Fixed Python & feature test failures caused by Werkzeug 3.1.7 rejecting empty Host header in CSRF token generation.

* Address CodeRabbit review feedback for streaming and SQL extraction.

- Anthropic: preserve separators between text blocks in streaming to
  match _parse_response() behavior.
- Docker: validate that the API URL points to a loopback address to
  constrain the request surface.
- Docker/OpenAI: raise LLMClientError on empty streams instead of
  yielding blank LLMResponse objects, matching non-streaming behavior.
- SQL extraction: strip trailing semicolons before joining blocks to
  avoid double semicolons in output.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Address remaining CodeRabbit review feedback for streaming and rendering.

- Use distinct 3-tuple ('complete', text, messages) for completion events
  to avoid ambiguity with ('tool_use', [...]) 2-tuples in chat streaming.
- Pass conversation history from request into chat_with_database_stream()
  so follow-up NLQ turns retain context.
- Add re.IGNORECASE to SQL fence regex for case-insensitive matching.
- Render MarkdownContent as block element instead of span to avoid
  invalid DOM when response contains paragraphs, lists, or tables.
- Keep stop notice as a separate message instead of appending to partial
  markdown, preventing it from being swallowed by open code fences.
- Snapshot streamingIdRef before setMessages in error handler to avoid
  race condition where ref is cleared before React executes the updater.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Address CodeRabbit review feedback for streaming providers and history.

- Fix critical NameError: use self._api_url instead of undefined API_URL
  in anthropic and openai streaming _process_stream() methods.
- Match sync path auth handling: conditionally set API key headers in
  streaming paths for both anthropic and openai providers.
- Remove unconditional temperature from openai streaming payload to
  match sync path compatibility approach.
- Add URL scheme validation to OllamaClient.__init__ to prevent unsafe
  local/resource access via non-http schemes.
- Guard ollama streaming finalizer: raise error when stream drops
  without a done frame and no content was received.
- Update chat.py type hint and docstring for 3-tuple completion event.
- Serialize and return filtered conversation history in the complete
  SSE event so the client can round-trip it on follow-up turns.
- Store and send conversation history from NLQChatPanel, clear on
  conversation reset.
- Fix JSON-fallback SQL render path: clear content when SQL was
  extracted without fenced blocks so ChatMessage uses sql-only renderer.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Fix missing closing brace in NLQChatPanel switch statement.

Adding block scoping to the error case introduced an unmatched brace
that prevented the switch statement from closing properly, causing
an eslint parse error.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Fix missing compaction module and SQL extraction test.

- Replace compaction module imports with inline history deserialization
  and filtering since compaction.py is on a different branch.
- Add rstrip(';') to SQL extraction test to match production code,
  fixing double-semicolon assertion failure.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Fix SQL extraction test expected values after rstrip(';') change.

The rstrip(';') applied to each block before joining means single
blocks and the last block in multi-block joins no longer have
trailing semicolons. Update expected values to match.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Strictly guard Ollama stream: raise if no terminal done frame received.

Truncated content from a dropped connection should not be treated as
a complete response, even if partial text was streamed. Always raise
when final_data is None, matching CodeRabbit's recommendation.

