upgrading dependencies

* redesigning listing table

* getting rid of old listing table view

* improving listing grid

.dockerignore

@@ -1,7 +1,47 @@
+# Dependencies (will be installed fresh in container)
 node_modules/
-npm-debug.log
-test/
+
+# Database and config (mounted as volumes)
 db/
 conf/
+
+# Git
 .git/
 .github/
+.gitignore
+
+# IDE and editor
+.idea/
+.vscode/
+*.swp
+*.swo
+.DS_Store
+
+# Testing
+test/
+
+# Documentation
+doc/
+*.md
+!README.md
+
+# Development config files
+.babelrc
+.husky/
+.nvmrc
+.prettierrc
+.prettierignore
+eslint.config.js
+
+# Docker files (not needed inside container)
+Dockerfile
+docker-compose.yml
+docker-test.sh
+.dockerignore
+
+# Logs
+*.log
+npm-debug.log
+
+# Build artifacts (built fresh in container)
+dist/

Dockerfile

@@ -1,27 +1,59 @@
-FROM node:22-slim
+# ================================
+# Stage 1: Build stage
+# ================================
+FROM node:22-alpine AS builder
+
+WORKDIR /build
+
+# Install build dependencies needed for native modules (better-sqlite3)
+RUN apk add --no-cache python3 make g++
+
+# Copy package files first for better layer caching
+COPY package.json yarn.lock ./
+
+# Install all dependencies (including devDependencies for building)
+RUN yarn config set network-timeout 600000 \
+  && yarn --frozen-lockfile
+
+# Copy source files needed for build
+COPY index.html vite.config.js ./
+COPY ui ./ui
+COPY lib ./lib
+
+# Build frontend assets
+RUN yarn build:frontend
+
+# ================================
+# Stage 2: Production stage
+# ================================
+FROM node:22-alpine
 
 WORKDIR /fredy
 
-# Install Chromium and curl without extra recommended packages and clean apt cache
-# curl is needed for the health check
-RUN apt-get update \
-  && apt-get install -y --no-install-recommends chromium curl \
-  && rm -rf /var/lib/apt/lists/*
+# Install Chromium and curl (for healthcheck)
+# Using Alpine's chromium package which is much smaller
+RUN apk add --no-cache chromium curl
 
-ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \
-    PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium
+ENV NODE_ENV=production \
+    PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \
+    PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser
 
-# Copy lockfiles first to leverage cache for dependencies
-COPY package.json yarn.lock .
+# Install build dependencies for native modules, then remove them after yarn install
+COPY package.json yarn.lock ./
 
-# Set Yarn timeout, install dependencies and PM2 globally
-RUN yarn config set network-timeout 600000 \
-  && yarn --frozen-lockfile \
-  && yarn global add pm2
+RUN apk add --no-cache --virtual .build-deps python3 make g++ \
+  && yarn config set network-timeout 600000 \
+  && yarn --frozen-lockfile --production \
+  && yarn cache clean \
+  && apk del .build-deps
 
-# Copy application source and build production assets
-COPY . .
-RUN yarn build:frontend
+# Copy built frontend from builder stage
+COPY --from=builder /build/ui/public ./ui/public
+
+# Copy application source (only what's needed at runtime)
+COPY index.js ./
+COPY index.html ./
+COPY lib ./lib
 
 # Prepare runtime directories and symlinks for data and config
 RUN mkdir -p /db /conf \
@@ -34,5 +66,4 @@ EXPOSE 9998
 VOLUME /db
 VOLUME /conf
 
-# Start application using PM2 runtime
-CMD ["pm2-runtime", "index.js"]
+CMD ["node", "index.js"]

LICENSE

@@ -1,21 +1,214 @@
-MIT License
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
 
-Copyright (c) 2025 Christian Kellner
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
+1. Definitions.
 
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor
+   be liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+
+Additional License Condition – Commons Clause
+
+The Licensed Work is provided under the terms of this license and is also
+subject to the following additional condition ("Commons Clause"):
+
+"License Condition v1.0":
+
+The Licensed Work and its derivative works may not be used by any person or
+organization to Sell the Licensed Work (as defined below).
+
+"Sell" or "Selling" means practicing any or all of the rights granted to you
+under the License to provide to third parties, for a fee or other consideration
+(including without limitation fees for hosting or consulting/support services
+related to the Software), a product or service whose value derives, entirely or
+substantially, from the functionality of the Licensed Work.
+
+A non-exhaustive list of activities considered "Selling" includes:
+- Using the Licensed Work to provide paid hosted services or managed services
+- Distributing the Licensed Work as part of a commercial product or service
+  for which a fee is charged primarily for the value of the Licensed Work
+
+This restriction does not apply to the use of the Licensed Work for internal
+business purposes or non-commercial use.
+
+
+Attribution and Naming Clause
+
+Any derivative work based on this software must include clear and visible
+attribution to the original project "Fredy" and its author(s).
+Derivative works may not be distributed, published, or presented under a
+different name or branding without the explicit written permission of the
+original copyright holder.
+
+
+Copyright (c) 2026 Christian Kellner
+Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause

README.md

@@ -107,6 +107,10 @@ yarn run start:frontend  # in another terminal
 
 👉 Open <http://localhost:9998>
 
+### With Unraid
+
+Should you use [Unraid](https://unraid.net/), you can now install Fredy from the community store :)
+
 **Default Login:**
 - Username: `admin`
 - Password: `admin`
@@ -202,7 +206,7 @@ flowchart TD
         F2["Adapter 2"]
   end
 
-    A1 --> B["FredyPipeline"]
+    A1 --> B["FredyPipelineExecutioner"]
     A2 --> B
     A3 --> B
     B --> C1 & C2 & C3

copyright.js

@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+import fs from 'fs/promises';
+import path from 'path';
+
+const COPYRIGHT = `/*
+ * Copyright (c) ${new Date().getFullYear()} by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+`;
+
+async function getAllFiles(dir = '.') {
+  const entries = await fs.readdir(dir, { withFileTypes: true });
+  let files = [];
+  for (let entry of entries) {
+    const fullPath = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      if (entry.name === 'node_modules' || entry.name.startsWith('.')) continue;
+      files = files.concat(await getAllFiles(fullPath));
+    } else if (fullPath.endsWith('.js') || fullPath.endsWith('.jsx')) {
+      files.push(fullPath);
+    }
+  }
+  return files;
+}
+
+/* eslint-disable no-console */
+async function addCopyright(files) {
+  for (let file of files) {
+    try {
+      let content = await fs.readFile(file, 'utf8');
+      if (!content.startsWith(COPYRIGHT)) {
+        await fs.writeFile(file, COPYRIGHT + content);
+        console.log(`Added copyright to ${file}`);
+      }
+    } catch (err) {
+      console.error(`Error processing ${file}: ${err}`);
+    }
+  }
+}
+/* eslint-enable no-console */
+
+const filesToProcess = process.argv.length > 2 ? process.argv.slice(2) : await getAllFiles();
+await addCopyright(filesToProcess);

docker-compose.yml

@@ -1,22 +1,26 @@
 services:
   fredy:
     container_name: fredy
-    # build from empty build folder to reduce size of image
     build:
       context: .
       dockerfile: Dockerfile
     image: ghcr.io/orangecoding/fredy
-    # map existing config and database
+    environment:
+      - NODE_ENV=production
     volumes:
       - ./conf:/conf
       - ./db:/db
     ports:
       - "9998:9998"
     restart: unless-stopped
+    # Resource limits to prevent runaway memory usage from Chromium
+    deploy:
+      resources:
+        limits:
+          memory: 1G
     healthcheck:
-      # The container will immediately stop when health check fails after retries
-      test: ["CMD-SHELL", "curl --fail --silent --show-error --max-time 5 http://localhost:9998/ || exit 1"]
+      test: ["CMD", "curl", "--fail", "--silent", "--show-error", "--max-time", "5", "http://localhost:9998/"]
       interval: 120s
       timeout: 10s
-      retries: 1
-      start_period: 10s
+      retries: 3
+      start_period: 30s

eslint.config.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // eslint.config.js
 import js from '@eslint/js';
 import prettier from 'eslint-config-prettier';

index.js

@@ -1,19 +1,20 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fs from 'fs';
-import path from 'path';
 import { checkIfConfigIsAccessible, getProviders, refreshConfig } from './lib/utils.js';
 import * as similarityCache from './lib/services/similarity-check/similarityCache.js';
-import * as jobStorage from './lib/services/storage/jobStorage.js';
-import FredyPipeline from './lib/FredyPipeline.js';
-import { duringWorkingHoursOrNotSet } from './lib/utils.js';
 import { runMigrations } from './lib/services/storage/migrations/migrate.js';
 import { ensureDemoUserExists, ensureAdminUserExists } from './lib/services/storage/userStorage.js';
 import { cleanupDemoAtMidnight } from './lib/services/crons/demoCleanup-cron.js';
 import { initTrackerCron } from './lib/services/crons/tracker-cron.js';
 import logger from './lib/services/logger.js';
-import { bus } from './lib/services/events/event-bus.js';
 import { initActiveCheckerCron } from './lib/services/crons/listing-alive-cron.js';
 import { getSettings } from './lib/services/storage/settingsStorage.js';
-import SqliteConnection from './lib/services/storage/SqliteConnection.js';
+import SqliteConnection, { computeDbPath } from './lib/services/storage/SqliteConnection.js';
+import { initJobExecutionService } from './lib/services/jobs/jobExecutionService.js';
 
 //in the config, we store the path of the sqlite file, thus we must check if it is available
 const isConfigAccessible = await checkIfConfigIsAccessible();
@@ -32,12 +33,10 @@ await runMigrations();
 
 const settings = await getSettings();
 
-// Ensure sqlite directory exists before loading anything else (based on config.sqlitepath)
-const rawDir = settings.sqlitepath || '/db';
-const relDir = rawDir.startsWith('/') ? rawDir.slice(1) : rawDir;
-const absDir = path.isAbsolute(relDir) ? relDir : path.join(process.cwd(), relDir);
-if (!fs.existsSync(absDir)) {
-  fs.mkdirSync(absDir, { recursive: true });
+// Ensure the sqlite directory exists before loading anything else (based on config.sqlitepath)
+const { dir: sqliteDir } = await computeDbPath();
+if (!fs.existsSync(sqliteDir)) {
+  fs.mkdirSync(sqliteDir, { recursive: true });
 }
 
 // Load provider modules once at startup
@@ -57,48 +56,13 @@ if (settings.demoMode) {
   cleanupDemoAtMidnight();
 }
 
