From b39a9dc6255283b863b30c625b1d43c1d6a84a64 Mon Sep 17 00:00:00 2001
From: Renovate Bot <renovate@pomail.fr>
Date: Mon, 26 Jan 2026 01:14:47 +0000
Subject: [PATCH 01/27] chore(deps): lock file maintenance

---
 web/package-lock.json | 524 ++++++++++++++++++++++++------------------
 1 file changed, 301 insertions(+), 223 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 6f88380..3aa1720 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -519,13 +519,13 @@
             }
         },
         "node_modules/@eslint/compat": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-2.0.0.tgz",
-            "integrity": "sha512-T9AfE1G1uv4wwq94ozgTGio5EUQBqAVe1X9qsQtSNVEYW6j3hvtZVm8Smr4qL1qDPFg+lOB2cL5RxTRMzq4CTA==",
+            "version": "2.0.1",
+            "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-2.0.1.tgz",
+            "integrity": "sha512-yl/JsgplclzuvGFNqwNYV4XNPhP3l62ZOP9w/47atNAdmDtIFCx6X7CSk/SlWUuBGkT4Et/5+UD+WyvX2iiIWA==",
             "dev": true,
             "license": "Apache-2.0",
             "dependencies": {
-                "@eslint/core": "^1.0.0"
+                "@eslint/core": "^1.0.1"
             },
             "engines": {
                 "node": "^20.19.0 || ^22.13.0 || >=24"
@@ -581,9 +581,9 @@
             }
         },
         "node_modules/@eslint/core": {
-            "version": "1.0.0",
-            "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.0.0.tgz",
-            "integrity": "sha512-PRfWP+8FOldvbApr6xL7mNCw4cJcSTq4GA7tYbgq15mRb0kWKO/wEB2jr+uwjFH3sZvEZneZyCUGTxsv4Sahyw==",
+            "version": "1.0.1",
+            "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.0.1.tgz",
+            "integrity": "sha512-r18fEAj9uCk+VjzGt2thsbOmychS+4kxI14spVNibUO2vqKX7obOG+ymZljAwuPZl+S3clPGwCwTDtrdqTiY6Q==",
             "dev": true,
             "license": "Apache-2.0",
             "dependencies": {
@@ -873,9 +873,9 @@
             }
         },
         "node_modules/@rollup/rollup-android-arm-eabi": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.54.0.tgz",
-            "integrity": "sha512-OywsdRHrFvCdvsewAInDKCNyR3laPA2mc9bRYJ6LBp5IyvF3fvXbbNR0bSzHlZVFtn6E0xw2oZlyjg4rKCVcng==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.56.0.tgz",
+            "integrity": "sha512-LNKIPA5k8PF1+jAFomGe3qN3bbIgJe/IlpDBwuVjrDKrJhVWywgnJvflMt/zkbVNLFtF1+94SljYQS6e99klnw==",
             "cpu": [
                 "arm"
             ],
@@ -887,9 +887,9 @@
             ]
         },
         "node_modules/@rollup/rollup-android-arm64": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.54.0.tgz",
-            "integrity": "sha512-Skx39Uv+u7H224Af+bDgNinitlmHyQX1K/atIA32JP3JQw6hVODX5tkbi2zof/E69M1qH2UoN3Xdxgs90mmNYw==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.56.0.tgz",
+            "integrity": "sha512-lfbVUbelYqXlYiU/HApNMJzT1E87UPGvzveGg2h0ktUNlOCxKlWuJ9jtfvs1sKHdwU4fzY7Pl8sAl49/XaEk6Q==",
             "cpu": [
                 "arm64"
             ],
@@ -901,9 +901,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-arm64": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.54.0.tgz",
-            "integrity": "sha512-k43D4qta/+6Fq+nCDhhv9yP2HdeKeP56QrUUTW7E6PhZP1US6NDqpJj4MY0jBHlJivVJD5P8NxrjuobZBJTCRw==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.56.0.tgz",
+            "integrity": "sha512-EgxD1ocWfhoD6xSOeEEwyE7tDvwTgZc8Bss7wCWe+uc7wO8G34HHCUH+Q6cHqJubxIAnQzAsyUsClt0yFLu06w==",
             "cpu": [
                 "arm64"
             ],
@@ -915,9 +915,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-x64": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.54.0.tgz",
-            "integrity": "sha512-cOo7biqwkpawslEfox5Vs8/qj83M/aZCSSNIWpVzfU2CYHa2G3P1UN5WF01RdTHSgCkri7XOlTdtk17BezlV3A==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.56.0.tgz",
+            "integrity": "sha512-1vXe1vcMOssb/hOF8iv52A7feWW2xnu+c8BV4t1F//m9QVLTfNVpEdja5ia762j/UEJe2Z1jAmEqZAK42tVW3g==",
             "cpu": [
                 "x64"
             ],
@@ -929,9 +929,9 @@
             ]
         },
         "node_modules/@rollup/rollup-freebsd-arm64": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.54.0.tgz",
-            "integrity": "sha512-miSvuFkmvFbgJ1BevMa4CPCFt5MPGw094knM64W9I0giUIMMmRYcGW/JWZDriaw/k1kOBtsWh1z6nIFV1vPNtA==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.56.0.tgz",
+            "integrity": "sha512-bof7fbIlvqsyv/DtaXSck4VYQ9lPtoWNFCB/JY4snlFuJREXfZnm+Ej6yaCHfQvofJDXLDMTVxWscVSuQvVWUQ==",
             "cpu": [
                 "arm64"
             ],
@@ -943,9 +943,9 @@
             ]
         },
         "node_modules/@rollup/rollup-freebsd-x64": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.54.0.tgz",
-            "integrity": "sha512-KGXIs55+b/ZfZsq9aR026tmr/+7tq6VG6MsnrvF4H8VhwflTIuYh+LFUlIsRdQSgrgmtM3fVATzEAj4hBQlaqQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.56.0.tgz",
+            "integrity": "sha512-KNa6lYHloW+7lTEkYGa37fpvPq+NKG/EHKM8+G/g9WDU7ls4sMqbVRV78J6LdNuVaeeK5WB9/9VAFbKxcbXKYg==",
             "cpu": [
                 "x64"
             ],
@@ -957,9 +957,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.54.0.tgz",
-            "integrity": "sha512-EHMUcDwhtdRGlXZsGSIuXSYwD5kOT9NVnx9sqzYiwAc91wfYOE1g1djOEDseZJKKqtHAHGwnGPQu3kytmfaXLQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.56.0.tgz",
+            "integrity": "sha512-E8jKK87uOvLrrLN28jnAAAChNq5LeCd2mGgZF+fGF5D507WlG/Noct3lP/QzQ6MrqJ5BCKNwI9ipADB6jyiq2A==",
             "cpu": [
                 "arm"
             ],
@@ -971,9 +971,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.54.0.tgz",
-            "integrity": "sha512-+pBrqEjaakN2ySv5RVrj/qLytYhPKEUwk+e3SFU5jTLHIcAtqh2rLrd/OkbNuHJpsBgxsD8ccJt5ga/SeG0JmA==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.56.0.tgz",
+            "integrity": "sha512-jQosa5FMYF5Z6prEpTCCmzCXz6eKr/tCBssSmQGEeozA9tkRUty/5Vx06ibaOP9RCrW1Pvb8yp3gvZhHwTDsJw==",
             "cpu": [
                 "arm"
             ],
@@ -985,9 +985,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.54.0.tgz",
-            "integrity": "sha512-NSqc7rE9wuUaRBsBp5ckQ5CVz5aIRKCwsoa6WMF7G01sX3/qHUw/z4pv+D+ahL1EIKy6Enpcnz1RY8pf7bjwng==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.56.0.tgz",
+            "integrity": "sha512-uQVoKkrC1KGEV6udrdVahASIsaF8h7iLG0U0W+Xn14ucFwi6uS539PsAr24IEF9/FoDtzMeeJXJIBo5RkbNWvQ==",
             "cpu": [
                 "arm64"
             ],
@@ -999,9 +999,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-musl": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.54.0.tgz",
-            "integrity": "sha512-gr5vDbg3Bakga5kbdpqx81m2n9IX8M6gIMlQQIXiLTNeQW6CucvuInJ91EuCJ/JYvc+rcLLsDFcfAD1K7fMofg==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.56.0.tgz",
+            "integrity": "sha512-vLZ1yJKLxhQLFKTs42RwTwa6zkGln+bnXc8ueFGMYmBTLfNu58sl5/eXyxRa2RarTkJbXl8TKPgfS6V5ijNqEA==",
             "cpu": [
                 "arm64"
             ],
@@ -1013,9 +1013,23 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-loong64-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.54.0.tgz",
-            "integrity": "sha512-gsrtB1NA3ZYj2vq0Rzkylo9ylCtW/PhpLEivlgWe0bpgtX5+9j9EZa0wtZiCjgu6zmSeZWyI/e2YRX1URozpIw==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.56.0.tgz",
+            "integrity": "sha512-FWfHOCub564kSE3xJQLLIC/hbKqHSVxy8vY75/YHHzWvbJL7aYJkdgwD/xGfUlL5UV2SB7otapLrcCj2xnF1dg==",
+            "cpu": [
+                "loong64"
+            ],
+            "dev": true,
+            "license": "MIT",
+            "optional": true,
+            "os": [
+                "linux"
+            ]
+        },
+        "node_modules/@rollup/rollup-linux-loong64-musl": {
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.56.0.tgz",
+            "integrity": "sha512-z1EkujxIh7nbrKL1lmIpqFTc/sr0u8Uk0zK/qIEFldbt6EDKWFk/pxFq3gYj4Bjn3aa9eEhYRlL3H8ZbPT1xvA==",
             "cpu": [
                 "loong64"
             ],
@@ -1027,9 +1041,23 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-ppc64-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.54.0.tgz",
-            "integrity": "sha512-y3qNOfTBStmFNq+t4s7Tmc9hW2ENtPg8FeUD/VShI7rKxNW7O4fFeaYbMsd3tpFlIg1Q8IapFgy7Q9i2BqeBvA==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.56.0.tgz",
+            "integrity": "sha512-iNFTluqgdoQC7AIE8Q34R3AuPrJGJirj5wMUErxj22deOcY7XwZRaqYmB6ZKFHoVGqRcRd0mqO+845jAibKCkw==",
+            "cpu": [
+                "ppc64"
+            ],
+            "dev": true,
+            "license": "MIT",
+            "optional": true,
+            "os": [
+                "linux"
+            ]
+        },
+        "node_modules/@rollup/rollup-linux-ppc64-musl": {
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.56.0.tgz",
+            "integrity": "sha512-MtMeFVlD2LIKjp2sE2xM2slq3Zxf9zwVuw0jemsxvh1QOpHSsSzfNOTH9uYW9i1MXFxUSMmLpeVeUzoNOKBaWg==",
             "cpu": [
                 "ppc64"
             ],
@@ -1041,9 +1069,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.54.0.tgz",
-            "integrity": "sha512-89sepv7h2lIVPsFma8iwmccN7Yjjtgz0Rj/Ou6fEqg3HDhpCa+Et+YSufy27i6b0Wav69Qv4WBNl3Rs6pwhebQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.56.0.tgz",
+            "integrity": "sha512-in+v6wiHdzzVhYKXIk5U74dEZHdKN9KH0Q4ANHOTvyXPG41bajYRsy7a8TPKbYPl34hU7PP7hMVHRvv/5aCSew==",
             "cpu": [
                 "riscv64"
             ],
@@ -1055,9 +1083,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-musl": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.54.0.tgz",
-            "integrity": "sha512-ZcU77ieh0M2Q8Ur7D5X7KvK+UxbXeDHwiOt/CPSBTI1fBmeDMivW0dPkdqkT4rOgDjrDDBUed9x4EgraIKoR2A==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.56.0.tgz",
+            "integrity": "sha512-yni2raKHB8m9NQpI9fPVwN754mn6dHQSbDTwxdr9SE0ks38DTjLMMBjrwvB5+mXrX+C0npX0CVeCUcvvvD8CNQ==",
             "cpu": [
                 "riscv64"
             ],
@@ -1069,9 +1097,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-s390x-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.54.0.tgz",
-            "integrity": "sha512-2AdWy5RdDF5+4YfG/YesGDDtbyJlC9LHmL6rZw6FurBJ5n4vFGupsOBGfwMRjBYH7qRQowT8D/U4LoSvVwOhSQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.56.0.tgz",
+            "integrity": "sha512-zhLLJx9nQPu7wezbxt2ut+CI4YlXi68ndEve16tPc/iwoylWS9B3FxpLS2PkmfYgDQtosah07Mj9E0khc3Y+vQ==",
             "cpu": [
                 "s390x"
             ],
@@ -1083,9 +1111,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.54.0.tgz",
-            "integrity": "sha512-WGt5J8Ij/rvyqpFexxk3ffKqqbLf9AqrTBbWDk7ApGUzaIs6V+s2s84kAxklFwmMF/vBNGrVdYgbblCOFFezMQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.56.0.tgz",
+            "integrity": "sha512-MVC6UDp16ZSH7x4rtuJPAEoE1RwS8N4oK9DLHy3FTEdFoUTCFVzMfJl/BVJ330C+hx8FfprA5Wqx4FhZXkj2Kw==",
             "cpu": [
                 "x64"
             ],
@@ -1097,9 +1125,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-musl": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.54.0.tgz",
-            "integrity": "sha512-JzQmb38ATzHjxlPHuTH6tE7ojnMKM2kYNzt44LO/jJi8BpceEC8QuXYA908n8r3CNuG/B3BV8VR3Hi1rYtmPiw==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.56.0.tgz",
+            "integrity": "sha512-ZhGH1eA4Qv0lxaV00azCIS1ChedK0V32952Md3FtnxSqZTBTd6tgil4nZT5cU8B+SIw3PFYkvyR4FKo2oyZIHA==",
             "cpu": [
                 "x64"
             ],
@@ -1110,10 +1138,24 @@
                 "linux"
             ]
         },
+        "node_modules/@rollup/rollup-openbsd-x64": {
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.56.0.tgz",
+            "integrity": "sha512-O16XcmyDeFI9879pEcmtWvD/2nyxR9mF7Gs44lf1vGGx8Vg2DRNx11aVXBEqOQhWb92WN4z7fW/q4+2NYzCbBA==",
+            "cpu": [
+                "x64"
+            ],
+            "dev": true,
+            "license": "MIT",
+            "optional": true,
+            "os": [
+                "openbsd"
+            ]
+        },
         "node_modules/@rollup/rollup-openharmony-arm64": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.54.0.tgz",
-            "integrity": "sha512-huT3fd0iC7jigGh7n3q/+lfPcXxBi+om/Rs3yiFxjvSxbSB6aohDFXbWvlspaqjeOh+hx7DDHS+5Es5qRkWkZg==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.56.0.tgz",
+            "integrity": "sha512-LhN/Reh+7F3RCgQIRbgw8ZMwUwyqJM+8pXNT6IIJAqm2IdKkzpCh/V9EdgOMBKuebIrzswqy4ATlrDgiOwbRcQ==",
             "cpu": [
                 "arm64"
             ],
@@ -1125,9 +1167,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-arm64-msvc": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.54.0.tgz",
-            "integrity": "sha512-c2V0W1bsKIKfbLMBu/WGBz6Yci8nJ/ZJdheE0EwB73N3MvHYKiKGs3mVilX4Gs70eGeDaMqEob25Tw2Gb9Nqyw==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.56.0.tgz",
+            "integrity": "sha512-kbFsOObXp3LBULg1d3JIUQMa9Kv4UitDmpS+k0tinPBz3watcUiV2/LUDMMucA6pZO3WGE27P7DsfaN54l9ing==",
             "cpu": [
                 "arm64"
             ],
@@ -1139,9 +1181,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-ia32-msvc": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.54.0.tgz",
-            "integrity": "sha512-woEHgqQqDCkAzrDhvDipnSirm5vxUXtSKDYTVpZG3nUdW/VVB5VdCYA2iReSj/u3yCZzXID4kuKG7OynPnB3WQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.56.0.tgz",
+            "integrity": "sha512-vSSgny54D6P4vf2izbtFm/TcWYedw7f8eBrOiGGecyHyQB9q4Kqentjaj8hToe+995nob/Wv48pDqL5a62EWtg==",
             "cpu": [
                 "ia32"
             ],
@@ -1153,9 +1195,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-gnu": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.54.0.tgz",
-            "integrity": "sha512-dzAc53LOuFvHwbCEOS0rPbXp6SIhAf2txMP5p6mGyOXXw5mWY8NGGbPMPrs4P1WItkfApDathBj/NzMLUZ9rtQ==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.56.0.tgz",
+            "integrity": "sha512-FeCnkPCTHQJFbiGG49KjV5YGW/8b9rrXAM2Mz2kiIoktq2qsJxRD5giEMEOD2lPdgs72upzefaUvS+nc8E3UzQ==",
             "cpu": [
                 "x64"
             ],
@@ -1167,9 +1209,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-msvc": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.54.0.tgz",
-            "integrity": "sha512-hYT5d3YNdSh3mbCU1gwQyPgQd3T2ne0A3KG8KSBdav5TiBg6eInVmV+TeR5uHufiIgSFg0XsOWGW5/RhNcSvPg==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.56.0.tgz",
+            "integrity": "sha512-H8AE9Ur/t0+1VXujj90w0HrSOuv0Nq9r1vSZF2t5km20NTfosQsGGUXDaKdQZzwuLts7IyL1fYT4hM95TI9c4g==",
             "cpu": [
                 "x64"
             ],
@@ -1208,9 +1250,9 @@
             }
         },
         "node_modules/@sveltejs/kit": {
-            "version": "2.49.2",
-            "resolved": "https://registry.npmjs.org/@sveltejs/kit/-/kit-2.49.2.tgz",
-            "integrity": "sha512-Vp3zX/qlwerQmHMP6x0Ry1oY7eKKRcOWGc2P59srOp4zcqyn+etJyQpELgOi4+ZSUgteX8Y387NuwruLgGXLUQ==",
+            "version": "2.50.1",
+            "resolved": "https://registry.npmjs.org/@sveltejs/kit/-/kit-2.50.1.tgz",
+            "integrity": "sha512-XRHD2i3zC4ukhz2iCQzO4mbsts081PAZnnMAQ7LNpWeYgeBmwMsalf0FGSwhFXBbtr2XViPKnFJBDCckWqrsLw==",
             "dev": true,
             "license": "MIT",
             "peer": true,
@@ -1220,7 +1262,7 @@
                 "@types/cookie": "^0.6.0",
                 "acorn": "^8.14.1",
                 "cookie": "^0.6.0",
-                "devalue": "^5.3.2",
+                "devalue": "^5.6.2",
                 "esm-env": "^1.2.2",
                 "kleur": "^4.1.5",
                 "magic-string": "^0.30.5",
@@ -1239,26 +1281,30 @@
                 "@opentelemetry/api": "^1.0.0",
                 "@sveltejs/vite-plugin-svelte": "^3.0.0 || ^4.0.0-next.1 || ^5.0.0 || ^6.0.0-next.0",
                 "svelte": "^4.0.0 || ^5.0.0-next.0",
+                "typescript": "^5.3.3",
                 "vite": "^5.0.3 || ^6.0.0 || ^7.0.0-beta.0"
             },
             "peerDependenciesMeta": {
                 "@opentelemetry/api": {
                     "optional": true
+                },
+                "typescript": {
+                    "optional": true
                 }
             }
         },
         "node_modules/@sveltejs/vite-plugin-svelte": {
-            "version": "6.2.1",
-            "resolved": "https://registry.npmjs.org/@sveltejs/vite-plugin-svelte/-/vite-plugin-svelte-6.2.1.tgz",
-            "integrity": "sha512-YZs/OSKOQAQCnJvM/P+F1URotNnYNeU3P2s4oIpzm1uFaqUEqRxUB0g5ejMjEb5Gjb9/PiBI5Ktrq4rUUF8UVQ==",
+            "version": "6.2.4",
+            "resolved": "https://registry.npmjs.org/@sveltejs/vite-plugin-svelte/-/vite-plugin-svelte-6.2.4.tgz",
+            "integrity": "sha512-ou/d51QSdTyN26D7h6dSpusAKaZkAiGM55/AKYi+9AGZw7q85hElbjK3kEyzXHhLSnRISHOYzVge6x0jRZ7DXA==",
             "dev": true,
             "license": "MIT",
             "peer": true,
             "dependencies": {
                 "@sveltejs/vite-plugin-svelte-inspector": "^5.0.0",
-                "debug": "^4.4.1",
                 "deepmerge": "^4.3.1",
-                "magic-string": "^0.30.17",
+                "magic-string": "^0.30.21",
+                "obug": "^2.1.0",
                 "vitefu": "^1.1.1"
             },
             "engines": {
@@ -1270,13 +1316,13 @@
             }
         },
         "node_modules/@sveltejs/vite-plugin-svelte-inspector": {
-            "version": "5.0.1",
-            "resolved": "https://registry.npmjs.org/@sveltejs/vite-plugin-svelte-inspector/-/vite-plugin-svelte-inspector-5.0.1.tgz",
-            "integrity": "sha512-ubWshlMk4bc8mkwWbg6vNvCeT7lGQojE3ijDh3QTR6Zr/R+GXxsGbyH4PExEPpiFmqPhYiVSVmHBjUcVc1JIrA==",
+            "version": "5.0.2",
+            "resolved": "https://registry.npmjs.org/@sveltejs/vite-plugin-svelte-inspector/-/vite-plugin-svelte-inspector-5.0.2.tgz",
+            "integrity": "sha512-TZzRTcEtZffICSAoZGkPSl6Etsj2torOVrx6Uw0KpXxrec9Gg6jFWQ60Q3+LmNGfZSxHRCZL7vXVZIWmuV50Ig==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "debug": "^4.4.1"
+                "obug": "^2.1.0"
             },
             "engines": {
                 "node": "^20.19 || ^22.12 || >=24"
@@ -1327,9 +1373,9 @@
             "license": "MIT"
         },
         "node_modules/@types/node": {
-            "version": "24.10.4",
-            "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.4.tgz",
-            "integrity": "sha512-vnDVpYPMzs4wunl27jHrfmwojOGKya0xyM3sH+UE5iv5uPS6vX7UIoh6m+vQc5LGBq52HBKPIn/zcSZVzeDEZg==",
+            "version": "24.10.9",
+            "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.9.tgz",
+            "integrity": "sha512-ne4A0IpG3+2ETuREInjPNhUGis1SFjv1d5asp8MzEAGtOZeTeHVDOYqOgqfhvseqg/iXty2hjBf1zAOb7RNiNw==",
             "dev": true,
             "license": "MIT",
             "peer": true,
@@ -1338,20 +1384,20 @@
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.51.0.tgz",
-            "integrity": "sha512-XtssGWJvypyM2ytBnSnKtHYOGT+4ZwTnBVl36TA4nRO2f4PRNGz5/1OszHzcZCvcBMh+qb7I06uoCmLTRdR9og==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.53.1.tgz",
+            "integrity": "sha512-cFYYFZ+oQFi6hUnBTbLRXfTJiaQtYE3t4O692agbBl+2Zy+eqSKWtPjhPXJu1G7j4RLjKgeJPDdq3EqOwmX5Ag==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@eslint-community/regexpp": "^4.10.0",
-                "@typescript-eslint/scope-manager": "8.51.0",
-                "@typescript-eslint/type-utils": "8.51.0",
-                "@typescript-eslint/utils": "8.51.0",
-                "@typescript-eslint/visitor-keys": "8.51.0",
-                "ignore": "^7.0.0",
+                "@eslint-community/regexpp": "^4.12.2",
+                "@typescript-eslint/scope-manager": "8.53.1",
+                "@typescript-eslint/type-utils": "8.53.1",
+                "@typescript-eslint/utils": "8.53.1",
+                "@typescript-eslint/visitor-keys": "8.53.1",
+                "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
-                "ts-api-utils": "^2.2.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1361,7 +1407,7 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.51.0",
+                "@typescript-eslint/parser": "^8.53.1",
                 "eslint": "^8.57.0 || ^9.0.0",
                 "typescript": ">=4.8.4 <6.0.0"
             }
@@ -1377,18 +1423,18 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.51.0.tgz",