.coderabbit.yaml

@@ -0,0 +1,186 @@
+language: en-US
+tone_instructions: ''
+early_access: false
+enable_free_tier: true
+reviews:
+  profile: chill
+  request_changes_workflow: false
+  high_level_summary: true
+  high_level_summary_placeholder: '@coderabbitai summary'
+  high_level_summary_in_walkthrough: false
+  auto_title_placeholder: '@coderabbitai'
+  auto_title_instructions: ''
+  review_status: true
+  commit_status: true
+  fail_commit_status: false
+  collapse_walkthrough: false
+  changed_files_summary: true
+  sequence_diagrams: true
+  estimate_code_review_effort: true
+  assess_linked_issues: true
+  related_issues: true
+  related_prs: true
+  suggested_labels: true
+  labeling_instructions: []
+  auto_apply_labels: false
+  suggested_reviewers: true
+  auto_assign_reviewers: false
+  in_progress_fortune: true
+  poem: false
+  path_filters: []
+  path_instructions: []
+  abort_on_close: true
+  disable_cache: false
+  auto_review:
+    enabled: true
+    auto_incremental_review: true
+    ignore_title_keywords: []
+    labels: []
+    drafts: false
+    base_branches: []
+    ignore_usernames: []
+  finishing_touches:
+    docstrings:
+      enabled: true
+    unit_tests:
+      enabled: true
+  pre_merge_checks:
+    docstrings:
+      mode: warning
+      threshold: 80
+    title:
+      mode: warning
+      requirements: ''
+    description:
+      mode: warning
+    issue_assessment:
+      mode: warning
+    custom_checks: []
+  tools:
+    ast-grep:
+      rule_dirs: []
+      util_dirs: []
+      essential_rules: true
+      packages: []
+    shellcheck:
+      enabled: true
+    ruff:
+      enabled: true
+    markdownlint:
+      enabled: true
+    github-checks:
+      enabled: true
+      timeout_ms: 900000
+    languagetool:
+      enabled: true
+      enabled_rules: []
+      disabled_rules: []
+      enabled_categories: []
+      disabled_categories: []
+      enabled_only: false
+      level: default
+    biome:
+      enabled: true
+    hadolint:
+      enabled: true
+    swiftlint:
+      enabled: true
+    phpstan:
+      enabled: true
+      level: default
+    phpmd:
+      enabled: true
+    phpcs:
+      enabled: true
+    golangci-lint:
+      enabled: true
+    yamllint:
+      enabled: true
+    gitleaks:
+      enabled: true
+    checkov:
+      enabled: true
+    detekt:
+      enabled: true
+    eslint:
+      enabled: true
+    flake8:
+      enabled: true
+    rubocop:
+      enabled: true
+    buf:
+      enabled: true
+    regal:
+      enabled: true
+    actionlint:
+      enabled: true
+    pmd:
+      enabled: true
+    clang:
+      enabled: true
+    cppcheck:
+      enabled: true
+    semgrep:
+      enabled: true
+    circleci:
+      enabled: true
+    clippy:
+      enabled: true
+    sqlfluff:
+      enabled: true
+    prismaLint:
+      enabled: true
+    pylint:
+      enabled: true
+    oxc:
+      enabled: true
+    shopifyThemeCheck:
+      enabled: true
+    luacheck:
+      enabled: true
+    brakeman:
+      enabled: true
+    dotenvLint:
+      enabled: true
+    htmlhint:
+      enabled: true
+    checkmake:
+      enabled: true
+    osvScanner:
+      enabled: true
+chat:
+  art: true
+  auto_reply: true
+  integrations:
+    jira:
+      usage: auto
+    linear:
+      usage: auto
+knowledge_base:
+  opt_out: false
+  web_search:
+    enabled: true
+  code_guidelines:
+    enabled: true
+    filePatterns: []
+  learnings:
+    scope: auto
+  issues:
+    scope: auto
+  jira:
+    usage: auto
+    project_keys: []
+  linear:
+    usage: auto
+    team_keys: []
+  pull_requests:
+    scope: auto
+  mcp:
+    usage: auto
+    disabled_servers: []
+code_generation:
+  docstrings:
+    language: en-US
+    path_instructions: []
+  unit_tests:
+    path_instructions: []

.dockerignore

@@ -1,4 +1,5 @@
 web/node_modules
+web/config_*.py
 web/*.log
 web/regression
 web/**/tests/

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and normalize end of lines to LF (\n)
+* text=auto eol=lf

.github/ISSUE_TEMPLATE/bug_report.md

@@ -34,7 +34,7 @@ If applicable, add screenshots to help explain your problem.
 
 **Desktop (please complete the following information):**
  - OS: [e.g. Windows 10, OSX monterey]
- - Version: [e.g. 6.15]
+ - pgAdmin version: [e.g. 6.15]
  - Mode: [e.g Desktop or Server]
  - Browser (if running in server mode): [e.g. chrome, safari]
  - Package type: [e.g. RPM, DEB, Python, Container, etc.]

.github/workflows/run-feature-tests-epas.yml

@@ -21,7 +21,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        pgver: [13, 14, 15, 16, 17]
+        pgver: [14, 15, 16, 17, 18]
 
     runs-on: ubuntu-22.04
 

.github/workflows/run-feature-tests-pg.yml

@@ -20,7 +20,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        pgver: [13, 14, 15, 16, 17]
+        pgver: [14, 15, 16, 17, 18]
 
     runs-on: ubuntu-22.04
 

.github/workflows/run-python-tests-epas.yml

@@ -32,7 +32,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-22.04, windows-latest]
-        pgver: [13, 14, 15, 16, 17]
+        pgver: [14, 15, 16, 17, 18]
 
     runs-on: ${{ matrix.os }}
 
@@ -73,6 +73,14 @@ jobs:
           IF %ERRORLEVEL% EQU 3010 cmd /c "exit /b 0"
         shell: cmd
 