-logger.info(`Started Fredy successfully. Ui can be accessed via http://localhost:${settings.port}`);
-
 ensureAdminUserExists();
 ensureDemoUserExists();
 await initTrackerCron();
 //do not wait for this to finish, let it run in the background
 initActiveCheckerCron();
 
-bus.on('jobs:runAll', () => {
-  logger.debug('Running Fredy Job manually');
-  execute();
-});
+logger.info(`Started Fredy successfully. Ui can be accessed via http://localhost:${settings.port}`);
 
-const execute = () => {
-  const isDuringWorkingHoursOrNotSet = duringWorkingHoursOrNotSet(settings, Date.now());
-  if (!settings.demoMode) {
-    if (isDuringWorkingHoursOrNotSet) {
-      settings.lastRun = Date.now();
-      jobStorage
-        .getJobs()
-        .filter((job) => job.enabled)
-        .forEach((job) => {
-          job.provider
-            .filter((p) => providers.find((loaded) => loaded.metaInformation.id === p.id) != null)
-            .forEach(async (prov) => {
-              const matchedProvider = providers.find((loaded) => loaded.metaInformation.id === prov.id);
-              matchedProvider.init(prov, job.blacklist);
-              await new FredyPipeline(
-                matchedProvider.config,
-                job.notificationAdapter,
-                prov.id,
-                job.id,
-                similarityCache,
-              ).execute();
-            });
-        });
-    } else {
-      logger.debug('Working hours set. Skipping as outside of working hours.');
-    }
-  }
-};
-
-setInterval(execute, INTERVAL);
-//start once at startup
-execute();
+// Initialize the lean Job Execution Service (schedules and bus listeners)
+initJobExecutionService({ providers, settings, intervalMs: INTERVAL });

lib/FredyPipelineExecutioner.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { NoNewListingsWarning } from './errors.js';
 import { storeListings, getKnownListingHashesForJobAndProvider } from './services/storage/listingsStorage.js';
 import * as notify from './notification/notify.js';
@@ -35,7 +40,7 @@ import logger from './services/logger.js';
  * 7) Filter out entries similar to already seen ones
  * 8) Dispatch notifications
  */
-class FredyPipeline {
+class FredyPipelineExecutioner {
   /**
    * Create a new runtime instance for a single provider/job execution.
    *
@@ -213,4 +218,4 @@ class FredyPipeline {
   }
 }
 
-export default FredyPipeline;
+export default FredyPipelineExecutioner;

lib/api/api.js

@@ -1,7 +1,11 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { notificationAdapterRouter } from './routes/notificationAdapterRouter.js';
 import { authInterceptor, cookieSession, adminInterceptor } from './security.js';
 import { generalSettingsRouter } from './routes/generalSettingsRoute.js';
-import { analyticsRouter } from './routes/analyticsRouter.js';
 import { providerRouter } from './routes/providerRouter.js';
 import { versionRouter } from './routes/versionRouter.js';
 import { loginRouter } from './routes/loginRoute.js';
@@ -17,6 +21,8 @@ import logger from '../services/logger.js';
 import { listingsRouter } from './routes/listingsRouter.js';
 import { getSettings } from '../services/storage/settingsStorage.js';
 import { featureRouter } from './routes/featureRouter.js';
+import { dashboardRouter } from './routes/dashboardRouter.js';
+import { backupRouter } from './routes/backupRouter.js';
 const service = restana();
 const staticService = files(path.join(getDirName(), '../ui/public'));
 const PORT = (await getSettings()).port || 9998;
@@ -28,19 +34,22 @@ service.use('/api/admin', authInterceptor());
 service.use('/api/jobs', authInterceptor());
 service.use('/api/version', authInterceptor());
 service.use('/api/listings', authInterceptor());
+service.use('/api/dashboard', authInterceptor());
+service.use('/api/features', authInterceptor());
 
 // /admin can only be accessed when user is having admin permissions
 service.use('/api/admin', adminInterceptor());
 service.use('/api/jobs/notificationAdapter', notificationAdapterRouter);
 service.use('/api/admin/generalSettings', generalSettingsRouter);
+service.use('/api/admin/backup', backupRouter);
 service.use('/api/jobs/provider', providerRouter);
-service.use('/api/jobs/insights', analyticsRouter);
 service.use('/api/admin/users', userRouter);
 service.use('/api/version', versionRouter);
 service.use('/api/jobs', jobRouter);
 service.use('/api/login', loginRouter);
 service.use('/api/listings', listingsRouter);
 service.use('/api/features', featureRouter);
+service.use('/api/dashboard', dashboardRouter);
 //this route is unsecured intentionally as it is being queried from the login page
 service.use('/api/demo', demoRouter);
 

lib/api/routes/analyticsRouter.js

@@ -1,10 +0,0 @@
-import restana from 'restana';
-import * as listingStorage from '../../services/storage/listingsStorage.js';
-const service = restana();
-const analyticsRouter = service.newRouter();
-analyticsRouter.get('/:jobId', async (req, res) => {
-  const { jobId } = req.params;
-  res.body = listingStorage.getListingProviderDataForAnalytics(jobId) || {};
-  res.send();
-});
-export { analyticsRouter };

lib/api/routes/backupRouter.js

@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+import restana from 'restana';
+import {
+  buildBackupFileName,
+  createBackupZip,
+  precheckRestore,
+  restoreFromZip,
+} from '../../services/storage/backupRestoreService.js';
+
+/**
+ * Backup & Restore Admin Router
+ *
+ * Endpoints:
+ * - GET /api/admin/backup
+ *   Returns the current database as a zip download. Content-Type: application/zip
+ * - POST /api/admin/backup/restore?dryRun=true
+ *   Accepts a zip file (raw body). Returns a compatibility report, does not restore.
+ * - POST /api/admin/backup/restore?force=true|false
+ *   Accepts a zip file (raw body). Restores the database; when incompatible and force=false, returns 400.
+ */
+const service = restana();
+const backupRouter = service.newRouter();
+
+backupRouter.get('/', async (req, res) => {
+  const zipBuffer = await createBackupZip();
+  const fileName = await buildBackupFileName();
+  res.setHeader('Content-Type', 'application/zip');
+  res.setHeader('Content-Disposition', `attachment; filename="${fileName}"`);
+  res.send(zipBuffer);
+});
+
+/**
+ * Read the full request body as a Buffer. Used for raw zip uploads.
+ * @param {import('http').IncomingMessage} req
+ * @returns {Promise<Buffer>}
+ */
+function readBody(req) {
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    req.on('data', (c) => chunks.push(c));
+    req.on('end', () => resolve(Buffer.concat(chunks)));
+    req.on('error', (e) => reject(e));
+  });
+}
+
+// Upload endpoint. Accepts raw zip (Content-Type: application/zip or application/octet-stream)
+// Query parameters:
+// - dryRun=true => only validate and return compatibility info
+// - force=true  => proceed even if incompatible
+backupRouter.post('/restore', async (req, res) => {
+  const { dryRun = 'false', force = 'false' } = req.query || {};
+  const doDryRun = String(dryRun) === 'true';
+  const doForce = String(force) === 'true';
+  const body = await readBody(req);
+
+  if (doDryRun) {
+    res.body = await precheckRestore(body);
+    return res.send();
+  }
+
+  try {
+    res.body = await restoreFromZip(body, { force: doForce });
+    return res.send();
+  } catch (e) {
+    res.statusCode = 400;
+    res.body = { message: e?.message || 'Restore failed', details: e?.payload || null };
+    return res.send();
+  }
+});
+
+export { backupRouter };

lib/api/routes/dashboardRouter.js

@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+import restana from 'restana';
+import * as jobStorage from '../../services/storage/jobStorage.js';
+import * as userStorage from '../../services/storage/userStorage.js';
+import { getListingsKpisForJobIds, getProviderDistributionForJobIds } from '../../services/storage/listingsStorage.js';
+import { getSettings } from '../../services/storage/settingsStorage.js';
+
+const service = restana();
+export const dashboardRouter = service.newRouter();
+
+function isAdmin(req) {
+  const user = req.session?.currentUser ? userStorage.getUser(req.session.currentUser) : null;
+  return !!user?.isAdmin;
+}
+
+function getAccessibleJobs(req) {
+  const currentUser = req.session.currentUser;
+  const admin = isAdmin(req);
+  return jobStorage
+    .getJobs()
+    .filter((job) => admin || job.userId === currentUser || job.shared_with_user.includes(currentUser));
+}
+
+function cap(val) {
+  return String(val).charAt(0).toUpperCase() + String(val).slice(1);
+}
+
+dashboardRouter.get('/', async (req, res) => {
+  const jobs = getAccessibleJobs(req);
+  const settings = await getSettings();
+
+  // KPIs
+  const totalJobs = jobs.length;
+  const totalListings = jobs.reduce((sum, j) => sum + (j.numberOfFoundListings || 0), 0);
+  const jobIds = jobs.map((j) => j.id);
+  const { numberOfActiveListings, avgPriceOfListings } = getListingsKpisForJobIds(jobIds);
+  // Build Pie data in a simple shape the frontend can consume directly
+  // Shape: { labels: string[], values: number[] } with values as percentages
+  const providerPieRaw = getProviderDistributionForJobIds(jobIds);
+  const providerPie = Array.isArray(providerPieRaw)
+    ? {
+        labels: providerPieRaw.map((p) => cap(p.type)),
+        values: providerPieRaw.map((p) => Number(p.value) || 0),
+      }
+    : providerPieRaw && typeof providerPieRaw === 'object'
+      ? {
+          labels: Array.isArray(providerPieRaw.labels) ? providerPieRaw.labels : [],
+          values: Array.isArray(providerPieRaw.values) ? providerPieRaw.values : [],
+        }
+      : { labels: [], values: [] };
+
+  res.body = {
+    general: {
+      interval: settings.interval,
+      lastRun: settings.lastRun || null,
+      nextRun: settings.lastRun == null ? 0 : settings.lastRun + settings.interval * 60000,
+    },
+    kpis: {
+      totalJobs,
+      totalListings,
+      numberOfActiveListings,
+      avgPriceOfListings,
+    },
+    pie: providerPie,
+  };
+  res.send();
+});

lib/api/routes/demoRouter.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import { getSettings } from '../../services/storage/settingsStorage.js';
 const service = restana();

lib/api/routes/featureRouter.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import getFeatures from '../../features.js';
 const service = restana();

lib/api/routes/generalSettingsRoute.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import { getDirName } from '../../utils.js';
 import fs from 'fs';

lib/api/routes/jobRouter.js

@@ -1,10 +1,16 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import * as jobStorage from '../../services/storage/jobStorage.js';
 import * as userStorage from '../../services/storage/userStorage.js';
 import { isAdmin } from '../security.js';
 import logger from '../../services/logger.js';
 import { bus } from '../../services/events/event-bus.js';
-import { getSettings } from '../../services/storage/settingsStorage.js';
+import { isRunning as isJobRunning } from '../../services/jobs/run-state.js';
+import { addClient as addSseClient, removeClient } from '../../services/sse/sse-broker.js';
 
 const service = restana();
 const jobRouter = service.newRouter();
@@ -33,6 +39,7 @@ jobRouter.get('/', async (req, res) => {
     .map((job) => {
       return {
         ...job,
+        running: isJobRunning(job.id),
         isOnlyShared:
           !isUserAdmin &&
           job.userId !== req.session.currentUser &&
@@ -43,18 +50,113 @@ jobRouter.get('/', async (req, res) => {
   res.send();
 });
 