-            "integrity": "sha512-3xP4XzzDNQOIqBMWogftkwxhg5oMKApqY0BAflmLZiFYHqyhSOxv/cd/zPQLTcCXr4AkaKb25joocY0BD1WC6A==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.53.1.tgz",
+            "integrity": "sha512-nm3cvFN9SqZGXjmw5bZ6cGmvJSyJPn0wU9gHAZZHDnZl2wF9PhHv78Xf06E0MaNk4zLVHL8hb2/c32XvyJOLQg==",
             "dev": true,
             "license": "MIT",
             "peer": true,
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.51.0",
-                "@typescript-eslint/types": "8.51.0",
-                "@typescript-eslint/typescript-estree": "8.51.0",
-                "@typescript-eslint/visitor-keys": "8.51.0",
-                "debug": "^4.3.4"
+                "@typescript-eslint/scope-manager": "8.53.1",
+                "@typescript-eslint/types": "8.53.1",
+                "@typescript-eslint/typescript-estree": "8.53.1",
+                "@typescript-eslint/visitor-keys": "8.53.1",
+                "debug": "^4.4.3"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1403,15 +1449,15 @@
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.51.0.tgz",
-            "integrity": "sha512-Luv/GafO07Z7HpiI7qeEW5NW8HUtZI/fo/kE0YbtQEFpJRUuR0ajcWfCE5bnMvL7QQFrmT/odMe8QZww8X2nfQ==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.53.1.tgz",
+            "integrity": "sha512-WYC4FB5Ra0xidsmlPb+1SsnaSKPmS3gsjIARwbEkHkoWloQmuzcfypljaJcR78uyLA1h8sHdWWPHSLDI+MtNog==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.51.0",
-                "@typescript-eslint/types": "^8.51.0",
-                "debug": "^4.3.4"
+                "@typescript-eslint/tsconfig-utils": "^8.53.1",
+                "@typescript-eslint/types": "^8.53.1",
+                "debug": "^4.4.3"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1425,14 +1471,14 @@
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.51.0.tgz",
-            "integrity": "sha512-JhhJDVwsSx4hiOEQPeajGhCWgBMBwVkxC/Pet53EpBVs7zHHtayKefw1jtPaNRXpI9RA2uocdmpdfE7T+NrizA==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.53.1.tgz",
+            "integrity": "sha512-Lu23yw1uJMFY8cUeq7JlrizAgeQvWugNQzJp8C3x8Eo5Jw5Q2ykMdiiTB9vBVOOUBysMzmRRmUfwFrZuI2C4SQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.51.0",
-                "@typescript-eslint/visitor-keys": "8.51.0"
+                "@typescript-eslint/types": "8.53.1",
+                "@typescript-eslint/visitor-keys": "8.53.1"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1443,9 +1489,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.51.0.tgz",
-            "integrity": "sha512-Qi5bSy/vuHeWyir2C8u/uqGMIlIDu8fuiYWv48ZGlZ/k+PRPHtaAu7erpc7p5bzw2WNNSniuxoMSO4Ar6V9OXw==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.53.1.tgz",
+            "integrity": "sha512-qfvLXS6F6b1y43pnf0pPbXJ+YoXIC7HKg0UGZ27uMIemKMKA6XH2DTxsEDdpdN29D+vHV07x/pnlPNVLhdhWiA==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -1460,17 +1506,17 @@
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.51.0.tgz",
-            "integrity": "sha512-0XVtYzxnobc9K0VU7wRWg1yiUrw4oQzexCG2V2IDxxCxhqBMSMbjB+6o91A+Uc0GWtgjCa3Y8bi7hwI0Tu4n5Q==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.53.1.tgz",
+            "integrity": "sha512-MOrdtNvyhy0rHyv0ENzub1d4wQYKb2NmIqG7qEqPWFW7Mpy2jzFC3pQ2yKDvirZB7jypm5uGjF2Qqs6OIqu47w==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.51.0",
-                "@typescript-eslint/typescript-estree": "8.51.0",
-                "@typescript-eslint/utils": "8.51.0",
-                "debug": "^4.3.4",
-                "ts-api-utils": "^2.2.0"
+                "@typescript-eslint/types": "8.53.1",
+                "@typescript-eslint/typescript-estree": "8.53.1",
+                "@typescript-eslint/utils": "8.53.1",
+                "debug": "^4.4.3",
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1485,9 +1531,9 @@
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.51.0.tgz",
-            "integrity": "sha512-TizAvWYFM6sSscmEakjY3sPqGwxZRSywSsPEiuZF6d5GmGD9Gvlsv0f6N8FvAAA0CD06l3rIcWNbsN1e5F/9Ag==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.53.1.tgz",
+            "integrity": "sha512-jr/swrr2aRmUAUjW5/zQHbMaui//vQlsZcJKijZf3M26bnmLj8LyZUpj8/Rd6uzaek06OWsqdofN/Thenm5O8A==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -1499,21 +1545,21 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.51.0.tgz",
-            "integrity": "sha512-1qNjGqFRmlq0VW5iVlcyHBbCjPB7y6SxpBkrbhNWMy/65ZoncXCEPJxkRZL8McrseNH6lFhaxCIaX+vBuFnRng==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.53.1.tgz",
+            "integrity": "sha512-RGlVipGhQAG4GxV1s34O91cxQ/vWiHJTDHbXRr0li2q/BGg3RR/7NM8QDWgkEgrwQYCvmJV9ichIwyoKCQ+DTg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.51.0",
-                "@typescript-eslint/tsconfig-utils": "8.51.0",
-                "@typescript-eslint/types": "8.51.0",
-                "@typescript-eslint/visitor-keys": "8.51.0",
-                "debug": "^4.3.4",
-                "minimatch": "^9.0.4",
-                "semver": "^7.6.0",
+                "@typescript-eslint/project-service": "8.53.1",
+                "@typescript-eslint/tsconfig-utils": "8.53.1",
+                "@typescript-eslint/types": "8.53.1",
+                "@typescript-eslint/visitor-keys": "8.53.1",
+                "debug": "^4.4.3",
+                "minimatch": "^9.0.5",
+                "semver": "^7.7.3",
                 "tinyglobby": "^0.2.15",
-                "ts-api-utils": "^2.2.0"
+                "ts-api-utils": "^2.4.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1552,17 +1598,30 @@
                 "url": "https://github.com/sponsors/isaacs"
             }
         },
+        "node_modules/@typescript-eslint/typescript-estree/node_modules/semver": {
+            "version": "7.7.3",
+            "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz",
+            "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==",
+            "dev": true,
+            "license": "ISC",
+            "bin": {
+                "semver": "bin/semver.js"
+            },
+            "engines": {
+                "node": ">=10"
+            }
+        },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.51.0.tgz",
-            "integrity": "sha512-11rZYxSe0zabiKaCP2QAwRf/dnmgFgvTmeDTtZvUvXG3UuAdg/GU02NExmmIXzz3vLGgMdtrIosI84jITQOxUA==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.53.1.tgz",
+            "integrity": "sha512-c4bMvGVWW4hv6JmDUEG7fSYlWOl3II2I4ylt0NM+seinYQlZMQIaKaXIIVJWt9Ofh6whrpM+EdDQXKXjNovvrg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@eslint-community/eslint-utils": "^4.7.0",
-                "@typescript-eslint/scope-manager": "8.51.0",
-                "@typescript-eslint/types": "8.51.0",
-                "@typescript-eslint/typescript-estree": "8.51.0"
+                "@eslint-community/eslint-utils": "^4.9.1",
+                "@typescript-eslint/scope-manager": "8.53.1",
+                "@typescript-eslint/types": "8.53.1",
+                "@typescript-eslint/typescript-estree": "8.53.1"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1577,13 +1636,13 @@
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.51.0.tgz",
-            "integrity": "sha512-mM/JRQOzhVN1ykejrvwnBRV3+7yTKK8tVANVN3o1O0t0v7o+jqdVu9crPy5Y9dov15TJk/FTIgoUGHrTOVL3Zg==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.53.1.tgz",
+            "integrity": "sha512-oy+wV7xDKFPRyNggmXuZQSBzvoLnpmJs+GhzRhPjrxl2b/jIlyjVokzm47CZCDUdXKr2zd7ZLodPfOBpOPyPlg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.51.0",
+                "@typescript-eslint/types": "8.53.1",
                 "eslint-visitor-keys": "^4.2.1"
             },
             "engines": {
@@ -2216,9 +2275,9 @@
             "license": "MIT"
         },
         "node_modules/devalue": {
-            "version": "5.6.1",
-            "resolved": "https://registry.npmjs.org/devalue/-/devalue-5.6.1.tgz",
-            "integrity": "sha512-jDwizj+IlEZBunHcOuuFVBnIMPAEHvTsJj0BcIp94xYguLRVBcXO853px/MyIJvbVzWdsGvrRweIUWJw8hBP7A==",
+            "version": "5.6.2",
+            "resolved": "https://registry.npmjs.org/devalue/-/devalue-5.6.2.tgz",
+            "integrity": "sha512-nPRkjWzzDQlsejL1WVifk5rvcFi/y1onBRxjaFMjZeR9mFpqu2gmAZ9xUB9/IEanEP/vBtGeGganC/GO1fmufg==",
             "dev": true,
             "license": "MIT"
         },
@@ -2375,9 +2434,9 @@
             }
         },
         "node_modules/eslint-plugin-svelte": {
-            "version": "3.13.1",
-            "resolved": "https://registry.npmjs.org/eslint-plugin-svelte/-/eslint-plugin-svelte-3.13.1.tgz",
-            "integrity": "sha512-Ng+kV/qGS8P/isbNYVE3sJORtubB+yLEcYICMkUWNaDTb0SwZni/JhAYXh/Dz/q2eThUwWY0VMPZ//KYD1n3eQ==",
+            "version": "3.14.0",
+            "resolved": "https://registry.npmjs.org/eslint-plugin-svelte/-/eslint-plugin-svelte-3.14.0.tgz",
+            "integrity": "sha512-Isw0GvaMm0yHxAj71edAdGFh28ufYs+6rk2KlbbZphnqZAzrH3Se3t12IFh2H9+1F/jlDhBBL4oiOJmLqmYX0g==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -2503,9 +2562,9 @@
             }
         },
         "node_modules/esrap": {
-            "version": "2.2.1",
-            "resolved": "https://registry.npmjs.org/esrap/-/esrap-2.2.1.tgz",
-            "integrity": "sha512-GiYWG34AN/4CUyaWAgunGt0Rxvr1PTMlGC0vvEov/uOQYWne2bpN03Um+k8jT+q3op33mKouP2zeJ6OlM+qeUg==",
+            "version": "2.2.2",
+            "resolved": "https://registry.npmjs.org/esrap/-/esrap-2.2.2.tgz",
+            "integrity": "sha512-zA6497ha+qKvoWIK+WM9NAh5ni17sKZKhbS5B3PoYbBvaYHZWoS33zmFybmyqpn07RLUxSmn+RCls2/XF+d0oQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -2709,9 +2768,9 @@
             }
         },
         "node_modules/globals": {
-            "version": "17.0.0",
-            "resolved": "https://registry.npmjs.org/globals/-/globals-17.0.0.tgz",
-            "integrity": "sha512-gv5BeD2EssA793rlFWVPMMCqefTlpusw6/2TbAVMy0FzcG8wKJn4O+NqJ4+XWmmwrayJgw5TzrmWjFgmz1XPqw==",
+            "version": "17.1.0",
+            "resolved": "https://registry.npmjs.org/globals/-/globals-17.1.0.tgz",
+            "integrity": "sha512-8HoIcWI5fCvG5NADj4bDav+er9B9JMj2vyL2pI8D0eismKyUvPLTSs+Ln3wqhwcp306i73iyVnEKx3F6T47TGw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -3007,9 +3066,9 @@
             }
         },
         "node_modules/lodash": {
-            "version": "4.17.21",
-            "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-            "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+            "version": "4.17.23",
+            "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+            "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
             "dev": true,
             "license": "MIT"
         },
@@ -3128,25 +3187,41 @@
             "license": "MIT"
         },
         "node_modules/nypm": {
-            "version": "0.6.2",
-            "resolved": "https://registry.npmjs.org/nypm/-/nypm-0.6.2.tgz",
-            "integrity": "sha512-7eM+hpOtrKrBDCh7Ypu2lJ9Z7PNZBdi/8AT3AX8xoCj43BBVHD0hPSTEvMtkMpfs8FCqBGhxB+uToIQimA111g==",
+            "version": "0.6.4",
+            "resolved": "https://registry.npmjs.org/nypm/-/nypm-0.6.4.tgz",
+            "integrity": "sha512-1TvCKjZyyklN+JJj2TS3P4uSQEInrM/HkkuSXsEzm1ApPgBffOn8gFguNnZf07r/1X6vlryfIqMUkJKQMzlZiw==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "citty": "^0.1.6",
-                "consola": "^3.4.2",
+                "citty": "^0.2.0",
                 "pathe": "^2.0.3",
-                "pkg-types": "^2.3.0",
-                "tinyexec": "^1.0.1"
+                "tinyexec": "^1.0.2"
             },
             "bin": {
                 "nypm": "dist/cli.mjs"
             },
             "engines": {
-                "node": "^14.16.0 || >=16.10.0"
+                "node": ">=18"
             }
         },
+        "node_modules/nypm/node_modules/citty": {
+            "version": "0.2.0",
+            "resolved": "https://registry.npmjs.org/citty/-/citty-0.2.0.tgz",
+            "integrity": "sha512-8csy5IBFI2ex2hTVpaHN2j+LNE199AgiI7y4dMintrr8i0lQiFn+0AWMZrWdHKIgMOer65f8IThysYhoReqjWA==",
+            "dev": true,
+            "license": "MIT"
+        },
+        "node_modules/obug": {
+            "version": "2.1.1",
+            "resolved": "https://registry.npmjs.org/obug/-/obug-2.1.1.tgz",
+            "integrity": "sha512-uTqF9MuPraAQ+IsnPf366RG4cP9RtUi7MLO1N3KEc+wb0a6yKpeL0lmk2IB1jY5KHPAlTc6T/JRdC/YqxHNwkQ==",
+            "dev": true,
+            "funding": [
+                "https://github.com/sponsors/sxzz",
+                "https://opencollective.com/debug"
+            ],
+            "license": "MIT"
+        },
         "node_modules/ohash": {
             "version": "2.0.11",
             "resolved": "https://registry.npmjs.org/ohash/-/ohash-2.0.11.tgz",
@@ -3274,9 +3349,9 @@
             }
         },
         "node_modules/perfect-debounce": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-2.0.0.tgz",
-            "integrity": "sha512-fkEH/OBiKrqqI/yIgjR92lMfs2K8105zt/VT6+7eTjNwisrsh47CeIED9z58zI7DfKdH3uHAn25ziRZn3kgAow==",
+            "version": "2.1.0",
+            "resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-2.1.0.tgz",
+            "integrity": "sha512-LjgdTytVFXeUgtHZr9WYViYSM/g8MkcTPYDlPa3cDqMirHjKiSZPYd6DoL7pK8AJQr+uWkQvCjHNdiMqsrJs+g==",
             "dev": true,
             "license": "MIT"
         },
@@ -3462,9 +3537,9 @@
             }
         },
         "node_modules/prettier": {
-            "version": "3.7.4",
-            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.7.4.tgz",
-            "integrity": "sha512-v6UNi1+3hSlVvv8fSaoUbggEM5VErKmmpGA7Pl3HF8V6uKY7rvClBOJlH6yNwQtfTueNkGVpOv/mtWL9L4bgRA==",
+            "version": "3.8.1",
+            "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.1.tgz",
+            "integrity": "sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg==",
             "dev": true,
             "license": "MIT",
             "peer": true,
@@ -3535,9 +3610,9 @@
             }
         },
         "node_modules/rollup": {
-            "version": "4.54.0",
-            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.54.0.tgz",
-            "integrity": "sha512-3nk8Y3a9Ea8szgKhinMlGMhGMw89mqule3KWczxhIzqudyHdCIOHw8WJlj/r329fACjKLEh13ZSk7oE22kyeIw==",
+            "version": "4.56.0",
+            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.56.0.tgz",
+            "integrity": "sha512-9FwVqlgUHzbXtDg9RCMgodF3Ua4Na6Gau+Sdt9vyCN4RhHfVKX2DCHy3BjMLTDd47ITDhYAnTwGulWTblJSDLg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -3551,28 +3626,31 @@
                 "npm": ">=8.0.0"
             },
             "optionalDependencies": {
-                "@rollup/rollup-android-arm-eabi": "4.54.0",
-                "@rollup/rollup-android-arm64": "4.54.0",
-                "@rollup/rollup-darwin-arm64": "4.54.0",
-                "@rollup/rollup-darwin-x64": "4.54.0",
-                "@rollup/rollup-freebsd-arm64": "4.54.0",
-                "@rollup/rollup-freebsd-x64": "4.54.0",
-                "@rollup/rollup-linux-arm-gnueabihf": "4.54.0",
-                "@rollup/rollup-linux-arm-musleabihf": "4.54.0",
-                "@rollup/rollup-linux-arm64-gnu": "4.54.0",
-                "@rollup/rollup-linux-arm64-musl": "4.54.0",
-                "@rollup/rollup-linux-loong64-gnu": "4.54.0",
-                "@rollup/rollup-linux-ppc64-gnu": "4.54.0",
-                "@rollup/rollup-linux-riscv64-gnu": "4.54.0",
-                "@rollup/rollup-linux-riscv64-musl": "4.54.0",
-                "@rollup/rollup-linux-s390x-gnu": "4.54.0",
-                "@rollup/rollup-linux-x64-gnu": "4.54.0",
-                "@rollup/rollup-linux-x64-musl": "4.54.0",
-                "@rollup/rollup-openharmony-arm64": "4.54.0",
-                "@rollup/rollup-win32-arm64-msvc": "4.54.0",
-                "@rollup/rollup-win32-ia32-msvc": "4.54.0",
-                "@rollup/rollup-win32-x64-gnu": "4.54.0",
-                "@rollup/rollup-win32-x64-msvc": "4.54.0",
+                "@rollup/rollup-android-arm-eabi": "4.56.0",
+                "@rollup/rollup-android-arm64": "4.56.0",
+                "@rollup/rollup-darwin-arm64": "4.56.0",
+                "@rollup/rollup-darwin-x64": "4.56.0",
+                "@rollup/rollup-freebsd-arm64": "4.56.0",
+                "@rollup/rollup-freebsd-x64": "4.56.0",
+                "@rollup/rollup-linux-arm-gnueabihf": "4.56.0",
+                "@rollup/rollup-linux-arm-musleabihf": "4.56.0",
+                "@rollup/rollup-linux-arm64-gnu": "4.56.0",
+                "@rollup/rollup-linux-arm64-musl": "4.56.0",
+                "@rollup/rollup-linux-loong64-gnu": "4.56.0",
+                "@rollup/rollup-linux-loong64-musl": "4.56.0",
+                "@rollup/rollup-linux-ppc64-gnu": "4.56.0",
+                "@rollup/rollup-linux-ppc64-musl": "4.56.0",
+                "@rollup/rollup-linux-riscv64-gnu": "4.56.0",
+                "@rollup/rollup-linux-riscv64-musl": "4.56.0",
+                "@rollup/rollup-linux-s390x-gnu": "4.56.0",
+                "@rollup/rollup-linux-x64-gnu": "4.56.0",
+                "@rollup/rollup-linux-x64-musl": "4.56.0",
+                "@rollup/rollup-openbsd-x64": "4.56.0",
+                "@rollup/rollup-openharmony-arm64": "4.56.0",
+                "@rollup/rollup-win32-arm64-msvc": "4.56.0",
+                "@rollup/rollup-win32-ia32-msvc": "4.56.0",
+                "@rollup/rollup-win32-x64-gnu": "4.56.0",
+                "@rollup/rollup-win32-x64-msvc": "4.56.0",
                 "fsevents": "~2.3.2"
             }
         },
@@ -3741,9 +3819,9 @@
             }
         },
         "node_modules/svelte": {
-            "version": "5.46.1",
-            "resolved": "https://registry.npmjs.org/svelte/-/svelte-5.46.1.tgz",
-            "integrity": "sha512-ynjfCHD3nP2el70kN5Pmg37sSi0EjOm9FgHYQdC4giWG/hzO3AatzXXJJgP305uIhGQxSufJLuYWtkY8uK/8RA==",
+            "version": "5.48.2",
+            "resolved": "https://registry.npmjs.org/svelte/-/svelte-5.48.2.tgz",
+            "integrity": "sha512-VPWD+UyoSFZ7Nxix5K/F8yWiKWOiROkLlWYXOZReE0TUycw+58YWB3D6lAKT+57xmN99wRX4H3oZmw0NPy7y3Q==",
             "dev": true,
             "license": "MIT",
             "peer": true,
@@ -3756,7 +3834,7 @@
                 "aria-query": "^5.3.1",
                 "axobject-query": "^4.1.0",
                 "clsx": "^2.1.1",
-                "devalue": "^5.5.0",
+                "devalue": "^5.6.2",
                 "esm-env": "^1.2.1",
                 "esrap": "^2.2.1",
                 "is-reference": "^3.0.3",
@@ -3938,16 +4016,16 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.51.0",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.51.0.tgz",
-            "integrity": "sha512-jh8ZuM5oEh2PSdyQG9YAEM1TCGuWenLSuSUhf/irbVUNW9O5FhbFVONviN2TgMTBnUmyHv7E56rYnfLZK6TkiA==",
+            "version": "8.53.1",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.53.1.tgz",
+            "integrity": "sha512-gB+EVQfP5RDElh9ittfXlhZJdjSU4jUSTyE2+ia8CYyNvet4ElfaLlAIqDvQV9JPknKx0jQH1racTYe/4LaLSg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.51.0",
-                "@typescript-eslint/parser": "8.51.0",
-                "@typescript-eslint/typescript-estree": "8.51.0",
-                "@typescript-eslint/utils": "8.51.0"
+                "@typescript-eslint/eslint-plugin": "8.53.1",
+                "@typescript-eslint/parser": "8.53.1",
+                "@typescript-eslint/typescript-estree": "8.53.1",
+                "@typescript-eslint/utils": "8.53.1"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -4000,9 +4078,9 @@
             "license": "MIT"
         },
         "node_modules/vite": {
-            "version": "7.3.0",
-            "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.0.tgz",
-            "integrity": "sha512-dZwN5L1VlUBewiP6H9s2+B3e3Jg96D0vzN+Ry73sOefebhYr9f94wwkMNN/9ouoU8pV1BqA1d1zGk8928cx0rg==",
+            "version": "7.3.1",
+            "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.1.tgz",
+            "integrity": "sha512-w+N7Hifpc3gRjZ63vYBXA56dvvRlNWRczTdmCBBa+CotUzAPf5b7YMdMR/8CQoeYE5LX3W4wj6RYTgonm1b9DA==",
             "dev": true,
             "license": "MIT",
             "peer": true,

