Update autoload

Fix rebase
update composer
2026-03-04 08:34:11 +01:00 · 2026-03-02 14:54:07 +01:00 · 2026-03-02 10:58:56 +01:00 · 2026-03-02 10:25:14 +01:00 · 2026-03-02 10:24:48 +01:00 · 2026-03-02 10:24:32 +01:00
1474 changed files with 132761 additions and 27508 deletions
--- a/.github/workflows/action.yml
+++ b/.github/workflows/action.yml
@@ -26,13 +26,23 @@ jobs:

          fi

-      - name: Add internal tag if member
+      - name: Add internal tag if member of the organization
        if: env.is_member == 'true'
        run: |
          curl -X POST -H "Authorization: token ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}" \
            -H "Accept: application/vnd.github.v3+json" \
            https://api.github.com/repos/Combodo/iTop/issues/${{ github.event.pull_request.number }}/labels \
            -d '{"labels":["internal"]}'
+
+      - name: Set PR author as assignee if member of the organization
+        if: env.is_member == 'true'
+        run: |
+          curl -L \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}" \
+            https://api.github.com/repos/Combodo/iTop/issues/${{ github.event.pull_request.number }}/assignees \
+            -d '{"assignees":["${{ github.event.pull_request.user.login }}"]}'
        env:
          is_member: ${{ env.is_member }}

@@ -40,4 +50,4 @@ jobs:
        uses: actions/add-to-project@v1.0.2
        with:
          project-url: ${{ env.project_url }}
-          github-token: ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}
+          github-token: ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}
--- a/.gitignore
+++ b/.gitignore
@@ -58,6 +58,9 @@ tests/*/vendor/*
 /tests/php-unit-tests/phpunit.xml
 /tests/php-unit-tests/postbuild_integration.xml

+# PHP CS Fixer: Cache file
+/.php-cs-fixer.cache
+

 # Jetbrains
 /.idea/**
--- a/.phpstorm.meta.php
+++ b/.phpstorm.meta.php
@@ -0,0 +1,16 @@
+<?php
+
+/*
+ * @copyright   Copyright (C) 2010-2025 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace PHPSTORM_META
+{
+	override(\MetaModel::NewObject(0), map([
+		'' => '@',
+	]));
+	override(\MetaModel::GetObject(0), map([
+		'' => '@',
+	]));
+}
--- a/application/application.inc.php
+++ b/application/application.inc.php
@@ -16,5 +16,5 @@ require_once(APPROOT.'/application/audit.category.class.inc.php');
 require_once(APPROOT.'/application/audit.domain.class.inc.php');
 require_once(APPROOT.'/application/audit.rule.class.inc.php');
 require_once(APPROOT.'/application/query.class.inc.php');
-require_once(APPROOT.'/setup/moduleinstallation/moduleinstallation.class.inc.php');
+require_once(APPROOT.'/setup/moduleinstallation.class.inc.php');
 require_once(APPROOT.'/application/utils.inc.php');
--- a/application/cmdbabstract.class.inc.php
+++ b/application/cmdbabstract.class.inc.php
@@ -524,6 +524,11 @@ JS
 				$sLabel = Dict::S('Tag:Synchronized');
 				$sSynchroTagId = 'synchro_icon-'.$this->GetKey();
 				$aTags[$sSynchroTagId] = ['title' => $sTip, 'css_classes' => 'ibo-object-details--tag--synchronized', 'decoration_classes' => 'fas fa-lock', 'label' => $sLabel];
+				if (UserRights::IsActionAllowed('SynchroReplica', UR_ACTION_READ)) {
+					$sFilter = 'SELECT SynchroReplica WHERE dest_class=\''.get_class($this).'\' AND dest_id='.$this->GetKey();
+					$sUrlSearchReplica = 'UI.php?operation=search&filter='.urlencode(json_encode([$sFilter, [], []]));
+					$oPage->add_ready_script("$('#$sSynchroTagId').on('click',function() {window.location = '$sUrlSearchReplica' });");
+				}
 			}
 		}

@@ -5632,7 +5637,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function AddAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', string $sReason = null): void
+	final public function AddAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', ?string $sReason = null): void
 	{
 		if (!isset($this->aAttributesFlags[$sTargetState])) {
 			$this->aAttributesFlags[$sTargetState] = [];
@@ -5655,7 +5660,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function ForceAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', string $sReason = null): void
+	final public function ForceAttributeFlags(string $sAttCode, int $iFlags, string $sTargetState = '', ?string $sReason = null): void
 	{
 		if (!isset($this->aAttributesFlags[$sTargetState])) {
 			$this->aAttributesFlags[$sTargetState] = [];
@@ -5696,7 +5701,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function AddInitialAttributeFlags(string $sAttCode, int $iFlags, string $sReason = null)
+	final public function AddInitialAttributeFlags(string $sAttCode, int $iFlags, ?string $sReason = null)
 	{
 		if (!isset($this->aInitialAttributesFlags)) {
 			$this->aInitialAttributesFlags = [];
@@ -5718,7 +5723,7 @@ JS
 	 * @return void
 	 * @since 3.1.0
 	 */
-	final public function ForceInitialAttributeFlags(string $sAttCode, int $iFlags, string $sReason = null)
+	final public function ForceInitialAttributeFlags(string $sAttCode, int $iFlags, ?string $sReason = null)
 	{
 		if (!isset($this->aInitialAttributesFlags)) {
 			$this->aInitialAttributesFlags = [];
--- a/application/dashboard.class.inc.php
+++ b/application/dashboard.class.inc.php
@@ -1029,7 +1029,7 @@ EOF
 			    var dashboard = $('.ibo-dashboard#$sDivId')
 				dashboard.block();
 				$.post(GetAbsoluteUrlAppRoot()+'pages/ajax.render.php',
-				   { operation: 'toggle_dashboard', dashboard_id: '$sId', file: '$sFile', extra_params: $sExtraParams, reload_url: '$sReloadURL' },
+				   { operation: 'toggle_dashboard', dashboard_id: '$sId', file: '$sFile', extra_params: $sExtraParams, reload_url: $sReloadURL },
 				   function(data) {
 					 dashboard.html(data);
 					 dashboard.unblock();
--- a/application/datamodel.application.xml
+++ b/application/datamodel.application.xml
@@ -1,10 +1,12 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.3">
+<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+             xsi:noNamespaceSchemaLocation="https://www.combodo.com/itop-schema/3.3"
+             version="3.3">
  <classes>
    <class id="AbstractResource" _delta="define">
      <parent>cmdbAbstractObject</parent>
      <properties>
-        <comment>/* Resource access control abstraction. Can be herited by abstract resource access control classes. Generaly controlled using UR_ACTION_MODIFY access right. */</comment>
+        <comment>/* Resource access control abstraction. Can be herited by abstract resource access control classes. Generally controlled using UR_ACTION_MODIFY access right. */</comment>
        <abstract>true</abstract>
      </properties>
      <presentation/>
@@ -552,7 +554,7 @@ Call $this->AddInitialAttributeFlags($sAttCode, $iFlags) for all the initial att
      <description><![CDATA[Inform the listeners about the connection states]]></description>
      <event_data>
        <event_datum id="code">
-          <description>The login step result code (LoginWebPage::EXIT_CODE_...) </description>
+          <description>The login step result code (LoginWebPage::EXIT_CODE_...)</description>
          <type>integer</type>
        </event_datum>
        <event_datum id="state">
@@ -849,5 +851,168 @@ Call $this->AddInitialAttributeFlags($sAttCode, $iFlags) for all the initial att
        </methods>
      </class>
    </classes>
+    <property_types _delta="define">
+      <property_type id="Dashlet" xsi:type="Combodo-AbstractPropertyType"/>
+      <property_type id="DashletGroupBy" xsi:type="Combodo-PropertyType">
+        <extends>Dashlet</extends>
+        <definition xsi:type="Combodo-ValueType-PropertyTree">
+          <label>UI:DashletGroupBy:Title</label>
+          <nodes>
+            <node id="title" xsi:type="Combodo-ValueType-Label">
+              <label>UI:DashletGroupBy:Prop-Title</label>
+            </node>
+            <node id="query" xsi:type="Combodo-ValueType-OQL">
+              <label>UI:DashletGroupBy:Prop-Query</label>
+            </node>
+            <node id="group_by" xsi:type="Combodo-ValueType-ClassAttributeGroupBy">
+              <label>UI:DashletGroupBy:Prop-GroupBy</label>
+              <class>{{query.selected_class}}</class>
+            </node>
+            <node id="style" xsi:type="Combodo-ValueType-Choice"> <!-- Possible de le cacher, etc celui-ci nous met dedans -->
+              <label>UI:DashletGroupBy:Prop-Style</label>
+              <values>
+                <value id="bars">
+                  <label>UI:DashletGroupByBars:Label</label>
+                </value>
+                <value id="pie">
+                  <label>UI:DashletGroupByPie:Label</label>
+                </value>
+                <value id="table">
+                  <label>UI:DashletGroupByTable:Label</label>
+                </value>
+              </values>
+            </node>
+            <node id="aggregation_function" xsi:type="Combodo-ValueType-AggregateFunction">
+              <label>UI:DashletGroupBy:Prop-Function</label>
+              <class>{{query.selected_class}}</class> <!-- pour savoir si il y a des attributs additionnables -->
+            </node>
+            <node id="aggregation_attribute" xsi:type="Combodo-ValueType-ClassAttribute">
+              <label>UI:DashletGroupBy:Prop-FunctionAttribute</label>
+              <relevance-condition>{{aggregation_function.value != 'count'}}</relevance-condition>
+              <class>{{query.selected_class}}</class>
+              <category>numeric</category>
+            </node>
+            <node id="order_by" xsi:type="Combodo-ValueType-ChoiceFromInput">
+              <label>UI:DashletGroupBy:Prop-OrderField</label>
+              <values>
+                <value id="attribute">
+                  <label>{{aggregation_attribute.label}}</label>
+                </value>
+                <value id="function">
+                  <label>{{aggregation_function.label}}</label>
+                </value>
+              </values>
+            </node>
+            <node id="limit" xsi:type="Combodo-ValueType-Integer">
+              <label>UI:DashletGroupBy:Prop-Limit</label>
+              <relevance-condition>{{order_by.value = 'function'}}</relevance-condition>
+            </node>
+            <node id="order_direction" xsi:type="Combodo-ValueType-Choice">
+              <label>UI:DashletGroupBy:Prop-OrderDirection</label>
+              <values>
+                <value id="asc">
+                  <label>UI:DashletGroupBy:Order:asc</label>
+                </value>
+                <value id="desc">
+                  <label>UI:DashletGroupBy:Order:desc</label>
+                </value>
+              </values>
+            </node>
+          </nodes>
+        </definition>
+      </property_type>
+      <property_type id="DashletBadge" xsi:type="Combodo-PropertyType">
+        <extends>Dashlet</extends>
+        <definition xsi:type="Combodo-ValueType-PropertyTree">
+          <nodes>
+            <node id="class" xsi:type="Combodo-ValueType-Class">
+              <label>UI:DashletBadge:Prop-Class</label>
+              <categories-csv>bizmodel</categories-csv>
+            </node>
+          </nodes>
+        </definition>
+      </property_type>
+      <property_type id="DashletHeaderDynamic" xsi:type="Combodo-PropertyType">
+        <extends>Dashlet</extends>
+        <definition xsi:type="Combodo-ValueType-PropertyTree">
+          <label>UI:DashletHeaderDynamic:Title</label>
+          <nodes>
+            <node id="title" xsi:type="Combodo-ValueType-Label">
+              <label>UI:DashletHeaderDynamic:Prop-Title</label>
+            </node>
+            <node id="icon" xsi:type="Combodo-ValueType-Icon">
+              <label>UI:DashletHeaderDynamic:Prop-Icon</label>
+            </node>
+            <node id="subtitle" xsi:type="Combodo-ValueType-Label">
+              <label>UI:DashletHeaderDynamic:Prop-Subtitle</label>
+            </node>
+            <node id="query" xsi:type="Combodo-ValueType-OQL">
+              <label>UI:DashletHeaderDynamic:Prop-Query</label>
+            </node>
+            <node id="group_by" xsi:type="Combodo-ValueType-ClassAttribute">
+              <label>UI:DashletHeaderDynamic:Prop-GroupBy</label>
+              <class>{{query.selected_class}}</class>
+              <category>enum</category>
+            </node>
+            <node id="values" xsi:type="Combodo-ValueType-CollectionOfValues">
+              <label>UI:DashletHeaderDynamic:Prop-Values</label>
+              <xml-format xsi:type="Combodo-XMLFormat-CSV"/>
+              <value-type xsi:type="Combodo-ValueType-ClassAttributeValue">
+                <class>{{query.selected_class}}</class>
+                <attribute>{{group_by.attribute}}</attribute>
+              </value-type>
+            </node>
+          </nodes>
+        </definition>
+      </property_type>
+      <property_type id="DashletHeaderStatic" xsi:type="Combodo-PropertyType">
+        <extends>Dashlet</extends>
+        <definition xsi:type="Combodo-ValueType-PropertyTree">
+          <nodes>
+            <node id="title" xsi:type="Combodo-ValueType-Label">
+              <label>UI:DashletHeaderStatic:Prop-Title</label>
+            </node>
+            <node id="icon" xsi:type="Combodo-ValueType-Icon">
+              <label>UI:DashletHeaderStatic:Prop-Icon</label>
+            </node>
+          </nodes>
+        </definition>
+      </property_type>
+      <property_type id="DashletObjectList" xsi:type="Combodo-PropertyType">
+        <extends>Dashlet</extends>
+        <definition xsi:type="Combodo-ValueType-PropertyTree">
+          <nodes>
+            <node id="title" xsi:type="Combodo-ValueType-Label">
+              <label>UI:DashletObjectList:Prop-Title</label>
+            </node>
+            <node id="query" xsi:type="Combodo-ValueType-OQL">
+              <label>UI:DashletObjectList:Prop-Query</label>
+            </node>
+            <node id="menu" xsi:type="Combodo-ValueType-Boolean">
+              <label>UI:DashletObjectList:Prop-Menu</label>
+              <on>
+                <!-- not so cute, but matches exactly 3.2 implementation of boolean fields -->
+                <label>UI:UserManagement:ActionAllowed:Yes</label>
+                <value>true</value>
+              </on>
+              <off>
+                <label>UI:UserManagement:ActionAllowed:No</label>
+                <value>false</value>
+              </off>
+            </node>
+          </nodes>
+        </definition>
+      </property_type>
+      <property_type id="DashletPlainText" xsi:type="Combodo-PropertyType">
+        <extends>Dashlet</extends>
+        <definition xsi:type="Combodo-ValueType-PropertyTree">
+          <nodes>
+            <node id="text" xsi:type="Combodo-ValueType-Text">
+              <label>UI:DashletPlainText:Prop-Text</label>
+            </node>
+          </nodes>
+        </definition>
+      </property_type>
+    </property_types>
  </meta>
 </itop_design>
--- a/application/displayblock.class.inc.php
+++ b/application/displayblock.class.inc.php
@@ -1940,7 +1940,7 @@ class MenuBlock extends DisplayBlock
 					$sSelectedClassName = MetaModel::GetName($sSelectedClass);

 					// Check rights on class
-					$bIsBulkModifyAllowed = (!MetaModel::IsAbstract($sSelectedClass)) && UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_MODIFY) && ($oReflectionClass->IsSubclassOf('cmdbAbstractObject'));
+					$bIsBulkModifyAllowed = (!MetaModel::IsAbstract($sSelectedClass)) && UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_MODIFY) && (($oReflectionClass->IsSubclassOf('cmdbAbstractObject') || $sSelectedClass === 'SynchroReplica'));
 					$bIsBulkDeleteAllowed = (bool) UserRights::IsActionAllowed($sSelectedClass, UR_ACTION_BULK_DELETE);

 					// Refine filter on selected class so bullk actions occur on the right class
@@ -1951,7 +1951,15 @@ class MenuBlock extends DisplayBlock
 					// Action label dict code has a specific suffix for "Link" / "Remote" aliases to allow dedicated labels in linksets.
 					$sActionLabelCodeSuffix = in_array($sSelectedAlias, ['Link', 'Remote']) ? $sSelectedAlias : 'Class';
 					if ($bIsBulkModifyAllowed) {
-						$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:ModifyAll:'.$sSelectedAlias, Dict::Format('UI:Menu:ModifyAll_'.$sActionLabelCodeSuffix, $sSelectedClassName));
+						if($sSelectedClass === 'SynchroReplica'){
+							$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:UnlinkAll:', Dict::S('Class:SynchroReplica/Action:unlink_all'),'unlink');
+							$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:UnLinkSynchroAll:', Dict::S('Class:SynchroReplica/Action:unlinksynchro_all'),'unlinksynchro');
+							$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:SynchroAll:', Dict::S('Class:SynchroReplica/Action:synchro_all'),'synchro');
+							$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:AllowDeleteAll:', Dict::S('Class:SynchroReplica/Action:allowdelete_all'),'allowdelete');
+							$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:DenyDeleteAll:', Dict::S('Class:SynchroReplica/Action:denydelete_all'),'denydelete');
+						} else {
+							$this->AddBulkModifyObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:ModifyAll:'.$sSelectedAlias, Dict::Format('UI:Menu:ModifyAll_'.$sActionLabelCodeSuffix, $sSelectedClassName));
+						}
 					}
 					if ($bIsBulkDeleteAllowed) {
 						$this->AddBulkDeleteObjectsMenuAction($aRegularActions, $sSelectedClass, $oSelectedClassFilter->serialize(), 'UI:Menu:BulkDelete:'.$sSelectedAlias, Dict::Format('UI:Menu:BulkDelete_'.$sActionLabelCodeSuffix, $sSelectedClassName));
@@ -2471,11 +2479,11 @@ class MenuBlock extends DisplayBlock
 	 * @since 3.1.0
 	 * @internal
 	 */
-	protected function AddBulkModifyObjectsMenuAction(array &$aActions, string $sClass, string $sFilter, string $sActionIdentifier = 'UI:Menu:ModifyAll', $sActionLabel = 'UI:Menu:ModifyAll'): void
+	protected function AddBulkModifyObjectsMenuAction(array &$aActions, string $sClass, string $sFilter, string $sActionIdentifier = 'UI:Menu:ModifyAll', $sActionLabel = 'UI:Menu:ModifyAll', $sOperationName = 'modify'): void
 	{
 		$aActions[$sActionIdentifier] = [
 			'label' => Dict::S($sActionLabel),
-			'url' => $this->PrepareUrlForStandardMenuAction($sClass, "operation=select_for_modify_all&class=$sClass&filter=".urlencode($sFilter)),
+			'url' => $this->PrepareUrlForStandardMenuAction($sClass, 'operation=select_for_'.$sOperationName.'_all&class='.$sClass.'&filter='.urlencode($sFilter)),
 		] + $this->GetDefaultParamsForMenuAction();
 	}

--- a/application/exceptions/ForgotPasswordApplicationException.php
+++ b/application/exceptions/ForgotPasswordApplicationException.php
@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+class ForgotPasswordApplicationException extends Exception
+{
+}
--- a/application/exceptions/ForgotPasswordUserInputException.php
+++ b/application/exceptions/ForgotPasswordUserInputException.php
@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+class ForgotPasswordUserInputException extends Exception
+{
+}
--- a/application/logintwig.class.inc.php
+++ b/application/logintwig.class.inc.php
@@ -243,15 +243,12 @@ class LoginTwigRenderer

 	public function GetDefaultVars()
 	{
-		$sVersionShort = Dict::Format('UI:iTopVersion:Short', ITOP_APPLICATION, ITOP_VERSION);
 		$sIconUrl = Utils::GetConfig()->Get('app_icon_url');
 		$sDisplayIcon = Branding::GetLoginLogoAbsoluteUrl();

 		$aVars = [
 			'sAppRootUrl' => utils::GetAbsoluteUrlAppRoot(),
 			'aPluginFormData' => $this->GetPluginFormData(),
-			'sItopVersion' => ITOP_VERSION,
-			'sVersionShort' => $sVersionShort,
 			'sIconUrl' => $sIconUrl,
 			'sDisplayIcon' => $sDisplayIcon,
 		];
--- a/application/loginwebpage.class.inc.php
+++ b/application/loginwebpage.class.inc.php
@@ -221,15 +221,15 @@ class LoginWebPage extends NiceWebPage

 			if ($oUser != null) {
 				if (!MetaModel::IsValidAttCode(get_class($oUser), 'reset_pwd_token')) {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-NotPossible'));
+					throw new ForgotPasswordUserInputException('External accounts do not allow password reset');
 				}
 				if (!$oUser->CanChangePassword()) {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-FixedPwd'));
+					throw new ForgotPasswordUserInputException('The account does not allow password reset');
 				}

 				$sTo = $oUser->GetResetPasswordEmail(); // throws Exceptions if not allowed
 				if ($sTo == '') {
-					throw new Exception(Dict::S('UI:ResetPwd-Error-NoEmail'));
+					throw new ForgotPasswordUserInputException('Missing email address for this account');
 				}

 				// This token allows the user to change the password without knowing the previous one
@@ -255,17 +255,21 @@ class LoginWebPage extends NiceWebPage

 					case EMAIL_SEND_ERROR:
 					default:
-						IssueLog::Error('Failed to send the email with the NEW password for '.$oUser->Get('friendlyname').': '.implode(', ', $aIssues));
-						throw new Exception(Dict::S('UI:ResetPwd-Error-Send'));
+						throw new ForgotPasswordApplicationException('Failed to send the password reset email for '.$oUser->Get('friendlyname').': '.implode(', ', $aIssues));
 				}
 			}

-			$oTwigContext = new LoginTwigRenderer();
-			$aVars = $oTwigContext->GetDefaultVars();
-			$oTwigContext->Render($this, 'forgotpwdsent.html.twig', $aVars);
-		} catch (Exception $e) {
-			$this->DisplayForgotPwdForm(true, $e->getMessage());
+		} catch (ForgotPasswordApplicationException $e) {
+			IssueLog::Error('Failed to process the forgot password request for user "'.$sAuthUser.'" [reason='.get_class($e).']: '.$e->getMessage());
+		} catch (ForgotPasswordUserInputException $e) {
+			IssueLog::Info('Failed to process the forgot password request for user "'.$sAuthUser.'" [reason='.get_class($e).']: '.$e->getMessage());
+		} catch (\Throwable $e) {
+			IssueLog::Error('Unexpected error while processing the forgot password request for user "'.$sAuthUser.'": '.$e->getMessage());
 		}
+
+		$oTwigContext = new LoginTwigRenderer();
+		$aVars = $oTwigContext->GetDefaultVars();
+		$oTwigContext->Render($this, 'forgotpwdsent.html.twig', $aVars);
 	}

 	public function DisplayResetPwdForm($sErrorMessage = null)
--- a/application/newsroomprovider.class.inc.php
+++ b/application/newsroomprovider.class.inc.php
@@ -34,7 +34,7 @@ interface iNewsroomProvider
 	 * @param User $oUser The user for who to check if the provider is applicable.
 	 * return bool
 	 */
-	public function IsApplicable(User $oUser = null);
+	public function IsApplicable(?User $oUser = null);

 	/**
 	 * The human readable (localized) label for this provider
@@ -139,7 +139,7 @@ abstract class NewsroomProviderBase implements iNewsroomProvider
 	 */
 	abstract public function GetViewAllURL();

