N°8760 - fix setup/cleanup audit on legacy 1.x packages without any

installation.xml

.doc/developers.md

@@ -0,0 +1,9 @@
+# Developers
+
+## PHP Code Styles
+We use `PHP CS Fixer` to ensure code formating consistency across PHP codebase.
+You can find the configuration and instructions to run it [here](../tests/php-code-style/README.md).
+
+## PHP Static Analysis
+We use `PHPStan` to ensure code quality and to detect potential bugs in our PHP codebase.
+You can find the configuration and instructions to run it [here](../tests/php-static-analysis/README.md).

.github/workflows/action.yml

@@ -26,13 +26,23 @@ jobs:
 
           fi
 
-      - name: Add internal tag if member
+      - name: Add internal tag if member of the organization
         if: env.is_member == 'true'
         run: |
           curl -X POST -H "Authorization: token ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}" \
             -H "Accept: application/vnd.github.v3+json" \
             https://api.github.com/repos/Combodo/iTop/issues/${{ github.event.pull_request.number }}/labels \
             -d '{"labels":["internal"]}'
+
+      - name: Set PR author as assignee if member of the organization
+        if: env.is_member == 'true'
+        run: |
+          curl -L \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}" \
+            https://api.github.com/repos/Combodo/iTop/issues/${{ github.event.pull_request.number }}/assignees \
+            -d '{"assignees":["${{ github.event.pull_request.user.login }}"]}'
         env:
           is_member: ${{ env.is_member }}
 
@@ -40,4 +50,4 @@ jobs:
         uses: actions/add-to-project@v1.0.2
         with:
           project-url: ${{ env.project_url }}
-          github-token: ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}
+          github-token: ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}

.gitignore

@@ -58,6 +58,9 @@ tests/*/vendor/*
 /tests/php-unit-tests/phpunit.xml
 /tests/php-unit-tests/postbuild_integration.xml
 
+# PHP CS Fixer: Cache file
+/.php-cs-fixer.cache
+
 
 # Jetbrains
 /.idea/**

README.md

@@ -73,6 +73,9 @@ iTop development is sponsored, led, and supported by [Combodo][0].
 
 [0]: https://www.combodo.com
 
+## Developers
+
+You can find information and instructions about our quality tools and how to run them [here](.doc/developers.md).
 
 ## Contributors
 

application/application.inc.php

@@ -16,5 +16,5 @@ require_once(APPROOT.'/application/audit.category.class.inc.php');
 require_once(APPROOT.'/application/audit.domain.class.inc.php');
 require_once(APPROOT.'/application/audit.rule.class.inc.php');
 require_once(APPROOT.'/application/query.class.inc.php');
-require_once(APPROOT.'/setup/moduleinstallation.class.inc.php');
+require_once(APPROOT.'/setup/moduleinstallation/moduleinstallation.class.inc.php');
 require_once(APPROOT.'/application/utils.inc.php');

application/cmdbabstract.class.inc.php

@@ -5632,7 +5632,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function AddAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', string $sReason = null): void
+	final public function AddAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', ?string $sReason = null): void
 	{
 		if (!isset($this->aAttributesFlags[$sTargetState])) {
 			$this->aAttributesFlags[$sTargetState] = [];
@@ -5655,7 +5655,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function ForceAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', string $sReason = null): void
+	final public function ForceAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', ?string $sReason = null): void
 	{
 		if (!isset($this->aAttributesFlags[$sTargetState])) {
 			$this->aAttributesFlags[$sTargetState] = [];
@@ -5696,7 +5696,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function AddInitialAttributeFlags(string $sAttCode, int $iFlags, string $sReason = null)
+	final public function AddInitialAttributeFlags(string $sAttCode, int $iFlags, ?string $sReason = null)
 	{
 		if (!isset($this->aInitialAttributesFlags)) {
 			$this->aInitialAttributesFlags = [];
@@ -5718,7 +5718,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function ForceInitialAttributeFlags(string $sAttCode, int $iFlags, string $sReason = null)
+	final public function ForceInitialAttributeFlags(string $sAttCode, int $iFlags, ?string $sReason = null)
 	{
 		if (!isset($this->aInitialAttributesFlags)) {
 			$this->aInitialAttributesFlags = [];

application/dashboard.class.inc.php

@@ -1029,7 +1029,7 @@ EOF
 			    var dashboard = $('.ibo-dashboard#$sDivId')
 				dashboard.block();
 				$.post(GetAbsoluteUrlAppRoot()+'pages/ajax.render.php',
-				   { operation: 'toggle_dashboard', dashboard_id: '$sId', file: '$sFile', extra_params: $sExtraParams, reload_url: '$sReloadURL' },
+				   { operation: 'toggle_dashboard', dashboard_id: '$sId', file: '$sFile', extra_params: $sExtraParams, reload_url: $sReloadURL },
 				   function(data) {
 					 dashboard.html(data);
 					 dashboard.unblock();

application/exceptions/ForgotPasswordApplicationException.php

@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+class ForgotPasswordApplicationException extends Exception
+{
+}

application/exceptions/ForgotPasswordUserInputException.php

@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+class ForgotPasswordUserInputException extends Exception
+{
+}

application/logintwig.class.inc.php

@@ -243,15 +243,12 @@ class LoginTwigRenderer
 
 	public function GetDefaultVars()
 	{
-		$sVersionShort = Dict::Format('UI:iTopVersion:Short', ITOP_APPLICATION, ITOP_VERSION);
 		$sIconUrl = Utils::GetConfig()->Get('app_icon_url');
 		$sDisplayIcon = Branding::GetLoginLogoAbsoluteUrl();
 
 		$aVars = [
 			'sAppRootUrl' => utils::GetAbsoluteUrlAppRoot(),
 			'aPluginFormData' => $this->GetPluginFormData(),
-			'sItopVersion' => ITOP_VERSION,
-			'sVersionShort' => $sVersionShort,
 			'sIconUrl' => $sIconUrl,
 			'sDisplayIcon' => $sDisplayIcon,
 		];

application/loginwebpage.class.inc.php

@@ -221,15 +221,15 @@ class LoginWebPage extends NiceWebPage
 
 			if ($oUser != null) {
 				if (!MetaModel::IsValidAttCode(get_class($oUser), 'reset_pwd_token')) {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-NotPossible'));
+					throw new ForgotPasswordUserInputException('External accounts do not allow password reset');
 				}
 				if (!$oUser->CanChangePassword()) {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-FixedPwd'));
+					throw new ForgotPasswordUserInputException('The account does not allow password reset');
 				}
 
 				$sTo = $oUser->GetResetPasswordEmail(); // throws Exceptions if not allowed
 				if ($sTo == '') {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-NoEmail'));
+					throw new ForgotPasswordUserInputException('Missing email address for this account');
 				}
 
 				// This token allows the user to change the password without knowing the previous one
@@ -255,17 +255,21 @@ class LoginWebPage extends NiceWebPage
 
 					case EMAIL_SEND_ERROR:
 					default:
-						IssueLog::Error('Failed to send the email with the NEW password for '.$oUser->Get('friendlyname').': '.implode(', ', $aIssues));
-						throw new Exception(Dict::S('UI:ResetPwd-Error-Send'));
+						throw new ForgotPasswordApplicationException('Failed to send the password reset email for '.$oUser->Get('friendlyname').': '.implode(', ', $aIssues));
 				}
 			}
 
-			$oTwigContext = new LoginTwigRenderer();
-			$aVars = $oTwigContext->GetDefaultVars();
-			$oTwigContext->Render($this, 'forgotpwdsent.html.twig', $aVars);
-		} catch (Exception $e) {
-			$this->DisplayForgotPwdForm(true, $e->getMessage());
+		} catch (ForgotPasswordApplicationException $e) {
+			IssueLog::Error('Failed to process the forgot password request for user "'.$sAuthUser.'" [reason='.get_class($e).']: '.$e->getMessage());
+		} catch (ForgotPasswordUserInputException $e) {
+			IssueLog::Info('Failed to process the forgot password request for user "'.$sAuthUser.'" [reason='.get_class($e).']: '.$e->getMessage());
+		} catch (\Throwable $e) {
+			IssueLog::Error('Unexpected error while processing the forgot password request for user "'.$sAuthUser.'": '.$e->getMessage());
 		}
+
+		$oTwigContext = new LoginTwigRenderer();
+		$aVars = $oTwigContext->GetDefaultVars();
+		$oTwigContext->Render($this, 'forgotpwdsent.html.twig', $aVars);
 	}
 
 	public function DisplayResetPwdForm($sErrorMessage = null)

application/newsroomprovider.class.inc.php

@@ -34,7 +34,7 @@ interface iNewsroomProvider
 	 * @param User $oUser The user for who to check if the provider is applicable.
 	 * return bool
 	 */
-	public function IsApplicable(User $oUser = null);
+	public function IsApplicable(?User $oUser = null);
 
 	/**
 	 * The human readable (localized) label for this provider
@@ -139,7 +139,7 @@ abstract class NewsroomProviderBase implements iNewsroomProvider
 	 */
 	abstract public function GetViewAllURL();
 
-	public function IsApplicable(User $oUser = null)
+	public function IsApplicable(?User $oUser = null)
 	{
 		return false;
 	}

application/query.class.inc.php

@@ -151,7 +151,7 @@ abstract class Query extends cmdbAbstractObject
 	 * @return string|null
 	 * @since 3.1.0
 	 */
-	abstract public function GetExportUrl(array $aValues = null): ?string;
+	abstract public function GetExportUrl(?array $aValues = null): ?string;
 
 	/**
 	 * Update last export information.
@@ -227,7 +227,7 @@ class QueryOQL extends Query
 	}
 
 	/** @inheritdoc */
-	public function GetExportUrl(array $aValues = null): ?string
+	public function GetExportUrl(?array $aValues = null): ?string
 	{
 		try {
 			// retrieve attributes

application/themehandler.class.inc.php

@@ -967,7 +967,9 @@ CSS;
 				}
 			}
 		}
-		array_map(function ($sVariableValue) { return ltrim($sVariableValue); }, $aVariablesResults);
+		array_map(function ($sVariableValue) {
+			return ltrim($sVariableValue);
+		}, $aVariablesResults);
 		return $aVariablesResults;
 	}
 

application/utils.inc.php

@@ -181,6 +181,9 @@ class utils
 
 	protected static function LoadParamFile($sParamFile)
 	{
+		if (utils::RealPath($sParamFile, APPROOT) !== false) {
+			throw new Exception("File '".utils::HtmlEntities($sParamFile)."' should be outside iTop");
+		}
 		if (!file_exists($sParamFile)) {
 			throw new Exception("Could not find the parameter file: '".utils::HtmlEntities($sParamFile)."'");
 		}
@@ -1284,7 +1287,7 @@ class utils
 	 * @throws \CoreException
 	 * @throws \Exception
 	 */
-	public static function ExecITopScript(string $sScriptName, array $aArguments, string $sAuthUser = null, string $sAuthPwd = null)
+	public static function ExecITopScript(string $sScriptName, array $aArguments, ?string $sAuthUser = null, ?string $sAuthPwd = null)
 	{
 		$aDisabled = explode(', ', ini_get('disable_functions'));
 		if (in_array('exec', $aDisabled)) {
@@ -1374,7 +1377,7 @@ class utils
 	 * @return string A path to a folder into which any module can store cache data
 	 * The corresponding folder is created or cleaned upon code compilation
 	 */
-	public static function GetCachePath(string $sEnvironment = null): string
+	public static function GetCachePath(?string $sEnvironment = null): string
 	{
 		if (is_null($sEnvironment)) {
 			$sEnvironment = MetaModel::GetEnvironment();
@@ -2081,7 +2084,9 @@ SQL;
 			}
 
 			// Remove any remaining nulls (for positions that weren't referenced)
-			$aReplacements = array_filter($aReplacements, static function ($val) { return $val !== null; });
+			$aReplacements = array_filter($aReplacements, static function ($val) {
+				return $val !== null;
+			});
 		} else {
 			// For non-positional, we need to map each position
 			$aReplacements = [];

composer.json

@@ -4,7 +4,7 @@
   "type": "project",
   "license": "AGPL-3.0-only",
   "require": {
-    "php": ">=8.1.0 <8.4.0",
+    "php": ">=8.1.0 <8.5.0",
     "ext-ctype": "*",
     "ext-dom": "*",
     "ext-gd": "*",
@@ -12,8 +12,7 @@
     "ext-json": "*",
     "ext-mysqli": "*",
     "ext-soap": "*",
-    "apereo/phpcas": "~1.6.0",
-    "firebase/php-jwt": "^6.4.0",
+    "apereo/phpcas": "dev-master",
     "guzzlehttp/guzzle": "^7.5.1",
     "league/oauth2-google": "^4.0.1",
     "nikic/php-parser": "dev-master",
@@ -40,10 +39,16 @@
     "symfony/stopwatch": "~6.4.0",
     "symfony/web-profiler-bundle": "~6.4.0"
   },
-  "repositories": [{
-    "type": "vcs",
-    "url": "https://github.com/Combodo/PHP-Parser"
-  }],
+  "repositories": [
+    {
+      "type": "vcs",
+      "url": "https://github.com/Combodo/PHP-Parser"
+    },
+    {
+      "type": "vcs",
+      "url": "https://github.com/EsupPortail/phpCAS"
+    }
+  ],
   "suggest": {
     "ext-libsodium": "Required to use the AttributeEncryptedString.",
     "ext-openssl": "Can be used as a polyfill if libsodium is not installed",

core/autoload.php

@@ -24,7 +24,7 @@ MetaModel::IncludeModule('application/user.dashboard.class.inc.php');
 MetaModel::IncludeModule('application/audit.rule.class.inc.php');
 MetaModel::IncludeModule('application/audit.domain.class.inc.php');
 MetaModel::IncludeModule('application/query.class.inc.php');
-MetaModel::IncludeModule('setup/moduleinstallation.class.inc.php');
+MetaModel::IncludeModule('setup/moduleinstallation/moduleinstallation.class.inc.php');
 
 MetaModel::IncludeModule('core/event.class.inc.php');
 MetaModel::IncludeModule('core/action.class.inc.php');

core/bulkchange.class.inc.php

@@ -199,7 +199,7 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 	 * @param null $sAllowedValues : used for additional message that provides allowed values $sAllowedValues for current class
 	 * @param string|null $sAllowedValuesSearch : used to search all allowed values
 	 */
-	public function __construct($sSerializedSearch, $sReason, $sClass = null, $sAllowedValues = null, string $sAllowedValuesSearch = null)
+	public function __construct($sSerializedSearch, $sReason, $sClass = null, $sAllowedValues = null, ?string $sAllowedValuesSearch = null)
 	{
 		parent::__construct(null, null, $sReason);
 		$this->sSerializedSearch = $sSerializedSearch;
@@ -876,7 +876,7 @@ class BulkChange
 		return $aResults;
 	}
 
-	protected function CreateObject(&$aResult, $iRow, $aRowData, CMDBChange $oChange = null)
+	protected function CreateObject(&$aResult, $iRow, $aRowData, ?CMDBChange $oChange = null)
 	{
 		$oTargetObj = MetaModel::NewObject($this->m_sClass);
 
@@ -965,7 +965,7 @@ class BulkChange
 	 * @throws \MySQLException
 	 * @throws \MySQLHasGoneAwayException
 	 */
-	protected function UpdateObject(&$aResult, $iRow, $oTargetObj, $aRowData, CMDBChange $oChange = null)
+	protected function UpdateObject(&$aResult, $iRow, $oTargetObj, $aRowData, ?CMDBChange $oChange = null)
 	{
 		$aResult[$iRow] = $this->PrepareObject($oTargetObj, $aRowData, $aErrors);
 
@@ -1008,7 +1008,7 @@ class BulkChange
 	 *
 	 * @throws \BulkChangeException
 	 */
-	protected function UpdateMissingObject(&$aResult, $iRow, $oTargetObj, CMDBChange $oChange = null)
+	protected function UpdateMissingObject(&$aResult, $iRow, $oTargetObj, ?CMDBChange $oChange = null)
 	{
 		$aResult[$iRow] = $this->PrepareMissingObject($oTargetObj, $aErrors);
 
@@ -1043,7 +1043,7 @@ class BulkChange
 		}
 	}
 
-	public function Process(CMDBChange $oChange = null)
+	public function Process(?CMDBChange $oChange = null)
 	{
 		if ($oChange) {
 			CMDBObject::SetCurrentChange($oChange);

core/config.class.inc.php

@@ -928,7 +928,7 @@ class Config
 			'type' => 'string',
 			'description' => 'Actions that are available as direct buttons next to the "Actions" menu',
 			// examples... not used
-			'default' => 'UI:Menu:Modify,UI:Menu:New',
+			'default' => 'UI:Menu:Modify,UI:Menu:New,UI:Menu:impacts_down,UI:Menu:impacts_up',
 			'value' => 'UI:Menu:Modify',
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
@@ -1748,6 +1748,14 @@ class Config
 			'source_of_value'     => '',
 			'show_in_conf_sample' => false,
 		],
+		'security.force_login_when_no_delegated_authentication_endpoints_list' => [
+			'type'                => 'bool',
+			'description'         => 'If true, when no execution policy is defined, the user will be forced to log in (instead of being automatically logged in with the default profile)',
+			'default'             => false,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
 		'behind_reverse_proxy' => [
 			'type' => 'bool',
 			'description' => 'If true, then proxies custom header (X-Forwarded-*) are taken into account. Use only if the webserver is not publicly accessible (reachable only by the reverse proxy)',
@@ -1954,11 +1962,6 @@ class Config
 	 */
 	protected $m_sDefaultLanguage;
 
-	/**
-	 * @var string Type of login process allowed: form|basic|url|external
-	 */
-	protected $m_sAllowedLoginTypes;
-
 	/**
 	 * @var string Name of the PHP variable in which external authentication information is passed by the web server
 	 */
@@ -2032,7 +2035,6 @@ class Config
 		$this->m_iFastReloadInterval = DEFAULT_FAST_RELOAD_INTERVAL;
 		$this->m_bSecureConnectionRequired = DEFAULT_SECURE_CONNECTION_REQUIRED;
 		$this->m_sDefaultLanguage = 'EN US';
-		$this->m_sAllowedLoginTypes = DEFAULT_ALLOWED_LOGIN_TYPES;
 		$this->m_sExtAuthVariable = DEFAULT_EXT_AUTH_VARIABLE;
 		$this->m_aCharsets = [];
 		$this->m_bQueryCacheEnabled = DEFAULT_QUERY_CACHE_ENABLED;
@@ -2179,7 +2181,6 @@ class Config
 		$this->m_aModuleSettings = isset($MyModuleSettings) ? $MyModuleSettings : [];
 