+      - name: Add pg_config path to PATH
+        shell: pwsh
+        run: |
+          $pgPath = "C:\\EPAS\\${{ matrix.pgver }}\\bin"
+          Write-Output $pgPath
+          Add-Content -Path $env:GITHUB_PATH -Value $pgPath
+          pg_config --version
+
       - name: Create the tablespace directory on Linux
         if: ${{ matrix.os == 'ubuntu-22.04' }}
         run: |

.github/workflows/run-python-tests-pg.yml

@@ -21,7 +21,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [macos-latest, ubuntu-22.04, windows-latest]
-        pgver: [13, 14, 15, 16, 17]
+        pgver: [14, 15, 16, 17, 18]
 
     runs-on: ${{ matrix.os }}
 
@@ -64,6 +64,7 @@ jobs:
           brew install postgresql@${{ matrix.pgver }}
           echo "/opt/homebrew/opt/postgresql@${{ matrix.pgver }}/bin" >> $GITHUB_PATH
 
+
       - name: Uninstall PostgreSQL if already present on windows
         if: ${{ matrix.os == 'windows-latest' }}
         run: |
@@ -78,13 +79,21 @@ jobs:
         run: |
           FOR /f "delims=" %%F IN ('python tools\get_sb_package.py "https://www.postgresql.org/applications-v2.xml" "postgresql_${{ matrix.pgver }}" "windows-x64"') DO SET INSTALLER_EXE=%%F
           ECHO Running %INSTALLER_EXE%...
-          %INSTALLER_EXE% --prefix C:\PostgreSQL\${{ matrix.pgver }} --datadir C:\PostgreSQL\${{ matrix.pgver }}\data --serverport 59${{ matrix.pgver }} --superpassword postgres --install_runtimes 0 --mode unattended --unattendedmodeui none --disable-components pgAdmin,stackbuilder --enable-components server,commandlinetools"
+          %INSTALLER_EXE% --prefix C:\PostgreSQL_custom\${{ matrix.pgver }} --datadir C:\PostgreSQL_custom\${{ matrix.pgver }}\data --serverport 59${{ matrix.pgver }} --superpassword postgres --install_runtimes 0 --mode unattended --unattendedmodeui none --disable-components pgAdmin,stackbuilder --enable-components server,commandlinetools"
           choco install -y mitkerberos
 
           REM Ignore error 3010 (reboot required)
           IF %ERRORLEVEL% EQU 3010 cmd /c "exit /b 0"
         shell: cmd
 
+      - name: Add pg_config path to PATH
+        shell: pwsh
+        run: |
+          $pgPath = "C:\\PostgreSQL_custom\\${{ matrix.pgver }}\\bin"
+          Write-Output $pgPath
+          Add-Content -Path $env:GITHUB_PATH -Value $pgPath
+          pg_config --version
+
       - name: Create the tablespace directory on Linux
         if: ${{ matrix.os == 'ubuntu-22.04' }}
         run: |

Dockerfile

@@ -2,7 +2,7 @@
 #
 # pgAdmin 4 - PostgreSQL Tools
 #
-# Copyright (C) 2013 - 2025, The pgAdmin Development Team
+# Copyright (C) 2013 - 2026, The pgAdmin Development Team
 # This software is released under the PostgreSQL Licence
 #
 #########################################################################
@@ -31,51 +31,38 @@ RUN apk add --no-cache \
     yarn \
     zlib-dev
 
-COPY .git .git
-# Create the /pgadmin4 directory and copy the source into it. Explicitly
-# remove the node_modules directory as we'll recreate a clean version, as well
-# as various other files we don't want
+# Create the /pgadmin4 directory and copy the source into it
 COPY web /pgadmin4/web
-RUN rm -rf /pgadmin4/web/*.log \
-           /pgadmin4/web/config_*.py \
-           /pgadmin4/web/node_modules \
-           /pgadmin4/web/regression \
-           `find /pgadmin4/web -type d -name tests` \
-           `find /pgadmin4/web -type f -name .DS_Store`
-
 WORKDIR /pgadmin4/web
 