-jobRouter.get('/processingTimes', async (req, res) => {
-  const settings = await getSettings();
-  res.body = {
-    interval: settings.interval,
-    lastRun: settings.lastRun || null,
+jobRouter.get('/data', async (req, res) => {
+  const { page, pageSize = 50, activityFilter, sortfield = null, sortdir = 'asc', freeTextFilter } = req.query || {};
+
+  // normalize booleans
+  const toBool = (v) => {
+    if (v === true || v === 'true' || v === 1 || v === '1') return true;
+    if (v === false || v === 'false' || v === 0 || v === '0') return false;
+    return null;
   };
+  const normalizedActivity = toBool(activityFilter);
+
+  const queryResult = jobStorage.queryJobs({
+    page: page ? parseInt(page, 10) : 1,
+    pageSize: pageSize ? parseInt(pageSize, 10) : 50,
+    freeTextFilter: freeTextFilter || null,
+    activityFilter: normalizedActivity,
+    sortField: sortfield || null,
+    sortDir: sortdir === 'desc' ? 'desc' : 'asc',
+    userId: req.session.currentUser,
+    isAdmin: isAdmin(req),
+  });
+
+  const isUserAdmin = isAdmin(req);
+
+  // Map result to include runtime status
+  queryResult.result = queryResult.result.map((job) => {
+    return {
+      ...job,
+      running: isJobRunning(job.id),
+      isOnlyShared:
+        !isUserAdmin &&
+        job.userId !== req.session.currentUser &&
+        job.shared_with_user.includes(req.session.currentUser),
+    };
+  });
+
+  res.body = queryResult;
   res.send();
 });
 
+// Server-Sent Events for job status updates
+jobRouter.get('/events', async (req, res) => {
+  const userId = req.session.currentUser;
+  if (userId == null) {
+    res.send({ message: 'Unauthorized' }, 401);
+    return;
+  }
+  // SSE headers
+  res.setHeader('Content-Type', 'text/event-stream');
+  res.setHeader('Cache-Control', 'no-cache');
+  res.setHeader('Connection', 'keep-alive');
+  try {
+    // Initial comment to establish stream
+    res.write(': connected\n\n');
+    addSseClient(userId, res);
+    // Cleanup on close/aborted
+    const onClose = () => removeClient(userId, res);
+    // restana exposes original req/res; use both close and finish
+    req.on('close', onClose);
+    req.on('aborted', onClose);
+    res.on('close', onClose);
+  } catch (e) {
+    logger.error('Error establishing SSE connection', e);
+    try {
+      res.end();
+    } catch {
+      //noop
+    }
+  }
+});
+
 jobRouter.post('/startAll', async (req, res) => {
-  bus.emit('jobs:runAll');
-  res.send();
+  try {
+    const userId = req.session.currentUser;
+    // Emit only the userId; handler will decide based on admin/ownership
+    bus.emit('jobs:runAll', { userId });
+    res.send({ message: 'Run all accepted' }, 202);
+  } catch (err) {
+    logger.error('Failed to trigger startAll', err);
+    res.send({ message: 'Unexpected error' }, 500);
+  }
+});
+
+// Trigger a single job run
+jobRouter.post('/:jobId/run', async (req, res) => {
+  const { jobId } = req.params;
+  try {
+    const job = jobStorage.getJob(jobId);
+    if (!job) {
+      res.send({ message: 'Job not found' }, 404);
+      return;
+    }
+    if (!doesJobBelongsToUser(job, req)) {
+      res.send({ message: 'You are trying to run a job that is not associated to your user' }, 403);
+      return;
+    }
+    if (isJobRunning(jobId)) {
+      res.send({ message: 'Job is already running' }, 409);
+      return;
+    }
+    // fire and forget; actual execution handled by index.js listener
+    bus.emit('jobs:runOne', { jobId });
+    res.send({ message: 'Job run accepted' }, 202);
+  } catch (error) {
+    logger.error(error);
+    res.send({ message: 'Unexpected error triggering job' }, 500);
+  }
 });
 
 jobRouter.post('/', async (req, res) => {

lib/api/routes/listingsRouter.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import * as listingStorage from '../../services/storage/listingsStorage.js';
 import * as watchListStorage from '../../services/storage/watchListStorage.js';
@@ -23,10 +28,14 @@ listingsRouter.get('/table', async (req, res) => {
     freeTextFilter,
   } = req.query || {};
 
-  // normalize booleans (accept true, 'true', 1, '1')
-  const toBool = (v) => v === true || v === 'true' || v === 1 || v === '1';
-  const normalizedActivity = toBool(activityFilter) ? true : null;
-  const normalizedWatch = toBool(watchListFilter) ? true : null;
+  // normalize booleans (accept true, 'true', 1, '1' for true; false, 'false', 0, '0' for false)
+  const toBool = (v) => {
+    if (v === true || v === 'true' || v === 1 || v === '1') return true;
+    if (v === false || v === 'false' || v === 0 || v === '0') return false;
+    return null;
+  };
+  const normalizedActivity = toBool(activityFilter);
+  const normalizedWatch = toBool(watchListFilter);
 
   let jobFilter = null;
   let jobIdFilter = null;

lib/api/routes/loginRoute.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import * as userStorage from '../../services/storage/userStorage.js';
 import * as hasher from '../../services/security/hash.js';

lib/api/routes/notificationAdapterRouter.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fs from 'fs';
 import restana from 'restana';
 const service = restana();

lib/api/routes/providerRouter.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fs from 'fs';
 import restana from 'restana';
 const service = restana();

lib/api/routes/userRoute.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import * as userStorage from '../../services/storage/userStorage.js';
 import * as jobStorage from '../../services/storage/jobStorage.js';

lib/api/routes/versionRouter.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import restana from 'restana';
 import fetch from 'node-fetch';
 import { getPackageVersion } from '../../utils.js';

lib/api/security.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import * as userStorage from '../services/storage/userStorage.js';
 import cookieSession from 'cookie-session';
 import { nanoid } from 'nanoid';

lib/defaultConfig.js

@@ -1,9 +1,9 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 export const DEFAULT_CONFIG = {
-  interval: '60',
-  port: 9998,
-  workingHours: { from: '', to: '' },
-  demoMode: false,
-  analyticsEnabled: null,
   // Default path for sqlite storage directory. Interpreted relative to project root.
   sqlitepath: '/db',
 };

lib/errors.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 class ExtendableError extends Error {
   constructor(message) {
     super(message);

lib/features.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 const FEATURES = {
   WATCHLIST_MANAGEMENT: false,
 };

lib/notification/adapter/apprise.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 import { getJob } from '../../services/storage/jobStorage.js';
 import fetch from 'node-fetch';

lib/notification/adapter/console.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 
 export const send = ({ serviceName, newListings, jobKey }) => {

lib/notification/adapter/discord_webhook.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fetch from 'node-fetch';
 import { getJob } from '../../services/storage/jobStorage.js';
 import { markdown2Html } from '../../services/markdown.js';

lib/notification/adapter/http.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 
 const mapListing = (listing) => ({

lib/notification/adapter/mailJet.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import mailjet from 'node-mailjet';
 import path from 'path';
 import fs from 'fs';

lib/notification/adapter/mattermost.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 import { getJob } from '../../services/storage/jobStorage.js';
 import fetch from 'node-fetch';

lib/notification/adapter/ntfy.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 import { getJob } from '../../services/storage/jobStorage.js';
 import fetch from 'node-fetch';

lib/notification/adapter/pushover.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 import { getJob } from '../../services/storage/jobStorage.js';
 import fetch from 'node-fetch';

lib/notification/adapter/sendGrid.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import sgMail from '@sendgrid/mail';
 import { markdown2Html } from '../../services/markdown.js';
 import { normalizeImageUrl } from '../../utils.js';

lib/notification/adapter/slack.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import Slack from 'slack';
 import { markdown2Html } from '../../services/markdown.js';
 import { normalizeImageUrl } from '../../utils.js';

lib/notification/adapter/slack_with_webhooks.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fetch from 'node-fetch';
 import { markdown2Html } from '../../services/markdown.js';
 import { normalizeImageUrl } from '../../utils.js';

lib/notification/adapter/sqlite.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 import Database from 'better-sqlite3';
 import path from 'path';

lib/notification/adapter/telegram.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { markdown2Html } from '../../services/markdown.js';
 import { getJob } from '../../services/storage/jobStorage.js';
 import fetch from 'node-fetch';

lib/notification/notify.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fs from 'fs';
 const path = './adapter';
 

lib/provider/einsAImmobilien.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { buildHash, isOneOf } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 let appliedBlackList = [];

lib/provider/immobilienDe.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { buildHash, isOneOf } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 

lib/provider/immonet.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 let appliedBlackList = [];

lib/provider/immoscout.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 /**
  * ImmoScout provider using the mobile API to retrieve listings.
  *

lib/provider/immoswp.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 

lib/provider/immowelt.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { buildHash, isOneOf } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 

lib/provider/kleinanzeigen.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { buildHash, isOneOf } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 

lib/provider/mcMakler.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 let appliedBlackList = [];

lib/provider/neubauKompass.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 

lib/provider/ohneMakler.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 let appliedBlackList = [];
@@ -39,7 +44,7 @@ export const init = (sourceConfig, blacklist) => {
 
 export const metaInformation = {
   name: 'OhneMakler',
-  baseUrl: 'https://www.ohne-makler.net/immobilien',
+  baseUrl: 'https://www.ohne-makler.net',
   id: 'ohneMakler',
 };
 export { config };

lib/provider/regionalimmobilien24.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 let appliedBlackList = [];

lib/provider/sparkasse.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 let appliedBlackList = [];

lib/provider/wgGesucht.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { isOneOf, buildHash } from '../utils.js';
 import checkIfListingIsActive from '../services/listings/listingActiveTester.js';
 

lib/services/crons/demoCleanup-cron.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { removeJobsByUserId } from '../storage/jobStorage.js';
 import { getUsers } from '../storage/userStorage.js';
 import logger from '../logger.js';

lib/services/crons/listing-alive-cron.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import cron from 'node-cron';
 import runActiveChecker from '../listings/listingActiveService.js';
 

lib/services/crons/tracker-cron.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import cron from 'node-cron';
 import { inDevMode } from '../../utils.js';
 import { trackMainEvent } from '../tracking/Tracker.js';

lib/services/events/event-bus.js

@@ -1,2 +1,7 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { EventEmitter } from 'node:events';
 export const bus = new EventEmitter();

lib/services/extractor/botPrevention.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { DEFAULT_HEADER } from './utils.js';
 