 		$this->m_sDefaultLanguage = isset($MySettings['default_language']) ? trim($MySettings['default_language']) : 'EN US';
-		$this->m_sAllowedLoginTypes = isset($MySettings['allowed_login_types']) ? trim($MySettings['allowed_login_types']) : DEFAULT_ALLOWED_LOGIN_TYPES;
 		$this->m_sExtAuthVariable = isset($MySettings['ext_auth_variable']) ? trim($MySettings['ext_auth_variable']) : DEFAULT_EXT_AUTH_VARIABLE;
 		$this->m_sEncryptionKey = isset($MySettings['encryption_key']) ? trim($MySettings['encryption_key']) : $this->m_sEncryptionKey;
 		$this->m_sEncryptionLibrary = isset($MySettings['encryption_library']) ? trim($MySettings['encryption_library']) : $this->m_sEncryptionLibrary;
@@ -2339,7 +2340,7 @@ class Config
 
 	public function GetAllowedLoginTypes()
 	{
-		return explode('|', $this->m_sAllowedLoginTypes);
+		return explode('|', $this->m_aSettings['allowed_login_types']['value']);
 	}
 
 	public function GetExternalAuthenticationVariable()
@@ -2417,7 +2418,6 @@ class Config
 
 	public function SetAllowedLoginTypes($aAllowedLoginTypes)
 	{
-		$this->m_sAllowedLoginTypes = implode('|', $aAllowedLoginTypes);
 		$this->Set('allowed_login_types', implode('|', $aAllowedLoginTypes));
 	}
 
@@ -2495,7 +2495,6 @@ class Config
 		$aSettings['fast_reload_interval'] = $this->m_iFastReloadInterval;
 		$aSettings['secure_connection_required'] = $this->m_bSecureConnectionRequired;
 		$aSettings['default_language'] = $this->m_sDefaultLanguage;
-		$aSettings['allowed_login_types'] = $this->m_sAllowedLoginTypes;
 		$aSettings['ext_auth_variable'] = $this->m_sExtAuthVariable;
 		$aSettings['encryption_key'] = $this->m_sEncryptionKey;
 		$aSettings['encryption_library'] = $this->m_sEncryptionLibrary;
@@ -2599,7 +2598,6 @@ class Config
 			// Old fashioned remaining values
 			$aOtherValues = [
 				'default_language' => $this->m_sDefaultLanguage,
-				'allowed_login_types' => $this->m_sAllowedLoginTypes,
 				'ext_auth_variable' => $this->m_sExtAuthVariable,
 				'encryption_key' => $this->m_sEncryptionKey,
 				'encryption_library' => $this->m_sEncryptionLibrary,
@@ -2685,14 +2683,13 @@ class Config
 	 *
 	 * @param array $aParamValues
 	 * @param ?string $sModulesDir
-	 * @param bool $bPreserveModuleSettings
 	 *
 	 * @return void The current object is modified directly
 	 *
 	 * @throws \Exception
 	 * @throws \CoreException
 	 */
-	public function UpdateFromParams($aParamValues, $sModulesDir = null, $bPreserveModuleSettings = false)
+	public function UpdateFromParams($aParamValues, $sModulesDir = null)
 	{
 		if (isset($aParamValues['application_path'])) {
 			$this->Set('app_root_url', $aParamValues['application_path']);
@@ -2740,7 +2737,10 @@ class Config
 		} else {
 			$aSelectedModules = null;
 		}
-		$this->UpdateIncludes($sModulesDir, $aSelectedModules);
+
+		if (! is_null($sModulesDir)) {
+			$this->UpdateIncludes($sModulesDir, $aSelectedModules);
+		}
 
 		if (isset($aParamValues['source_dir'])) {
 			$this->Set('source_dir', $aParamValues['source_dir']);
@@ -2758,17 +2758,13 @@ class Config
 	 *
 	 * @throws Exception
 	 */
-	public function UpdateIncludes($sModulesDir, $aSelectedModules = null)
+	public function UpdateIncludes(string $sModulesDir, $aSelectedModules = null)
 	{
-		if ($sModulesDir === null) {
-			return;
-		}
-
 		// Initialize the arrays below with default values for the application...
 		$oEmptyConfig = new Config('dummy_file', false); // Do NOT load any config file, just set the default values
 		$aAddOns = $oEmptyConfig->GetAddOns();
 
-		$aModules = ModuleDiscovery::GetAvailableModules([APPROOT.$sModulesDir]);
+		$aModules = ModuleDiscovery::GetModulesOrderedByDependencies([APPROOT.$sModulesDir]);
 		foreach ($aModules as $sModuleId => $aModuleInfo) {
 			list($sModuleName, $sModuleVersion) = ModuleDiscovery::GetModuleName($sModuleId);
 			if (is_null($aSelectedModules) || in_array($sModuleName, $aSelectedModules)) {

core/csvbulkexport.class.inc.php

@@ -5,6 +5,7 @@
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
+use Combodo\iTop\Application\Helper\ExportHelper;
 use Combodo\iTop\Application\UI\Base\Component\FieldSet\FieldSetUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Component\Html\Html;
 use Combodo\iTop\Application\UI\Base\Component\Input\InputUIBlockFactory;
@@ -13,7 +14,6 @@ use Combodo\iTop\Application\UI\Base\Component\Input\Select\SelectUIBlockFactory
 use Combodo\iTop\Application\UI\Base\Component\Panel\PanelUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Layout\MultiColumn\Column\ColumnUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Layout\MultiColumn\MultiColumnUIBlockFactory;
-use Combodo\iTop\Application\Helper\ExportHelper;
 use Combodo\iTop\Application\WebPage\Page;
 use Combodo\iTop\Application\WebPage\WebPage;
 
@@ -55,6 +55,8 @@ class CSVBulkExport extends TabularBulkExport
 		$this->aStatusInfo['charset'] = strtoupper(utils::ReadParam('charset', 'UTF-8', true, 'raw_data'));
 		$this->aStatusInfo['formatted_text'] = (bool)utils::ReadParam('formatted_text', 0, true);
 
+		$this->aStatusInfo['ignore_excel_sanitization'] = (bool)utils::ReadParam('ignore_excel_sanitization', 0, true, utils::ENUM_SANITIZATION_FILTER_INTEGER);
+
 		$sDateFormatRadio = utils::ReadParam('csv_date_format_radio', '');
 		switch ($sDateFormatRadio) {
 			case 'default':
@@ -223,6 +225,10 @@ class CSVBulkExport extends TabularBulkExport
 				$oRadioCustom->GetInput()->AddCSSClass('ibo-input-checkbox');
 				$oFieldSetDate->AddSubBlock($oRadioCustom);
 
+				$oFieldSetSecurity = FieldSetUIBlockFactory::MakeStandard(Dict::S('Core:BulkExport:Security'));
+				$oMulticolumn->AddColumn(ColumnUIBlockFactory::MakeForBlock($oFieldSetSecurity));
+				$oFieldSetSecurity->AddSubBlock(ExportHelper::GetInputForSanitizeExcelExport());
+
 				$oP->add_ready_script(
 					<<<EOF
 $('#form_part_csv_options').on('preview_updated', function() { FormatDatesInPreview('csv', 'csv'); });
@@ -264,6 +270,13 @@ EOF
 			default:
 				$sRet = trim($oObj->GetAsCSV($sAttCode), '"');
 		}
+
+		// If the option to ignore Excel sanitization is not set or explicitly set to false, apply sanitization
+		if (!(array_key_exists('ignore_excel_sanitization', $this->aStatusInfo)) || $this->aStatusInfo['ignore_excel_sanitization'] === false) {
+			return ExportHelper::SanitizeField($sRet, $this->aStatusInfo['text_qualifier'] ?? '');
+		}
+
+		// The option to ignore Excel sanitization is explicitly set to true: return the raw value without sanitization
 		return $sRet;
 	}
 
@@ -337,6 +350,12 @@ EOF
 							$sField = $oObj->GetAsCSV($sAttCode, $this->aStatusInfo['separator'], $this->aStatusInfo['text_qualifier'], $this->bLocalizeOutput, !$this->aStatusInfo['formatted_text']);
 					}
 				}
+
+				// If the option to ignore Excel sanitization is not set or absent, sanitize the field
+				if (!(array_key_exists('ignore_excel_sanitization', $this->aStatusInfo)) || $this->aStatusInfo['ignore_excel_sanitization'] === false) {
+					$sField = ExportHelper::SanitizeField($sField, $this->aStatusInfo['text_qualifier']);
+				}
+
 				if ($this->aStatusInfo['charset'] != 'UTF-8') {
 					// Note: due to bugs in the glibc library it's safer to call iconv on the smallest possible string
 					// and thus to convert field by field and not the whole row or file at once (see ticket N°991)

core/dbobject.class.php

@@ -2567,7 +2567,7 @@ abstract class DBObject implements iDisplay
 	 *
 	 * @see \RestUtils::FindObjectFromKey for the same check in the REST endpoint
 	 */
-	final public function CheckChangedExtKeysValues(callable $oIsObjectLoadableCallback = null)
+	final public function CheckChangedExtKeysValues(?callable $oIsObjectLoadableCallback = null)
 	{
 		if (is_null($oIsObjectLoadableCallback)) {
 			$oIsObjectLoadableCallback = function ($sClass, $sId) {
@@ -3727,7 +3727,7 @@ abstract class DBObject implements iDisplay
 	 * @throws \MySQLException
 	 * @throws \OQLException
 	 */
-	private function ActivateOnObjectUpdateTriggers(?DBObject $oObject, array $aAttributes = null): void
+	private function ActivateOnObjectUpdateTriggers(?DBObject $oObject, ?array $aAttributes = null): void
 	{
 		if (is_null($oObject)) {
 			return;
@@ -5108,8 +5108,8 @@ abstract class DBObject implements iDisplay
 	protected function GetReferencingObjectsForDeletion($bAllowAllData = false)
 	{
 		$aDependentObjects = [];
-		$aRererencingMe = MetaModel::EnumReferencingClasses(get_class($this));
-		foreach ($aRererencingMe as $sRemoteClass => $aExtKeys) {
+		$aReferencingMe = MetaModel::EnumReferencingClasses(get_class($this));
+		foreach ($aReferencingMe as $sRemoteClass => $aExtKeys) {
 			/** @var \AttributeExternalKey $oExtKeyAttDef */
 			foreach ($aExtKeys as $sExtKeyAttCode => $oExtKeyAttDef) {
 				// skip if external key doesn't require the deletion cascading

core/dbsearch.class.php

@@ -650,7 +650,7 @@ abstract class DBSearch
 	 *
 	 * @throws OQLException
 	 */
-	public static function FromOQL($sQuery, $aParams = null, ModelReflection $oMetaModel = null)
+	public static function FromOQL($sQuery, $aParams = null, ?ModelReflection $oMetaModel = null)
 	{
 		if (empty($sQuery)) {
 			return null;

core/dbunionsearch.class.php

@@ -59,7 +59,7 @@ class DBUnionSearch extends DBSearch
 	public function AllowAllData($bAllowAllData = true)
 	{
 		foreach ($this->aSearches as $oSearch) {
-			$oSearch->AllowAllData();
+			$oSearch->AllowAllData($bAllowAllData);
 		}
 	}
 

core/designdocument.class.inc.php

@@ -453,7 +453,7 @@ class DesignElement extends \DOMElement
 	 * @throws Exception
 	 * @since 3.1.2 3.2.0 N°6974
 	 */
-	public static function _FindNode(DOMNode $oParent, DesignElement $oRefNode, string $sSearchId = null): ?DesignElement
+	public static function _FindNode(DOMNode $oParent, DesignElement $oRefNode, ?string $sSearchId = null): ?DesignElement
 	{
 		$oNodes = self::_FindNodes($oParent, $oRefNode, $sSearchId);
 		if ($oNodes instanceof DOMNodeList) {
@@ -477,7 +477,7 @@ class DesignElement extends \DOMElement
 	 * @return \DOMNodeList|false|mixed
 	 * @since 3.1.2 3.2.0 N°6974
 	 */
-	public static function _FindNodes(DOMNode $oParent, DesignElement $oRefNode, string $sSearchId = null)
+	public static function _FindNodes(DOMNode $oParent, DesignElement $oRefNode, ?string $sSearchId = null)
 	{
 		if ($oParent instanceof DOMDocument) {
 			$oDoc = $oParent->firstChild->ownerDocument;

core/displayablegraph.class.inc.php

@@ -632,7 +632,7 @@ class DisplayableGroupNode extends DisplayableNode
 		$this->aObjects = [];
 	}
 
-	public function AddObject(DBObject $oObj = null)
+	public function AddObject(?DBObject $oObj = null)
 	{
 		if (is_object($oObj)) {
 			$sPrevClass = $this->GetObjectClass();

core/excelbulkexport.class.inc.php

@@ -5,13 +5,13 @@
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
+use Combodo\iTop\Application\Helper\ExportHelper;
 use Combodo\iTop\Application\UI\Base\Component\FieldSet\FieldSetUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Component\Html\Html;
 use Combodo\iTop\Application\UI\Base\Component\Input\InputUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Component\Panel\PanelUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Layout\MultiColumn\Column\ColumnUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Layout\MultiColumn\MultiColumnUIBlockFactory;
-use Combodo\iTop\Application\Helper\ExportHelper;
 use Combodo\iTop\Application\WebPage\Page;
 use Combodo\iTop\Application\WebPage\WebPage;
 
@@ -63,6 +63,8 @@ class ExcelBulkExport extends TabularBulkExport
 				// Export from the command line (or scripted) => default format is SQL, as in previous versions of iTop, unless specified otherwise
 				$this->aStatusInfo['date_format'] = utils::ReadParam('date_format', (string)AttributeDateTime::GetSQLFormat(), true, 'raw_data');
 		}
+
+		$this->aStatusInfo['ignore_excel_sanitization'] = (bool)utils::ReadParam('ignore_excel_sanitization', 0, true, utils::ENUM_SANITIZATION_FILTER_INTEGER);
 	}
 
 	public function EnumFormParts()
@@ -121,6 +123,10 @@ class ExcelBulkExport extends TabularBulkExport
 				$oRadioCustom->GetInput()->AddCSSClass('ibo-input-checkbox');
 				$oFieldSetDate->AddSubBlock($oRadioCustom);
 
+				$oFieldSetSecurity = FieldSetUIBlockFactory::MakeStandard(Dict::S('Core:BulkExport:Security'));
+				$oMulticolumn->AddColumn(ColumnUIBlockFactory::MakeForBlock($oFieldSetSecurity));
+				$oFieldSetSecurity->AddSubBlock(ExportHelper::GetInputForSanitizeExcelExport());
+
 				$oP->add_ready_script(
 					<<<EOF
 $('#form_part_xlsx_options').on('preview_updated', function() { FormatDatesInPreview('excel', 'xlsx'); });
@@ -216,6 +222,12 @@ EOF
 					}
 				}
 		}
+
+		// If the option to ignore Excel sanitization is not set or absent, sanitize the field
+		if (!(array_key_exists('ignore_excel_sanitization', $this->aStatusInfo)) || $this->aStatusInfo['ignore_excel_sanitization'] === false) {
+			return ExportHelper::SanitizeField($sRet, '');
+		}
+
 		return $sRet;
 	}
 

core/inlineimage.class.inc.php

@@ -259,13 +259,18 @@ class InlineImage extends DBObject
 	 * that refer to an InlineImage (detected via the attribute data-img-id="") so that
 	 * the URL is consistent with the current URL of the application.
 	 *
-	 * @param string $sHtml The HTML fragment to process
+N°8681	 * @param string|null $sHtml The HTML fragment to process
 	 *
 	 * @return string The modified HTML
 	 * @throws \Exception
+	 *
+	 * @since 3.3.0 N°8681 Add type hint for parameters and return value
 	 */
-	public static function FixUrls($sHtml)
+	public static function FixUrls(string|null $sHtml): string
 	{
+		// N°8681 - Ensure to have a string value
+		$sHtml = $sHtml ?? '';
+
 		$aNeedles = [];
 		$aReplacements = [];
 		// Find img tags with an attribute data-img-id
@@ -293,6 +298,46 @@ class InlineImage extends DBObject
 		return $sHtml;
 	}
 
+	/**
+	 * Replace <img> tags with a data-img-id attribute by the actual image in base64 representation
+	 * so that the image can be displayed even if the download URL is not accessible (e.g. in unauthenticated approval templates)
+	 *
+	 * @param string $sHtml The HTML fragment to process
+	 *
+	 * @return String The modified HTML
+	 * @since 3.2.3
+	 */
+	public static function ReplaceInlineImagesWithBase64Representation(string $sHtml): String
+	{
+		return preg_replace_callback(
+			'/<img\s+[^>]*'.static::DOM_ATTR_ID.'="(\d+)"[^>]*>/i',
+			function ($matches) {
+
+				// Extract inline image ID from the tag
+				$id = $matches[1];
+
+				try {
+					// Retrieve inline image
+					$oInline = MetaModel::GetObject(InlineImage::class, $id, true, true);
+					$oOrmDocument = $oInline->Get('contents');
+
+					// Replace src image by the base64 representation
+					$sInlineImageAsBase64 = base64_encode($oOrmDocument->GetData());
+					$sDataUri = 'data:'.$oOrmDocument->GetMimeType().';base64,'.$sInlineImageAsBase64;
+					$sImage = preg_replace('/src=["\'][^"\']+["\']/', 'src="'.$sDataUri.'"', $matches[0]);
+
+					// Remove sensitive information (the image ID and secret) from the tag
+					$sImage = preg_replace('/'.static::DOM_ATTR_ID.'="\d+"\s+'.static::DOM_ATTR_SECRET.'="\w+"/', '', $sImage);
+				} catch (Exception $e) {
+					$sImage = '<img src="" alt="'.Dict::S('UI:MissingInlineImage').'">';
+				}
+
+				return $sImage;
+			},
+			$sHtml
+		);
+	}
+
 	/**
 	 * Add an extra attribute data-img-id for images which are based on an actual InlineImage
 	 * so that we can later reconstruct the full "src" URL when needed
@@ -389,7 +434,7 @@ JS
 	 * Resize an image so that it fits the maximum width/height defined in the config file
 	 * @param ormDocument $oImage The original image stored as an array (content / mimetype / filename)
 	 * @return ormDocument The resampled image (or the original one if it already fit)
-	 * @deprecated Replaced by ormDocument::ResizeImageToFit
+	 * @deprecated since 3.3.0 Replaced by ormDocument::ResizeImageToFit
 	 */
 	public static function ResizeImageToFit(ormDocument $oImage, &$aDimensions = null)
 	{

core/kpi.class.inc.php

@@ -1,18 +1,20 @@
 <?php
 
 /**
- * @copyright   Copyright (C) 2010-2024 Combodo SAS
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
+use Combodo\iTop\Application\EventRegister\ApplicationEvents;
 use Combodo\iTop\Core\Kpi\KpiLogData;
+use Combodo\iTop\Service\Events\EventService;
+use Combodo\iTop\Service\Events\iEventServiceSetup;
 use Combodo\iTop\Service\Module\ModuleService;
 
