollup-linux-arm64-musl": "4.58.0",
+                "@rollup/rollup-linux-loong64-gnu": "4.58.0",
+                "@rollup/rollup-linux-loong64-musl": "4.58.0",
+                "@rollup/rollup-linux-ppc64-gnu": "4.58.0",
+                "@rollup/rollup-linux-ppc64-musl": "4.58.0",
+                "@rollup/rollup-linux-riscv64-gnu": "4.58.0",
+                "@rollup/rollup-linux-riscv64-musl": "4.58.0",
+                "@rollup/rollup-linux-s390x-gnu": "4.58.0",
+                "@rollup/rollup-linux-x64-gnu": "4.58.0",
+                "@rollup/rollup-linux-x64-musl": "4.58.0",
+                "@rollup/rollup-openbsd-x64": "4.58.0",
+                "@rollup/rollup-openharmony-arm64": "4.58.0",
+                "@rollup/rollup-win32-arm64-msvc": "4.58.0",
+                "@rollup/rollup-win32-ia32-msvc": "4.58.0",
+                "@rollup/rollup-win32-x64-gnu": "4.58.0",
+                "@rollup/rollup-win32-x64-msvc": "4.58.0",
                 "fsevents": "~2.3.2"
             }
         },
@@ -11282,9 +11317,9 @@
             }
         },
         "node_modules/undici-types": {
-            "version": "7.16.0",
-            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz",
-            "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==",
+            "version": "7.18.2",
+            "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+            "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
             "dev": true,
             "license": "MIT"
         },
@@ -12216,9 +12251,9 @@
             }
         },
         "node_modules/webpack/node_modules/webpack-sources": {
-            "version": "3.3.3",
-            "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.3.3.tgz",
-            "integrity": "sha512-yd1RBzSGanHkitROoPFd6qsrxt+oFhg/129YzheDGqeustzX0vTZJZsSsQjVQC4yzBQ56K55XU8gaNCtIzOnTg==",
+            "version": "3.3.4",
+            "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.3.4.tgz",
+            "integrity": "sha512-7tP1PdV4vF+lYPnkMR0jMY5/la2ub5Fc/8VQrrU+lXkiM6C4TjVfGw7iKfyhnTQOsD+6Q/iKw0eFciziRgD58Q==",
             "dev": true,
             "license": "MIT",
             "engines": {

releases.md

@@ -16,7 +16,10 @@ The different alpha and beta builds will be compiled from their corresponding ta
 ### Minor Release Support Matrix
 | Version                          | Supported          |
 |----------------------------------|--------------------|
-| Firefly III v6.2.x               | :white_check_mark: |
+| Firefly III v6.5.x               | :white_check_mark: |
+| Firefly III v6.4.x               | :x:                |
+| Firefly III v6.3.x               | :x:                |
+| Firefly III v6.2.x               | :x:                |
 | Firefly III v6.1.x               | :x:                |
 | Firefly III v6.0.x               | :x:                |
 | Firefly III v5.8.x               | :x:                |

resources/lang/en_US/firefly.php

@@ -331,6 +331,7 @@ return [
     'update_newer_version_alert'                          => 'You are running :your_version, which is newer than the latest release, :new_version.',
     'update_check_error'                                  => 'An error occurred while checking for updates: :error',
     'unknown_error'                                       => 'Unknown error. Sorry about that.',
+    'no_new_release_available'                            => 'There is no newer release available. You are up to date.',
     'disabled_but_check'                                  => 'You disabled update checking. So don\'t forget to check for updates yourself every now and then. Thank you!',
     'admin_update_channel_title'                          => 'Update channel',
     'admin_update_channel_explain'                        => 'Firefly III has three update "channels" which determine how ahead of the curve you are in terms of features, enhancements and bugs. Use the "beta" channel if you\'re adventurous and the "alpha" when you like to live life dangerously.',

routes/api-noauth.php

@@ -1,39 +0,0 @@
-<?php
-
-/*
- * api-noauth.php
- * Copyright (c) 2021 james@firefly-iii.org
- *
- * This file is part of Firefly III (https://github.com/firefly-iii).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- */
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\Route;
-// Cron job API routes:
-use FireflyIII\Http\Middleware\AcceptHeaders;
-
-Route::group(
-    [
-        'namespace'  => 'FireflyIII\Api\V1\Controllers\System',
-        'prefix'     => '',
-        'as'         => 'api.v1.cron.',
-        'middleware' => [AcceptHeaders::class],
-    ],
-    static function (): void {
-        Route::get('{cliToken}', ['uses' => 'CronController@cron', 'as' => 'index']);
-    }
-);

routes/api.php

@@ -21,6 +21,9 @@
  */
 
 declare(strict_types=1);
+
+use FireflyIII\Http\Middleware\AcceptHeaders;
+use FireflyIII\Http\Middleware\Binder;
 use Illuminate\Support\Facades\Route;
 
 use function Safe\define;
@@ -38,6 +41,19 @@ if (!defined('DATEFORMAT')) {
     define('DATEFORMAT', '(19|20)[0-9]{2}-?[0-9]{2}-?[0-9]{2}');
 }
 