-	public function IsApplicable(User $oUser = null)
+	public function IsApplicable(?User $oUser = null)
 	{
 		return false;
 	}
--- a/application/query.class.inc.php
+++ b/application/query.class.inc.php
@@ -151,7 +151,7 @@ abstract class Query extends cmdbAbstractObject
 	 * @return string|null
 	 * @since 3.1.0
 	 */
-	abstract public function GetExportUrl(array $aValues = null): ?string;
+	abstract public function GetExportUrl(?array $aValues = null): ?string;

 	/**
 	 * Update last export information.
@@ -227,7 +227,7 @@ class QueryOQL extends Query
 	}

 	/** @inheritdoc */
-	public function GetExportUrl(array $aValues = null): ?string
+	public function GetExportUrl(?array $aValues = null): ?string
 	{
 		try {
 			// retrieve attributes
--- a/application/utils.inc.php
+++ b/application/utils.inc.php
@@ -181,6 +181,9 @@ class utils

 	protected static function LoadParamFile($sParamFile)
 	{
+		if (utils::RealPath($sParamFile, APPROOT) !== false) {
+			throw new Exception("File '".utils::HtmlEntities($sParamFile)."' should be outside iTop");
+		}
 		if (!file_exists($sParamFile)) {
 			throw new Exception("Could not find the parameter file: '".utils::HtmlEntities($sParamFile)."'");
 		}
@@ -1284,7 +1287,7 @@ class utils
 	 * @throws \CoreException
 	 * @throws \Exception
 	 */
-	public static function ExecITopScript(string $sScriptName, array $aArguments, string $sAuthUser = null, string $sAuthPwd = null)
+	public static function ExecITopScript(string $sScriptName, array $aArguments, ?string $sAuthUser = null, ?string $sAuthPwd = null)
 	{
 		$aDisabled = explode(', ', ini_get('disable_functions'));
 		if (in_array('exec', $aDisabled)) {
@@ -1374,7 +1377,7 @@ class utils
 	 * @return string A path to a folder into which any module can store cache data
 	 * The corresponding folder is created or cleaned upon code compilation
 	 */
-	public static function GetCachePath(string $sEnvironment = null): string
+	public static function GetCachePath(?string $sEnvironment = null): string
 	{
 		if (is_null($sEnvironment)) {
 			$sEnvironment = MetaModel::GetEnvironment();
@@ -1900,6 +1903,12 @@ SQL;
 		return $response;
 	}

+	public static function QuoteForPHP(string $sValue): string
+	{
+		$sEscaped = str_replace(['\\', "'"], ['\\\\', "\\'"], $sValue);
+		return "'$sEscaped'";
+	}
+
 	/**
 	 * Get a standard list of character sets
 	 *
--- a/composer.json
+++ b/composer.json
@@ -31,6 +31,7 @@
    "symfony/mailer": "^6.4",
    "symfony/security-csrf": "^6.4",
    "symfony/twig-bundle": "~6.4.0",
+    "symfony/validator" : "^6.4",
    "symfony/yaml": "~6.4.0",
    "tecnickcom/tcpdf": "^6.6.0",
    "thenetworg/oauth2-azure": "^2.0"
--- a/composer.lock
+++ b/composer.lock
--- a/core/autoload.php
+++ b/core/autoload.php
@@ -24,7 +24,7 @@ MetaModel::IncludeModule('application/user.dashboard.class.inc.php');
 MetaModel::IncludeModule('application/audit.rule.class.inc.php');
 MetaModel::IncludeModule('application/audit.domain.class.inc.php');
 MetaModel::IncludeModule('application/query.class.inc.php');
-MetaModel::IncludeModule('setup/moduleinstallation/moduleinstallation.class.inc.php');
+MetaModel::IncludeModule('setup/moduleinstallation.class.inc.php');

 MetaModel::IncludeModule('core/event.class.inc.php');
 MetaModel::IncludeModule('core/action.class.inc.php');
--- a/core/bulkchange.class.inc.php
+++ b/core/bulkchange.class.inc.php
@@ -199,7 +199,7 @@ class CellStatus_SearchIssue extends CellStatus_Issue
 	 * @param null $sAllowedValues : used for additional message that provides allowed values $sAllowedValues for current class
 	 * @param string|null $sAllowedValuesSearch : used to search all allowed values
 	 */
-	public function __construct($sSerializedSearch, $sReason, $sClass = null, $sAllowedValues = null, string $sAllowedValuesSearch = null)
+	public function __construct($sSerializedSearch, $sReason, $sClass = null, $sAllowedValues = null, ?string $sAllowedValuesSearch = null)
 	{
 		parent::__construct(null, null, $sReason);
 		$this->sSerializedSearch = $sSerializedSearch;
@@ -876,7 +876,7 @@ class BulkChange
 		return $aResults;
 	}

-	protected function CreateObject(&$aResult, $iRow, $aRowData, CMDBChange $oChange = null)
+	protected function CreateObject(&$aResult, $iRow, $aRowData, ?CMDBChange $oChange = null)
 	{
 		$oTargetObj = MetaModel::NewObject($this->m_sClass);

@@ -965,7 +965,7 @@ class BulkChange
 	 * @throws \MySQLException
 	 * @throws \MySQLHasGoneAwayException
 	 */
-	protected function UpdateObject(&$aResult, $iRow, $oTargetObj, $aRowData, CMDBChange $oChange = null)
+	protected function UpdateObject(&$aResult, $iRow, $oTargetObj, $aRowData, ?CMDBChange $oChange = null)
 	{
 		$aResult[$iRow] = $this->PrepareObject($oTargetObj, $aRowData, $aErrors);

@@ -1008,7 +1008,7 @@ class BulkChange
 	 *
 	 * @throws \BulkChangeException
 	 */
-	protected function UpdateMissingObject(&$aResult, $iRow, $oTargetObj, CMDBChange $oChange = null)
+	protected function UpdateMissingObject(&$aResult, $iRow, $oTargetObj, ?CMDBChange $oChange = null)
 	{
 		$aResult[$iRow] = $this->PrepareMissingObject($oTargetObj, $aErrors);

@@ -1043,7 +1043,7 @@ class BulkChange
 		}
 	}

-	public function Process(CMDBChange $oChange = null)
+	public function Process(?CMDBChange $oChange = null)
 	{
 		if ($oChange) {
 			CMDBObject::SetCurrentChange($oChange);
--- a/core/config.class.inc.php
+++ b/core/config.class.inc.php
@@ -1954,11 +1954,6 @@ class Config
 	 */
 	protected $m_sDefaultLanguage;

-	/**
-	 * @var string Type of login process allowed: form|basic|url|external
-	 */
-	protected $m_sAllowedLoginTypes;
-
 	/**
 	 * @var string Name of the PHP variable in which external authentication information is passed by the web server
 	 */
@@ -2032,7 +2027,6 @@ class Config
 		$this->m_iFastReloadInterval = DEFAULT_FAST_RELOAD_INTERVAL;
 		$this->m_bSecureConnectionRequired = DEFAULT_SECURE_CONNECTION_REQUIRED;
 		$this->m_sDefaultLanguage = 'EN US';
-		$this->m_sAllowedLoginTypes = DEFAULT_ALLOWED_LOGIN_TYPES;
 		$this->m_sExtAuthVariable = DEFAULT_EXT_AUTH_VARIABLE;
 		$this->m_aCharsets = [];
 		$this->m_bQueryCacheEnabled = DEFAULT_QUERY_CACHE_ENABLED;
@@ -2179,7 +2173,6 @@ class Config
 		$this->m_aModuleSettings = isset($MyModuleSettings) ? $MyModuleSettings : [];

 		$this->m_sDefaultLanguage = isset($MySettings['default_language']) ? trim($MySettings['default_language']) : 'EN US';
-		$this->m_sAllowedLoginTypes = isset($MySettings['allowed_login_types']) ? trim($MySettings['allowed_login_types']) : DEFAULT_ALLOWED_LOGIN_TYPES;
 		$this->m_sExtAuthVariable = isset($MySettings['ext_auth_variable']) ? trim($MySettings['ext_auth_variable']) : DEFAULT_EXT_AUTH_VARIABLE;
 		$this->m_sEncryptionKey = isset($MySettings['encryption_key']) ? trim($MySettings['encryption_key']) : $this->m_sEncryptionKey;
 		$this->m_sEncryptionLibrary = isset($MySettings['encryption_library']) ? trim($MySettings['encryption_library']) : $this->m_sEncryptionLibrary;
@@ -2339,7 +2332,7 @@ class Config

 	public function GetAllowedLoginTypes()
 	{
-		return explode('|', $this->m_sAllowedLoginTypes);
+		return explode('|', $this->m_aSettings['allowed_login_types']['value']);
 	}

 	public function GetExternalAuthenticationVariable()
@@ -2417,7 +2410,6 @@ class Config

 	public function SetAllowedLoginTypes($aAllowedLoginTypes)
 	{
-		$this->m_sAllowedLoginTypes = implode('|', $aAllowedLoginTypes);
 		$this->Set('allowed_login_types', implode('|', $aAllowedLoginTypes));
 	}

@@ -2495,7 +2487,6 @@ class Config
 		$aSettings['fast_reload_interval'] = $this->m_iFastReloadInterval;
 		$aSettings['secure_connection_required'] = $this->m_bSecureConnectionRequired;
 		$aSettings['default_language'] = $this->m_sDefaultLanguage;
-		$aSettings['allowed_login_types'] = $this->m_sAllowedLoginTypes;
 		$aSettings['ext_auth_variable'] = $this->m_sExtAuthVariable;
 		$aSettings['encryption_key'] = $this->m_sEncryptionKey;
 		$aSettings['encryption_library'] = $this->m_sEncryptionLibrary;
@@ -2599,7 +2590,6 @@ class Config
 			// Old fashioned remaining values
 			$aOtherValues = [
 				'default_language' => $this->m_sDefaultLanguage,
-				'allowed_login_types' => $this->m_sAllowedLoginTypes,
 				'ext_auth_variable' => $this->m_sExtAuthVariable,
 				'encryption_key' => $this->m_sEncryptionKey,
 				'encryption_library' => $this->m_sEncryptionLibrary,
@@ -2685,13 +2675,14 @@ class Config
 	 *
 	 * @param array $aParamValues
 	 * @param ?string $sModulesDir
+	 * @param bool $bPreserveModuleSettings
 	 *
 	 * @return void The current object is modified directly
 	 *
 	 * @throws \Exception
 	 * @throws \CoreException
 	 */
-	public function UpdateFromParams($aParamValues, $sModulesDir = null)
+	public function UpdateFromParams($aParamValues, $sModulesDir = null, $bPreserveModuleSettings = false)
 	{
 		if (isset($aParamValues['application_path'])) {
 			$this->Set('app_root_url', $aParamValues['application_path']);
@@ -2739,10 +2730,7 @@ class Config
 		} else {
 			$aSelectedModules = null;
 		}
-
-		if (! is_null($sModulesDir)) {
-			$this->UpdateIncludes($sModulesDir, $aSelectedModules);
-		}
+		$this->UpdateIncludes($sModulesDir, $aSelectedModules);

 		if (isset($aParamValues['source_dir'])) {
 			$this->Set('source_dir', $aParamValues['source_dir']);
@@ -2760,13 +2748,17 @@ class Config
 	 *
 	 * @throws Exception
 	 */
-	public function UpdateIncludes(string $sModulesDir, $aSelectedModules = null)
+	public function UpdateIncludes($sModulesDir, $aSelectedModules = null)
 	{
+		if ($sModulesDir === null) {
+			return;
+		}
+
 		// Initialize the arrays below with default values for the application...
 		$oEmptyConfig = new Config('dummy_file', false); // Do NOT load any config file, just set the default values
 		$aAddOns = $oEmptyConfig->GetAddOns();

-		$aModules = ModuleDiscovery::GetModulesOrderedByDependencies([APPROOT.$sModulesDir]);
+		$aModules = ModuleDiscovery::GetAvailableModules([APPROOT.$sModulesDir]);
 		foreach ($aModules as $sModuleId => $aModuleInfo) {
 			list($sModuleName, $sModuleVersion) = ModuleDiscovery::GetModuleName($sModuleId);
 			if (is_null($aSelectedModules) || in_array($sModuleName, $aSelectedModules)) {
--- a/core/dbobject.class.php
+++ b/core/dbobject.class.php
@@ -2567,7 +2567,7 @@ abstract class DBObject implements iDisplay
 	 *
 	 * @see \RestUtils::FindObjectFromKey for the same check in the REST endpoint
 	 */
-	final public function CheckChangedExtKeysValues(callable $oIsObjectLoadableCallback = null)
+	final public function CheckChangedExtKeysValues(?callable $oIsObjectLoadableCallback = null)
 	{
 		if (is_null($oIsObjectLoadableCallback)) {
 			$oIsObjectLoadableCallback = function ($sClass, $sId) {
@@ -3727,7 +3727,7 @@ abstract class DBObject implements iDisplay
 	 * @throws \MySQLException
 	 * @throws \OQLException
 	 */
-	private function ActivateOnObjectUpdateTriggers(?DBObject $oObject, array $aAttributes = null): void
+	private function ActivateOnObjectUpdateTriggers(?DBObject $oObject, ?array $aAttributes = null): void
 	{
 		if (is_null($oObject)) {
 			return;
--- a/core/dbsearch.class.php
+++ b/core/dbsearch.class.php
@@ -650,7 +650,7 @@ abstract class DBSearch
 	 *
 	 * @throws OQLException
 	 */
-	public static function FromOQL($sQuery, $aParams = null, ModelReflection $oMetaModel = null)
+	public static function FromOQL($sQuery, $aParams = null, ?ModelReflection $oMetaModel = null)
 	{
 		if (empty($sQuery)) {
 			return null;
--- a/core/dbunionsearch.class.php
+++ b/core/dbunionsearch.class.php
@@ -59,7 +59,7 @@ class DBUnionSearch extends DBSearch
 	public function AllowAllData($bAllowAllData = true)
 	{
 		foreach ($this->aSearches as $oSearch) {
-			$oSearch->AllowAllData();
+			$oSearch->AllowAllData($bAllowAllData);
 		}
 	}

--- a/core/designdocument.class.inc.php
+++ b/core/designdocument.class.inc.php
@@ -41,7 +41,7 @@ use utils;
 /**
 * Class \Combodo\iTop\DesignDocument
 *
- * A design document is the DOM tree that modelize behaviors. One of its
+ * A design document is the DOM tree that models behaviors. One of its
 * characteristics is that it can be altered by the mean of the same kind of document.
 *
 */
@@ -453,7 +453,7 @@ class DesignElement extends \DOMElement
 	 * @throws Exception
 	 * @since 3.1.2 3.2.0 N°6974
 	 */
-	public static function _FindNode(DOMNode $oParent, DesignElement $oRefNode, string $sSearchId = null): ?DesignElement
+	public static function _FindNode(DOMNode $oParent, DesignElement $oRefNode, ?string $sSearchId = null): ?DesignElement
 	{
 		$oNodes = self::_FindNodes($oParent, $oRefNode, $sSearchId);
 		if ($oNodes instanceof DOMNodeList) {
@@ -477,7 +477,7 @@ class DesignElement extends \DOMElement
 	 * @return \DOMNodeList|false|mixed
 	 * @since 3.1.2 3.2.0 N°6974
 	 */
-	public static function _FindNodes(DOMNode $oParent, DesignElement $oRefNode, string $sSearchId = null)
+	public static function _FindNodes(DOMNode $oParent, DesignElement $oRefNode, ?string $sSearchId = null)
 	{
 		if ($oParent instanceof DOMDocument) {
 			$oDoc = $oParent->firstChild->ownerDocument;
--- a/core/displayablegraph.class.inc.php
+++ b/core/displayablegraph.class.inc.php
@@ -632,7 +632,7 @@ class DisplayableGroupNode extends DisplayableNode
 		$this->aObjects = [];
 	}

-	public function AddObject(DBObject $oObj = null)
+	public function AddObject(?DBObject $oObj = null)
 	{
 		if (is_object($oObj)) {
 			$sPrevClass = $this->GetObjectClass();
--- a/core/inlineimage.class.inc.php
+++ b/core/inlineimage.class.inc.php
@@ -259,13 +259,18 @@ class InlineImage extends DBObject
 	 * that refer to an InlineImage (detected via the attribute data-img-id="") so that
 	 * the URL is consistent with the current URL of the application.
 	 *
-	 * @param string $sHtml The HTML fragment to process
+N°8681	 * @param string|null $sHtml The HTML fragment to process
 	 *
 	 * @return string The modified HTML
 	 * @throws \Exception
+	 *
+	 * @since 3.3.0 N°8681 Add type hint for parameters and return value
 	 */
-	public static function FixUrls($sHtml)
+	public static function FixUrls(string|null $sHtml): string
 	{
+		// N°8681 - Ensure to have a string value
+		$sHtml = $sHtml ?? '';
+
 		$aNeedles = [];
 		$aReplacements = [];
 		// Find img tags with an attribute data-img-id
@@ -389,7 +394,7 @@ JS
 	 * Resize an image so that it fits the maximum width/height defined in the config file
 	 * @param ormDocument $oImage The original image stored as an array (content / mimetype / filename)
 	 * @return ormDocument The resampled image (or the original one if it already fit)
-	 * @deprecated Replaced by ormDocument::ResizeImageToFit
+	 * @deprecated since 3.3.0 Replaced by ormDocument::ResizeImageToFit
 	 */
 	public static function ResizeImageToFit(ormDocument $oImage, &$aDimensions = null)
 	{
--- a/core/kpi.class.inc.php
+++ b/core/kpi.class.inc.php
@@ -1,18 +1,20 @@
 <?php

 /**
- * @copyright   Copyright (C) 2010-2024 Combodo SAS
+ * @copyright   Copyright (C) 2010-2026 Combodo SAS
 * @license     http://opensource.org/licenses/AGPL-3.0
 */

+use Combodo\iTop\Application\EventRegister\ApplicationEvents;
 use Combodo\iTop\Core\Kpi\KpiLogData;
+use Combodo\iTop\Service\Events\EventService;
+use Combodo\iTop\Service\Events\iEventServiceSetup;
 use Combodo\iTop\Service\Module\ModuleService;

 /**
 * Measures operations duration, memory usage, etc. (and some other KPIs)
 */
-
-class ExecutionKPI
+class ExecutionKPI implements iEventServiceSetup
 {
 	protected static $m_bEnabled_Duration = false;
 	protected static $m_bEnabled_Memory = false;
@@ -23,15 +25,18 @@ class ExecutionKPI

 	protected static $m_aStats = []; // Recurrent operations
 	protected static $m_aExecData = []; // One shot operations
-	/**
-	 * @var array[ExecutionKPI]
-	 */
-	protected static $m_aExecutionStack = []; // embedded execution stats
+	/** @var true */
+	private static bool $bMetamodelStarted = false;

+	private static ?float $fLastReportTime = null;
+	private static ?float $iLastReportMemory = null;
+
+	// For stats
 	protected $m_fStarted = null;
-	protected $m_fChildrenDuration = 0; // Count embedded
 	protected $m_iInitialMemory = null;

+	private static array $aBootstrapOperations = [];
+
 	public static function EnableDuration($iLevel)
 	{
 		if ($iLevel > 0) {
@@ -71,6 +76,7 @@ class ExecutionKPI
 				return true;
 			}
 		}
+
 		return false;
 	}

@@ -97,7 +103,7 @@ class ExecutionKPI
 		$sFor = self::$m_sAllowedUser == '*' ? 'EVERYBODY' : "'".trim(self::$m_sAllowedUser)."'";
 		$sSlowQueries = '';
 		if (self::$m_fSlowQueries > 0) {
-			$sSlowQueries = ". Slow Queries: ".self::$m_fSlowQueries."s";
+			$sSlowQueries = '. Slow Queries: '.self::$m_fSlowQueries.'s';
 		}

 		$aExtensions = [];
@@ -127,7 +133,7 @@ class ExecutionKPI
 			$sRequest .= ' operation: '.$_POST['operation'];
 		}

-		$fStop = MyHelpers::getmicrotime();
+		$fStop = microtime(true);
 		if (($fStop - $fItopStarted) > self::$m_fSlowQueries) {
 			// Invoke extensions to log the KPI operation
 			/** @var \iKPILoggerExtension $oExtensionInstance */
@@ -151,17 +157,17 @@ class ExecutionKPI

 		$sTableStyle = 'background-color: #ccc; margin: 10px;';

-		$sHtml = "<hr/>";
+		$sHtml = '<hr/>';
 		$sHtml .= "<div style=\"background-color: grey; padding: 10px;\">";
 		$sHtml .= "<h3><a name=\"".md5($sExecId)."\">KPIs</a> - $sRequest</h3>";
 		$oStarted = DateTime::createFromFormat('U.u', $fItopStarted);
 		$sHtml .= '<p>'.$oStarted->format('Y-m-d H:i:s.u').'</p>';
-		$sHtml .= "<p>log_kpi_user_id: ".UserRights::GetUserId()."</p>";
-		$sHtml .= "<div>";
+		$sHtml .= '<p>log_kpi_user_id: '.UserRights::GetUserId().'</p>';
+		$sHtml .= '<div>';
 		$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
-		$sHtml .= "<thead>";
-		$sHtml .= "   <th>Operation</th><th>Begin</th><th>End</th><th>Duration</th><th>Memory start</th><th>Memory end</th><th>Memory peak</th>";
-		$sHtml .= "</thead>";
+		$sHtml .= '<thead>';
+		$sHtml .= '   <th>Operation</th><th>Begin</th><th>End</th><th>Duration</th><th>Memory start</th><th>Memory end</th><th>Memory peak</th>';
+		$sHtml .= '</thead>';
 		foreach (self::$m_aExecData as $aOpStats) {
 			$sOperation = $aOpStats['op'];
 			$sBegin = round($aOpStats['time_begin'], 3);
@@ -180,12 +186,12 @@ class ExecutionKPI
 				}
 			}

-			$sHtml .= "<tr>";
+			$sHtml .= '<tr>';
 			$sHtml .= "   <td>$sOperation</td><td>$sBegin</td><td>$sEnd</td><td>$sDuration</td><td>$sMemBegin</td><td>$sMemEnd</td><td>$sMemPeak</td>";
-			$sHtml .= "</tr>";
+			$sHtml .= '</tr>';
 		}
-		$sHtml .= "</table>";
-		$sHtml .= "</div>";
+		$sHtml .= '</table>';
+		$sHtml .= '</div>';

 		$aConsolidatedStats = [];
 		foreach (self::$m_aStats as $sOperation => $aOpStats) {
@@ -208,20 +214,20 @@ class ExecutionKPI
 				}
 			}
 			$aConsolidatedStats[$sOperation] = [
-				'count' => $iTotalOp,
+				'count'    => $iTotalOp,
 				'duration' => $fTotalOp,
-				'min' => $fMinOp,
-				'max' => $fMaxOp,
-				'avg' => $fTotalOp / $iTotalOp,
+				'min'      => $fMinOp,
+				'max'      => $fMaxOp,
+				'avg'      => $fTotalOp / $iTotalOp,
 				'max_args' => $sMaxOpArguments,
 			];
 		}