 // Helper to safely coerce numbers

lib/services/extractor/extractor.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { setDebug } from './utils.js';
 import puppeteerExtractor from './puppeteerExtractor.js';
 import { loadParser, parse } from './parser/parser.js';

lib/services/extractor/parser/parser.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import * as cheerio from 'cheerio';
 import logger from '../../logger.js';
 

lib/services/extractor/puppeteerExtractor.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import puppeteer from 'puppeteer-extra';
 import StealthPlugin from 'puppeteer-extra-plugin-stealth';
 import { debug, botDetected } from './utils.js';
@@ -99,7 +104,11 @@ export default async function execute(url, waitForSelector, options) {
       result = pageSource || (await page.content());
     }
   } catch (error) {
-    logger.warn('Error executing with puppeteer executor', error);
+    if (error?.message?.includes('Timeout')) {
+      logger.debug('Error executing with puppeteer executor', error);
+    } else {
+      logger.warn('Error executing with puppeteer executor', error);
+    }
     result = null;
   } finally {
     try {

lib/services/extractor/utils.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import logger from '../logger.js';
 
 let debuggingOn = false;

lib/services/immoscout/immoscout-web-translator.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 /*
 Rent a flat
 Web:

lib/services/jobs/jobExecutionService.js

@@ -0,0 +1,187 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+import logger from '../logger.js';
+import { bus } from '../events/event-bus.js';
+import * as jobStorage from '../storage/jobStorage.js';
+import * as userStorage from '../storage/userStorage.js';
+import { getUser } from '../storage/userStorage.js';
+import { duringWorkingHoursOrNotSet } from '../../utils.js';
+import FredyPipelineExecutioner from '../../FredyPipelineExecutioner.js';
+import * as similarityCache from '../similarity-check/similarityCache.js';
+import { isRunning, markFinished, markRunning } from './run-state.js';
+import { sendToUsers } from '../sse/sse-broker.js';
+
+/**
+ * Initializes the job execution service.
+ * - Registers event-bus listeners for `jobs:runAll`, `jobs:runOne`, and `jobs:status`.
+ * - Starts the periodic scheduler (if `intervalMs` > 0) and performs an initial run respecting working hours.
+ * - Forwards job status updates to affected users via Server-Sent Events (SSE).
+ *
+ * This function is intentionally side-effectful and exposes no external API.
+ *
+ * @param {Object} deps - Dependencies required to initialize the service.
+ * @param {Array<Object>} deps.providers - Loaded provider modules. Each module must expose `metaInformation.id`, `config`, and `init(config, blacklist)`.
+ * @param {Object} deps.settings - Global settings object (read/write). Must include `demoMode`, `interval`, and working-hours attributes used by `duringWorkingHoursOrNotSet`.
+ * @param {number} deps.intervalMs - Scheduler interval in milliseconds. If not finite or <= 0, the scheduler is not started.
+ * @returns {void}
+ */
+export function initJobExecutionService({ providers, settings, intervalMs }) {
+  // Forward job status via SSE to relevant recipients
+  bus.on('jobs:status', ({ jobId, running }) => {
+    try {
+      const recipients = resolveRecipients(jobId);
+      if (recipients.length > 0) {
+        sendToUsers(recipients, 'jobStatus', { jobId, running });
+      }
+    } catch (err) {
+      logger.warn('Failed to forward job status', jobId, err);
+    }
+  });
+
+  // Listen for "run all" requests (admin = all, user = own)
+  bus.on('jobs:runAll', (payload) => {
+    const userId = payload?.userId ?? null;
+    const user = userId ? getUser(userId) : null;
+    const isAdmin = !!user?.isAdmin;
+    if (isAdmin) {
+      logger.debug('Running all jobs manually (admin request)');
+    } else if (userId) {
+      logger.debug(`Running all jobs manually for user ${userId}`);
+    } else {
+      logger.debug('Running all jobs manually (no user provided)');
+    }
+    runAll(false, { userId, isAdmin });
+  });
+
+  // Listen for single job run requests
+  bus.on('jobs:runOne', ({ jobId }) => {
+    logger.debug(`Running single job manually: ${jobId}`);
+    // fire and forget, do not block the bus
+    runSingle(jobId);
+  });
+
+  // Start scheduler and initial run
+  if (Number.isFinite(intervalMs) && intervalMs > 0) {
+    setInterval(() => runAll(true), intervalMs);
+  }
+  // start once at startup, respecting working hours
+  runAll(true);
+
+  /**
+   * Resolve all recipients who should receive SSE updates for a job.
+   * Includes job owner, users with whom the job is shared, and all admins.
+   *
+   * @param {string} jobId
+   * @returns {string[]} unique userIds
+   */
+  function resolveRecipients(jobId) {
+    const job = jobStorage.getJob(jobId);
+    if (!job) return [];
+    const admins = (userStorage.getUsers && userStorage.getUsers(false)) || [];
+    const adminIds = admins.filter((u) => u.isAdmin).map((u) => u.id);
+    const shared = Array.isArray(job.shared_with_user) ? job.shared_with_user : [];
+    const recipients = [job.userId, ...shared, ...adminIds].filter(Boolean);
+    return Array.from(new Set(recipients));
+  }
+
+  /**
+   * Execute all enabled jobs, optionally filtering by context (admin/owner) and respecting working hours.
+   *
+   * @param {boolean} [respectWorkingHours=true] - If true, skip execution when outside configured working hours.
+   * @param {{userId?: string, isAdmin?: boolean}} [context] - Who requested the run; determines job filtering.
+   * @returns {void}
+   */
+  function runAll(respectWorkingHours = true, context = undefined) {
+    if (settings.demoMode) return;
+    const now = Date.now();
+    const withinHours = duringWorkingHoursOrNotSet(settings, now);
+    if (respectWorkingHours && !withinHours) {
+      logger.debug('Working hours set. Skipping as outside of working hours.');
+      return;
+    }
+    settings.lastRun = now;
+    jobStorage
+      .getJobs()
+      .filter((job) => job.enabled)
+      .filter((job) => {
+        if (!context) return true; // startup/cron → all
+        if (context.isAdmin) return true; // admin → all
+        return context.userId ? job.userId === context.userId : false; // user → own
+      })
+      .forEach((job) => executeJob(job));
+  }
+
+  /**
+   * Execute a single job by id.
+   * Manual runs are allowed even if the job is disabled, but never duplicated when already running.
+   *
+   * @param {string} jobId
+   * @returns {Promise<void>}
+   */
+  async function runSingle(jobId) {
+    if (settings.demoMode) return;
+    const job = jobStorage.getJob(jobId);
+    if (!job) return;
+    // allow manual run even if disabled; keep guard to avoid duplicates
+    await executeJob(job);
+  }
+
+  /**
+   * Executes one job across all of its configured providers.
+   * Emits SSE start/finish events via the bus and ensures the run-state guard is always cleared.
+   * Provider errors are surfaced via logging but do not abort other providers.
+   *
+   * @param {Object} job
+   * @param {string} job.id
+   * @param {Array<{id:string}>} job.provider
+   * @param {Array<string>} [job.blacklist]
+   * @param {*} job.notificationAdapter
+   * @returns {Promise<void>}
+   */
+  async function executeJob(job) {
+    if (isRunning(job.id)) {
+      logger.debug(`Job ${job.id} is already running. Skipping.`);
+      return;
+    }
+    const acquired = markRunning(job.id);
+    if (!acquired) return;
+    // notify listeners (SSE) that the job started
+    try {
+      bus.emit('jobs:status', { jobId: job.id, running: true });
+    } catch (err) {
+      logger.warn('Failed to emit start status for job', job.id, err);
+    }
+    try {
+      const jobProviders = job.provider.filter(
+        (p) => providers.find((loaded) => loaded.metaInformation.id === p.id) != null,
+      );
+      const executions = jobProviders.map(async (prov) => {
+        const matchedProvider = providers.find((loaded) => loaded.metaInformation.id === prov.id);
+        matchedProvider.init(prov, job.blacklist);
+        await new FredyPipelineExecutioner(
+          matchedProvider.config,
+          job.notificationAdapter,
+          prov.id,
+          job.id,
+          similarityCache,
+        ).execute();
+      });
+      const results = await Promise.allSettled(executions);
+      for (const r of results) {
+        if (r.status === 'rejected') {
+          logger.error(r.reason);
+        }
+      }
+    } finally {
+      markFinished(job.id);
+      try {
+        bus.emit('jobs:status', { jobId: job.id, running: false });
+      } catch (err) {
+        logger.warn('Failed to emit finish status for job', job.id, err);
+      }
+    }
+  }
+}

lib/services/jobs/run-state.js

@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+/**
+ * Simple in-memory running state registry for jobs.
+ * Prevents concurrent execution of the same job within a single process.
+ * This registry is reset on process restart.
+ * @type {Set<string>}
+ */
+const running = new Set();
+
+/**
+ * Check if a job is currently marked as running.
+ * @param {string} jobId
+ * @returns {boolean}
+ */
+export function isRunning(jobId) {
+  return running.has(jobId);
+}
+
+/**
+ * Try to mark a job as running.
+ * If it was already running, returns false and does not modify the set.
+ * @param {string} jobId
+ * @returns {boolean} true if the job was successfully marked as running
+ */
+export function markRunning(jobId) {
+  if (running.has(jobId)) return false;
+  running.add(jobId);
+  return true;
+}
+
+/**
+ * Mark a job as finished (remove from the running registry).
+ * @param {string} jobId
+ * @returns {void}
+ */
+export function markFinished(jobId) {
+  running.delete(jobId);
+}

lib/services/listings/listingActiveService.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { deactivateListings, getActiveOrUnknownListings } from '../storage/listingsStorage.js';
 import { getProviders } from '../../utils.js';
 import logger from '../../services/logger.js';

lib/services/listings/listingActiveTester.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fetch from 'node-fetch';
 import { randomBetween, sleep } from '../../utils.js';
 

lib/services/logger.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 const COLORS = {
   debug: '\x1b[36m',
   info: '\x1b[32m',