 /**
  * Measures operations duration, memory usage, etc. (and some other KPIs)
  */
-
-class ExecutionKPI
+class ExecutionKPI implements iEventServiceSetup
 {
 	protected static $m_bEnabled_Duration = false;
 	protected static $m_bEnabled_Memory = false;
@@ -23,15 +25,18 @@ class ExecutionKPI
 
 	protected static $m_aStats = []; // Recurrent operations
 	protected static $m_aExecData = []; // One shot operations
-	/**
-	 * @var array[ExecutionKPI]
-	 */
-	protected static $m_aExecutionStack = []; // embedded execution stats
+	/** @var true */
+	private static bool $bMetamodelStarted = false;
 
+	private static ?float $fLastReportTime = null;
+	private static ?float $iLastReportMemory = null;
+
+	// For stats
 	protected $m_fStarted = null;
-	protected $m_fChildrenDuration = 0; // Count embedded
 	protected $m_iInitialMemory = null;
 
+	private static array $aBootstrapOperations = [];
+
 	public static function EnableDuration($iLevel)
 	{
 		if ($iLevel > 0) {
@@ -71,6 +76,7 @@ class ExecutionKPI
 				return true;
 			}
 		}
+
 		return false;
 	}
 
@@ -97,7 +103,7 @@ class ExecutionKPI
 		$sFor = self::$m_sAllowedUser == '*' ? 'EVERYBODY' : "'".trim(self::$m_sAllowedUser)."'";
 		$sSlowQueries = '';
 		if (self::$m_fSlowQueries > 0) {
-			$sSlowQueries = ". Slow Queries: ".self::$m_fSlowQueries."s";
+			$sSlowQueries = '. Slow Queries: '.self::$m_fSlowQueries.'s';
 		}
 
 		$aExtensions = [];
@@ -127,7 +133,7 @@ class ExecutionKPI
 			$sRequest .= ' operation: '.$_POST['operation'];
 		}
 
-		$fStop = MyHelpers::getmicrotime();
+		$fStop = microtime(true);
 		if (($fStop - $fItopStarted) > self::$m_fSlowQueries) {
 			// Invoke extensions to log the KPI operation
 			/** @var \iKPILoggerExtension $oExtensionInstance */
@@ -151,17 +157,17 @@ class ExecutionKPI
 
 		$sTableStyle = 'background-color: #ccc; margin: 10px;';
 
-		$sHtml = "<hr/>";
+		$sHtml = '<hr/>';
 		$sHtml .= "<div style=\"background-color: grey; padding: 10px;\">";
 		$sHtml .= "<h3><a name=\"".md5($sExecId)."\">KPIs</a> - $sRequest</h3>";
 		$oStarted = DateTime::createFromFormat('U.u', $fItopStarted);
 		$sHtml .= '<p>'.$oStarted->format('Y-m-d H:i:s.u').'</p>';
-		$sHtml .= "<p>log_kpi_user_id: ".UserRights::GetUserId()."</p>";
-		$sHtml .= "<div>";
+		$sHtml .= '<p>log_kpi_user_id: '.UserRights::GetUserId().'</p>';
+		$sHtml .= '<div>';
 		$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
-		$sHtml .= "<thead>";
-		$sHtml .= "   <th>Operation</th><th>Begin</th><th>End</th><th>Duration</th><th>Memory start</th><th>Memory end</th><th>Memory peak</th>";
-		$sHtml .= "</thead>";
+		$sHtml .= '<thead>';
+		$sHtml .= '   <th>Operation</th><th>Begin</th><th>End</th><th>Duration</th><th>Memory start</th><th>Memory end</th><th>Memory peak</th>';
+		$sHtml .= '</thead>';
 		foreach (self::$m_aExecData as $aOpStats) {
 			$sOperation = $aOpStats['op'];
 			$sBegin = round($aOpStats['time_begin'], 3);
@@ -180,12 +186,12 @@ class ExecutionKPI
 				}
 			}
 
-			$sHtml .= "<tr>";
+			$sHtml .= '<tr>';
 			$sHtml .= "   <td>$sOperation</td><td>$sBegin</td><td>$sEnd</td><td>$sDuration</td><td>$sMemBegin</td><td>$sMemEnd</td><td>$sMemPeak</td>";
-			$sHtml .= "</tr>";
+			$sHtml .= '</tr>';
 		}
-		$sHtml .= "</table>";
-		$sHtml .= "</div>";
+		$sHtml .= '</table>';
+		$sHtml .= '</div>';
 
 		$aConsolidatedStats = [];
 		foreach (self::$m_aStats as $sOperation => $aOpStats) {
@@ -208,20 +214,20 @@ class ExecutionKPI
 				}
 			}
 			$aConsolidatedStats[$sOperation] = [
-				'count' => $iTotalOp,
+				'count'    => $iTotalOp,
 				'duration' => $fTotalOp,
-				'min' => $fMinOp,
-				'max' => $fMaxOp,
-				'avg' => $fTotalOp / $iTotalOp,
+				'min'      => $fMinOp,
+				'max'      => $fMaxOp,
+				'avg'      => $fTotalOp / $iTotalOp,
 				'max_args' => $sMaxOpArguments,
 			];
 		}
 
-		$sHtml .= "<div>";
+		$sHtml .= '<div>';
 		$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
-		$sHtml .= "<thead>";
-		$sHtml .= "   <th>Operation</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th><th>Avg</th>";
-		$sHtml .= "</thead>";
+		$sHtml .= '<thead>';
+		$sHtml .= '   <th>Operation</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th><th>Avg</th>';
+		$sHtml .= '</thead>';
 		foreach ($aConsolidatedStats as $sOperation => $aOpStats) {
 			$sOperation = '<a href="#'.md5($sExecId.$sOperation).'">'.$sOperation.'</a>';
 			$sCount = $aOpStats['count'];
@@ -230,14 +236,14 @@ class ExecutionKPI
 			$sMax = '<a href="#'.md5($sExecId.$aOpStats['max_args']).'">'.round($aOpStats['max'], 3).'</a>';
 			$sAvg = round($aOpStats['avg'], 3);
 
-			$sHtml .= "<tr>";
+			$sHtml .= '<tr>';
 			$sHtml .= "   <td>$sOperation</td><td>$sCount</td><td>$sDuration</td><td>$sMin</td><td>$sMax</td><td>$sAvg</td>";
-			$sHtml .= "</tr>";
+			$sHtml .= '</tr>';
 		}
-		$sHtml .= "</table>";
-		$sHtml .= "</div>";
+		$sHtml .= '</table>';
+		$sHtml .= '</div>';
 
-		$sHtml .= "</div>";
+		$sHtml .= '</div>';
 
 		$sHtml .= "<p><a href=\"#end-".md5($sExecId)."\">Next page stats</a></p>";
 
@@ -287,18 +293,18 @@ class ExecutionKPI
 						$sOperationHtml = '<a name="'.md5($sExecId.$sOperation).'">'.$sOperation.'</a>';
 						$sHtml .= "<h4>$sOperationHtml</h4>";
 						$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
-						$sHtml .= "<thead>";
-						$sHtml .= "   <th>Operation details (+ blame caller if log_kpi_duration = 2)</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th>";
-						$sHtml .= "</thead>";
+						$sHtml .= '<thead>';
+						$sHtml .= '   <th>Operation details (+ blame caller if log_kpi_duration = 2)</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th>';
+						$sHtml .= '</thead>';
 						$bDisplayHeader = false;
 					}
-					$sHtml .= "<tr>";
+					$sHtml .= '<tr>';
 					$sHtml .= "   <td>$sHtmlArguments</td><td>$iCountInter</td><td>$sTotalInter</td><td>$sMinInter</td><td>$sMaxInter</td>";
-					$sHtml .= "</tr>";
+					$sHtml .= '</tr>';
 				}
 			}
 			if (!$bDisplayHeader) {
-				$sHtml .= "</table>";
+				$sHtml .= '</table>';
 				$sHtml .= "<p><a href=\"#".md5($sExecId)."\">Back to page stats</a></p>";
 			}
 			self::Report($sHtml);
@@ -333,39 +339,50 @@ class ExecutionKPI
 
 		$aNewEntry = null;
 
-		$fStarted = $this->m_fStarted;
-		$fStopped = $this->m_fStarted;
-		if (self::$m_bEnabled_Duration) {
-			$fStopped = MyHelpers::getmicrotime();
-			$aNewEntry = [
-				'op'         => $sOperationDesc,
-				'time_begin' => $this->m_fStarted - $fItopStarted,
-				'time_end'   => $fStopped - $fItopStarted,
-			];
-			// Reset for the next operation (if the object is recycled)
-			$this->m_fStarted = $fStopped;
+		if (is_null(static::$fLastReportTime)) {
+			static::$fLastReportTime = $fItopStarted;
 		}
 
-		$iInitialMemory = is_null($this->m_iInitialMemory) ? 0 : $this->m_iInitialMemory;
-		$iCurrentMemory = 0;
-		$iPeakMemory = 0;
+		if (is_null(static::$iLastReportMemory)) {
+			global $iItopInitialMemory;
+			static::$iLastReportMemory = $iItopInitialMemory;
+		}
+
+		$fStarted = static::$fLastReportTime;
+		$fStopped = microtime(true);
+		if (self::$m_bEnabled_Duration) {
+			$aNewEntry = [
+				'op'         => $sOperationDesc,
+				'time_begin' => $fStarted - $fItopStarted,
+				'time_end'   => $fStopped - $fItopStarted,
+			];
+		}
+		static::$fLastReportTime = $fStopped;
+
+		$iInitialMemory = static::$iLastReportMemory;
+		$iCurrentMemory = $iInitialMemory;
+		$iPeakMemory = $iInitialMemory;
 		if (self::$m_bEnabled_Memory) {
 			$iCurrentMemory = self::memory_get_usage();
 			if (is_null($aNewEntry)) {
 				$aNewEntry = ['op' => $sOperationDesc];
 			}
-			$aNewEntry['mem_begin'] = $this->m_iInitialMemory;
+			$aNewEntry['mem_begin'] = $iInitialMemory;
 			$aNewEntry['mem_end'] = $iCurrentMemory;
 			$iPeakMemory = self::memory_get_peak_usage();
 			$aNewEntry['mem_peak'] = $iPeakMemory;
 			// Reset for the next operation (if the object is recycled)
-			$this->m_iInitialMemory = $iCurrentMemory;
+			static::$iLastReportMemory = $iCurrentMemory;
 		}
 
 		if (self::$m_bEnabled_Duration || self::$m_bEnabled_Memory) {
-			// Invoke extensions to log the KPI operation
-			/** @var \iKPILoggerExtension $oExtensionInstance */
-			foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+			$aCallstack = ['callstack' => $this->GetCallStack()];
+			if (static::$bMetamodelStarted) {
+				foreach (static::$aBootstrapOperations as $oLog) {
+					$this->LogOperation($oLog);
+				}
+				static::$aBootstrapOperations = [];
+				// Invoke extensions to log the KPI operation
 				$sExtension = ModuleService::GetInstance()->GetModuleNameFromCallStack(1);
 				$oKPILogData = new KpiLogData(
 					KpiLogData::TYPE_REPORT,
@@ -376,9 +393,24 @@ class ExecutionKPI
 					$sExtension,
 					$iInitialMemory,
 					$iCurrentMemory,
-					$iPeakMemory
+					$iPeakMemory,
+					$aCallstack
 				);
-				$oExtensionInstance->LogOperation($oKPILogData);
+				$this->LogOperation($oKPILogData);
+			} else {
+				$oKPILogData = new KpiLogData(
+					KpiLogData::TYPE_REPORT,
+					'Step',
+					$sOperationDesc,
+					$fStarted,
+					$fStopped,
+					'',
+					$iInitialMemory,
+					$iCurrentMemory,
+					$iPeakMemory,
+					$aCallstack
+				);
+				static::$aBootstrapOperations[] = $oKPILogData;
 			}
 		}
 
@@ -388,13 +420,21 @@ class ExecutionKPI
 		$this->ResetCounters();
 	}
 
+	private function LogOperation(KpiLogData $oKPILogData): void
+	{
+		/** @var \iKPILoggerExtension $oExtensionInstance */
+		foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+			$oExtensionInstance->LogOperation($oKPILogData);
+		}
+	}
+
 	/**
 	 * Compute statistics for a call to an extension
 	 * Note: not working in dev mode (with links to env-production)
 	 *
 	 * @param object|string $object object called
-	 * @param string $sMethod       method called on the object
-	 * @param string $sMessage      additional message
+	 * @param string $sMethod method called on the object
+	 * @param string $sMessage additional message
 	 *
 	 * @return bool true if an extension was found for this object::method
 	 * @throws \ReflectionException
@@ -423,21 +463,23 @@ class ExecutionKPI
 
 		$fDuration = 0;
 		if (self::$m_bEnabled_Duration) {
-			$fStopped = MyHelpers::getmicrotime();
+			$fStopped = microtime(true);
 			$fDuration = $fStopped - $this->m_fStarted;
 			$aCallstack = [];
 			if (self::$m_bGenerateLegacyReport) {
 				if (self::$m_bBlameCaller) {
 					$aCallstack = MyHelpers::get_callstack(1);
 					self::$m_aStats[$sOperation][$sArguments][] = [
-							'time' => $fDuration,
-							'callers' => $aCallstack,
+						'time'    => $fDuration,
+						'callers' => $aCallstack,
 					];
 				} else {
 					self::$m_aStats[$sOperation][$sArguments][] = [
-							'time' => $fDuration,
+						'time' => $fDuration,
 					];
 				}
+			} else {
+				$aCallstack = ['callstack' => $this->GetCallStack()];
 			}
 
 			$iInitialMemory = is_null($this->m_iInitialMemory) ? 0 : $this->m_iInitialMemory;
@@ -448,33 +490,45 @@ class ExecutionKPI
 				$iPeakMemory = self::memory_get_peak_usage();
 			}
 
-			// Invoke extensions to log the KPI operation
-			/** @var \iKPILoggerExtension $oExtensionInstance */
-			foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
-				//$sExtension = ModuleService::GetInstance()->GetModuleNameFromCallStack(1);
-				$sExtension = '';
+			if (static::$bMetamodelStarted) {
+				foreach (static::$aBootstrapOperations as $oLog) {
+					$this->LogOperation($oLog);
+				}
+				static::$aBootstrapOperations = [];
 				$oKPILogData = new KpiLogData(
 					KpiLogData::TYPE_STATS,
 					$sOperation,
 					$sArguments,
 					$this->m_fStarted,
 					$fStopped,
-					$sExtension,
+					'',
 					$iInitialMemory,
 					$iCurrentMemory,
 					$iPeakMemory,
 					$aCallstack
 				);
-				$oExtensionInstance->LogOperation($oKPILogData);
+				$this->LogOperation($oKPILogData);
+			} else {
+				$oKPILogData = new KpiLogData(
+					KpiLogData::TYPE_STATS,
+					$sOperation,
+					$sArguments,
+					$this->m_fStarted,
+					$fStopped,
+					'',
+					$iInitialMemory,
+					$iCurrentMemory,
+					$iPeakMemory,
+					$aCallstack
+				);
+				static::$aBootstrapOperations[] = $oKPILogData;
 			}
 		}
 	}
 
 	protected function ResetCounters()
 	{
-		if (self::$m_bEnabled_Duration) {
-			$this->m_fStarted = microtime(true);
-		}
+		$this->m_fStarted = microtime(true);
 
 		if (self::$m_bEnabled_Memory) {
 			$this->m_iInitialMemory = self::memory_get_usage();
@@ -503,7 +557,33 @@ class ExecutionKPI
 		if (function_exists('memory_get_peak_usage')) {
 			return memory_get_peak_usage($bRealUsage);
 		}
+
 		// PHP > 5.2.1 - this verb depends on a compilation option
 		return 0;
 	}
+
+	/*
+	 * ModuleHandlerApiInterface methods
+	 */
+
+	public static function OnMetaModelStarted()
+	{
+		static::$bMetamodelStarted = true;
+	}
+
+	public function RegisterEventsAndListeners()
+	{
+		EventService::RegisterListener(ApplicationEvents::APPLICATION_EVENT_METAMODEL_STARTED, [$this, 'OnMetaModelStarted']);
+	}
+
+	private function GetCallStack(): string
+	{
+		$aCallStack = MyHelpers::get_callstack(2);
+		$sCallStack = "Call stack:\n";
+		foreach ($aCallStack as $index => $aLine) {
+			$sCallStack .= "#$index ".$aLine['File'].'('.$aLine['Line'].'): '.$aLine['Function']."\n";
+		}
+
+		return $sCallStack;
+	}
 }

core/metamodel.class.php

@@ -22,6 +22,8 @@ use Combodo\iTop\Application\EventRegister\ApplicationEvents;
 use Combodo\iTop\Core\MetaModel\FriendlyNameType;
 use Combodo\iTop\Service\Events\EventData;
 use Combodo\iTop\Service\Events\EventService;
+use Combodo\iTop\Setup\ModuleDependency\Module;
+use Combodo\iTop\Setup\ModuleDiscovery\ModuleFileReader;
 
 require_once APPROOT.'core/modulehandler.class.inc.php';
 require_once APPROOT.'core/querymodifier.class.inc.php';
@@ -462,6 +464,43 @@ abstract class MetaModel
 		return call_user_func([$sClass, 'GetClassDescription'], $sClass);
 	}
 