-		$sHtml .= "<div>";
+		$sHtml .= '<div>';
 		$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
-		$sHtml .= "<thead>";
-		$sHtml .= "   <th>Operation</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th><th>Avg</th>";
-		$sHtml .= "</thead>";
+		$sHtml .= '<thead>';
+		$sHtml .= '   <th>Operation</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th><th>Avg</th>';
+		$sHtml .= '</thead>';
 		foreach ($aConsolidatedStats as $sOperation => $aOpStats) {
 			$sOperation = '<a href="#'.md5($sExecId.$sOperation).'">'.$sOperation.'</a>';
 			$sCount = $aOpStats['count'];
@@ -230,14 +236,14 @@ class ExecutionKPI
 			$sMax = '<a href="#'.md5($sExecId.$aOpStats['max_args']).'">'.round($aOpStats['max'], 3).'</a>';
 			$sAvg = round($aOpStats['avg'], 3);

-			$sHtml .= "<tr>";
+			$sHtml .= '<tr>';
 			$sHtml .= "   <td>$sOperation</td><td>$sCount</td><td>$sDuration</td><td>$sMin</td><td>$sMax</td><td>$sAvg</td>";
-			$sHtml .= "</tr>";
+			$sHtml .= '</tr>';
 		}
-		$sHtml .= "</table>";
-		$sHtml .= "</div>";
+		$sHtml .= '</table>';
+		$sHtml .= '</div>';

-		$sHtml .= "</div>";
+		$sHtml .= '</div>';

 		$sHtml .= "<p><a href=\"#end-".md5($sExecId)."\">Next page stats</a></p>";

@@ -287,18 +293,18 @@ class ExecutionKPI
 						$sOperationHtml = '<a name="'.md5($sExecId.$sOperation).'">'.$sOperation.'</a>';
 						$sHtml .= "<h4>$sOperationHtml</h4>";
 						$sHtml .= "<table border=\"1\" style=\"$sTableStyle\">";
-						$sHtml .= "<thead>";
-						$sHtml .= "   <th>Operation details (+ blame caller if log_kpi_duration = 2)</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th>";
-						$sHtml .= "</thead>";
+						$sHtml .= '<thead>';
+						$sHtml .= '   <th>Operation details (+ blame caller if log_kpi_duration = 2)</th><th>Count</th><th>Duration</th><th>Min</th><th>Max</th>';
+						$sHtml .= '</thead>';
 						$bDisplayHeader = false;
 					}
-					$sHtml .= "<tr>";
+					$sHtml .= '<tr>';
 					$sHtml .= "   <td>$sHtmlArguments</td><td>$iCountInter</td><td>$sTotalInter</td><td>$sMinInter</td><td>$sMaxInter</td>";
-					$sHtml .= "</tr>";
+					$sHtml .= '</tr>';
 				}
 			}
 			if (!$bDisplayHeader) {
-				$sHtml .= "</table>";
+				$sHtml .= '</table>';
 				$sHtml .= "<p><a href=\"#".md5($sExecId)."\">Back to page stats</a></p>";
 			}
 			self::Report($sHtml);
@@ -333,39 +339,50 @@ class ExecutionKPI

 		$aNewEntry = null;

-		$fStarted = $this->m_fStarted;
-		$fStopped = $this->m_fStarted;
-		if (self::$m_bEnabled_Duration) {
-			$fStopped = MyHelpers::getmicrotime();
-			$aNewEntry = [
-				'op'         => $sOperationDesc,
-				'time_begin' => $this->m_fStarted - $fItopStarted,
-				'time_end'   => $fStopped - $fItopStarted,
-			];
-			// Reset for the next operation (if the object is recycled)
-			$this->m_fStarted = $fStopped;
+		if (is_null(static::$fLastReportTime)) {
+			static::$fLastReportTime = $fItopStarted;
 		}

-		$iInitialMemory = is_null($this->m_iInitialMemory) ? 0 : $this->m_iInitialMemory;
-		$iCurrentMemory = 0;
-		$iPeakMemory = 0;
+		if (is_null(static::$iLastReportMemory)) {
+			global $iItopInitialMemory;
+			static::$iLastReportMemory = $iItopInitialMemory;
+		}
+
+		$fStarted = static::$fLastReportTime;
+		$fStopped = microtime(true);
+		if (self::$m_bEnabled_Duration) {
+			$aNewEntry = [
+				'op'         => $sOperationDesc,
+				'time_begin' => $fStarted - $fItopStarted,
+				'time_end'   => $fStopped - $fItopStarted,
+			];
+		}
+		static::$fLastReportTime = $fStopped;
+
+		$iInitialMemory = static::$iLastReportMemory;
+		$iCurrentMemory = $iInitialMemory;
+		$iPeakMemory = $iInitialMemory;
 		if (self::$m_bEnabled_Memory) {
 			$iCurrentMemory = self::memory_get_usage();
 			if (is_null($aNewEntry)) {
 				$aNewEntry = ['op' => $sOperationDesc];
 			}
-			$aNewEntry['mem_begin'] = $this->m_iInitialMemory;
+			$aNewEntry['mem_begin'] = $iInitialMemory;
 			$aNewEntry['mem_end'] = $iCurrentMemory;
 			$iPeakMemory = self::memory_get_peak_usage();
 			$aNewEntry['mem_peak'] = $iPeakMemory;
 			// Reset for the next operation (if the object is recycled)
-			$this->m_iInitialMemory = $iCurrentMemory;
+			static::$iLastReportMemory = $iCurrentMemory;
 		}

 		if (self::$m_bEnabled_Duration || self::$m_bEnabled_Memory) {
-			// Invoke extensions to log the KPI operation
-			/** @var \iKPILoggerExtension $oExtensionInstance */
-			foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+			$aCallstack = ['callstack' => $this->GetCallStack()];
+			if (static::$bMetamodelStarted) {
+				foreach (static::$aBootstrapOperations as $oLog) {
+					$this->LogOperation($oLog);
+				}
+				static::$aBootstrapOperations = [];
+				// Invoke extensions to log the KPI operation
 				$sExtension = ModuleService::GetInstance()->GetModuleNameFromCallStack(1);
 				$oKPILogData = new KpiLogData(
 					KpiLogData::TYPE_REPORT,
@@ -376,9 +393,24 @@ class ExecutionKPI
 					$sExtension,
 					$iInitialMemory,
 					$iCurrentMemory,
-					$iPeakMemory
+					$iPeakMemory,
+					$aCallstack
 				);
-				$oExtensionInstance->LogOperation($oKPILogData);
+				$this->LogOperation($oKPILogData);
+			} else {
+				$oKPILogData = new KpiLogData(
+					KpiLogData::TYPE_REPORT,
+					'Step',
+					$sOperationDesc,
+					$fStarted,
+					$fStopped,
+					'',
+					$iInitialMemory,
+					$iCurrentMemory,
+					$iPeakMemory,
+					$aCallstack
+				);
+				static::$aBootstrapOperations[] = $oKPILogData;
 			}
 		}

@@ -388,13 +420,21 @@ class ExecutionKPI
 		$this->ResetCounters();
 	}

+	private function LogOperation(KpiLogData $oKPILogData): void
+	{
+		/** @var \iKPILoggerExtension $oExtensionInstance */
+		foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
+			$oExtensionInstance->LogOperation($oKPILogData);
+		}
+	}
+
 	/**
 	 * Compute statistics for a call to an extension
 	 * Note: not working in dev mode (with links to env-production)
 	 *
 	 * @param object|string $object object called
-	 * @param string $sMethod       method called on the object
-	 * @param string $sMessage      additional message
+	 * @param string $sMethod method called on the object
+	 * @param string $sMessage additional message
 	 *
 	 * @return bool true if an extension was found for this object::method
 	 * @throws \ReflectionException
@@ -423,21 +463,23 @@ class ExecutionKPI

 		$fDuration = 0;
 		if (self::$m_bEnabled_Duration) {
-			$fStopped = MyHelpers::getmicrotime();
+			$fStopped = microtime(true);
 			$fDuration = $fStopped - $this->m_fStarted;
 			$aCallstack = [];
 			if (self::$m_bGenerateLegacyReport) {
 				if (self::$m_bBlameCaller) {
 					$aCallstack = MyHelpers::get_callstack(1);
 					self::$m_aStats[$sOperation][$sArguments][] = [
-							'time' => $fDuration,
-							'callers' => $aCallstack,
+						'time'    => $fDuration,
+						'callers' => $aCallstack,
 					];
 				} else {
 					self::$m_aStats[$sOperation][$sArguments][] = [
-							'time' => $fDuration,
+						'time' => $fDuration,
 					];
 				}
+			} else {
+				$aCallstack = ['callstack' => $this->GetCallStack()];
 			}

 			$iInitialMemory = is_null($this->m_iInitialMemory) ? 0 : $this->m_iInitialMemory;
@@ -448,33 +490,45 @@ class ExecutionKPI
 				$iPeakMemory = self::memory_get_peak_usage();
 			}

-			// Invoke extensions to log the KPI operation
-			/** @var \iKPILoggerExtension $oExtensionInstance */
-			foreach (MetaModel::EnumPlugins('iKPILoggerExtension') as $oExtensionInstance) {
-				//$sExtension = ModuleService::GetInstance()->GetModuleNameFromCallStack(1);
-				$sExtension = '';
+			if (static::$bMetamodelStarted) {
+				foreach (static::$aBootstrapOperations as $oLog) {
+					$this->LogOperation($oLog);
+				}
+				static::$aBootstrapOperations = [];
 				$oKPILogData = new KpiLogData(
 					KpiLogData::TYPE_STATS,
 					$sOperation,
 					$sArguments,
 					$this->m_fStarted,
 					$fStopped,
-					$sExtension,
+					'',
 					$iInitialMemory,
 					$iCurrentMemory,
 					$iPeakMemory,
 					$aCallstack
 				);
-				$oExtensionInstance->LogOperation($oKPILogData);
+				$this->LogOperation($oKPILogData);
+			} else {
+				$oKPILogData = new KpiLogData(
+					KpiLogData::TYPE_STATS,
+					$sOperation,
+					$sArguments,
+					$this->m_fStarted,
+					$fStopped,
+					'',
+					$iInitialMemory,
+					$iCurrentMemory,
+					$iPeakMemory,
+					$aCallstack
+				);
+				static::$aBootstrapOperations[] = $oKPILogData;
 			}
 		}
 	}

 	protected function ResetCounters()
 	{
-		if (self::$m_bEnabled_Duration) {
-			$this->m_fStarted = microtime(true);
-		}
+		$this->m_fStarted = microtime(true);

 		if (self::$m_bEnabled_Memory) {
 			$this->m_iInitialMemory = self::memory_get_usage();
@@ -503,7 +557,33 @@ class ExecutionKPI
 		if (function_exists('memory_get_peak_usage')) {
 			return memory_get_peak_usage($bRealUsage);
 		}
+
 		// PHP > 5.2.1 - this verb depends on a compilation option
 		return 0;
 	}
+
+	/*
+	 * ModuleHandlerApiInterface methods
+	 */
+
+	public static function OnMetaModelStarted()
+	{
+		static::$bMetamodelStarted = true;
+	}
+
+	public function RegisterEventsAndListeners()
+	{
+		EventService::RegisterListener(ApplicationEvents::APPLICATION_EVENT_METAMODEL_STARTED, [$this, 'OnMetaModelStarted']);
+	}
+
+	private function GetCallStack(): string
+	{
+		$aCallStack = MyHelpers::get_callstack(2);
+		$sCallStack = "Call stack:\n";
+		foreach ($aCallStack as $index => $aLine) {
+			$sCallStack .= "#$index ".$aLine['File'].'('.$aLine['Line'].'): '.$aLine['Function']."\n";
+		}
+
+		return $sCallStack;
+	}
 }
--- a/core/log.class.inc.php
+++ b/core/log.class.inc.php
@@ -691,6 +691,28 @@ abstract class LogAPI
 		static::$m_oMockMetaModelConfig = $oMetaModelConfig;
 	}

+	public static function Exception(string $sMessage, throwable $oException, string $sChannel = null, array $aContext = []): void
+	{
+		$aErrorLogs = [];
+		$aErrorLogs[] = static::PrepareErrorLog($sMessage, $oException, $aContext);
+		$oException = $oException->getPrevious();
+		while ($oException !== null) {
+			$aErrorLogs[] = static::PrepareErrorLog($oException->getMessage(), $oException, $aContext, true);
+			$oException = $oException->getPrevious();
+		}
+		$aErrorLogs = array_reverse($aErrorLogs);
+		foreach ($aErrorLogs as $aErrorLog) {
+			static::Error($aErrorLog['message'], $sChannel, $aErrorLog['context']);
+		}
+	}
+
+	private static function PrepareErrorLog(string $sMessage, throwable $oException, array $aContext, bool $isPrevious = false): array
+	{
+		$aContext['Error Message'] = $oException->getMessage();
+		$aContext['Stack Trace'] = $oException->getTraceAsString();
+		return ['message' => ($isPrevious ? "Previous " : '')."Exception: $sMessage", 'context' => $aContext];
+	}
+
 	public static function Error($sMessage, $sChannel = null, $aContext = [])
 	{
 		static::Log(self::LEVEL_ERROR, $sMessage, $sChannel, $aContext);
--- a/core/metamodel.class.php
+++ b/core/metamodel.class.php
@@ -22,8 +22,6 @@ use Combodo\iTop\Application\EventRegister\ApplicationEvents;
 use Combodo\iTop\Core\MetaModel\FriendlyNameType;
 use Combodo\iTop\Service\Events\EventData;
 use Combodo\iTop\Service\Events\EventService;
-use Combodo\iTop\Setup\ModuleDependency\Module;
-use Combodo\iTop\Setup\ModuleDiscovery\ModuleFileReader;

 require_once APPROOT.'core/modulehandler.class.inc.php';
 require_once APPROOT.'core/querymodifier.class.inc.php';
@@ -464,43 +462,6 @@ abstract class MetaModel
 		return call_user_func([$sClass, 'GetClassDescription'], $sClass);
 	}

-	/**
-	 * @param string $sClass
-	 *
-	 * @return string
-	 * @throws \CoreException
-	 */
-	final public static function GetModuleName($sClass)
-	{
-		try {
-			$oReflectionClass = new ReflectionClass($sClass);
-			$sDir = realpath(dirname($oReflectionClass->getFileName()));
-			$sApproot = realpath(APPROOT);
-			while (($sDir !== $sApproot) && (str_contains($sDir, $sApproot))) {
-				$aFiles = glob("$sDir/module.*.php");
-				if (count($aFiles) > 1) {
-					return 'core';
-				}
-
-				if (count($aFiles) == 0) {
-					$sDir = realpath(dirname($sDir));
-					continue;
-				}
-
-				$sModuleFilePath = $aFiles[0];
-				$aModuleInfo = ModuleFileReader::GetInstance()->ReadModuleFileInformation($sModuleFilePath);
-				$sModuleId = $aModuleInfo[ModuleFileReader::MODULE_INFO_ID];
-				list($sModuleName, ) = ModuleDiscovery::GetModuleName($sModuleId);
-
-				return $sModuleName;
-			}
-		} catch (\Exception $e) {
-			throw new CoreException("Cannot find class module", ['class' => $sClass], '', $e);
-		}
-
-		return 'core';
-	}
-
 	/**
 	 * @param string $sClass
 	 *
--- a/core/modelreflection.class.inc.php
+++ b/core/modelreflection.class.inc.php
@@ -55,6 +55,11 @@ abstract class ModelReflection
 	abstract public function GetFiltersList($sClass);
 	abstract public function IsValidFilterCode($sClass, $sFilterCode);

+	/**
+	 * @since 3.3.0
+	 */
+	abstract public function IsAbstract($sClass): bool;
+
 	/**
 	 * @param string $sOQL
 	 *
@@ -148,7 +153,7 @@ class ModelReflectionRuntime extends ModelReflection
 			$sAttributeClass = get_class($oAttDef);
 			if ($aScope != null) {
 				foreach ($aScope as $sScopeClass) {
-					if (($sAttributeClass == $sScopeClass) || is_subclass_of($sAttributeClass, $sScopeClass)) {
+					if (is_a($sAttributeClass, $sScopeClass, true)) {
 						$aAttributes[$sAttCode] = $sAttributeClass;
 						break;
 					}
@@ -230,6 +235,11 @@ class ModelReflectionRuntime extends ModelReflection
 		return MetaModel::IsValidFilterCode($sClass, $sFilterCode);
 	}

+	public function IsAbstract($sClass): bool
+	{
+		return MetaModel::IsAbstract($sClass);
+	}
+
 	public function GetQuery($sOQL)
 	{
 		return new QueryReflectionRuntime($sOQL, $this);
--- a/core/oql/build/PHP/ParserGenerator/Data.php
+++ b/core/oql/build/PHP/ParserGenerator/Data.php
@@ -1656,7 +1656,7 @@ class PHP_ParserGenerator_Data
    function emit_code($out, PHP_ParserGenerator_Rule $rp, &$lineno)
    {
        $linecnt = 0;
-        
+
        /* Generate code to do the reduce action */
        if ($rp->code) {
            $this->tplt_linedir($out, $rp->line, $this->filename);
--- a/core/oql/expression.class.inc.php
+++ b/core/oql/expression.class.inc.php
@@ -2103,12 +2103,18 @@ class VariableExpression extends UnaryExpression

 	/**
 	 * Evaluate the value of the expression
+	 *
 	 * @param array $aArgs
-	 * @throws \Exception if terms cannot be evaluated as scalars
-*/
+	 *
+	 * @return mixed
+	 * @throws \MissingQueryArgument
+	 */
 	public function Evaluate(array $aArgs)
 	{
-		throw new Exception('not implemented yet');
+		if (!isset($aArgs[$this->m_sName])) {
+			throw new MissingQueryArgument('Missing variable expression argument', array('expecting'=>$this->m_sName));
+		}
+		return $aArgs[$this->m_sName];
 	}

 	/**
--- a/core/oql/oql-parser.php
+++ b/core/oql/oql-parser.php
@@ -1084,7 +1084,7 @@ static public $yy_action = array(
    function yy_find_shift_action($iLookAhead)
    {
        $stateno = $this->yystack[$this->yyidx]->stateno;
-     
+
        /* if ($this->yyidx < 0) return self::YY_NO_ACTION;  */
        if (!isset(self::$yy_shift_ofst[$stateno])) {
            // no shift actions
@@ -1767,7 +1767,7 @@ throw new OQLParserParseFailureException($this->m_sSourceQuery, $this->m_iLine,
    function yy_syntax_error($yymajor, $TOKEN)
    {
 #line 25 "..\oql-parser.y"
- 
+
 throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol, $this->tokenName($yymajor), $TOKEN);
 #line 1779 "..\oql-parser.php"
    }
@@ -1806,7 +1806,7 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
 //        $yyact;            /* The parser action. */
 //        $yyendofinput;     /* True if we are at the end of input */
        $yyerrorhit = 0;   /* True if yymajor has invoked an error */
-        
+
        /* (re)initialize the parser, if necessary */
        if ($this->yyidx === null || $this->yyidx < 0) {
            /* if ($yymajor == 0) return; // not sure why this was here... */
@@ -1819,7 +1819,7 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
            array_push($this->yystack, $x);
        }
        $yyendofinput = ($yymajor==0);
-        
+
        if (self::$yyTraceFILE) {
            fprintf(
                self::$yyTraceFILE,
@@ -1828,7 +1828,7 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
                self::$yyTokenName[$yymajor]
            );
        }
-        
+
        do {
            $yyact = $this->yy_find_shift_action($yymajor);
            if ($yymajor < self::YYERRORSYMBOL
@@ -2002,7 +2002,7 @@ class OQLParser extends OQLParserRaw
 		$this->m_sSourceQuery = $sQuery;
 		// no constructor - parent::__construct();
 	}
-	
+
 	public function doParse($token, $value, $iCurrPosition = 0)
 	{
 		$this->m_iColPrev = $this->m_iCol;
@@ -2016,7 +2016,7 @@ class OQLParser extends OQLParserRaw
 		$this->doParse(0, 0);
 		return $this->my_result;
 	}
-	
+
 	public function __destruct()
 	{
 		// Bug in the original destructor, causing an infinite loop !
--- a/core/oql/oqlexception.class.inc.php
+++ b/core/oql/oqlexception.class.inc.php
@@ -72,9 +72,15 @@ class OQLException extends CoreException
 		}
 		else
 		{
-			$sExpectations = '{'.implode(', ', $this->m_aExpecting).'}';
+			$sMessage = "$sIssue - found '{$this->m_sUnexpected}' at $iCol in '$sInput'";
+			if (count($this->m_aExpecting) < 30) {
+				$sExpectations = '{'.implode(', ', $this->m_aExpecting).'}';
+				$sMessage .= ', expecting '.json_encode($sExpectations);
+			}
 			$sSuggest = self::FindClosestString($this->m_sUnexpected, $this->m_aExpecting);
-			$sMessage = "$sIssue - found '{$this->m_sUnexpected}' at $iCol in '$sInput', expecting $sExpectations, I would suggest to use '$sSuggest'";
+			if (strlen($sSuggest) > 0) {
+				$sMessage .= ", I would suggest to use ".json_encode($sSuggest);
+			}
 		}
 		
 		// make sure everything is assigned properly
@@ -155,5 +161,3 @@ class OQLException extends CoreException
 		return $sRet;
 	}
 }
-
-?>
--- a/core/oql/oqlquery.class.inc.php
+++ b/core/oql/oqlquery.class.inc.php
@@ -57,15 +57,15 @@ class OqlName
 	{
 		return $this->m_iPos;
 	}
-	
+
 	public function __toString()
 	{
 		return $this->m_sValue;
-	} 
+	}
 }

 /**
- * 
+ *
 * Store hexadecimal values as strings so that we can support 64-bit values
 *
 */
@@ -77,12 +77,12 @@ class OqlHexValue
 	{
 		$this->m_sValue = $sValue;
 	}
-	
+
 	public function __toString()
 	{
 		return $this->m_sValue;
 	}
-	
+
 }

 class OqlJoinSpec
@@ -109,6 +109,7 @@ class OqlJoinSpec
 	{
 		return $this->m_oClass->GetValue();
 	}
+
 	public function GetClassAlias()
 	{
 		return $this->m_oClassAlias->GetValue();
@@ -118,6 +119,7 @@ class OqlJoinSpec
 	{
 		return $this->m_oClass;
 	}
+
 	public function GetClassAliasDetails()
 	{
 		return $this->m_oClassAlias;
@@ -127,10 +129,12 @@ class OqlJoinSpec
 	{
 		return $this->m_oLeftField;
 	}
+
 	public function GetRightField()
 	{
 		return $this->m_oRightField;
 	}
+
 	public function GetOperator()
 	{
 		return $this->m_sOperator;
@@ -146,8 +150,9 @@ interface CheckableExpression
 	 * @param ModelReflection $oModelReflection MetaModel to consider
 	 * @param array $aAliases Aliases to class names (for the current query)
 	 * @param string $sSourceQuery For the reporting
+	 *
 	 * @throws OqlNormalizeException
-	 */	 	
+	 */
 	public function Check(ModelReflection $oModelReflection, $aAliases, $sSourceQuery);
 }

@@ -168,13 +173,11 @@ class MatchOqlExpression extends MatchExpression implements CheckableExpression
 		$this->m_oRightExpr->Check($oModelReflection, $aAliases, $sSourceQuery);