lib/services/markdown.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fs from 'fs';
 export function markdown2Html(filePath) {
   return fs.readFileSync(filePath, 'utf8');

lib/services/queryStringMutator.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import queryString from 'query-string';
 export default (_url, sortByDateParam) => {
   //if no mutation is necessary, just return the original url

lib/services/security/hash.js

@@ -1,2 +1,7 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import crypto from 'crypto';
 export const hash = (x) => crypto.createHash('sha256').update(x, 'utf8').digest('hex');

lib/services/similarity-check/similarityCache.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 /**
  * Similarity cache
  *

lib/services/sse/sse-broker.js

@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+/**
+ * In-memory SSE client registry.
+ * Maps a userId to a Set of Node.js ServerResponse objects representing open streams.
+ * @type {Map<string, Set<import('http').ServerResponse>>}
+ */
+const clients = new Map(); // Map<userId, Set<ServerResponse>>
+
+/**
+ * Write a single SSE event frame to a response.
+ *
+ * @param {import('http').ServerResponse} res - The open SSE HTTP response.
+ * @param {string} [event] - Optional event name (sent as `event:`). If omitted, a generic message is sent.
+ * @param {any} [data] - Optional payload. Objects are JSON.stringified.
+ * @returns {void}
+ */
+function writeEvent(res, event, data) {
+  try {
+    if (event) {
+      res.write(`event: ${event}\n`);
+    }
+    if (data !== undefined) {
+      const payload = typeof data === 'string' ? data : JSON.stringify(data);
+      res.write(`data: ${payload}\n`);
+    }
+    res.write('\n');
+  } catch {
+    // ignore write errors here; cleanup happens on close
+  }
+}
+
+/**
+ * Register a new SSE client for the given user.
+ *
+ * @param {string} userId
+ * @param {import('http').ServerResponse} res
+ * @returns {void}
+ */
+export function addClient(userId, res) {
+  let set = clients.get(userId);
+  if (!set) {
+    set = new Set();
+    clients.set(userId, set);
+  }
+  set.add(res);
+  // send a hello event
+  writeEvent(res, 'hello', { ok: true });
+}
+
+/**
+ * Unregister a specific SSE client for a user. Removes the user entry when empty.
+ *
+ * @param {string} userId
+ * @param {import('http').ServerResponse} res
+ * @returns {void}
+ */
+export function removeClient(userId, res) {
+  const set = clients.get(userId);
+  if (!set) return;
+  set.delete(res);
+  if (set.size === 0) clients.delete(userId);
+}
+
+/**
+ * Send an SSE event to all open connections of a user.
+ *
+ * @param {string} userId
+ * @param {string} event
+ * @param {any} data
+ * @returns {void}
+ */
+export function sendToUser(userId, event, data) {
+  const set = clients.get(userId);
+  if (!set) return;
+  for (const res of set) {
+    writeEvent(res, event, data);
+  }
+}
+
+/**
+ * Broadcast an SSE event to multiple users (unique by id).
+ *
+ * @param {string[]} userIds
+ * @param {string} event
+ * @param {any} data
+ * @returns {void}
+ */
+export function sendToUsers(userIds, event, data) {
+  const unique = Array.from(new Set(userIds));
+  unique.forEach((id) => sendToUser(id, event, data));
+}
+
+// Heartbeat to keep connections alive on proxies (every 25s)
+setInterval(() => {
+  for (const set of clients.values()) {
+    for (const res of set) {
+      try {
+        res.write(`: ping ${Date.now()}\n\n`);
+      } catch {
+        // ignore
+      }
+    }
+  }
+}, 25000);

lib/services/storage/SqliteConnection.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import fs from 'fs';
 import path from 'path';
 import Database from 'better-sqlite3';
@@ -150,3 +155,21 @@ class SqliteConnection {
 }
 
 export default SqliteConnection;
+
+// Centralized DB path computation to avoid duplication across modules
+// Returns: { dir, dbPath }
+/**
+ * Compute the absolute SQLite database directory and file path based on configuration.
+ * Ensures the directory exists on disk.
+ * @returns {Promise<{dir:string, dbPath:string}>} Absolute directory and database file path.
+ */
+export async function computeDbPath() {
+  const cfg = await readConfigFromStorage();
+  const rawDir = cfg?.sqlitepath && cfg.sqlitepath.length > 0 ? cfg.sqlitepath : '/db';
+  const relDir = rawDir.startsWith('/') ? rawDir.slice(1) : rawDir;
+  const absDir = path.isAbsolute(relDir) ? relDir : path.join(process.cwd(), relDir);
+  const dbPath = path.join(absDir, 'listings.db');
+  const dir = path.dirname(dbPath);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  return { dir: absDir, dbPath };
+}

lib/services/storage/backupRestoreService.js

@@ -0,0 +1,320 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+import SqliteConnection, { computeDbPath } from './SqliteConnection.js';
+import logger from '../../services/logger.js';
+import { getPackageVersion } from '../../utils.js';
+import { runMigrations, listMigrationFiles } from './migrations/migrate.js';
+
+/**
+ * Lazily resolve and cache the AdmZip constructor via dynamic import.
+ * This keeps startup costs low and avoids ESM/CJS interop pitfalls.
+ * @returns {Promise<any>} AdmZip constructor (class)
+ */
+let _AdmZipSingleton = null;
+async function getAdmZip() {
+  if (_AdmZipSingleton) return _AdmZipSingleton;
+  // Allow tests to provide a mock constructor without ESM loader intricacies
+  if (globalThis && globalThis.__TEST_ADM_ZIP__) {
+    _AdmZipSingleton = globalThis.__TEST_ADM_ZIP__;
+    return _AdmZipSingleton;
+  }
+  const mod = await import('adm-zip');
+  _AdmZipSingleton = (mod && mod.default) || mod;
+  return _AdmZipSingleton;
+}
+
+/**
+ * Extract numeric migration id from a migration file name like "12.add-users.js".
+ * @param {string} name
+ * @returns {number} Parsed id or 0 when not parsable
+ */
+function parseMigrationIdFromName(name) {
+  if (typeof name !== 'string') return 0;
+  const m = name.match(/^(\d+)\./);
+  return m ? parseInt(m[1], 10) : 0;
+}
+
+/**
+ * Read the highest migration id from available migration files.
+ * @returns {number} Highest migration id from files, or 0 when none.
+ */
+function getLatestMigrationIdFromFiles() {
+  try {
+    const files = listMigrationFiles();
+    const ids = files.map((f) => f.id);
+    return ids.length > 0 ? Math.max(...ids) : 0;
+  } catch (e) {
+    logger.warn('Failed to scan migrations directory:', e.message);
+    return 0;
+  }
+}
+
+/**
+ * Inspect the current database and return the highest applied migration id.
+ * @returns {number} Max id from schema_migrations, or 0 when table/rows are missing.
+ */
+function getCurrentDbMigration() {
+  try {
+    const exists = SqliteConnection.tableExists('schema_migrations');
+    if (!exists) return 0;
+    const rows = SqliteConnection.query('SELECT name FROM schema_migrations');
+    if (!rows || rows.length === 0) return 0;
+    return rows.reduce((max, r) => Math.max(max, parseMigrationIdFromName(r.name)), 0);
+  } catch (e) {
+    logger.warn('Failed to read current DB migration:', e.message);
+    return 0;
+  }
+}
+
+/**
+ * Create a consistent SQLite snapshot using the native backup API into a temp folder.
+ * @returns {Promise<{tempDir:string, backupPath:string}>}
+ */
+async function createTempBackupFile() {
+  const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'fredy-db-'));
+  const backupPath = path.join(tempDir, 'listings.db');
+  // Ensure connection is open and create a consistent snapshot
+  const db = SqliteConnection.getConnection();
+  await db.backup(backupPath);
+  return { tempDir, backupPath };
+}
+
+/**
+ * Build a zip buffer that contains the DB snapshot and metadata marker.
+ * Files:
+ * - listings.db
+ * - fredy-backup.json { formatVersion, createdAt, dbMigration, fredyVersion }
+ * @returns {Promise<Buffer>}
+ */
+async function buildBackupZipBuffer() {
+  const { backupPath, tempDir } = await createTempBackupFile();
+  try {
+    const AdmZip = await getAdmZip();
+    const zip = new AdmZip();
+    const meta = {
+      formatVersion: 1,
+      createdAt: new Date().toISOString(),
+      dbMigration: getCurrentDbMigration(),
+      fredyVersion: await getPackageVersion(),
+    };
+    // add files
+    zip.addLocalFile(backupPath, '', 'listings.db');
+    zip.addFile('fredy-backup.json', Buffer.from(JSON.stringify(meta, null, 2), 'utf-8'));
+    return zip.toBuffer();
+  } finally {
+    // cleanup temp
+    try {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    } catch (e) {
+      logger.debug('Failed to cleanup temp backup dir:', e.message);
+    }
+  }
+}
+
+/**
+ * Read and parse the metadata file from a backup zip buffer.
+ * @param {Buffer} zipBuffer
+ * @returns {Promise<any|null>} Parsed JSON or null when missing/invalid.
+ */
+async function readMetadataFromZip(zipBuffer) {
+  const AdmZip = await getAdmZip();
+  const zip = new AdmZip(zipBuffer);
+  const entry = zip.getEntry('fredy-backup.json');
+  if (!entry) return null;
+  try {
+    const txt = entry.getData().toString('utf-8');
+    return JSON.parse(txt);
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Check if a backup zip contains a listings.db entry.
+ * @param {Buffer} zipBuffer
+ * @returns {Promise<boolean>}
+ */
+async function hasListingsDbInZip(zipBuffer) {
+  const AdmZip = await getAdmZip();
+  const zip = new AdmZip(zipBuffer);
+  return zip.getEntry('listings.db') != null || zip.getEntries().some((e) => /listings\.db$/i.test(e.entryName));
+}
+
+/**
+ * Extract the listings.db from a backup zip buffer to a temp directory.
+ * @param {Buffer} zipBuffer
+ * @returns {Promise<{tempDir:string, dbPath:string}>}
+ */
+async function extractListingsDbToTemp(zipBuffer) {
+  const AdmZip = await getAdmZip();
+  const zip = new AdmZip(zipBuffer);
+  const entry = zip.getEntry('listings.db') || zip.getEntries().find((e) => /listings\.db$/i.test(e.entryName));
+  if (!entry) throw new Error('Backup zip does not contain listings.db');
+  const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'fredy-restore-'));
+  const outPath = path.join(tempDir, 'listings.db');
+  fs.writeFileSync(outPath, entry.getData());
+  return { tempDir, dbPath: outPath };
+}
+
+/**
+ * Public: Create a backup zip buffer ready for download.
+ * @returns {Promise<Buffer>}
+ */
+export async function createBackupZip() {
+  return buildBackupZipBuffer();
+}
+
+/**
+ * Analyze a backup zip for compatibility with the current codebase.
+ * - Missing DB yields danger.
+ * - Newer backup migration than required yields danger.
+ * - Older backup yields warning but is considered compatible (auto-migrate).
+ * - Equal version yields info.
+ * @param {Buffer} zipBuffer
+ * @returns {Promise<{compatible:boolean,severity:'danger'|'warning'|'info',message:string,backupMigration:number|null,requiredMigration:number,fredyVersion?:string|null}>>}
+ */
+export async function precheckRestore(zipBuffer) {
+  if (!zipBuffer || zipBuffer.length === 0) {
+    return {
+      compatible: false,
+      severity: 'danger',
+      message: 'Empty upload',
+      backupMigration: null,
+      requiredMigration: getLatestMigrationIdFromFiles(),
+    };
+  }
+  if (!(await hasListingsDbInZip(zipBuffer))) {
+    return {
+      compatible: false,
+      severity: 'danger',
+      message: 'Zip file is missing the database file (listings.db).',
+      backupMigration: null,
+      requiredMigration: getLatestMigrationIdFromFiles(),
+    };
+  }
+  const meta = await readMetadataFromZip(zipBuffer);
+  const requiredMigration = getLatestMigrationIdFromFiles();
+  const backupMigration = meta?.dbMigration ?? null;
+  const fredyVersion = meta?.fredyVersion ?? null;
+
+  if (backupMigration == null) {
+    return {
+      compatible: false,
+      severity: 'danger',
+      message:
+        'Backup metadata is missing the migration marker. Cannot validate compatibility. It is NOT advised to continue!',
+      backupMigration,
+      requiredMigration,
+      fredyVersion,
+    };
+  }
+
+  if (backupMigration > requiredMigration) {
+    return {
+      compatible: false,
+      severity: 'danger',
+      message:
+        'Backup schema is newer than this Fredy version. Please upgrade Fredy to a version that supports this backup or proceed at your own risk.',
+      backupMigration,
+      requiredMigration,
+      fredyVersion,
+    };
+  }
+
+  if (backupMigration < requiredMigration) {
+    return {
+      compatible: true,
+      severity: 'warning',
+      message:
+        'Backup contains an older database schema than this Fredy version requires. We will apply automatic migrations right after the restore to upgrade the database.',
+      backupMigration,
+      requiredMigration,
+      fredyVersion,
+    };
+  }
+
+  return {
+    compatible: true,
+    severity: 'info',
+    message: 'Backup is compatible with the current Fredy version.',
+    backupMigration,
+    requiredMigration,
+    fredyVersion,
+  };
+}
+
+/**
+ * Perform a restore from a validated backup zip.
+ * - Optionally forces restore when incompatible.
+ * - Replaces the on-disk DB and runs migrations when needed.
+ * @param {Buffer} zipBuffer
+ * @param {{force?:boolean}} [opts]
+ * @returns {Promise<{restored:true,warning:string|null,details:any}>}
+ * @throws Error with code 'INCOMPATIBLE' when not forced and incompatible
+ */
+export async function restoreFromZip(zipBuffer, { force = false } = {}) {
+  const check = await precheckRestore(zipBuffer);
+  if (!check.compatible && !force) {
+    const err = new Error(check.message || 'Backup is incompatible');
+    err.code = 'INCOMPATIBLE';
+    err.payload = check;
+    throw err;
+  }
+
+  const { dbPath } = await computeDbPath();
+  const { tempDir, dbPath: tempDbPath } = await extractListingsDbToTemp(zipBuffer);
+
+  try {
+    // Close existing connection to allow file replacement
+    SqliteConnection.close();
+
+    // Backup existing DB file
+    try {
+      if (fs.existsSync(dbPath)) {
+        const backupName = `${dbPath}.bak-${Date.now()}`;
+        fs.copyFileSync(dbPath, backupName);
+      }
+    } catch (e) {
+      logger.warn('Failed to create on-disk backup copy of current DB:', e.message);
+    }
+
+    // Replace DB with the one from the zip
+    fs.copyFileSync(tempDbPath, dbPath);
+
+    // Re-run migrations when needed
+    if (check.backupMigration < check.requiredMigration) {
+      await runMigrations();
+    } else {
+      // Ensure we can re-open the DB
+      SqliteConnection.getConnection();
+    }
+  } finally {
+    try {
+      fs.rmSync(tempDir, { recursive: true, force: true });
+    } catch (e) {
+      logger.debug('Failed to cleanup temp restore dir:', e.message);
+    }
+  }
+
+  return { restored: true, warning: check.severity !== 'info' ? check.message : null, details: check };
+}
+
+/**
+ * Build the backup file name with current date and Fredy version.
+ * Pattern: YYYY-MM-DD-FredyBackup-{version}.zip
+ * @returns {Promise<string>}
+ */
+export async function buildBackupFileName() {
+  const dt = new Date();
+  const yyyy = dt.getFullYear();
+  const mm = String(dt.getMonth() + 1).padStart(2, '0');
+  const dd = String(dt.getDate()).padStart(2, '0');
+  const version = await getPackageVersion();
+  return `${yyyy}-${mm}-${dd}-FredyBackup-${version}.zip`.replaceAll(' ', '');
+}