From c2917f858072dcde33611dac6be8b23ca9ff8e6d Mon Sep 17 00:00:00 2001
From: Renovate Bot <renovate@pomail.fr>
Date: Mon, 2 Feb 2026 01:14:33 +0000
Subject: [PATCH 02/27] chore(deps): lock file maintenance

---
 web/package-lock.json | 364 +++++++++++++++++++++---------------------
 1 file changed, 182 insertions(+), 182 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 3aa1720..835218b 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -519,19 +519,19 @@
             }
         },
         "node_modules/@eslint/compat": {
-            "version": "2.0.1",
-            "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-2.0.1.tgz",
-            "integrity": "sha512-yl/JsgplclzuvGFNqwNYV4XNPhP3l62ZOP9w/47atNAdmDtIFCx6X7CSk/SlWUuBGkT4Et/5+UD+WyvX2iiIWA==",
+            "version": "2.0.2",
+            "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-2.0.2.tgz",
+            "integrity": "sha512-pR1DoD0h3HfF675QZx0xsyrsU8q70Z/plx7880NOhS02NuWLgBCOMDL787nUeQ7EWLkxv3bPQJaarjcPQb2Dwg==",
             "dev": true,
             "license": "Apache-2.0",
             "dependencies": {
-                "@eslint/core": "^1.0.1"
+                "@eslint/core": "^1.1.0"
             },
             "engines": {
                 "node": "^20.19.0 || ^22.13.0 || >=24"
             },
             "peerDependencies": {
-                "eslint": "^8.40 || 9"
+                "eslint": "^8.40 || 9 || 10"
             },
             "peerDependenciesMeta": {
                 "eslint": {
@@ -581,9 +581,9 @@
             }
         },
         "node_modules/@eslint/core": {
-            "version": "1.0.1",
-            "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.0.1.tgz",
-            "integrity": "sha512-r18fEAj9uCk+VjzGt2thsbOmychS+4kxI14spVNibUO2vqKX7obOG+ymZljAwuPZl+S3clPGwCwTDtrdqTiY6Q==",
+            "version": "1.1.0",
+            "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.1.0.tgz",
+            "integrity": "sha512-/nr9K9wkr3P1EzFTdFdMoLuo1PmIxjmwvPozwoSodjNBdefGujXQUF93u1DDZpEaTuDvMsIQddsd35BwtrW9Xw==",
             "dev": true,
             "license": "Apache-2.0",
             "dependencies": {
@@ -873,9 +873,9 @@
             }
         },
         "node_modules/@rollup/rollup-android-arm-eabi": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.56.0.tgz",
-            "integrity": "sha512-LNKIPA5k8PF1+jAFomGe3qN3bbIgJe/IlpDBwuVjrDKrJhVWywgnJvflMt/zkbVNLFtF1+94SljYQS6e99klnw==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.57.1.tgz",
+            "integrity": "sha512-A6ehUVSiSaaliTxai040ZpZ2zTevHYbvu/lDoeAteHI8QnaosIzm4qwtezfRg1jOYaUmnzLX1AOD6Z+UJjtifg==",
             "cpu": [
                 "arm"
             ],
@@ -887,9 +887,9 @@
             ]
         },
         "node_modules/@rollup/rollup-android-arm64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.56.0.tgz",
-            "integrity": "sha512-lfbVUbelYqXlYiU/HApNMJzT1E87UPGvzveGg2h0ktUNlOCxKlWuJ9jtfvs1sKHdwU4fzY7Pl8sAl49/XaEk6Q==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.57.1.tgz",
+            "integrity": "sha512-dQaAddCY9YgkFHZcFNS/606Exo8vcLHwArFZ7vxXq4rigo2bb494/xKMMwRRQW6ug7Js6yXmBZhSBRuBvCCQ3w==",
             "cpu": [
                 "arm64"
             ],
@@ -901,9 +901,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-arm64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.56.0.tgz",
-            "integrity": "sha512-EgxD1ocWfhoD6xSOeEEwyE7tDvwTgZc8Bss7wCWe+uc7wO8G34HHCUH+Q6cHqJubxIAnQzAsyUsClt0yFLu06w==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.57.1.tgz",
+            "integrity": "sha512-crNPrwJOrRxagUYeMn/DZwqN88SDmwaJ8Cvi/TN1HnWBU7GwknckyosC2gd0IqYRsHDEnXf328o9/HC6OkPgOg==",
             "cpu": [
                 "arm64"
             ],
@@ -915,9 +915,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-x64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.56.0.tgz",
-            "integrity": "sha512-1vXe1vcMOssb/hOF8iv52A7feWW2xnu+c8BV4t1F//m9QVLTfNVpEdja5ia762j/UEJe2Z1jAmEqZAK42tVW3g==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.57.1.tgz",
+            "integrity": "sha512-Ji8g8ChVbKrhFtig5QBV7iMaJrGtpHelkB3lsaKzadFBe58gmjfGXAOfI5FV0lYMH8wiqsxKQ1C9B0YTRXVy4w==",
             "cpu": [
                 "x64"
             ],
@@ -929,9 +929,9 @@
             ]
         },
         "node_modules/@rollup/rollup-freebsd-arm64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.56.0.tgz",
-            "integrity": "sha512-bof7fbIlvqsyv/DtaXSck4VYQ9lPtoWNFCB/JY4snlFuJREXfZnm+Ej6yaCHfQvofJDXLDMTVxWscVSuQvVWUQ==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.57.1.tgz",
+            "integrity": "sha512-R+/WwhsjmwodAcz65guCGFRkMb4gKWTcIeLy60JJQbXrJ97BOXHxnkPFrP+YwFlaS0m+uWJTstrUA9o+UchFug==",
             "cpu": [
                 "arm64"
             ],
@@ -943,9 +943,9 @@
             ]
         },
         "node_modules/@rollup/rollup-freebsd-x64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.56.0.tgz",
-            "integrity": "sha512-KNa6lYHloW+7lTEkYGa37fpvPq+NKG/EHKM8+G/g9WDU7ls4sMqbVRV78J6LdNuVaeeK5WB9/9VAFbKxcbXKYg==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.57.1.tgz",
+            "integrity": "sha512-IEQTCHeiTOnAUC3IDQdzRAGj3jOAYNr9kBguI7MQAAZK3caezRrg0GxAb6Hchg4lxdZEI5Oq3iov/w/hnFWY9Q==",
             "cpu": [
                 "x64"
             ],
@@ -957,9 +957,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.56.0.tgz",
-            "integrity": "sha512-E8jKK87uOvLrrLN28jnAAAChNq5LeCd2mGgZF+fGF5D507WlG/Noct3lP/QzQ6MrqJ5BCKNwI9ipADB6jyiq2A==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.57.1.tgz",
+            "integrity": "sha512-F8sWbhZ7tyuEfsmOxwc2giKDQzN3+kuBLPwwZGyVkLlKGdV1nvnNwYD0fKQ8+XS6hp9nY7B+ZeK01EBUE7aHaw==",
             "cpu": [
                 "arm"
             ],
@@ -971,9 +971,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.56.0.tgz",
-            "integrity": "sha512-jQosa5FMYF5Z6prEpTCCmzCXz6eKr/tCBssSmQGEeozA9tkRUty/5Vx06ibaOP9RCrW1Pvb8yp3gvZhHwTDsJw==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.57.1.tgz",
+            "integrity": "sha512-rGfNUfn0GIeXtBP1wL5MnzSj98+PZe/AXaGBCRmT0ts80lU5CATYGxXukeTX39XBKsxzFpEeK+Mrp9faXOlmrw==",
             "cpu": [
                 "arm"
             ],
@@ -985,9 +985,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.56.0.tgz",
-            "integrity": "sha512-uQVoKkrC1KGEV6udrdVahASIsaF8h7iLG0U0W+Xn14ucFwi6uS539PsAr24IEF9/FoDtzMeeJXJIBo5RkbNWvQ==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.57.1.tgz",
+            "integrity": "sha512-MMtej3YHWeg/0klK2Qodf3yrNzz6CGjo2UntLvk2RSPlhzgLvYEB3frRvbEF2wRKh1Z2fDIg9KRPe1fawv7C+g==",
             "cpu": [
                 "arm64"
             ],
@@ -999,9 +999,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-musl": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.56.0.tgz",
-            "integrity": "sha512-vLZ1yJKLxhQLFKTs42RwTwa6zkGln+bnXc8ueFGMYmBTLfNu58sl5/eXyxRa2RarTkJbXl8TKPgfS6V5ijNqEA==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.57.1.tgz",
+            "integrity": "sha512-1a/qhaaOXhqXGpMFMET9VqwZakkljWHLmZOX48R0I/YLbhdxr1m4gtG1Hq7++VhVUmf+L3sTAf9op4JlhQ5u1Q==",
             "cpu": [
                 "arm64"
             ],
@@ -1013,9 +1013,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-loong64-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.56.0.tgz",
-            "integrity": "sha512-FWfHOCub564kSE3xJQLLIC/hbKqHSVxy8vY75/YHHzWvbJL7aYJkdgwD/xGfUlL5UV2SB7otapLrcCj2xnF1dg==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.57.1.tgz",
+            "integrity": "sha512-QWO6RQTZ/cqYtJMtxhkRkidoNGXc7ERPbZN7dVW5SdURuLeVU7lwKMpo18XdcmpWYd0qsP1bwKPf7DNSUinhvA==",
             "cpu": [
                 "loong64"
             ],
@@ -1027,9 +1027,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-loong64-musl": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.56.0.tgz",
-            "integrity": "sha512-z1EkujxIh7nbrKL1lmIpqFTc/sr0u8Uk0zK/qIEFldbt6EDKWFk/pxFq3gYj4Bjn3aa9eEhYRlL3H8ZbPT1xvA==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.57.1.tgz",
+            "integrity": "sha512-xpObYIf+8gprgWaPP32xiN5RVTi/s5FCR+XMXSKmhfoJjrpRAjCuuqQXyxUa/eJTdAE6eJ+KDKaoEqjZQxh3Gw==",
             "cpu": [
                 "loong64"
             ],
@@ -1041,9 +1041,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-ppc64-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.56.0.tgz",
-            "integrity": "sha512-iNFTluqgdoQC7AIE8Q34R3AuPrJGJirj5wMUErxj22deOcY7XwZRaqYmB6ZKFHoVGqRcRd0mqO+845jAibKCkw==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.57.1.tgz",
+            "integrity": "sha512-4BrCgrpZo4hvzMDKRqEaW1zeecScDCR+2nZ86ATLhAoJ5FQ+lbHVD3ttKe74/c7tNT9c6F2viwB3ufwp01Oh2w==",
             "cpu": [
                 "ppc64"
             ],
@@ -1055,9 +1055,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-ppc64-musl": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.56.0.tgz",
-            "integrity": "sha512-MtMeFVlD2LIKjp2sE2xM2slq3Zxf9zwVuw0jemsxvh1QOpHSsSzfNOTH9uYW9i1MXFxUSMmLpeVeUzoNOKBaWg==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.57.1.tgz",
+            "integrity": "sha512-NOlUuzesGauESAyEYFSe3QTUguL+lvrN1HtwEEsU2rOwdUDeTMJdO5dUYl/2hKf9jWydJrO9OL/XSSf65R5+Xw==",
             "cpu": [
                 "ppc64"
             ],
@@ -1069,9 +1069,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.56.0.tgz",
-            "integrity": "sha512-in+v6wiHdzzVhYKXIk5U74dEZHdKN9KH0Q4ANHOTvyXPG41bajYRsy7a8TPKbYPl34hU7PP7hMVHRvv/5aCSew==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.57.1.tgz",
+            "integrity": "sha512-ptA88htVp0AwUUqhVghwDIKlvJMD/fmL/wrQj99PRHFRAG6Z5nbWoWG4o81Nt9FT+IuqUQi+L31ZKAFeJ5Is+A==",
             "cpu": [
                 "riscv64"
             ],
@@ -1083,9 +1083,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-riscv64-musl": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.56.0.tgz",
-            "integrity": "sha512-yni2raKHB8m9NQpI9fPVwN754mn6dHQSbDTwxdr9SE0ks38DTjLMMBjrwvB5+mXrX+C0npX0CVeCUcvvvD8CNQ==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.57.1.tgz",
+            "integrity": "sha512-S51t7aMMTNdmAMPpBg7OOsTdn4tySRQvklmL3RpDRyknk87+Sp3xaumlatU+ppQ+5raY7sSTcC2beGgvhENfuw==",
             "cpu": [
                 "riscv64"
             ],
@@ -1097,9 +1097,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-s390x-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.56.0.tgz",
-            "integrity": "sha512-zhLLJx9nQPu7wezbxt2ut+CI4YlXi68ndEve16tPc/iwoylWS9B3FxpLS2PkmfYgDQtosah07Mj9E0khc3Y+vQ==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.57.1.tgz",
+            "integrity": "sha512-Bl00OFnVFkL82FHbEqy3k5CUCKH6OEJL54KCyx2oqsmZnFTR8IoNqBF+mjQVcRCT5sB6yOvK8A37LNm/kPJiZg==",
             "cpu": [
                 "s390x"
             ],
@@ -1111,9 +1111,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.56.0.tgz",
-            "integrity": "sha512-MVC6UDp16ZSH7x4rtuJPAEoE1RwS8N4oK9DLHy3FTEdFoUTCFVzMfJl/BVJ330C+hx8FfprA5Wqx4FhZXkj2Kw==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.57.1.tgz",
+            "integrity": "sha512-ABca4ceT4N+Tv/GtotnWAeXZUZuM/9AQyCyKYyKnpk4yoA7QIAuBt6Hkgpw8kActYlew2mvckXkvx0FfoInnLg==",
             "cpu": [
                 "x64"
             ],
@@ -1125,9 +1125,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-musl": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.56.0.tgz",
-            "integrity": "sha512-ZhGH1eA4Qv0lxaV00azCIS1ChedK0V32952Md3FtnxSqZTBTd6tgil4nZT5cU8B+SIw3PFYkvyR4FKo2oyZIHA==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.57.1.tgz",
+            "integrity": "sha512-HFps0JeGtuOR2convgRRkHCekD7j+gdAuXM+/i6kGzQtFhlCtQkpwtNzkNj6QhCDp7DRJ7+qC/1Vg2jt5iSOFw==",
             "cpu": [
                 "x64"
             ],
@@ -1139,9 +1139,9 @@
             ]
         },
         "node_modules/@rollup/rollup-openbsd-x64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.56.0.tgz",
-            "integrity": "sha512-O16XcmyDeFI9879pEcmtWvD/2nyxR9mF7Gs44lf1vGGx8Vg2DRNx11aVXBEqOQhWb92WN4z7fW/q4+2NYzCbBA==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.57.1.tgz",
+            "integrity": "sha512-H+hXEv9gdVQuDTgnqD+SQffoWoc0Of59AStSzTEj/feWTBAnSfSD3+Dql1ZruJQxmykT/JVY0dE8Ka7z0DH1hw==",
             "cpu": [
                 "x64"
             ],
@@ -1153,9 +1153,9 @@
             ]
         },
         "node_modules/@rollup/rollup-openharmony-arm64": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.56.0.tgz",
-            "integrity": "sha512-LhN/Reh+7F3RCgQIRbgw8ZMwUwyqJM+8pXNT6IIJAqm2IdKkzpCh/V9EdgOMBKuebIrzswqy4ATlrDgiOwbRcQ==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.57.1.tgz",
+            "integrity": "sha512-4wYoDpNg6o/oPximyc/NG+mYUejZrCU2q+2w6YZqrAs2UcNUChIZXjtafAiiZSUc7On8v5NyNj34Kzj/Ltk6dQ==",
             "cpu": [
                 "arm64"
             ],
@@ -1167,9 +1167,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-arm64-msvc": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.56.0.tgz",
-            "integrity": "sha512-kbFsOObXp3LBULg1d3JIUQMa9Kv4UitDmpS+k0tinPBz3watcUiV2/LUDMMucA6pZO3WGE27P7DsfaN54l9ing==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.57.1.tgz",
+            "integrity": "sha512-O54mtsV/6LW3P8qdTcamQmuC990HDfR71lo44oZMZlXU4tzLrbvTii87Ni9opq60ds0YzuAlEr/GNwuNluZyMQ==",
             "cpu": [
                 "arm64"
             ],
@@ -1181,9 +1181,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-ia32-msvc": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.56.0.tgz",
-            "integrity": "sha512-vSSgny54D6P4vf2izbtFm/TcWYedw7f8eBrOiGGecyHyQB9q4Kqentjaj8hToe+995nob/Wv48pDqL5a62EWtg==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.57.1.tgz",
+            "integrity": "sha512-P3dLS+IerxCT/7D2q2FYcRdWRl22dNbrbBEtxdWhXrfIMPP9lQhb5h4Du04mdl5Woq05jVCDPCMF7Ub0NAjIew==",
             "cpu": [
                 "ia32"
             ],
@@ -1195,9 +1195,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-gnu": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.56.0.tgz",
-            "integrity": "sha512-FeCnkPCTHQJFbiGG49KjV5YGW/8b9rrXAM2Mz2kiIoktq2qsJxRD5giEMEOD2lPdgs72upzefaUvS+nc8E3UzQ==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.57.1.tgz",
+            "integrity": "sha512-VMBH2eOOaKGtIJYleXsi2B8CPVADrh+TyNxJ4mWPnKfLB/DBUmzW+5m1xUrcwWoMfSLagIRpjUFeW5CO5hyciQ==",
             "cpu": [
                 "x64"
             ],
@@ -1209,9 +1209,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-msvc": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.56.0.tgz",
-            "integrity": "sha512-H8AE9Ur/t0+1VXujj90w0HrSOuv0Nq9r1vSZF2t5km20NTfosQsGGUXDaKdQZzwuLts7IyL1fYT4hM95TI9c4g==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.57.1.tgz",
+            "integrity": "sha512-mxRFDdHIWRxg3UfIIAwCm6NzvxG0jDX/wBN6KsQFTvKFqqg9vTrWUE68qEjHt19A5wwx5X5aUi2zuZT7YR0jrA==",
             "cpu": [
                 "x64"
             ],
@@ -1384,17 +1384,17 @@
             }
         },
         "node_modules/@typescript-eslint/eslint-plugin": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.53.1.tgz",
-            "integrity": "sha512-cFYYFZ+oQFi6hUnBTbLRXfTJiaQtYE3t4O692agbBl+2Zy+eqSKWtPjhPXJu1G7j4RLjKgeJPDdq3EqOwmX5Ag==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.54.0.tgz",
+            "integrity": "sha512-hAAP5io/7csFStuOmR782YmTthKBJ9ND3WVL60hcOjvtGFb+HJxH4O5huAcmcZ9v9G8P+JETiZ/G1B8MALnWZQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/regexpp": "^4.12.2",
-                "@typescript-eslint/scope-manager": "8.53.1",
-                "@typescript-eslint/type-utils": "8.53.1",
-                "@typescript-eslint/utils": "8.53.1",
-                "@typescript-eslint/visitor-keys": "8.53.1",
+                "@typescript-eslint/scope-manager": "8.54.0",
+                "@typescript-eslint/type-utils": "8.54.0",
+                "@typescript-eslint/utils": "8.54.0",
+                "@typescript-eslint/visitor-keys": "8.54.0",
                 "ignore": "^7.0.5",
                 "natural-compare": "^1.4.0",
                 "ts-api-utils": "^2.4.0"
@@ -1407,7 +1407,7 @@
                 "url": "https://opencollective.com/typescript-eslint"
             },
             "peerDependencies": {
-                "@typescript-eslint/parser": "^8.53.1",
+                "@typescript-eslint/parser": "^8.54.0",
                 "eslint": "^8.57.0 || ^9.0.0",
                 "typescript": ">=4.8.4 <6.0.0"
             }
@@ -1423,17 +1423,17 @@
             }
         },
         "node_modules/@typescript-eslint/parser": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.53.1.tgz",
-            "integrity": "sha512-nm3cvFN9SqZGXjmw5bZ6cGmvJSyJPn0wU9gHAZZHDnZl2wF9PhHv78Xf06E0MaNk4zLVHL8hb2/c32XvyJOLQg==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.54.0.tgz",
+            "integrity": "sha512-BtE0k6cjwjLZoZixN0t5AKP0kSzlGu7FctRXYuPAm//aaiZhmfq1JwdYpYr1brzEspYyFeF+8XF5j2VK6oalrA==",
             "dev": true,
             "license": "MIT",
             "peer": true,
             "dependencies": {
-                "@typescript-eslint/scope-manager": "8.53.1",
-                "@typescript-eslint/types": "8.53.1",
-                "@typescript-eslint/typescript-estree": "8.53.1",
-                "@typescript-eslint/visitor-keys": "8.53.1",
+                "@typescript-eslint/scope-manager": "8.54.0",
+                "@typescript-eslint/types": "8.54.0",
+                "@typescript-eslint/typescript-estree": "8.54.0",
+                "@typescript-eslint/visitor-keys": "8.54.0",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -1449,14 +1449,14 @@
             }
         },
         "node_modules/@typescript-eslint/project-service": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.53.1.tgz",
-            "integrity": "sha512-WYC4FB5Ra0xidsmlPb+1SsnaSKPmS3gsjIARwbEkHkoWloQmuzcfypljaJcR78uyLA1h8sHdWWPHSLDI+MtNog==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.54.0.tgz",
+            "integrity": "sha512-YPf+rvJ1s7MyiWM4uTRhE4DvBXrEV+d8oC3P9Y2eT7S+HBS0clybdMIPnhiATi9vZOYDc7OQ1L/i6ga6NFYK/g==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/tsconfig-utils": "^8.53.1",
-                "@typescript-eslint/types": "^8.53.1",
+                "@typescript-eslint/tsconfig-utils": "^8.54.0",
+                "@typescript-eslint/types": "^8.54.0",
                 "debug": "^4.4.3"
             },
             "engines": {
@@ -1471,14 +1471,14 @@
             }
         },
         "node_modules/@typescript-eslint/scope-manager": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.53.1.tgz",
-            "integrity": "sha512-Lu23yw1uJMFY8cUeq7JlrizAgeQvWugNQzJp8C3x8Eo5Jw5Q2ykMdiiTB9vBVOOUBysMzmRRmUfwFrZuI2C4SQ==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.54.0.tgz",
+            "integrity": "sha512-27rYVQku26j/PbHYcVfRPonmOlVI6gihHtXFbTdB5sb6qA0wdAQAbyXFVarQ5t4HRojIz64IV90YtsjQSSGlQg==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.53.1",
-                "@typescript-eslint/visitor-keys": "8.53.1"
+                "@typescript-eslint/types": "8.54.0",
+                "@typescript-eslint/visitor-keys": "8.54.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1489,9 +1489,9 @@
             }
         },
         "node_modules/@typescript-eslint/tsconfig-utils": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.53.1.tgz",
-            "integrity": "sha512-qfvLXS6F6b1y43pnf0pPbXJ+YoXIC7HKg0UGZ27uMIemKMKA6XH2DTxsEDdpdN29D+vHV07x/pnlPNVLhdhWiA==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.54.0.tgz",
+            "integrity": "sha512-dRgOyT2hPk/JwxNMZDsIXDgyl9axdJI3ogZ2XWhBPsnZUv+hPesa5iuhdYt2gzwA9t8RE5ytOJ6xB0moV0Ujvw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -1506,15 +1506,15 @@
             }
         },
         "node_modules/@typescript-eslint/type-utils": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.53.1.tgz",
-            "integrity": "sha512-MOrdtNvyhy0rHyv0ENzub1d4wQYKb2NmIqG7qEqPWFW7Mpy2jzFC3pQ2yKDvirZB7jypm5uGjF2Qqs6OIqu47w==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.54.0.tgz",
+            "integrity": "sha512-hiLguxJWHjjwL6xMBwD903ciAwd7DmK30Y9Axs/etOkftC3ZNN9K44IuRD/EB08amu+Zw6W37x9RecLkOo3pMA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.53.1",
-                "@typescript-eslint/typescript-estree": "8.53.1",
-                "@typescript-eslint/utils": "8.53.1",
+                "@typescript-eslint/types": "8.54.0",
+                "@typescript-eslint/typescript-estree": "8.54.0",
+                "@typescript-eslint/utils": "8.54.0",
                 "debug": "^4.4.3",
                 "ts-api-utils": "^2.4.0"
             },
@@ -1531,9 +1531,9 @@
             }
         },
         "node_modules/@typescript-eslint/types": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.53.1.tgz",
-            "integrity": "sha512-jr/swrr2aRmUAUjW5/zQHbMaui//vQlsZcJKijZf3M26bnmLj8LyZUpj8/Rd6uzaek06OWsqdofN/Thenm5O8A==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.54.0.tgz",
+            "integrity": "sha512-PDUI9R1BVjqu7AUDsRBbKMtwmjWcn4J3le+5LpcFgWULN3LvHC5rkc9gCVxbrsrGmO1jfPybN5s6h4Jy+OnkAA==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -1545,16 +1545,16 @@
             }
         },
         "node_modules/@typescript-eslint/typescript-estree": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.53.1.tgz",
-            "integrity": "sha512-RGlVipGhQAG4GxV1s34O91cxQ/vWiHJTDHbXRr0li2q/BGg3RR/7NM8QDWgkEgrwQYCvmJV9ichIwyoKCQ+DTg==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.54.0.tgz",
+            "integrity": "sha512-BUwcskRaPvTk6fzVWgDPdUndLjB87KYDrN5EYGetnktoeAvPtO4ONHlAZDnj5VFnUANg0Sjm7j4usBlnoVMHwA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/project-service": "8.53.1",
-                "@typescript-eslint/tsconfig-utils": "8.53.1",
-                "@typescript-eslint/types": "8.53.1",
-                "@typescript-eslint/visitor-keys": "8.53.1",
+                "@typescript-eslint/project-service": "8.54.0",
+                "@typescript-eslint/tsconfig-utils": "8.54.0",
+                "@typescript-eslint/types": "8.54.0",
+                "@typescript-eslint/visitor-keys": "8.54.0",
                 "debug": "^4.4.3",
                 "minimatch": "^9.0.5",
                 "semver": "^7.7.3",
@@ -1612,16 +1612,16 @@
             }
         },
         "node_modules/@typescript-eslint/utils": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.53.1.tgz",
-            "integrity": "sha512-c4bMvGVWW4hv6JmDUEG7fSYlWOl3II2I4ylt0NM+seinYQlZMQIaKaXIIVJWt9Ofh6whrpM+EdDQXKXjNovvrg==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.54.0.tgz",
+            "integrity": "sha512-9Cnda8GS57AQakvRyG0PTejJNlA2xhvyNtEVIMlDWOOeEyBkYWhGPnfrIAnqxLMTSTo6q8g12XVjjev5l1NvMA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.9.1",
-                "@typescript-eslint/scope-manager": "8.53.1",
-                "@typescript-eslint/types": "8.53.1",
-                "@typescript-eslint/typescript-estree": "8.53.1"
+                "@typescript-eslint/scope-manager": "8.54.0",
+                "@typescript-eslint/types": "8.54.0",
+                "@typescript-eslint/typescript-estree": "8.54.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1636,13 +1636,13 @@
             }
         },
         "node_modules/@typescript-eslint/visitor-keys": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.53.1.tgz",
-            "integrity": "sha512-oy+wV7xDKFPRyNggmXuZQSBzvoLnpmJs+GhzRhPjrxl2b/jIlyjVokzm47CZCDUdXKr2zd7ZLodPfOBpOPyPlg==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.54.0.tgz",
+            "integrity": "sha512-VFlhGSl4opC0bprJiItPQ1RfUhGDIBokcPwaFH4yiBCaNPeld/9VeXbiPO1cLyorQi1G1vL+ecBk1x8o1axORA==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/types": "8.53.1",
+                "@typescript-eslint/types": "8.54.0",
                 "eslint-visitor-keys": "^4.2.1"
             },
             "engines": {
@@ -2768,9 +2768,9 @@
             }
         },
         "node_modules/globals": {
-            "version": "17.1.0",
-            "resolved": "https://registry.npmjs.org/globals/-/globals-17.1.0.tgz",
-            "integrity": "sha512-8HoIcWI5fCvG5NADj4bDav+er9B9JMj2vyL2pI8D0eismKyUvPLTSs+Ln3wqhwcp306i73iyVnEKx3F6T47TGw==",
+            "version": "17.3.0",
+            "resolved": "https://registry.npmjs.org/globals/-/globals-17.3.0.tgz",
+            "integrity": "sha512-yMqGUQVVCkD4tqjOJf3TnrvaaHDMYp4VlUSObbkIiuCPe/ofdMBFIAcBbCSRFWOnos6qRiTVStDwqPLUclaxIw==",
             "dev": true,
             "license": "MIT",
             "engines": {
@@ -3610,9 +3610,9 @@
             }
         },
         "node_modules/rollup": {
-            "version": "4.56.0",
-            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.56.0.tgz",
-            "integrity": "sha512-9FwVqlgUHzbXtDg9RCMgodF3Ua4Na6Gau+Sdt9vyCN4RhHfVKX2DCHy3BjMLTDd47ITDhYAnTwGulWTblJSDLg==",
+            "version": "4.57.1",
+            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.57.1.tgz",
+            "integrity": "sha512-oQL6lgK3e2QZeQ7gcgIkS2YZPg5slw37hYufJ3edKlfQSGGm8ICoxswK15ntSzF/a8+h7ekRy7k7oWc3BQ7y8A==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -3626,31 +3626,31 @@
                 "npm": ">=8.0.0"
             },
             "optionalDependencies": {
-                "@rollup/rollup-android-arm-eabi": "4.56.0",
-                "@rollup/rollup-android-arm64": "4.56.0",
-                "@rollup/rollup-darwin-arm64": "4.56.0",
-                "@rollup/rollup-darwin-x64": "4.56.0",
-                "@rollup/rollup-freebsd-arm64": "4.56.0",
-                "@rollup/rollup-freebsd-x64": "4.56.0",
-                "@rollup/rollup-linux-arm-gnueabihf": "4.56.0",
-                "@rollup/rollup-linux-arm-musleabihf": "4.56.0",
-                "@rollup/rollup-linux-arm64-gnu": "4.56.0",
-                "@rollup/rollup-linux-arm64-musl": "4.56.0",
-                "@rollup/rollup-linux-loong64-gnu": "4.56.0",
-                "@rollup/rollup-linux-loong64-musl": "4.56.0",
-                "@rollup/rollup-linux-ppc64-gnu": "4.56.0",
-                "@rollup/rollup-linux-ppc64-musl": "4.56.0",
-                "@rollup/rollup-linux-riscv64-gnu": "4.56.0",
-                "@rollup/rollup-linux-riscv64-musl": "4.56.0",
-                "@rollup/rollup-linux-s390x-gnu": "4.56.0",
-                "@rollup/rollup-linux-x64-gnu": "4.56.0",
-                "@rollup/rollup-linux-x64-musl": "4.56.0",
-                "@rollup/rollup-openbsd-x64": "4.56.0",
-                "@rollup/rollup-openharmony-arm64": "4.56.0",
-                "@rollup/rollup-win32-arm64-msvc": "4.56.0",
-                "@rollup/rollup-win32-ia32-msvc": "4.56.0",
-                "@rollup/rollup-win32-x64-gnu": "4.56.0",
-                "@rollup/rollup-win32-x64-msvc": "4.56.0",
+                "@rollup/rollup-android-arm-eabi": "4.57.1",
+                "@rollup/rollup-android-arm64": "4.57.1",
+                "@rollup/rollup-darwin-arm64": "4.57.1",
+                "@rollup/rollup-darwin-x64": "4.57.1",
+                "@rollup/rollup-freebsd-arm64": "4.57.1",
+                "@rollup/rollup-freebsd-x64": "4.57.1",
+                "@rollup/rollup-linux-arm-gnueabihf": "4.57.1",
+                "@rollup/rollup-linux-arm-musleabihf": "4.57.1",
+                "@rollup/rollup-linux-arm64-gnu": "4.57.1",
+                "@rollup/rollup-linux-arm64-musl": "4.57.1",
+                "@rollup/rollup-linux-loong64-gnu": "4.57.1",
+                "@rollup/rollup-linux-loong64-musl": "4.57.1",
+                "@rollup/rollup-linux-ppc64-gnu": "4.57.1",
+                "@rollup/rollup-linux-ppc64-musl": "4.57.1",
+                "@rollup/rollup-linux-riscv64-gnu": "4.57.1",
+                "@rollup/rollup-linux-riscv64-musl": "4.57.1",
+                "@rollup/rollup-linux-s390x-gnu": "4.57.1",
+                "@rollup/rollup-linux-x64-gnu": "4.57.1",
+                "@rollup/rollup-linux-x64-musl": "4.57.1",
+                "@rollup/rollup-openbsd-x64": "4.57.1",
+                "@rollup/rollup-openharmony-arm64": "4.57.1",
+                "@rollup/rollup-win32-arm64-msvc": "4.57.1",
+                "@rollup/rollup-win32-ia32-msvc": "4.57.1",
+                "@rollup/rollup-win32-x64-gnu": "4.57.1",
+                "@rollup/rollup-win32-x64-msvc": "4.57.1",
                 "fsevents": "~2.3.2"
             }
         },
@@ -3819,9 +3819,9 @@
             }
         },
         "node_modules/svelte": {
-            "version": "5.48.2",
-            "resolved": "https://registry.npmjs.org/svelte/-/svelte-5.48.2.tgz",
-            "integrity": "sha512-VPWD+UyoSFZ7Nxix5K/F8yWiKWOiROkLlWYXOZReE0TUycw+58YWB3D6lAKT+57xmN99wRX4H3oZmw0NPy7y3Q==",
+            "version": "5.49.1",
+            "resolved": "https://registry.npmjs.org/svelte/-/svelte-5.49.1.tgz",
+            "integrity": "sha512-jj95WnbKbXsXXngYj28a4zx8jeZx50CN/J4r0CEeax2pbfdsETv/J1K8V9Hbu3DCXnpHz5qAikICuxEooi7eNQ==",
             "dev": true,
             "license": "MIT",
             "peer": true,
@@ -3836,7 +3836,7 @@
                 "clsx": "^2.1.1",
                 "devalue": "^5.6.2",
                 "esm-env": "^1.2.1",
-                "esrap": "^2.2.1",
+                "esrap": "^2.2.2",
                 "is-reference": "^3.0.3",
                 "locate-character": "^3.0.0",
                 "magic-string": "^0.30.11",
@@ -3847,9 +3847,9 @@
             }
         },
         "node_modules/svelte-check": {
-            "version": "4.3.5",
-            "resolved": "https://registry.npmjs.org/svelte-check/-/svelte-check-4.3.5.tgz",
-            "integrity": "sha512-e4VWZETyXaKGhpkxOXP+B/d0Fp/zKViZoJmneZWe/05Y2aqSKj3YN2nLfYPJBQ87WEiY4BQCQ9hWGu9mPT1a1Q==",
+            "version": "4.3.6",
+            "resolved": "https://registry.npmjs.org/svelte-check/-/svelte-check-4.3.6.tgz",
+            "integrity": "sha512-uBkz96ElE3G4pt9E1Tw0xvBfIUQkeH794kDQZdAUk795UVMr+NJZpuFSS62vcmO/DuSalK83LyOwhgWq8YGU1Q==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
@@ -4016,16 +4016,16 @@
             }
         },
         "node_modules/typescript-eslint": {
-            "version": "8.53.1",
-            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.53.1.tgz",
-            "integrity": "sha512-gB+EVQfP5RDElh9ittfXlhZJdjSU4jUSTyE2+ia8CYyNvet4ElfaLlAIqDvQV9JPknKx0jQH1racTYe/4LaLSg==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.54.0.tgz",
+            "integrity": "sha512-CKsJ+g53QpsNPqbzUsfKVgd3Lny4yKZ1pP4qN3jdMOg/sisIDLGyDMezycquXLE5JsEU0wp3dGNdzig0/fmSVQ==",
             "dev": true,
             "license": "MIT",
             "dependencies": {
-                "@typescript-eslint/eslint-plugin": "8.53.1",
-                "@typescript-eslint/parser": "8.53.1",
-                "@typescript-eslint/typescript-estree": "8.53.1",
-                "@typescript-eslint/utils": "8.53.1"
+                "@typescript-eslint/eslint-plugin": "8.54.0",
+                "@typescript-eslint/parser": "8.54.0",
+                "@typescript-eslint/typescript-estree": "8.54.0",
+                "@typescript-eslint/utils": "8.54.0"
             },
             "engines": {
                 "node": "^18.18.0 || ^20.9.0 || >=21.1.0"

From 054cd8ae2541282c562c17f46d9e20bf3c701213 Mon Sep 17 00:00:00 2001
From: Renovate Bot <renovate@pomail.fr>
Date: Mon, 9 Feb 2026 19:18:24 +0000
Subject: [PATCH 03/27] chore(deps): update module golang.org/x/net to v0.50.0

---
 go.mod | 12 ++++++------
 go.sum | 51 ++++++++++++---------------------------------------
 2 files changed, 18 insertions(+), 45 deletions(-)

diff --git a/go.mod b/go.mod
index e9da3d6..d44d5cc 100644
--- a/go.mod
+++ b/go.mod
@@ -9,7 +9,7 @@ require (
 	github.com/gin-gonic/gin v1.11.0
 	github.com/google/uuid v1.6.0
 	github.com/oapi-codegen/runtime v1.1.2
-	golang.org/x/net v0.49.0
+	golang.org/x/net v0.50.0
 	gorm.io/driver/postgres v1.6.0
 	gorm.io/driver/sqlite v1.6.0
 	gorm.io/gorm v1.31.1
@@ -66,12 +66,12 @@ require (
 	github.com/woodsbury/decimal128 v1.4.0 // indirect
 	go.uber.org/mock v0.6.0 // indirect
 	golang.org/x/arch v0.23.0 // indirect
-	golang.org/x/crypto v0.47.0 // indirect
-	golang.org/x/mod v0.31.0 // indirect
+	golang.org/x/crypto v0.48.0 // indirect
+	golang.org/x/mod v0.32.0 // indirect
 	golang.org/x/sync v0.19.0 // indirect
-	golang.org/x/sys v0.40.0 // indirect
-	golang.org/x/text v0.33.0 // indirect
-	golang.org/x/tools v0.40.0 // indirect
+	golang.org/x/sys v0.41.0 // indirect
+	golang.org/x/text v0.34.0 // indirect
+	golang.org/x/tools v0.41.0 // indirect
 	google.golang.org/protobuf v1.36.11 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
diff --git a/go.sum b/go.sum
index 96ea7bc..717c4ff 100644
--- a/go.sum
+++ b/go.sum
@@ -10,12 +10,8 @@ github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
 github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
 github.com/bytedance/gopkg v0.1.3 h1:TPBSwH8RsouGCBcMBktLt1AymVo2TVsBVCY4b6TnZ/M=
 github.com/bytedance/gopkg v0.1.3/go.mod h1:576VvJ+eJgyCzdjS+c4+77QF3p7ubbtiKARP3TxducM=
-github.com/bytedance/sonic v1.14.2 h1:k1twIoe97C1DtYUo+fZQy865IuHia4PR5RPiuGPPIIE=
-github.com/bytedance/sonic v1.14.2/go.mod h1:T80iDELeHiHKSc0C9tubFygiuXoGzrkjKzX2quAx980=
 github.com/bytedance/sonic v1.15.0 h1:/PXeWFaR5ElNcVE84U0dOHjiMHQOwNIx3K4ymzh/uSE=
 github.com/bytedance/sonic v1.15.0/go.mod h1:tFkWrPz0/CUCLEF4ri4UkHekCIcdnkqXw9VduqpJh0k=
-github.com/bytedance/sonic/loader v0.4.0 h1:olZ7lEqcxtZygCK9EKYKADnpQoYkRQxaeY2NYzevs+o=
-github.com/bytedance/sonic/loader v0.4.0/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCcdf5x77udYiSJRo=
 github.com/bytedance/sonic/loader v0.5.0 h1:gXH3KVnatgY7loH5/TkeVyXPfESoqSBSBEiDd5VjlgE=
 github.com/bytedance/sonic/loader v0.5.0/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCcdf5x77udYiSJRo=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
@@ -40,8 +36,6 @@ github.com/emersion/go-smtp v0.24.0/go.mod h1:ZtRRkbTyp2XTHCA+BmyTFTrj8xY4I+b4Mc
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
-github.com/gabriel-vasile/mimetype v1.4.11 h1:AQvxbp830wPhHTqc1u7nzoLT+ZFxGY7emj5DR5DYFik=
-github.com/gabriel-vasile/mimetype v1.4.11/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/gabriel-vasile/mimetype v1.4.12 h1:e9hWvmLYvtp846tLHam2o++qitpguFiYCKbn0w9jyqw=
 github.com/gabriel-vasile/mimetype v1.4.12/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/getkin/kin-openapi v0.133.0 h1:pJdmNohVIJ97r4AUFtEXRXwESr8b0bD721u/Tz6k8PQ=
@@ -50,12 +44,8 @@ github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w
 github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
 github.com/gin-gonic/gin v1.11.0 h1:OW/6PLjyusp2PPXtyxKHU0RbX6I/l28FTdDlae5ueWk=
 github.com/gin-gonic/gin v1.11.0/go.mod h1:+iq/FyxlGzII0KHiBGjuNn4UNENUlKbGlNmc+W50Dls=
-github.com/go-openapi/jsonpointer v0.22.2 h1:JDQEe4B9j6K3tQ7HQQTZfjR59IURhjjLxet2FB4KHyg=
-github.com/go-openapi/jsonpointer v0.22.2/go.mod h1:0lBbqeRsQ5lIanv3LHZBrmRGHLHcQoOXQnf88fHlGWo=
 github.com/go-openapi/jsonpointer v0.22.4 h1:dZtK82WlNpVLDW2jlA1YCiVJFVqkED1MegOUy9kR5T4=
 github.com/go-openapi/jsonpointer v0.22.4/go.mod h1:elX9+UgznpFhgBuaMQ7iu4lvvX1nvNsesQ3oxmYTw80=
-github.com/go-openapi/swag/jsonname v0.25.1 h1:Sgx+qbwa4ej6AomWC6pEfXrA6uP2RkaNjA9BR8a1RJU=
-github.com/go-openapi/swag/jsonname v0.25.1/go.mod h1:71Tekow6UOLBD3wS7XhdT98g5J5GR13NOTQ9/6Q11Zo=
 github.com/go-openapi/swag/jsonname v0.25.4 h1:bZH0+MsS03MbnwBXYhuTttMOqk+5KcQ9869Vye1bNHI=
 github.com/go-openapi/swag/jsonname v0.25.4/go.mod h1:GPVEk9CWVhNvWhZgrnvRA6utbAltopbKwDu8mXNUMag=
 github.com/go-openapi/testify/v2 v2.0.2 h1:X999g3jeLcoY8qctY/c/Z8iBHTbwLz7R2WXd6Ub6wls=
@@ -66,8 +56,6 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688=
-github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU=
 github.com/go-playground/validator/v10 v10.30.1 h1:f3zDSN/zOma+w6+1Wswgd9fLkdwy06ntQJp0BBvFG0w=
 github.com/go-playground/validator/v10 v10.30.1/go.mod h1:oSuBIQzuJxL//3MelwSLD5hc2Tu889bF0Idm9Dg26cM=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
@@ -75,8 +63,6 @@ github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
 github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
 github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
-github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw=
-github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
 github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM=
 github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -104,8 +90,6 @@ github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsI
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
-github.com/jackc/pgx/v5 v5.7.6 h1:rWQc5FwZSPX58r1OQmkuaNicxdmExaEz5A2DO2hUuTk=
-github.com/jackc/pgx/v5 v5.7.6/go.mod h1:aruU7o91Tc2q2cFp5h4uP3f6ztExVpyVv88Xl/8Vl8M=
 github.com/jackc/pgx/v5 v5.8.0 h1:TYPDoleBBme0xGSAX3/+NujXXtpZn9HBONkQC7IEZSo=
 github.com/jackc/pgx/v5 v5.8.0/go.mod h1:QVeDInX2m9VyzvNeiCJVjCkNFqzsNb43204HshNSZKw=
 github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
@@ -134,8 +118,6 @@ github.com/mailru/easyjson v0.9.1 h1:LbtsOm5WAswyWbvTEOqhypdPeZzHavpZx96/n553mR8
 github.com/mailru/easyjson v0.9.1/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-sqlite3 v1.14.32 h1:JD12Ag3oLy1zQA+BNn74xRgaBbdhbNIDYvQUEuuErjs=
-github.com/mattn/go-sqlite3 v1.14.32/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mattn/go-sqlite3 v1.14.33 h1:A5blZ5ulQo2AtayQ9/limgHEkFreKj1Dv226a1K73s0=
 github.com/mattn/go-sqlite3 v1.14.33/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -176,12 +158,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/quic-go/qpack v0.6.0 h1:g7W+BMYynC1LbYLSqRt8PBg5Tgwxn214ZZR34VIOjz8=
 github.com/quic-go/qpack v0.6.0/go.mod h1:lUpLKChi8njB4ty2bFLX2x4gzDqXwUpaO1DP9qMDZII=
-github.com/quic-go/quic-go v0.57.0 h1:AsSSrrMs4qI/hLrKlTH/TGQeTMY0ib1pAOX7vA3AdqE=
-github.com/quic-go/quic-go v0.57.0/go.mod h1:ly4QBAjHA2VhdnxhojRsCUOeJwKYg+taDlos92xb1+s=
 github.com/quic-go/quic-go v0.59.0 h1:OLJkp1Mlm/aS7dpKgTc6cnpynnD2Xg7C1pwL6vy/SAw=
 github.com/quic-go/quic-go v0.59.0/go.mod h1:upnsH4Ju1YkqpLXC305eW3yDZ4NfnNbmQRCMWS58IKU=
-github.com/redis/go-redis/v9 v9.16.0 h1:OotgqgLSRCmzfqChbQyG1PHC3tLNR89DG4jdOERSEP4=
-github.com/redis/go-redis/v9 v9.16.0/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370=
 github.com/redis/go-redis/v9 v9.17.2 h1:P2EGsA4qVIM3Pp+aPocCJ7DguDHhqrXNhVcEp4ViluI=
 github.com/redis/go-redis/v9 v9.17.2/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370=
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
@@ -223,11 +201,11 @@ golang.org/x/arch v0.23.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
-golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
+golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
+golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
-golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
+golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c=
+golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -235,8 +213,8 @@ golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
 golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
-golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
+golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=
+golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -257,24 +235,21 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
-golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
+golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
-golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
-golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
-golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
-golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
+golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk=
+golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
-golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
+golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc=
+golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -287,8 +262,6 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
-google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
 google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