 		// Only field MATCHES scalar is allowed
-		if (!$this->m_oLeftExpr instanceof FieldExpression)
-		{
+		if (!$this->m_oLeftExpr instanceof FieldExpression) {
 			throw new OqlNormalizeException('Only "field MATCHES string" syntax is allowed', $sSourceQuery, new OqlName($this->m_oLeftExpr->RenderExpression(true), 0));
 		}
 		// Only field MATCHES scalar is allowed
-		if (!$this->m_oRightExpr instanceof ScalarExpression && !$this->m_oRightExpr instanceof VariableOqlExpression)
-		{
+		if (!$this->m_oRightExpr instanceof ScalarExpression && !$this->m_oRightExpr instanceof VariableOqlExpression) {
 			throw new OqlNormalizeException('Only "field MATCHES string" syntax is allowed', $sSourceQuery, new OqlName($this->m_oRightExpr->RenderExpression(true), 0));
 		}
 	}
@@ -198,7 +201,7 @@ class NestedQueryOqlExpression extends NestedQueryExpression implements Checkabl
 	 *
 	 * @param OQLObjectQuery $oOQLObjectQuery
 	 */
-	public function __construct($oOQLObjectQuery )
+	public function __construct($oOQLObjectQuery)
 	{
 		parent::__construct($oOQLObjectQuery->ToDBSearch(""));
 		$this->m_oOQLObjectQuery = $oOQLObjectQuery;
@@ -232,8 +235,7 @@ class FieldOqlExpression extends FieldExpression implements CheckableExpression

 	public function __construct($oName, $oParent = null)
 	{
-		if (is_null($oParent))
-		{
+		if (is_null($oParent)) {
 			$oParent = new OqlName('', 0);
 		}
 		$this->m_oParent = $oParent;
@@ -256,37 +258,28 @@ class FieldOqlExpression extends FieldExpression implements CheckableExpression
 	{
 		$sClassAlias = $this->GetParent();
 		$sFltCode = $this->GetName();
-		if (empty($sClassAlias))
-		{
+		if (empty($sClassAlias)) {
 			// Try to find an alias
 			// Build an array of field => array of aliases
 			$aFieldClasses = array();
-			foreach($aAliases as $sAlias => $sReal)
-			{
-				foreach($oModelReflection->GetFiltersList($sReal) as $sAnFltCode)
-				{
+			foreach ($aAliases as $sAlias => $sReal) {
+				foreach ($oModelReflection->GetFiltersList($sReal) as $sAnFltCode) {
 					$aFieldClasses[$sAnFltCode][] = $sAlias;
 				}
 			}
-			if (!array_key_exists($sFltCode, $aFieldClasses))
-			{
+			if (!array_key_exists($sFltCode, $aFieldClasses)) {
 				throw new OqlNormalizeException('Unknown filter code', $sSourceQuery, $this->GetNameDetails(), array_keys($aFieldClasses));
 			}
-			if (count($aFieldClasses[$sFltCode]) > 1)
-			{
+			if (count($aFieldClasses[$sFltCode]) > 1) {
 				throw new OqlNormalizeException('Ambiguous filter code', $sSourceQuery, $this->GetNameDetails());
 			}
 			$sClassAlias = $aFieldClasses[$sFltCode][0];
-		}
-		else
-		{
-			if (!array_key_exists($sClassAlias, $aAliases))
-			{
+		} else {
+			if (!array_key_exists($sClassAlias, $aAliases)) {
 				throw new OqlNormalizeException('Unknown class [alias]', $sSourceQuery, $this->GetParentDetails(), array_keys($aAliases));
 			}
 			$sClass = $aAliases[$sClassAlias];
-			if (!$oModelReflection->IsValidFilterCode($sClass, $sFltCode))
-			{
+			if (!$oModelReflection->IsValidFilterCode($sClass, $sFltCode)) {
 				throw new OqlNormalizeException('Unknown filter code', $sSourceQuery, $this->GetNameDetails(), $oModelReflection->GetFiltersList($sClass));
 			}
 		}
@@ -305,8 +298,7 @@ class ListOqlExpression extends ListExpression implements CheckableExpression
 {
 	public function Check(ModelReflection $oModelReflection, $aAliases, $sSourceQuery)
 	{
-		foreach ($this->GetItems() as $oItemExpression)
-		{
+		foreach ($this->GetItems() as $oItemExpression) {
 			$oItemExpression->Check($oModelReflection, $aAliases, $sSourceQuery);
 		}
 	}
@@ -316,8 +308,7 @@ class FunctionOqlExpression extends FunctionExpression implements CheckableExpre
 {
 	public function Check(ModelReflection $oModelReflection, $aAliases, $sSourceQuery)
 	{
-		foreach ($this->GetArgs() as $oArgExpression)
-		{
+		foreach ($this->GetArgs() as $oArgExpression) {
 			$oArgExpression->Check($oModelReflection, $aAliases, $sSourceQuery);
 		}
 	}
@@ -350,6 +341,7 @@ abstract class OqlQuery
 	 * Determine the class
 	 *
 	 * @param ModelReflection $oModelReflection MetaModel to consider
+	 *
 	 * @return string
 	 * @throws Exception
 	 */
@@ -392,6 +384,7 @@ class OqlObjectQuery extends OqlQuery
 	 * Determine the class
 	 *
 	 * @param ModelReflection $oModelReflection MetaModel to consider
+	 *
 	 * @return string
 	 * @throws Exception
 	 */
@@ -415,6 +408,7 @@ class OqlObjectQuery extends OqlQuery
 	{
 		return $this->m_oClass;
 	}
+
 	public function GetClassAliasDetails()
 	{
 		return $this->m_oClassAlias;
@@ -424,6 +418,7 @@ class OqlObjectQuery extends OqlQuery
 	{
 		return $this->m_aJoins;
 	}
+
 	public function GetCondition()
 	{
 		return $this->m_oCondition;
@@ -432,44 +427,37 @@ class OqlObjectQuery extends OqlQuery
 	/**
 	 * Recursively check the validity of the expression with regard to the data model
 	 * and the query in which it is used
-	 * 	 	 
-	 * @param ModelReflection $oModelReflection MetaModel to consider	 	
+	 *
+	 * @param ModelReflection $oModelReflection MetaModel to consider
+	 *
 	 * @throws OqlNormalizeException
-	 */	 	
+	 */
 	public function Check(ModelReflection $oModelReflection, $sSourceQuery, $aParentAliases = array())
 	{
 		$sClass = $this->GetClass($oModelReflection);
 		$sClassAlias = $this->GetClassAlias();

-		if (!$oModelReflection->IsValidClass($sClass))
-		{
+		if (!$oModelReflection->IsValidClass($sClass)) {
 			throw new UnknownClassOqlException($sSourceQuery, $this->GetClassDetails(), $oModelReflection->GetClasses());
 		}

-		$aAliases = array_merge(array($sClassAlias => $sClass),$aParentAliases);
+		$aAliases = array_merge(array($sClassAlias => $sClass), $aParentAliases);

 		$aJoinSpecs = $this->GetJoins();
-		if (is_array($aJoinSpecs))
-		{
-			foreach ($aJoinSpecs as $oJoinSpec)
-			{
+		if (is_array($aJoinSpecs)) {
+			foreach ($aJoinSpecs as $oJoinSpec) {
 				$sJoinClass = $oJoinSpec->GetClass();
 				$sJoinClassAlias = $oJoinSpec->GetClassAlias();
-				if (!$oModelReflection->IsValidClass($sJoinClass))
-				{
+				if (!$oModelReflection->IsValidClass($sJoinClass)) {
 					throw new UnknownClassOqlException($sSourceQuery, $oJoinSpec->GetClassDetails(), $oModelReflection->GetClasses());
 				}
-				if (array_key_exists($sJoinClassAlias, $aAliases))
-				{
-					if ($sJoinClassAlias != $sJoinClass)
-					{
+				if (array_key_exists($sJoinClassAlias, $aAliases)) {
+					if ($sJoinClassAlias != $sJoinClass) {
 						throw new OqlNormalizeException('Duplicate class alias', $sSourceQuery, $oJoinSpec->GetClassAliasDetails());
-					}
-					else
-					{
+					} else {
 						throw new OqlNormalizeException('Duplicate class name', $sSourceQuery, $oJoinSpec->GetClassDetails());
 					}
-				} 
+				}

 				// Assumption: ext key on the left only !!!
 				// normalization should take care of this
@@ -480,85 +468,74 @@ class OqlObjectQuery extends OqlQuery
 				$oRightField = $oJoinSpec->GetRightField();
 				$sToClass = $oRightField->GetParent();
 				$sPKeyDescriptor = $oRightField->GetName();
-				if ($sPKeyDescriptor != 'id')
-				{
+				if ($sPKeyDescriptor != 'id') {
 					throw new OqlNormalizeException('Wrong format for Join clause (right hand), expecting an id', $sSourceQuery, $oRightField->GetNameDetails(), array('id'));
 				}

 				$aAliases[$sJoinClassAlias] = $sJoinClass;

-				if (!array_key_exists($sFromClass, $aAliases))
-				{
+				if (!array_key_exists($sFromClass, $aAliases)) {
 					throw new OqlNormalizeException('Unknown class in join condition (left expression)', $sSourceQuery, $oLeftField->GetParentDetails(), array_keys($aAliases));
 				}
-				if (!array_key_exists($sToClass, $aAliases))
-				{
+				if (!array_key_exists($sToClass, $aAliases)) {
 					throw new OqlNormalizeException('Unknown class in join condition (right expression)', $sSourceQuery, $oRightField->GetParentDetails(), array_keys($aAliases));
 				}
 				$aExtKeys = $oModelReflection->ListAttributes($aAliases[$sFromClass], \Combodo\iTop\Core\AttributeDefinition\AttributeExternalKey::class);
 				$aObjKeys = $oModelReflection->ListAttributes($aAliases[$sFromClass], \Combodo\iTop\Core\AttributeDefinition\AttributeObjectKey::class);
 				$aAllKeys = array_merge($aExtKeys, $aObjKeys);
-				if (!array_key_exists($sExtKeyAttCode, $aAllKeys))
-				{
+				if (!array_key_exists($sExtKeyAttCode, $aAllKeys)) {
 					throw new OqlNormalizeException('Unknown key in join condition (left expression)', $sSourceQuery, $oLeftField->GetNameDetails(), array_keys($aAllKeys));
 				}

-				if ($sFromClass == $sJoinClassAlias)
-				{
+				if ($sFromClass == $sJoinClassAlias) {
 					if (array_key_exists($sExtKeyAttCode, $aExtKeys)) // Skip that check for object keys
 					{
 						$sTargetClass = $oModelReflection->GetAttributeProperty($aAliases[$sFromClass], $sExtKeyAttCode, 'targetclass');
-						if(!$oModelReflection->IsSameFamilyBranch($aAliases[$sToClass], $sTargetClass))
-						{
+						if (!$oModelReflection->IsSameFamilyBranch($aAliases[$sToClass], $sTargetClass)) {
 							throw new OqlNormalizeException("The joined class ($aAliases[$sFromClass]) is not compatible with the external key, which is pointing to $sTargetClass", $sSourceQuery, $oLeftField->GetNameDetails());
 						}
 					}
-				}
-				else
-				{
+				} else {
 					$sOperator = $oJoinSpec->GetOperator();
-					switch($sOperator)
-					{
+					switch ($sOperator) {
 						case '=':
-						$iOperatorCode = TREE_OPERATOR_EQUALS;
-						break;
+							$iOperatorCode = TREE_OPERATOR_EQUALS;
+							break;
 						case 'BELOW':
-						$iOperatorCode = TREE_OPERATOR_BELOW;
-						break;
+							$iOperatorCode = TREE_OPERATOR_BELOW;
+							break;
 						case 'BELOW_STRICT':
-						$iOperatorCode = TREE_OPERATOR_BELOW_STRICT;
-						break;
+							$iOperatorCode = TREE_OPERATOR_BELOW_STRICT;
+							break;
 						case 'NOT_BELOW':
-						$iOperatorCode = TREE_OPERATOR_NOT_BELOW;
-						break;
+							$iOperatorCode = TREE_OPERATOR_NOT_BELOW;
+							break;
 						case 'NOT_BELOW_STRICT':
-						$iOperatorCode = TREE_OPERATOR_NOT_BELOW_STRICT;
-						break;
+							$iOperatorCode = TREE_OPERATOR_NOT_BELOW_STRICT;
+							break;
 						case 'ABOVE':
-						$iOperatorCode = TREE_OPERATOR_ABOVE;
-						break;
+							$iOperatorCode = TREE_OPERATOR_ABOVE;
+							break;
 						case 'ABOVE_STRICT':
-						$iOperatorCode = TREE_OPERATOR_ABOVE_STRICT;
-						break;
+							$iOperatorCode = TREE_OPERATOR_ABOVE_STRICT;
+							break;
 						case 'NOT_ABOVE':
-						$iOperatorCode = TREE_OPERATOR_NOT_ABOVE;
-						break;
+							$iOperatorCode = TREE_OPERATOR_NOT_ABOVE;
+							break;
 						case 'NOT_ABOVE_STRICT':
-						$iOperatorCode = TREE_OPERATOR_NOT_ABOVE_STRICT;
-						break;
+							$iOperatorCode = TREE_OPERATOR_NOT_ABOVE_STRICT;
+							break;
 					}
 					if (array_key_exists($sExtKeyAttCode, $aExtKeys)) // Skip that check for object keys
 					{
 						$sTargetClass = $oModelReflection->GetAttributeProperty($aAliases[$sFromClass], $sExtKeyAttCode, 'targetclass');
-						if(!$oModelReflection->IsSameFamilyBranch($aAliases[$sToClass], $sTargetClass))
-						{
+						if (!$oModelReflection->IsSameFamilyBranch($aAliases[$sToClass], $sTargetClass)) {
 							throw new OqlNormalizeException("The joined class ($aAliases[$sToClass]) is not compatible with the external key, which is pointing to $sTargetClass", $sSourceQuery, $oLeftField->GetNameDetails());
 						}
 					}
 					$aAttList = $oModelReflection->ListAttributes($aAliases[$sFromClass]);
 					$sAttType = $aAttList[$sExtKeyAttCode];
-					if(($iOperatorCode != TREE_OPERATOR_EQUALS) && !is_subclass_of($sAttType, \Combodo\iTop\Core\AttributeDefinition\AttributeHierarchicalKey::class) && ($sAttType != \Combodo\iTop\Core\AttributeDefinition\AttributeHierarchicalKey::class))
-					{
+					if (($iOperatorCode != TREE_OPERATOR_EQUALS) && !is_a($sAttType, \Combodo\iTop\Core\AttributeDefinition\AttributeHierarchicalKey::class, true)) {
 						throw new OqlNormalizeException("The specified tree operator $sOperator is not applicable to the key", $sSourceQuery, $oLeftField->GetNameDetails());
 					}
 				}
@@ -567,26 +544,23 @@ class OqlObjectQuery extends OqlQuery

 		// Check the select information
 		//
-		foreach ($this->GetSelectedClasses() as $oClassDetails)
-		{
+		foreach ($this->GetSelectedClasses() as $oClassDetails) {
 			$sClassToSelect = $oClassDetails->GetValue();
-			if (!array_key_exists($sClassToSelect, $aAliases))
-			{
+			if (!array_key_exists($sClassToSelect, $aAliases)) {
 				throw new OqlNormalizeException('Unknown class [alias]', $sSourceQuery, $oClassDetails, array_keys($aAliases));
 			}
 		}

 		// Check the condition tree
 		//
-		if ($this->m_oCondition instanceof Expression)
-		{
+		if ($this->m_oCondition instanceof Expression) {
 			$this->m_oCondition->Check($oModelReflection, $aAliases, $sSourceQuery);
 		}
 	}

 	/**
 	 * Make the relevant DBSearch instance (FromOQL)
-	 */	 	
+	 */
 	public function ToDBSearch($sQuery)
 	{
 		$sClass = $this->GetClass(new ModelReflectionRuntime());
@@ -594,6 +568,7 @@ class OqlObjectQuery extends OqlQuery

 		$oSearch = new DBObjectSearch($sClass, $sClassAlias);
 		$oSearch->InitFromOqlQuery($this, $sQuery);
+
 		return $oSearch;
 	}
 }
@@ -606,19 +581,15 @@ class OqlUnionQuery extends OqlQuery
 	{
 		parent::__construct();
 		$this->aQueries[] = $oLeftQuery;
-		if ($oRightQueryOrUnion instanceof OqlUnionQuery)
-		{
-			foreach ($oRightQueryOrUnion->GetQueries() as $oSingleQuery)
-			{
+		if ($oRightQueryOrUnion instanceof OqlUnionQuery) {
+			foreach ($oRightQueryOrUnion->GetQueries() as $oSingleQuery) {
 				$this->aQueries[] = $oSingleQuery;
 			}
-		}
-		else
-		{
+		} else {
 			$this->aQueries[] = $oRightQueryOrUnion;
 		}
 	}
-	
+
 	public function GetQueries()
 	{
 		return $this->aQueries;
@@ -627,66 +598,54 @@ class OqlUnionQuery extends OqlQuery
 	/**
 	 * Check the validity of the expression with regard to the data model
 	 * and the query in which it is used
-	 * 	 	 
-	 * @param ModelReflection $oModelReflection MetaModel to consider	 	
+	 *
+	 * @param ModelReflection $oModelReflection MetaModel to consider
+	 *
 	 * @throws OqlNormalizeException
-	 */	 	
+	 */
 	public function Check(ModelReflection $oModelReflection, $sSourceQuery)
 	{
 		$aColumnToClasses = array();
-		foreach ($this->aQueries as $iQuery => $oQuery)
-		{
+		foreach ($this->aQueries as $iQuery => $oQuery) {
 			$oQuery->Check($oModelReflection, $sSourceQuery);

 			$aAliasToClass = array($oQuery->GetClassAlias() => $oQuery->GetClass($oModelReflection));
 			$aJoinSpecs = $oQuery->GetJoins();
-			if (is_array($aJoinSpecs))
-			{
-				foreach ($aJoinSpecs as $oJoinSpec)
-				{
+			if (is_array($aJoinSpecs)) {
+				foreach ($aJoinSpecs as $oJoinSpec) {
 					$aAliasToClass[$oJoinSpec->GetClassAlias()] = $oJoinSpec->GetClass();
 				}
 			}

 			$aSelectedClasses = $oQuery->GetSelectedClasses();
-			if ($iQuery != 0)
-			{
-				if (count($aSelectedClasses) < count($aColumnToClasses))
-				{
+			if ($iQuery != 0) {
+				if (count($aSelectedClasses) < count($aColumnToClasses)) {
 					$oLastClass = end($aSelectedClasses);
 					throw new OqlNormalizeException('Too few selected classes in the subquery', $sSourceQuery, $oLastClass);
 				}
-				if (count($aSelectedClasses) > count($aColumnToClasses))
-				{
+				if (count($aSelectedClasses) > count($aColumnToClasses)) {
 					$oLastClass = end($aSelectedClasses);
 					throw new OqlNormalizeException('Too many selected classes in the subquery', $sSourceQuery, $oLastClass);
 				}
 			}
-			foreach ($aSelectedClasses as $iColumn => $oClassDetails)
-			{
+			foreach ($aSelectedClasses as $iColumn => $oClassDetails) {
 				$sAlias = $oClassDetails->GetValue();
 				$sClass = $aAliasToClass[$sAlias];
 				$aColumnToClasses[$iColumn][] = array(
-					'alias' => $sAlias,
-					'class' => $sClass,
+					'alias'      => $sAlias,
+					'class'      => $sClass,
 					'class_name' => $oClassDetails,
 				);
 			}
 		}
-		foreach ($aColumnToClasses as $iColumn => $aClasses)
-		{
+		foreach ($aColumnToClasses as $iColumn => $aClasses) {
 			$sRootClass = null;
-			foreach ($aClasses as $iQuery => $aData)
-			{
-				if ($iQuery == 0)
-				{
+			foreach ($aClasses as $iQuery => $aData) {
+				if ($iQuery == 0) {
 					// Establish the reference
 					$sRootClass = $oModelReflection->GetRootClass($aData['class']);
-				}
-				else
-				{
-					if ($oModelReflection->GetRootClass($aData['class']) != $sRootClass)
-					{
+				} else {
+					if ($oModelReflection->GetRootClass($aData['class']) != $sRootClass) {
 						$aSubclasses = $oModelReflection->EnumChildClasses($sRootClass, ENUM_CHILD_CLASSES_ALL);
 						throw new OqlNormalizeException('Incompatible classes: could not find a common ancestor', $sSourceQuery, $aData['class_name'], $aSubclasses);
 					}
@@ -699,21 +658,21 @@ class OqlUnionQuery extends OqlQuery
 	 * Determine the class
 	 *
 	 * @param ModelReflection $oModelReflection MetaModel to consider
+	 *
 	 * @return string
 	 * @throws Exception
 	 */
 	public function GetClass(ModelReflection $oModelReflection)
 	{
 		$aFirstColClasses = array();
-		foreach ($this->aQueries as $iQuery => $oQuery)
-		{
+		foreach ($this->aQueries as $iQuery => $oQuery) {
 			$aFirstColClasses[] = $oQuery->GetClass($oModelReflection);
 		}
 		$sClass = self::GetLowestCommonAncestor($oModelReflection, $aFirstColClasses);
-		if (is_null($sClass))
-		{
+		if (is_null($sClass)) {
 			throw new Exception('Could not determine the class of the union query. This issue should have been detected earlier by calling OqlQuery::Check()');
 		}
+
 		return $sClass;
 	}

@@ -726,6 +685,7 @@ class OqlUnionQuery extends OqlQuery
 	public function GetClassAlias()
 	{
 		$sAlias = $this->aQueries[0]->GetClassAlias();
+
 		return $sAlias;
 	}

@@ -735,29 +695,25 @@ class OqlUnionQuery extends OqlQuery
 	 *
 	 * @param ModelReflection $oModelReflection MetaModel to consider
 	 * @param array $aClasses Flat list of classes
+	 *
 	 * @return string the lowest common ancestor amongst classes, null if none has been found
 	 * @throws Exception
 	 */
 	public static function GetLowestCommonAncestor(ModelReflection $oModelReflection, $aClasses)
 	{
 		$sAncestor = null;
-		foreach($aClasses as $sClass)
-		{
-			if (is_null($sAncestor))
-			{
+		foreach ($aClasses as $sClass) {
+			if (is_null($sAncestor)) {
 				// first loop
 				$sAncestor = $sClass;
-			}
-			elseif ($oModelReflection->GetRootClass($sClass) != $oModelReflection->GetRootClass($sAncestor))
-			{
+			} elseif ($oModelReflection->GetRootClass($sClass) != $oModelReflection->GetRootClass($sAncestor)) {
 				$sAncestor = null;
 				break;
-			}
-			else
-			{
+			} else {
 				$sAncestor = self::LowestCommonAncestor($oModelReflection, $sAncestor, $sClass);
 			}
 		}
+
 		return $sAncestor;
 	}

@@ -766,37 +722,32 @@ class OqlUnionQuery extends OqlQuery
 	 */
 	protected static function LowestCommonAncestor(ModelReflection $oModelReflection, $sClassA, $sClassB)
 	{
-		if ($sClassA == $sClassB)
-		{
+		if ($sClassA == $sClassB) {
 			$sRet = $sClassA;
-		}
-		elseif (in_array($sClassA, $oModelReflection->EnumChildClasses($sClassB)))
-		{
+		} elseif (in_array($sClassA, $oModelReflection->EnumChildClasses($sClassB))) {
 			$sRet = $sClassB;
-		}
-		elseif (in_array($sClassB, $oModelReflection->EnumChildClasses($sClassA)))
-		{
+		} elseif (in_array($sClassB, $oModelReflection->EnumChildClasses($sClassA))) {
 			$sRet = $sClassA;
-		}
-		else
-		{
+		} else {
 			// Recurse
 			$sRet = self::LowestCommonAncestor($oModelReflection, $sClassA, $oModelReflection->GetParentClass($sClassB));
 		}
+
 		return $sRet;
 	}
+
 	/**
 	 * Make the relevant DBSearch instance (FromOQL)
-	 */	 	
+	 */
 	public function ToDBSearch($sQuery)
 	{
 		$aSearches = array();
-		foreach ($this->aQueries as $oQuery)
-		{
+		foreach ($this->aQueries as $oQuery) {
 			$aSearches[] = $oQuery->ToDBSearch($sQuery);
 		}