lib/services/storage/jobStorage.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { nanoid } from 'nanoid';
 import SqliteConnection from './SqliteConnection.js';
 import logger from '../logger.js';
@@ -80,6 +85,7 @@ export const getJob = (jobId) => {
             j.name,
             j.blacklist,
             j.provider,
+            j.shared_with_user,
             j.notification_adapter AS notificationAdapter,
             (SELECT COUNT(1) FROM listings l WHERE l.job_id = j.id) AS numberOfFoundListings
        FROM jobs j
@@ -93,6 +99,7 @@ export const getJob = (jobId) => {
     enabled: !!row.enabled,
     blacklist: fromJson(row.blacklist, []),
     provider: fromJson(row.provider, []),
+    shared_with_user: fromJson(row.shared_with_user, []),
     notificationAdapter: fromJson(row.notificationAdapter, []),
   };
 };
@@ -156,3 +163,109 @@ export const getJobs = () => {
     notificationAdapter: fromJson(row.notificationAdapter, []),
   }));
 };
+
+/**
+ * Query jobs with pagination, filtering and sorting.
+ *
+ * @param {Object} params
+ * @param {number} [params.pageSize=50]
+ * @param {number} [params.page=1]
+ * @param {string} [params.freeTextFilter]
+ * @param {object} [params.activityFilter]
+ * @param {string|null} [params.sortField=null]
+ * @param {('asc'|'desc')} [params.sortDir='asc']
+ * @param {string} [params.userId] - Current user id used to scope jobs (ignored for admins).
+ * @param {boolean} [params.isAdmin=false] - When true, returns all jobs.
+ * @returns {{ totalNumber:number, page:number, result:Object[] }}
+ */
+export const queryJobs = ({
+  pageSize = 50,
+  page = 1,
+  activityFilter,
+  freeTextFilter,
+  sortField = null,
+  sortDir = 'asc',
+  userId = null,
+  isAdmin = false,
+} = {}) => {
+  // sanitize inputs
+  const safePageSize = Number.isFinite(pageSize) && pageSize > 0 ? Math.min(500, Math.floor(pageSize)) : 50;
+  const safePage = Number.isFinite(page) && page > 0 ? Math.floor(page) : 1;
+  const offset = (safePage - 1) * safePageSize;
+
+  // build WHERE filter
+  const whereParts = [];
+  const params = { limit: safePageSize, offset };
+  params.userId = userId || '__NO_USER__';
+
+  if (!isAdmin) {
+    whereParts.push(
+      `(j.user_id = @userId OR EXISTS (SELECT 1 FROM json_each(j.shared_with_user) AS sw WHERE sw.value = @userId))`,
+    );
+  }
+
+  if (freeTextFilter && String(freeTextFilter).trim().length > 0) {
+    params.filter = `%${String(freeTextFilter).trim()}%`;
+    whereParts.push(`(j.name LIKE @filter)`);
+  }
+
+  if (activityFilter === true) {
+    whereParts.push('(j.enabled = 1)');
+  } else if (activityFilter === false) {
+    whereParts.push('(j.enabled = 0)');
+  }
+
+  const whereSql = whereParts.length ? `WHERE ${whereParts.join(' AND ')}` : '';
+
+  // whitelist sortable fields
+  const sortable = new Set(['name', 'numberOfFoundListings', 'enabled']);
+  const safeSortField = sortField && sortable.has(sortField) ? sortField : null;
+  const safeSortDir = String(sortDir).toLowerCase() === 'desc' ? 'DESC' : 'ASC';
+
+  let orderSql = 'ORDER BY j.name IS NULL, j.name ASC';
+  if (safeSortField) {
+    if (safeSortField === 'numberOfFoundListings') {
+      orderSql = `ORDER BY numberOfFoundListings ${safeSortDir}`;
+    } else {
+      orderSql = `ORDER BY j.${safeSortField} ${safeSortDir}`;
+    }
+  }
+
+  // count total
+  const countRow = SqliteConnection.query(
+    `SELECT COUNT(1) as cnt
+     FROM jobs j
+       ${whereSql}`,
+    params,
+  );
+  const totalNumber = countRow?.[0]?.cnt ?? 0;
+
+  // fetch page
+  const rows = SqliteConnection.query(
+    `SELECT j.id,
+            j.user_id AS userId,
+            j.enabled,
+            j.name,
+            j.blacklist,
+            j.provider,
+            j.shared_with_user,
+            j.notification_adapter AS notificationAdapter,
+            (SELECT COUNT(1) FROM listings l WHERE l.job_id = j.id) AS numberOfFoundListings
+     FROM jobs j
+       ${whereSql}
+         ${orderSql}
+     LIMIT @limit OFFSET @offset`,
+    params,
+  );
+
+  const result = rows.map((row) => ({
+    ...row,
+    enabled: !!row.enabled,
+    blacklist: fromJson(row.blacklist, []),
+    provider: fromJson(row.provider, []),
+    shared_with_user: fromJson(row.shared_with_user, []),
+    notificationAdapter: fromJson(row.notificationAdapter, []),
+  }));
+
+  return { totalNumber, page: safePage, result };
+};

lib/services/storage/listingsStorage.js

@@ -1,41 +1,12 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { nullOrEmpty } from '../../utils.js';
 import SqliteConnection from './SqliteConnection.js';
 import { nanoid } from 'nanoid';
 