+	/**
+	 * @param string $sClass
+	 *
+	 * @return string
+	 * @throws \CoreException
+	 */
+	final public static function GetModuleName($sClass)
+	{
+		try {
+			$oReflectionClass = new ReflectionClass($sClass);
+			$sDir = realpath(dirname($oReflectionClass->getFileName()));
+			$sApproot = realpath(APPROOT);
+			while (($sDir !== $sApproot) && (str_contains($sDir, $sApproot))) {
+				$aFiles = glob("$sDir/module.*.php");
+				if (count($aFiles) > 1) {
+					return 'core';
+				}
+
+				if (count($aFiles) == 0) {
+					$sDir = realpath(dirname($sDir));
+					continue;
+				}
+
+				$sModuleFilePath = $aFiles[0];
+				$aModuleInfo = ModuleFileReader::GetInstance()->ReadModuleFileInformation($sModuleFilePath);
+				$sModuleId = $aModuleInfo[ModuleFileReader::MODULE_INFO_ID];
+				list($sModuleName, ) = ModuleDiscovery::GetModuleName($sModuleId);
+
+				return $sModuleName;
+			}
+		} catch (\Exception $e) {
+			throw new CoreException("Cannot find class module", ['class' => $sClass], '', $e);
+		}
+
+		return 'core';
+	}
+
 	/**
 	 * @param string $sClass
 	 *

core/oql/build/PHP/ParserGenerator/Data.php

@@ -1656,7 +1656,7 @@ class PHP_ParserGenerator_Data
     function emit_code($out, PHP_ParserGenerator_Rule $rp, &$lineno)
     {
         $linecnt = 0;
-        
+
         /* Generate code to do the reduce action */
         if ($rp->code) {
             $this->tplt_linedir($out, $rp->line, $this->filename);

core/oql/oql-parser.php

@@ -1084,7 +1084,7 @@ static public $yy_action = array(
     function yy_find_shift_action($iLookAhead)
     {
         $stateno = $this->yystack[$this->yyidx]->stateno;
-     
+
         /* if ($this->yyidx < 0) return self::YY_NO_ACTION;  */
         if (!isset(self::$yy_shift_ofst[$stateno])) {
             // no shift actions
@@ -1767,7 +1767,7 @@ throw new OQLParserParseFailureException($this->m_sSourceQuery, $this->m_iLine,
     function yy_syntax_error($yymajor, $TOKEN)
     {
 #line 25 "..\oql-parser.y"
- 
+
 throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol, $this->tokenName($yymajor), $TOKEN);
 #line 1779 "..\oql-parser.php"
     }
@@ -1806,7 +1806,7 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
 //        $yyact;            /* The parser action. */
 //        $yyendofinput;     /* True if we are at the end of input */
         $yyerrorhit = 0;   /* True if yymajor has invoked an error */
-        
+
         /* (re)initialize the parser, if necessary */
         if ($this->yyidx === null || $this->yyidx < 0) {
             /* if ($yymajor == 0) return; // not sure why this was here... */
@@ -1819,7 +1819,7 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
             array_push($this->yystack, $x);
         }
         $yyendofinput = ($yymajor==0);
-        
+
         if (self::$yyTraceFILE) {
             fprintf(
                 self::$yyTraceFILE,
@@ -1828,7 +1828,7 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
                 self::$yyTokenName[$yymajor]
             );
         }
-        
+
         do {
             $yyact = $this->yy_find_shift_action($yymajor);
             if ($yymajor < self::YYERRORSYMBOL
@@ -2002,7 +2002,7 @@ class OQLParser extends OQLParserRaw
 		$this->m_sSourceQuery = $sQuery;
 		// no constructor - parent::__construct();
 	}
-	
+
 	public function doParse($token, $value, $iCurrPosition = 0)
 	{
 		$this->m_iColPrev = $this->m_iCol;
@@ -2016,7 +2016,7 @@ class OQLParser extends OQLParserRaw
 		$this->doParse(0, 0);
 		return $this->my_result;
 	}
-	
+
 	public function __destruct()
 	{
 		// Bug in the original destructor, causing an infinite loop !

core/ormcaselog.class.inc.php

@@ -370,7 +370,7 @@ class ormCaseLog
 	/**
 	 * Produces an HTML representation, aimed at being used within the iTop framework
 	 */
-	public function GetAsHTML(WebPage $oP = null, $bEditMode = false, $aTransfoHandler = null)
+	public function GetAsHTML(?WebPage $oP = null, $bEditMode = false, $aTransfoHandler = null)
 	{
 		$bPrintableVersion = (utils::ReadParam('printable', '0') == '1');
 

core/ormdocument.class.inc.php

@@ -362,8 +362,7 @@ class ormDocument
 					throw new Exception("Invalid id ($id) for class '$sClass' - the object does not exist or you are not allowed to view it");
 				}
 			}
-			if (($sSecretField != null) && ($oObj->Get($sSecretField) != $sSecretValue)) {
-				usleep(200);
+			if (($sSecretField != null) && !hash_equals($oObj->Get($sSecretField), $sSecretValue)) {
 				throw new Exception("Invalid secret for class '$sClass' - the object does not exist or you are not allowed to view it");
 			}
 			/** @var \ormDocument $oDocument */

core/ormlinkset.class.inc.php

@@ -93,7 +93,7 @@ class ormLinkSet implements iDBObjectSetIterator, Iterator, SeekableIterator
 	 * @param DBObjectSet|null $oOriginalSet
 	 * @throws Exception
 	 */
-	public function __construct($sHostClass, $sAttCode, DBObjectSet $oOriginalSet = null)
+	public function __construct($sHostClass, $sAttCode, ?DBObjectSet $oOriginalSet = null)
 	{
 		$this->sHostClass = $sHostClass;
 		$this->sAttCode = $sAttCode;

core/ormpassword.class.inc.php

@@ -98,9 +98,9 @@ class ormPassword
 		$bResult = false;
 		$aInfo = password_get_info($this->m_sHashed);
 		if (is_null($aInfo["algo"]) || $aInfo["algo"] === 0) {
-			//unknown, assume it's a legacy password
+			// - Unknown algorithm, assume it's a legacy password
 			$sHashedPwd = $this->ComputeHash($sClearTextPassword);
-			$bResult = ($this->m_sHashed == $sHashedPwd);
+			$bResult = hash_equals($this->m_sHashed, $sHashedPwd);
 		} else {
 			$bResult = password_verify($sClearTextPassword, $this->m_sHashed);
 		}

css/backoffice/application/bulk/_all.scss

@@ -4,3 +4,4 @@
  */
 
 @import "bulk-modify";
+@import "bulk-export";

css/backoffice/application/bulk/_bulk-export.scss

@@ -0,0 +1,10 @@
+/*
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+#form_part_csv_options:has(#ibo-sanitize-excel-export--input:checked), #form_part_xlsx_options:has(#ibo-sanitize-excel-export--input:checked){
+  #ibo-sanitize-excel-export--alert {
+    display: none;
+  }
+}

css/backoffice/blocks-integrations/_all.scss

@@ -22,4 +22,6 @@
 @import "medallion-with-blocklist";
 @import "field-badge-within-datatable";
 @import "jquery-blockui-within-dialog";
-@import "jquery-blockui-within-datatable";
+@import "jquery-blockui-within-datatable";
+@import "badge-with-badge";
+@import "extension-details-with-extension-details";

css/backoffice/blocks-integrations/_badge-with-badge.scss

@@ -0,0 +1,10 @@
+/*
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+$ibo-badge--spacing-left--with-same-block: $ibo-spacing-200 !default;
+
+.ibo-badge + .ibo-badge {
+  margin-left: $ibo-badge--spacing-left--with-same-block;
+}

css/backoffice/blocks-integrations/_extension-details-with-extension-details.scss

@@ -0,0 +1,11 @@
+/*
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+$ibo-extension-details--margin-top: $ibo-spacing-300 !default;
+
+.ibo-extension-details + .ibo-extension-details,
+.ibo-extension-details--information--description .ibo-extension-details {
+	margin-top: $ibo-extension-details--margin-top;
+}

css/backoffice/components/_all.scss

@@ -33,4 +33,5 @@
 @import "field-badge";
 @import "file-select";
 @import "medallion-icon";
-@import "toast";
+@import "toast";
+@import "badge";

css/backoffice/components/_badge.scss

@@ -0,0 +1,41 @@
+$ibo-badge--padding-x : $ibo-spacing-200 !default;
+$ibo-badge--padding-y : $ibo-spacing-100 !default;
+$ibo-badge--border-radius : $ibo-border-radius-400 !default;
+
+$ibo-badge-colors: (
+		'primary': ($ibo-color-primary-100, $ibo-color-primary-900),
+		'secondary': ($ibo-color-secondary-100, $ibo-color-secondary-900),
+		'neutral': ($ibo-color-secondary-100, $ibo-color-secondary-900),
+		'information': ($ibo-color-information-100, $ibo-color-information-900),
+		'success': ($ibo-color-success-100, $ibo-color-success-900),
+		'failure': ($ibo-color-danger-100, $ibo-color-danger-900),
+		'warning': ($ibo-color-warning-100,$ibo-color-warning-900),
+		'danger': ($ibo-color-danger-100,$ibo-color-danger-900),
+		'grey' : ($ibo-color-grey-100, $ibo-color-grey-900),
+		'blue-grey': ($ibo-color-blue-grey-100, $ibo-color-blue-grey-900),
+		'blue': ($ibo-color-blue-100, $ibo-color-blue-900),
+		'cyan': ($ibo-color-cyan-100, $ibo-color-cyan-900),
+		'green': ($ibo-color-green-100, $ibo-color-green-900),
+		'orange' : ($ibo-color-orange-100, $ibo-color-orange-900),
+		'red': ($ibo-color-red-100, $ibo-color-red-900),
+		'pink': ($ibo-color-pink-100, $ibo-color-pink-900),
+) !default;
+
+
+
+.ibo-badge {
+	display: inline-block;
+	white-space: nowrap;
+	padding : $ibo-badge--padding-y $ibo-badge--padding-x;
+	border-radius : $ibo-badge--border-radius;
+	@extend %ibo-font-ral-med-50;
+
+	@each $sColor, $aColorValues in $ibo-badge-colors {
+		$bg-color: nth($aColorValues, 1);
+		$text-color: nth($aColorValues, 2);
+		&.ibo-is-#{$sColor} {
+			background-color: $bg-color;
+			color: $text-color;
+		}
+	}
+}

css/backoffice/components/_panel.scss

@@ -72,9 +72,12 @@ $ibo-panel--icon--spacing--as-medallion--is-sticking: $ibo-panel--icon--spacing-
 $ibo-panel--icon--bottom--as-medallion--is-sticking: -12px !default;
 $ibo-panel--icon--border--as-medallion--is-sticking: 1px $ibo-panel--base-border-style $ibo-panel--base-border-color !default;
 
-$ibo-panel--icon-background--size--must-contain: contain !default;
-$ibo-panel--icon-background--size--must-cover: cover !default;
-$ibo-panel--icon-background--size--must-zoomout: 66.67% !default;
+$ibo-panel--icon-background--size--must-contain: contain !default; // deprecated, to be removed in favor of $ibo-panel--icon-img--size--must-contain
+$ibo-panel--icon-background--size--must-cover: cover !default; // deprecated, to be removed in favor of $ibo-panel--icon-img--size--must-cover
+$ibo-panel--icon-background--size--must-zoomout: 66.67% !default; // deprecated, to be removed in favor of $ibo-panel--icon-img--size--must-zoomout
+$ibo-panel--icon-img--size--must-contain: $ibo-panel--icon-background--size--must-contain !default; // TODO remove when dealing with N°9317
+$ibo-panel--icon-img--size--must-cover: $ibo-panel--icon-background--size--must-cover !default; // TODO remove when dealing with N°9317
+$ibo-panel--icon-img--size--must-zoomout: $ibo-panel--icon-background--size--must-zoomout !default; // TODO remove when dealing with N°9317
 
 $ibo-panel--title--font-size--is-sticking: $ibo-font-size-150 !default;
 $ibo-panel--title--color: $ibo-color-grey-900 !default;
@@ -179,24 +182,25 @@ $ibo-panel--is-selectable--body--after--font-size: $ibo-font-size-700 !default;
   min-height: $ibo-panel--icon--size;
 }
 
-.ibo-panel--icon-background {
+.ibo-panel--icon-img, .ibo-panel--icon-background { // second class is deprecated, remove it when dealing with N°9317
   width: 100%;
   height: 100%;
   background-position: center;
   background-repeat: no-repeat;
-  background-size: $ibo-panel--icon-background--size--must-contain;
+  background-size: $ibo-panel--icon-img--size--must-contain;
 }
 
-.ibo-panel--icon-background--must-contain {
-  background-size: $ibo-panel--icon-background--size--must-contain;
+.ibo-panel--icon-img--must-contain, .ibo-panel--icon-background--must-contain { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-panel--icon-img--size--must-contain;
 }
 
-.ibo-panel--icon-background--must-cover {
-  background-size: $ibo-panel--icon-background--size--must-cover;
+.ibo-panel--icon-img--must-cover, .ibo-panel--icon-background--must-cover { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-panel--icon-img--size--must-cover;
 }
 
-.ibo-panel--icon-background--must-zoomout {
-  background-size: $ibo-panel--icon-background--size--must-zoomout;
+.ibo-panel--icon-img--must-zoomout, .ibo-panel--icon-background--must-zoomout { // second class is deprecated, remove it when dealing with N°9317
+  width: $ibo-panel--icon-img--size--must-zoomout;
+  height: $ibo-panel--icon-img--size--must-zoomout;
 }
 
 .ibo-panel--title {

css/backoffice/components/_title.scss

@@ -11,9 +11,12 @@ $ibo-title--icon--size: 90px !default;
 $ibo-title--icon--size-2: 80px !default;
 $ibo-title--icon--size-3: 70px !default;
 
-$ibo-title--icon-background--size--must-contain: contain !default;
-$ibo-title--icon-background--size--must-cover: cover !default;
-$ibo-title--icon-background--size--must-zoomout: 66.67% !default;
+$ibo-title--icon-background--size--must-contain: contain !default; // deprecated, to be removed in favor of $ibo-title--icon-img--size--must-contain
+$ibo-title--icon-background--size--must-cover: cover !default; // deprecated, to be removed in favor of $ibo-title--icon-img--size--must-cover
+$ibo-title--icon-background--size--must-zoomout: 66.67% !default; // deprecated, to be removed in favor of $ibo-title--icon-img--size--must-zoomout
+$ibo-title--icon-img--size--must-contain: $ibo-title--icon-background--size--must-contain !default; // TODO remove when dealing with N°9317
+$ibo-title--icon-img--size--must-cover: $ibo-title--icon-background--size--must-cover !default; // TODO remove when dealing with N°9317
+$ibo-title--icon-img--size--must-zoomout: $ibo-title--icon-background--size--must-zoomout !default; // TODO remove when dealing with N°9317
 
 
 .ibo-title {
@@ -44,24 +47,23 @@ $ibo-title--icon-background--size--must-zoomout: 66.67% !default;
   min-height: $ibo-title--icon--size-3;
 }
 
-.ibo-title--icon-background {
+.ibo-title--icon-img, .ibo-title--icon-background { // second class is deprecated, remove it when dealing with N°9317
   width: 100%;
   height: 100%;
-  background-position: center;
-  background-repeat: no-repeat;
-  background-size: $ibo-title--icon-background--size--must-contain;
+  object-position: center;
+  background-size: $ibo-title--icon-img--size--must-contain;
 }
 
-.ibo-title--icon-background--must-contain {
-  background-size: $ibo-title--icon-background--size--must-contain;
+.ibo-title--icon-img--must-contain, .ibo-title--icon-background--must-contain { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-title--icon-img--size--must-contain;
 }
 
-.ibo-title--icon-background--must-cover {
-  background-size: $ibo-title--icon-background--size--must-cover;
+.ibo-title--icon-img--must-cover, .ibo-title--icon-background--must-cover { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-title--icon-img--size--must-cover;
 }
 
-.ibo-title--icon-background--must-zoomout {
-  background-size: $ibo-title--icon-background--size--must-zoomout;
+.ibo-title--icon-img--must-zoomout, .ibo-title--icon-background--must-zoomout { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-title--icon-img--size--must-zoomout;
 }
 
 .ibo-title--for-object-details {

css/backoffice/components/input/_input-toggler.scss

@@ -8,6 +8,7 @@ $ibo-toggler--wrapper--height: 20px !default;
 
 $ibo-toggler--slider--border-radius: $ibo-border-radius-900 !default;
 $ibo-toggler--slider--background-color: $ibo-color-secondary-600 !default;
+$ibo-toggler--slider--disabled--background-color: $ibo-color-secondary-200 !default;
 
 $ibo-toggler--slider--before--left: 3px !default;
 $ibo-toggler--slider--before--bottom: 3px !default;
@@ -17,6 +18,7 @@ $ibo-toggler--slider--before--border-radius: $ibo-border-radius-full !default;
 $ibo-toggler--slider--before--background-color: $ibo-color-grey-100 !default;
 
 $ibo-toggler--slider--checked--background-color: $ibo-color-primary-600 !default;
+$ibo-toggler--slider--checked-disabled--background-color: $ibo-color-primary-200 !default;
 $ibo-toggler--slider--focus--box-shadow: 0 0 1px $ibo-color-primary-600 !default;
 
 $ibo-toggler--label--margin-left: 4px !default;
@@ -61,6 +63,13 @@ $ibo-toggler--label--margin-left: 4px !default;
   background-color: $ibo-toggler--slider--checked--background-color;
 }
 
+.ibo-toggler--wrapper input:disabled + .ibo-toggler--slider {
+  background-color: $ibo-toggler--slider--disabled--background-color;
+}
+.ibo-toggler--wrapper input:checked:disabled + .ibo-toggler--slider {
+  background-color: $ibo-toggler--slider--checked-disabled--background-color;
+}
+
 input:focus + .ibo-toggler--slider {
   box-shadow: $ibo-toggler--slider--focus--box-shadow;
 }

css/backoffice/layout/_all.scss

@@ -15,3 +15,4 @@
 @import "wizard-container/wizard-container";
 @import "object/all";
 @import "activity-panel/all";
+@import "extension/all";

css/backoffice/layout/extension/_all.scss

@@ -0,0 +1 @@
+@import "extension-details";

css/backoffice/layout/extension/_extension-details.scss

@@ -0,0 +1,65 @@
+$ibo-extension-details--information--metadata--padding: $ibo-spacing-200 !default;
+$ibo-extension-details--information--metadata--delimiter: "-" !default;
+$ibo-extension-details--information--metadata--color: $ibo-color-grey-700 !default;
+$ibo-extension-details--actions--button--padding-y: 3px !default;
+$ibo-extension-details--actions--button--padding-x: $ibo-button--padding-x !default;
+
+.ibo-extension-details {
+	display: inline-flex;
+	flex-direction: row;
+	justify-content: space-between;
+	align-items: center;
+	width: 100%;
+}
+
+.ibo-extension-details--information {
+	flex-grow: 1;
+	display: flex;
+	flex-direction: column;
+}
+
+.ibo-extension-details--actions {
+	display: flex;
+}
+
+.ibo-extension-details--information--label {
+	@extend %ibo-font-ral-med-150;
+}
+
+.ibo-extension-details--information--metadata {
+	@extend %ibo-font-ral-med-100;
+	color: $ibo-extension-details--information--metadata--color;
+}
+
+.ibo-extension-details--information--description {
+	@extend %ibo-font-ral-med-100;
+}
+
+.ibo-extension-details--information--metadata span + span:before {
+	content: $ibo-extension-details--information--metadata--delimiter;
+	padding-left: $ibo-extension-details--information--metadata--padding;
+	padding-right: $ibo-extension-details--information--metadata--padding;
+}
+
+//ibo-extension-details can have other ibo-extension-details inside its ibo-extension-details--information--description in the setup. We need to only affect direct children
+.ibo-extension-details:has(>.ibo-extension-details--actions  input:is([type="checkbox"], [type="radio"]):checked){
+	&>.ibo-extension-details--information>.ibo-extension-details--information--label .ibo-badge.unchecked {
+		display: none;
+	}
+}
+//Merging the two lines below with :is([type="checkbox"], [type="radio"]) will generate a warning in scss compiler
+.ibo-extension-details:has(>.ibo-extension-details--actions input[type="checkbox"]:not(:checked)),
+.ibo-extension-details:has(>.ibo-extension-details--actions input[type="radio"]:not(:checked)) {
+	&>.ibo-extension-details--information>.ibo-extension-details--information--label .ibo-badge.checked {
+		display: none;
+	}
+}
+
+
+.ibo-extension-details--actions > button {
+	padding: $ibo-extension-details--actions--button--padding-y $ibo-extension-details--actions--button--padding-x;
+}
+
+.ibo-extension-details--actions:has(.toggler-install:not(:disabled)) .ibo-popover-menu--section a[data-resource-id="force_uninstall"] {
+	display: none;
+}

css/backoffice/layout/multi-column/_multi-column.scss

@@ -5,9 +5,11 @@
 
 $ibo-multi-column--margin-x: -$ibo-spacing-500 !default; /* This is to compensate columns padding and make the whole multicolumn align with the parent borders (cf. Bootstrap rows / cols) */
 $ibo-multi-column--margin-y: $ibo-spacing-0 !default;
+$ibo-multi-column--row-gap: $ibo-spacing-800 !default;
 