 # Build the JS vendor code in the app-builder, and then remove the vendor source.
-RUN export CPPFLAGS="-DPNG_ARM_NEON_OPT=0" && \
+RUN --mount=type=bind,source=.git,target=/pgadmin4/.git \
+    --mount=type=tmpfs,target=node_modules \
+    --mount=type=tmpfs,target=pgadmin/static/js/generated/.cache \
+    export CPPFLAGS="-DPNG_ARM_NEON_OPT=0" && \
     npm install -g corepack && \
     corepack enable && \
     yarn set version berry && \
     yarn set version 4 && \
     yarn install && \
     yarn run bundle && \
-    rm -rf node_modules \
-           yarn.lock \
+    rm -rf yarn.lock \
            package.json \
            .[^.]* \
            babel.cfg \
            webpack.* \
            jest.config.js \
-           babel.* \
-           ./pgadmin/static/js/generated/.cache \
-           /pgadmin4/.git
+           babel.*
 
 #########################################################################
 # Next, create the base environment for Python
 #########################################################################
 
-FROM alpine:latest AS env-builder
+FROM python:3-alpine AS env-builder
 
 # Install dependencies
-COPY requirements.txt /
 RUN apk add --no-cache \
-        make \
-        python3 \
-        py3-pip && \
+        make && \
     apk add --no-cache --virtual build-deps \
         build-base \
         openssl-dev \
@@ -86,9 +73,9 @@ RUN apk add --no-cache \
         cargo \
         zlib-dev \
         libjpeg-turbo-dev \
-        libpng-dev \
-        python3-dev && \
-    python3 -m venv --system-site-packages --without-pip /venv && \
+        libpng-dev
+COPY requirements.txt /
+RUN python3 -m venv --system-site-packages --without-pip /venv && \
     /venv/bin/python3 -m pip install --no-cache-dir -r requirements.txt && \
     apk del --no-cache build-deps
 
@@ -120,21 +107,16 @@ RUN rm -rf /pgadmin4/docs/en_US/_build/html/_static/*.png
 # Create additional builders to get all of the PostgreSQL utilities
 #########################################################################
 
-FROM postgres:12-alpine AS pg12-builder
 FROM postgres:13-alpine AS pg13-builder
 FROM postgres:14-alpine AS pg14-builder
 FROM postgres:15-alpine AS pg15-builder
 FROM postgres:16-alpine AS pg16-builder
 FROM postgres:17-alpine AS pg17-builder
+FROM postgres:18-alpine AS pg18-builder
 
 FROM alpine:latest AS tool-builder
 
 # Copy the PG binaries
-COPY --from=pg12-builder /usr/local/bin/pg_dump /usr/local/pgsql/pgsql-12/
-COPY --from=pg12-builder /usr/local/bin/pg_dumpall /usr/local/pgsql/pgsql-12/
-COPY --from=pg12-builder /usr/local/bin/pg_restore /usr/local/pgsql/pgsql-12/
-COPY --from=pg12-builder /usr/local/bin/psql /usr/local/pgsql/pgsql-12/
-
 COPY --from=pg13-builder /usr/local/bin/pg_dump /usr/local/pgsql/pgsql-13/
 COPY --from=pg13-builder /usr/local/bin/pg_dumpall /usr/local/pgsql/pgsql-13/
 COPY --from=pg13-builder /usr/local/bin/pg_restore /usr/local/pgsql/pgsql-13/
@@ -160,44 +142,21 @@ COPY --from=pg17-builder /usr/local/bin/pg_dumpall /usr/local/pgsql/pgsql-17/
 COPY --from=pg17-builder /usr/local/bin/pg_restore /usr/local/pgsql/pgsql-17/
 COPY --from=pg17-builder /usr/local/bin/psql /usr/local/pgsql/pgsql-17/
 
+COPY --from=pg18-builder /usr/local/bin/pg_dump /usr/local/pgsql/pgsql-18/
+COPY --from=pg18-builder /usr/local/bin/pg_dumpall /usr/local/pgsql/pgsql-18/
+COPY --from=pg18-builder /usr/local/bin/pg_restore /usr/local/pgsql/pgsql-18/
+COPY --from=pg18-builder /usr/local/bin/psql /usr/local/pgsql/pgsql-18/
+
 #########################################################################
 # Assemble everything into the final container.
 #########################################################################
 