 		$oSearch = new DBUnionSearch($aSearches);
+
 		return $oSearch;
 	}
 }
--- a/core/ormcaselog.class.inc.php
+++ b/core/ormcaselog.class.inc.php
@@ -370,7 +370,7 @@ class ormCaseLog
 	/**
 	 * Produces an HTML representation, aimed at being used within the iTop framework
 	 */
-	public function GetAsHTML(WebPage $oP = null, $bEditMode = false, $aTransfoHandler = null)
+	public function GetAsHTML(?WebPage $oP = null, $bEditMode = false, $aTransfoHandler = null)
 	{
 		$bPrintableVersion = (utils::ReadParam('printable', '0') == '1');

--- a/core/ormdocument.class.inc.php
+++ b/core/ormdocument.class.inc.php
@@ -362,8 +362,7 @@ class ormDocument
 					throw new Exception("Invalid id ($id) for class '$sClass' - the object does not exist or you are not allowed to view it");
 				}
 			}
-			if (($sSecretField != null) && ($oObj->Get($sSecretField) != $sSecretValue)) {
-				usleep(200);
+			if (($sSecretField != null) && !hash_equals($oObj->Get($sSecretField), $sSecretValue)) {
 				throw new Exception("Invalid secret for class '$sClass' - the object does not exist or you are not allowed to view it");
 			}
 			/** @var \ormDocument $oDocument */
--- a/core/ormlinkset.class.inc.php
+++ b/core/ormlinkset.class.inc.php
@@ -93,7 +93,7 @@ class ormLinkSet implements iDBObjectSetIterator, Iterator, SeekableIterator
 	 * @param DBObjectSet|null $oOriginalSet
 	 * @throws Exception
 	 */
-	public function __construct($sHostClass, $sAttCode, DBObjectSet $oOriginalSet = null)
+	public function __construct($sHostClass, $sAttCode, ?DBObjectSet $oOriginalSet = null)
 	{
 		$this->sHostClass = $sHostClass;
 		$this->sAttCode = $sAttCode;
--- a/core/ormpassword.class.inc.php
+++ b/core/ormpassword.class.inc.php
@@ -98,9 +98,9 @@ class ormPassword
 		$bResult = false;
 		$aInfo = password_get_info($this->m_sHashed);
 		if (is_null($aInfo["algo"]) || $aInfo["algo"] === 0) {
-			//unknown, assume it's a legacy password
+			// - Unknown algorithm, assume it's a legacy password
 			$sHashedPwd = $this->ComputeHash($sClearTextPassword);
-			$bResult = ($this->m_sHashed == $sHashedPwd);
+			$bResult = hash_equals($this->m_sHashed, $sHashedPwd);
 		} else {
 			$bResult = password_verify($sClearTextPassword, $this->m_sHashed);
 		}
--- a/core/userrights.class.inc.php
+++ b/core/userrights.class.inc.php
@@ -415,12 +415,7 @@ abstract class User extends cmdbAbstractObject
 							$this->m_aCheckIssues[] = Dict::S('Class:User/Error:CurrentProfilesHaveInsufficientRights');
 						}
 						$oAddon->ResetCache();
-
-						if (is_null($aCurrentProfiles)) {
-							Session::IsSet('profile_list');
-						} else {
-							Session::Set('profile_list', $aCurrentProfiles);
-						}
+						Session::Set('profile_list', $aCurrentProfiles);
 					}
 					// Prevent an administrator to remove their own admin profile
 					if (UserRights::IsAdministrator($this)) {
--- a/css/backoffice/blocks-integrations/_all.scss
+++ b/css/backoffice/blocks-integrations/_all.scss
@@ -22,5 +22,4 @@
@import "medallion-with-blocklist";
@import "field-badge-within-datatable";
@import "jquery-blockui-within-dialog";
-@import "jquery-blockui-within-datatable";
-@import "badge-with-badge";
+@import "jquery-blockui-within-datatable";
--- a/css/backoffice/blocks-integrations/_badge-with-badge.scss
+++ b/css/backoffice/blocks-integrations/_badge-with-badge.scss
@@ -1,10 +0,0 @@
-/*
- * @copyright   Copyright (C) 2010-2024 Combodo SAS
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-$ibo-badge--spacing-left--with-same-block: $ibo-spacing-200 !default;
-
-.ibo-badge + .ibo-badge {
-  margin-left: $ibo-badge--spacing-left--with-same-block;
-}
--- a/css/backoffice/blocks-integrations/field/_field-with-field.scss
+++ b/css/backoffice/blocks-integrations/field/_field-with-field.scss
@@ -4,7 +4,7 @@
 */
 $ibo-field--spacing-top--with-same-block: $ibo-spacing-500 !default;

-.ibo-field + .ibo-field {
+.ibo-field + .ibo-field:not(:empty) {
  margin-top: $ibo-field--spacing-top--with-same-block;
 }

--- a/css/backoffice/components/_all.scss
+++ b/css/backoffice/components/_all.scss
@@ -33,5 +33,4 @@
@import "field-badge";
@import "file-select";
@import "medallion-icon";
-@import "toast";
-@import "badge";
+@import "toast";
--- a/css/backoffice/components/_badge.scss
+++ b/css/backoffice/components/_badge.scss
@@ -1,41 +0,0 @@
-$ibo-badge--padding-x : $ibo-spacing-200 !default;
-$ibo-badge--padding-y : $ibo-spacing-100 !default;
-$ibo-badge--border-radius : $ibo-border-radius-400 !default;
-
-$ibo-badge-colors: (
-		'primary': ($ibo-color-primary-100, $ibo-color-primary-900),
-		'secondary': ($ibo-color-secondary-100, $ibo-color-secondary-900),
-		'neutral': ($ibo-color-secondary-100, $ibo-color-secondary-900),
-		'information': ($ibo-color-information-100, $ibo-color-information-900),
-		'success': ($ibo-color-success-100, $ibo-color-success-900),
-		'failure': ($ibo-color-danger-100, $ibo-color-danger-900),
-		'warning': ($ibo-color-warning-100,$ibo-color-warning-900),
-		'danger': ($ibo-color-danger-100,$ibo-color-danger-900),
-		'grey' : ($ibo-color-grey-100, $ibo-color-grey-900),
-		'blue-grey': ($ibo-color-blue-grey-100, $ibo-color-blue-grey-900),
-		'blue': ($ibo-color-blue-100, $ibo-color-blue-900),
-		'cyan': ($ibo-color-cyan-100, $ibo-color-cyan-900),
-		'green': ($ibo-color-green-100, $ibo-color-green-900),
-		'orange' : ($ibo-color-orange-100, $ibo-color-orange-900),
-		'red': ($ibo-color-red-100, $ibo-color-red-900),
-		'pink': ($ibo-color-pink-100, $ibo-color-pink-900),
-) !default;
-
-
-
-.ibo-badge {
-	display: inline-block;
-	white-space: nowrap;
-	padding : $ibo-badge--padding-y $ibo-badge--padding-x;
-	border-radius : $ibo-badge--border-radius;
-	@extend %ibo-font-ral-med-50;
-
-	@each $sColor, $aColorValues in $ibo-badge-colors {
-		$bg-color: nth($aColorValues, 1);
-		$text-color: nth($aColorValues, 2);
-		&.ibo-is-#{$sColor} {
-			background-color: $bg-color;
-			color: $text-color;
-		}
-	}
-}
--- a/css/backoffice/components/_form.scss
+++ b/css/backoffice/components/_form.scss
@@ -6,4 +6,72 @@
 .ibo-prop-header {
  @extend %ibo-font-size-150;
  padding-bottom: 14px;
-}
+}
+
+.help-text{
+  padding: 1px 5px;
+  background-color: #d7e3f8;
+  border: 1px solid #c6e7f5;
+  border-radius: 5px;
+  margin: 5px 0;
+  font-size: 0.9em;
+}
+
+.form-error ul{
+  padding: 1px 5px;
+  background-color: #f8d7da;
+  border: 1px solid #f5c6cb;
+  border-radius: 5px;
+  margin: 5px 0;
+  font-size: 0.9em;
+}
+
+.subform{
+  background-color: #efefef;
+  border-radius: 5px;
+  padding: 10px;
+}
+
+.form-buttons{
+  margin: 20px 0;
+}
+
+.form select{
+  padding: 0;
+  overflow-y: auto;
+}
+
+.form select option{
+  height: 30px;
+  display: flex;
+  align-items: center;
+}
+
+.turbo-refreshing{
+  opacity: .5;
+}
+
+.ibo-field legend{
+  margin-top: 24px;
+}
+
+collection-entry-element {
+  margin-top: 8px;
+  display: block;
+  padding: 10px 10px;
+  background-color: #f5f5f5;
+  border-radius: 5px;
+}
+.ts-control{
+  height: auto;
+  min-height: 30px;
+}
+
+.ibo-form-actions > .ibo-button > span{
+  margin-right: 5px;
+}
+
+.ibo-form textarea{
+  resize: vertical;
+}
+
--- a/css/backoffice/components/_panel.scss
+++ b/css/backoffice/components/_panel.scss
@@ -72,9 +72,12 @@ $ibo-panel--icon--spacing--as-medallion--is-sticking: $ibo-panel--icon--spacing-
 $ibo-panel--icon--bottom--as-medallion--is-sticking: -12px !default;
 $ibo-panel--icon--border--as-medallion--is-sticking: 1px $ibo-panel--base-border-style $ibo-panel--base-border-color !default;

-$ibo-panel--icon-background--size--must-contain: contain !default;
-$ibo-panel--icon-background--size--must-cover: cover !default;
-$ibo-panel--icon-background--size--must-zoomout: 66.67% !default;
+$ibo-panel--icon-background--size--must-contain: contain !default; // deprecated, to be removed in favor of $ibo-panel--icon-img--size--must-contain
+$ibo-panel--icon-background--size--must-cover: cover !default; // deprecated, to be removed in favor of $ibo-panel--icon-img--size--must-cover
+$ibo-panel--icon-background--size--must-zoomout: 66.67% !default; // deprecated, to be removed in favor of $ibo-panel--icon-img--size--must-zoomout
+$ibo-panel--icon-img--size--must-contain: $ibo-panel--icon-background--size--must-contain !default; // TODO remove when dealing with N°9317
+$ibo-panel--icon-img--size--must-cover: $ibo-panel--icon-background--size--must-cover !default; // TODO remove when dealing with N°9317
+$ibo-panel--icon-img--size--must-zoomout: $ibo-panel--icon-background--size--must-zoomout !default; // TODO remove when dealing with N°9317

 $ibo-panel--title--font-size--is-sticking: $ibo-font-size-150 !default;
 $ibo-panel--title--color: $ibo-color-grey-900 !default;
@@ -179,24 +182,25 @@ $ibo-panel--is-selectable--body--after--font-size: $ibo-font-size-700 !default;
  min-height: $ibo-panel--icon--size;
 }

-.ibo-panel--icon-background {
+.ibo-panel--icon-img, .ibo-panel--icon-background { // second class is deprecated, remove it when dealing with N°9317
  width: 100%;
  height: 100%;
  background-position: center;
  background-repeat: no-repeat;
-  background-size: $ibo-panel--icon-background--size--must-contain;
+  background-size: $ibo-panel--icon-img--size--must-contain;
 }

-.ibo-panel--icon-background--must-contain {
-  background-size: $ibo-panel--icon-background--size--must-contain;
+.ibo-panel--icon-img--must-contain, .ibo-panel--icon-background--must-contain { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-panel--icon-img--size--must-contain;
 }

-.ibo-panel--icon-background--must-cover {
-  background-size: $ibo-panel--icon-background--size--must-cover;
+.ibo-panel--icon-img--must-cover, .ibo-panel--icon-background--must-cover { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-panel--icon-img--size--must-cover;
 }

-.ibo-panel--icon-background--must-zoomout {
-  background-size: $ibo-panel--icon-background--size--must-zoomout;
+.ibo-panel--icon-img--must-zoomout, .ibo-panel--icon-background--must-zoomout { // second class is deprecated, remove it when dealing with N°9317
+  width: $ibo-panel--icon-img--size--must-zoomout;
+  height: $ibo-panel--icon-img--size--must-zoomout;
 }

 .ibo-panel--title {
--- a/css/backoffice/components/_title.scss
+++ b/css/backoffice/components/_title.scss
@@ -11,9 +11,12 @@ $ibo-title--icon--size: 90px !default;
 $ibo-title--icon--size-2: 80px !default;
 $ibo-title--icon--size-3: 70px !default;

-$ibo-title--icon-background--size--must-contain: contain !default;
-$ibo-title--icon-background--size--must-cover: cover !default;
-$ibo-title--icon-background--size--must-zoomout: 66.67% !default;
+$ibo-title--icon-background--size--must-contain: contain !default; // deprecated, to be removed in favor of $ibo-title--icon-img--size--must-contain
+$ibo-title--icon-background--size--must-cover: cover !default; // deprecated, to be removed in favor of $ibo-title--icon-img--size--must-cover
+$ibo-title--icon-background--size--must-zoomout: 66.67% !default; // deprecated, to be removed in favor of $ibo-title--icon-img--size--must-zoomout
+$ibo-title--icon-img--size--must-contain: $ibo-title--icon-background--size--must-contain !default; // TODO remove when dealing with N°9317
+$ibo-title--icon-img--size--must-cover: $ibo-title--icon-background--size--must-cover !default; // TODO remove when dealing with N°9317
+$ibo-title--icon-img--size--must-zoomout: $ibo-title--icon-background--size--must-zoomout !default; // TODO remove when dealing with N°9317


 .ibo-title {
@@ -44,24 +47,23 @@ $ibo-title--icon-background--size--must-zoomout: 66.67% !default;
  min-height: $ibo-title--icon--size-3;
 }

-.ibo-title--icon-background {
+.ibo-title--icon-img, .ibo-title--icon-background { // second class is deprecated, remove it when dealing with N°9317
  width: 100%;
  height: 100%;
-  background-position: center;
-  background-repeat: no-repeat;
-  background-size: $ibo-title--icon-background--size--must-contain;
+  object-position: center;
+  background-size: $ibo-title--icon-img--size--must-contain;
 }

-.ibo-title--icon-background--must-contain {
-  background-size: $ibo-title--icon-background--size--must-contain;
+.ibo-title--icon-img--must-contain, .ibo-title--icon-background--must-contain { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-title--icon-img--size--must-contain;
 }

-.ibo-title--icon-background--must-cover {
-  background-size: $ibo-title--icon-background--size--must-cover;
+.ibo-title--icon-img--must-cover, .ibo-title--icon-background--must-cover { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-title--icon-img--size--must-cover;
 }

-.ibo-title--icon-background--must-zoomout {
-  background-size: $ibo-title--icon-background--size--must-zoomout;
+.ibo-title--icon-img--must-zoomout, .ibo-title--icon-background--must-zoomout { // second class is deprecated, remove it when dealing with N°9317
+  background-size: $ibo-title--icon-img--size--must-zoomout;
 }

 .ibo-title--for-object-details {
--- a/css/backoffice/components/input/_input-toggler.scss
+++ b/css/backoffice/components/input/_input-toggler.scss
@@ -8,7 +8,6 @@ $ibo-toggler--wrapper--height: 20px !default;

 $ibo-toggler--slider--border-radius: $ibo-border-radius-900 !default;
 $ibo-toggler--slider--background-color: $ibo-color-secondary-600 !default;
-$ibo-toggler--slider--disabled--background-color: $ibo-color-secondary-200 !default;

 $ibo-toggler--slider--before--left: 3px !default;
 $ibo-toggler--slider--before--bottom: 3px !default;
@@ -18,7 +17,6 @@ $ibo-toggler--slider--before--border-radius: $ibo-border-radius-full !default;
 $ibo-toggler--slider--before--background-color: $ibo-color-grey-100 !default;

 $ibo-toggler--slider--checked--background-color: $ibo-color-primary-600 !default;
-$ibo-toggler--slider--checked-disabled--background-color: $ibo-color-primary-200 !default;
 $ibo-toggler--slider--focus--box-shadow: 0 0 1px $ibo-color-primary-600 !default;

 $ibo-toggler--label--margin-left: 4px !default;
@@ -63,13 +61,6 @@ $ibo-toggler--label--margin-left: 4px !default;
  background-color: $ibo-toggler--slider--checked--background-color;
 }

-.ibo-toggler--wrapper input:disabled + .ibo-toggler--slider {
-  background-color: $ibo-toggler--slider--disabled--background-color;
-}
-.ibo-toggler--wrapper input:checked:disabled + .ibo-toggler--slider {
-  background-color: $ibo-toggler--slider--checked-disabled--background-color;
-}
-
 input:focus + .ibo-toggler--slider {
  box-shadow: $ibo-toggler--slider--focus--box-shadow;
 }
--- a/css/backoffice/layout/_all.scss
+++ b/css/backoffice/layout/_all.scss
@@ -15,4 +15,3 @@
@import "wizard-container/wizard-container";
@import "object/all";
@import "activity-panel/all";
-@import "extension/all";
--- a/css/backoffice/layout/extension/_all.scss
+++ b/css/backoffice/layout/extension/_all.scss
@@ -1 +0,0 @@
-@import "extension-details";
--- a/css/backoffice/layout/extension/_extension-details.scss
+++ b/css/backoffice/layout/extension/_extension-details.scss
@@ -1,54 +0,0 @@
-$ibo-extension-details--information--metadata--padding: $ibo-spacing-200 !default;
-$ibo-extension-details--information--metadata--delimiter: "-" !default;
-$ibo-extension-details--information--metadata--color: $ibo-color-grey-700 !default;
-$ibo-extension-details--actions--button--padding-y: 3px !default;
-$ibo-extension-details--actions--button--padding-x: $ibo-button--padding-x !default;
-
-.ibo-extension-details {
-	display: inline-flex;
-	flex-direction: row;
-	justify-content: space-between;
-	align-items: center;
-	width: 100%;
-}
-
-.ibo-extension-details--information {
-	flex-grow: 1;
-	display: flex;
-	flex-direction: column;
-}
-
-.ibo-extension-details--actions {
-	display: flex;
-}
-
-.ibo-extension-details--information--label {
-	@extend %ibo-font-ral-med-150;
-}
-
-.ibo-extension-details--information--metadata {
-	@extend %ibo-font-ral-med-100;
-	color: $ibo-extension-details--information--metadata--color;
-}
-
-.ibo-extension-details--information--description {
-	@extend %ibo-font-ral-med-100;
-}
-
-.ibo-extension-details--information--metadata span + span:before {
-	content: $ibo-extension-details--information--metadata--delimiter;
-	padding-left: $ibo-extension-details--information--metadata--padding;
-	padding-right: $ibo-extension-details--information--metadata--padding;
-}
-
-.ibo-extension-details:has(input:checked) .ibo-badge.unchecked, .ibo-extension-details:has(input:not(:checked)) .ibo-badge.checked {
-	display: none;
-}
-
-.ibo-extension-details--actions > button {
-	padding: $ibo-extension-details--actions--button--padding-y $ibo-extension-details--actions--button--padding-x;
-}
-
-.ibo-extension-details--actions:has(.toggler-install:not(:disabled)) .ibo-popover-menu--section a[data-resource-id="force_uninstall"] {
-	display: none;
-}
--- a/css/backoffice/layout/multi-column/_multi-column.scss
+++ b/css/backoffice/layout/multi-column/_multi-column.scss
@@ -5,9 +5,11 @@

 $ibo-multi-column--margin-x: -$ibo-spacing-500 !default; /* This is to compensate columns padding and make the whole multicolumn align with the parent borders (cf. Bootstrap rows / cols) */
 $ibo-multi-column--margin-y: $ibo-spacing-0 !default;
+$ibo-multi-column--row-gap: $ibo-spacing-800 !default;

 .ibo-multi-column {
  display: flex;
  flex-wrap: wrap;
  margin: $ibo-multi-column--margin-y $ibo-multi-column--margin-x;
+  row-gap: $ibo-multi-column--row-gap;
 }
--- a/css/backoffice/vendors/_selectize.scss
+++ b/css/backoffice/vendors/_selectize.scss
@@ -29,7 +29,7 @@ $ibo-vendors-selectize--element--active--background: $ibo-color-blue-100 !defaul
 $ibo-vendors-selectize--element--active--color: $ibo-color-grey-900 !default;

 $ibo-vendors-selectize--dropdown--background-color: $ibo-vendors-selectize-input--background-color !default;
-$ibo-vendors-selectize--dropdown--color:  $ibo-vendors-selectize-input--color!default;
+$ibo-vendors-selectize--dropdown--color: $ibo-vendors-selectize-input--color !default;

 $ibo-vendors-selectize--header--padding-x: 8px !default;
 $ibo-vendors-selectize--header--padding-y: 5px !default;
--- a/css/backoffice/vendors/_tomselect.scss
+++ b/css/backoffice/vendors/_tomselect.scss
@@ -0,0 +1,3 @@
+@import "../../../node_modules/tom-select/dist/scss/tom-select.scss";
+
+$select-color-item-active-border: $ibo-input--focus--border-color;
--- a/css/setup.css
+++ b/css/setup.css
--- a/css/setup.scss
+++ b/css/setup.scss
@@ -328,10 +328,10 @@ fieldset {
 				}
 			}
 		}
-		&:not(:checked) ~ label .checked{
+		&:not(:checked) ~ label .setup-extension-tag.checked{
 			display:none;
 		}
-		&:checked ~ label .unchecked{
+		&:checked ~ label .setup-extension-tag.unchecked{
 			display:none;
 		}
 	}
@@ -522,12 +522,10 @@ body {
  }
 }

-.ibo-setup-summary-title, .ibo-setup-summary-title:visited, .ibo-setup-summary-title:hover {
-	font-size: $ibo-font-size-150;
-	color: inherit;
+.ibo-setup-summary-title {
+  font-size: $ibo-font-size-150;
 }