 .ibo-multi-column {
   display: flex;
   flex-wrap: wrap;
   margin: $ibo-multi-column--margin-y $ibo-multi-column--margin-x;
+  row-gap: $ibo-multi-column--row-gap;
 }

css/backoffice/vendors/_selectize.scss

@@ -29,7 +29,7 @@ $ibo-vendors-selectize--element--active--background: $ibo-color-blue-100 !defaul
 $ibo-vendors-selectize--element--active--color: $ibo-color-grey-900 !default;
 
 $ibo-vendors-selectize--dropdown--background-color: $ibo-vendors-selectize-input--background-color !default;
-$ibo-vendors-selectize--dropdown--color:  $ibo-vendors-selectize-input--color!default;
+$ibo-vendors-selectize--dropdown--color: $ibo-vendors-selectize-input--color !default;
 
 $ibo-vendors-selectize--header--padding-x: 8px !default;
 $ibo-vendors-selectize--header--padding-y: 5px !default;

css/setup.scss

@@ -316,29 +316,34 @@ fieldset {
 	background-color: #F7FAFC;
 	padding: 10px;
 	.wiz-choice{
-		&:checked ~ .description {
-			#itop-ticket-mgmt-simple-ticket-enhanced-portal:not(:checked),
-			#itop-ticket-mgmt-itil-enhanced-portal:not(:checked) {
-				~ .description::after {
-					content: "Legacy portal is no longer part of iTop, by leaving this option unchecked your portal users won't be able to access iTop anymore.";
-					display: block;
-					margin-top: 0.5em;
-					font-weight: bold;
-					color: $legacy-portal-removal-text-color;
-				}
-			}
-		}
-		&:not(:checked) ~ label .setup-extension-tag.checked{
+		&:not(:checked) ~ label .checked{
 			display:none;
 		}
-		&:checked ~ label .setup-extension-tag.unchecked{
+		&:checked ~ label .unchecked{
 			display:none;
 		}
 	}
 }
 
+.ibo-extension-details:has(>.ibo-extension-details--actions>input:checked) {
+	.ibo-extension-details:has(#itop-ticket-mgmt-simple-ticket-enhanced-portal:not(:checked), #itop-ticket-mgmt-itil-enhanced-portal:not(:checked)) {
+		.ibo-extension-details--information--description::after {
+			content: "Legacy portal is no longer part of iTop, by leaving this option unchecked your portal users won't be able to access iTop anymore.";
+			display: block;
+			margin-top: 0.5em;
+			font-weight: bold;
+			color: $legacy-portal-removal-text-color;
+		}
+	}
+}
 
+.ibo-extension-details--information--metadata{
+	color: $ibo-color-grey-800;
+}
 
+.choice-disabled {
+	color: $ibo-color-grey-700;
+}
 
 body {
   font-size: 1.17rem;
@@ -522,10 +527,12 @@ body {
   }
 }
 
-.ibo-setup-summary-title {
-  font-size: $ibo-font-size-150;
+.ibo-setup-summary-title, .ibo-setup-summary-title:visited, .ibo-setup-summary-title:hover {
+	font-size: $ibo-font-size-150;
+	color: inherit;
 }
 
+
 #ibo-setup-licenses--components-list {
   background-color: $ibo-color-white-200;
   padding: 12px;
@@ -605,6 +612,7 @@ body {
 	color:#a00000;
 }
 .setup-extension-tag {
+  display: inline-flex;
 	background-color: grey;
 	border-radius: 8px;
 	padding-left: 3px;
@@ -630,6 +638,21 @@ body {
 	}
 }
 
+.ibo-extension-details {
+	align-items: flex-start;
+}
+.ibo-extension-details--actions input{
+	margin:0.2em 0.5em;
+	width: 12px;
+}
+:not(.ibo-badge) ~ .ibo-badge{
+	margin-left:0.5em;
+}
+.ibo-extension-details--information--label i{
+	font-size : 0.9em;
+	margin-left:0.3em;
+}
+
 .setup--wizard-choice--label + .setup--wizard-choice--more-info {
   margin-left: 0.5rem;
 }
@@ -681,9 +704,6 @@ body {
     overflow: auto;
     text-align: center;
   }
-  #installation_progress {
-    display: none;
-  }
   #fresh_content{
     border: 0;
     min-height: 300px;

datamodels/2.x/authent-local/datamodel.authent-local.xml

@@ -2,7 +2,7 @@
 <itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.3">
   <module_parameters>
     <parameters id="authent-local" _delta="define">
-      <password_validation.pattern>^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\da-zA-Z]).{8,}$</password_validation.pattern>
+      <password_validation.pattern>^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\da-zA-Z]).{12,}$</password_validation.pattern>
       <password_validation.message type="hash"/>
     </parameters>
   </module_parameters>

datamodels/2.x/authent-local/dictionaries/cs.dict.authent-local.php

@@ -29,7 +29,7 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Heslo nemůže uživatel změnit.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Heslo bylo obnoveno',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Termín, kdy bylo heslo změneno',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Heslo musí obsahovat minimálně 8 znaků a musí obsahovat minimálně jedno velké písmeno, jedno malé písmeno, jedno číslo a speciální znak.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Heslo musí obsahovat minimálně 12 znaků a musí obsahovat minimálně jedno velké písmeno, jedno malé písmeno, jedno číslo a speciální znak.',
 	'UserLocal:password:expiration' => 'Níže uvedená pole vyžadují rozšíření',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Nastavení exspirace "Jednorázového hesla" nelze u vlastního účtu uživatele.',
 ]);

datamodels/2.x/authent-local/dictionaries/da.dict.authent-local.php

@@ -28,7 +28,7 @@ Dict::Add('DA DA', 'Danish', 'Dansk', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);

datamodels/2.x/authent-local/dictionaries/de.dict.authent-local.php

@@ -28,7 +28,7 @@ Dict::Add('DE DE', 'German', 'Deutsch', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Letzte Passworterneuerung',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Letztes Änderungsdatum',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Das Passwort entspricht nicht dem in den Konfigurationsregeln hinterlegten RegEx-Ausdruck',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Das Passwort muss mindestens 12 Zeichen lang sein und Großbuchstaben, Kleinbuchstaben, Zahlen und Sonderzeichen enthalten.',
 	'UserLocal:password:expiration' => 'Die folgenden Felder benötigen eine '.ITOP_APPLICATION_SHORT.' Erweiterung',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Das setzen des Passwortablaufs auf "Einmalpasswort" ist für den eigenen Benutzer nicht erlaubt.',
 ]);

datamodels/2.x/authent-local/dictionaries/en.dict.authent-local.php

@@ -55,7 +55,7 @@ Dict::Add('EN US', 'English', 'English', [
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed',
 
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.',
 	'UserLocal:password:expiration' => 'The fields below require an extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User',
 ]);

datamodels/2.x/authent-local/dictionaries/en_gb.dict.authent-local.php

@@ -55,7 +55,7 @@ Dict::Add('EN GB', 'British English', 'British English', [
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed',
 
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.',
 	'UserLocal:password:expiration' => 'The fields below require an extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User',
 ]);

datamodels/2.x/authent-local/dictionaries/es_cr.dict.authent-local.php

@@ -25,7 +25,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'El usuario no puede cambiar la contraseña.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Renovación de contraseña',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Cuando fue el último cambio de contraseña',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 8 caracteres e incluír mayúsculas, minúsculas, números y caracteres especiales.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 12 caracteres e incluir mayúsculas, minúsculas, números y caracteres especiales.',
 	'UserLocal:password:expiration' => 'El siguiente campo requiere una extensión',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Configurar expiración de contraseña para "ontraseña de un solo uso" no está permitido para su propio Usuario',
 ]);

datamodels/2.x/authent-local/dictionaries/fr.dict.authent-local.php

@@ -27,7 +27,7 @@ Dict::Add('FR FR', 'French', 'Français', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Mot de passe changé le',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Dernière date à laquelle le mot de passe a été changé',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Le mot de passe doit contenir au moins 8 caractères, avec minuscule, majuscule, nombre et caractère spécial.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Le mot de passe doit contenir au moins 12 caractères, avec minuscule, majuscule, nombre et caractère spécial.',
 	'UserLocal:password:expiration' => 'Les champs ci-dessous nécessitent une extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Impossible de mettre "Usage unique" comme validité du mot de passe pour son propre utilisateur.',
 ]);

datamodels/2.x/authent-local/dictionaries/hu.dict.authent-local.php

@@ -27,7 +27,7 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'A felhasználó nem változtathat jelszót.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Jelszó megújítás ideje',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'A jelszó legutóbbi módosításának időpontja',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A jelszónak legalább 8 karakterből kell állnia, és tartalmaznia kell nagybetűket, kisbetűket, numerikus és speciális karaktereket.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A jelszónak legalább 12 karakterből kell állnia, és tartalmaznia kell nagybetűket, kisbetűket, numerikus és speciális karaktereket.',
 	'UserLocal:password:expiration' => 'Az alábbi mezőkhöz egy bővítmény szükséges',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'A jelszó lejárati idejének beállítása "Egyszeri jelszóra" nem engedélyezett a saját Felhasználó számára.',
 ]);

datamodels/2.x/authent-local/dictionaries/it.dict.authent-local.php

@@ -27,7 +27,7 @@ Dict::Add('IT IT', 'Italian', 'Italiano', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'La password non può essere cambiata dall\'utente.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Rinnovo della password',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Quando è stata cambiata l\'ultima volta la password',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La password deve essere di almeno 8 caratteri e includere lettere maiuscole, minuscole, numeri e caratteri speciali.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La password deve essere di almeno 12 caratteri e includere lettere maiuscole, minuscole, numeri e caratteri speciali.',
 	'UserLocal:password:expiration' => 'I campi sottostanti richiedono un\'estensione',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Impostare la scadenza della password su "Password monouso" non è consentito per il proprio utente',
 ]);

datamodels/2.x/authent-local/dictionaries/ja.dict.authent-local.php

@@ -28,7 +28,7 @@ Dict::Add('JA JP', 'Japanese', '日本語', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);

datamodels/2.x/authent-local/dictionaries/nl.dict.authent-local.php

@@ -28,7 +28,7 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'De gebruiker kan dit wachtwoord niet veranderen.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Wachtwoord laatst aangepast',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Tijdstip waarop het wachtwoord het laatst aangepast werd.',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Het wachtwoord bestaat uit minstens 8 tekens en bestaat uit een mix van minstens 1 hoofdletter, kleine letter, cijfer en speciaal teken.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Het wachtwoord bestaat uit minstens 12 tekens en bestaat uit een mix van minstens 1 hoofdletter, kleine letter, cijfer en speciaal teken.',
 	'UserLocal:password:expiration' => 'De velden hieronder vereisen een extensie.',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Je kan geen eenmalig wachtwoord instellen voor je eigen gebruiker.',
 ]);

datamodels/2.x/authent-local/dictionaries/pl.dict.authent-local.php

@@ -27,7 +27,7 @@ Dict::Add('PL PL', 'Polish', 'Polski', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Hasło nie może być zmienione przez użytkownika.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Odnowienie hasła',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Kiedy ostatnio zmieniano hasło',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Hasło musi mieć co najmniej 8 znaków i zawierać duże, małe litery, cyfry i znaki specjalne.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Hasło musi mieć co najmniej 12 znaków i zawierać duże, małe litery, cyfry i znaki specjalne.',
 	'UserLocal:password:expiration' => 'Poniższe pola wymagają rozszerzenia',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Ustawienie wygaśnięcia hasła "Hasło jednorazowe" nie jest dozwolone dla własnego użytkownika',
 ]);

datamodels/2.x/authent-local/dictionaries/ru.dict.authent-local.php

@@ -28,7 +28,7 @@ Dict::Add('RU RU', 'Russian', 'Русский', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Дата изменения пароля',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Когда пароль был изменен в последний раз',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Пароль должен содержать не менее 8 символов и включать прописные, строчные, числовые и специальные символы.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Пароль должен содержать не менее 12 символов и включать прописные, строчные, числовые и специальные символы.',
 	'UserLocal:password:expiration' => 'Поля требуют наличия доп. расширения',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);

datamodels/2.x/authent-local/dictionaries/sk.dict.authent-local.php

@@ -27,7 +27,7 @@ Dict::Add('SK SK', 'Slovak', 'Slovenčina', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);

datamodels/2.x/authent-local/dictionaries/tr.dict.authent-local.php

@@ -28,7 +28,7 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);

datamodels/2.x/authent-local/dictionaries/zh_cn.dict.authent-local.php

@@ -51,7 +51,7 @@ Dict::Add('ZH CN', 'Chinese', '简体中文', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '用户不允许修改密码.',
 	'Class:UserLocal/Attribute:password_renewed_date' => '密码更新',
 	'Class:UserLocal/Attribute:password_renewed_date+' => '上次修改密码的时间',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => '密码必须至少8个字符, 包含大小写, 数字和特殊字符.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => '密码必须至少12个字符, 包含大小写, 数字和特殊字符.',
 	'UserLocal:password:expiration' => '下面的区域需要插件扩展',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => '不允许用户为自己设置 "一次性密码" 的失效期限',
 ]);

datamodels/2.x/combodo-data-feature-removal/assets/css/DataFeatureRemoval.css

@@ -0,0 +1,9 @@
+/*
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+/*
+ * CSS of the template page
+ */
+

datamodels/2.x/combodo-data-feature-removal/assets/js/DataFeatureRemoval.js

@@ -0,0 +1,9 @@
+/*
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+/*
+ * Javascript file loaded in template page
+ */
+

datamodels/2.x/combodo-data-feature-removal/composer.json

@@ -0,0 +1,17 @@
+{
+  "config": {
+    "classmap-authoritative": true
+  },
+  "autoload": {
+    "psr-4": {
+      "Combodo\\iTop\\DataFeatureRemoval\\": "src",
+      "": "src/NoNamespace"
+    }
+  },
+  "name": "combodo/combodo-data-feature-removal",
+  "type": "itop-extension",
+  "description": "iTop Data Feature Removal",
+  "require": {
+    "composer-runtime-api": "^2.0"
+  }
+}

datamodels/2.x/combodo-data-feature-removal/composer.lock

@@ -0,0 +1,20 @@
+{
+    "_readme": [
+        "This file locks the dependencies of your project to a known state",
+        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
+        "This file is @generated automatically"
+    ],
+    "content-hash": "b862a55cbf5448fb99f0905a4db6529b",
+    "packages": [],
+    "packages-dev": [],
+    "aliases": [],
+    "minimum-stability": "stable",
+    "stability-flags": {},
+    "prefer-stable": false,
+    "prefer-lowest": false,
+    "platform": {
+        "composer-runtime-api": "^2.0"
+    },
+    "platform-dev": {},
+    "plugin-api-version": "2.6.0"
+}

datamodels/2.x/combodo-data-feature-removal/datamodel.combodo-data-feature-removal.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.3">
+  <menus>
+    <menu id="DataFeatureRemovalMenu" xsi:type="WebPageMenuNode" _delta="define">
+      <rank>30</rank>
+      <parent>SystemTools</parent>
+      <url>$pages/exec.php?exec_module=combodo-data-feature-removal&amp;exec_page=index.php&amp;c[menu]=DataFeatureRemovalMenu</url>
+      <enable_admin_only>1</enable_admin_only>
+    </menu>
+  </menus>
+  <module_parameters>
+    <parameters id="combodo-data-feature-removal">
+      <max_count_estimation_for_safe_cleanup>100</max_count_estimation_for_safe_cleanup>
+    </parameters>
+  </module_parameters>
+</itop_design>

datamodels/2.x/combodo-data-feature-removal/dictionaries/en.dict.combodo-data-feature-removal.php

@@ -0,0 +1,58 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+/**
+ * Localized data
+ */
+
+Dict::Add('EN US', 'English', 'English', [
+	'Menu:DataFeatureRemovalMenu' => 'Features Removal',
+	'combodo-data-feature-removal/Operation:Main/Title' => 'Features Removal',
+
+	'DataFeatureRemoval:Main:Title' => 'Features Removal',
+	'DataFeatureRemoval:Main:SubTitle' => 'Prepare features you want to enable/disable in a future setup',
+	'DataFeatureRemoval:Failure:Title' => 'Feature dry removal errors',
+	'DataFeatureRemoval:Helper:Title' => 'Enable or disable features that are installed in your iTop.',
+	'DataFeatureRemoval:Helper:Desc1' => 'It will prepare the setup step that proceeds to feature enabling or disabling.',
+	'DataFeatureRemoval:Helper:Desc2' => 'Analyze if there are any data or dependency preventing you from enabling/disabling a feature.',
+
+	'DataFeatureRemoval:Features:Title' => 'Features',
+	'DataFeatureRemoval:Analysis:Title' => 'Analysis result',
+	'DataFeatureRemoval:Analysis:SubTitle' => '%1$s element(s) to clean before continuing',
+
+	'DataFeatureRemoval:DeletionPlan:Title' => 'Deletion plan',
+	'DataFeatureRemoval:DeletionPlan:SubTitle' => '%1$s rows to clean before continuing',
+	'DataFeatureRemoval:DoDeletion:Title' => 'Do deletion',
+	'DataFeatureRemoval:DoDeletion:SubTitle' => 'Remove all the entries from the database',
+	'DataFeatureRemoval:DeletionPlan:ToManyOperations' => 'Too many entries to clean',
+
+	'DataFeatureRemoval:Table:Analysis:ClassName' => 'Element to remove',
+	'DataFeatureRemoval:Table:Analysis:FeatureName' => 'Feature name',
+	'DataFeatureRemoval:Table:Analysis:Module' => 'Module name',
+	'DataFeatureRemoval:Table:Analysis:Occurrence' => 'Occurrence',
+
+	'UI:Button:Analyze' => 'Analyze',
+	'UI:Button:ModifyChoices' => 'Modify Choices',
+	'UI:Button:AnalyzeAndSetup' => 'Analyze and go to setup',
+	'UI:Button:PlanDeletion' => 'Prepare deletion plan',
+	'UI:Button:DoDeletion' => 'Delete data',
+	'UI:Button:BackToMain' => 'Back to Feature Removal',
+	'UI:Button:Setup' => 'Back to setup',
+
+	'UI:Action:ForceUninstall' => 'Force uninstall',
+	'UI:Action:MoreInfo' => 'More information',
+
+	'DataFeatureRemoval:Table:Empty' => 'No data to remove',
+
+	'DataFeatureRemoval:Column:Class' => 'Class',
+	'DataFeatureRemoval:Column:DeleteCount' => 'Entries to delete',
+	'DataFeatureRemoval:Column:UpdateCount' => 'Entries to update',
+	'DataFeatureRemoval:Column:Issue' => 'Issue',
+
+	'DataFeatureRemoval:Column:DeletedCount' => 'Deleted entries',
+	'DataFeatureRemoval:Column:UpdatedCount' => 'Updated entries',
+]);

datamodels/2.x/combodo-data-feature-removal/dictionaries/fr.dict.combodo-data-feature-removal.php