-FROM alpine:latest
+FROM python:3-alpine
 
-# Copy in the Python packages
-COPY --from=env-builder /venv /venv
-
-# Copy in the tools
-COPY --from=tool-builder /usr/local/pgsql /usr/local/
-COPY --from=pg17-builder /usr/local/lib/libpq.so.5.17 /usr/lib/
-COPY --from=pg17-builder /usr/lib/libzstd.so.1.5.7 /usr/lib/
-COPY --from=pg17-builder /usr/lib/liblz4.so.1.10.0 /usr/lib/
-
-RUN ln -s libpq.so.5.17 /usr/lib/libpq.so.5 && \
-    ln -s libpq.so.5.17 /usr/lib/libpq.so && \
-    ln -s libzstd.so.1.5.6 /usr/lib/libzstd.so.1 && \
-    ln -s liblz4.so.1.10.0 /usr/lib/liblz4.so.1
-
-WORKDIR /pgadmin4
-ENV PYTHONPATH=/pgadmin4
-
-# Copy in the code and docs
-COPY --from=app-builder /pgadmin4/web /pgadmin4
-COPY --from=docs-builder /pgadmin4/docs/en_US/_build/html/ /pgadmin4/docs
-COPY pkg/docker/run_pgadmin.py /pgadmin4
-COPY pkg/docker/gunicorn_config.py /pgadmin4
-COPY pkg/docker/entrypoint.sh /entrypoint.sh
-
-# License files
-COPY LICENSE /pgadmin4/LICENSE
-
-# Install runtime dependencies and configure everything in one RUN step
-RUN apk add --no-cache \
-        python3 \
+# Install runtime dependencies
+RUN apk update && apk upgrade && \
+    apk add \
         bash \
-        py3-pip \
         postfix \
         krb5-libs \
         libjpeg-turbo \
@@ -207,7 +166,33 @@ RUN apk add --no-cache \
         libedit \
         libldap \
         libcap && \
-    /venv/bin/python3 -m pip install --no-cache-dir gunicorn==23.0.0 && \
+    rm -rf /var/cache/apk/*
+
+# Copy in the Python packages
+COPY --from=env-builder /venv /venv
+
+# Copy in the tools
+COPY --from=tool-builder /usr/local/pgsql /usr/local/
+COPY --from=pg18-builder /usr/local/lib/libpq.so.5.18 /usr/lib/liblz4.so.1.10.0 /usr/lib/
+
+RUN ln -s libpq.so.5.18 /usr/lib/libpq.so.5 && \
+    ln -s libpq.so.5.18 /usr/lib/libpq.so && \
+    ln -s liblz4.so.1.10.0 /usr/lib/liblz4.so.1
+
+WORKDIR /pgadmin4
+ENV PYTHONPATH=/pgadmin4
+
+# Copy in the code and docs
+COPY --from=app-builder /pgadmin4/web /pgadmin4
+COPY --from=docs-builder /pgadmin4/docs/en_US/_build/html/ /pgadmin4/docs
+COPY pkg/docker/run_pgadmin.py pkg/docker/gunicorn_config.py /pgadmin4/
+COPY pkg/docker/entrypoint.sh /entrypoint.sh
+
+# License files
+COPY LICENSE /pgadmin4/LICENSE
+
+# Configure everything in one RUN step
+RUN /venv/bin/python3 -m pip install --no-cache-dir gunicorn==23.0.0 && \
     find / -type d -name '__pycache__' -exec rm -rf {} + && \
     useradd -r -u 5050 -g root -s /sbin/nologin pgadmin && \
     mkdir -p /run/pgadmin /var/lib/pgadmin && \
@@ -217,7 +202,7 @@ RUN apk add --no-cache \
     chown pgadmin:root /pgadmin4/config_distro.py && \
     chmod g=u /pgadmin4/config_distro.py && \
     chmod g=u /etc/passwd && \
-    setcap CAP_NET_BIND_SERVICE=+eip /usr/bin/python3.12 && \
+    setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/python3.[0-9][0-9] && \
     echo "pgadmin ALL = NOPASSWD: /usr/sbin/postfix start" > /etc/sudoers.d/postfix && \
     echo "pgadminr ALL = NOPASSWD: /usr/sbin/postfix start" >> /etc/sudoers.d/postfix
 

LICENSE

@@ -4,7 +4,7 @@ pgAdmin 4
 This software is released under the PostgreSQL licence.
 