From c50e18a347bdd7b458458837adb53b133d325b38 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Thu, 19 Feb 2026 23:15:07 +0700
Subject: [PATCH 04/27] Use modern Go slices.Contains and switch instead of
 if/else if

---
 pkg/analyzer/content.go | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/pkg/analyzer/content.go b/pkg/analyzer/content.go
index 95e32aa..72ecfc9 100644
--- a/pkg/analyzer/content.go
+++ b/pkg/analyzer/content.go
@@ -439,7 +439,8 @@ func (c *ContentAnalyzer) hasDomainMisalignment(href, linkText string) bool {
 	// Extract the actual destination domain/email based on scheme
 	var actualDomain string
 
-	if parsedURL.Scheme == "mailto" {
+	switch parsedURL.Scheme {
+	case "mailto":
 		// Extract email address from mailto: URL
 		// Format can be: mailto:user@domain.com or mailto:user@domain.com?subject=...
 		mailtoAddr := parsedURL.Opaque
@@ -457,7 +458,8 @@ func (c *ContentAnalyzer) hasDomainMisalignment(href, linkText string) bool {
 		} else {
 			return false // Invalid mailto
 		}
-	} else if parsedURL.Scheme == "http" || parsedURL.Scheme == "https" {
+	case "http":
+	case "https":
 		// Check if URL has a host
 		if parsedURL.Host == "" {
 			return false
@@ -469,7 +471,7 @@ func (c *ContentAnalyzer) hasDomainMisalignment(href, linkText string) bool {
 			actualDomain = actualDomain[:idx]
 		}
 		actualDomain = strings.ToLower(actualDomain)
-	} else {
+	default:
 		// Skip checks for other URL schemes (tel, etc.)
 		return false
 	}
@@ -492,10 +494,8 @@ func (c *ContentAnalyzer) hasDomainMisalignment(href, linkText string) bool {
 		"email us", "contact us", "send email", "get in touch", "reach out",
 		"contact", "email", "write to us",
 	}
-	for _, generic := range genericTexts {
-		if linkText == generic {
-			return false
-		}
+	if slices.Contains(genericTexts, linkText) {
+		return false
 	}
 
 	// Extract domain-like patterns from link text using regex
@@ -562,10 +562,8 @@ func (c *ContentAnalyzer) isSuspiciousURL(urlStr string, parsedURL *url.URL) boo
 		"bit.ly", "tinyurl.com", "goo.gl", "ow.ly", "t.co",
 		"buff.ly", "is.gd", "bl.ink", "short.io",
 	}
-	for _, shortener := range shorteners {
-		if strings.ToLower(parsedURL.Host) == shortener {
-			return true
-		}
+	if slices.Contains(shorteners, strings.ToLower(parsedURL.Host)) {
+		return true
 	}
 
 	// Check for excessive subdomains (possible obfuscation)

From 6b983f0506333f7ed98785b0428403e1cff23a0f Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Thu, 19 Feb 2026 23:15:52 +0700
Subject: [PATCH 05/27] Use List-Unsubscribe header URLs for unsubscribe link
 detection

Bug: https://github.com/happyDomain/happydeliver/issues/8
---
 pkg/analyzer/content.go | 14 ++++++++++++--
 pkg/analyzer/parser.go  | 17 +++++++++++++++++
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/pkg/analyzer/content.go b/pkg/analyzer/content.go
index 72ecfc9..0d53c94 100644
--- a/pkg/analyzer/content.go
+++ b/pkg/analyzer/content.go
@@ -27,6 +27,7 @@ import (
 	"net/http"
 	"net/url"
 	"regexp"
+	"slices"
 	"strings"
 	"time"
 	"unicode"
@@ -37,8 +38,9 @@ import (
 
 // ContentAnalyzer analyzes email content (HTML, links, images)
 type ContentAnalyzer struct {
-	Timeout    time.Duration
-	httpClient *http.Client
+	Timeout             time.Duration
+	httpClient          *http.Client
+	listUnsubscribeURLs []string // URLs from List-Unsubscribe header
 }
 
 // NewContentAnalyzer creates a new content analyzer with configurable timeout
@@ -110,6 +112,9 @@ func (c *ContentAnalyzer) AnalyzeContent(email *EmailMessage) *ContentResults {
 
 	results.IsMultipart = len(email.Parts) > 1
 
+	// Parse List-Unsubscribe header URLs for use in link detection
+	c.listUnsubscribeURLs = email.GetListUnsubscribeURLs()
+
 	// Get HTML and text parts
 	htmlParts := email.GetHTMLParts()
 	textParts := email.GetTextParts()
@@ -331,6 +336,11 @@ func (c *ContentAnalyzer) getAttr(n *html.Node, key string) string {
 
 // isUnsubscribeLink checks if a link is an unsubscribe link
 func (c *ContentAnalyzer) isUnsubscribeLink(href string, node *html.Node) bool {
+	// First check: does the href match a URL from the List-Unsubscribe header?
+	if slices.Contains(c.listUnsubscribeURLs, href) {
+		return true
+	}
+
 	// Check href for unsubscribe keywords
 	lowerHref := strings.ToLower(href)
 	unsubKeywords := []string{"unsubscribe", "opt-out", "optout", "remove", "list-unsubscribe"}
diff --git a/pkg/analyzer/parser.go b/pkg/analyzer/parser.go
index ca3cb46..79d8310 100644
--- a/pkg/analyzer/parser.go
+++ b/pkg/analyzer/parser.go
@@ -301,3 +301,20 @@ func (e *EmailMessage) GetHeaderValue(key string) string {
 func (e *EmailMessage) HasHeader(key string) bool {
 	return e.Header.Get(key) != ""
 }
+
+// GetListUnsubscribeURLs parses the List-Unsubscribe header and returns all URLs.
+// The header format is: <url1>, <url2>, ...
+func (e *EmailMessage) GetListUnsubscribeURLs() []string {
+	value := e.Header.Get("List-Unsubscribe")
+	if value == "" {
+		return nil
+	}
+	var urls []string
+	for _, part := range strings.Split(value, ",") {
+		part = strings.TrimSpace(part)
+		if strings.HasPrefix(part, "<") && strings.HasSuffix(part, ">") {
+			urls = append(urls, part[1:len(part)-1])
+		}
+	}
+	return urls
+}

From 96e83ff70d1eb4a10d6c3ab8327b65c9c06b9092 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sun, 22 Feb 2026 15:19:27 +0700
Subject: [PATCH 06/27] Add multilingual unsubscribe keywords for link
 detection

The list comes from github.com/knadh/listmonk i18n strings

Bug: https://github.com/happyDomain/happydeliver/issues/8
---
 pkg/analyzer/content.go      |  2 +-
 pkg/analyzer/content_test.go | 68 ++++++++++++++++++++++++++++++++++++
 2 files changed, 69 insertions(+), 1 deletion(-)

diff --git a/pkg/analyzer/content.go b/pkg/analyzer/content.go
index 0d53c94..05aecfa 100644
--- a/pkg/analyzer/content.go
+++ b/pkg/analyzer/content.go
@@ -343,7 +343,7 @@ func (c *ContentAnalyzer) isUnsubscribeLink(href string, node *html.Node) bool {
 
 	// Check href for unsubscribe keywords
 	lowerHref := strings.ToLower(href)
-	unsubKeywords := []string{"unsubscribe", "opt-out", "optout", "remove", "list-unsubscribe"}
+	unsubKeywords := []string{"unsubscribe", "opt-out", "optout", "remove", "list-unsubscribe", "отписване", "desubscripció", "zrušit odběr", "dad-danysgrifio", "afmeld", "abmelden", "διαγραφή", "darse de baja", "poistu postituslistalta", "se désabonner", "ביטול רישום", "leiratkozás", "cancella iscrizione", "登録を取り消す", "구독 해지", "വരിക്കാരനല്ലാതാകുക", "uitschrijven", "meld av", "odsubskrybuj", "cancelar assinatura", "cancelar subscrição", "dezabonare", "отписаться", "avsluta prenumeration", "zrušiť odber", "odjava", "üyeliği sonlandır", "відписатися", "hủy đăng ký", "退订", "退訂"}
 	for _, keyword := range unsubKeywords {
 		if strings.Contains(lowerHref, keyword) {
 			return true
diff --git a/pkg/analyzer/content_test.go b/pkg/analyzer/content_test.go
index 9289d95..4ad01a8 100644
--- a/pkg/analyzer/content_test.go
+++ b/pkg/analyzer/content_test.go
@@ -144,6 +144,74 @@ func TestIsUnsubscribeLink(t *testing.T) {
 			linkText: "Read more",
 			expected: false,
 		},
+		// Multilingual keyword detection - URL path
+		{
+			name:     "German abmelden in URL",
+			href:     "https://example.com/abmelden?id=42",
+			linkText: "Click here",
+			expected: true,
+		},
+		{
+			name:     "French se-desabonner slug in URL (no accent/space - not detected by keyword)",
+			href:     "https://example.com/se-desabonner?id=42",
+			linkText: "Click here",
+			expected: false,
+		},
+		// Multilingual keyword detection - link text
+		{
+			name:     "German Abmelden in link text",
+			href:     "https://example.com/manage?id=42&lang=de",
+			linkText: "Abmelden",
+			expected: true,
+		},
+		{
+			name:     "French Se désabonner in link text",
+			href:     "https://example.com/manage?id=42&lang=fr",
+			linkText: "Se désabonner",
+			expected: true,
+		},
+		{
+			name:     "Russian Отписаться in link text",
+			href:     "https://example.com/manage?id=42&lang=ru",
+			linkText: "Отписаться",
+			expected: true,
+		},
+		{
+			name:     "Chinese 退订 in link text",
+			href:     "https://example.com/manage?id=42&lang=zh",
+			linkText: "退订",
+			expected: true,
+		},
+		{
+			name:     "Japanese 登録を取り消す in link text",
+			href:     "https://example.com/manage?id=42&lang=ja",
+			linkText: "登録を取り消す",
+			expected: true,
+		},
+		{
+			name:     "Korean 구독 해지 in link text",
+			href:     "https://example.com/manage?id=42&lang=ko",
+			linkText: "구독 해지",
+			expected: true,
+		},
+		{
+			name:     "Dutch Uitschrijven in link text",
+			href:     "https://example.com/manage?id=42&lang=nl",
+			linkText: "Uitschrijven",
+			expected: true,
+		},
+		{
+			name:     "Polish Odsubskrybuj in link text",
+			href:     "https://example.com/manage?id=42&lang=pl",
+			linkText: "Odsubskrybuj",
+			expected: true,
+		},
+		{
+			name:     "Turkish Üyeliği sonlandır in link text",
+			href:     "https://example.com/manage?id=42&lang=tr",
+			linkText: "Üyeliği sonlandır",
+			expected: true,
+		},
 	}
 
 	analyzer := NewContentAnalyzer(5 * time.Second)

From 8fda7746a1f9951fb845cf7a150e6a4699f9ce5b Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sun, 22 Feb 2026 23:57:39 +0700
Subject: [PATCH 07/27] Add one-click unsubscribe detection and warning

Detect the List-Unsubscribe-Post: List-Unsubscribe=One-Click header
(RFC 8058) and expose it as the 'one-click' unsubscribe method in the
content analysis. When unsubscribe methods are present but one-click is
absent, the summary card now shows a warning nudging senders to adopt it.
---
 pkg/analyzer/content.go                   | 27 ++++++++++++++++++-----
 web/src/lib/components/SummaryCard.svelte | 11 +++++++++
 2 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/pkg/analyzer/content.go b/pkg/analyzer/content.go
index 05aecfa..d14d157 100644
--- a/pkg/analyzer/content.go
+++ b/pkg/analyzer/content.go
@@ -38,9 +38,10 @@ import (
 
 // ContentAnalyzer analyzes email content (HTML, links, images)
 type ContentAnalyzer struct {
-	Timeout             time.Duration
-	httpClient          *http.Client
-	listUnsubscribeURLs []string // URLs from List-Unsubscribe header
+	Timeout                time.Duration
+	httpClient             *http.Client
+	listUnsubscribeURLs    []string // URLs from List-Unsubscribe header
+	hasOneClickUnsubscribe bool     // True if List-Unsubscribe-Post: List-Unsubscribe=One-Click
 }
 
 // NewContentAnalyzer creates a new content analyzer with configurable timeout
@@ -115,6 +116,10 @@ func (c *ContentAnalyzer) AnalyzeContent(email *EmailMessage) *ContentResults {
 	// Parse List-Unsubscribe header URLs for use in link detection
 	c.listUnsubscribeURLs = email.GetListUnsubscribeURLs()
 
+	// Check for one-click unsubscribe support
+	listUnsubscribePost := email.Header.Get("List-Unsubscribe-Post")
+	c.hasOneClickUnsubscribe = strings.EqualFold(strings.TrimSpace(listUnsubscribePost), "List-Unsubscribe=One-Click")
+
 	// Get HTML and text parts
 	htmlParts := email.GetHTMLParts()
 	textParts := email.GetTextParts()
@@ -732,6 +737,7 @@ func (c *ContentAnalyzer) GenerateContentAnalysis(results *ContentResults) *api.
 		HasHtml:            api.PtrTo(results.HTMLContent != ""),
 		HasPlaintext:       api.PtrTo(results.TextContent != ""),
 		HasUnsubscribeLink: api.PtrTo(results.HasUnsubscribe),
+		UnsubscribeMethods: &[]api.ContentAnalysisUnsubscribeMethods{},
 	}
 
 	// Calculate text-to-image ratio (inverse of image-to-text)
@@ -878,8 +884,19 @@ func (c *ContentAnalyzer) GenerateContentAnalysis(results *ContentResults) *api.
 
 	// Unsubscribe methods
 	if results.HasUnsubscribe {
-		methods := []api.ContentAnalysisUnsubscribeMethods{api.Link}
-		analysis.UnsubscribeMethods = &methods
+		*analysis.UnsubscribeMethods = append(*analysis.UnsubscribeMethods, api.Link)
+	}
+
+	for _, url := range c.listUnsubscribeURLs {
+		if strings.HasPrefix(url, "mailto:") {
+			*analysis.UnsubscribeMethods = append(*analysis.UnsubscribeMethods, api.Mailto)
+		} else if strings.HasPrefix(url, "http:") || strings.HasPrefix(url, "https:") {
+			*analysis.UnsubscribeMethods = append(*analysis.UnsubscribeMethods, api.ListUnsubscribeHeader)
+		}
+	}
+
+	if slices.Contains(*analysis.UnsubscribeMethods, api.ListUnsubscribeHeader) && c.hasOneClickUnsubscribe {
+		*analysis.UnsubscribeMethods = append(*analysis.UnsubscribeMethods, api.OneClick)
 	}
 
 	return analysis
diff --git a/web/src/lib/components/SummaryCard.svelte b/web/src/lib/components/SummaryCard.svelte
index 199bc94..dd0637a 100644
--- a/web/src/lib/components/SummaryCard.svelte
+++ b/web/src/lib/components/SummaryCard.svelte
@@ -422,6 +422,17 @@
             });
         }
 
+        // One-click unsubscribe check
+        const unsubscribeMethods = report.content_analysis?.unsubscribe_methods;
+        if (unsubscribeMethods && unsubscribeMethods.length > 0 && !unsubscribeMethods.includes("one-click")) {
+            segments.push({ text: ". This email could benefit from " });
+            segments.push({
+                text: "one-click unsubscribe",
+                highlight: { color: "warning", bold: true },
+                link: "#content-details",
+            });
+        }
+
         // Content/spam assessment
         const spamAssassin = report.spamassassin;
         const contentScore = report.summary?.content_score || 0;

From e811d02b3b2263d19045580cec2b5f72793ec585 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 23 Feb 2026 00:10:57 +0700
Subject: [PATCH 08/27] Add rspamd as a second spam filter alongside
 SpamAssassin

Closes: https://git.nemunai.re/happyDomain/happyDeliver/issues/36
---
 Dockerfile                                    |   7 +-
 README.md                                     |   7 +-
 api/openapi.yaml                              |  87 +++++++++-
 docker/entrypoint.sh                          |   4 +
 docker/postfix/main.cf                        |   2 +-
 docker/rspamd/local.d/actions.conf            |   5 +
 docker/rspamd/local.d/milter_headers.conf     |   5 +
 docker/rspamd/local.d/options.inc             |   3 +
 docker/rspamd/local.d/worker-proxy.inc        |   6 +
 docker/supervisor/supervisord.conf            |  10 ++
 pkg/analyzer/parser.go                        |  27 ++++
 pkg/analyzer/report.go                        |  41 ++++-
 pkg/analyzer/rspamd.go                        | 152 ++++++++++++++++++
 pkg/analyzer/scoring.go                       |  28 ++++
 pkg/analyzer/spamassassin.go                  |   2 +-
 web/src/lib/components/RspamdCard.svelte      | 125 ++++++++++++++
 .../lib/components/SpamAssassinCard.svelte    |  14 +-
 web/src/lib/components/index.ts               |   1 +
 web/src/routes/test/[test]/+page.svelte       |  22 +--
 19 files changed, 520 insertions(+), 28 deletions(-)
 create mode 100644 docker/rspamd/local.d/actions.conf
 create mode 100644 docker/rspamd/local.d/milter_headers.conf
 create mode 100644 docker/rspamd/local.d/options.inc
 create mode 100644 docker/rspamd/local.d/worker-proxy.inc
 create mode 100644 pkg/analyzer/rspamd.go
 create mode 100644 web/src/lib/components/RspamdCard.svelte

diff --git a/Dockerfile b/Dockerfile
index 3d9440a..f6dc16a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -121,6 +121,7 @@ RUN echo "@edge https://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/ap
     perl-xml-libxml \
     postfix \
     postfix-pcre \
+    rspamd \
     spamassassin \
     spamassassin-client \
     supervisor \
@@ -143,8 +144,11 @@ RUN mkdir -p /etc/happydeliver \
     /var/lib/authentication_milter \
     /var/spool/postfix/authentication_milter \
     /var/spool/postfix/spamassassin \
+    /var/spool/postfix/rspamd \
     && chown -R happydeliver:happydeliver /var/lib/happydeliver /var/log/happydeliver \
-    && chown -R mail:mail /var/spool/postfix/authentication_milter /var/spool/postfix/spamassassin
+    && chown -R mail:mail /var/spool/postfix/authentication_milter /var/spool/postfix/spamassassin \
+    && chown rspamd:mail /var/spool/postfix/rspamd \
+    && chmod 750 /var/spool/postfix/rspamd
 
 # Copy the built application
 COPY --from=builder /build/happyDeliver /usr/local/bin/happyDeliver
@@ -154,6 +158,7 @@ RUN chmod +x /usr/local/bin/happyDeliver
 COPY docker/postfix/ /etc/postfix/
 COPY docker/authentication_milter/authentication_milter.json /etc/authentication_milter.json
 COPY docker/spamassassin/ /etc/mail/spamassassin/
+COPY docker/rspamd/local.d/ /etc/rspamd/local.d/
 COPY docker/supervisor/ /etc/supervisor/
 COPY docker/entrypoint.sh /entrypoint.sh
 
diff --git a/README.md b/README.md
index 3b28292..3c213cd 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@ An open-source email deliverability testing platform that analyzes test emails a
 
 ## Features
 
-- **Complete Email Analysis**: Analyzes SPF, DKIM, DMARC, BIMI, ARC, SpamAssassin scores, DNS records, blacklist status, content quality, and more
+- **Complete Email Analysis**: Analyzes SPF, DKIM, DMARC, BIMI, ARC, SpamAssassin and rspamd scores, DNS records, blacklist status, content quality, and more
 - **REST API**: Full-featured API for creating tests and retrieving reports
 - **LMTP Server**: Built-in LMTP server for seamless MTA integration
 - **Scoring System**: Gives A to F grades and scoring with weighted factors across dns, authentication, spam, blacklists, content, and headers
@@ -26,6 +26,7 @@ The easiest way to run happyDeliver is using the all-in-one Docker container tha
 - **Postfix MTA**: Receives emails on port 25
 - **authentication_milter**: Entreprise grade email authentication
 - **SpamAssassin**: Spam scoring and analysis
+- **rspamd**: Second spam filter for cross-validated scoring
 - **happyDeliver API**: REST API server on port 8080
 - **SQLite Database**: Persistent storage for tests and reports
 
@@ -162,7 +163,7 @@ The server will start on `http://localhost:8080` by default.
 
 #### 3. Integrate with your existing e-mail setup
 
-It is expected your setup annotate the email with eg. opendkim, spamassassin, ...
+It is expected your setup annotate the email with eg. opendkim, spamassassin, rspamd, ...
 happyDeliver will not perform thoses checks, it relies instead on standard software to have real world annotations.
 
 Choose one of the following way to integrate happyDeliver in your existing setup:
@@ -269,7 +270,7 @@ The deliverability score is calculated from A to F based on:
 - **Authentication**: IPRev, SPF, DKIM, DMARC, BIMI and ARC validation
 - **Blacklist**: RBL/DNSBL checks
 - **Headers**: Required headers, MIME structure, Domain alignment
-- **Spam**: SpamAssassin score
+- **Spam**: SpamAssassin and rspamd scores (combined 50/50)
 - **Content**: HTML quality, links, images, unsubscribe
 
 ## Funding
diff --git a/api/openapi.yaml b/api/openapi.yaml
index 8463007..5c628fd 100644
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@@ -333,6 +333,8 @@ components:
           $ref: '#/components/schemas/AuthenticationResults'
         spamassassin:
           $ref: '#/components/schemas/SpamAssassinResult'
+        rspamd:
+          $ref: '#/components/schemas/RspamdResult'
         dns_results:
           $ref: '#/components/schemas/DNSResults'
         blacklists:
@@ -401,7 +403,7 @@ components:
           type: integer
           minimum: 0
           maximum: 100
-          description: SpamAssassin score (in percentage)
+          description: Spam filter score (SpamAssassin + rspamd combined, in percentage)
           example: 15
         spam_grade:
           type: string
@@ -843,6 +845,17 @@ components:
         - is_spam
         - test_details
       properties:
+        deliverability_score:
+          type: integer
+          minimum: 0
+          maximum: 100
+          description: SpamAssassin deliverability score (0-100, higher is better)
+          example: 80
+        deliverability_grade:
+          type: string
+          enum: [A+, A, B, C, D, E, F]
+          description: Letter grade for SpamAssassin deliverability score
+          example: "B"
         version:
           type: string
           description: SpamAssassin version
@@ -905,6 +918,78 @@ components:
           description: Human-readable description of what this test checks
           example: "Bayes spam probability is 0 to 1%"
 
+    RspamdResult:
+      type: object
+      required:
+        - score
+        - threshold
+        - is_spam
+        - symbols
+      properties:
+        deliverability_score:
+          type: integer
+          minimum: 0
+          maximum: 100
+          description: rspamd deliverability score (0-100, higher is better)
+          example: 85
+        deliverability_grade:
+          type: string
+          enum: [A+, A, B, C, D, E, F]
+          description: Letter grade for rspamd deliverability score
+          example: "A"
+        score:
+          type: number
+          format: float
+          description: rspamd spam score
+          example: -3.91
+        threshold:
+          type: number
+          format: float
+          description: Score threshold for spam classification
+          example: 15.0
+        action:
+          type: string
+          description: rspamd action (no action, add header, rewrite subject, soft reject, reject)
+          example: "no action"
+        is_spam:
+          type: boolean
+          description: Whether message is classified as spam (action is reject or soft reject)
+          example: false
+        server:
+          type: string
+          description: rspamd server that processed the message
+          example: "rspamd.example.com"
+        symbols:
+          type: object
+          additionalProperties:
+            $ref: '#/components/schemas/RspamdSymbol'
+          description: Map of triggered rspamd symbols to their details
+          example:
+            BAYES_HAM:
+              name: "BAYES_HAM"
+              score: -1.9
+              params: "0.02"
+
+    RspamdSymbol:
+      type: object
+      required:
+        - name
+        - score
+      properties:
+        name:
+          type: string
+          description: Symbol name
+          example: "BAYES_HAM"
+        score:
+          type: number
+          format: float
+          description: Score contribution of this symbol
+          example: -1.9
+        params:
+          type: string
+          description: Symbol parameters or options
+          example: "0.02"
+
     DNSResults:
       type: object
       required:
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 1bc3eff..ef45b61 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -15,6 +15,10 @@ mkdir -p /var/spool/postfix/authentication_milter
 chown mail:mail /var/spool/postfix/authentication_milter
 chmod 750 /var/spool/postfix/authentication_milter
 
+mkdir -p /var/spool/postfix/rspamd
+chown rspamd:mail /var/spool/postfix/rspamd
+chmod 750 /var/spool/postfix/rspamd
+
 # Create log directory
 mkdir -p /var/log/happydeliver /var/cache/authentication_milter /var/spool/authentication_milter /var/lib/authentication_milter /run/authentication_milter
 chown happydeliver:happydeliver /var/log/happydeliver
diff --git a/docker/postfix/main.cf b/docker/postfix/main.cf
index fcdb75c..5a73fb3 100644
--- a/docker/postfix/main.cf
+++ b/docker/postfix/main.cf
@@ -28,7 +28,7 @@ transport_maps = pcre:/etc/postfix/transport_maps
 # OpenDKIM for DKIM verification
 milter_default_action = accept
 milter_protocol = 6
-smtpd_milters = unix:/var/spool/postfix/authentication_milter/authentication_milter.sock unix:/var/spool/postfix/spamassassin/spamass-milter.sock
+smtpd_milters = unix:/var/spool/postfix/authentication_milter/authentication_milter.sock unix:/var/spool/postfix/spamassassin/spamass-milter.sock unix:/var/spool/postfix/rspamd/rspamd-milter.sock
 non_smtpd_milters = $smtpd_milters
 