-
 #ibo-setup-licenses--components-list {
  background-color: $ibo-color-white-200;
  padding: 12px;
@@ -607,7 +605,6 @@ body {
 	color:#a00000;
 }
 .setup-extension-tag {
-  display: inline-flex;
 	background-color: grey;
 	border-radius: 8px;
 	padding-left: 3px;
@@ -684,6 +681,9 @@ body {
    overflow: auto;
    text-align: center;
  }
+  #installation_progress {
+    display: none;
+  }
  #fresh_content{
    border: 0;
    min-height: 300px;
--- a/datamodels/2.x/combodo-data-feature-removal/assets/img/.gitkeep
+++ b/datamodels/2.x/combodo-data-feature-removal/assets/img/.gitkeep
--- a/datamodels/2.x/authent-local/datamodel.authent-local.xml
+++ b/datamodels/2.x/authent-local/datamodel.authent-local.xml
@@ -2,7 +2,7 @@
 <itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.3">
  <module_parameters>
    <parameters id="authent-local" _delta="define">
-      <password_validation.pattern>^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\da-zA-Z]).{8,}$</password_validation.pattern>
+      <password_validation.pattern>^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^\da-zA-Z]).{12,}$</password_validation.pattern>
      <password_validation.message type="hash"/>
    </parameters>
  </module_parameters>
--- a/datamodels/2.x/authent-local/dictionaries/cs.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/cs.dict.authent-local.php
@@ -29,7 +29,7 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Heslo nemůže uživatel změnit.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Heslo bylo obnoveno',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Termín, kdy bylo heslo změneno',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Heslo musí obsahovat minimálně 8 znaků a musí obsahovat minimálně jedno velké písmeno, jedno malé písmeno, jedno číslo a speciální znak.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Heslo musí obsahovat minimálně 12 znaků a musí obsahovat minimálně jedno velké písmeno, jedno malé písmeno, jedno číslo a speciální znak.',
 	'UserLocal:password:expiration' => 'Níže uvedená pole vyžadují rozšíření',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Nastavení exspirace "Jednorázového hesla" nelze u vlastního účtu uživatele.',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/da.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/da.dict.authent-local.php
@@ -28,7 +28,7 @@ Dict::Add('DA DA', 'Danish', 'Dansk', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/de.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/de.dict.authent-local.php
@@ -28,7 +28,7 @@ Dict::Add('DE DE', 'German', 'Deutsch', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Letzte Passworterneuerung',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Letztes Änderungsdatum',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Das Passwort entspricht nicht dem in den Konfigurationsregeln hinterlegten RegEx-Ausdruck',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Das Passwort muss mindestens 12 Zeichen lang sein und Großbuchstaben, Kleinbuchstaben, Zahlen und Sonderzeichen enthalten.',
 	'UserLocal:password:expiration' => 'Die folgenden Felder benötigen eine '.ITOP_APPLICATION_SHORT.' Erweiterung',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Das setzen des Passwortablaufs auf "Einmalpasswort" ist für den eigenen Benutzer nicht erlaubt.',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/en.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/en.dict.authent-local.php
@@ -55,7 +55,7 @@ Dict::Add('EN US', 'English', 'English', [
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed',

-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.',
 	'UserLocal:password:expiration' => 'The fields below require an extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/en_gb.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/en_gb.dict.authent-local.php
@@ -55,7 +55,7 @@ Dict::Add('EN GB', 'British English', 'British English', [
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed',