@@ -0,0 +1,58 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+/**
+* Localized data
+*/
+
+Dict::Add('FR FR', 'French', 'Français', [
+	'Menu:DataFeatureRemovalMenu' => 'Suppression de fonctionnalités',
+	'combodo-data-feature-removal/Operation:Main/Title' => 'Suppression de fonctionnalités',
+
+	'DataFeatureRemoval:Main:Title' => 'Suppression de fonctionnalités',
+	'DataFeatureRemoval:Main:SubTitle' => 'Préparez les fonctionnalités que vous souhaitez activer ou désactiver lors d’une prochaine configuration',
+	'DataFeatureRemoval:Failure:Title' => 'Erreurs lors de la simulation de suppression de fonctionnalités',
+	'DataFeatureRemoval:Helper:Title' => 'Activez ou désactivez les fonctionnalités installées dans votre iTop.',
+	'DataFeatureRemoval:Helper:Desc1' => 'Cette étape prépare l’assistant de configuration à activer ou désactiver des fonctionnalités.',
+	'DataFeatureRemoval:Helper:Desc2' => 'Analyse si des données ou des dépendances empêchent l’activation ou la désactivation d’une fonctionnalité.',
+
+	'DataFeatureRemoval:Features:Title' => 'Fonctionnalités',
+	'DataFeatureRemoval:Analysis:Title' => 'Résultat de l’analyse',
+	'DataFeatureRemoval:Analysis:SubTitle' => '%1$s élément(s) à nettoyer avant de poursuivre',
+
+	'DataFeatureRemoval:DeletionPlan:Title' => 'Plan de suppression',
+	'DataFeatureRemoval:DeletionPlan:SubTitle' => '%1$s ligne(s) à nettoyer avant de poursuivre',
+	'DataFeatureRemoval:DoDeletion:Title' => 'Exécuter la suppression',
+	'DataFeatureRemoval:DoDeletion:SubTitle' => 'Supprime toutes les entrées de la base de données',
+	'DataFeatureRemoval:DeletionPlan:ToManyOperations' => 'Trop d’entrées à nettoyer',
+
+	'DataFeatureRemoval:Table:Analysis:ClassName' => 'Élément à supprimer',
+	'DataFeatureRemoval:Table:Analysis:FeatureName' => 'Fonctionnalité',
+	'DataFeatureRemoval:Table:Analysis:Module' => 'Module',
+	'DataFeatureRemoval:Table:Analysis:Occurrence' => 'Occurrence',
+
+	'UI:Button:Analyze' => 'Analyser',
+	'UI:Button:ModifyChoices' => 'Modifier les choix',
+	'UI:Button:AnalyzeAndSetup' => 'Analyser et ouvrir l’assistant de configuration',
+	'UI:Button:PlanDeletion' => 'Préparer le plan de suppression',
+	'UI:Button:DoDeletion' => 'Supprimer les données',
+	'UI:Button:BackToMain' => 'Retour à la suppression de fonctionnalités',
+	'UI:Button:Setup' => 'Retour à l’assistant de configuration',
+
+	'UI:Action:ForceUninstall' => 'Forcer la désinstallation',
+	'UI:Action:MoreInfo' => 'Plus d’informations',
+
+	'DataFeatureRemoval:Table:Empty' => 'Aucune donnée à supprimer',
+
+	'DataFeatureRemoval:Column:Class' => 'Classe',
+	'DataFeatureRemoval:Column:DeleteCount' => 'Entrées à supprimer',
+	'DataFeatureRemoval:Column:UpdateCount' => 'Entrées à mettre à jour',
+	'DataFeatureRemoval:Column:Issue' => 'Problème',
+
+	'DataFeatureRemoval:Column:DeletedCount' => 'Entrées supprimées',
+	'DataFeatureRemoval:Column:UpdatedCount' => 'Entrées mises à jour',
+]);

datamodels/2.x/combodo-data-feature-removal/index.php

@@ -0,0 +1,20 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval;
+
+use Combodo\iTop\DataFeatureRemoval\Controller\DataFeatureRemovalController;
+use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalHelper;
+use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalLog;
+
+require_once(APPROOT.'application/startup.inc.php');
+
+DataFeatureRemovalLog::Enable();
+
+$oController = new DataFeatureRemovalController(MODULESROOT.DataFeatureRemovalHelper::MODULE_NAME.'/templates', DataFeatureRemovalHelper::MODULE_NAME);
+$oController->SetDefaultOperation('Main');
+$oController->HandleOperation();

datamodels/2.x/combodo-data-feature-removal/model.combodo-data-feature-removal.php

@@ -0,0 +1,16 @@
+<?php
+
+// PHP Data Model definition file
+
+// WARNING - WARNING - WARNING
+// DO NOT EDIT THIS FILE (unless you know what you are doing)
+//
+// If you provide a datamodel.xxxx.xml file with your module,
+// this file WILL BE overwritten by the compilation of the
+// module (during the setup) if the datamodel.xxxx.xml file
+// contains the definition of new classes or menus.
+//
+// The recommended way to define new classes (for iTop 2.0 and later) is via the XML definition.
+// This file remains in the module's template only for the cases where there is:
+// - either no new class or menu defined in the XML file
+// - or no XML file at all supplied by the module

datamodels/2.x/combodo-data-feature-removal/module.combodo-data-feature-removal.php

@@ -0,0 +1,54 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+//
+// iTop module definition file
+//
+
+SetupWebPage::AddModule(
+	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
+	'combodo-data-feature-removal/3.3.0',
+	[
+		// Identification
+		//
+		'label' => 'iTop Data Feature Removal',
+		'category' => 'business',
+
+		// Setup
+		//
+		'dependencies' => [
+
+		],
+		'mandatory' => true,
+		'visible' => false,
+
+		// Components
+		//
+		'datamodel' => [
+			'vendor/autoload.php',
+			'model.combodo-data-feature-removal.php', // Contains the PHP code generated by the "compilation" of datamodel.combodo-data-feature-removal.xml
+		],
+		'webservice' => [],
+		'data.struct' => [
+			// add your 'structure' definition XML files here,
+		],
+		'data.sample' => [
+			// add your sample data XML files here,
+		],
+
+		// Documentation
+		//
+		'doc.manual_setup' => '', // hyperlink to manual setup documentation, if any
+		'doc.more_information' => '', // hyperlink to more information, if any
+
+		// Default settings
+		//
+		'settings' => [
+			// Module specific settings go here, if any
+		],
+	]
+);

datamodels/2.x/combodo-data-feature-removal/src/Controller/DataFeatureRemovalController.php

@@ -0,0 +1,257 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval\Controller;
+
+require_once APPROOT.'setup/feature_removal/SetupAudit.php';
+require_once APPROOT.'setup/feature_removal/DryRemovalRuntimeEnvironment.php';
+
+use Combodo\iTop\Application\TwigBase\Controller\Controller;
+use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalConfig;
+use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException;
+use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalHelper;
+use Combodo\iTop\DataFeatureRemoval\Service\DataFeatureRemoverExtensionService;
+use Combodo\iTop\DataFeatureRemoval\Service\DeletionPlanService;
+use Combodo\iTop\Setup\FeatureRemoval\DryRemovalRuntimeEnvironment;
+use Combodo\iTop\Setup\FeatureRemoval\SetupAudit;
+use Dict;
+use Exception;
+use IssueLog;
+use MetaModel;
+use utils;
+
+class DataFeatureRemovalController extends Controller
+{
+	private array $aSelectedExtensionsForCheck = [];
+	private array $aCountClassesToCleanup = [];
+	private array $aAnalysisDataTable = [];
+	private int $iCount = 0;
+
+	public function OperationMain($sErrorMessage = null): void
+	{
+		$aParams = [];
+
+		$this->ReadRemovedExtensions();
+		$this->AddAnalyzeParams();
+		$aParams['sTransactionId'] = utils::GetNewTransactionId();
+		$aParams['aExtensions'] = $this->GetExtensionsTable();
+		$aParams['aAnalysisDataTable'] = $this->aAnalysisDataTable;
+		$aParams['aClasses'] = array_keys($this->aCountClassesToCleanup);
+		$aParams['DataFeatureRemovalErrorMessage'] = $sErrorMessage;
+		$aParams['bHasData'] = $this->iCount > 0;
+		$aParams['sSetupUrl'] = utils::GetAbsoluteUrlAppRoot().'setup';
+		$aParams['iCount'] = $this->iCount;
+
+		$this->AddLinkedStylesheet(utils::GetAbsoluteUrlModulesRoot().DataFeatureRemovalHelper::MODULE_NAME.'/assets/css/DataFeatureRemoval.css');
+		$this->AddLinkedScript(utils::GetAbsoluteUrlModulesRoot().DataFeatureRemovalHelper::MODULE_NAME.'/assets/js/DataFeatureRemoval.js');
+		$this->DisplayPage($aParams);
+	}
+
+	public function AddAnalyzeParams(): void
+	{
+		$aData = [];
+		$aColumns = [];
+		$this->iCount = 0;
+		foreach ($this->aCountClassesToCleanup as $sClass => $iCount) {
+			$sModuleName = MetaModel::GetModuleName($sClass);
+			$aExtensions = DataFeatureRemoverExtensionService::GetInstance()->GetIncludingExtensions($sModuleName);
+			$sExtensions = implode(' ', $aExtensions);
+			$aColumns = ['ClassName','FeatureName','Module','Occurrence'];
+			$aData[] = [$sClass,$sExtensions,$sModuleName,$iCount];
+			$this->iCount += $iCount;
+		}
+
+		$this->aAnalysisDataTable =  $this->GetTableData('Analysis', $aColumns, $aData);
+	}
+
+	public function OperationAnalyze(): void
+	{
+		$this->ReadRemovedExtensions();
+
+		$this->m_sOperation = 'Main';
+
+		try {
+			if (count($this->aSelectedExtensionsForCheck) > 0) {
+				$this->Analyze();
+			}
+			$this->OperationMain();
+		} catch (Exception $e) {
+			IssueLog::Error(__METHOD__, null, ['stack' => $e->getTraceAsString(), 'exception' => $e->getMessage()]);
+			$this->OperationMain($e->getMessage());
+		}
+	}
+
+	private function Analyze(): void
+	{
+		$sSourceEnv = MetaModel::GetEnvironment();
+		$oDryRemovalRuntimeEnvironment = new DryRemovalRuntimeEnvironment($sSourceEnv, $this->aSelectedExtensionsForCheck);
+		$oDryRemovalRuntimeEnvironment->CompileFrom($sSourceEnv);
+
+		$oSetupAudit = new SetupAudit($sSourceEnv);
+		$aGetRemovedClasses = $oSetupAudit->GetIssues();
+		IssueLog::Debug(__METHOD__, null, ['aGetRemovedClasses' => $aGetRemovedClasses]);
+		$this->aCountClassesToCleanup = $aGetRemovedClasses;
+	}
+
+	public function OperationDeletionPlan(): void
+	{
+		$aParams = [];
+		$this->ValidateTransactionId();
+
+		$aClasses = utils::ReadPostedParam('classes', null, utils::ENUM_SANITIZATION_FILTER_CLASS);
+
+		$aDeletionPlanSummaryEntities = DeletionPlanService::GetInstance()->GetDeletionPlanSummary($aClasses);
+		$aColumns = ['Class', 'DeleteCount' , 'UpdateCount', 'Issue'];
+		$aRows = [];
+		$iQueryCount = 0;
+		foreach ($aDeletionPlanSummaryEntities as $oDeletionPlanSummaryEntity) {
+			$aRows[] = [
+				$oDeletionPlanSummaryEntity->sClass,
+				$oDeletionPlanSummaryEntity->iDeleteCount,
+				$oDeletionPlanSummaryEntity->iUpdateCount,
+				$oDeletionPlanSummaryEntity->sIssue ?? '',
+			];
+			$iQueryCount += $oDeletionPlanSummaryEntity->iDeleteCount;
+			$iQueryCount += $oDeletionPlanSummaryEntity->iUpdateCount;
+		}
+
+		$aParams['sTransactionId'] = utils::GetNewTransactionId();
+		$aParams['aDeletionPlanSummary'] = $this->GetTableData('Extensions', $aColumns, $aRows);
+		$aParams['aClasses'] = $aClasses;
+		$aParams['iQueryCount'] = $iQueryCount;
+		$aParams['bDeletionPossible'] = ($iQueryCount <= DataFeatureRemovalConfig::GetInstance()->Get('max_count_estimation_for_safe_cleanup', 100));
+
+		$this->DisplayPage($aParams);
+	}
+
+	public function OperationDoDeletion(): void
+	{
+		$aParams = [];
+		$this->ValidateTransactionId();
+
+		$aClasses = utils::ReadPostedParam('classes', null, utils::ENUM_SANITIZATION_FILTER_CLASS);
+
+		$aDeletionExecutionSummary = DeletionPlanService::GetInstance()->ExecuteDeletionPlan($aClasses);
+		$aColumns = ['Class', 'DeletedCount' , 'UpdatedCount'];
+		$aRows = [];
+		foreach ($aDeletionExecutionSummary as $oDeletionExecutionSummaryEntity) {
+			$aRows[] = [
+				$oDeletionExecutionSummaryEntity->sClass,
+				$oDeletionExecutionSummaryEntity->iDeleteCount,
+				$oDeletionExecutionSummaryEntity->iUpdateCount,
+			];
+		}
+
+		$aParams['sTransactionId'] = utils::GetNewTransactionId();
+		$aParams['aDeletionExecutionSummary'] = $this->GetTableData('Extensions', $aColumns, $aRows);
+		$this->DisplayPage($aParams);
+	}
+
+	/**
+	 * Get installed extensions from disk
+	 *
+	 * @return array structure for twig datatable
+	 */
+	private function GetExtensionsTable(): array
+	{
+		$aExtensions = [];
+		$aColumns = ['', 'Version', 'Name', 'Code'];
+
+		foreach (DataFeatureRemoverExtensionService::GetInstance()->ReadItopExtensions() as $sCode => $oExtension) {
+			/** @var \iTopExtension $oExtension */
+
+			$sChecked = '';
+			$sDisabledHtml = '';
+			if ($oExtension->bRemovedFromDisk) {
+				$sDisabledHtml = 'disabled=""';
+				$sChecked = 'checked';
+			} elseif (in_array($sCode, $this->aSelectedExtensionsForCheck)) {
+				$sChecked = 'checked';
+			}
+
+			$sLabel = $oExtension->sLabel;
+			$sVersion = $oExtension->sVersion;
+			$sIdEnable = "aExtensions[$sCode][enable]";
+
+			$aExtensions[] = [
+				<<<HTML
+<input type="checkbox" $sDisabledHtml class="extension_check" $sChecked id="$sIdEnable" name="$sIdEnable"/>
+HTML,
+				$sVersion,
+				$sLabel,
+				$sCode,
+			];
+		}
+
+		return $this->GetTableData('Extensions', $aColumns, $aExtensions);
+	}
+
+	private function GetTableData(string $sTableName, array $aColumns, array $aData): array
+	{
+		if (empty($aData)) {
+			return [
+				'Type' => 'Table',
+				'Columns' => [['label' => '']],
+				'Data' => [[ Dict::S('DataFeatureRemoval:Table:Empty')]],
+			];
+		}
+
+		$aNewColumns = [];
+		foreach ($aColumns as $sColumn) {
+			$aNewColumns[] = ['label' => Dict::S("DataFeatureRemoval:Table:$sTableName:$sColumn", Dict::S("DataFeatureRemoval:Column:$sColumn", $sColumn))];
+		}
+		$aColumns = $aNewColumns;
+
+		return [
+			'Type' => 'Table',
+			'Columns' => $aColumns,
+			'Data' => $aData,
+		];
+	}
+
+	/**
+	 * @return void
+	 * @throws \Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException
+	 */
+	private function ValidateTransactionId(): void
+	{
+		if (empty($_POST)) {
+			return;
+		}
+
+		$sTransactionId = utils::ReadPostedParam('transaction_id', null, utils::ENUM_SANITIZATION_FILTER_TRANSACTION_ID);
+		IssueLog::Debug(__FUNCTION__.": Transaction [$sTransactionId]");
+		if (empty($sTransactionId) || !utils::IsTransactionValid($sTransactionId, false)) {
+			throw new DataFeatureRemovalException(Dict::S("iTopUpdate:Error:InvalidToken"));
+		}
+	}
+
+	/**
+	 * @return void
+	 */
+	public function ReadRemovedExtensions(): void
+	{
+		if (count($this->aSelectedExtensionsForCheck) > 0) {
+			return;
+		}
+
+		$aSelectedExtensionsFromUI = utils::ReadPostedParam('aExtensions', []);
+		foreach ($aSelectedExtensionsFromUI as $sCode => $aData) {
+			$sValue = $aData['enable'] ?? 'off';
+			if (($sValue) === 'on') {
+				$this->aSelectedExtensionsForCheck[] = $sCode;
+			}
+		}
+
+		// Add source removed to check
+		foreach (DataFeatureRemoverExtensionService::GetInstance()->ReadItopExtensions() as $sCode => $oExtension) {
+			if ($oExtension->bRemovedFromDisk) {
+				$this->aSelectedExtensionsForCheck[] = $sCode;
+			}
+		}
+	}
+}

datamodels/2.x/combodo-data-feature-removal/src/Entity/DeletionPlanSummaryEntity.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Combodo\iTop\DataFeatureRemoval\Entity;
+
+class DeletionPlanSummaryEntity
+{
+	public string $sClass;
+
+	/**
+	 * @var int : DEL_MANUAL|DEL_AUTO|DEL_SILENT|DEL_MOVEUP|DEL_NONE
+	 * @see \AttributeDefinition DEL_xxx
+	 */
+	public int $iMode = 0;
+	public ?string $sIssue = null;
+	public int $iUpdateCount = 0;
+	public int $iDeleteCount = 0;
+
+	/**
+	 * @param string $sClass
+	 */
+	public function __construct(string $sClass)
+	{
+		$this->sClass = $sClass;
+	}
+}

datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalConfig.php

@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval\Helper;
+
+use MetaModel;
+use utils;
+
+class DataFeatureRemovalConfig
+{
+	private static DataFeatureRemovalConfig $oInstance;
+
+	protected function __construct()
+	{
+	}
+
+	final public static function GetInstance(): DataFeatureRemovalConfig
+	{
+		if (!isset(static::$oInstance)) {
+			static::$oInstance = new DataFeatureRemovalConfig();
+		}
+
+		return static::$oInstance;
+	}
+
+	public function Get(string $sParamName, $default = null)
+	{
+		return MetaModel::GetModuleSetting(DataFeatureRemovalHelper::MODULE_NAME, $sParamName, $default);
+	}
+
+	public function GetBoolean(string $sParamName, $default = null): bool
+	{
+		$res = $this->Get($sParamName, $default);
+
+		return boolval($res);
+	}
+
+	public function IsEnabled(): bool
+	{
+		return $this->GetBoolean('enable', false);
+	}
+
+	public function Set(string $sParamName, $value)
+	{
+		$oConfig = utils::GetConfig();
+		$oConfig->SetModuleSetting(DataFeatureRemovalHelper::MODULE_NAME, $sParamName, $value);
+	}
+}

datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalException.php

@@ -0,0 +1,30 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval\Helper;
+
+use Exception;
+use Throwable;
+
+class DataFeatureRemovalException extends Exception
+{
+	public function __construct(string $message = '', int $code = 0, ?Throwable $previous = null, array $aContext = [])
+	{
+		if (!is_null($previous)) {
+			$sStack = $previous->getTraceAsString();
+			$sError = $previous->getMessage();
+		} else {
+			$sStack = $this->getTraceAsString();
+			$sError = '';
+		}
+
+		$aContext['error'] = $sError;
+		$aContext['stack'] = $sStack;
+		DataFeatureRemovalLog::Error($message, null, $aContext);
+		parent::__construct($message, $code, $previous);
+	}
+}

datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalHelper.php

@@ -0,0 +1,13 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval\Helper;
+
+class DataFeatureRemovalHelper
+{
+	public const MODULE_NAME = 'combodo-data-feature-removal';
+}

datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalLog.php

@@ -0,0 +1,25 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2025 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval\Helper;
+
+use LogAPI;
+
+class DataFeatureRemovalLog extends LogAPI
+{
+	public const CHANNEL_DEFAULT = 'DataFeatureRemoval';
+
+	protected static $m_oFileLog = null;
+
+	public static function Enable($sTargetFile = null)
+	{
+		if (empty($sTargetFile)) {
+			$sTargetFile = APPROOT.'log/error.log';
+		}
+		parent::Enable($sTargetFile);
+	}
+}

datamodels/2.x/combodo-data-feature-removal/src/Service/DataFeatureRemoverExtensionService.php