 # SPF policy checking
diff --git a/docker/rspamd/local.d/actions.conf b/docker/rspamd/local.d/actions.conf
new file mode 100644
index 0000000..f3ed60c
--- /dev/null
+++ b/docker/rspamd/local.d/actions.conf
@@ -0,0 +1,5 @@
+no_action = 0;
+reject = null;
+add_header = null;
+rewrite_subject = null;
+greylist = null;
\ No newline at end of file
diff --git a/docker/rspamd/local.d/milter_headers.conf b/docker/rspamd/local.d/milter_headers.conf
new file mode 100644
index 0000000..378b8a3
--- /dev/null
+++ b/docker/rspamd/local.d/milter_headers.conf
@@ -0,0 +1,5 @@
+# Add "extended Rspamd headers"
+extended_spam_headers = true;
+
+skip_local = false;
+skip_authenticated = false;
\ No newline at end of file
diff --git a/docker/rspamd/local.d/options.inc b/docker/rspamd/local.d/options.inc
new file mode 100644
index 0000000..485d0c9
--- /dev/null
+++ b/docker/rspamd/local.d/options.inc
@@ -0,0 +1,3 @@
+# rspamd options for happyDeliver
+# Disable Bayes learning to keep the setup stateless
+use_redis = false;
diff --git a/docker/rspamd/local.d/worker-proxy.inc b/docker/rspamd/local.d/worker-proxy.inc
new file mode 100644
index 0000000..04c9a1d
--- /dev/null
+++ b/docker/rspamd/local.d/worker-proxy.inc
@@ -0,0 +1,6 @@
+# Enable rspamd milter proxy worker via Unix socket for Postfix integration
+bind_socket = "/var/spool/postfix/rspamd/rspamd-milter.sock mode=0660 owner=rspamd group=mail";
+upstream "local" {
+  default = yes;
+  self_scan = yes;
+}
diff --git a/docker/supervisor/supervisord.conf b/docker/supervisor/supervisord.conf
index c0c7002..74f1810 100644
--- a/docker/supervisor/supervisord.conf
+++ b/docker/supervisor/supervisord.conf
@@ -33,6 +33,16 @@ stderr_logfile=/var/log/happydeliver/authentication_milter.log
 user=mail
 group=mail
 
+# rspamd spam filter
+[program:rspamd]
+command=/usr/bin/rspamd -f -u rspamd -g mail
+autostart=true
+autorestart=true
+priority=11
+stdout_logfile=/var/log/happydeliver/rspamd.log
+stderr_logfile=/var/log/happydeliver/rspamd_error.log
+user=root
+
 # SpamAssassin daemon
 [program:spamd]
 command=/usr/sbin/spamd --max-children 5 --helper-home-dir /var/lib/spamassassin --syslog stderr --pidfile /var/run/spamd.pid
diff --git a/pkg/analyzer/parser.go b/pkg/analyzer/parser.go
index 79d8310..5b30e07 100644
--- a/pkg/analyzer/parser.go
+++ b/pkg/analyzer/parser.go
@@ -256,6 +256,33 @@ func (e *EmailMessage) GetSpamAssassinHeaders() map[string]string {
 	}
 
 	for _, headerName := range saHeaders {
+		if values, ok := e.Header[headerName]; ok && len(values) > 0 {
+			for _, value := range values {
+				if strings.TrimSpace(value) != "" {
+					headers[headerName] = value
+					break
+				}
+			}
+		} else if value := e.Header.Get(headerName); value != "" {
+			headers[headerName] = value
+		}
+	}
+
+	return headers
+}
+
+// GetRspamdHeaders extracts rspamd-related headers
+func (e *EmailMessage) GetRspamdHeaders() map[string]string {
+	headers := make(map[string]string)
+
+	rspamdHeaders := []string{
+		"X-Spamd-Result",
+		"X-Rspamd-Score",
+		"X-Rspamd-Action",
+		"X-Rspamd-Server",
+	}
+
+	for _, headerName := range rspamdHeaders {
 		if value := e.Header.Get(headerName); value != "" {
 			headers[headerName] = value
 		}
diff --git a/pkg/analyzer/report.go b/pkg/analyzer/report.go
index 39871fe..dc420fb 100644
--- a/pkg/analyzer/report.go
+++ b/pkg/analyzer/report.go
@@ -33,6 +33,7 @@ import (
 type ReportGenerator struct {
 	authAnalyzer    *AuthenticationAnalyzer
 	spamAnalyzer    *SpamAssassinAnalyzer
+	rspamdAnalyzer  *RspamdAnalyzer
 	dnsAnalyzer     *DNSAnalyzer
 	rblChecker      *RBLChecker
 	contentAnalyzer *ContentAnalyzer
@@ -49,6 +50,7 @@ func NewReportGenerator(
 	return &ReportGenerator{
 		authAnalyzer:    NewAuthenticationAnalyzer(),
 		spamAnalyzer:    NewSpamAssassinAnalyzer(),
+		rspamdAnalyzer:  NewRspamdAnalyzer(),
 		dnsAnalyzer:     NewDNSAnalyzer(dnsTimeout),
 		rblChecker:      NewRBLChecker(dnsTimeout, rbls, checkAllIPs),
 		contentAnalyzer: NewContentAnalyzer(httpTimeout),
@@ -65,6 +67,7 @@ type AnalysisResults struct {
 	Headers        *api.HeaderAnalysis
 	RBL            *RBLResults
 	SpamAssassin   *api.SpamAssassinResult
+	Rspamd         *api.RspamdResult
 }
 
 // AnalyzeEmail performs complete email analysis
@@ -79,6 +82,7 @@ func (r *ReportGenerator) AnalyzeEmail(email *EmailMessage) *AnalysisResults {
 	results.DNS = r.dnsAnalyzer.AnalyzeDNS(email, results.Authentication, results.Headers)
 	results.RBL = r.rblChecker.CheckEmail(email)
 	results.SpamAssassin = r.spamAnalyzer.AnalyzeSpamAssassin(email)
+	results.Rspamd = r.rspamdAnalyzer.AnalyzeRspamd(email)
 	results.Content = r.contentAnalyzer.AnalyzeContent(email)
 
 	return results
@@ -134,10 +138,26 @@ func (r *ReportGenerator) GenerateReport(testID uuid.UUID, results *AnalysisResu
 		blacklistScore, blacklistGrade = r.rblChecker.CalculateRBLScore(results.RBL)
 	}
 
-	spamScore := 0
+	saScore, saGrade := r.spamAnalyzer.CalculateSpamAssassinScore(results.SpamAssassin)
+	rspamdScore, rspamdGrade := r.rspamdAnalyzer.CalculateRspamdScore(results.Rspamd)
+
+	// Combine SpamAssassin and rspamd scores 50/50.
+	// If only one filter ran (the other returns "" grade), use that filter's score alone.
+	var spamScore int
 	var spamGrade string
-	if results.SpamAssassin != nil {
-		spamScore, spamGrade = r.spamAnalyzer.CalculateSpamAssassinScore(results.SpamAssassin)
+	switch {
+	case saGrade == "" && rspamdGrade == "":
+		spamScore = 0
+		spamGrade = ""
+	case saGrade == "":
+		spamScore = rspamdScore
+		spamGrade = rspamdGrade
+	case rspamdGrade == "":
+		spamScore = saScore
+		spamGrade = saGrade
+	default:
+		spamScore = (saScore + rspamdScore) / 2
+		spamGrade = MinGrade(saGrade, rspamdGrade)
 	}
 
 	report.Summary = &api.ScoreSummary{
@@ -177,9 +197,22 @@ func (r *ReportGenerator) GenerateReport(testID uuid.UUID, results *AnalysisResu
 		report.Blacklists = &results.RBL.Checks
 	}
 
-	// Add SpamAssassin result
+	// Add SpamAssassin result with individual deliverability score
+	if results.SpamAssassin != nil {
+		saGradeTyped := api.SpamAssassinResultDeliverabilityGrade(saGrade)
+		results.SpamAssassin.DeliverabilityScore = api.PtrTo(saScore)
+		results.SpamAssassin.DeliverabilityGrade = &saGradeTyped
+	}
 	report.Spamassassin = results.SpamAssassin
 
+	// Add rspamd result with individual deliverability score
+	if results.Rspamd != nil {
+		rspamdGradeTyped := api.RspamdResultDeliverabilityGrade(rspamdGrade)
+		results.Rspamd.DeliverabilityScore = api.PtrTo(rspamdScore)
+		results.Rspamd.DeliverabilityGrade = &rspamdGradeTyped
+	}
+	report.Rspamd = results.Rspamd
+
 	// Add raw headers
 	if results.Email != nil && results.Email.RawHeaders != "" {
 		report.RawHeaders = &results.Email.RawHeaders
diff --git a/pkg/analyzer/rspamd.go b/pkg/analyzer/rspamd.go
new file mode 100644
index 0000000..d394c62
--- /dev/null
+++ b/pkg/analyzer/rspamd.go
@@ -0,0 +1,152 @@
+// This file is part of the happyDeliver (R) project.
+// Copyright (c) 2026 happyDomain
+// Authors: Pierre-Olivier Mercier, et al.
+//
+// This program is offered under a commercial and under the AGPL license.
+// For commercial licensing, contact us at <contact@happydomain.org>.
+//
+// For AGPL licensing:
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package analyzer
+
+import (
+	"math"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"git.happydns.org/happyDeliver/internal/api"
+)
+
+// Default rspamd action thresholds (rspamd built-in defaults)
+const (
+	rspamdDefaultRejectThreshold    float32 = 15
+	rspamdDefaultAddHeaderThreshold float32 = 6
+)
+
+// RspamdAnalyzer analyzes rspamd results from email headers
+type RspamdAnalyzer struct{}
+
+// NewRspamdAnalyzer creates a new rspamd analyzer
+func NewRspamdAnalyzer() *RspamdAnalyzer {
+	return &RspamdAnalyzer{}
+}
+
+// AnalyzeRspamd extracts and analyzes rspamd results from email headers
+func (a *RspamdAnalyzer) AnalyzeRspamd(email *EmailMessage) *api.RspamdResult {
+	headers := email.GetRspamdHeaders()
+	if len(headers) == 0 {
+		return nil
+	}
+
+	result := &api.RspamdResult{
+		Symbols: make(map[string]api.RspamdSymbol),
+	}
+
+	// Parse X-Spamd-Result header (primary source for score, threshold, and symbols)
+	// Format: "default: False [-3.91 / 15.00];\n\tSYMBOL(score)[params]; ..."
+	if spamdResult, ok := headers["X-Spamd-Result"]; ok {
+		a.parseSpamdResult(spamdResult, result)
+	}
+
+	// Parse X-Rspamd-Score as override/fallback for score
+	if scoreHeader, ok := headers["X-Rspamd-Score"]; ok {
+		if score, err := strconv.ParseFloat(strings.TrimSpace(scoreHeader), 64); err == nil {
+			result.Score = float32(score)
+		}
+	}
+
+	// Parse X-Rspamd-Server
+	if serverHeader, ok := headers["X-Rspamd-Server"]; ok {
+		server := strings.TrimSpace(serverHeader)
+		result.Server = &server
+	}
+
+	// Derive IsSpam from score vs reject threshold.
+	if result.Threshold > 0 {
+		result.IsSpam = result.Score >= result.Threshold
+	} else {
+		result.IsSpam = result.Score >= rspamdDefaultAddHeaderThreshold
+	}
+
+	return result
+}
+
+// parseSpamdResult parses the X-Spamd-Result header
+// Format: "default: False [-3.91 / 15.00];\n\tSYMBOL(score)[params]; ..."
+func (a *RspamdAnalyzer) parseSpamdResult(header string, result *api.RspamdResult) {
+	// Extract score and threshold from the first line
+	// e.g. "default: False [-3.91 / 15.00]"
+	scoreRe := regexp.MustCompile(`\[\s*(-?\d+\.?\d*)\s*/\s*(-?\d+\.?\d*)\s*\]`)
+	if matches := scoreRe.FindStringSubmatch(header); len(matches) > 2 {
+		if score, err := strconv.ParseFloat(matches[1], 64); err == nil {
+			result.Score = float32(score)
+		}
+		if threshold, err := strconv.ParseFloat(matches[2], 64); err == nil {
+			result.Threshold = float32(threshold)
+
+			// No threshold? use default AddHeaderThreshold
+			if result.Threshold <= 0 {
+				result.Threshold = rspamdDefaultAddHeaderThreshold
+			}
+		}
+	}
+
+	// Parse is_spam from header (before we may get action from X-Rspamd-Action)
+	firstLine := strings.SplitN(header, ";", 2)[0]
+	if strings.Contains(firstLine, ": True") || strings.Contains(firstLine, ": true") {
+		result.IsSpam = true
+	}
+
+	// Parse symbols: SYMBOL(score)[params]
+	// Each symbol entry is separated by ";"
+	symbolRe := regexp.MustCompile(`(\w+)\((-?\d+\.?\d*)\)(?:\[([^\]]*)\])?`)
+	for _, part := range strings.Split(header, ";") {
+		part = strings.TrimSpace(part)
+		matches := symbolRe.FindStringSubmatch(part)
+		if len(matches) > 2 {
+			name := matches[1]
+			score, _ := strconv.ParseFloat(matches[2], 64)
+			sym := api.RspamdSymbol{
+				Name:  name,
+				Score: float32(score),
+			}
+			if len(matches) > 3 && matches[3] != "" {
+				params := matches[3]
+				sym.Params = &params
+			}
+			result.Symbols[name] = sym
+		}
+	}
+}
+
+// CalculateRspamdScore calculates the rspamd contribution to deliverability (0-100 scale)
+func (a *RspamdAnalyzer) CalculateRspamdScore(result *api.RspamdResult) (int, string) {
+	if result == nil {
+		return 100, "" // rspamd not installed
+	}
+
+	threshold := result.Threshold
+	percentage := 100 - int(math.Round(float64(result.Score*100/(2*threshold))))
+
+	if percentage > 100 {
+		return 100, "A+"
+	} else if percentage < 0 {
+		return 0, "F"
+	}
+
+	// Linear scale between 0 and threshold
+	return percentage, ScoreToGrade(percentage)
+}
diff --git a/pkg/analyzer/scoring.go b/pkg/analyzer/scoring.go
index 0a23388..798590f 100644
--- a/pkg/analyzer/scoring.go
+++ b/pkg/analyzer/scoring.go
@@ -69,3 +69,31 @@ func ScoreToGradeKind(score int) string {
 func ScoreToReportGrade(score int) api.ReportGrade {
 	return api.ReportGrade(ScoreToGrade(score))
 }
+
+// gradeRank returns a numeric rank for a grade (lower = worse)
+func gradeRank(grade string) int {
+	switch grade {
+	case "A+":
+		return 6
+	case "A":
+		return 5
+	case "B":
+		return 4
+	case "C":
+		return 3
+	case "D":
+		return 2
+	case "E":
+		return 1
+	default:
+		return 0
+	}
+}
+
+// MinGrade returns the minimal (worse) grade between the two given grades
+func MinGrade(a, b string) string {
+	if gradeRank(a) <= gradeRank(b) {
+		return a
+	}
+	return b
+}
diff --git a/pkg/analyzer/spamassassin.go b/pkg/analyzer/spamassassin.go
index cb80fe6..7964af2 100644
--- a/pkg/analyzer/spamassassin.go
+++ b/pkg/analyzer/spamassassin.go
@@ -50,7 +50,7 @@ func (a *SpamAssassinAnalyzer) AnalyzeSpamAssassin(email *EmailMessage) *api.Spa
 	}
 
 	// Parse X-Spam-Status header
-	if statusHeader, ok := headers["X-Spam-Status"]; ok {
+	if statusHeader, ok := headers["X-Spam-Status"]; ok && statusHeader != "" {
 		a.parseSpamStatus(statusHeader, result)
 	}
 
diff --git a/web/src/lib/components/RspamdCard.svelte b/web/src/lib/components/RspamdCard.svelte
new file mode 100644
index 0000000..2468f90
--- /dev/null
+++ b/web/src/lib/components/RspamdCard.svelte
@@ -0,0 +1,125 @@
+<script lang="ts">
+    import type { RspamdResult } from "$lib/api/types.gen";
+    import { getScoreColorClass } from "$lib/score";
+    import { theme } from "$lib/stores/theme";
+    import GradeDisplay from "./GradeDisplay.svelte";
+
+    interface Props {
+        rspamd: RspamdResult;
+    }
+
+    let { rspamd }: Props = $props();
+
+    // Derive effective action from score vs known rspamd default thresholds.
+    // The action header is unreliable in milter setups (always "no action").
+    const RSPAMD_GREYLIST_THRESHOLD = 4;
+    const RSPAMD_ADD_HEADER_THRESHOLD = 6;
+
+    const effectiveAction = $derived.by(() => {
+        const rejectThreshold = rspamd.threshold > 0 ? rspamd.threshold : 15;
+        if (rspamd.score >= rejectThreshold)
+            return { label: "Reject", cls: "bg-danger" };
+        if (rspamd.score >= RSPAMD_ADD_HEADER_THRESHOLD)
+            return { label: "Add header", cls: "bg-warning text-dark" };
+        if (rspamd.score >= RSPAMD_GREYLIST_THRESHOLD)
+            return { label: "Greylist", cls: "bg-warning text-dark" };
+        return { label: "No action", cls: "bg-success" };
+    });
+</script>
+
+<div class="card shadow-sm" id="rspamd-details">
+    <div class="card-header {$theme === 'light' ? 'bg-white' : 'bg-dark'}">
+        <h4 class="mb-0 d-flex justify-content-between align-items-center">
+            <span>
+                <i class="bi bi-shield-exclamation me-2"></i>
+                rspamd Analysis
+            </span>
+            <span>
+                {#if rspamd.deliverability_score !== undefined}
+                    <span class="badge bg-{getScoreColorClass(rspamd.deliverability_score)}">
+                        {rspamd.deliverability_score}%
+                    </span>
+                {/if}
+                {#if rspamd.deliverability_grade !== undefined}
+                    <GradeDisplay grade={rspamd.deliverability_grade} size="small" />
+                {/if}
+            </span>
+        </h4>
+    </div>
+    <div class="card-body">
+        <div class="row mb-3">
+            <div class="col-md-4">
+                <strong>Score:</strong>
+                <span class={rspamd.is_spam ? "text-danger" : "text-success"}>
+                    {rspamd.score.toFixed(2)} / {rspamd.threshold.toFixed(1)}
+                </span>
+            </div>
+            <div class="col-md-4">
+                <strong>Classified as:</strong>
+                <span class="badge {rspamd.is_spam ? 'bg-danger' : 'bg-success'} ms-2">
+                    {rspamd.is_spam ? "SPAM" : "HAM"}
+                </span>
+            </div>
+            <div class="col-md-4">
+                <strong>Action:</strong>
+                <span class="badge {effectiveAction.cls} ms-2">
+                    {effectiveAction.label}
+                </span>
+            </div>
+        </div>
+
+        {#if rspamd.symbols && Object.keys(rspamd.symbols).length > 0}
+            <div class="mb-3">
+                <div class="table-responsive mt-2">
+                    <table class="table table-sm table-hover">
+                        <thead>
+                            <tr>
+                                <th>Symbol</th>
+                                <th class="text-end">Score</th>
+                                <th>Parameters</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {#each Object.entries(rspamd.symbols).sort(([, a], [, b]) => b.score - a.score) as [symbolName, symbol]}
+                                <tr
+                                    class={symbol.score > 0
+                                        ? "table-warning"
+                                        : symbol.score < 0
+                                          ? "table-success"
+                                          : ""}
+                                >
+                                    <td class="font-monospace">{symbolName}</td>
+                                    <td class="text-end">
+                                        <span
+                                            class={symbol.score > 0
+                                                ? "text-danger fw-bold"
+                                                : symbol.score < 0
+                                                  ? "text-success fw-bold"
+                                                  : "text-muted"}
+                                        >
+                                            {symbol.score > 0 ? "+" : ""}{symbol.score.toFixed(2)}
+                                        </span>
+                                    </td>
+                                    <td class="small text-muted">{symbol.params ?? ""}</td>
+                                </tr>
+                            {/each}
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+        {/if}
+    </div>
+</div>
+
+<style>
+    /* Darker table colors in dark mode */
+    :global([data-bs-theme="dark"]) .table-warning {
+        --bs-table-bg: rgba(255, 193, 7, 0.2);
+        --bs-table-border-color: rgba(255, 193, 7, 0.3);
+    }
+
+    :global([data-bs-theme="dark"]) .table-success {
+        --bs-table-bg: rgba(25, 135, 84, 0.2);
+        --bs-table-border-color: rgba(25, 135, 84, 0.3);
+    }
+</style>
diff --git a/web/src/lib/components/SpamAssassinCard.svelte b/web/src/lib/components/SpamAssassinCard.svelte
index 2da105e..cc88c23 100644
--- a/web/src/lib/components/SpamAssassinCard.svelte
+++ b/web/src/lib/components/SpamAssassinCard.svelte
@@ -6,11 +6,9 @@
 
     interface Props {
         spamassassin: SpamAssassinResult;
-        spamGrade?: string;
-        spamScore?: number;
     }
 
-    let { spamassassin, spamGrade, spamScore }: Props = $props();
+    let { spamassassin }: Props = $props();
 </script>
 
 <div class="card shadow-sm" id="spam-details">
@@ -21,13 +19,13 @@
                 SpamAssassin Analysis
             </span>
             <span>
-                {#if spamScore !== undefined}
-                    <span class="badge bg-{getScoreColorClass(spamScore)}">
-                        {spamScore}%
+                {#if spamassassin.deliverability_score !== undefined}
+                    <span class="badge bg-{getScoreColorClass(spamassassin.deliverability_score)}">
+                        {spamassassin.deliverability_score}%
                     </span>
                 {/if}
-                {#if spamGrade !== undefined}
-                    <GradeDisplay grade={spamGrade} size="small" />
+                {#if spamassassin.deliverability_grade !== undefined}
+                    <GradeDisplay grade={spamassassin.deliverability_grade} size="small" />
                 {/if}
             </span>
         </h4>
diff --git a/web/src/lib/components/index.ts b/web/src/lib/components/index.ts
index 3c76feb..d577399 100644
--- a/web/src/lib/components/index.ts
+++ b/web/src/lib/components/index.ts
@@ -19,6 +19,7 @@ export { default as PendingState } from "./PendingState.svelte";
 export { default as PtrForwardRecordsDisplay } from "./PtrForwardRecordsDisplay.svelte";
 export { default as PtrRecordsDisplay } from "./PtrRecordsDisplay.svelte";
 export { default as ScoreCard } from "./ScoreCard.svelte";
+export { default as RspamdCard } from "./RspamdCard.svelte";
 export { default as SpamAssassinCard } from "./SpamAssassinCard.svelte";
 export { default as SpfRecordsDisplay } from "./SpfRecordsDisplay.svelte";
 export { default as SummaryCard } from "./SummaryCard.svelte";
diff --git a/web/src/routes/test/[test]/+page.svelte b/web/src/routes/test/[test]/+page.svelte
index bf44d20..c5add96 100644
--- a/web/src/routes/test/[test]/+page.svelte
+++ b/web/src/routes/test/[test]/+page.svelte
@@ -12,6 +12,7 @@
         ErrorDisplay,
         HeaderAnalysisCard,
         PendingState,
+        RspamdCard,
         ScoreCard,
         SpamAssassinCard,
         SummaryCard,
@@ -347,16 +348,19 @@
                 </div>
             {/if}
 
-            <!-- Additional Information -->
-            {#if report.spamassassin}
+            <!-- Spam filter analysis -->
+            {#if report.spamassassin || report.rspamd}
                 <div class="row mb-4" id="spam">
-                    <div class="col-12">
-                        <SpamAssassinCard
-                            spamassassin={report.spamassassin}
-                            spamGrade={report.summary?.spam_grade}
-                            spamScore={report.summary?.spam_score}
-                        />
-                    </div>
+                    {#if report.spamassassin}
+                        <div class={report.rspamd ? "col-lg-6 mb-4 mb-lg-0" : "col-12"}>
+                            <SpamAssassinCard spamassassin={report.spamassassin} />
+                        </div>
+                    {/if}
+                    {#if report.rspamd}
+                        <div class={report.spamassassin ? "col-lg-6" : "col-12"}>
+                            <RspamdCard rspamd={report.rspamd} />
+                        </div>
+                    {/if}
                 </div>
             {/if}
 

From a146940a65be5766f85f7c3c93168f4c1502ce96 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 23 Feb 2026 04:25:43 +0700
Subject: [PATCH 09/27] Improve FCrDNS UI: hide non-matching IPs when match
 exists

Closes: https://github.com/happyDomain/happydeliver/issues/4
---
 .../PtrForwardRecordsDisplay.svelte           | 37 +++++++++++++++----
 1 file changed, 29 insertions(+), 8 deletions(-)

diff --git a/web/src/lib/components/PtrForwardRecordsDisplay.svelte b/web/src/lib/components/PtrForwardRecordsDisplay.svelte
index 77ce6c8..8ed723b 100644
--- a/web/src/lib/components/PtrForwardRecordsDisplay.svelte
+++ b/web/src/lib/components/PtrForwardRecordsDisplay.svelte
@@ -21,6 +21,11 @@
     );
 
     const hasForwardRecords = $derived(ptrForwardRecords && ptrForwardRecords.length > 0);
+
+    let showDifferent = $state(false);
+    const differentCount = $derived(
+        ptrForwardRecords ? ptrForwardRecords.filter((ip) => ip !== senderIp).length : 0,
+    );
 </script>
 
 {#if ptrRecords && ptrRecords.length > 0}
@@ -63,15 +68,31 @@
                     <div class="mb-2">
                         <strong>Forward Resolution (A/AAAA):</strong>
                         {#each ptrForwardRecords as ip}
-                            <div class="d-flex gap-2 align-items-center mt-1">
-                                {#if senderIp && ip === senderIp}
-                                    <span class="badge bg-success">Match</span>
-                                {:else}
-                                    <span class="badge bg-warning">Different</span>
-                                {/if}
-                                <code>{ip}</code>
-                            </div>
+                            {#if ip === senderIp || !fcrDnsIsValid || showDifferent}
+                                <div class="d-flex gap-2 align-items-center mt-1">
+                                    {#if senderIp && ip === senderIp}
+                                        <span class="badge bg-success">Match</span>
+                                    {:else}
+                                        <span class="badge bg-secondary">Different</span>
+                                    {/if}
+                                    <code>{ip}</code>
+                                </div>
+                            {/if}
                         {/each}
+                        {#if fcrDnsIsValid && differentCount > 0}
+                            <div class="mt-1">
+                                <button
+                                    class="btn btn-link btn-sm p-0 text-muted"
+                                    onclick={() => (showDifferent = !showDifferent)}
+                                >
+                                    {#if showDifferent}
+                                        Hide other IPs
+                                    {:else}
+                                        Show {differentCount} other IP{differentCount > 1 ? 's' : ''} (not the sender)
+                                    {/if}
+                                </button>
+                            </div>
+                        {/if}
                     </div>
                     {#if fcrDnsIsValid}
                         <div class="alert alert-success mb-0 mt-2">

From b619ebf8c3696c08278e4406ef81882d42159de6 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 11:38:09 +0700
Subject: [PATCH 10/27] Display permerror (SPF test) as error: text-danger

---
 web/src/lib/components/AuthenticationCard.svelte | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/web/src/lib/components/AuthenticationCard.svelte b/web/src/lib/components/AuthenticationCard.svelte
index 097dff1..93531e7 100644
--- a/web/src/lib/components/AuthenticationCard.svelte
+++ b/web/src/lib/components/AuthenticationCard.svelte
@@ -19,6 +19,7 @@
             case "domain_pass":
             case "orgdomain_pass":
                 return "text-success";
+            case "permerror":
             case "error":
             case "fail":
             case "missing":
@@ -51,6 +52,7 @@
             case "neutral":
             case "invalid":
             case "null":
+            case "permerror":
             case "error":
             case "null_smtp":
             case "null_header":

From 7b9c45fb68189e6d1c1986f4c31d084be8dde293 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 11:42:28 +0700
Subject: [PATCH 11/27] summary: color SPF error in red

---
 web/src/lib/components/SummaryCard.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/src/lib/components/SummaryCard.svelte b/web/src/lib/components/SummaryCard.svelte
index dd0637a..fe8af8e 100644
--- a/web/src/lib/components/SummaryCard.svelte
+++ b/web/src/lib/components/SummaryCard.svelte
@@ -113,7 +113,7 @@
             } else if (spfResult === "temperror" || spfResult === "permerror") {
                 segments.push({
                     text: "encountered an error",
-                    highlight: { color: "warning", bold: true },
+                    highlight: { color: "danger", bold: true },
                     link: "#authentication-spf",
                 });
                 segments.push({ text: ", check your SPF record configuration" });

From 9679b381c7a225af2bf8153defcda2ddcf44be71 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 12:04:43 +0700
Subject: [PATCH 12/27] fix: mark Message-ID as invalid when multiple headers
 are present

---
 pkg/analyzer/headers.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/analyzer/headers.go b/pkg/analyzer/headers.go
index b7ff3bb..2a1bae4 100644
--- a/pkg/analyzer/headers.go
+++ b/pkg/analyzer/headers.go
@@ -320,6 +320,10 @@ func (h *HeaderAnalyzer) checkHeader(email *EmailMessage, headerName string, imp
 				valid = false
 				headerIssues = append(headerIssues, "Invalid Message-ID format (should be <id@domain>)")
 			}
+			if len(email.Header["Message-Id"]) > 1 {
+				valid = false
+				headerIssues = append(headerIssues, fmt.Sprintf("Multiple Message-ID headers found (%d); only one is allowed", len(email.Header["Message-Id"])))
+			}
 		case "Date":
 			// Validate date format
 			if _, err := h.parseEmailDate(value); err != nil {