-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.',
 	'UserLocal:password:expiration' => 'The fields below require an extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/es_cr.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/es_cr.dict.authent-local.php
@@ -25,7 +25,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellano', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'El usuario no puede cambiar la contraseña.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Renovación de contraseña',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Cuando fue el último cambio de contraseña',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 8 caracteres e incluír mayúsculas, minúsculas, números y caracteres especiales.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 12 caracteres e incluir mayúsculas, minúsculas, números y caracteres especiales.',
 	'UserLocal:password:expiration' => 'El siguiente campo requiere una extensión',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Configurar expiración de contraseña para "ontraseña de un solo uso" no está permitido para su propio Usuario',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/fr.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/fr.dict.authent-local.php
@@ -27,7 +27,7 @@ Dict::Add('FR FR', 'French', 'Français', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Mot de passe changé le',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Dernière date à laquelle le mot de passe a été changé',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Le mot de passe doit contenir au moins 8 caractères, avec minuscule, majuscule, nombre et caractère spécial.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Le mot de passe doit contenir au moins 12 caractères, avec minuscule, majuscule, nombre et caractère spécial.',
 	'UserLocal:password:expiration' => 'Les champs ci-dessous nécessitent une extension',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Impossible de mettre "Usage unique" comme validité du mot de passe pour son propre utilisateur.',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/hu.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/hu.dict.authent-local.php
@@ -27,7 +27,7 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'A felhasználó nem változtathat jelszót.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Jelszó megújítás ideje',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'A jelszó legutóbbi módosításának időpontja',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A jelszónak legalább 8 karakterből kell állnia, és tartalmaznia kell nagybetűket, kisbetűket, numerikus és speciális karaktereket.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'A jelszónak legalább 12 karakterből kell állnia, és tartalmaznia kell nagybetűket, kisbetűket, numerikus és speciális karaktereket.',
 	'UserLocal:password:expiration' => 'Az alábbi mezőkhöz egy bővítmény szükséges',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'A jelszó lejárati idejének beállítása "Egyszeri jelszóra" nem engedélyezett a saját Felhasználó számára.',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/it.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/it.dict.authent-local.php
@@ -27,7 +27,7 @@ Dict::Add('IT IT', 'Italian', 'Italiano', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'La password non può essere cambiata dall\'utente.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Rinnovo della password',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Quando è stata cambiata l\'ultima volta la password',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La password deve essere di almeno 8 caratteri e includere lettere maiuscole, minuscole, numeri e caratteri speciali.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La password deve essere di almeno 12 caratteri e includere lettere maiuscole, minuscole, numeri e caratteri speciali.',
 	'UserLocal:password:expiration' => 'I campi sottostanti richiedono un\'estensione',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Impostare la scadenza della password su "Password monouso" non è consentito per il proprio utente',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/ja.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/ja.dict.authent-local.php
@@ -28,7 +28,7 @@ Dict::Add('JA JP', 'Japanese', '日本語', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/nl.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/nl.dict.authent-local.php
@@ -28,7 +28,7 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'De gebruiker kan dit wachtwoord niet veranderen.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Wachtwoord laatst aangepast',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Tijdstip waarop het wachtwoord het laatst aangepast werd.',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Het wachtwoord bestaat uit minstens 8 tekens en bestaat uit een mix van minstens 1 hoofdletter, kleine letter, cijfer en speciaal teken.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Het wachtwoord bestaat uit minstens 12 tekens en bestaat uit een mix van minstens 1 hoofdletter, kleine letter, cijfer en speciaal teken.',
 	'UserLocal:password:expiration' => 'De velden hieronder vereisen een extensie.',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Je kan geen eenmalig wachtwoord instellen voor je eigen gebruiker.',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/pl.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/pl.dict.authent-local.php
@@ -27,7 +27,7 @@ Dict::Add('PL PL', 'Polish', 'Polski', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Hasło nie może być zmienione przez użytkownika.',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Odnowienie hasła',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Kiedy ostatnio zmieniano hasło',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Hasło musi mieć co najmniej 8 znaków i zawierać duże, małe litery, cyfry i znaki specjalne.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Hasło musi mieć co najmniej 12 znaków i zawierać duże, małe litery, cyfry i znaki specjalne.',
 	'UserLocal:password:expiration' => 'Poniższe pola wymagają rozszerzenia',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Ustawienie wygaśnięcia hasła "Hasło jednorazowe" nie jest dozwolone dla własnego użytkownika',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/ru.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/ru.dict.authent-local.php
@@ -28,7 +28,7 @@ Dict::Add('RU RU', 'Russian', 'Русский', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Дата изменения пароля',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'Когда пароль был изменен в последний раз',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Пароль должен содержать не менее 8 символов и включать прописные, строчные, числовые и специальные символы.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Пароль должен содержать не менее 12 символов и включать прописные, строчные, числовые и специальные символы.',
 	'UserLocal:password:expiration' => 'Поля требуют наличия доп. расширения',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/sk.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/sk.dict.authent-local.php
@@ -27,7 +27,7 @@ Dict::Add('SK SK', 'Slovak', 'Slovenčina', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/tr.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/tr.dict.authent-local.php
@@ -28,7 +28,7 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => 'Password cannot be changed by the user.~~',
 	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewed on~~',
 	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 12 characters and include uppercase, lowercase, numeric and special characters.~~',
 	'UserLocal:password:expiration' => 'The fields below require an extension~~',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => 'Setting password expiration to "One-time password" is not allowed for your own User~~',
 ]);
--- a/datamodels/2.x/authent-local/dictionaries/zh_cn.dict.authent-local.php
+++ b/datamodels/2.x/authent-local/dictionaries/zh_cn.dict.authent-local.php
@@ -51,7 +51,7 @@ Dict::Add('ZH CN', 'Chinese', '简体中文', [
 	'Class:UserLocal/Attribute:expiration/Value:otp_expire+' => '用户不允许修改密码.',
 	'Class:UserLocal/Attribute:password_renewed_date' => '密码更新',
 	'Class:UserLocal/Attribute:password_renewed_date+' => '上次修改密码的时间',
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => '密码必须至少8个字符, 包含大小写, 数字和特殊字符.',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => '密码必须至少12个字符, 包含大小写, 数字和特殊字符.',
 	'UserLocal:password:expiration' => '下面的区域需要插件扩展',
 	'Class:UserLocal/Error:OneTimePasswordChangeIsNotAllowed' => '不允许用户为自己设置 "一次性密码" 的失效期限',
 ]);
--- a/datamodels/2.x/combodo-data-feature-removal/assets/css/DataFeatureRemoval.css
+++ b/datamodels/2.x/combodo-data-feature-removal/assets/css/DataFeatureRemoval.css
@@ -1,9 +0,0 @@
-/*
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/*
- * CSS of the template page
- */
-
--- a/datamodels/2.x/combodo-data-feature-removal/assets/js/DataFeatureRemoval.js
+++ b/datamodels/2.x/combodo-data-feature-removal/assets/js/DataFeatureRemoval.js
@@ -1,9 +0,0 @@
-/*
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/*
- * Javascript file loaded in template page
- */
-
--- a/datamodels/2.x/combodo-data-feature-removal/composer.json
+++ b/datamodels/2.x/combodo-data-feature-removal/composer.json
@@ -1,17 +0,0 @@
-{
-  "config": {
-    "classmap-authoritative": true
-  },
-  "autoload": {
-    "psr-4": {
-      "Combodo\\iTop\\DataFeatureRemoval\\": "src",
-      "": "src/NoNamespace"
-    }
-  },
-  "name": "combodo/combodo-data-feature-removal",
-  "type": "itop-extension",
-  "description": "iTop Data Feature Removal",
-  "require": {
-    "composer-runtime-api": "^2.0"
-  }
-}
--- a/datamodels/2.x/combodo-data-feature-removal/datamodel.combodo-data-feature-removal.xml
+++ b/datamodels/2.x/combodo-data-feature-removal/datamodel.combodo-data-feature-removal.xml
@@ -1,163 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.3">
-  <classes>
-    <class id="DataFeatureRemoverExtension" _delta="define">
-      <properties>
-        <category>grant_by_profile</category>
-        <db_table>data_feature_removal_extension</db_table>
-        <naming>
-          <attributes/>
-        </naming>
-        <reconciliation>
-          <attributes>
-            <attribute id="extension_code"/>
-          </attributes>
-        </reconciliation>
-        <uniqueness_rules/>
-      </properties>
-      <fields>
-        <field id="extension_code" xsi:type="AttributeString">
-          <sql>extension_code</sql>
-          <is_null_allowed>false</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="label" xsi:type="AttributeString">
-          <sql>label</sql>
-          <is_null_allowed>false</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="version" xsi:type="AttributeString">
-          <sql>version</sql>
-          <is_null_allowed>false</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="module_names" xsi:type="AttributeText">
-          <sql>module_names</sql>
-          <is_null_allowed>false</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="status" xsi:type="AttributeString">
-          <sql>status</sql>
-          <default_value>none</default_value>
-          <is_null_allowed>true</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-      </fields>
-      <presentation>
-        <list>
-          <items>
-            <item id="extension_code">
-              <rank>10</rank>
-            </item>
-            <item id="status">
-              <rank>20</rank>
-            </item>
-          </items>
-        </list>
-        <search>
-          <item id="extension_code">
-            <rank>10</rank>
-          </item>
-          <item id="status">
-            <rank>20</rank>
-          </item>
-        </search>
-        <details>
-          <item id="extension_code">
-            <rank>10</rank>
-          </item>
-          <item id="status">
-            <rank>20</rank>
-          </item>
-        </details>
-      </presentation>
-      <methods/>
-    </class>
-    <class id="DataFeatureRemoverAuditRule" _delta="define">
-      <properties>
-        <category>grant_by_profile</category>
-        <db_table>data_feature_removal_auditrule</db_table>
-        <naming>
-          <attributes/>
-        </naming>
-        <reconciliation>
-          <attributes>
-            <attribute id="rule_name"/>
-            <attribute id="extension_code"/>
-            <attribute id="class_name"/>
-          </attributes>
-        </reconciliation>
-        <uniqueness_rules/>
-      </properties>
-      <fields>
-        <field id="rule_name" xsi:type="AttributeString">
-          <sql>rule_name</sql>
-          <is_null_allowed>false</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="extension_code" xsi:type="AttributeString">
-          <sql>extension_code</sql>
-          <is_null_allowed>false</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="class_name" xsi:type="AttributeText">
-          <sql>class_name</sql>
-          <default_value>none</default_value>
-          <is_null_allowed>true</is_null_allowed>
-          <tracking_level>all</tracking_level>
-        </field>
-        <field id="count" xsi:type="AttributeInteger">
-          <sql>count</sql>
-          <default_value>0</default_value>
-          <tracking_level>all</tracking_level>
-        </field>
-      </fields>
-      <presentation>
-        <list>
-          <items>
-            <item id="rule_name">
-              <rank>10</rank>
-            </item>
-            <item id="extension_code">
-              <rank>20</rank>
-            </item>
-            <item id="class_name">
-              <rank>30</rank>
-            </item>
-          </items>
-        </list>
-        <search>
-          <item id="rule_name">
-            <rank>10</rank>
-          </item>
-          <item id="extension_code">
-            <rank>20</rank>
-          </item>
-          <item id="class_name">
-            <rank>30</rank>
-          </item>
-        </search>
-        <details>
-          <item id="rule_name">
-            <rank>10</rank>
-          </item>
-          <item id="extension_code">
-            <rank>20</rank>
-          </item>
-          <item id="class_name">
-            <rank>30</rank>
-          </item>
-        </details>
-      </presentation>
-      <methods/>
-    </class>
-  </classes>
-  <menus>
-    <menu id="DataFeatureRemovalMenu" xsi:type="WebPageMenuNode" _delta="define">
-      <rank>30</rank>
-      <parent>SystemTools</parent>
-      <url>$pages/exec.php?exec_module=combodo-data-feature-removal&amp;exec_page=index.php&amp;c[menu]=DataFeatureRemovalMenu</url>
-      <enable_admin_only>1</enable_admin_only>
-    </menu>
-  </menus>
-</itop_design>
--- a/datamodels/2.x/combodo-data-feature-removal/dictionaries/en.dict.combodo-data-feature-removal.php
+++ b/datamodels/2.x/combodo-data-feature-removal/dictionaries/en.dict.combodo-data-feature-removal.php
@@ -1,41 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/**
- * Localized data
- */
-
-Dict::Add('EN US', 'English', 'English', [
-	'Menu:DataFeatureRemovalMenu' => 'Features Removal',
-	'combodo-data-feature-removal/Operation:Main/Title' => 'Features Removal',
-
-	'DataFeatureRemoval:Main:Title' => 'Features Removal',
-	'DataFeatureRemoval:Main:SubTitle' => 'Prepare features you want to enable/disable in a future setup',
-	'DataFeatureRemoval:Failure:Title' => 'Feature dry removal errors',
-	'DataFeatureRemoval:Helper:Title' => 'This utilitary allows you to enable or disable features that are installed in your iTop.',
-	'DataFeatureRemoval:Helper:Desc1' => 'It will prepare the setup step that proceeds to feature enabling or disabling.',
-	'DataFeatureRemoval:Helper:Desc2' => 'You will need to analyze if there are any data or dependency preventing you from enabling/disabling a feature.',
-
-	'DataFeatureRemoval:Features:Title' => 'Features',
-	'DataFeatureRemoval:Analysis:Title' => 'Analysis result',
-	'DataFeatureRemoval:Analysis:SubTitle' => '%1$s element(s) to clean before continuing',
-
-	'DataFeatureRemoval:Table:Analysis:ClassName' => 'Element to remove',
-	'DataFeatureRemoval:Table:Analysis:RemovalType' => 'Type of element',
-	'DataFeatureRemoval:Table:Analysis:FeatureName' => 'Feature name',
-	'DataFeatureRemoval:Table:Analysis:Occurence' => 'Occurence',
-
-	'UI:Button:Analyze' => 'Analyze',
-	'UI:Button:ModifyChoices' => 'Modify Choices',
-	'UI:Button:AnalyzeAndSetup' => 'Analyze and go to setup',
-
-	'UI:Action:ForceUninstall' => 'Force uninstall',
-	'UI:Action:MoreInfo' => 'More information',
-
-	'DataFeatureRemoval:Table:Analysis:RemovalType:FINAL_CLASS' => 'Final class',
-
-	]);
--- a/datamodels/2.x/combodo-data-feature-removal/dictionaries/fr.dict.combodo-data-feature-removal.php
+++ b/datamodels/2.x/combodo-data-feature-removal/dictionaries/fr.dict.combodo-data-feature-removal.php
@@ -1,40 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/**
-* Localized data
-*/
-
-Dict::Add('FR FR', 'French', 'Français', [
-	'Menu:DataFeatureRemovalMenu' => 'Features Removal',
-	'combodo-data-feature-removal/Operation:Main/Title' => 'Features Removal',
-
-	'DataFeatureRemoval:Main:Title' => 'Features Removal',
-	'DataFeatureRemoval:Main:SubTitle' => 'Prepare features you want to enable/disable in a future setup',
-	'DataFeatureRemoval:Failure:Title' => 'Feature dry removal errors',
-	'DataFeatureRemoval:Helper:Title' => 'This utilitary allows you to enable or disable features that are installed in your iTop.',
-	'DataFeatureRemoval:Helper:Desc1' => 'It will prepare the setup step that proceeds to feature enabling or disabling.',
-	'DataFeatureRemoval:Helper:Desc2' => 'You will need to analyze if there are any data or dependency preventing you from enabling/disabling a feature.',
-
-	'DataFeatureRemoval:Features:Title' => 'Features',
-	'DataFeatureRemoval:Analysis:Title' => 'Analysis result',
-	'DataFeatureRemoval:Analysis:SubTitle' => '%1$s element(s) to clean before continuing',
-
-	'DataFeatureRemoval:Table:Analysis:ClassName' => 'Element to remove',
-	'DataFeatureRemoval:Table:Analysis:RemovalType' => 'Type of element',
-	'DataFeatureRemoval:Table:Analysis:FeatureName' => 'Feature name',
-	'DataFeatureRemoval:Table:Analysis:Occurence' => 'Occurence',
-
-	'UI:Button:Analyze' => 'Analyze',
-	'UI:Button:ModifyChoices' => 'Modify Choices',
-	'UI:Button:AnalyzeAndSetup' => 'Analyze and go to setup',
-
-	'UI:Action:ForceUninstall' => 'Force uninstall',
-	'UI:Action:MoreInfo' => 'More information',
-
-	'DataFeatureRemoval:Table:Analysis:RemovalType:FINAL_CLASS' => 'Final class',
-]);
--- a/datamodels/2.x/combodo-data-feature-removal/index.php
+++ b/datamodels/2.x/combodo-data-feature-removal/index.php
@@ -1,20 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\DataFeatureRemoval;
-
-use Combodo\iTop\DataFeatureRemoval\Controller\DataFeatureRemovalController;
-use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalHelper;
-use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalLog;
-
-require_once(APPROOT.'application/startup.inc.php');
-
-DataFeatureRemovalLog::Enable();
-
-$oController = new DataFeatureRemovalController(MODULESROOT.DataFeatureRemovalHelper::MODULE_NAME.'/templates', DataFeatureRemovalHelper::MODULE_NAME);
-$oController->SetDefaultOperation('Main');
-$oController->HandleOperation();
--- a/datamodels/2.x/combodo-data-feature-removal/model.combodo-data-feature-removal.php
+++ b/datamodels/2.x/combodo-data-feature-removal/model.combodo-data-feature-removal.php
@@ -1,16 +0,0 @@
-<?php
-
-// PHP Data Model definition file
-
-// WARNING - WARNING - WARNING
-// DO NOT EDIT THIS FILE (unless you know what you are doing)
-//
-// If you provide a datamodel.xxxx.xml file with your module,
-// this file WILL BE overwritten by the compilation of the
-// module (during the setup) if the datamodel.xxxx.xml file
-// contains the definition of new classes or menus.
-//
-// The recommended way to define new classes (for iTop 2.0 and later) is via the XML definition.
-// This file remains in the module's template only for the cases where there is:
-// - either no new class or menu defined in the XML file
-// - or no XML file at all supplied by the module
--- a/datamodels/2.x/combodo-data-feature-removal/src/Controller/DataFeatureRemovalController.php
+++ b/datamodels/2.x/combodo-data-feature-removal/src/Controller/DataFeatureRemovalController.php
@@ -1,189 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\DataFeatureRemoval\Controller;
-
-require_once APPROOT.'setup/feature_removal/SetupAudit.php';
-require_once APPROOT.'setup/feature_removal/DryRemovalRuntimeEnvironment.php';
-
-use Combodo\iTop\Application\TwigBase\Controller\Controller;
-use Combodo\iTop\AuthentToken\Helper\TokenAuthLog;
-use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalHelper;
-use Combodo\iTop\DataFeatureRemoval\Model\DataFeatureRemoverAuditRuleService;
-use Combodo\iTop\DataFeatureRemoval\Model\DataFeatureRemoverExtensionService;
-use Combodo\iTop\Setup\FeatureRemoval\DryRemovalRuntimeEnvironment;
-use Combodo\iTop\Setup\FeatureRemoval\SetupAudit;
-use Dict;
-use Exception;
-use MetaModel;
-use utils;
-
-class DataFeatureRemovalController extends Controller
-{
-	private array $aSelectedExtensionsForCheck = [];
-
-	public function OperationMain($sErrorMessage = null)
-	{
-		$aParams = [];
-
-		$this->AddLinkedStylesheet(utils::GetAbsoluteUrlModulesRoot().DataFeatureRemovalHelper::MODULE_NAME.'/assets/css/DataFeatureRemoval.css');
-		$this->AddLinkedScript(utils::GetAbsoluteUrlModulesRoot().DataFeatureRemovalHelper::MODULE_NAME.'/assets/js/DataFeatureRemoval.js');
-
-		$aParams['sTransactionId'] = utils::GetNewTransactionId();
-		$this->AddFeatureParams($aParams);
-		$this->AddAnalyzeParams($aParams);
-		$aParams['DataFeatureRemovalErrorMessage'] = $sErrorMessage;
-		$this->DisplayPage($aParams);
-	}
-
-	public function AddFeatureParams(array &$aParams)
-	{
-		$aParams['aExtensions'] = $this->GetExtensionsTable();
-		$aParams['sModule'] = DataFeatureRemovalHelper::MODULE_NAME;
-	}
-
-	public function AddAnalyzeParams(array &$aParams)
-	{
-		$iTotalCount = 0;
-		$aData = [];
-		$aColumns = [];
-		foreach (DataFeatureRemoverAuditRuleService::GetInstance()->ReadCheckRules() as $oRule) {
-			$sContent = $oRule->Get('class_name');
-			$sModuleName = MetaModel::GetModuleName($sContent);
-			$aExtensions = DataFeatureRemoverExtensionService::GetInstance()->GetIncludingExtensions($sModuleName);
-			$sExtensions = implode(' ', $aExtensions);
-			$sTypeName = $oRule->Get('rule_name');
-			$sTypeDesc = \Dict::S("DataFeatureRemoval:Table:Analysis:RemovalType:$sTypeName");
-			$iCount = $oRule->Get('count');
-			$iTotalCount += $iCount;
-			$aColumns = ['ClassName', 'RemovalType','FeatureName','Occurence'];
-			$aData[] = [
-				<<<HTML
-<label>$sContent</label>
-HTML,
-				<<<HTML
-<label>$sTypeDesc</label>
-HTML,
-				<<<HTML
-<label title="$sModuleName">$sExtensions</label>
-HTML,
-				<<<HTML
-<label>$iCount</label>
-HTML,
-			];
-		}
-
-		$aParams['aCheckRules'] =  $this->GetTableData('Analysis', $aColumns, $aData);
-		$aParams['rule_count'] = $iTotalCount;
-	}
-
-	public function OperationAnalyze()
-	{
-		$aSelectedExtensionsFromUI = utils::ReadPostedParam('aExtensions', []);
-		$this->aSelectedExtensionsForCheck = [];
-		foreach ($aSelectedExtensionsFromUI as $sCode => $aData) {
-			$sValue = $aData['enable'] ?? 'off';
-			if (($sValue) === 'on') {
-				$this->aSelectedExtensionsForCheck[] = $sCode;
-			}
-		}
-
-		$this->m_sOperation = 'Main';
-
-		try {
-			$this->Analyze();
-			$this->OperationMain();
-		} catch (Exception $e) {
-			\IssueLog::Error(__METHOD__, null, ['stack' => $e->getTraceAsString(), 'exception' => $e->getMessage()]);
-			$this->OperationMain($e->getMessage());
-		}
-	}
-
-	private function GetExtensionsTable(): array
-	{
-		$aExtensions = [];
-		$aColumns = ['', 'Version', 'Name', 'Code'];
-		$this->aSelectedExtensionsForCheck = DataFeatureRemoverExtensionService::GetInstance()->ReadAuditedExtensions();
-
-		foreach (DataFeatureRemoverExtensionService::GetInstance()->ReadItopExtensions() as $sCode => $oExtension) {
-			/** @var \iTopExtension $oExtension */
-
-			$sChecked = "checked";
-			$sDisabledHtml = '';
-			if ($oExtension->bRemovedFromDisk) {
-				$sDisabledHtml = 'disabled=""';
-			} elseif (! array_key_exists($sCode, $this->aSelectedExtensionsForCheck)) {
-				$sChecked = "";
-			}
-
-			$sLabel = $oExtension->sLabel;
-			$sVersion = $oExtension->sVersion;
-			$sIdEnable = "aExtensions[$sCode][enable]";
-
-			$aExtensions[] = [
-				<<<HTML
-<input type="checkbox" $sDisabledHtml class="extension_check" $sChecked id="$sIdEnable" name="$sIdEnable"/>
-HTML,
-				<<<HTML
-<label>$sVersion</label>
-HTML,
-				<<<HTML
-<label for="$sIdEnable">$sLabel</label>
-HTML,
-				<<<HTML
-<label for="$sIdEnable">$sCode</label>
-HTML,
-			];
-		}
-
-		return $this->GetTableData('Extensions', $aColumns, $aExtensions);
-
-	}
-
-	public function GetTableData(string $sTableName, array $aColumns, array $aData): array
-	{
-		if (empty($aData)) {
-			return [
-				'Type' => 'Table',
-				'Columns' => [['label' => '']],
-				'Data' => [[ Dict::S('DbCleaner:Table:Empty')]],
-			];
-		}
-
-		$aNewColumns = [];
-		foreach ($aColumns as $sColumn) {
-			$aNewColumns[] = ['label' => Dict::S("DataFeatureRemoval:Table:$sTableName:$sColumn", $sColumn)];
-		}
-		$aColumns = $aNewColumns;
-
-		return [
-			'Type' => 'Table',
-			'Columns' => $aColumns,
-			'Data' => $aData,
-		];
-	}
-
-	private function Analyze()
-	{
-		DataFeatureRemoverExtensionService::GetInstance()->SaveExtensions($this->aSelectedExtensionsForCheck);
-
-		$sSourceEnvt = \MetaModel::GetEnvironment();
-		$oDryRemovalRuntimeEnvironment = new DryRemovalRuntimeEnvironment();
-		$oDryRemovalRuntimeEnvironment->Prepare($sSourceEnvt, $this->aSelectedExtensionsForCheck);
-		$oDryRemovalRuntimeEnvironment->CompileFrom($sSourceEnvt);
-
-		$oSetupAudit = new SetupAudit($sSourceEnvt, DryRemovalRuntimeEnvironment::DRY_REMOVAL_AUDIT_ENV);
-		$this->Save($oSetupAudit->GetIssues());
-	}
-
-	private function Save(array $aGetRemovedClasses)
-	{
-		\IssueLog::Debug(__METHOD__, null, ['aGetRemovedClasses' => $aGetRemovedClasses]);
-
-		DataFeatureRemoverAuditRuleService::GetInstance()->SaveChecks($aGetRemovedClasses);
-	}
-}
--- a/datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalException.php
+++ b/datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalException.php
@@ -1,30 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\DataFeatureRemoval\Helper;
-
-use Exception;
-use Throwable;
-
-class DataFeatureRemovalException extends Exception
-{
-	public function __construct(string $message = '', int $code = 0, ?Throwable $previous = null, array $aContext = [])
-	{
-		if (!is_null($previous)) {
-			$sStack = $previous->getTraceAsString();
-			$sError = $previous->getMessage();
-		} else {
-			$sStack = $this->getTraceAsString();
-			$sError = '';
-		}
-
-		$aContext['error'] = $sError;
-		$aContext['stack'] = $sStack;
-		DataFeatureRemovalLog::Error($message, null, $aContext);
-		parent::__construct($message, $code, $previous);
-	}
-}
--- a/datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalHelper.php
+++ b/datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalHelper.php
@@ -1,13 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\DataFeatureRemoval\Helper;
-
-class DataFeatureRemovalHelper
-{
-	public const MODULE_NAME = 'combodo-data-feature-removal';
-}
--- a/datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalLog.php
+++ b/datamodels/2.x/combodo-data-feature-removal/src/Helper/DataFeatureRemovalLog.php
@@ -1,25 +0,0 @@
-<?php
-
-/**
- * @copyright   Copyright (C) 2010-2025 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\DataFeatureRemoval\Helper;
-
-use LogAPI;
-
-class DataFeatureRemovalLog extends LogAPI
-{
-	public const CHANNEL_DEFAULT = 'DataFeatureRemoval';
-
-	protected static $m_oFileLog = null;
-
-	public static function Enable($sTargetFile = null)
-	{
-		if (empty($sTargetFile)) {
-			$sTargetFile = APPROOT.'log/error.log';
-		}
-		parent::Enable($sTargetFile);
-	}
-}
--- a/datamodels/2.x/combodo-data-feature-removal/src/Model/DataFeatureRemoverAuditRuleService.php
+++ b/datamodels/2.x/combodo-data-feature-removal/src/Model/DataFeatureRemoverAuditRuleService.php
@@ -1,70 +0,0 @@
-<?php
-
-namespace Combodo\iTop\DataFeatureRemoval\Model;
-
-use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException;
-use DataFeatureRemoverAuditRule;
-use DBObjectSearch;
-use DBObjectSet;
-use Exception;
-
-class DataFeatureRemoverAuditRuleService
-{
-	private static DataFeatureRemoverAuditRuleService $oInstance;
-
-	protected function __construct()
-	{
-	}
-
-	final public static function GetInstance(): DataFeatureRemoverAuditRuleService
-	{
-		if (!isset(self::$oInstance)) {
-			self::$oInstance = new DataFeatureRemoverAuditRuleService();
-		}
-
-		return self::$oInstance;
-	}
-
-	final public static function SetInstance(?DataFeatureRemoverAuditRuleService $oInstance): void
-	{
-		self::$oInstance = $oInstance;
-	}
-
-	public function SaveChecks(array $aGetRemovedClasses)
-	{
-		$oSearch = DBObjectSearch::FromOQL('SELECT DataFeatureRemoverAuditRule', []);
-		$oSearch->AllowAllData();
-		$oSet = new DBObjectSet($oSearch);
-
-		while (null != ($oObj = $oSet->Fetch())) {
-			$oObj->DBDelete();
-		}
-
-		foreach ($aGetRemovedClasses as $sClass => $iCount) {
-			$oObj = new DataFeatureRemoverAuditRule();
-			$oObj->Set('rule_name', 'FINAL_CLASS');
-			$oObj->Set('extension_code', $sClass);
-			$oObj->Set('class_name', $sClass);
-			$oObj->Set('count', $iCount);
-			$oObj->DBWrite();
-		}
-	}
-
-	public function ReadCheckRules(): array
-	{
-		try {
-			$oSearch = DBObjectSearch::FromOQL('SELECT DataFeatureRemoverAuditRule', []);
-			$oSearch->AllowAllData();
-			$oSet = new DBObjectSet($oSearch);
-
-			$aRes = [];
-			while (null != ($oObj = $oSet->Fetch())) {
-				$aRes[] = $oObj;
-			}
-
-			return $aRes;
-		} catch (Exception $e) {
-			throw new DataFeatureRemovalException(__FUNCTION__.' failed', 0, $e);
-		}
-	}
-}
--- a/datamodels/2.x/combodo-data-feature-removal/src/Model/DataFeatureRemoverExtensionService.php
+++ b/datamodels/2.x/combodo-data-feature-removal/src/Model/DataFeatureRemoverExtensionService.php
@@ -1,122 +0,0 @@
-<?php
-
-namespace Combodo\iTop\DataFeatureRemoval\Model;
-
-use Combodo\iTop\DataFeatureRemoval\Helper\DataFeatureRemovalException;
-use DataFeatureRemoverExtension;
-use DBObjectSearch;
-use DBObjectSet;
-use Exception;
-use iTopExtension;
-use iTopExtensionsMap;
-use MetaModel;
-
-class DataFeatureRemoverExtensionService
-{
-	private static DataFeatureRemoverExtensionService $oInstance;
-
-	protected function __construct()
-	{
-	}
-
-	final public static function GetInstance(): DataFeatureRemoverExtensionService
-	{
-		if (!isset(self::$oInstance)) {
-			self::$oInstance = new DataFeatureRemoverExtensionService();
-		}
-
-		return self::$oInstance;
-	}
-
-	final public static function SetInstance(?DataFeatureRemoverExtensionService $oInstance): void
-	{
-		self::$oInstance = $oInstance;
-	}
-
-	public function SaveExtensions(array $aSelectedExtensionsForCheck)
-	{
-		$this->ReadItopExtensions();
-
-		$oSearch = DBObjectSearch::FromOQL('SELECT DataFeatureRemoverExtension', []);
-		$oSearch->AllowAllData();
-		$oSet = new DBObjectSet($oSearch);
-
-		while (null != ($oObj = $oSet->Fetch())) {
-			$oObj->DBDelete();
-		}
-
-		foreach ($aSelectedExtensionsForCheck as $i => $sCode) {
-			$oObj = new DataFeatureRemoverExtension();
-			$oObj->Set('extension_code', $sCode);
-			/** @var iTopExtension $oExtension */
-			$oExtension = $this->aItopExtensions[$sCode];
-			$oObj->Set('module_names', json_encode($oExtension->aModules));
-			$oObj->Set('label', $oExtension->sLabel);
-			$oObj->Set('version', $oExtension->sVersion);
-			$oObj->DBWrite();
-		}
-	}
-
-	private array $aSelectedExtensions = [];
-	private array $aItopExtensions = [];
-	private array $aIncludingExtensionsByModuleName = [];
-	public function ReadAuditedExtensions(): array
-	{
-		if (count($this->aSelectedExtensions) == 0) {
-			try {
-				$oSearch = DBObjectSearch::FromOQL('SELECT DataFeatureRemoverExtension', []);
-				$oSearch->AllowAllData();
-				$oSet = new DBObjectSet($oSearch);
-
-				while (null != ($oObj = $oSet->Fetch())) {
-					$sCode = $oObj->Get('extension_code');
-					$sLabel = $oObj->Get('label');
-					$sVersion = $oObj->Get('version');
-
-					$sModuleNames = $oObj->Get('module_names');
-					$aModuleNames = json_decode($sModuleNames, true);
-					if (is_array($aModuleNames) && count($aModuleNames) > 0) {
-						foreach ($aModuleNames as $sModuleName) {
-							$aExtensions = $this->aIncludingExtensionsByModuleName[$sModuleName] ?? [];
-							$aExtensions[] = "$sLabel / $sVersion";
-							$this->aIncludingExtensionsByModuleName[$sModuleName] = $aExtensions;
-
-						}
-					}
-					$this->aSelectedExtensions[$sCode] = $oObj;
-				}
-			} catch (Exception $e) {
-				throw new DataFeatureRemovalException(__FUNCTION__.' failed', 0, $e);
-			}
-		}
-
-		\IssueLog::Debug(__METHOD__, null, ['aSelectedExtensionsForCheck' => $this->aSelectedExtensions]);
-		\IssueLog::Debug(__METHOD__, null, ['aIncludingExtensionsByModuleName' => $this->aIncludingExtensionsByModuleName]);
-
-		return $this->aSelectedExtensions;
-	}
-
-	public function GetIncludingExtensions(string $sModuleName): array
-	{
-		$this->ReadAuditedExtensions();
-		return $this->aIncludingExtensionsByModuleName[$sModuleName] ?? [];
-	}
-
-	/**
-	 * @return iTopExtension[]
-	 */
-	public function ReadItopExtensions(): array
-	{
-		if (count($this->aItopExtensions) == 0) {
-			$oExtensionsMap = new iTopExtensionsMap();
-			$oExtensionsMap->LoadInstalledExtensionsFromDatabase(MetaModel::GetConfig());
-			$this->aItopExtensions = $oExtensionsMap->GetAllExtensionsToDisplayInSetup(true);
-
-			uasort($this->aItopExtensions, function (iTopExtension $oiTopExtension1, iTopExtension $oiTopExtension2) {
-				return strcmp($oiTopExtension1->sLabel, $oiTopExtension2->sLabel);
-			});
-		}
-
-		return $this->aItopExtensions;
-	}
-}
--- a/datamodels/2.x/combodo-data-feature-removal/templates/ExtensionRemovalDataTab.html.twig
+++ b/datamodels/2.x/combodo-data-feature-removal/templates/ExtensionRemovalDataTab.html.twig
@@ -1,8 +0,0 @@
-{# @copyright   Copyright (C) 2010-2024 Combodo SAS #}
-{# @license     http://opensource.org/licenses/AGPL-3.0 #}
-
-{% UIForm Standard {} %}
-    {% UIPanel Neutral { sTitle:'DataFeatureRemoval:Analysis:Title'|dict_s, sSubTitle: 'DataFeatureRemoval:Analysis:SubTitle'|dict_format(rule_count) } %}
-        {% UIDataTable ForForm { sRef:'aCheckRules', aColumns:aCheckRules.Columns, aData:aCheckRules.Data} %}{% EndUIDataTable %}
-    {% EndUIPanel %}
-{% EndUIForm %}
--- a/datamodels/2.x/combodo-data-feature-removal/templates/FeaturesTab.html.twig
+++ b/datamodels/2.x/combodo-data-feature-removal/templates/FeaturesTab.html.twig
@@ -1,18 +0,0 @@
-{# @copyright   Copyright (C) 2010-2024 Combodo SAS #}
-{# @license     http://opensource.org/licenses/AGPL-3.0 #}
-
-
-{% UIForm Standard {} %}
-    {% UIInput ForHidden {sName:'operation', sValue:'Analyze'} %}
-    {% UIInput ForHidden {sName:'transaction_id', sValue:sTransactionId} %}
-
-    {% UIFieldSet Standard {sLegend:'DataFeatureRemoval:Features:Title'|dict_s} %}
-        {% UIDataTable ForForm { sRef:'aExtensions', aColumns:aExtensions.Columns, aData:aExtensions.Data} %}{% EndUIDataTable %}
-    {% EndUIFieldSet %}
-
-
-    {% UIToolbar ForButton {} %}
-        {% UIButton ForPrimaryAction {sLabel:'UI:Button:Analyze'|dict_s, sName:'btn_apply', sId:'btn_apply', bIsSubmit:true} %}
-    {% EndUIToolbar %}
-
-{% EndUIForm %}
--- a/datamodels/2.x/combodo-data-feature-removal/templates/Main.html.twig
+++ b/datamodels/2.x/combodo-data-feature-removal/templates/Main.html.twig
@@ -1,28 +0,0 @@
-{# @copyright   Copyright (C) 2010-2025 Combodo SARL #}
-{# @license     http://opensource.org/licenses/AGPL-3.0 #}
-
-{#  Usable variables: #}
-{#     * sTitle => page title #}
-{#     * sMessage => success message #}
-{#     * sError => error message #}
-
-{# DataFeatureRemoval #}
-
-{% UIPanel Neutral { sTitle:'DataFeatureRemoval:Main:Title'|dict_s, sSubTitle: 'DataFeatureRemoval:Main:SubTitle'|dict_s } %}
-
-    {% UIAlert ForInformation { sTitle:'DataFeatureRemoval:Helper:Title'|dict_s } %}
-        {{ 'DataFeatureRemoval:Helper:Desc1'|dict_s }}<BR>
-        {{ 'DataFeatureRemoval:Helper:Desc2'|dict_s }}
-    {% EndUIAlert %}
-
-
-{% if null != DataFeatureRemovalErrorMessage %}
-    <div id="feature_removal_error_msg_div" style="display:block">
-        {% UIAlert ForFailure { sTitle:'DataFeatureRemoval:Failure:Title'|dict_s, sId: 'feature_removal_error_msg', sContent:DataFeatureRemovalErrorMessage } %}
-        {% EndUIAlert %}
-    </div>
-{% endif %}
-
-    {% include 'FeaturesTab.html.twig' %}
-    {% include 'ExtensionRemovalDataTab.html.twig' %}
-{% EndUIPanel %}
--- a/datamodels/2.x/combodo-data-feature-removal/templates/Main.js.twig
+++ b/datamodels/2.x/combodo-data-feature-removal/templates/Main.js.twig
@@ -1,9 +0,0 @@
-{# @copyright   Copyright (C) 2010-2024 Combodo SAS #}
-{# @license     http://opensource.org/licenses/AGPL-3.0 #}
-
-$(document).on('click', '#checkAllExtensions', function() {
-	var bChecked = this.checked;
-	$('.extension_check').each( function() { this.checked = bChecked });
-});
-
-
--- a/datamodels/2.x/combodo-data-feature-removal/templates/Main.ready.js.twig
+++ b/datamodels/2.x/combodo-data-feature-removal/templates/Main.ready.js.twig
@@ -1,2 +0,0 @@
-{# @copyright   Copyright (C) 2010-2024 Combodo SAS #}
-{# @license     http://opensource.org/licenses/AGPL-3.0 #}
--- a/datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_classmap.php
+++ b/datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_classmap.php
@@ -1,17 +0,0 @@
-<?php
-
-// autoload_classmap.php @generated by Composer
-
-$vendorDir = dirname(__DIR__);
-$baseDir = dirname($vendorDir);
-
-return array(
-    'Combodo\\iTop\\DataFeatureRemoval\\Controller\\DataFeatureRemovalController' => $baseDir . '/src/Controller/DataFeatureRemovalController.php',
-    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalException' => $baseDir . '/src/Helper/DataFeatureRemovalException.php',
-    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalHelper' => $baseDir . '/src/Helper/DataFeatureRemovalHelper.php',
-    'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalLog' => $baseDir . '/src/Helper/DataFeatureRemovalLog.php',
-    'Combodo\\iTop\\DataFeatureRemoval\\Model\\DataFeatureRemoverAuditRuleService' => $baseDir . '/src/Model/DataFeatureRemoverAuditRuleService.php',
-    'Combodo\\iTop\\DataFeatureRemoval\\Model\\DataFeatureRemoverExtensionService' => $baseDir . '/src/Model/DataFeatureRemoverExtensionService.php',
-    'Combodo\\iTop\\DataFeatureRemoval\\Service\\SetupAudit' => $baseDir . '/src/Service/SetupAudit.php',
-    'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php',
-);
--- a/datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_static.php
+++ b/datamodels/2.x/combodo-data-feature-removal/vendor/composer/autoload_static.php
@@ -1,48 +0,0 @@
-<?php
-
-// autoload_static.php @generated by Composer
-
-namespace Composer\Autoload;
-
-class ComposerStaticInit4f96a7199e2c0d90e547333758b26464
-{
-    public static $prefixLengthsPsr4 = array (
-        'C' => 
-        array (
-            'Combodo\\iTop\\DataFeatureRemoval\\' => 32,
-        ),
-    );
-
-    public static $prefixDirsPsr4 = array (
-        'Combodo\\iTop\\DataFeatureRemoval\\' => 
-        array (
-            0 => __DIR__ . '/../..' . '/src',
-        ),
-    );
-
-    public static $fallbackDirsPsr4 = array (
-        0 => __DIR__ . '/../..' . '/src/NoNamespace',
-    );
-
-    public static $classMap = array (
-        'Combodo\\iTop\\DataFeatureRemoval\\Controller\\DataFeatureRemovalController' => __DIR__ . '/../..' . '/src/Controller/DataFeatureRemovalController.php',
-        'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalException' => __DIR__ . '/../..' . '/src/Helper/DataFeatureRemovalException.php',
-        'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalHelper' => __DIR__ . '/../..' . '/src/Helper/DataFeatureRemovalHelper.php',
-        'Combodo\\iTop\\DataFeatureRemoval\\Helper\\DataFeatureRemovalLog' => __DIR__ . '/../..' . '/src/Helper/DataFeatureRemovalLog.php',
-        'Combodo\\iTop\\DataFeatureRemoval\\Model\\DataFeatureRemoverAuditRuleService' => __DIR__ . '/../..' . '/src/Model/DataFeatureRemoverAuditRuleService.php',
-        'Combodo\\iTop\\DataFeatureRemoval\\Model\\DataFeatureRemoverExtensionService' => __DIR__ . '/../..' . '/src/Model/DataFeatureRemoverExtensionService.php',
-        'Combodo\\iTop\\DataFeatureRemoval\\Service\\SetupAudit' => __DIR__ . '/../..' . '/src/Service/SetupAudit.php',
-        'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php',
-    );
-
-    public static function getInitializer(ClassLoader $loader)
-    {
-        return \Closure::bind(function () use ($loader) {
-            $loader->prefixLengthsPsr4 = ComposerStaticInit4f96a7199e2c0d90e547333758b26464::$prefixLengthsPsr4;
-            $loader->prefixDirsPsr4 = ComposerStaticInit4f96a7199e2c0d90e547333758b26464::$prefixDirsPsr4;
-            $loader->fallbackDirsPsr4 = ComposerStaticInit4f96a7199e2c0d90e547333758b26464::$fallbackDirsPsr4;
-            $loader->classMap = ComposerStaticInit4f96a7199e2c0d90e547333758b26464::$classMap;
-
-        }, null, ClassLoader::class);
-    }
-}
--- a/datamodels/2.x/combodo-db-tools/bin/rebuildhk.php
+++ b/datamodels/2.x/combodo-db-tools/bin/rebuildhk.php
@@ -10,22 +10,87 @@
 */

 use Combodo\iTop\Core\MetaModel\HierarchicalKey;
+use Combodo\iTop\DBTools\Enum\BinExitCode;
+use Combodo\iTop\DBTools\Exception\AuthenticationException;