 -------------------------------------------------------------------------------
-Copyright (C) 2013 - 2025, The pgAdmin Development Team
+Copyright (C) 2013 - 2026, The pgAdmin Development Team
 
 Permission to use, copy, modify, and distribute this software and its
 documentation for any purpose, without fee, and without a written agreement is

Make.bat

@@ -28,7 +28,7 @@ CALL :CREATE_PYTHON_ENV || EXIT /B 1
 CALL :CREATE_RUNTIME_ENV || EXIT /B 1
 CALL :GENERATE_SBOM || EXIT /B 1
 CALL :CREATE_INSTALLER || EXIT /B 1
-CALL :SIGN_INSTALLER || EXIT /B 1
+CALL :VERIFY_SIGNATURE || EXIT /B 1
 
 EXIT /B %ERRORLEVEL%
 REM Main build sequence Ends
@@ -59,6 +59,7 @@ REM Main build sequence Ends
     IF "%PGADMIN_VCREDIST_DIR%" == "" SET "PGADMIN_VCREDIST_DIR=C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Redist\MSVC\14.40.33807"
     IF "%PGADMIN_VCREDIST_FILE%" == "" SET "PGADMIN_VCREDIST_FILE=vc_redist.x64.exe"
     IF "%PGADMIN_SIGNTOOL_DIR%" == "" SET "PGADMIN_SIGNTOOL_DIR=C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64"
+    IF "%PGADMIN_WINDOWS_CSC%" == "" SET "PGADMIN_WINDOWS_CSC="
 
     REM Set additional variables we need
     FOR /F "tokens=3" %%a IN ('findstr /C:"APP_RELEASE =" %WD%\web\version.py')  DO SET APP_MAJOR=%%a
@@ -99,6 +100,11 @@ REM Main build sequence Ends
     ECHO VC++ redist file:          %PGADMIN_VCREDIST_FILE%
     ECHO InnoTool directory:        %PGADMIN_INNOTOOL_DIR%
     ECHO signtool directory:        %PGADMIN_SIGNTOOL_DIR%
+    IF "%PGADMIN_WINDOWS_CSC%" == "" (
+        ECHO Code signing certificate:  [NONE - Signing disabled]
+    ) ELSE (
+        ECHO Code signing certificate:  %PGADMIN_WINDOWS_CSC%
+    )
     ECHO.
     ECHO App version:               %APP_VERSION%
     ECHO App version suffix:        %APP_VERSION_SUFFIX%
@@ -282,7 +288,7 @@ REM Main build sequence Ends
 
     REM WGET
     FOR /f "tokens=*" %%i IN ('npm info electron version') DO SET "ELECTRON_VERSION=%%i"
-    SET ELECTRON_VERSION="35.4.0"
+
     :GET_NW
         wget https://github.com/electron/electron/releases/download/v%ELECTRON_VERSION%/electron-v%ELECTRON_VERSION%-win32-x64.zip -O "%TMPDIR%\electron-v%ELECTRON_VERSION%-win32-x64.zip"
         IF %ERRORLEVEL% NEQ 0 GOTO GET_NW
@@ -306,14 +312,18 @@ REM Main build sequence Ends
     %TMPDIR%\rcedit-x64.exe "%BUILDROOT%\runtime\pgAdmin4.exe" --set-version-string "ProductName" "%APP_NAME%"
     %TMPDIR%\rcedit-x64.exe "%BUILDROOT%\runtime\pgAdmin4.exe" --set-product-version "%APP_VERSION%""
 
-    ECHO Attempting to sign the pgAdmin4.exe...
-    CALL "%PGADMIN_SIGNTOOL_DIR%\signtool.exe" sign /fd certHash /tr http://timestamp.digicert.com /td SHA256 "%BUILDROOT%\runtime\pgAdmin4.exe"
-    IF %ERRORLEVEL% NEQ 0 (
-        ECHO.
-        ECHO ************************************************************
-        ECHO * Failed to sign the pgAdmin4.exe
-        ECHO ************************************************************
-        PAUSE
+    IF NOT "%PGADMIN_WINDOWS_CSC%" == "" (
+        ECHO Attempting to sign the pgAdmin4.exe...
+        CALL "%PGADMIN_SIGNTOOL_DIR%\signtool.exe" sign /sm /n "%PGADMIN_WINDOWS_CSC%" /tr http://timestamp.digicert.com /td sha256 /fd sha1 /v "%BUILDROOT%\runtime\pgAdmin4.exe"
+        IF %ERRORLEVEL% NEQ 0 (
+            ECHO.
+            ECHO ************************************************************
+            ECHO * Failed to sign the pgAdmin4.exe
+            ECHO ************************************************************
+            PAUSE
+        )
+    ) ELSE (
+        ECHO Skipping code signing ^(PGADMIN_WINDOWS_CSC is not set^)...
     )
 