@@ -0,0 +1,80 @@
+<?php
+
+/*
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\DataFeatureRemoval\Service;
+
+use iTopExtension;
+use iTopExtensionsMap;
+use MetaModel;
+
+class DataFeatureRemoverExtensionService
+{
+	private static DataFeatureRemoverExtensionService $oInstance;
+
+	private array $aItopExtensions = [];
+	private array $aIncludingExtensionsByModuleName = [];
+
+	protected function __construct()
+	{
+	}
+
+	final public static function GetInstance(): DataFeatureRemoverExtensionService
+	{
+		if (!isset(self::$oInstance)) {
+			self::$oInstance = new DataFeatureRemoverExtensionService();
+		}
+
+		return self::$oInstance;
+	}
+
+	final public static function SetInstance(?DataFeatureRemoverExtensionService $oInstance): void
+	{
+		self::$oInstance = $oInstance;
+	}
+
+	/**
+	 * @param string $sModuleName
+	 *
+	 * @return array
+	 * @throws \Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException
+	 */
+	public function GetIncludingExtensions(string $sModuleName): array
+	{
+		if (count($this->aIncludingExtensionsByModuleName) === 0) {
+			foreach ($this->ReadItopExtensions() as $oExtension) {
+				$aModuleNames = $oExtension->aModules;
+				if (is_array($aModuleNames) && count($aModuleNames) > 0) {
+					foreach ($aModuleNames as $sModule) {
+						$aExtensions = $this->aIncludingExtensionsByModuleName[$sModule] ?? [];
+						$aExtensions[] = $oExtension->sLabel.'/'.$oExtension->sVersion;
+						$this->aIncludingExtensionsByModuleName[$sModule] = $aExtensions;
+					}
+				}
+			}
+		}
+
+		return $this->aIncludingExtensionsByModuleName[$sModuleName] ?? [];
+	}
+
+	/**
+	 * @return iTopExtension[]
+	 */
+	public function ReadItopExtensions(): array
+	{
+		if (count($this->aItopExtensions) === 0) {
+			$oExtensionsMap = new iTopExtensionsMap();
+			$oExtensionsMap->LoadInstalledExtensionsFromDatabase(MetaModel::GetConfig());
+			$this->aItopExtensions = $oExtensionsMap->GetAllExtensionsToDisplayInSetup(true);
+
+			uasort($this->aItopExtensions, function (iTopExtension $oiTopExtension1, iTopExtension $oiTopExtension2) {
+				return strcmp($oiTopExtension1->sLabel, $oiTopExtension2->sLabel);
+			});
+		}
+
+		return $this->aItopExtensions;
+	}
+}

datamodels/2.x/combodo-data-feature-removal/src/Service/DeletionPlanService.php

@@ -0,0 +1,182 @@
+<?php
+
+namespace Combodo\iTop\DataFeatureRemoval\Service;
+
+use CMDBSource;
+use Combodo\iTop\DataFeatureRemoval\Entity\DeletionPlanSummaryEntity;
+use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException;
+use DBObjectSearch;
+use DeletionPlan;
+use MetaModel;
+
+class DeletionPlanService
+{
+	private static DeletionPlanService $oInstance;
+
+	protected function __construct()
+	{
+	}
+
+	final public static function GetInstance(): DeletionPlanService
+	{
+		if (!isset(self::$oInstance)) {
+			self::$oInstance = new DeletionPlanService();
+		}
+
+		return self::$oInstance;
+	}
+
+	final public static function SetInstance(?DeletionPlanService $oInstance): void
+	{
+		self::$oInstance = $oInstance;
+	}
+
+	/**
+	 * Get a summary of the deletion plan computed for the classes.
+	 * The result is used for display
+	 *
+	 * @param array|null $aClasses
+	 *
+	 * @return array<\Combodo\iTop\DataFeatureRemoval\Entity\DeletionPlanSummaryEntity>
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MySQLException
+	 */
+	public function GetDeletionPlanSummary(?array $aClasses): array
+	{
+		$aSummary = [];
+		if (is_null($aClasses)) {
+			return $aSummary;
+		}
+
+		$oDeletionPlan = $this->GetDeletionPlan($aClasses);
+
+		foreach ($oDeletionPlan->ListUpdates() as $sClass => $aUpdates) {
+			$oDeletionPlanSummaryEntity = new DeletionPlanSummaryEntity($sClass);
+			$oDeletionPlanSummaryEntity->iUpdateCount = count($aUpdates);
+			$aSummary[$sClass] = $oDeletionPlanSummaryEntity;
+		}
+
+		foreach ($oDeletionPlan->ListDeletes() as $sClass => $aDeletes) {
+			$oDeletionPlanSummaryEntity = $aSummary[$sClass] ?? new DeletionPlanSummaryEntity($sClass);
+			$oDeletionPlanSummaryEntity->iDeleteCount = count($aDeletes);
+
+			$aDelete = array_shift($aDeletes);
+			$oDeletionPlanSummaryEntity->iMode = $aDelete['mode'];
+			$oDeletionPlanSummaryEntity->sIssue = $aDelete['issue'] ?? null;
+
+			$aSummary[$sClass] = $oDeletionPlanSummaryEntity;
+		}
+
+		return $aSummary;
+	}
+
+	/**
+	 * @param string $sClass
+	 *
+	 * @return \DBObject[]
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MySQLException
+	 * @throws \Exception
+	 */
+	private function GetAllObjects(string $sClass): array
+	{
+		$oFilter = new DBObjectSearch($sClass);
+		$oFilter->AllowAllData();
+		$oSet = new \DBObjectSet($oFilter);
+		return $oSet->ToArray();
+	}
+
+	/**
+	 * @param array $aClasses
+	 *
+	 * @return array<\Combodo\iTop\DataFeatureRemoval\Entity\DeletionPlanSummaryEntity>
+	 * @throws \Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MySQLException
+	 */
+	public function ExecuteDeletionPlan(array $aClasses): array
+	{
+		$oDeletionPlan = $this->GetDeletionPlan($aClasses);
+
+		if (count($oDeletionPlan->GetIssues()) > 0) {
+			throw new DataFeatureRemovalException("Deletion Plan cannot be executed due to issues");
+		}
+
+		$aSummary = [];
+		foreach ($oDeletionPlan->ListUpdates() as $sClass => $aToUpdate) {
+			$oDeletionPlanSummaryEntity = $aSummary[$sClass] ?? new DeletionPlanSummaryEntity($sClass);
+
+			foreach ($aToUpdate as $aData) {
+				$oToUpdate = $aData['to_reset'];
+				/** @var \DBObject $oToUpdate */
+				foreach ($aData['attributes'] as $sRemoteExtKey => $aRemoteAttDef) {
+					$oToUpdate->Set($sRemoteExtKey, $aData['values'][$sRemoteExtKey]);
+				}
+				$oToUpdate->DBUpdate();
+				$oDeletionPlanSummaryEntity->iUpdateCount++;
+			}
+
+			$aSummary[$sClass] = $oDeletionPlanSummaryEntity;
+		}
+
+		foreach ($oDeletionPlan->ListDeletes() as $sClass => $aDeletes) {
+			$oDeletionPlanSummaryEntity = $aSummary[$sClass] ?? new DeletionPlanSummaryEntity($sClass);
+
+			foreach ($aDeletes as $sId => $aDelete) {
+				try {
+					CMDBSource::Query('START TRANSACTION');
+					// Delete any existing change tracking about the current object
+					$oFilter = new DBObjectSearch('CMDBChangeOp');
+					$oFilter->AddCondition('objclass', $sClass, '=');
+					$oFilter->AddCondition('objkey', $sId, '=');
+					MetaModel::PurgeData($oFilter);
+
+					// Delete the entry
+					$aClassesToRemove = array_merge(MetaModel::EnumChildClasses($sClass, ENUM_CHILD_CLASSES_ALL), MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_EXCLUDELEAF, false));
+					foreach ($aClassesToRemove as $sParentClass) {
+						$oFilter = DBObjectSearch::FromOQL_AllData("SELECT $sParentClass WHERE id=:id");
+						$sQuery = $oFilter->MakeDeleteQuery(['id' => $sId]);
+						CMDBSource::DeleteFrom($sQuery);
+					}
+
+					CMDBSource::Query('COMMIT');
+				} catch (\Exception $e) {
+					\IssueLog::Exception(__METHOD__.': Cleanup failed', $e);
+					CMDBSource::Query('ROLLBACK');
+					throw $e;
+				}
+				$oDeletionPlanSummaryEntity->iDeleteCount++;
+			}
+
+			$aSummary[$sClass] = $oDeletionPlanSummaryEntity;
+		}
+
+		return $aSummary;
+	}
+
+	/**
+	 * Get a deletion plan for all the objects of the classes
+	 *
+	 * @param array $aClasses array of class names to clean
+	 *
+	 * @return \DeletionPlan
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \MySQLException
+	 */
+	public function GetDeletionPlan(array $aClasses): DeletionPlan
+	{
+		$oDeletionPlan = new DeletionPlan();
+		foreach ($aClasses as $sClass) {
+			$aObjects = $this->GetAllObjects($sClass);
+			foreach ($aObjects as $oObject) {
+				$oObject->CheckToDelete($oDeletionPlan);
+			}
+		}
+
+		return $oDeletionPlan;
+	}
+}

datamodels/2.x/combodo-data-feature-removal/templates/DeletionPlan.html.twig

@@ -0,0 +1,29 @@
+{# @copyright   Copyright (C) 2010-2026 Combodo SARL #}
+{# @license     http://opensource.org/licenses/AGPL-3.0 #}
+
+{% UIPanel ForInformation { sTitle:'DataFeatureRemoval:DeletionPlan:Title'|dict_s, sSubTitle: 'DataFeatureRemoval:DeletionPlan:SubTitle'|dict_format(iQueryCount) } %}
+    {% UIDataTable ForForm { sRef:'aDeletionPlanSummary', aColumns:aDeletionPlanSummary.Columns, aData:aDeletionPlanSummary.Data} %}{% EndUIDataTable %}
+{% EndUIPanel %}
+
+{% if bDeletionPossible %}
+    {% UIForm Standard {} %}
+        {% UIInput ForHidden { sName:'transaction_id', sValue:sTransactionId} %}
+        {% UIInput ForHidden { sName:'operation', sValue:'DoDeletion'} %}
+        {% for sKey, sClass in aClasses %}
+            {% UIInput ForHidden { sName:"classes[" ~ sKey ~ "]", sValue:sClass } %}
+        {% endfor %}
+        {% UIToolbar ForButton {} %}
+            {% UIButton ForPrimaryAction {sLabel:'UI:Button:DoDeletion'|dict_s, sName:'btn_deletion', sId:'btn_deletion', bIsSubmit:true} %}
+        {% EndUIToolbar %}
+    {% EndUIForm %}
+{% else %}
+    {{ 'DataFeatureRemoval:DeletionPlan:ToManyOperations'|dict_s }}
+{% endif %}
+
+{% UIForm Standard {} %}
+    {% UIInput ForHidden { sName:'transaction_id', sValue:sTransactionId} %}
+    {% UIInput ForHidden { sName:'operation', sValue:'Main'} %}
+    {% UIToolbar ForButton {} %}
+        {% UIButton ForPrimaryAction {sLabel:'UI:Button:BackToMain'|dict_s, sName:'btn_back', sId:'btn_back', bIsSubmit:true} %}
+    {% EndUIToolbar %}
+{% EndUIForm %}

datamodels/2.x/combodo-data-feature-removal/templates/DoDeletion.html.twig

@@ -0,0 +1,14 @@
+{# @copyright   Copyright (C) 2010-2026 Combodo SARL #}
+{# @license     http://opensource.org/licenses/AGPL-3.0 #}
+
+{% UIPanel ForInformation { sTitle:'DataFeatureRemoval:DoDeletion:Title'|dict_s, sSubTitle: 'DataFeatureRemoval:DoDeletion:SubTitle'|dict_s } %}
+    {% UIDataTable ForForm { sRef:'aDeletionExecutionSummary', aColumns:aDeletionExecutionSummary.Columns, aData:aDeletionExecutionSummary.Data} %}{% EndUIDataTable %}
+{% EndUIPanel %}
+
+{% UIForm Standard {} %}
+    {% UIInput ForHidden { sName:'transaction_id', sValue:sTransactionId} %}
+    {% UIInput ForHidden { sName:'operation', sValue:'Main'} %}
+    {% UIToolbar ForButton {} %}
+        {% UIButton ForPrimaryAction {sLabel:'UI:Button:BackToMain'|dict_s, sName:'btn_back_to_main', sId:'btn_back_to_main', bIsSubmit:true} %}
+    {% EndUIToolbar %}
+{% EndUIForm %}

datamodels/2.x/combodo-data-feature-removal/templates/ExtensionRemovalData.html.twig

@@ -0,0 +1,19 @@
+{# @copyright   Copyright (C) 2010-2024 Combodo SAS #}
+{# @license     http://opensource.org/licenses/AGPL-3.0 #}
+
+{% if bHasData %}
+    {% UIPanel Neutral { sTitle:'DataFeatureRemoval:Analysis:Title'|dict_s, sSubTitle: 'DataFeatureRemoval:Analysis:SubTitle'|dict_format(iCount) } %}
+        {% UIDataTable ForForm { sRef:'aAnalysisDataTable', aColumns:aAnalysisDataTable.Columns, aData:aAnalysisDataTable.Data} %}{% EndUIDataTable %}
+    {% EndUIPanel %}
+
+    {% UIForm Standard {} %}
+        {% UIInput ForHidden { sName:'transaction_id', sValue:sTransactionId} %}
+        {% UIInput ForHidden { sName:'operation', sValue:'DeletionPlan'} %}
+        {% for sKey, sClass in aClasses %}
+            {% UIInput ForHidden { sName:"classes[" ~ sKey ~ "]", sValue:sClass } %}
+        {% endfor %}
+        {% UIToolbar ForButton {} %}
+            {% UIButton ForPrimaryAction {sLabel:'UI:Button:PlanDeletion'|dict_s, sName:'btn_plandeletion', sId:'btn_plandeletion', bIsSubmit:true} %}
+        {% EndUIToolbar %}
+    {% EndUIForm %}
+{% endif %}

datamodels/2.x/combodo-data-feature-removal/templates/Features.html.twig

@@ -0,0 +1,16 @@
+{# @copyright   Copyright (C) 2010-2024 Combodo SAS #}
+{# @license     http://opensource.org/licenses/AGPL-3.0 #}
+
+
+{% UIForm Standard {} %}
+    {% UIInput ForHidden {sName:'operation', sValue:'Analyze'} %}
+    {% UIInput ForHidden {sName:'transaction_id', sValue:sTransactionId} %}
+
+    {% UIFieldSet Standard {sLegend:'DataFeatureRemoval:Features:Title'|dict_s} %}
+        {% UIDataTable ForForm { sRef:'aExtensions', aColumns:aExtensions.Columns, aData:aExtensions.Data} %}{% EndUIDataTable %}
+    {% EndUIFieldSet %}
+
+    {% UIToolbar ForButton {} %}
+        {% UIButton ForPrimaryAction {sLabel:'UI:Button:Analyze'|dict_s, sName:'btn_apply', sId:'btn_apply', bIsSubmit:true} %}
+    {% EndUIToolbar %}
+{% EndUIForm %}

datamodels/2.x/combodo-data-feature-removal/templates/Main.html.twig

@@ -0,0 +1,35 @@
+{# @copyright   Copyright (C) 2010-2025 Combodo SARL #}
+{# @license     http://opensource.org/licenses/AGPL-3.0 #}
+
+{#  Usable variables: #}
+{#     * sTitle => page title #}
+{#     * sMessage => success message #}
+{#     * sError => error message #}
+
+{# DataFeatureRemoval #}
+
+{% UIPanel ForInformation { sTitle:'DataFeatureRemoval:Main:Title'|dict_s, sSubTitle: 'DataFeatureRemoval:Main:SubTitle'|dict_s } %}
+
+    {% UIAlert ForInformation { sTitle:'DataFeatureRemoval:Helper:Title'|dict_s } %}
+        {{ 'DataFeatureRemoval:Helper:Desc1'|dict_s }}<BR>
+        {{ 'DataFeatureRemoval:Helper:Desc2'|dict_s }}
+    {% EndUIAlert %}
+
+    {% if null != DataFeatureRemovalErrorMessage %}
+        <div id="feature_removal_error_msg_div" style="display:block">
+            {% UIAlert ForFailure { sTitle:'DataFeatureRemoval:Failure:Title'|dict_s, sId: 'feature_removal_error_msg', sContent:DataFeatureRemovalErrorMessage } %}
+            {% EndUIAlert %}
+        </div>
+    {% endif %}
+
+    {% include 'Features.html.twig' %}
+    {% include 'ExtensionRemovalData.html.twig' %}
+
+    {% if not bHasData %}
+        {% UIToolbar ForButton {} %}
+            <a href="{{ sSetupUrl }}">
+            {% UIButton ForPrimaryAction {sLabel:'UI:Button:Setup'|dict_s, sName:'btn_setup', sId:'btn_setup', bIsSubmit:false} %}
+            </a>
+        {% EndUIToolbar %}
+    {% endif %}
+{% EndUIPanel %}