From 4245f93ce4fddffbd151ec1b871ca61a920ecfb1 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 12:14:45 +0700
Subject: [PATCH 13/27] Add MIME-Version recommended header check

Validate MIME-Version header value equals "1.0" and subtract 5 points
from the score if the header is present but invalid. Absence is not
penalized.
---
 pkg/analyzer/headers.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/pkg/analyzer/headers.go b/pkg/analyzer/headers.go
index 2a1bae4..37718bb 100644
--- a/pkg/analyzer/headers.go
+++ b/pkg/analyzer/headers.go
@@ -109,6 +109,13 @@ func (h *HeaderAnalyzer) CalculateHeaderScore(analysis *api.HeaderAnalysis) (int
 		maxGrade -= 1
 	}
 
+	// Check MIME-Version header (-5 points if present but not "1.0")
+	if check, exists := headers["mime-version"]; exists && check.Present {
+		if check.Valid != nil && !*check.Valid {
+			score -= 5
+		}
+	}
+
 	// Check Message-ID format (10 points)
 	if check, exists := headers["message-id"]; exists && check.Present {
 		// If Valid is set and true, award points
@@ -266,6 +273,10 @@ func (h *HeaderAnalyzer) GenerateHeaderAnalysis(email *EmailMessage, authResults
 		headers[strings.ToLower(headerName)] = *check
 	}
 
+	// Check MIME-Version header (recommended but absence is not penalized)
+	mimeVersionCheck := h.checkHeader(email, "MIME-Version", "recommended")
+	headers[strings.ToLower("MIME-Version")] = *mimeVersionCheck
+
 	// Check optional headers
 	optionalHeaders := []string{"List-Unsubscribe", "List-Unsubscribe-Post"}
 	for _, headerName := range optionalHeaders {
@@ -330,6 +341,11 @@ func (h *HeaderAnalyzer) checkHeader(email *EmailMessage, headerName string, imp
 				valid = false
 				headerIssues = append(headerIssues, fmt.Sprintf("Invalid date format: %v", err))
 			}
+		case "MIME-Version":
+			if value != "1.0" {
+				valid = false
+				headerIssues = append(headerIssues, fmt.Sprintf("MIME-Version should be '1.0', got '%s'", value))
+			}
 		case "From", "To", "Cc", "Bcc", "Reply-To", "Sender", "Resent-From", "Resent-To", "Return-Path":
 			// Parse address header using net/mail and get normalized address
 			if normalizedAddr, err := h.validateAddressHeader(value); err != nil {

From f9c5c815d1b95a4e1853a1888fd9714e1b7f0edd Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 12:22:41 +0700
Subject: [PATCH 14/27] spamassassin: disable Validity network rules scoring

---
 docker/spamassassin/local.cf | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/docker/spamassassin/local.cf b/docker/spamassassin/local.cf
index c248ef6..ce9a31c 100644
--- a/docker/spamassassin/local.cf
+++ b/docker/spamassassin/local.cf
@@ -48,3 +48,14 @@ rbl_timeout 5
 # Don't use user-specific rules
 user_scores_dsn_timeout 3
 user_scores_sql_override 0
+
+# Disable Validity network rules
+dns_query_restriction deny sa-trusted.bondedsender.org
+dns_query_restriction deny sa-accredit.habeas.com
+dns_query_restriction deny bl.score.senderscore.com
+score RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0
+score RCVD_IN_VALIDITY_RPBL_BLOCKED 0
+score RCVD_IN_VALIDITY_SAFE_BLOCKED 0
+score RCVD_IN_VALIDITY_CERTIFIED 0
+score RCVD_IN_VALIDITY_RPBL 0
+score RCVD_IN_VALIDITY_SAFE 0
\ No newline at end of file

From 3cc39c9c544a98fc00c677110d76b5c33ee3b0fb Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 14:23:47 +0700
Subject: [PATCH 15/27] rbl: add more RBL providers

Add 8 new RBL providers (SpamRats, PSBL, DroneBL, Mailspike, RBL-DNS
and NSZones).
---
 pkg/analyzer/rbl.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkg/analyzer/rbl.go b/pkg/analyzer/rbl.go
index 5fcb939..923f939 100644
--- a/pkg/analyzer/rbl.go
+++ b/pkg/analyzer/rbl.go
@@ -48,6 +48,14 @@ var DefaultRBLs = []string{
 	"b.barracudacentral.org", // Barracuda
 	"cbl.abuseat.org",        // CBL (Composite Blocking List)
 	"dnsbl-1.uceprotect.net", // UCEPROTECT Level 1
+	"spam.spamrats.com",      // SpamRats SPAM
+	"dyna.spamrats.com",      // SpamRats dynamic IPs
+	"psbl.surriel.com",       // PSBL
+	"dnsbl.dronebl.org",      // DroneBL
+	"bl.mailspike.net",       // Mailspike BL
+	"z.mailspike.net",        // Mailspike Z
+	"bl.rbl-dns.com",         // RBL-DNS
+	"bl.nszones.com",         // NSZones
 }
 
 // NewRBLChecker creates a new RBL checker with configurable timeout and RBL list

From 28424729a5909ba7489d2a4e0a0dd66b6e6407a6 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 14:24:33 +0700
Subject: [PATCH 16/27] rbl: support informational-only RBL entries

Add DefaultInformationalRBLs (UCEPROTECT L2/L3) and track listings
separately via RelevantListedCount so these broader lists are displayed
but excluded from the deliverability score calculation.
---
 pkg/analyzer/rbl.go | 53 ++++++++++++++++++++++++++++++++-------------
 1 file changed, 38 insertions(+), 15 deletions(-)

diff --git a/pkg/analyzer/rbl.go b/pkg/analyzer/rbl.go
index 923f939..ff0e813 100644
--- a/pkg/analyzer/rbl.go
+++ b/pkg/analyzer/rbl.go
@@ -34,10 +34,11 @@ import (
 
 // RBLChecker checks IP addresses against DNS-based blacklists
 type RBLChecker struct {
-	Timeout     time.Duration
-	RBLs        []string
-	CheckAllIPs bool // Check all IPs found in headers, not just the first one
-	resolver    *net.Resolver
+	Timeout          time.Duration
+	RBLs             []string
+	CheckAllIPs      bool // Check all IPs found in headers, not just the first one
+	resolver         *net.Resolver
+	informationalSet map[string]bool
 }
 
 // DefaultRBLs is a list of commonly used RBL providers
@@ -48,6 +49,8 @@ var DefaultRBLs = []string{
 	"b.barracudacentral.org", // Barracuda
 	"cbl.abuseat.org",        // CBL (Composite Blocking List)
 	"dnsbl-1.uceprotect.net", // UCEPROTECT Level 1
+	"dnsbl-2.uceprotect.net", // UCEPROTECT Level 2 (informational)
+	"dnsbl-3.uceprotect.net", // UCEPROTECT Level 3 (informational)
 	"spam.spamrats.com",      // SpamRats SPAM
 	"dyna.spamrats.com",      // SpamRats dynamic IPs
 	"psbl.surriel.com",       // PSBL
@@ -58,6 +61,13 @@ var DefaultRBLs = []string{
 	"bl.nszones.com",         // NSZones
 }
 
+// DefaultInformationalRBLs lists RBLs that are checked but not counted in the score.
+// These are typically broader lists where being listed is less definitive.
+var DefaultInformationalRBLs = []string{
+	"dnsbl-2.uceprotect.net", // UCEPROTECT Level 2: entire netblocks, may cause false positives
+	"dnsbl-3.uceprotect.net", // UCEPROTECT Level 3: entire ASes, too broad for scoring
+}
+
 // NewRBLChecker creates a new RBL checker with configurable timeout and RBL list
 func NewRBLChecker(timeout time.Duration, rbls []string, checkAllIPs bool) *RBLChecker {
 	if timeout == 0 {
@@ -66,21 +76,25 @@ func NewRBLChecker(timeout time.Duration, rbls []string, checkAllIPs bool) *RBLC
 	if len(rbls) == 0 {
 		rbls = DefaultRBLs
 	}
+	informationalSet := make(map[string]bool, len(DefaultInformationalRBLs))
+	for _, rbl := range DefaultInformationalRBLs {
+		informationalSet[rbl] = true
+	}
 	return &RBLChecker{
-		Timeout:     timeout,
-		RBLs:        rbls,
-		CheckAllIPs: checkAllIPs,
-		resolver: &net.Resolver{
-			PreferGo: true,
-		},
+		Timeout:          timeout,
+		RBLs:             rbls,
+		CheckAllIPs:      checkAllIPs,
+		resolver:         &net.Resolver{PreferGo: true},
+		informationalSet: informationalSet,
 	}
 }
 
 // RBLResults represents the results of RBL checks
 type RBLResults struct {
-	Checks      map[string][]api.BlacklistCheck // Map of IP -> list of RBL checks for that IP
-	IPsChecked  []string
-	ListedCount int
+	Checks              map[string][]api.BlacklistCheck // Map of IP -> list of RBL checks for that IP
+	IPsChecked          []string
+	ListedCount         int // Total listings including informational RBLs
+	RelevantListedCount int // Listings on scoring (non-informational) RBLs only
 }
 
 // CheckEmail checks all IPs found in the email headers against RBLs
@@ -104,6 +118,9 @@ func (r *RBLChecker) CheckEmail(email *EmailMessage) *RBLResults {
 			results.Checks[ip] = append(results.Checks[ip], check)
 			if check.Listed {
 				results.ListedCount++
+				if !r.informationalSet[rbl] {
+					results.RelevantListedCount++
+				}
 			}
 		}
 
@@ -276,14 +293,20 @@ func (r *RBLChecker) reverseIP(ipStr string) string {
 	return fmt.Sprintf("%d.%d.%d.%d", ipv4[3], ipv4[2], ipv4[1], ipv4[0])
 }
 
-// CalculateRBLScore calculates the blacklist contribution to deliverability
+// CalculateRBLScore calculates the blacklist contribution to deliverability.
+// Informational RBLs are not counted in the score.
 func (r *RBLChecker) CalculateRBLScore(results *RBLResults) (int, string) {
 	if results == nil || len(results.IPsChecked) == 0 {
 		// No IPs to check, give benefit of doubt
 		return 100, ""
 	}
 
-	percentage := 100 - results.ListedCount*100/len(r.RBLs)
+	scoringRBLCount := len(r.RBLs) - len(r.informationalSet)
+	if scoringRBLCount <= 0 {
+		return 100, "A+"
+	}
+
+	percentage := 100 - results.RelevantListedCount*100/scoringRBLCount
 	return percentage, ScoreToGrade(percentage)
 }
 

From 55e9bcd3d043988cb7edb061f9661e40e4f00f9c Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 16:18:10 +0700
Subject: [PATCH 17/27] refactor: handle DNS whitelists

Introduce a single DNSListChecker struct with flags to avoid code
duplication with already existing RBL checker.
---
 api/openapi.yaml                            |  13 ++
 internal/config/config.go                   |   2 +
 pkg/analyzer/analyzer.go                    |   5 +-
 pkg/analyzer/rbl.go                         | 165 ++++++++++----------
 pkg/analyzer/rbl_test.go                    |  26 +--
 pkg/analyzer/report.go                      |  16 +-
 pkg/analyzer/report_test.go                 |  10 +-
 web/src/lib/components/WhitelistCard.svelte |  62 ++++++++
 web/src/lib/components/index.ts             |   1 +
 web/src/routes/test/[test]/+page.svelte     |  52 ++++--
 10 files changed, 235 insertions(+), 117 deletions(-)
 create mode 100644 web/src/lib/components/WhitelistCard.svelte

diff --git a/api/openapi.yaml b/api/openapi.yaml
index 5c628fd..f724ae6 100644
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@@ -350,6 +350,19 @@ components:
                 listed: false
               - rbl: "bl.spamcop.net"
                 listed: false
+        whitelists:
+          type: object
+          additionalProperties:
+            type: array
+            items:
+              $ref: '#/components/schemas/BlacklistCheck'
+          description: Map of IP addresses to their DNS whitelist check results (informational only)
+          example:
+            "192.0.2.1":
+              - rbl: "list.dnswl.org"
+                listed: false
+              - rbl: "swl.spamhaus.org"
+                listed: false
         content_analysis:
           $ref: '#/components/schemas/ContentAnalysis'
         header_analysis:
diff --git a/internal/config/config.go b/internal/config/config.go
index 4a335c9..468a2aa 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -65,6 +65,7 @@ type AnalysisConfig struct {
 	DNSTimeout   time.Duration
 	HTTPTimeout  time.Duration
 	RBLs         []string
+	DNSWLs       []string
 	CheckAllIPs  bool // Check all IPs found in headers, not just the first one
 }
 
@@ -88,6 +89,7 @@ func DefaultConfig() *Config {
 			DNSTimeout:  5 * time.Second,
 			HTTPTimeout: 10 * time.Second,
 			RBLs:        []string{},
+			DNSWLs:      []string{},
 			CheckAllIPs: false, // By default, only check the first IP
 		},
 	}
diff --git a/pkg/analyzer/analyzer.go b/pkg/analyzer/analyzer.go
index e7ae561..83eafe6 100644
--- a/pkg/analyzer/analyzer.go
+++ b/pkg/analyzer/analyzer.go
@@ -44,6 +44,7 @@ func NewEmailAnalyzer(cfg *config.Config) *EmailAnalyzer {
 		cfg.Analysis.DNSTimeout,
 		cfg.Analysis.HTTPTimeout,
 		cfg.Analysis.RBLs,
+		cfg.Analysis.DNSWLs,
 		cfg.Analysis.CheckAllIPs,
 	)
 
@@ -130,12 +131,12 @@ func (a *APIAdapter) CheckBlacklistIP(ip string) ([]api.BlacklistCheck, int, int
 
 	// Calculate score using the existing function
 	// Create a minimal RBLResults structure for scoring
-	results := &RBLResults{
+	results := &DNSListResults{
 		Checks:      map[string][]api.BlacklistCheck{ip: checks},
 		IPsChecked:  []string{ip},
 		ListedCount: listedCount,
 	}
-	score, grade := a.analyzer.generator.rblChecker.CalculateRBLScore(results)
+	score, grade := a.analyzer.generator.rblChecker.CalculateScore(results)
 
 	return checks, listedCount, score, grade, nil
 }
diff --git a/pkg/analyzer/rbl.go b/pkg/analyzer/rbl.go
index ff0e813..44c6e99 100644
--- a/pkg/analyzer/rbl.go
+++ b/pkg/analyzer/rbl.go
@@ -32,13 +32,15 @@ import (
 	"git.happydns.org/happyDeliver/internal/api"
 )
 
-// RBLChecker checks IP addresses against DNS-based blacklists
-type RBLChecker struct {
+// DNSListChecker checks IP addresses against DNS-based block/allow lists.
+// It handles both RBL (blacklist) and DNSWL (whitelist) semantics via flags.
+type DNSListChecker struct {
 	Timeout          time.Duration
-	RBLs             []string
+	Lists            []string
 	CheckAllIPs      bool // Check all IPs found in headers, not just the first one
+	filterErrorCodes bool // When true (RBL mode), treat 127.255.255.253/254/255 as operational errors
 	resolver         *net.Resolver
-	informationalSet map[string]bool
+	informationalSet map[string]bool // Lists whose hits don't count toward the score
 }
 
 // DefaultRBLs is a list of commonly used RBL providers
@@ -68,10 +70,16 @@ var DefaultInformationalRBLs = []string{
 	"dnsbl-3.uceprotect.net", // UCEPROTECT Level 3: entire ASes, too broad for scoring
 }
 
+// DefaultDNSWLs is a list of commonly used DNSWL providers
+var DefaultDNSWLs = []string{
+	"list.dnswl.org",   // DNSWL.org — the main DNS whitelist
+	"swl.spamhaus.org", // Spamhaus Safe Whitelist
+}
+
 // NewRBLChecker creates a new RBL checker with configurable timeout and RBL list
-func NewRBLChecker(timeout time.Duration, rbls []string, checkAllIPs bool) *RBLChecker {
+func NewRBLChecker(timeout time.Duration, rbls []string, checkAllIPs bool) *DNSListChecker {
 	if timeout == 0 {
-		timeout = 5 * time.Second // Default timeout
+		timeout = 5 * time.Second
 	}
 	if len(rbls) == 0 {
 		rbls = DefaultRBLs
@@ -80,30 +88,48 @@ func NewRBLChecker(timeout time.Duration, rbls []string, checkAllIPs bool) *RBLC
 	for _, rbl := range DefaultInformationalRBLs {
 		informationalSet[rbl] = true
 	}
-	return &RBLChecker{
+	return &DNSListChecker{
 		Timeout:          timeout,
-		RBLs:             rbls,
+		Lists:            rbls,
 		CheckAllIPs:      checkAllIPs,
+		filterErrorCodes: true,
 		resolver:         &net.Resolver{PreferGo: true},
 		informationalSet: informationalSet,
 	}
 }
 
-// RBLResults represents the results of RBL checks
-type RBLResults struct {
-	Checks              map[string][]api.BlacklistCheck // Map of IP -> list of RBL checks for that IP
-	IPsChecked          []string
-	ListedCount         int // Total listings including informational RBLs
-	RelevantListedCount int // Listings on scoring (non-informational) RBLs only
+// NewDNSWLChecker creates a new DNSWL checker with configurable timeout and DNSWL list
+func NewDNSWLChecker(timeout time.Duration, dnswls []string, checkAllIPs bool) *DNSListChecker {
+	if timeout == 0 {
+		timeout = 5 * time.Second
+	}
+	if len(dnswls) == 0 {
+		dnswls = DefaultDNSWLs
+	}
+	return &DNSListChecker{
+		Timeout:          timeout,
+		Lists:            dnswls,
+		CheckAllIPs:      checkAllIPs,
+		filterErrorCodes: false,
+		resolver:         &net.Resolver{PreferGo: true},
+		informationalSet: make(map[string]bool),
+	}
 }
 
-// CheckEmail checks all IPs found in the email headers against RBLs
-func (r *RBLChecker) CheckEmail(email *EmailMessage) *RBLResults {
-	results := &RBLResults{
+// DNSListResults represents the results of DNS list checks
+type DNSListResults struct {
+	Checks              map[string][]api.BlacklistCheck // Map of IP -> list of checks for that IP
+	IPsChecked          []string
+	ListedCount         int // Total listings including informational entries
+	RelevantListedCount int // Listings on scoring (non-informational) lists only
+}
+
+// CheckEmail checks all IPs found in the email headers against the configured lists
+func (r *DNSListChecker) CheckEmail(email *EmailMessage) *DNSListResults {
+	results := &DNSListResults{
 		Checks: make(map[string][]api.BlacklistCheck),
 	}
 
-	// Extract IPs from Received headers
 	ips := r.extractIPs(email)
 	if len(ips) == 0 {
 		return results
@@ -111,20 +137,18 @@ func (r *RBLChecker) CheckEmail(email *EmailMessage) *RBLResults {
 
 	results.IPsChecked = ips
 
-	// Check each IP against all RBLs
 	for _, ip := range ips {
-		for _, rbl := range r.RBLs {
-			check := r.checkIP(ip, rbl)
+		for _, list := range r.Lists {
+			check := r.checkIP(ip, list)
 			results.Checks[ip] = append(results.Checks[ip], check)
 			if check.Listed {
 				results.ListedCount++
-				if !r.informationalSet[rbl] {
+				if !r.informationalSet[list] {
 					results.RelevantListedCount++
 				}
 			}
 		}
 
-		// Only check the first IP unless CheckAllIPs is enabled
 		if !r.CheckAllIPs {
 			break
 		}
@@ -133,9 +157,8 @@ func (r *RBLChecker) CheckEmail(email *EmailMessage) *RBLResults {
 	return results
 }
 
-// CheckIP checks a single IP address against all configured RBLs
-func (r *RBLChecker) CheckIP(ip string) ([]api.BlacklistCheck, int, error) {
-	// Validate that it's a valid IP address
+// CheckIP checks a single IP address against all configured lists
+func (r *DNSListChecker) CheckIP(ip string) ([]api.BlacklistCheck, int, error) {
 	if !r.isPublicIP(ip) {
 		return nil, 0, fmt.Errorf("invalid or non-public IP address: %s", ip)
 	}
@@ -143,9 +166,8 @@ func (r *RBLChecker) CheckIP(ip string) ([]api.BlacklistCheck, int, error) {
 	var checks []api.BlacklistCheck
 	listedCount := 0
 
-	// Check the IP against all RBLs
-	for _, rbl := range r.RBLs {
-		check := r.checkIP(ip, rbl)
+	for _, list := range r.Lists {
+		check := r.checkIP(ip, list)
 		checks = append(checks, check)
 		if check.Listed {
 			listedCount++
@@ -156,27 +178,19 @@ func (r *RBLChecker) CheckIP(ip string) ([]api.BlacklistCheck, int, error) {
 }
 
 // extractIPs extracts IP addresses from Received headers
-func (r *RBLChecker) extractIPs(email *EmailMessage) []string {
+func (r *DNSListChecker) extractIPs(email *EmailMessage) []string {
 	var ips []string
 	seenIPs := make(map[string]bool)
 
-	// Get all Received headers
 	receivedHeaders := email.Header["Received"]
-
-	// Regex patterns for IP addresses
-	// Match IPv4: xxx.xxx.xxx.xxx
 	ipv4Pattern := regexp.MustCompile(`\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b`)
 
-	// Look for IPs in Received headers
 	for _, received := range receivedHeaders {
-		// Find all IPv4 addresses
 		matches := ipv4Pattern.FindAllString(received, -1)
 		for _, match := range matches {
-			// Skip private/reserved IPs
 			if !r.isPublicIP(match) {
 				continue
 			}
-			// Avoid duplicates
 			if !seenIPs[match] {
 				ips = append(ips, match)
 				seenIPs[match] = true
@@ -184,13 +198,10 @@ func (r *RBLChecker) extractIPs(email *EmailMessage) []string {
 		}
 	}
 
-	// If no IPs found in Received headers, try X-Originating-IP
 	if len(ips) == 0 {
 		originatingIP := email.Header.Get("X-Originating-IP")
 		if originatingIP != "" {
-			// Extract IP from formats like "[192.0.2.1]" or "192.0.2.1"
 			cleanIP := strings.TrimSuffix(strings.TrimPrefix(originatingIP, "["), "]")
-			// Remove any whitespace
 			cleanIP = strings.TrimSpace(cleanIP)
 			matches := ipv4Pattern.FindString(cleanIP)
 			if matches != "" && r.isPublicIP(matches) {
@@ -203,19 +214,16 @@ func (r *RBLChecker) extractIPs(email *EmailMessage) []string {
 }
 
 // isPublicIP checks if an IP address is public (not private, loopback, or reserved)
-func (r *RBLChecker) isPublicIP(ipStr string) bool {
+func (r *DNSListChecker) isPublicIP(ipStr string) bool {
 	ip := net.ParseIP(ipStr)
 	if ip == nil {
 		return false
 	}
 
-	// Check if it's a private network
 	if ip.IsPrivate() || ip.IsLoopback() || ip.IsLinkLocalUnicast() || ip.IsLinkLocalMulticast() {
 		return false
 	}
 
-	// Additional checks for reserved ranges
-	// 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2), 203.0.113.0/24 (TEST-NET-3)
 	if ip.IsUnspecified() {
 		return false
 	}
@@ -223,51 +231,43 @@ func (r *RBLChecker) isPublicIP(ipStr string) bool {
 	return true
 }
 
-// checkIP checks a single IP against a single RBL
-func (r *RBLChecker) checkIP(ip, rbl string) api.BlacklistCheck {
+// checkIP checks a single IP against a single DNS list
+func (r *DNSListChecker) checkIP(ip, list string) api.BlacklistCheck {
 	check := api.BlacklistCheck{
-		Rbl: rbl,
+		Rbl: list,
 	}
 
-	// Reverse the IP for DNSBL query
 	reversedIP := r.reverseIP(ip)
 	if reversedIP == "" {
 		check.Error = api.PtrTo("Failed to reverse IP address")
 		return check
 	}
 
-	// Construct DNSBL query: reversed-ip.rbl-domain
-	query := fmt.Sprintf("%s.%s", reversedIP, rbl)
+	query := fmt.Sprintf("%s.%s", reversedIP, list)
 
-	// Perform DNS lookup with timeout
 	ctx, cancel := context.WithTimeout(context.Background(), r.Timeout)
 	defer cancel()
 
 	addrs, err := r.resolver.LookupHost(ctx, query)
 	if err != nil {
-		// Most likely not listed (NXDOMAIN)
 		if dnsErr, ok := err.(*net.DNSError); ok {
 			if dnsErr.IsNotFound {
 				check.Listed = false
 				return check
 			}
 		}
-		// Other DNS errors
 		check.Error = api.PtrTo(fmt.Sprintf("DNS lookup failed: %v", err))
 		return check
 	}
 
-	// If we got a response, check the return code
 	if len(addrs) > 0 {
-		check.Response = api.PtrTo(addrs[0]) // Return code (e.g., 127.0.0.2)
+		check.Response = api.PtrTo(addrs[0])
 
-		// Check for RBL error codes: 127.255.255.253, 127.255.255.254, 127.255.255.255
-		// These indicate RBL operational issues, not actual listings
-		if addrs[0] == "127.255.255.253" || addrs[0] == "127.255.255.254" || addrs[0] == "127.255.255.255" {
+		// In RBL mode, 127.255.255.253/254/255 indicate operational errors, not real listings.
+		if r.filterErrorCodes && (addrs[0] == "127.255.255.253" || addrs[0] == "127.255.255.254" || addrs[0] == "127.255.255.255") {
 			check.Listed = false
-			check.Error = api.PtrTo(fmt.Sprintf("RBL %s returned error code %s (RBL operational issue)", rbl, addrs[0]))
+			check.Error = api.PtrTo(fmt.Sprintf("RBL %s returned error code %s (RBL operational issue)", list, addrs[0]))
 		} else {
-			// Normal listing response
 			check.Listed = true
 		}
 	}
@@ -275,50 +275,47 @@ func (r *RBLChecker) checkIP(ip, rbl string) api.BlacklistCheck {
 	return check
 }
 
-// reverseIP reverses an IPv4 address for DNSBL queries
+// reverseIP reverses an IPv4 address for DNSBL/DNSWL queries
 // Example: 192.0.2.1 -> 1.2.0.192
-func (r *RBLChecker) reverseIP(ipStr string) string {
+func (r *DNSListChecker) reverseIP(ipStr string) string {
 	ip := net.ParseIP(ipStr)
 	if ip == nil {
 		return ""
 	}
 
-	// Convert to IPv4
 	ipv4 := ip.To4()
 	if ipv4 == nil {
 		return "" // IPv6 not supported yet
 	}
 
-	// Reverse the octets
 	return fmt.Sprintf("%d.%d.%d.%d", ipv4[3], ipv4[2], ipv4[1], ipv4[0])
 }
 
-// CalculateRBLScore calculates the blacklist contribution to deliverability.
-// Informational RBLs are not counted in the score.
-func (r *RBLChecker) CalculateRBLScore(results *RBLResults) (int, string) {
+// CalculateScore calculates the list contribution to deliverability.
+// Informational lists are not counted in the score.
+func (r *DNSListChecker) CalculateScore(results *DNSListResults) (int, string) {
 	if results == nil || len(results.IPsChecked) == 0 {
-		// No IPs to check, give benefit of doubt
 		return 100, ""
 	}
 
-	scoringRBLCount := len(r.RBLs) - len(r.informationalSet)
-	if scoringRBLCount <= 0 {
+	scoringListCount := len(r.Lists) - len(r.informationalSet)
+	if scoringListCount <= 0 {
 		return 100, "A+"
 	}
 
-	percentage := 100 - results.RelevantListedCount*100/scoringRBLCount
+	percentage := 100 - results.RelevantListedCount*100/scoringListCount
 	return percentage, ScoreToGrade(percentage)
 }
 
-// GetUniqueListedIPs returns a list of unique IPs that are listed on at least one RBL
-func (r *RBLChecker) GetUniqueListedIPs(results *RBLResults) []string {
+// GetUniqueListedIPs returns a list of unique IPs that are listed on at least one entry
+func (r *DNSListChecker) GetUniqueListedIPs(results *DNSListResults) []string {
 	var listedIPs []string
 
-	for ip, rblChecks := range results.Checks {
-		for _, check := range rblChecks {
+	for ip, checks := range results.Checks {
+		for _, check := range checks {
 			if check.Listed {
 				listedIPs = append(listedIPs, ip)
-				break // Only add the IP once
+				break
 			}
 		}
 	}
@@ -326,17 +323,17 @@ func (r *RBLChecker) GetUniqueListedIPs(results *RBLResults) []string {
 	return listedIPs
 }
 
-// GetRBLsForIP returns all RBLs that list a specific IP
-func (r *RBLChecker) GetRBLsForIP(results *RBLResults, ip string) []string {
-	var rbls []string
+// GetListsForIP returns all lists that match a specific IP
+func (r *DNSListChecker) GetListsForIP(results *DNSListResults, ip string) []string {
+	var lists []string
 
-	if rblChecks, exists := results.Checks[ip]; exists {
-		for _, check := range rblChecks {
+	if checks, exists := results.Checks[ip]; exists {
+		for _, check := range checks {
 			if check.Listed {
-				rbls = append(rbls, check.Rbl)
+				lists = append(lists, check.Rbl)
 			}
 		}
 	}
 