     ECHO Staging PostgreSQL components...
@@ -356,7 +366,11 @@ REM Main build sequence Ends
     DEL /s "%WD%\pkg\win32\installer.iss.in_stage*" > nul
 
     ECHO Creating windows installer using INNO tool...
-    CALL "%PGADMIN_INNOTOOL_DIR%\ISCC.exe" "%WD%\pkg\win32\installer.iss" || EXIT /B 1
+    IF NOT "%PGADMIN_WINDOWS_CSC%" == "" (
+        CALL "%PGADMIN_INNOTOOL_DIR%\ISCC.exe" "%WD%\pkg\win32\installer.iss" "/SpgAdminSigntool=%PGADMIN_SIGNTOOL_DIR%\signtool.exe sign /sm /n $q%PGADMIN_WINDOWS_CSC%$q /tr http://timestamp.digicert.com /td sha256 /fd sha1 /v $f" || EXIT /B 1
+    ) ELSE (
+        CALL "%PGADMIN_INNOTOOL_DIR%\ISCC.exe" "%WD%\pkg\win32\installer.iss" || EXIT /B 1
+    )
 
     ECHO Renaming installer...
     MOVE "%WD%\pkg\win32\Output\pgadmin4-setup.exe" "%DISTROOT%\%INSTALLERNAME%" > nul || EXIT /B 1
@@ -373,13 +387,19 @@ REM Main build sequence Ends
 
     EXIT /B 0
 
-:SIGN_INSTALLER
-    ECHO Attempting to sign the installer...
-    CALL "%PGADMIN_SIGNTOOL_DIR%\signtool.exe" sign /fd certHash /tr http://timestamp.digicert.com /td SHA256 "%DISTROOT%\%INSTALLERNAME%"
+:VERIFY_SIGNATURE
+    IF "%PGADMIN_WINDOWS_CSC%" == "" (
+        ECHO Skipping signature verification ^(PGADMIN_WINDOWS_CSC is not set^)...
+        EXIT /B 0
+    )
+
+    ECHO Verifying the installer signature...
+
+    CALL "%PGADMIN_SIGNTOOL_DIR%\signtool.exe" verify /pa /v "%DISTROOT%\%INSTALLERNAME%"
     IF %ERRORLEVEL% NEQ 0 (
         ECHO.
         ECHO ************************************************************
-        ECHO * Failed to sign the installer
+        ECHO * Failed to verify signature of the installer
         ECHO ************************************************************
         PAUSE
     )

Makefile

@@ -2,7 +2,7 @@
 #
 # pgAdmin 4 - PostgreSQL Tools
 #
-# Copyright (C) 2013 - 2025, The pgAdmin Development Team
+# Copyright (C) 2013 - 2026, The pgAdmin Development Team
 # This software is released under the PostgreSQL Licence
 #
 #########################################################################
@@ -20,8 +20,9 @@ APP_REVISION := $(shell grep ^APP_REVISION web/version.py | awk -F"=" '{print $$
 # Include only platform-independent builds in all
 all: docs pip src
 
+# Add BUILD_OPTS variable to pass arguments
 appbundle:
-	./pkg/mac/build.sh
+	./pkg/mac/build.sh $(BUILD_OPTS)
 
 install-node:
 	cd web && yarn install

README.md

@@ -20,7 +20,7 @@ which will fork a Python server process and display the UI.
 ## Prerequisites
 1. Install Node.js 20 and above (https://nodejs.org/en/download)
 2. yarn (https://yarnpkg.com/getting-started/install)
-3. Python 3.8 and above (https://www.python.org/downloads/)
+3. Python 3.9 and above (https://www.python.org/downloads/)
 4. PostgreSQL server (https://www.postgresql.org/download)
 
 Start by enabling Corepack, if it isn't already;
@@ -59,7 +59,7 @@ C:\$PGADMIN4_SRC\web> yarn run bundle
 # Configuring the Python Environment
 