-require_once('../../../approot.inc.php');
+// env-xxx folders
+if (file_exists(__DIR__.'/../../../approot.inc.php')) {
+	require_once __DIR__.'/../../../approot.inc.php';
+}
+// datamodel/2.x and data/xxx-modules folders
+elseif (file_exists(__DIR__.'/../../../../approot.inc.php')) {
+	require_once __DIR__.'/../../../../approot.inc.php';
+}
 require_once APPROOT.'application/startup.inc.php';

-foreach (MetaModel::GetClasses() as $sClass) {
-	if (!MetaModel::HasTable($sClass)) {
-		continue;
-	}
+// Prepare output page
+$sPageTitle = "Database maintenance tools - Report";
+$bIsModeCLI = utils::IsModeCLI();
+if ($bIsModeCLI) {
+	$oP = new CLIPage($sPageTitle);

-	foreach (MetaModel::ListAttributeDefs($sClass) as $sAttCode => $oAttDef) {
-		// Check (once) all the attributes that are hierarchical keys
-		if ((MetaModel::GetAttributeOrigin($sClass, $sAttCode) == $sClass) && $oAttDef->IsHierarchicalKey()) {
-			echo "Rebuild hierarchical key $sAttCode from $sClass.\n";
-			HierarchicalKey::Rebuild($sClass, $sAttCode, $oAttDef);
-		}
-	}
+	SetupUtils::CheckPhpAndExtensionsForCli($oP, BinExitCode::FATAL->value);
+} else {
+	$oP = new WebPage($sPageTitle);
 }

-echo "Done\n";
+// Authentication logic
+try {
+	utils::UseParamFile();
+
+	if ($bIsModeCLI) {
+		$sAuthUser = utils::ReadParam('auth_user', null, true, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
+		$sAuthPwd = utils::ReadParam('auth_pwd', null, true, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
+		if (utils::IsNullOrEmptyString($sAuthUser) || utils::IsNullOrEmptyString($sAuthPwd)) {
+			throw new AuthenticationException("Access credentials not provided, usage: php rebuildhk.php --auth_user=<login> --auth_pwd=<password> [--param_file=<file_path>]");
+		}
+		if (UserRights::CheckCredentials($sAuthUser, $sAuthPwd)) {
+			UserRights::Login($sAuthUser);
+		} else {
+			throw new AuthenticationException("Access wrong credentials ('$sAuthUser')");
+		}
+	} else {
+		// Check user rights and prompt if needed
+		LoginWebPage::DoLoginEx(null, true);
+	}
+
+	if (!UserRights::IsAdministrator()) {
+		throw new AuthenticationException("Access restricted to administrators");
+	}
+} catch (AuthenticationException $oException) {
+	$oP->p($oException->getMessage());
+	$oP->output();
+	exit(BinExitCode::ERROR->value);
+} catch (Exception $oException) {
+	$oP->p("Error: ".$oException->GetMessage());
+	$oP->output();
+	exit(BinExitCode::FATAL->value);
+}
+
+// Business logic
+try {
+	foreach (MetaModel::GetClasses() as $sClass) {
+		if (!MetaModel::HasTable($sClass)) {
+			continue;
+		}
+
+		foreach (MetaModel::ListAttributeDefs($sClass) as $sAttCode => $oAttDef) {
+			// Check (once) all the attributes that are hierarchical keys
+			if ((MetaModel::GetAttributeOrigin($sClass, $sAttCode) == $sClass) && $oAttDef->IsHierarchicalKey()) {
+				$oP->p("Rebuild hierarchical key $sAttCode from $sClass.");
+				HierarchicalKey::Rebuild($sClass, $sAttCode, $oAttDef);
+			}
+		}
+	}
+
+	$oP->p("Done");
+	$oP->output();
+} catch (AuthenticationException $oException) {
+	$oP->p($oException->getMessage());
+	$oP->output();
+	exit(BinExitCode::ERROR->value);
+} catch (Exception $oException) {
+	$oP->p("Error: ".$oException->GetMessage());
+	$oP->output();
+	exit(BinExitCode::FATAL->value);
+}
--- a/datamodels/2.x/combodo-db-tools/bin/report.php
+++ b/datamodels/2.x/combodo-db-tools/bin/report.php
@@ -5,22 +5,93 @@
 * @license     http://opensource.org/licenses/AGPL-3.0
 */

+use Combodo\iTop\DBTools\Enum\BinExitCode;
+use Combodo\iTop\DBTools\Exception\AuthenticationException;
 use Combodo\iTop\DBTools\Service\DBAnalyzerUtils;

-require_once('../../../approot.inc.php');
-require_once(APPROOT.'application/startup.inc.php');
-
-require_once('../db_analyzer.class.inc.php');
-require_once('../src/Service/DBAnalyzerUtils.php');
-
-$oDBAnalyzer = new DatabaseAnalyzer(0);
-$aResults = $oDBAnalyzer->CheckIntegrity([]);
-
-if (empty($aResults)) {
-	echo "Database OK\n";
-	exit(0);
+// env-xxx folders
+if (file_exists(__DIR__.'/../../../approot.inc.php')) {
+	require_once __DIR__.'/../../../approot.inc.php';
+}
+// datamodel/2.x and data/xxx-modules folders
+elseif (file_exists(__DIR__.'/../../../../approot.inc.php')) {
+	require_once __DIR__.'/../../../../approot.inc.php';
 }

-$sReportFile = DBAnalyzerUtils::GenerateReport($aResults);
+require_once APPROOT.'application/startup.inc.php';
+require_once APPROOT.'application/loginwebpage.class.inc.php';

-echo "Report generated: {$sReportFile}.log\n";
+require_once __DIR__.'/../db_analyzer.class.inc.php';
+
+// Prepare output page
+$sPageTitle = "Database maintenance tools - Report";
+$bIsModeCLI = utils::IsModeCLI();
+if ($bIsModeCLI) {
+	$oP = new CLIPage($sPageTitle);
+
+	SetupUtils::CheckPhpAndExtensionsForCli($oP, BinExitCode::FATAL->value);
+} else {
+	$oP = new WebPage($sPageTitle);
+}
+
+// Authentication logic
+try {
+	utils::UseParamFile();
+
+	if ($bIsModeCLI) {
+		$sAuthUser = utils::ReadParam('auth_user', null, true, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
+		$sAuthPwd = utils::ReadParam('auth_pwd', null, true, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
+		if (utils::IsNullOrEmptyString($sAuthUser) || utils::IsNullOrEmptyString($sAuthPwd)) {
+			throw new AuthenticationException("Access credentials not provided, usage: php report.php --auth_user=<login> --auth_pwd=<password> [--param_file=<file_path>]");
+		}
+		if (UserRights::CheckCredentials($sAuthUser, $sAuthPwd)) {
+			UserRights::Login($sAuthUser);
+		} else {
+			throw new AuthenticationException("Access wrong credentials ('$sAuthUser')");
+		}
+	} else {
+		// Check user rights and prompt if needed
+		LoginWebPage::DoLoginEx(null, true);
+	}
+
+	if (!UserRights::IsAdministrator()) {
+		throw new AuthenticationException("Access restricted to administrators");
+	}
+} catch (AuthenticationException $oException) {
+	$sExceptionMessage = $oP instanceof WebPage ? utils::EscapeHtml($oException->getMessage()) : $oException->getMessage();
+	$oP->p($sExceptionMessage);
+	$oP->output();
+	exit(BinExitCode::ERROR->value);
+} catch (Exception $oException) {
+	$sExceptionMessage = $oP instanceof WebPage ? utils::EscapeHtml($oException->getMessage()) : $oException->getMessage();
+	$oP->p("Error: ".$sExceptionMessage);
+	$oP->output();
+	exit(BinExitCode::FATAL->value);
+}
+
+// Business logic
+try {
+	$oDBAnalyzer = new DatabaseAnalyzer(0);
+	$aResults = $oDBAnalyzer->CheckIntegrity([]);
+
+	if (empty($aResults)) {
+		$oP->p("Database OK");
+		$oP->output();
+		exit(BinExitCode::SUCCESS->value);
+	}
+
+	$sReportFile = DBAnalyzerUtils::GenerateReport($aResults);
+
+	$oP->p("Report generated: {$sReportFile}.log");
+	$oP->output();
+} catch (AuthenticationException $oException) {
+	$sExceptionMessage = $oP instanceof WebPage ? utils::EscapeHtml($oException->getMessage()) : $oException->getMessage();
+	$oP->p($sExceptionMessage);
+	$oP->output();
+	exit(BinExitCode::ERROR->value);
+} catch (Exception $oException) {
+	$sExceptionMessage = $oP instanceof WebPage ? utils::EscapeHtml($oException->getMessage()) : $oException->getMessage();
+	$oP->p("Error: ".$sExceptionMessage);
+	$oP->output();
+	exit(BinExitCode::FATAL->value);
+}
--- a/datamodels/2.x/combodo-db-tools/composer.json
+++ b/datamodels/2.x/combodo-db-tools/composer.json
@@ -0,0 +1,9 @@
+{
+  "name": "combodo/combodo-db-tools",
+  "license": "AGPL-3.0-only",
+  "autoload": {
+    "psr-4": {
+      "Combodo\\iTop\\DBTools\\": "src/"
+    }
+  }
+}
--- a/datamodels/2.x/combodo-db-tools/composer.lock
+++ b/datamodels/2.x/combodo-db-tools/composer.lock
@@ -0,0 +1,18 @@
+{
+    "_readme": [
+        "This file locks the dependencies of your project to a known state",
+        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
+        "This file is @generated automatically"
+    ],
+    "content-hash": "38292b9b3a56c6c8776285a17c58034e",
+    "packages": [],
+    "packages-dev": [],
+    "aliases": [],
+    "minimum-stability": "stable",
+    "stability-flags": {},
+    "prefer-stable": false,
+    "prefer-lowest": false,
+    "platform": {},
+    "platform-dev": {},
+    "plugin-api-version": "2.6.0"
+}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Anne-Cath	9f5bcd8b27	Update autoload	2026-03-02 14:54:07 +01:00
Anne-Cath	3ff05a6257	Fix rebase	2026-03-02 10:58:56 +01:00
Anne-Cath	b39a39a930	update composer	2026-03-02 10:25:14 +01:00
Anne-Cath	e6b8c49186	Remove IssueLog used for develop	2026-03-02 10:24:48 +01:00
Anne-Cath	3da3c6e79c	Added "Allow delete Object" and "deny delete Object" when replica is deleted	2026-03-02 10:24:32 +01:00
Anne-Cath	30466cdd2f	WIP - Add access rights management - Manage mass updates - Add tooltips to buttons	2026-03-02 10:23:18 +01:00
acognet	f1526fda06	Add english dictionnary	2026-03-02 09:32:02 +01:00
acognet	9e094a632d	Add operation on replica	2026-03-02 09:31:37 +01:00
Molkobain	94a36c0066	Merge remote-tracking branch 'origin/support/3.2' into develop	2026-02-26 09:30:14 +01:00
Molkobain	62e09f1224	N°8604 N°8605 - Add authentication to combodo-db-tools binaries (#817 ) * N°8604 N°8605 - Add autoloader and dedicated classes for binaries utils * N°8605 - Harden security * N°8604 - Harden security * N°8604 N°8605 - Fixes from code review * N°8604 N°8605 - Improve robustness whether module is in datamodels/2.x or env-xxx folder	2026-02-26 09:29:20 +01:00
Eric Espie	57a0b5691f	Merge support/3.2 into develop	2026-02-25 10:44:19 +01:00
Eric Espié	f82389d156	N°8632 - Various fixes (#814 ) * N°8632 - Check existence of parameter file within iTop * N°8632 - block parameter file from request * log on error * PHP CS fixer * N°8632 - param files must be outside iTop * PHP CS fixer * Update webservices/export.php Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update tests/php-unit-tests/unitary-tests/application/utilsTest.php Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * ✅ Fix CI --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-02-25 10:42:04 +01:00
Molkobain	9e21976424	Merge remote-tracking branch 'origin/support/3.2' into develop	2026-02-24 21:10:57 +01:00
Molkobain	f558093f5d	N°8796 - Add PHP-CS-Fixer cache file to .gitignore file	2026-02-24 21:10:06 +01:00
Eric Espie	5201a1ed3b	PHP CS fixer	2026-02-24 16:38:21 +01:00
Eric Espie	dad39c3ebe	Merge support/3.2 into develop	2026-02-24 13:55:55 +01:00
odain	29920bfeb7	cleanup: log level in setUp + remove ls cli	2026-02-24 11:26:48 +01:00
odain	2313ee2bbd	cleanup: log level in setUp + remove ls cli	2026-02-24 11:22:24 +01:00
jf-cbd	22b0c431a0	🌐 Add French translations in fr.dict.itop-config-mgmt.php	2026-02-23 18:51:57 +01:00
Thomas Casteleyn	499b3bca88	N°7570 - feat(Typology): Add useful tabs to certain typology classes (#756 )	2026-02-23 17:28:56 +01:00
Stephen Abello	aede5ea7b8	Fix CI by updating files code style	2026-02-23 16:25:08 +01:00
Stephen Abello	da6c443a35	Fix CI by updating files code style	2026-02-23 16:08:20 +01:00
Stephen Abello	9c39efd9af	N°8549 - Update inline images secret (#815 )	2026-02-23 15:42:21 +01:00
jf-cbd	d5f2303ed2	N°8673 - Avoid server overload when user access news page with a lot of unread news (#816 )	2026-02-23 15:35:31 +01:00
Eric Espié	48e584503e	N°8782 - Union queries allow all data (#807 ) * 8782 - Union queries allow all data * N°8782 - Union queries allow all data	2026-02-23 15:10:09 +01:00
Benjamin DALSASS	454a1b26eb	N°8603 N°8601 - Remove unnecessary quotes in reload url injection	2026-02-23 10:22:10 +01:00
Benjamin Dalsass	4853ca444e	N°8910 - Upgrade Symfony packages (#811 )	2026-02-23 06:54:26 +01:00
Benjamin Dalsass	330539abd2	N°8601 N°8603 dashboards issues (#813 )	2026-02-23 06:51:40 +01:00
Stephen Abello	5357a0c060	Fix code style	2026-02-21 14:26:21 +01:00
lenaick.moreira	fc22cce037	N°8854 - Replace trigger_error() usage with E_USER_ERROR	2026-02-20 10:07:30 +01:00
lenaick.moreira	34c8a57814	N°8851 - Explicit nullable in functions parameters	2026-02-20 10:07:30 +01:00
Stephen Abello	b91e6c384a	Merge branch 'support/3.2' into develop	2026-02-19 17:39:47 +01:00
Stephen Abello	2247691e58	Fix CI by updating files code style	2026-02-19 16:59:25 +01:00
Stephen Abello	f014b43761	Merge branch 'support/3.2' into develop	2026-02-19 16:16:56 +01:00
Stephen Abello	076d49abc2	Dump autoloader	2026-02-19 16:15:58 +01:00
Stephen Abello	9fd0ffd84e	N°8545 - Standardize return message from password reset (#812 ) * N°8545 - Standardize return message from password reset * N°8545 - Change log severity depending on the error source * Add copyrights * Update application/loginwebpage.class.inc.php Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update application/loginwebpage.class.inc.php Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Avoid using dictionary entries in logs * Update application/loginwebpage.class.inc.php Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-02-19 16:12:34 +01:00
Benjamin DALSASS	0f11fd9919	N°8910 - Upgrade Symfony packages - update composer packages	2026-02-19 09:52:18 +01:00
Benjamin DALSASS	2b828f8a22	Merge branch 'support/3.2' into develop # Conflicts: # composer.lock # datamodels/2.x/authent-local/dictionaries/pt_br.dict.authent-local.php # dictionaries/fr.dictionary.itop.ui.php # dictionaries/it.dictionary.itop.ui.php # dictionaries/pt_br.dictionary.itop.ui.php # lib/composer/autoload_classmap.php # lib/composer/autoload_static.php # lib/composer/installed.json # lib/composer/installed.php # lib/symfony/cache/Traits/RelayProxy.php # lib/symfony/form/Exception/AccessException.php # lib/symfony/form/Exception/ErrorMappingException.php # lib/symfony/form/Exception/StringCastException.php # lib/symfony/http-foundation/Request.php # lib/symfony/polyfill-intl-icu/composer.json # lib/symfony/property-access/LICENSE # lib/symfony/security-core/Event/AuthenticationSuccessEvent.php	2026-02-19 09:22:08 +01:00
Benjamin Dalsass	d2f67dcb3c	N°8910 - Upgrade Symfony packages	2026-02-19 09:18:56 +01:00
jf-cbd	d5706fcbef	🧑‍💻 Add auto-assign for Combodo members	2026-02-18 14:39:25 +01:00
Benjamin Dalsass	807f2a88bc	N°8933 - Change password default length	2026-02-18 14:36:38 +01:00
Stephen Abello	9d3311e623	Fix CI by updating new dictionary files code style again	2026-02-18 12:18:15 +01:00
Stephen Abello	9bf2cb7e1d	Fix CI by updating new dictionary files code style	2026-02-18 11:50:38 +01:00
Vincent Dumas	0134ead5dd	remove installer in itop-container-mgmt	2026-02-18 11:49:40 +01:00
Stephen Abello	54909520e9	N°8544 - Update comparison method (#808 )	2026-02-18 11:30:34 +01:00
Stephen Abello	d124f8ee58	N°8541 - Replace login logo title with an alt customizable through dictionary entry (#805 )	2026-02-18 09:53:57 +01:00
Molkobain	3fdbcbc0fb	N°8681 - Enforce type hint for parameters and return value	2026-02-17 20:55:55 +01:00
Molkobain	a5296e11e1	Merge remote-tracking branch 'origin/support/3.2' into develop # Conflicts: # core/attributedef.class.inc.php	2026-02-17 20:54:47 +01:00
Molkobain	3b62597092	✅ Update PHP version to 8.3 and DB version to MariaDB latest for CI jobs on commit	2026-02-17 20:39:58 +01:00
v-dumas	b085147f23	N°8844 - Datamodel Cloud moved in Virtualization	2026-02-17 17:49:55 +01:00
Vincent Dumas	38fccf85e3	N°8515 - Add CMDB datamodel for Docker and Kubernetes (#787 ) * N°8515 - Add CMDB datamodel for Docker and Kubernetes * N°8515 - Add Cloud class under Virtualization * N°8515 - Add lnkContainerApplicationToImage and more fields on Image * N°8515 - Move ContainerApplication under SoftwareInstance * N°8515 - Use structural data instead of explicit load -------- Co-authored-by: Stephen Abello <stephen.abello@combodo.com> Co-authored-by: Thomas Casteleyn <thomas.casteleyn@super-visions.com>	2026-02-17 12:20:43 +01:00
Molkobain	c0a2771d4e	N°8681 - Fix PHP code styles	2026-02-16 16:46:00 +01:00
Molkobain	6bd5a7b634	N°8681 - PHP 8.1: Fix deprecated notice for null value passed to preg_match_all() (#803 ) * N°8681 - PHP 8.1: Fix deprecated notice for null value passed to preg_match_all() * N°8681 - Add unit tests * N°8681 - Add unit tests	2026-02-16 16:18:04 +01:00
lenaick.moreira	82b7ef86c7	N°8796 - Refactor PHP CS Fixer configuration for improved readability * `'indentation_type'` already included in @PSR12 rule set	2026-02-16 15:35:46 +01:00
Timothee	f8cf14cbad	N°3124 Add deprecation version	2026-02-09 14:17:35 +01:00
Eric Espie	a5dededfb4	Merge remote-tracking branch 'origin/support/3.2' into develop	2026-02-05 17:06:26 +01:00
Eric Espie	4f878536a8	✅ Fix CI	2026-02-05 16:53:02 +01:00
Eric Espie	d937ec0350	✅ Fix CI	2026-02-05 16:24:27 +01:00
Eric Espie	1cdcaac3d0	Merge remote-tracking branch 'origin/support/3.2' into develop # Conflicts: # sources/Core/Kpi/KpiLogData.php	2026-02-05 15:33:25 +01:00
Eric Espie	985db46960	N°9193 - Start the KPI logs at the beginning of the http request	2026-02-05 14:57:54 +01:00
v-dumas	01adaadfad	N°8492 - Missing accent for 'Categorie'	2026-02-02 14:56:53 +01:00
Molkobain	3f807a64bb	N°9154 - Update Jimmy avatar to reduce size	2026-01-28 11:54:56 +01:00
Molkobain	1d4a155e8f	N°9154 - Add Amine, Gaëlle & Lorraine to sample data	2026-01-28 11:53:23 +01:00
v-dumas	643752f8e7	N°8378 - Missing rights on incident for SuperUser	2026-01-23 16:24:19 +01:00
v-dumas	0e0c09c420	N°9027 - Add right on WorkOrder transition to SuperUser	2026-01-23 15:55:59 +01:00
v-dumas	2b6fa8b381	N°9080 - Fix duplicate 'Model' in class labels in EN and FR	2026-01-23 15:07:49 +01:00
v-dumas	7d2dc5e36a	N°9076 - Fix typos and cosmetics in FR initial queries	2026-01-23 14:36:38 +01:00
v-dumas	f87df8f28b	N°9087 - Add logo on Brand and OS Family, with structural data	2026-01-21 17:13:32 +01:00
Anne-Cath	cc9e64616f	N°8786 - configuration: allow conditions on the allowed_login_types field - cleanup	2026-01-16 16:29:15 +01:00
Stephen Abello	f34373be6d	N°7909 - Missing spacing between fields when columns collapse	2026-01-16 15:30:32 +01:00
v-dumas	a39234f438	N°4032 - Restore explicit dependency used in filter	2026-01-14 16:06:14 +01:00
v-dumas	ac8937105d	N°8873 - Modify Tooltip on 'filter' field of TriggerOnObjectUpdate class	2026-01-12 16:33:36 +01:00
odain	fb6f892244	N°9085 - Cannot install itop without a portal	2026-01-12 15:43:56 +01:00
v-dumas	0a04c83c7b	N°9045 - Add a tooltip for Service Family in Service details	2026-01-12 15:20:14 +01:00
v-dumas	cc8252bebf	N°9046 - Tooltip mentions that a team is required on a support model	2026-01-12 14:52:57 +01:00
Vincent Dumas	3e879c64a7	N°4032 - On UserRequest, change proposed service subcategories (#786 ) * N°4032 - On UserRequest, service subcategory no more limited by request_type	2026-01-08 10:08:52 +01:00
Eric Espie	5c6369b9b8	N°9065 - XML Definition for Dashlet properties	2026-01-07 17:16:50 +01:00
Eric Espie	154fb5c737	N°9066 - Serialization/Unserialization from XML to Forms	2026-01-07 17:09:47 +01:00
Eric Espie	efb1bd765b	N°9065 - XML Definition for Dashlet properties	2026-01-07 17:09:20 +01:00
Eric Espie	b39af74d07	✅ Fix CI	2026-01-07 09:04:56 +01:00
Eric Espie	904cd0b518	N°8772 - Move DIService into PSR-11 Service Locator	2025-12-30 14:27:28 +01:00
Benjamin Dalsass	4c1ad0f4f2	N°8772 - Form dependencies manager implementation - Form SDK implementation - Basic Forms - Dynamics Forms - Basic Blocks + Data Model Block - Form Compilation - Turbo integration	2025-12-30 11:42:55 +01:00
v-dumas	3955b4eb22	N°8534 - Prevent ending on Portal	2025-12-22 17:49:47 +01:00