-/**
- * Build analytics data for a given job by grouping all listings by provider and
- * mapping each listing hash to its creation timestamp.
- *
- * SQL shape:
- * SELECT json_group_object(provider, json_object(hash, created_at)) AS result
- * FROM listings WHERE job_id = @jobId;
- *
- * The resulting object has the shape:
- * {
- *   providerA: { "<hash1>": <created_at_ms>, "<hash2>": <created_at_ms>, ... },
- *   providerB: { ... }
- * }
- *
- * @param {string} jobId - ID of the job whose listings should be aggregated.
- * @returns {Record<string, Record<string, number>>} Object grouped by provider mapping listing-hash -> created_at epoch ms.
- */
-export const getListingProviderDataForAnalytics = (jobId) => {
-  const row = SqliteConnection.query(
-    `SELECT COALESCE(
-              json_group_object(provider, json(provider_map)),
-              json('{}')
-            ) AS result
-     FROM (SELECT provider,
-                  json_group_object(hash, created_at) AS provider_map
-           FROM listings
-           WHERE job_id = @jobId
-           GROUP BY provider);`,
-    { jobId },
-  );
-
-  return row?.length > 0 ? JSON.parse(row[0].result) : {};
-};
-
 /**
  * Return a list of known listing hashes for a given job and provider.
  * Useful to de-duplicate before inserting new listings.
@@ -54,6 +25,89 @@ export const getKnownListingHashesForJobAndProvider = (jobId, providerId) => {
   ).map((r) => r.hash);
 };
 
+/**
+ * Compute KPI aggregates for a given set of job IDs from the listings table.
+ *
+ * - numberOfActiveListings: count of listings where is_active = 1
+ * - avgPriceOfListings: average of numeric price, rounded to nearest integer
+ *
+ * When no jobIds are provided, returns zeros.
+ *
+ * @param {string[]} jobIds
+ * @returns {{ numberOfActiveListings: number, avgPriceOfListings: number }}
+ */
+export const getListingsKpisForJobIds = (jobIds = []) => {
+  if (!Array.isArray(jobIds) || jobIds.length === 0) {
+    return { numberOfActiveListings: 0, avgPriceOfListings: 0 };
+  }
+
+  const placeholders = jobIds.map(() => '?').join(',');
+  const row =
+    SqliteConnection.query(
+      `SELECT
+          SUM(CASE WHEN is_active = 1 THEN 1 ELSE 0 END) AS activeCount,
+          AVG(price) AS avgPrice
+       FROM listings
+       WHERE job_id IN (${placeholders})`,
+      jobIds,
+    )[0] || {};
+
+  return {
+    numberOfActiveListings: Number(row.activeCount || 0),
+    avgPriceOfListings: row?.avgPrice == null ? 0 : Math.round(Number(row.avgPrice)),
+  };
+};
+
+/**
+ * Compute distribution of listings by provider for the given set of job IDs.
+ * Returns data ready for the pie chart component with fields `type` and `value` (percentage).
+ *
+ * Example return:
+ * [ { type: 'immoscout', value: 62 }, { type: 'immowelt', value: 38 } ]
+ *
+ * When no jobIds are provided or no listings exist, returns empty array.
+ *
+ * @param {string[]} jobIds
+ * @returns {{ type: string, value: number }[]}
+ */
+export const getProviderDistributionForJobIds = (jobIds = []) => {
+  if (!Array.isArray(jobIds) || jobIds.length === 0) {
+    return [];
+  }
+
+  const placeholders = jobIds.map(() => '?').join(',');
+  const rows = SqliteConnection.query(
+    `SELECT provider, COUNT(*) AS cnt
+     FROM listings
+     WHERE job_id IN (${placeholders})
+     GROUP BY provider
+     ORDER BY cnt DESC`,
+    jobIds,
+  );
+
+  const total = rows.reduce((acc, r) => acc + Number(r.cnt || 0), 0);
+  if (total === 0) return [];
+
+  // Map counts to integer percentage values (0-100). Ensure sum is ~100 by rounding.
+  const percentages = rows.map((r) => ({
+    type: r.provider,
+    value: Math.round((Number(r.cnt) / total) * 100),
+  }));
+
+  // Adjust rounding drift to keep sum at 100 (optional minor correction)
+  const drift = 100 - percentages.reduce((s, p) => s + p.value, 0);
+  if (drift !== 0 && percentages.length > 0) {
+    // apply drift to the largest slice to keep UX simple
+    let maxIdx = 0;
+    for (let i = 1; i < percentages.length; i++) {
+      if (percentages[i].value > percentages[maxIdx].value) maxIdx = i;
+    }
+    percentages[maxIdx].value = Math.max(0, percentages[maxIdx].value + drift);
+  }
+
+  return percentages;
+};
+
 /**
  * Return a list of listing that either are active or have an unknown status
  * to constantly check if they are still online
@@ -223,9 +277,11 @@ export const queryListings = ({
     params.filter = `%${String(freeTextFilter).trim()}%`;
     whereParts.push(`(title LIKE @filter OR address LIKE @filter OR provider LIKE @filter OR link LIKE @filter)`);
   }
-  // activityFilter: when true -> only active listings (is_active = 1)
+  // activityFilter: when true -> only active listings (is_active = 1), false -> only inactive
   if (activityFilter === true) {
     whereParts.push('(is_active = 1)');
+  } else if (activityFilter === false) {
+    whereParts.push('(is_active = 0)');
   }
   // Prefer filtering by job id when provided (unambiguous and robust)
   if (jobIdFilter && String(jobIdFilter).trim().length > 0) {
@@ -241,9 +297,11 @@ export const queryListings = ({
     params.providerName = String(providerFilter).trim();
     whereParts.push('(provider = @providerName)');
   }
-  // watchListFilter: when true -> only watched listings
+  // watchListFilter: when true -> only watched listings, false -> only unwatched
   if (watchListFilter === true) {
     whereParts.push('(wl.id IS NOT NULL)');
+  } else if (watchListFilter === false) {
+    whereParts.push('(wl.id IS NULL)');
   }
 
   const whereSql = whereParts.length ? `WHERE ${whereParts.join(' AND ')}` : '';

lib/services/storage/migrations/migrate.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 /**
  * Migration Runner for better-sqlite3
  * I know there are external libs out there, but
@@ -30,7 +35,11 @@ import SqliteConnection from '../SqliteConnection.js';
 import logger from '../../logger.js';
 
 const ROOT = path.resolve('.');
-const MIGRATIONS_DIR = path.join(ROOT, 'lib', 'services', 'storage', 'migrations', 'sql');
+/**
+ * Absolute path to the migrations directory (lib/services/storage/migrations/sql).
+ * @type {string}
+ */
+export const MIGRATIONS_DIR = path.join(ROOT, 'lib', 'services', 'storage', 'migrations', 'sql');
 
 /**
  * Ensures that the given directory exists, creating it recursively if needed.
@@ -45,7 +54,7 @@ function ensureDir(p) {
  * Migration files must follow the format: <number>.<label>.js
  * @returns {Array<{id:number, name:string, label:string, path:string}>}
  */
-function listMigrationFiles() {
+export function listMigrationFiles() {
   ensureDir(MIGRATIONS_DIR);
   return fs
     .readdirSync(MIGRATIONS_DIR)

lib/services/storage/migrations/sql/0.init.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Initial migration: creates schema_migrations table used by the migration runner.
 //
 export function up(db) {

lib/services/storage/migrations/sql/1.create-fredy-base-structure.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: Create fredy's base structure (users, jobs and listings) import initial
 // data from JSON files if present. (This applies only for jobs and users, for the old jobListingData,
 // I cannot migrate the data as the new format is totally different.

lib/services/storage/migrations/sql/2.active-flag-for-listings.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: there needs to be a unique index on job_id and hash as only
 // this makes the listing indeed unique
 

lib/services/storage/migrations/sql/2.new-indexes-for-listings.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: there needs to be a unique index on job_id and hash as only
 // this makes the listing indeed unique
 

lib/services/storage/migrations/sql/3.changeset-for-listings.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: Adding a changeset field to the listings table in preparation for
 // a price watch feature
 

lib/services/storage/migrations/sql/4.watch-list.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: Adding a new table to store if somebody "watches" (a.k.a favorite) a listing
 
 export function up(db) {

lib/services/storage/migrations/sql/5.job-sharing.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: Adding a new table to store if somebody shared a job with someone
 
 export function up(db) {

lib/services/storage/migrations/sql/6.settings.js

@@ -1,8 +1,15 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 // Migration: Adding a settings table to store important (config) settings instead of using config file
 import fs from 'fs';
 import path from 'path';
 import { nanoid } from 'nanoid';
 import logger from '../../../logger.js';
+import { DEFAULT_CONFIG } from '../../../../defaultConfig.js';
+import { getDirName } from '../../../../utils.js';
 
 export function up(db) {
   db.exec(`
@@ -67,6 +74,10 @@ export function up(db) {
       'analyticsEnabled',
       config.analyticsEnabled != null ? config.analyticsEnabled : defaults.analyticsEnabled,
     );
+
+    //now making sure only sqlite path remains in the config
+    const sqlitepath = config.sqlitepath || DEFAULT_CONFIG.sqlitepath;
+    fs.writeFileSync(`${getDirName()}/../conf/config.json`, JSON.stringify({ sqlitepath }));
   } catch (e) {
     logger.error(e);
   }

lib/services/storage/settingsStorage.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { nanoid } from 'nanoid';
 import SqliteConnection from './SqliteConnection.js';
 import { fromJson, readConfigFromStorage, toJson } from '../../utils.js';
@@ -22,8 +27,8 @@ function compileSettings(rows, configValues) {
     config[r.name] = parsed && typeof parsed === 'object' && 'value' in parsed ? parsed.value : parsed;
   }
   return {
-    ...config,
     ...configValues,
+    ...config,
   };
 }
 

lib/services/storage/userStorage.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import * as hasher from '../security/hash.js';
 import { nanoid } from 'nanoid';
 import SqliteConnection from './SqliteConnection.js';

lib/services/storage/watchListStorage.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import SqliteConnection from './SqliteConnection.js';
 import { nanoid } from 'nanoid';
 

lib/services/tracking/Tracker.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { getJobs } from '../storage/jobStorage.js';
 import { getUniqueId } from './uniqueId.js';
 import { getPackageVersion, inDevMode } from '../../utils.js';

lib/services/tracking/uniqueId.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { hostname, arch, cpus, platform } from 'os';
 import { createHash } from 'crypto';
 

lib/utils.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { dirname } from 'node:path';
 import path from 'node:path';
 import { fileURLToPath, pathToFileURL } from 'node:url';