-	return rbls
+	return lists
 }
diff --git a/pkg/analyzer/rbl_test.go b/pkg/analyzer/rbl_test.go
index a1de270..1dd1262 100644
--- a/pkg/analyzer/rbl_test.go
+++ b/pkg/analyzer/rbl_test.go
@@ -59,8 +59,8 @@ func TestNewRBLChecker(t *testing.T) {
 			if checker.Timeout != tt.expectedTimeout {
 				t.Errorf("Timeout = %v, want %v", checker.Timeout, tt.expectedTimeout)
 			}
-			if len(checker.RBLs) != tt.expectedRBLs {
-				t.Errorf("RBLs count = %d, want %d", len(checker.RBLs), tt.expectedRBLs)
+			if len(checker.Lists) != tt.expectedRBLs {
+				t.Errorf("RBLs count = %d, want %d", len(checker.Lists), tt.expectedRBLs)
 			}
 			if checker.resolver == nil {
 				t.Error("Resolver should not be nil")
@@ -265,7 +265,7 @@ func TestExtractIPs(t *testing.T) {
 func TestGetBlacklistScore(t *testing.T) {
 	tests := []struct {
 		name          string
-		results       *RBLResults
+		results       *DNSListResults
 		expectedScore int
 	}{
 		{
@@ -275,14 +275,14 @@ func TestGetBlacklistScore(t *testing.T) {
 		},
 		{
 			name: "No IPs checked",
-			results: &RBLResults{
+			results: &DNSListResults{
 				IPsChecked: []string{},
 			},
 			expectedScore: 100,
 		},
 		{
 			name: "Not listed on any RBL",
-			results: &RBLResults{
+			results: &DNSListResults{
 				IPsChecked:  []string{"198.51.100.1"},
 				ListedCount: 0,
 			},
@@ -290,7 +290,7 @@ func TestGetBlacklistScore(t *testing.T) {
 		},
 		{
 			name: "Listed on 1 RBL",
-			results: &RBLResults{
+			results: &DNSListResults{
 				IPsChecked:  []string{"198.51.100.1"},
 				ListedCount: 1,
 			},
@@ -298,7 +298,7 @@ func TestGetBlacklistScore(t *testing.T) {
 		},
 		{
 			name: "Listed on 2 RBLs",
-			results: &RBLResults{
+			results: &DNSListResults{
 				IPsChecked:  []string{"198.51.100.1"},
 				ListedCount: 2,
 			},
@@ -306,7 +306,7 @@ func TestGetBlacklistScore(t *testing.T) {
 		},
 		{
 			name: "Listed on 3 RBLs",
-			results: &RBLResults{
+			results: &DNSListResults{
 				IPsChecked:  []string{"198.51.100.1"},
 				ListedCount: 3,
 			},
@@ -314,7 +314,7 @@ func TestGetBlacklistScore(t *testing.T) {
 		},
 		{
 			name: "Listed on 4+ RBLs",
-			results: &RBLResults{
+			results: &DNSListResults{
 				IPsChecked:  []string{"198.51.100.1"},
 				ListedCount: 4,
 			},
@@ -326,7 +326,7 @@ func TestGetBlacklistScore(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			score, _ := checker.CalculateRBLScore(tt.results)
+			score, _ := checker.CalculateScore(tt.results)
 			if score != tt.expectedScore {
 				t.Errorf("GetBlacklistScore() = %v, want %v", score, tt.expectedScore)
 			}
@@ -335,7 +335,7 @@ func TestGetBlacklistScore(t *testing.T) {
 }
 
 func TestGetUniqueListedIPs(t *testing.T) {
-	results := &RBLResults{
+	results := &DNSListResults{
 		Checks: map[string][]api.BlacklistCheck{
 			"198.51.100.1": {
 				{Rbl: "zen.spamhaus.org", Listed: true},
@@ -363,7 +363,7 @@ func TestGetUniqueListedIPs(t *testing.T) {
 }
 
 func TestGetRBLsForIP(t *testing.T) {
-	results := &RBLResults{
+	results := &DNSListResults{
 		Checks: map[string][]api.BlacklistCheck{
 			"198.51.100.1": {
 				{Rbl: "zen.spamhaus.org", Listed: true},
@@ -402,7 +402,7 @@ func TestGetRBLsForIP(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			rbls := checker.GetRBLsForIP(results, tt.ip)
+			rbls := checker.GetListsForIP(results, tt.ip)
 
 			if len(rbls) != len(tt.expectedRBLs) {
 				t.Errorf("Got %d RBLs, want %d", len(rbls), len(tt.expectedRBLs))
diff --git a/pkg/analyzer/report.go b/pkg/analyzer/report.go
index dc420fb..bd12960 100644
--- a/pkg/analyzer/report.go
+++ b/pkg/analyzer/report.go
@@ -35,7 +35,8 @@ type ReportGenerator struct {
 	spamAnalyzer    *SpamAssassinAnalyzer
 	rspamdAnalyzer  *RspamdAnalyzer
 	dnsAnalyzer     *DNSAnalyzer
-	rblChecker      *RBLChecker
+	rblChecker      *DNSListChecker
+	dnswlChecker    *DNSListChecker
 	contentAnalyzer *ContentAnalyzer
 	headerAnalyzer  *HeaderAnalyzer
 }
@@ -45,6 +46,7 @@ func NewReportGenerator(
 	dnsTimeout time.Duration,
 	httpTimeout time.Duration,
 	rbls []string,
+	dnswls []string,
 	checkAllIPs bool,
 ) *ReportGenerator {
 	return &ReportGenerator{
@@ -53,6 +55,7 @@ func NewReportGenerator(
 		rspamdAnalyzer:  NewRspamdAnalyzer(),
 		dnsAnalyzer:     NewDNSAnalyzer(dnsTimeout),
 		rblChecker:      NewRBLChecker(dnsTimeout, rbls, checkAllIPs),
+		dnswlChecker:    NewDNSWLChecker(dnsTimeout, dnswls, checkAllIPs),
 		contentAnalyzer: NewContentAnalyzer(httpTimeout),
 		headerAnalyzer:  NewHeaderAnalyzer(),
 	}
@@ -65,7 +68,8 @@ type AnalysisResults struct {
 	Content        *ContentResults
 	DNS            *api.DNSResults
 	Headers        *api.HeaderAnalysis
-	RBL            *RBLResults
+	RBL            *DNSListResults
+	DNSWL          *DNSListResults
 	SpamAssassin   *api.SpamAssassinResult
 	Rspamd         *api.RspamdResult
 }
@@ -81,6 +85,7 @@ func (r *ReportGenerator) AnalyzeEmail(email *EmailMessage) *AnalysisResults {
 	results.Headers = r.headerAnalyzer.GenerateHeaderAnalysis(email, results.Authentication)
 	results.DNS = r.dnsAnalyzer.AnalyzeDNS(email, results.Authentication, results.Headers)
 	results.RBL = r.rblChecker.CheckEmail(email)
+	results.DNSWL = r.dnswlChecker.CheckEmail(email)
 	results.SpamAssassin = r.spamAnalyzer.AnalyzeSpamAssassin(email)
 	results.Rspamd = r.rspamdAnalyzer.AnalyzeRspamd(email)
 	results.Content = r.contentAnalyzer.AnalyzeContent(email)
@@ -135,7 +140,7 @@ func (r *ReportGenerator) GenerateReport(testID uuid.UUID, results *AnalysisResu
 	blacklistScore := 0
 	var blacklistGrade string
 	if results.RBL != nil {
-		blacklistScore, blacklistGrade = r.rblChecker.CalculateRBLScore(results.RBL)
+		blacklistScore, blacklistGrade = r.rblChecker.CalculateScore(results.RBL)
 	}
 
 	saScore, saGrade := r.spamAnalyzer.CalculateSpamAssassinScore(results.SpamAssassin)
@@ -197,6 +202,11 @@ func (r *ReportGenerator) GenerateReport(testID uuid.UUID, results *AnalysisResu
 		report.Blacklists = &results.RBL.Checks
 	}
 
+	// Add whitelist checks as a map of IP -> array of BlacklistCheck (informational only)
+	if results.DNSWL != nil && len(results.DNSWL.Checks) > 0 {
+		report.Whitelists = &results.DNSWL.Checks
+	}
+
 	// Add SpamAssassin result with individual deliverability score
 	if results.SpamAssassin != nil {
 		saGradeTyped := api.SpamAssassinResultDeliverabilityGrade(saGrade)
diff --git a/pkg/analyzer/report_test.go b/pkg/analyzer/report_test.go
index 5a325b1..82e923e 100644
--- a/pkg/analyzer/report_test.go
+++ b/pkg/analyzer/report_test.go
@@ -32,7 +32,7 @@ import (
 )
 
 func TestNewReportGenerator(t *testing.T) {
-	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, false)
+	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	if gen == nil {
 		t.Fatal("Expected report generator, got nil")
 	}
@@ -55,7 +55,7 @@ func TestNewReportGenerator(t *testing.T) {
 }
 
 func TestAnalyzeEmail(t *testing.T) {
-	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, false)
+	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 
 	email := createTestEmail()
 
@@ -75,7 +75,7 @@ func TestAnalyzeEmail(t *testing.T) {
 }
 
 func TestGenerateReport(t *testing.T) {
-	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, false)
+	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	testID := uuid.New()
 
 	email := createTestEmail()
@@ -130,7 +130,7 @@ func TestGenerateReport(t *testing.T) {
 }
 
 func TestGenerateReportWithSpamAssassin(t *testing.T) {
-	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, false)
+	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	testID := uuid.New()
 
 	email := createTestEmailWithSpamAssassin()
@@ -150,7 +150,7 @@ func TestGenerateReportWithSpamAssassin(t *testing.T) {
 }
 
 func TestGenerateRawEmail(t *testing.T) {
-	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, false)
+	gen := NewReportGenerator(10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 
 	tests := []struct {
 		name     string
diff --git a/web/src/lib/components/WhitelistCard.svelte b/web/src/lib/components/WhitelistCard.svelte
new file mode 100644
index 0000000..ee0b0e2
--- /dev/null
+++ b/web/src/lib/components/WhitelistCard.svelte
@@ -0,0 +1,62 @@
+<script lang="ts">
+    import type { BlacklistCheck } from "$lib/api/types.gen";
+    import { theme } from "$lib/stores/theme";
+
+    interface Props {
+        whitelists: Record<string, BlacklistCheck[]>;
+    }
+
+    let { whitelists }: Props = $props();
+</script>
+
+<div class="card shadow-sm" id="dnswl-details">
+    <div class="card-header" class:bg-white={$theme === "light"} class:bg-dark={$theme !== "light"}>
+        <h4 class="mb-0 d-flex justify-content-between align-items-center">
+            <span>
+                <i class="bi bi-shield-check me-2"></i>
+                Whitelist Checks
+            </span>
+            <span class="badge bg-info text-white">Informational</span>
+        </h4>
+    </div>
+    <div class="card-body">
+        <p class="text-muted small mb-3">
+            DNS whitelists identify trusted senders. Being listed here is a positive signal, but has
+            no impact on the overall score.
+        </p>
+
+        <div class="row row-cols-1 row-cols-lg-2">
+            {#each Object.entries(whitelists) as [ip, checks]}
+                <div class="col mb-3">
+                    <h5 class="text-muted">
+                        <i class="bi bi-hdd-network me-1"></i>
+                        {ip}
+                    </h5>
+                    <table class="table table-sm table-striped table-hover mb-0">
+                        <tbody>
+                            {#each checks as check}
+                                <tr>
+                                    <td title={check.response || "-"}>
+                                        <span
+                                            class="badge"
+                                            class:bg-success={check.listed}
+                                            class:bg-dark={check.error}
+                                            class:bg-secondary={!check.listed && !check.error}
+                                        >
+                                            {check.error
+                                                ? "Error"
+                                                : check.listed
+                                                  ? "Listed"
+                                                  : "Not listed"}
+                                        </span>
+                                    </td>
+                                    <td><code>{check.rbl}</code></td>
+                                </tr>
+                            {/each}
+                        </tbody>
+                    </table>
+                </div>
+            {/each}
+        </div>
+    </div>
+</div>
diff --git a/web/src/lib/components/index.ts b/web/src/lib/components/index.ts
index d577399..8ed409c 100644
--- a/web/src/lib/components/index.ts
+++ b/web/src/lib/components/index.ts
@@ -24,3 +24,4 @@ export { default as SpamAssassinCard } from "./SpamAssassinCard.svelte";
 export { default as SpfRecordsDisplay } from "./SpfRecordsDisplay.svelte";
 export { default as SummaryCard } from "./SummaryCard.svelte";
 export { default as TinySurvey } from "./TinySurvey.svelte";
+export { default as WhitelistCard } from "./WhitelistCard.svelte";
diff --git a/web/src/routes/test/[test]/+page.svelte b/web/src/routes/test/[test]/+page.svelte
index c5add96..0c8ea9d 100644
--- a/web/src/routes/test/[test]/+page.svelte
+++ b/web/src/routes/test/[test]/+page.svelte
@@ -3,7 +3,7 @@
     import { onDestroy } from "svelte";
 
     import { getReport, getTest, reanalyzeReport } from "$lib/api";
-    import type { Report, Test } from "$lib/api/types.gen";
+    import type { BlacklistCheck, Report, Test } from "$lib/api/types.gen";
     import {
         AuthenticationCard,
         BlacklistCard,
@@ -17,8 +17,11 @@
         SpamAssassinCard,
         SummaryCard,
         TinySurvey,
+        WhitelistCard,
     } from "$lib/components";
 
+    type BlacklistRecords = Record<string, BlacklistCheck[]>;
+
     let testId = $derived(page.params.test);
     let test = $state<Test | null>(null);
     let report = $state<Report | null>(null);
@@ -321,17 +324,46 @@
             {/if}
 
             <!-- Blacklist Checks -->
-            {#if report.blacklists && Object.keys(report.blacklists).length > 0}
-                <div class="row mb-4" id="blacklist">
-                    <div class="col-12">
-                        <BlacklistCard
-                            blacklists={report.blacklists}
-                            blacklistGrade={report.summary?.blacklist_grade}
-                            blacklistScore={report.summary?.blacklist_score}
-                            receivedChain={report.header_analysis?.received_chain}
-                        />
+            {#snippet blacklistChecks(blacklists: BlacklistRecords, report: Report)}
+                <BlacklistCard
+                    {blacklists}
+                    blacklistGrade={report.summary?.blacklist_grade}
+                    blacklistScore={report.summary?.blacklist_score}
+                    receivedChain={report.header_analysis?.received_chain}
+                />
+            {/snippet}
+
+            <!-- Whitelist Checks -->
+            {#snippet whitelistChecks(whitelists: BlacklistRecords)}
+                <WhitelistCard {whitelists} />
+            {/snippet}
+
+            <!-- Blacklist & Whitelist Checks -->
+            {#if report.blacklists && report.whitelists && Object.keys(report.blacklists).length == 1 && Object.keys(report.whitelists).length == 1}
+                <div class="row mb-4">
+                    <div class="col-6" id="blacklist">
+                        {@render blacklistChecks(report.blacklists, report)}
+                    </div>
+                    <div class="col-6" id="whitelist">
+                        {@render whitelistChecks(report.whitelists)}
                     </div>
                 </div>
+            {:else}
+                {#if report.blacklists && Object.keys(report.blacklists).length > 0}
+                    <div class="row mb-4" id="blacklist">
+                        <div class="col-12">
+                            {@render blacklistChecks(report.blacklists, report)}
+                        </div>
+                    </div>
+                {/if}
+
+                {#if report.whitelists && Object.keys(report.whitelists).length > 0}
+                    <div class="row mb-4" id="whitelist">
+                        <div class="col-12">
+                            {@render whitelistChecks(report.whitelists)}
+                        </div>
+                    </div>
+                {/if}
             {/if}
 
             <!-- Header Analysis -->

From 2a2bfe46a858b7cc2030f97e166337867a86732b Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 7 Mar 2026 16:26:40 +0700
Subject: [PATCH 18/27] fix: various small fixes and improvements

- Add 'skipped' to authentication result enum in OpenAPI spec
- Fix optional chaining on bimiResult.details check
- Add rbls field to AppConfig interface
- Restrict theme storage to valid 'light'/'dark' values only
- Fix null coalescing for blacklist result data
- Fix survey source to use domain instead of ip
---
 api/openapi.yaml                            | 2 +-
 web/src/lib/components/SummaryCard.svelte   | 2 +-
 web/src/lib/stores/config.ts                | 1 +
 web/src/lib/stores/theme.ts                 | 2 +-
 web/src/routes/blacklist/[ip]/+page.svelte  | 2 +-
 web/src/routes/domain/[domain]/+page.svelte | 2 +-
 6 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/api/openapi.yaml b/api/openapi.yaml
index f724ae6..c0c3c70 100644
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@@ -789,7 +789,7 @@ components:
       properties:
         result:
           type: string
-          enum: [pass, fail, invalid, missing, none, neutral, softfail, temperror, permerror, declined, domain_pass, orgdomain_pass]
+          enum: [pass, fail, invalid, missing, none, neutral, softfail, temperror, permerror, declined, domain_pass, orgdomain_pass, skipped]
           description: Authentication result
           example: "pass"
         domain:
diff --git a/web/src/lib/components/SummaryCard.svelte b/web/src/lib/components/SummaryCard.svelte
index fe8af8e..5d93513 100644
--- a/web/src/lib/components/SummaryCard.svelte
+++ b/web/src/lib/components/SummaryCard.svelte
@@ -331,7 +331,7 @@
                     highlight: { color: "good", bold: true },
                     link: "#dns-bimi",
                 });
-                if (bimiResult.details && bimiResult.details.indexOf("declined") == 0) {
+                if (bimiResult?.details && bimiResult.details.indexOf("declined") == 0) {
                     segments.push({ text: " declined to participate" });
                 } else if (bimiResult?.result === "fail") {
                     segments.push({ text: " but " });
diff --git a/web/src/lib/stores/config.ts b/web/src/lib/stores/config.ts
index 87662ba..c393dd2 100644
--- a/web/src/lib/stores/config.ts
+++ b/web/src/lib/stores/config.ts
@@ -25,6 +25,7 @@ interface AppConfig {
     report_retention?: number;
     survey_url?: string;
     custom_logo_url?: string;
+    rbls?: string[];
 }
 
 const defaultConfig: AppConfig = {
diff --git a/web/src/lib/stores/theme.ts b/web/src/lib/stores/theme.ts
index 362202b..ea24293 100644
--- a/web/src/lib/stores/theme.ts
+++ b/web/src/lib/stores/theme.ts
@@ -26,7 +26,7 @@ const getInitialTheme = () => {
     if (!browser) return "light";
 
     const stored = localStorage.getItem("theme");
-    if (stored) return stored;
+    if (stored === "light" || stored === "dark") return stored;
 
     return window.matchMedia("(prefers-color-scheme: dark)").matches ? "dark" : "light";
 };
diff --git a/web/src/routes/blacklist/[ip]/+page.svelte b/web/src/routes/blacklist/[ip]/+page.svelte
index 180bfde..0cddb22 100644
--- a/web/src/routes/blacklist/[ip]/+page.svelte
+++ b/web/src/routes/blacklist/[ip]/+page.svelte
@@ -28,7 +28,7 @@
             });
 
             if (response.response.ok) {
-                result = response.data;
+                result = response.data ?? null;
             } else if (response.error) {
                 error = response.error.message || "Failed to check IP address";
             }
diff --git a/web/src/routes/domain/[domain]/+page.svelte b/web/src/routes/domain/[domain]/+page.svelte
index e191192..d866e21 100644
--- a/web/src/routes/domain/[domain]/+page.svelte
+++ b/web/src/routes/domain/[domain]/+page.svelte
@@ -130,7 +130,7 @@
                             <div class="d-flex justify-content-end me-lg-5 mt-3">
                                 <TinySurvey
                                     class="bg-primary-subtle rounded-4 p-3 text-center"
-                                    source={"rbl-" + result.ip}
+                                    source={"domain-" + result.domain}
                                 />
                             </div>
                         </div>

From da93d6d706dedc3de744081172de9c0803276521 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 12:47:24 +0700
Subject: [PATCH 19/27] Add rspamd tests

---
 pkg/analyzer/rspamd_test.go | 394 ++++++++++++++++++++++++++++++++++++
 1 file changed, 394 insertions(+)
 create mode 100644 pkg/analyzer/rspamd_test.go

diff --git a/pkg/analyzer/rspamd_test.go b/pkg/analyzer/rspamd_test.go
new file mode 100644
index 0000000..180bafd
--- /dev/null
+++ b/pkg/analyzer/rspamd_test.go
@@ -0,0 +1,394 @@
+// This file is part of the happyDeliver (R) project.
+// Copyright (c) 2026 happyDomain
+// Authors: Pierre-Olivier Mercier, et al.
+//
+// This program is offered under a commercial and under the AGPL license.
+// For commercial licensing, contact us at <contact@happydomain.org>.
+//
+// For AGPL licensing:
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package analyzer
+
+import (
+	"bytes"
+	"net/mail"
+	"testing"
+
+	"git.happydns.org/happyDeliver/internal/api"
+)
+
+func TestAnalyzeRspamdNoHeaders(t *testing.T) {
+	analyzer := NewRspamdAnalyzer()
+	email := &EmailMessage{Header: make(mail.Header)}
+
+	result := analyzer.AnalyzeRspamd(email)
+
+	if result != nil {
+		t.Errorf("Expected nil for email without rspamd headers, got %+v", result)
+	}
+}
+
+func TestParseSpamdResult(t *testing.T) {
+	tests := []struct {
+		name               string
+		header             string
+		expectedScore      float32
+		expectedThreshold  float32
+		expectedIsSpam     bool
+		expectedSymbols    map[string]float32
+		expectedSymParams  map[string]string
+	}{
+		{
+			name:              "Clean email negative score",
+			header:            "default: False [-3.91 / 15.00];\n\tDATE_IN_PAST(0.10); ALL_TRUSTED(-1.00)[trusted]",
+			expectedScore:     -3.91,
+			expectedThreshold: 15.00,
+			expectedIsSpam:    false,
+			expectedSymbols: map[string]float32{
+				"DATE_IN_PAST": 0.10,
+				"ALL_TRUSTED":  -1.00,
+			},
+			expectedSymParams: map[string]string{
+				"ALL_TRUSTED": "trusted",
+			},
+		},
+		{
+			name:              "Spam email True flag",
+			header:            "default: True [16.50 / 15.00];\n\tBAYES_99(5.00)[1.00]; SPOOFED_SENDER(3.50)",
+			expectedScore:     16.50,
+			expectedThreshold: 15.00,
+			expectedIsSpam:    true,
+			expectedSymbols: map[string]float32{
+				"BAYES_99":        5.00,
+				"SPOOFED_SENDER":  3.50,
+			},
+			expectedSymParams: map[string]string{
+				"BAYES_99": "1.00",
+			},
+		},
+		{
+			name:              "Zero threshold uses default",
+			header:            "default: False [1.00 / 0.00]",
+			expectedScore:     1.00,
+			expectedThreshold: rspamdDefaultAddHeaderThreshold,
+			expectedIsSpam:    false,
+			expectedSymbols:   map[string]float32{},
+		},
+		{
+			name:              "Symbol without params",
+			header:            "default: False [2.00 / 15.00];\n\tMISSING_DATE(1.00)",
+			expectedScore:     2.00,
+			expectedThreshold: 15.00,
+			expectedIsSpam:    false,
+			expectedSymbols: map[string]float32{
+				"MISSING_DATE": 1.00,
+			},
+		},
+		{
+			name:              "Case-insensitive true flag",
+			header:            "default: true [8.00 / 6.00]",
+			expectedScore:     8.00,
+			expectedThreshold: 6.00,
+			expectedIsSpam:    true,
+			expectedSymbols:   map[string]float32{},
+		},
+	}
+
+	analyzer := NewRspamdAnalyzer()
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := &api.RspamdResult{
+				Symbols: make(map[string]api.RspamdSymbol),
+			}
+			analyzer.parseSpamdResult(tt.header, result)
+
+			if result.Score != tt.expectedScore {
+				t.Errorf("Score = %v, want %v", result.Score, tt.expectedScore)
+			}
+			if result.Threshold != tt.expectedThreshold {
+				t.Errorf("Threshold = %v, want %v", result.Threshold, tt.expectedThreshold)
+			}
+			if result.IsSpam != tt.expectedIsSpam {
+				t.Errorf("IsSpam = %v, want %v", result.IsSpam, tt.expectedIsSpam)
+			}
+			for symName, expectedScore := range tt.expectedSymbols {
+				sym, ok := result.Symbols[symName]
+				if !ok {
+					t.Errorf("Symbol %s not found", symName)
+					continue
+				}
+				if sym.Score != expectedScore {
+					t.Errorf("Symbol %s score = %v, want %v", symName, sym.Score, expectedScore)
+				}
+			}
+			for symName, expectedParam := range tt.expectedSymParams {
+				sym, ok := result.Symbols[symName]
+				if !ok {
+					t.Errorf("Symbol %s not found for params check", symName)
+					continue
+				}
+				if sym.Params == nil {
+					t.Errorf("Symbol %s params = nil, want %q", symName, expectedParam)
+				} else if *sym.Params != expectedParam {
+					t.Errorf("Symbol %s params = %q, want %q", symName, *sym.Params, expectedParam)
+				}
+			}
+		})
+	}
+}
+
+func TestAnalyzeRspamd(t *testing.T) {
+	tests := []struct {
+		name              string
+		headers           map[string]string
+		expectedScore     float32
+		expectedThreshold float32
+		expectedIsSpam    bool
+		expectedServer    *string
+		expectedSymCount  int
+	}{
+		{
+			name: "Full headers clean email",
+			headers: map[string]string{
+				"X-Spamd-Result": "default: False [-3.91 / 15.00];\n\tALL_TRUSTED(-1.00)[local]",
+				"X-Rspamd-Score": "-3.91",
+				"X-Rspamd-Server": "mail.example.com",
+			},
+			expectedScore:     -3.91,
+			expectedThreshold: 15.00,
+			expectedIsSpam:    false,
+			expectedServer:    func() *string { s := "mail.example.com"; return &s }(),
+			expectedSymCount:  1,
+		},
+		{
+			name: "X-Rspamd-Score overrides spamd result score",
+			headers: map[string]string{
+				"X-Spamd-Result": "default: False [2.00 / 15.00]",
+				"X-Rspamd-Score": "3.50",
+			},
+			expectedScore:     3.50,
+			expectedThreshold: 15.00,
+			expectedIsSpam:    false,
+		},
+		{
+			name: "Spam email above threshold",
+			headers: map[string]string{
+				"X-Spamd-Result": "default: True [16.00 / 15.00];\n\tBAYES_99(5.00)",
+				"X-Rspamd-Score": "16.00",
+			},
+			expectedScore:     16.00,
+			expectedThreshold: 15.00,
+			expectedIsSpam:    true,
+			expectedSymCount:  1,
+		},
+		{
+			name: "No X-Spamd-Result, only X-Rspamd-Score below default threshold",
+			headers: map[string]string{
+				"X-Rspamd-Score": "2.00",
+			},
+			expectedScore:  2.00,
+			expectedIsSpam: false,
+		},
+		{
+			name: "No X-Spamd-Result, X-Rspamd-Score above default add-header threshold",
+			headers: map[string]string{
+				"X-Rspamd-Score": "7.00",
+			},
+			expectedScore:  7.00,
+			expectedIsSpam: true,
+		},
+		{
+			name: "Server header is trimmed",
+			headers: map[string]string{
+				"X-Rspamd-Score":  "1.00",
+				"X-Rspamd-Server": "  rspamd-01  ",
+			},
+			expectedScore:  1.00,
+			expectedServer: func() *string { s := "rspamd-01"; return &s }(),
+		},
+	}
+
+	analyzer := NewRspamdAnalyzer()
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			email := &EmailMessage{Header: make(mail.Header)}
+			for k, v := range tt.headers {
+				email.Header[k] = []string{v}
+			}
+
+			result := analyzer.AnalyzeRspamd(email)
+
+			if result == nil {
+				t.Fatal("Expected non-nil result")
+			}
+			if result.Score != tt.expectedScore {
+				t.Errorf("Score = %v, want %v", result.Score, tt.expectedScore)
+			}
+			if tt.expectedThreshold > 0 && result.Threshold != tt.expectedThreshold {
+				t.Errorf("Threshold = %v, want %v", result.Threshold, tt.expectedThreshold)
+			}
+			if result.IsSpam != tt.expectedIsSpam {
+				t.Errorf("IsSpam = %v, want %v", result.IsSpam, tt.expectedIsSpam)
+			}
+			if tt.expectedServer != nil {
+				if result.Server == nil {
+					t.Errorf("Server = nil, want %q", *tt.expectedServer)
+				} else if *result.Server != *tt.expectedServer {
+					t.Errorf("Server = %q, want %q", *result.Server, *tt.expectedServer)
+				}
+			}
+			if tt.expectedSymCount > 0 && len(result.Symbols) != tt.expectedSymCount {
+				t.Errorf("Symbol count = %d, want %d", len(result.Symbols), tt.expectedSymCount)
+			}
+		})
+	}
+}
+
+func TestCalculateRspamdScore(t *testing.T) {
+	tests := []struct {
+		name          string
+		result        *api.RspamdResult
+		expectedScore int
+		expectedGrade string
+	}{
+		{
+			name:          "Nil result (rspamd not installed)",
+			result:        nil,
+			expectedScore: 100,
+			expectedGrade: "",
+		},
+		{
+			name: "Score well below threshold",
+			result: &api.RspamdResult{
+				Score:     -3.91,
+				Threshold: 15.00,
+			},
+			expectedScore: 100,
+			expectedGrade: "A+",
+		},
+		{
+			name: "Score at zero",
+			result: &api.RspamdResult{
+				Score:     0,
+				Threshold: 15.00,
+			},
+			// 100 - round(0*100/30) = 100 → hits ScoreToGrade(100) = "A"
+			expectedScore: 100,
+			expectedGrade: "A",
+		},
+		{
+			name: "Score at threshold (half of 2*threshold)",
+			result: &api.RspamdResult{
+				Score:     15.00,
+				Threshold: 15.00,
+			},
+			// 100 - round(15*100/(2*15)) = 100 - 50 = 50
+			expectedScore: 50,
+		},
+		{
+			name: "Score above 2*threshold",
+			result: &api.RspamdResult{
+				Score:     31.00,
+				Threshold: 15.00,
+			},
+			expectedScore: 0,
+			expectedGrade: "F",
+		},
+		{
+			name: "Score exactly at 2*threshold",
+			result: &api.RspamdResult{
+				Score:     30.00,
+				Threshold: 15.00,
+			},
+			// 100 - round(30*100/30) = 100 - 100 = 0
+			expectedScore: 0,
+			expectedGrade: "F",
+		},
+	}
+
+	analyzer := NewRspamdAnalyzer()
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			score, grade := analyzer.CalculateRspamdScore(tt.result)
+
+			if score != tt.expectedScore {
+				t.Errorf("Score = %d, want %d", score, tt.expectedScore)
+			}
+			if tt.expectedGrade != "" && grade != tt.expectedGrade {
+				t.Errorf("Grade = %q, want %q", grade, tt.expectedGrade)
+			}
+		})
+	}
+}
+
+const sampleEmailWithRspamdHeaders = `X-Spamd-Result: default: False [-3.91 / 15.00];
+	BAYES_HAM(-3.00)[99%];
+	RCVD_IN_DNSWL_MED(-0.01)[1.2.3.4:from];
+	R_DKIM_ALLOW(-0.20)[example.com:s=dkim];
+	FROM_HAS_DN(0.00)[];
+	MIME_GOOD(-0.10)[text/plain];
+X-Rspamd-Score: -3.91
+X-Rspamd-Server: rspamd-01.example.com
+Date: Mon, 09 Mar 2026 10:00:00 +0000
+From: sender@example.com
+To: test@happydomain.org
+Subject: Test email
+Message-ID: <test123@example.com>
+MIME-Version: 1.0
+Content-Type: text/plain
+
+Hello world`
+
+func TestAnalyzeRspamdRealEmail(t *testing.T) {
+	email, err := ParseEmail(bytes.NewBufferString(sampleEmailWithRspamdHeaders))
+	if err != nil {
+		t.Fatalf("Failed to parse email: %v", err)
+	}
+
+	analyzer := NewRspamdAnalyzer()
+	result := analyzer.AnalyzeRspamd(email)
+
+	if result == nil {
+		t.Fatal("Expected non-nil result")
+	}
+	if result.IsSpam {
+		t.Error("Expected IsSpam=false")
+	}
+	if result.Score != -3.91 {
+		t.Errorf("Score = %v, want -3.91", result.Score)
+	}
+	if result.Threshold != 15.00 {
+		t.Errorf("Threshold = %v, want 15.00", result.Threshold)
+	}
+	if result.Server == nil || *result.Server != "rspamd-01.example.com" {
+		t.Errorf("Server = %v, want \"rspamd-01.example.com\"", result.Server)
+	}
+
+	expectedSymbols := []string{"BAYES_HAM", "RCVD_IN_DNSWL_MED", "R_DKIM_ALLOW", "FROM_HAS_DN", "MIME_GOOD"}
+	for _, sym := range expectedSymbols {
+		if _, ok := result.Symbols[sym]; !ok {
+			t.Errorf("Symbol %s not found", sym)
+		}
+	}
+
+	score, _ := analyzer.CalculateRspamdScore(result)
+	if score != 100 {
+		t.Errorf("CalculateRspamdScore = %d, want 100", score)
+	}
+}
+