datamodels/2.x/combodo-data-feature-removal/vendor/autoload.php

@@ -0,0 +1,22 @@
+<?php
+
+// autoload.php @generated by Composer
+
+if (PHP_VERSION_ID < 50600) {
+    if (!headers_sent()) {
+        header('HTTP/1.1 500 Internal Server Error');
+    }
+    $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
+    if (!ini_get('display_errors')) {
+        if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') {
+            fwrite(STDERR, $err);
+        } elseif (!headers_sent()) {
+            echo $err;
+        }
+    }
+    throw new RuntimeException($err);
+}
+
+require_once __DIR__ . '/composer/autoload_real.php';
+
+return ComposerAutoloaderInit4f96a7199e2c0d90e547333758b26464::getLoader();

datamodels/2.x/combodo-data-feature-removal/vendor/composer/ClassLoader.php

@@ -0,0 +1,579 @@
+<?php
+
+/*
+ * This file is part of Composer.
+ *
+ * (c) Nils Adermann <naderman@naderman.de>
+ *     Jordi Boggiano <j.boggiano@seld.be>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Composer\Autoload;
+
+/**
+ * ClassLoader implements a PSR-0, PSR-4 and classmap class loader.
+ *
+ *     $loader = new \Composer\Autoload\ClassLoader();
+ *
+ *     // register classes with namespaces
+ *     $loader->add('Symfony\Component', __DIR__.'/component');
+ *     $loader->add('Symfony',           __DIR__.'/framework');
+ *
+ *     // activate the autoloader
+ *     $loader->register();
+ *
+ *     // to enable searching the include path (eg. for PEAR packages)
+ *     $loader->setUseIncludePath(true);
+ *
+ * In this example, if you try to use a class in the Symfony\Component
+ * namespace or one of its children (Symfony\Component\Console for instance),
+ * the autoloader will first look for the class under the component/
+ * directory, and it will then fallback to the framework/ directory if not
+ * found before giving up.
+ *
+ * This class is loosely based on the Symfony UniversalClassLoader.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ * @author Jordi Boggiano <j.boggiano@seld.be>
+ * @see    https://www.php-fig.org/psr/psr-0/
+ * @see    https://www.php-fig.org/psr/psr-4/
+ */
+class ClassLoader
+{
+    /** @var \Closure(string):void */
+    private static $includeFile;
+
+    /** @var string|null */
+    private $vendorDir;
+
+    // PSR-4
+    /**
+     * @var array<string, array<string, int>>
+     */
+    private $prefixLengthsPsr4 = array();
+    /**
+     * @var array<string, list<string>>
+     */
+    private $prefixDirsPsr4 = array();
+    /**
+     * @var list<string>
+     */
+    private $fallbackDirsPsr4 = array();
+
+    // PSR-0
+    /**
+     * List of PSR-0 prefixes
+     *
+     * Structured as array('F (first letter)' => array('Foo\Bar (full prefix)' => array('path', 'path2')))
+     *
+     * @var array<string, array<string, list<string>>>
+     */
+    private $prefixesPsr0 = array();
+    /**
+     * @var list<string>
+     */
+    private $fallbackDirsPsr0 = array();
+
+    /** @var bool */
+    private $useIncludePath = false;
+
+    /**
+     * @var array<string, string>
+     */
+    private $classMap = array();
+
+    /** @var bool */
+    private $classMapAuthoritative = false;
+
+    /**
+     * @var array<string, bool>
+     */
+    private $missingClasses = array();
+
+    /** @var string|null */
+    private $apcuPrefix;
+
+    /**
+     * @var array<string, self>
+     */
+    private static $registeredLoaders = array();
+
+    /**
+     * @param string|null $vendorDir
+     */
+    public function __construct($vendorDir = null)
+    {
+        $this->vendorDir = $vendorDir;
+        self::initializeIncludeClosure();
+    }
+
+    /**
+     * @return array<string, list<string>>
+     */
+    public function getPrefixes()
+    {
+        if (!empty($this->prefixesPsr0)) {
+            return call_user_func_array('array_merge', array_values($this->prefixesPsr0));
+        }
+
+        return array();
+    }
+
+    /**
+     * @return array<string, list<string>>
+     */
+    public function getPrefixesPsr4()
+    {
+        return $this->prefixDirsPsr4;
+    }
+
+    /**
+     * @return list<string>
+     */
+    public function getFallbackDirs()
+    {
+        return $this->fallbackDirsPsr0;
+    }
+
+    /**
+     * @return list<string>
+     */
+    public function getFallbackDirsPsr4()
+    {
+        return $this->fallbackDirsPsr4;
+    }
+
+    /**
+     * @return array<string, string> Array of classname => path
+     */
+    public function getClassMap()
+    {
+        return $this->classMap;
+    }
+
+    /**
+     * @param array<string, string> $classMap Class to filename map
+     *
+     * @return void
+     */
+    public function addClassMap(array $classMap)
+    {
+        if ($this->classMap) {
+            $this->classMap = array_merge($this->classMap, $classMap);
+        } else {
+            $this->classMap = $classMap;
+        }
+    }
+
+    /**
+     * Registers a set of PSR-0 directories for a given prefix, either
+     * appending or prepending to the ones previously set for this prefix.
+     *
+     * @param string              $prefix  The prefix
+     * @param list<string>|string $paths   The PSR-0 root directories
+     * @param bool                $prepend Whether to prepend the directories
+     *
+     * @return void
+     */
+    public function add($prefix, $paths, $prepend = false)
+    {
+        $paths = (array) $paths;
+        if (!$prefix) {
+            if ($prepend) {
+                $this->fallbackDirsPsr0 = array_merge(
+                    $paths,
+                    $this->fallbackDirsPsr0
+                );
+            } else {
+                $this->fallbackDirsPsr0 = array_merge(
+                    $this->fallbackDirsPsr0,
+                    $paths
+                );
+            }
+
+            return;
+        }
+
+        $first = $prefix[0];
+        if (!isset($this->prefixesPsr0[$first][$prefix])) {
+            $this->prefixesPsr0[$first][$prefix] = $paths;
+
+            return;
+        }
+        if ($prepend) {
+            $this->prefixesPsr0[$first][$prefix] = array_merge(
+                $paths,
+                $this->prefixesPsr0[$first][$prefix]
+            );
+        } else {
+            $this->prefixesPsr0[$first][$prefix] = array_merge(
+                $this->prefixesPsr0[$first][$prefix],
+                $paths
+            );
+        }
+    }
+
+    /**
+     * Registers a set of PSR-4 directories for a given namespace, either
+     * appending or prepending to the ones previously set for this namespace.
+     *
+     * @param string              $prefix  The prefix/namespace, with trailing '\\'
+     * @param list<string>|string $paths   The PSR-4 base directories
+     * @param bool                $prepend Whether to prepend the directories
+     *
+     * @throws \InvalidArgumentException
+     *
+     * @return void
+     */
+    public function addPsr4($prefix, $paths, $prepend = false)
+    {
+        $paths = (array) $paths;
+        if (!$prefix) {
+            // Register directories for the root namespace.
+            if ($prepend) {
+                $this->fallbackDirsPsr4 = array_merge(
+                    $paths,
+                    $this->fallbackDirsPsr4
+                );
+            } else {
+                $this->fallbackDirsPsr4 = array_merge(
+                    $this->fallbackDirsPsr4,
+                    $paths
+                );
+            }
+        } elseif (!isset($this->prefixDirsPsr4[$prefix])) {
+            // Register directories for a new namespace.
+            $length = strlen($prefix);
+            if ('\\' !== $prefix[$length - 1]) {
+                throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator.");
+            }
+            $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length;
+            $this->prefixDirsPsr4[$prefix] = $paths;
+        } elseif ($prepend) {
+            // Prepend directories for an already registered namespace.
+            $this->prefixDirsPsr4[$prefix] = array_merge(
+                $paths,
+                $this->prefixDirsPsr4[$prefix]
+            );
+        } else {
+            // Append directories for an already registered namespace.
+            $this->prefixDirsPsr4[$prefix] = array_merge(
+                $this->prefixDirsPsr4[$prefix],
+                $paths
+            );
+        }
+    }
+
+    /**
+     * Registers a set of PSR-0 directories for a given prefix,
+     * replacing any others previously set for this prefix.
+     *
+     * @param string              $prefix The prefix
+     * @param list<string>|string $paths  The PSR-0 base directories
+     *
+     * @return void
+     */
+    public function set($prefix, $paths)
+    {
+        if (!$prefix) {
+            $this->fallbackDirsPsr0 = (array) $paths;
+        } else {
+            $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths;
+        }
+    }
+
+    /**
+     * Registers a set of PSR-4 directories for a given namespace,
+     * replacing any others previously set for this namespace.
+     *
+     * @param string              $prefix The prefix/namespace, with trailing '\\'
+     * @param list<string>|string $paths  The PSR-4 base directories
+     *
+     * @throws \InvalidArgumentException
+     *
+     * @return void
+     */
+    public function setPsr4($prefix, $paths)
+    {
+        if (!$prefix) {
+            $this->fallbackDirsPsr4 = (array) $paths;
+        } else {
+            $length = strlen($prefix);
+            if ('\\' !== $prefix[$length - 1]) {
+                throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator.");
+            }
+            $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length;
+            $this->prefixDirsPsr4[$prefix] = (array) $paths;
+        }
+    }
+
+    /**
+     * Turns on searching the include path for class files.
+     *
+     * @param bool $useIncludePath
+     *
+     * @return void
+     */
+    public function setUseIncludePath($useIncludePath)
+    {
+        $this->useIncludePath = $useIncludePath;
+    }
+
+    /**
+     * Can be used to check if the autoloader uses the include path to check
+     * for classes.
+     *
+     * @return bool
+     */
+    public function getUseIncludePath()
+    {
+        return $this->useIncludePath;
+    }
+
+    /**
+     * Turns off searching the prefix and fallback directories for classes
+     * that have not been registered with the class map.
+     *
+     * @param bool $classMapAuthoritative
+     *
+     * @return void
+     */
+    public function setClassMapAuthoritative($classMapAuthoritative)
+    {
+        $this->classMapAuthoritative = $classMapAuthoritative;
+    }
+
+    /**
+     * Should class lookup fail if not found in the current class map?
+     *
+     * @return bool
+     */
+    public function isClassMapAuthoritative()
+    {
+        return $this->classMapAuthoritative;
+    }
+
+    /**
+     * APCu prefix to use to cache found/not-found classes, if the extension is enabled.
+     *
+     * @param string|null $apcuPrefix
+     *
+     * @return void
+     */
+    public function setApcuPrefix($apcuPrefix)
+    {
+        $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null;
+    }
+
+    /**
+     * The APCu prefix in use, or null if APCu caching is not enabled.
+     *
+     * @return string|null
+     */
+    public function getApcuPrefix()
+    {
+        return $this->apcuPrefix;
+    }
+
+    /**
+     * Registers this instance as an autoloader.
+     *
+     * @param bool $prepend Whether to prepend the autoloader or not
+     *
+     * @return void
+     */
+    public function register($prepend = false)
+    {
+        spl_autoload_register(array($this, 'loadClass'), true, $prepend);
+
+        if (null === $this->vendorDir) {
+            return;
+        }
+
+        if ($prepend) {
+            self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders;
+        } else {
+            unset(self::$registeredLoaders[$this->vendorDir]);
+            self::$registeredLoaders[$this->vendorDir] = $this;
+        }
+    }
+
+    /**
+     * Unregisters this instance as an autoloader.
+     *
+     * @return void
+     */
+    public function unregister()
+    {
+        spl_autoload_unregister(array($this, 'loadClass'));
+
+        if (null !== $this->vendorDir) {
+            unset(self::$registeredLoaders[$this->vendorDir]);
+        }
+    }
+
+    /**
+     * Loads the given class or interface.
+     *
+     * @param  string    $class The name of the class
+     * @return true|null True if loaded, null otherwise
+     */
+    public function loadClass($class)
+    {
+        if ($file = $this->findFile($class)) {
+            $includeFile = self::$includeFile;
+            $includeFile($file);
+
+            return true;
+        }
+
+        return null;
+    }
+
+    /**
+     * Finds the path to the file where the class is defined.
+     *
+     * @param string $class The name of the class
+     *
+     * @return string|false The path if found, false otherwise
+     */
+    public function findFile($class)
+    {
+        // class map lookup
+        if (isset($this->classMap[$class])) {
+            return $this->classMap[$class];
+        }
+        if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) {
+            return false;
+        }
+        if (null !== $this->apcuPrefix) {
+            $file = apcu_fetch($this->apcuPrefix.$class, $hit);
+            if ($hit) {
+                return $file;
+            }
+        }
+
+        $file = $this->findFileWithExtension($class, '.php');
+
+        // Search for Hack files if we are running on HHVM
+        if (false === $file && defined('HHVM_VERSION')) {
+            $file = $this->findFileWithExtension($class, '.hh');
+        }
+
+        if (null !== $this->apcuPrefix) {
+            apcu_add($this->apcuPrefix.$class, $file);
+        }
+
+        if (false === $file) {
+            // Remember that this class does not exist.
+            $this->missingClasses[$class] = true;
+        }
+
+        return $file;
+    }
+
+    /**
+     * Returns the currently registered loaders keyed by their corresponding vendor directories.
+     *
+     * @return array<string, self>
+     */
+    public static function getRegisteredLoaders()
+    {
+        return self::$registeredLoaders;
+    }
+
+    /**
+     * @param  string       $class
+     * @param  string       $ext
+     * @return string|false
+     */
+    private function findFileWithExtension($class, $ext)
+    {
+        // PSR-4 lookup
+        $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext;
+
+        $first = $class[0];
+        if (isset($this->prefixLengthsPsr4[$first])) {
+            $subPath = $class;
+            while (false !== $lastPos = strrpos($subPath, '\\')) {
+                $subPath = substr($subPath, 0, $lastPos);
+                $search = $subPath . '\\';
+                if (isset($this->prefixDirsPsr4[$search])) {
+                    $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1);
+                    foreach ($this->prefixDirsPsr4[$search] as $dir) {
+                        if (file_exists($file = $dir . $pathEnd)) {
+                            return $file;
+                        }
+                    }
+                }
+            }
+        }
+
+        // PSR-4 fallback dirs
+        foreach ($this->fallbackDirsPsr4 as $dir) {
+            if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) {
+                return $file;
+            }
+        }
+
+        // PSR-0 lookup
+        if (false !== $pos = strrpos($class, '\\')) {
+            // namespaced class name
+            $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1)
+                . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR);
+        } else {
+            // PEAR-like class name
+            $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext;
+        }
+
+        if (isset($this->prefixesPsr0[$first])) {
+            foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) {
+                if (0 === strpos($class, $prefix)) {
+                    foreach ($dirs as $dir) {
+                        if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) {
+                            return $file;
+                        }
+                    }
+                }
+            }
+        }
+
+        // PSR-0 fallback dirs
+        foreach ($this->fallbackDirsPsr0 as $dir) {
+            if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) {
+                return $file;
+            }
+        }
+
+        // PSR-0 include paths.
+        if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) {
+            return $file;
+        }
+
+        return false;
+    }
+
+    /**
+     * @return void
+     */
+    private static function initializeIncludeClosure()
+    {
+        if (self::$includeFile !== null) {
+            return;
+        }
+
+        /**
+         * Scope isolated include.
+         *
+         * Prevents access to $this/self from included files.
+         *
+         * @param  string $file
+         * @return void
+         */
+        self::$includeFile = \Closure::bind(static function($file) {
+            include $file;
+        }, null, null);
+    }
+}

datamodels/2.x/combodo-data-feature-removal/vendor/composer/LICENSE

@@ -0,0 +1,21 @@
+
+Copyright (c) Nils Adermann, Jordi Boggiano
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+

datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_classmap.php

@@ -0,0 +1,18 @@
+<?php
+
+// autoload_classmap.php @generated by Composer
+
+$vendorDir = dirname(__DIR__);
+$baseDir = dirname($vendorDir);
+
+return array(
+    'Combodo\\iTop\\DataFeatureRemoval\\Controller\\DataFeatureRemovalController' => $baseDir . '/src/Controller/DataFeatureRemovalController.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Entity\\DeletionPlanSummaryEntity' => $baseDir . '/src/Entity/DeletionPlanSummaryEntity.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalConfig' => $baseDir . '/src/Helper/DataFeatureRemovalConfig.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalException' => $baseDir . '/src/Helper/DataFeatureRemovalException.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalHelper' => $baseDir . '/src/Helper/DataFeatureRemovalHelper.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalLog' => $baseDir . '/src/Helper/DataFeatureRemovalLog.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Service\\DataFeatureRemoverExtensionService' => $baseDir . '/src/Service/DataFeatureRemoverExtensionService.php',
+    'Combodo\\iTop\\DataFeatureRemoval\\Service\\DeletionPlanService' => $baseDir . '/src/Service/DeletionPlanService.php',
+    'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php',
+);

datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_namespaces.php

@@ -0,0 +1,9 @@
+<?php
+
+// autoload_namespaces.php @generated by Composer
+
+$vendorDir = dirname(__DIR__);
+$baseDir = dirname($vendorDir);
+
+return array(
+);

datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_psr4.php

@@ -0,0 +1,11 @@
+<?php
+
+// autoload_psr4.php @generated by Composer
+
+$vendorDir = dirname(__DIR__);
+$baseDir = dirname($vendorDir);
+
+return array(
+    'Combodo\\iTop\\DataFeatureRemoval\\' => array($baseDir . '/src'),
+    '' => array($baseDir . '/src/NoNamespace'),
+);

datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_real.php

@@ -0,0 +1,37 @@
+<?php
+
+// autoload_real.php @generated by Composer
+
+class ComposerAutoloaderInit4f96a7199e2c0d90e547333758b26464
+{
+    private static $loader;
+
+    public static function loadClassLoader($class)
+    {
+        if ('Composer\Autoload\ClassLoader' === $class) {
+            require __DIR__ . '/ClassLoader.php';
+        }
+    }
+
+    /**
+     * @return \Composer\Autoload\ClassLoader
+     */
+    public static function getLoader()
+    {
+        if (null !== self::$loader) {
+            return self::$loader;
+        }
+
+        spl_autoload_register(array('ComposerAutoloaderInit4f96a7199e2c0d90e547333758b26464', 'loadClassLoader'), true, true);
+        self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__));
+        spl_autoload_unregister(array('ComposerAutoloaderInit4f96a7199e2c0d90e547333758b26464', 'loadClassLoader'));
+
+        require __DIR__ . '/autoload_static.php';
+        call_user_func(\Composer\Autoload\ComposerStaticInit4f96a7199e2c0d90e547333758b26464::getInitializer($loader));
+
+        $loader->setClassMapAuthoritative(true);
+        $loader->register(true);
+
+        return $loader;
+    }
+}