package.json

@@ -1,6 +1,6 @@
 {
   "name": "fredy",
-  "version": "15.0.0",
+  "version": "17.0.2",
   "description": "[F]ind [R]eal [E]states [d]amn eas[y].",
   "scripts": {
     "prepare": "husky",
@@ -12,17 +12,19 @@
     "format": "prettier --write \"**/*.js\"",
     "format:check": "prettier --check \"**/*.js\"",
     "test": "node --import ./test/esmock-loader.mjs ./node_modules/mocha/bin/mocha.js --timeout 60000 test/**/*.test.js",
-    "testGH": "node --import ./test/esmock-loader.mjs ./node_modules/mocha/bin/mocha.js --timeout 60000 --exclude test/provider/immonet.test.js --exclude test/provider/immowelt.test.js test/**/*.test.js",
+    "testGH": "node --import ./test/esmock-loader.mjs ./node_modules/mocha/bin/mocha.js --timeout 60000 --exclude test/provider/immonet.test.js --exclude test/provider/immobilienDe.test.js --exclude test/provider/immowelt.test.js test/**/*.test.js",
     "lint": "eslint .",
     "lint:fix": "yarn lint --fix",
     "migratedb": "node lib/services/storage/migrations/migrate.js",
-    "migratedb:overwrite": "x-var MIGRATION_ALLOW_CHECKSUM_UPDATE=true node lib/services/storage/migrations/migrate.js"
+    "migratedb:overwrite": "x-var MIGRATION_ALLOW_CHECKSUM_UPDATE=true node lib/services/storage/migrations/migrate.js",
+    "copyright": "node ./copyright.js"
   },
   "type": "module",
   "lint-staged": {
     "*.{js,jsx}": [
       "yarn lint",
-      "yarn format"
+      "yarn format",
+      "yarn copyright"
     ]
   },
   "main": "index.js",
@@ -45,7 +47,7 @@
   "bugs": {
     "url": "https://github.com/orangecoding/fredy/issues"
   },
-  "license": "MIT",
+  "license": "Apache-2.0",
   "engines": {
     "node": ">=22.0.0",
     "npm": ">=7.0.0"
@@ -57,15 +59,14 @@
     "Firefox ESR"
   ],
   "dependencies": {
-    "@douyinfe/semi-icons": "^2.89.0",
-    "@douyinfe/semi-ui": "2.89.0",
+    "adm-zip": "^0.5.16",
+    "@douyinfe/semi-icons": "^2.90.3",
+    "@douyinfe/semi-ui": "2.90.3",
     "@sendgrid/mail": "8.1.6",
-    "@visactor/react-vchart": "^2.0.10",
-    "@visactor/vchart": "^2.0.10",
-    "@visactor/vchart-semi-theme": "^1.12.2",
     "@vitejs/plugin-react": "5.1.2",
     "better-sqlite3": "^12.5.0",
     "body-parser": "2.2.1",
+    "chart.js": "^4.5.1",
     "cheerio": "^1.1.2",
     "cookie-session": "2.1.1",
     "handlebars": "4.7.8",
@@ -76,19 +77,20 @@
     "node-mailjet": "6.0.11",
     "p-throttle": "^8.1.0",
     "package-up": "^5.0.0",
-    "puppeteer": "^24.32.1",
+    "puppeteer": "^24.34.0",
     "puppeteer-extra": "^3.3.6",
     "puppeteer-extra-plugin-stealth": "^2.11.2",
     "query-string": "9.3.1",
     "react": "18.3.1",
+    "react-chartjs-2": "^5.3.1",
     "react-dom": "18.3.1",
-    "react-router": "7.10.1",
-    "react-router-dom": "7.10.1",
+    "react-router": "7.11.0",
+    "react-router-dom": "7.11.0",
     "restana": "5.1.0",
     "semver": "^7.7.3",
-    "serve-static": "2.2.0",
+    "serve-static": "2.2.1",
     "slack": "11.0.2",
-    "vite": "7.2.7",
+    "vite": "7.3.0",
     "x-var": "^3.0.1",
     "zustand": "^5.0.9"
   },
@@ -97,14 +99,14 @@
     "@babel/eslint-parser": "7.28.5",
     "@babel/preset-env": "7.28.5",
     "@babel/preset-react": "7.28.5",
-    "chai": "6.2.1",
-    "eslint": "9.39.1",
+    "chai": "6.2.2",
+    "eslint": "9.39.2",
     "eslint-config-prettier": "10.1.8",
     "eslint-plugin-react": "7.37.5",
     "esmock": "2.7.3",
     "history": "5.3.0",
     "husky": "9.1.7",
-    "less": "4.4.2",
+    "less": "4.5.1",
     "lint-staged": "16.2.7",
     "mocha": "11.7.5",
     "nodemon": "^3.1.11",

test/backup/backupRestoreService.test.js

@@ -0,0 +1,143 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
+import { expect } from 'chai';
+import esmock from 'esmock';
+
+describe('services/storage/backupRestoreService.js - precheck & filename', () => {
+  let svc;
+  let setZipState;
+  let calls;
+
+  beforeEach(async () => {
+    calls = { logger: { info: [], warn: [], error: [] } };
+
+    // Mock AdmZip with configurable state via globalThis (avoid esmock export name pitfalls)
+    globalThis.__ADM_ZIP_STATE__ = { hasDb: false, meta: null };
+    setZipState = (s) => {
+      globalThis.__ADM_ZIP_STATE__ = { ...globalThis.__ADM_ZIP_STATE__, ...s };
+    };
+    class MockAdmZip {
+      constructor() {}
+      getEntry(name) {
+        const state = globalThis.__ADM_ZIP_STATE__ || {};
+        if (name === 'listings.db') {
+          if (state.hasDb) return { getData: () => Buffer.from('db') };
+          return null;
+        }
+        if (name === 'fredy-backup.json') {
+          if (state.meta) return { getData: () => Buffer.from(JSON.stringify(state.meta)) };
+          return null;
+        }
+        return null;
+      }
+      getEntries() {
+        const state = globalThis.__ADM_ZIP_STATE__ || {};
+        const arr = [];
+        if (state.hasDb) arr.push({ entryName: 'listings.db', getData: () => Buffer.from('db') });
+        return arr;
+      }
+    }
+    const admZipMock = { default: MockAdmZip };
+    // Also expose for service via globalThis escape hatch
+    globalThis.__TEST_ADM_ZIP__ = MockAdmZip;
+
+    const path = await import('node:path');
+    const ROOT = path.resolve('.');
+
+    // Mocks for dependencies
+    const migratePath = path.join(ROOT, 'lib', 'services', 'storage', 'migrations', 'migrate.js');
+    const sqlitePath = path.join(ROOT, 'lib', 'services', 'storage', 'SqliteConnection.js');
+    const loggerPath = path.join(ROOT, 'lib', 'services', 'logger.js');
+    const utilsPath = path.join(ROOT, 'lib', 'utils.js');
+
+    const migrateMock = {
+      listMigrationFiles: () => [{ id: 10 }],
+      runMigrations: async () => {},
+    };
+
+    const sqliteMock = {
+      default: {
+        getConnection: () => ({ backup: async () => {} }),
+        close: () => {},
+        tableExists: () => false,
+        query: () => [],
+        withTransaction: (cb) => cb({ prepare: () => ({ run: () => {} }) }),
+      },
+      computeDbPath: async () => ({ dir: '/tmp', dbPath: '/tmp/listings.db' }),
+    };
+
+    const loggerMock = {
+      info: (...a) => calls.logger.info.push(a),
+      warn: (...a) => calls.logger.warn.push(a),
+      error: (...a) => calls.logger.error.push(a),
+    };
+
+    const utilsMock = { getPackageVersion: async () => '16.2.0' };
+
+    const admZipPath = path.join(ROOT, 'node_modules', 'adm-zip', 'adm-zip.js');
+    const mod = await esmock(
+      path.join(ROOT, 'lib', 'services', 'storage', 'backupRestoreService.js'),
+      {},
+      {
+        'adm-zip': admZipMock,
+        [admZipPath]: admZipMock,
+        [migratePath]: migrateMock,
+        [sqlitePath]: sqliteMock,
+        [loggerPath]: loggerMock,
+        [utilsPath]: utilsMock,
+      },
+    );
+
+    svc = mod;
+  });
+
+  it('precheck: empty upload yields danger', async () => {
+    const res = await svc.precheckRestore(Buffer.alloc(0));
+    expect(res.compatible).to.equal(false);
+    expect(res.severity).to.equal('danger');
+    expect(res.message).to.contain('Empty upload');
+    expect(res.requiredMigration).to.equal(10);
+  });
+
+  it('precheck: missing listings.db yields danger', async () => {
+    setZipState({ hasDb: false, meta: { dbMigration: 9 } });
+    const res = await svc.precheckRestore(Buffer.from('dummy'));
+    expect(res.compatible).to.equal(false);
+    expect(res.severity).to.equal('danger');
+    expect(res.message).to.match(/missing the database file/i);
+  });
+
+  it('precheck: older backup is compatible with warning', async () => {
+    setZipState({ hasDb: true, meta: { dbMigration: 5, fredyVersion: '16.0.0' } });
+    const res = await svc.precheckRestore(Buffer.from('zip'));
+    expect(res.compatible).to.equal(true);
+    expect(res.severity).to.equal('warning');
+    expect(res.message).to.match(/automatic migrations/i);
+    expect(res.backupMigration).to.equal(5);
+    expect(res.requiredMigration).to.equal(10);
+  });
+
+  it('precheck: equal backup is compatible with info', async () => {
+    setZipState({ hasDb: true, meta: { dbMigration: 10 } });
+    const res = await svc.precheckRestore(Buffer.from('zip'));
+    expect(res.compatible).to.equal(true);
+    expect(res.severity).to.equal('info');
+  });
+
+  it('precheck: newer backup yields danger', async () => {
+    setZipState({ hasDb: true, meta: { dbMigration: 11 } });
+    const res = await svc.precheckRestore(Buffer.from('zip'));
+    expect(res.compatible).to.equal(false);
+    expect(res.severity).to.equal('danger');
+  });
+
+  it('buildBackupFileName: matches pattern and includes version', async () => {
+    const name = await svc.buildBackupFileName();
+    expect(name).to.match(/^\d{4}-\d{2}-\d{2}-FredyBackup-/);
+    expect(name).to.include('16.2.0');
+    expect(name).to.match(/\.zip$/);
+  });
+});

test/db/migrations/migrate.test.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 import { expect } from 'chai';
 import esmock from 'esmock';
 

test/mocks/mockNotification.js

@@ -1,3 +1,8 @@
+/*
+ * Copyright (c) 2025 by Christian Kellner.
+ * Licensed under Apache-2.0 with Commons Clause and Attribution/Naming Clause
+ */
+
 let tmpStore = {};
 
 export const send = (serviceName, payload) => {