From bb47bb7c29eb9e59780d631772081daa42d111b7 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 12:52:12 +0700
Subject: [PATCH 20/27] fix: handle nested brackets in rspamd symbol params

---
 pkg/analyzer/rspamd.go      |  5 +++--
 pkg/analyzer/rspamd_test.go | 20 ++++++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/pkg/analyzer/rspamd.go b/pkg/analyzer/rspamd.go
index d394c62..c2ea1cf 100644
--- a/pkg/analyzer/rspamd.go
+++ b/pkg/analyzer/rspamd.go
@@ -111,8 +111,9 @@ func (a *RspamdAnalyzer) parseSpamdResult(header string, result *api.RspamdResul
 	}
 
 	// Parse symbols: SYMBOL(score)[params]
-	// Each symbol entry is separated by ";"
-	symbolRe := regexp.MustCompile(`(\w+)\((-?\d+\.?\d*)\)(?:\[([^\]]*)\])?`)
+	// Each symbol entry is separated by ";", so within each part we use a
+	// greedy match to capture params that may contain nested brackets.
+	symbolRe := regexp.MustCompile(`(\w+)\((-?\d+\.?\d*)\)(?:\[(.*)\])?`)
 	for _, part := range strings.Split(header, ";") {
 		part = strings.TrimSpace(part)
 		matches := symbolRe.FindStringSubmatch(part)
diff --git a/pkg/analyzer/rspamd_test.go b/pkg/analyzer/rspamd_test.go
index 180bafd..de98fe8 100644
--- a/pkg/analyzer/rspamd_test.go
+++ b/pkg/analyzer/rspamd_test.go
@@ -104,6 +104,26 @@ func TestParseSpamdResult(t *testing.T) {
 			expectedIsSpam:    true,
 			expectedSymbols:   map[string]float32{},
 		},
+		{
+			name: "Zero threshold with symbols containing nested brackets in params",
+			header: "default: False [0.90 / 0.00];\n" +
+				"\tARC_REJECT(1.00)[cannot verify 1 of 1 signatures: {[1] = sig:mail-tester.local:signature has incorrect length: 12}];\n" +
+				"\tMIME_GOOD(-0.10)[multipart/alternative,text/plain];\n" +
+				"\tMIME_TRACE(0.00)[0:+,1:+,2:~]",
+			expectedScore:     0.90,
+			expectedThreshold: rspamdDefaultAddHeaderThreshold,
+			expectedIsSpam:    false,
+			expectedSymbols: map[string]float32{
+				"ARC_REJECT": 1.00,
+				"MIME_GOOD":  -0.10,
+				"MIME_TRACE": 0.00,
+			},
+			expectedSymParams: map[string]string{
+				"ARC_REJECT": "cannot verify 1 of 1 signatures: {[1] = sig:mail-tester.local:signature has incorrect length: 12}",
+				"MIME_GOOD":  "multipart/alternative,text/plain",
+				"MIME_TRACE": "0:+,1:+,2:~",
+			},
+		},
 	}
 
 	analyzer := NewRspamdAnalyzer()

From d9b9ea87c6dfab9f42a225ecd94c0bde8a19e7a6 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 13:09:07 +0700
Subject: [PATCH 21/27] refactor: extract email path into standalone card
 component

Move the received chain display out of BlacklistCard into EmailPathCard,
giving it its own card styling and placing it as a dedicated section on
the report page.
---
 web/src/lib/components/BlacklistCard.svelte | 10 ++--------
 web/src/lib/components/EmailPathCard.svelte | 18 ++++++++++++++----
 web/src/routes/test/[test]/+page.svelte     | 11 ++++++++++-
 3 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/web/src/lib/components/BlacklistCard.svelte b/web/src/lib/components/BlacklistCard.svelte
index 7f9b7f2..fec7b09 100644
--- a/web/src/lib/components/BlacklistCard.svelte
+++ b/web/src/lib/components/BlacklistCard.svelte
@@ -1,18 +1,16 @@
 <script lang="ts">
-    import type { BlacklistCheck, ReceivedHop } from "$lib/api/types.gen";
+    import type { BlacklistCheck } from "$lib/api/types.gen";
     import { getScoreColorClass } from "$lib/score";
     import { theme } from "$lib/stores/theme";
-    import EmailPathCard from "./EmailPathCard.svelte";
     import GradeDisplay from "./GradeDisplay.svelte";
 
     interface Props {
         blacklists: Record<string, BlacklistCheck[]>;
         blacklistGrade?: string;
         blacklistScore?: number;
-        receivedChain?: ReceivedHop[];
     }
 
-    let { blacklists, blacklistGrade, blacklistScore, receivedChain }: Props = $props();
+    let { blacklists, blacklistGrade, blacklistScore }: Props = $props();
 </script>
 
 <div class="card shadow-sm" id="rbl-details">
@@ -35,10 +33,6 @@
         </h4>
     </div>
     <div class="card-body">
-        {#if receivedChain}
-            <EmailPathCard {receivedChain} />
-        {/if}
-
         <div class="row row-cols-1 row-cols-lg-2">
             {#each Object.entries(blacklists) as [ip, checks]}
                 <div class="col mb-3">
diff --git a/web/src/lib/components/EmailPathCard.svelte b/web/src/lib/components/EmailPathCard.svelte
index 8dc57b0..a4fda45 100644
--- a/web/src/lib/components/EmailPathCard.svelte
+++ b/web/src/lib/components/EmailPathCard.svelte
@@ -1,5 +1,6 @@
 <script lang="ts">
     import type { ReceivedHop } from "$lib/api/types.gen";
+    import { theme } from "$lib/stores/theme";
 
     interface Props {
         receivedChain: ReceivedHop[];
@@ -9,9 +10,18 @@
 </script>
 
 {#if receivedChain && receivedChain.length > 0}
-    <div class="mb-3" id="email-path">
-        <h5>Email Path (Received Chain)</h5>
-        <div class="list-group">
+    <div class="card shadow-sm" id="email-path">
+        <div
+            class="card-header"
+            class:bg-white={$theme === "light"}
+            class:bg-dark={$theme !== "light"}
+        >
+            <h4 class="mb-0">
+                <i class="bi bi-pin-map me-2"></i>
+                Email Path
+            </h4>
+        </div>
+        <div class="list-group list-group-flush">
             {#each receivedChain as hop, i}
                 <div class="list-group-item">
                     <div class="d-flex w-100 justify-content-between">
@@ -30,7 +40,7 @@
                                 : "-"}
                         </small>
                     </div>
-                    {#if hop.with || hop.id}
+                    {#if hop.with || hop.id || hop.from}
                         <p class="mb-1 small d-flex gap-3">
                             {#if hop.with}
                                 <span>
diff --git a/web/src/routes/test/[test]/+page.svelte b/web/src/routes/test/[test]/+page.svelte
index 0c8ea9d..10c4f22 100644
--- a/web/src/routes/test/[test]/+page.svelte
+++ b/web/src/routes/test/[test]/+page.svelte
@@ -9,6 +9,7 @@
         BlacklistCard,
         ContentAnalysisCard,
         DnsRecordsCard,
+        EmailPathCard,
         ErrorDisplay,
         HeaderAnalysisCard,
         PendingState,
@@ -294,6 +295,15 @@
                 </div>
             </div>
 
+            <!-- Received Chain -->
+            {#if report.header_analysis?.received_chain && report.header_analysis.received_chain.length > 0}
+                <div class="row mb-4" id="received-chain">
+                    <div class="col-12">
+                        <EmailPathCard receivedChain={report.header_analysis.received_chain} />
+                    </div>
+                </div>
+            {/if}
+
             <!-- DNS Records -->
             {#if report.dns_results}
                 <div class="row mb-4" id="dns">
@@ -329,7 +339,6 @@
                     {blacklists}
                     blacklistGrade={report.summary?.blacklist_grade}
                     blacklistScore={report.summary?.blacklist_score}
-                    receivedChain={report.header_analysis?.received_chain}
                 />
             {/snippet}
 

From 27650a3496ed6c6d5ab916d96d6495fc10be1877 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 13:12:36 +0700
Subject: [PATCH 22/27] feat: add raw report display to rspamd card

Add a collapsible Raw Report section to RspamdCard, storing the raw
X-Spamd-Result header value and displaying it like SpamAssassin's report.
---
 api/openapi.yaml                         |  3 +++
 pkg/analyzer/rspamd.go                   |  2 ++
 web/src/lib/components/RspamdCard.svelte | 27 +++++++++++++++++++++---
 3 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/api/openapi.yaml b/api/openapi.yaml
index c0c3c70..1a9cbbf 100644
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@@ -982,6 +982,9 @@ components:
               name: "BAYES_HAM"
               score: -1.9
               params: "0.02"
+        report:
+          type: string
+          description: Full rspamd report (raw X-Spamd-Result header)
 
     RspamdSymbol:
       type: object
diff --git a/pkg/analyzer/rspamd.go b/pkg/analyzer/rspamd.go
index c2ea1cf..f3f548b 100644
--- a/pkg/analyzer/rspamd.go
+++ b/pkg/analyzer/rspamd.go
@@ -58,6 +58,8 @@ func (a *RspamdAnalyzer) AnalyzeRspamd(email *EmailMessage) *api.RspamdResult {
 	// Parse X-Spamd-Result header (primary source for score, threshold, and symbols)
 	// Format: "default: False [-3.91 / 15.00];\n\tSYMBOL(score)[params]; ..."
 	if spamdResult, ok := headers["X-Spamd-Result"]; ok {
+		report := strings.ReplaceAll(spamdResult, "; ", ";\n")
+		result.Report = &report
 		a.parseSpamdResult(spamdResult, result)
 	}
 
diff --git a/web/src/lib/components/RspamdCard.svelte b/web/src/lib/components/RspamdCard.svelte
index 2468f90..0db6378 100644
--- a/web/src/lib/components/RspamdCard.svelte
+++ b/web/src/lib/components/RspamdCard.svelte
@@ -17,8 +17,7 @@
 
     const effectiveAction = $derived.by(() => {
         const rejectThreshold = rspamd.threshold > 0 ? rspamd.threshold : 15;
-        if (rspamd.score >= rejectThreshold)
-            return { label: "Reject", cls: "bg-danger" };
+        if (rspamd.score >= rejectThreshold) return { label: "Reject", cls: "bg-danger" };
         if (rspamd.score >= RSPAMD_ADD_HEADER_THRESHOLD)
             return { label: "Add header", cls: "bg-warning text-dark" };
         if (rspamd.score >= RSPAMD_GREYLIST_THRESHOLD)
@@ -31,7 +30,7 @@
     <div class="card-header {$theme === 'light' ? 'bg-white' : 'bg-dark'}">
         <h4 class="mb-0 d-flex justify-content-between align-items-center">
             <span>
-                <i class="bi bi-shield-exclamation me-2"></i>
+                <i class="bi bi-bug me-2"></i>
                 rspamd Analysis
             </span>
             <span>
@@ -108,10 +107,32 @@
                 </div>
             </div>
         {/if}
+
+        {#if rspamd.report}
+            <details class="mt-3">
+                <summary class="cursor-pointer fw-bold">Raw Report</summary>
+                <pre
+                    class="mt-2 small {$theme === 'light'
+                        ? 'bg-light'
+                        : 'bg-secondary'} p-3 rounded">{rspamd.report}</pre>
+            </details>
+        {/if}
     </div>
 </div>
 
 <style>
+    .cursor-pointer {
+        cursor: pointer;
+    }
+
+    details summary {
+        user-select: none;
+    }
+
+    details summary:hover {
+        color: var(--bs-primary);
+    }
+
     /* Darker table colors in dark mode */
     :global([data-bs-theme="dark"]) .table-warning {
         --bs-table-bg: rgba(255, 193, 7, 0.2);

From edfe498b27345c928aee6bdf712f94cb7d42b2e5 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 13:17:21 +0700
Subject: [PATCH 23/27] Improve responsiveness

---
 web/src/lib/components/BlacklistCard.svelte | 4 ++--
 web/src/lib/components/WhitelistCard.svelte | 4 ++--
 web/src/routes/test/[test]/+page.svelte     | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/web/src/lib/components/BlacklistCard.svelte b/web/src/lib/components/BlacklistCard.svelte
index fec7b09..bb80acb 100644
--- a/web/src/lib/components/BlacklistCard.svelte
+++ b/web/src/lib/components/BlacklistCard.svelte
@@ -15,7 +15,7 @@
 
 <div class="card shadow-sm" id="rbl-details">
     <div class="card-header" class:bg-white={$theme === "light"} class:bg-dark={$theme !== "light"}>
-        <h4 class="mb-0 d-flex justify-content-between align-items-center">
+        <h4 class="mb-0 d-flex flex-wrap justify-content-between align-items-center">
             <span>
                 <i class="bi bi-shield-exclamation me-2"></i>
                 Blacklist Checks
@@ -33,7 +33,7 @@
         </h4>
     </div>
     <div class="card-body">
-        <div class="row row-cols-1 row-cols-lg-2">
+        <div class="row row-cols-1 row-cols-lg-2 overflow-auto">
             {#each Object.entries(blacklists) as [ip, checks]}
                 <div class="col mb-3">
                     <h5 class="text-muted">
diff --git a/web/src/lib/components/WhitelistCard.svelte b/web/src/lib/components/WhitelistCard.svelte
index ee0b0e2..13fd86b 100644
--- a/web/src/lib/components/WhitelistCard.svelte
+++ b/web/src/lib/components/WhitelistCard.svelte
@@ -11,7 +11,7 @@
 
 <div class="card shadow-sm" id="dnswl-details">
     <div class="card-header" class:bg-white={$theme === "light"} class:bg-dark={$theme !== "light"}>
-        <h4 class="mb-0 d-flex justify-content-between align-items-center">
+        <h4 class="mb-0 d-flex flex-wrap justify-content-between align-items-center">
             <span>
                 <i class="bi bi-shield-check me-2"></i>
                 Whitelist Checks
@@ -25,7 +25,7 @@
             no impact on the overall score.
         </p>
 
-        <div class="row row-cols-1 row-cols-lg-2">
+        <div class="row row-cols-1 row-cols-lg-2 overflow-auto">
             {#each Object.entries(whitelists) as [ip, checks]}
                 <div class="col mb-3">
                     <h5 class="text-muted">
diff --git a/web/src/routes/test/[test]/+page.svelte b/web/src/routes/test/[test]/+page.svelte
index 10c4f22..113209d 100644
--- a/web/src/routes/test/[test]/+page.svelte
+++ b/web/src/routes/test/[test]/+page.svelte
@@ -393,12 +393,12 @@
             {#if report.spamassassin || report.rspamd}
                 <div class="row mb-4" id="spam">
                     {#if report.spamassassin}
-                        <div class={report.rspamd ? "col-lg-6 mb-4 mb-lg-0" : "col-12"}>
+                        <div class={report.rspamd ? "col col-lg-6 mb-4 mb-lg-0" : "col-12"}>
                             <SpamAssassinCard spamassassin={report.spamassassin} />
                         </div>
                     {/if}
                     {#if report.rspamd}
-                        <div class={report.spamassassin ? "col-lg-6" : "col-12"}>
+                        <div class={report.spamassassin ? "col col-lg-6" : "col-12"}>
                             <RspamdCard rspamd={report.rspamd} />
                         </div>
                     {/if}

From 21e16fd847fdbde491da28dcbb6436c218d4ad54 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 13:28:38 +0700
Subject: [PATCH 24/27] rbl: remove SpamRats entries from default RBL list

Those RBLs requires an API key
---
 pkg/analyzer/rbl.go | 2 --
 1 file changed, 2 deletions(-)

diff --git a/pkg/analyzer/rbl.go b/pkg/analyzer/rbl.go
index 44c6e99..0a409cf 100644
--- a/pkg/analyzer/rbl.go
+++ b/pkg/analyzer/rbl.go
@@ -53,8 +53,6 @@ var DefaultRBLs = []string{
 	"dnsbl-1.uceprotect.net", // UCEPROTECT Level 1
 	"dnsbl-2.uceprotect.net", // UCEPROTECT Level 2 (informational)
 	"dnsbl-3.uceprotect.net", // UCEPROTECT Level 3 (informational)
-	"spam.spamrats.com",      // SpamRats SPAM
-	"dyna.spamrats.com",      // SpamRats dynamic IPs
 	"psbl.surriel.com",       // PSBL
 	"dnsbl.dronebl.org",      // DroneBL
 	"bl.mailspike.net",       // Mailspike BL

From 0176c3803d45e7fd495d8b0ba87baf824cf8fa19 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 15:22:08 +0700
Subject: [PATCH 25/27] docker: split ENV declarations for readability and
 remove default RBL list

---
 Dockerfile | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index f6dc16a..9626813 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -170,7 +170,12 @@ RUN chmod +x /entrypoint.sh
 EXPOSE 25 8080
 
 # Default configuration
-ENV HAPPYDELIVER_DATABASE_TYPE=sqlite HAPPYDELIVER_DATABASE_DSN=/var/lib/happydeliver/happydeliver.db HAPPYDELIVER_DOMAIN=happydeliver.local HAPPYDELIVER_ADDRESS_PREFIX=test- HAPPYDELIVER_DNS_TIMEOUT=5s HAPPYDELIVER_HTTP_TIMEOUT=10s HAPPYDELIVER_RBL=zen.spamhaus.org,bl.spamcop.net,b.barracudacentral.org,dnsbl.sorbs.net,dnsbl-1.uceprotect.net,bl.mailspike.net
+ENV HAPPYDELIVER_DATABASE_TYPE=sqlite \
+    HAPPYDELIVER_DATABASE_DSN=/var/lib/happydeliver/happydeliver.db \
+    HAPPYDELIVER_DOMAIN=happydeliver.local \
+    HAPPYDELIVER_ADDRESS_PREFIX=test- \
+    HAPPYDELIVER_DNS_TIMEOUT=5s \
+    HAPPYDELIVER_HTTP_TIMEOUT=10s
 
 # Volume for persistent data
 VOLUME ["/var/lib/happydeliver", "/var/log/happydeliver"]

From 56e6494a7572063c459906601f5803874fc7668c Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 15:34:27 +0700
Subject: [PATCH 26/27] rbl: parallelize IP checks against blacklists using
 goroutines

---
 pkg/analyzer/rbl.go | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/pkg/analyzer/rbl.go b/pkg/analyzer/rbl.go
index 0a409cf..08d3b8f 100644
--- a/pkg/analyzer/rbl.go
+++ b/pkg/analyzer/rbl.go
@@ -27,6 +27,7 @@ import (
 	"net"
 	"regexp"
 	"strings"
+	"sync"
 	"time"
 
 	"git.happydns.org/happyDeliver/internal/api"
@@ -155,18 +156,26 @@ func (r *DNSListChecker) CheckEmail(email *EmailMessage) *DNSListResults {
 	return results
 }
 
-// CheckIP checks a single IP address against all configured lists
+// CheckIP checks a single IP address against all configured lists in parallel
 func (r *DNSListChecker) CheckIP(ip string) ([]api.BlacklistCheck, int, error) {
 	if !r.isPublicIP(ip) {
 		return nil, 0, fmt.Errorf("invalid or non-public IP address: %s", ip)
 	}
 
-	var checks []api.BlacklistCheck
-	listedCount := 0
+	checks := make([]api.BlacklistCheck, len(r.Lists))
+	var wg sync.WaitGroup
 
-	for _, list := range r.Lists {
-		check := r.checkIP(ip, list)
-		checks = append(checks, check)
+	for i, list := range r.Lists {
+		wg.Add(1)
+		go func(i int, list string) {
+			defer wg.Done()
+			checks[i] = r.checkIP(ip, list)
+		}(i, list)
+	}
+	wg.Wait()
+
+	listedCount := 0
+	for _, check := range checks {
 		if check.Listed {
 			listedCount++
 		}

From 8b6154c183b98a0b7fe99761c42718f7d25c6e10 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Mon, 9 Mar 2026 16:01:52 +0700
Subject: [PATCH 27/27] feat: add whitelist checks to IP blacklist endpoint and
 rename checks to blacklists

---
 api/openapi.yaml                           |  9 +++++--
 internal/api/handlers.go                   |  7 +++---
 pkg/analyzer/analyzer.go                   | 14 ++++++++---
 web/src/routes/blacklist/[ip]/+page.svelte | 29 +++++++++++++++-------
 4 files changed, 41 insertions(+), 18 deletions(-)

diff --git a/api/openapi.yaml b/api/openapi.yaml
index 1a9cbbf..e989261 100644
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@@ -1346,7 +1346,7 @@ components:
       type: object
       required:
         - ip
-        - checks
+        - blacklists
         - listed_count
         - score
         - grade
@@ -1355,7 +1355,7 @@ components:
           type: string
           description: The IP address that was checked
           example: "192.0.2.1"
-        checks:
+        blacklists:
           type: array
           items:
             $ref: '#/components/schemas/BlacklistCheck'
@@ -1375,3 +1375,8 @@ components:
           enum: [A+, A, B, C, D, E, F]
           description: Letter grade representation of the score
           example: "A+"
+        whitelists:
+          type: array
+          items:
+            $ref: '#/components/schemas/BlacklistCheck'
+          description: List of DNS whitelist check results (informational only)
diff --git a/internal/api/handlers.go b/internal/api/handlers.go
index 80c8f9a..470136e 100644
--- a/internal/api/handlers.go
+++ b/internal/api/handlers.go
@@ -41,7 +41,7 @@ import (
 type EmailAnalyzer interface {
 	AnalyzeEmailBytes(rawEmail []byte, testID uuid.UUID) (reportJSON []byte, err error)
 	AnalyzeDomain(domain string) (dnsResults *DNSResults, score int, grade string)
-	CheckBlacklistIP(ip string) (checks []BlacklistCheck, listedCount int, score int, grade string, err error)
+	CheckBlacklistIP(ip string) (checks []BlacklistCheck, whitelists []BlacklistCheck, listedCount int, score int, grade string, err error)
 }
 
 // APIHandler implements the ServerInterface for handling API requests
@@ -359,7 +359,7 @@ func (h *APIHandler) CheckBlacklist(c *gin.Context) {
 	}
 
 	// Perform blacklist check using analyzer
-	checks, listedCount, score, grade, err := h.analyzer.CheckBlacklistIP(request.Ip)
+	checks, whitelists, listedCount, score, grade, err := h.analyzer.CheckBlacklistIP(request.Ip)
 	if err != nil {
 		c.JSON(http.StatusBadRequest, Error{
 			Error:   "invalid_ip",
@@ -372,7 +372,8 @@ func (h *APIHandler) CheckBlacklist(c *gin.Context) {
 	// Build response
 	response := BlacklistCheckResponse{
 		Ip:          request.Ip,
-		Checks:      checks,
+		Blacklists:  checks,
+		Whitelists:  &whitelists,
 		ListedCount: listedCount,
 		Score:       score,
 		Grade:       BlacklistCheckResponseGrade(grade),
diff --git a/pkg/analyzer/analyzer.go b/pkg/analyzer/analyzer.go
index 83eafe6..a16829b 100644
--- a/pkg/analyzer/analyzer.go
+++ b/pkg/analyzer/analyzer.go
@@ -121,12 +121,12 @@ func (a *APIAdapter) AnalyzeDomain(domain string) (*api.DNSResults, int, string)
 	return dnsResults, score, grade
 }
 
-// CheckBlacklistIP checks a single IP address against DNS blacklists
-func (a *APIAdapter) CheckBlacklistIP(ip string) ([]api.BlacklistCheck, int, int, string, error) {
+// CheckBlacklistIP checks a single IP address against DNS blacklists and whitelists
+func (a *APIAdapter) CheckBlacklistIP(ip string) ([]api.BlacklistCheck, []api.BlacklistCheck, int, int, string, error) {
 	// Check the IP against all configured RBLs
 	checks, listedCount, err := a.analyzer.generator.rblChecker.CheckIP(ip)
 	if err != nil {
-		return nil, 0, 0, "", err
+		return nil, nil, 0, 0, "", err
 	}
 
 	// Calculate score using the existing function
@@ -138,5 +138,11 @@ func (a *APIAdapter) CheckBlacklistIP(ip string) ([]api.BlacklistCheck, int, int
 	}
 	score, grade := a.analyzer.generator.rblChecker.CalculateScore(results)
 
-	return checks, listedCount, score, grade, nil
+	// Check the IP against all configured DNSWLs (informational only)
+	whitelists, _, err := a.analyzer.generator.dnswlChecker.CheckIP(ip)
+	if err != nil {
+		whitelists = nil
+	}
+
+	return checks, whitelists, listedCount, score, grade, nil
 }
diff --git a/web/src/routes/blacklist/[ip]/+page.svelte b/web/src/routes/blacklist/[ip]/+page.svelte
index 0cddb22..89676ed 100644
--- a/web/src/routes/blacklist/[ip]/+page.svelte
+++ b/web/src/routes/blacklist/[ip]/+page.svelte
@@ -3,7 +3,7 @@
     import { onMount } from "svelte";
     import { checkBlacklist } from "$lib/api";
     import type { BlacklistCheckResponse } from "$lib/api/types.gen";
-    import { BlacklistCard, GradeDisplay, TinySurvey } from "$lib/components";
+    import { BlacklistCard, GradeDisplay, TinySurvey, WhitelistCard } from "$lib/components";
     import { theme } from "$lib/stores/theme";
 
     let ip = $derived($page.params.ip);
@@ -122,8 +122,8 @@
                                             >
                                             <p class="mb-0 mt-1 small">
                                                 This IP address is listed on {result.listed_count} of
-                                                {result.checks.length} checked blacklist{result
-                                                    .checks.length > 1
+                                                {result.blacklists.length} checked blacklist{result
+                                                    .blacklists.length > 1
                                                     ? "s"
                                                     : ""}.
                                             </p>
@@ -150,12 +150,23 @@
                         </div>
                     </div>
 
-                    <!-- Blacklist Results Card -->
-                    <BlacklistCard
-                        blacklists={{ [result.ip]: result.checks }}
-                        blacklistScore={result.score}
-                        blacklistGrade={result.grade}
-                    />
+                    <div class="row">
+                        <!-- Blacklist Results Card -->
+                        <div class="col col-lg-6">
+                            <BlacklistCard
+                                blacklists={{ [result.ip]: result.blacklists }}
+                                blacklistScore={result.score}
+                                blacklistGrade={result.grade}
+                            />
+                        </div>
+
+                        <!-- Whitelist Results Card -->
+                        {#if result.whitelists && result.whitelists.length > 0}
+                            <div class="col col-lg-6">
+                                <WhitelistCard whitelists={{ [result.ip]: result.whitelists }} />
+                            </div>
+                        {/if}
+                    </div>
 
                     <!-- Information Card -->
                     <div class="card shadow-sm mt-4">