+// API route for cron
+Route::group(
+    [
+        'namespace'  => 'FireflyIII\Api\V1\Controllers\System',
+        'prefix'     => 'v1',
+        'as'         => 'api.v1.cron.',
+        'middleware' => [Binder::class, AcceptHeaders::class],
+    ],
+    static function (): void {
+        Route::get('cron/{cliToken}', ['uses' => 'CronController@cron', 'as' => 'index'])->withoutMiddleware(['api']);
+    }
+);
+
 // Autocomplete controllers
 Route::group(
     [
@@ -716,7 +732,6 @@ Route::group(
 // Users API routes:
 Route::group(
     [
-        'middleware' => ['auth:api,sanctum', 'bindings'],
         'namespace'  => 'FireflyIII\Api\V1\Controllers\System',
         'prefix'     => 'v1/users',
         'as'         => 'api.v1.users.',
@@ -733,7 +748,6 @@ Route::group(
 // Batch API routes:
 Route::group(
     [
-        'middleware' => ['auth:api,sanctum', 'bindings'],
         'namespace'  => 'FireflyIII\Api\V1\Controllers\System',
         'prefix'     => 'v1/batch',
         'as'         => 'api.v1.batch.',

routes/web.php

@@ -73,24 +73,23 @@ Route::group(
     }
 );
 
-Route::group(
-    ['middleware' => 'binders-only', 'namespace' => 'FireflyIII\Http\Controllers\System', 'as' => 'cron.', 'prefix' => 'cron'],
-    static function (): void {
-        Route::get('run/{cliToken}', ['uses' => 'CronController@cron', 'as' => 'cron']);
-    }
-);
+// Route::group(
+//    ['middleware' => 'binders-only', 'namespace' => 'FireflyIII\Http\Controllers\System', 'as' => 'cron.', 'prefix' => 'cron'],
+//    static function (): void {
+//        Route::get('run/{cliToken}', ['uses' => 'CronController@cron', 'as' => 'cron']);
+//    }
+// );
 
 Route::group(
-    ['middleware' => 'binders-only', 'namespace' => 'FireflyIII\Http\Controllers\System'],
+    ['namespace' => 'FireflyIII\Http\Controllers\System'],
     static function (): void {
-        // Route::get('offline', static fn () => view('errors.offline'));
-        // Route::get('health', ['uses' => 'HealthcheckController@check', 'as' => 'healthcheck']);
+        Route::get('health', ['uses' => 'HealthcheckController@check', 'as' => 'healthcheck'])->withoutMiddleware(['web']);
     }
 );
 
 // These routes only work when the user is NOT logged in.
 Route::group(
-    ['middleware' => 'user-not-logged-in', 'namespace' => 'FireflyIII\Http\Controllers'],
+    ['middleware' => ['user-not-logged-in'], 'namespace' => 'FireflyIII\Http\Controllers'],
     static function (): void {
         // Authentication Routes...
         Route::get('login', ['uses' => 'Auth\LoginController@showLoginForm', 'as' => 'login']);
@@ -128,7 +127,7 @@ Route::group(
 
 // For the two factor routes, the user must be logged in, but NOT 2FA. Account confirmation does not matter here.
 Route::group(
-    ['middleware' => 'user-logged-in-no-2fa', 'prefix' => 'two-factor', 'as' => 'two-factor.', 'namespace' => 'FireflyIII\Http\Controllers\Auth'],
+    ['middleware' => 'user-simple-auth', 'prefix' => 'two-factor', 'as' => 'two-factor.', 'namespace' => 'FireflyIII\Http\Controllers\Auth'],
     static function (): void {
         Route::post('submit', ['uses' => 'TwoFactorController@submitMFA', 'as' => 'submit']);
         Route::get('lost', ['uses' => 'TwoFactorController@lostTwoFactor', 'as' => 'lost']); // can be removed when v2 is live.