 In order to run the Python code, a suitable runtime environment is required.
-Python version 3.8 and later are currently supported. It is recommended that a
+Python version 3.9 and later are currently supported. It is recommended that a
 Python Virtual Environment is setup for this purpose, rather than using the
 system Python environment. On Linux and Mac systems, the process is fairly
 simple - adapt as required for your distribution:

docs/en_US/ai_tools.rst

@@ -0,0 +1,249 @@
+.. _ai_tools:
+
+*******************
+`AI Reports`:index:
+*******************
+
+**AI Reports** is a feature that provides AI-powered database analysis and insights
+using Large Language Models (LLMs). Use the *Tools → AI Reports* menu to access
+the various AI-powered reports.
+
+The AI Reports feature allows you to:
+
+ * Generate security reports to identify potential security vulnerabilities and configuration issues.
+
+ * Create performance reports with optimization recommendations for queries and configurations.
+
+ * Perform design reviews to analyze database schema structure and suggest improvements.
+
+**Prerequisites:**
+
+Before using AI Reports, you must:
+
+ 1. Ensure AI features are enabled in the server configuration (set ``LLM_ENABLED`` to ``True`` in ``config.py``).
+
+ 2. Configure an LLM provider in :ref:`Preferences → AI <preferences>`.
+
+**Note:**
+
+ * AI Reports using cloud providers (Anthropic, OpenAI) require an active internet connection.
+   Local providers (Ollama, Docker Model Runner) do not require internet access.
+
+ * API usage may incur costs depending on your LLM provider's pricing model.
+   Local providers (Ollama, Docker Model Runner) are free to use.
+
+ * The quality and accuracy of reports depend on the LLM provider and model configured.
+
+
+Configuring AI Reports
+**********************
+
+To configure AI Reports, navigate to *File → Preferences → AI* (or click the *Settings*
+button and select *AI*).
+
+.. image:: images/preferences_ai.png
+    :alt: AI preferences
+    :align: center
+
+Select your preferred LLM provider from the dropdown:
+
+**Anthropic**
+  Use Claude models from Anthropic, or any Anthropic-compatible API provider.
+
+  * **API URL**: Custom API endpoint URL (leave empty for default: https://api.anthropic.com/v1).
+  * **API Key File**: Path to a file containing your Anthropic API key (obtain from https://console.anthropic.com/). This path refers to the filesystem where the pgAdmin server is running (e.g., inside the container if using Docker). The ``~`` prefix is expanded to the home directory of the user running the pgAdmin server process. Optional when using a custom URL with a provider that does not require authentication.
+  * **Model**: Select from available Claude models (e.g., claude-sonnet-4-20250514).
+
+**OpenAI**
+  Use GPT models from OpenAI, or any OpenAI-compatible API provider (e.g.,
+  LiteLLM, LM Studio, EXO, or other local inference servers).
+
+  * **API URL**: Custom API endpoint URL (leave empty for default: https://api.openai.com/v1). Include the ``/v1`` path prefix if required by your provider.
+  * **API Key File**: Path to a file containing your OpenAI API key (obtain from https://platform.openai.com/). This path refers to the filesystem where the pgAdmin server is running (e.g., inside the container if using Docker). The ``~`` prefix is expanded to the home directory of the user running the pgAdmin server process. Optional when using a custom URL with a provider that does not require authentication.
+  * **Model**: Select from available GPT models (e.g., gpt-4).
+
+**Ollama**
+  Use locally-hosted open-source models via Ollama. Requires a running Ollama instance.
+
+  * **API URL**: The URL of your Ollama server (default: http://localhost:11434).
+  * **Model**: Enter the name of the Ollama model to use (e.g., llama2, mistral).
+
+**Docker Model Runner**
+  Use models running in Docker Desktop's built-in model runner (available in Docker Desktop 4.40+).
+  No API key is required.
+
+  * **API URL**: The URL of the Docker Model Runner API (default: http://localhost:12434).
+  * **Model**: Select from available models or enter a custom model name.
+
+.. note:: You can also use the *OpenAI* provider with a custom API URL for any
+   OpenAI-compatible endpoint, including Docker Model Runner and other local
+   inference servers.
+
+After configuring your provider, click *Save* to apply the changes.
+
+
+Security Reports
+****************
+
+Security Reports analyze your PostgreSQL server, database, or schema for potential
+security vulnerabilities and configuration issues.
+
+To generate a security report:
+
+1. In the *Browser* tree, select a server, database, or schema.
+
+2. Choose *Tools → AI Reports → Security* from the menu, or right-click the
+   object and select *Security* from the context menu.
+
+3. The report will be generated and displayed in a new tab.
+
+.. image:: images/ai_security_report.png
+    :alt: AI security report
+    :align: center
+
+**Security Report Scope:**
+
+* **Server Level**: Analyzes server configuration, authentication settings, roles, and permissions.
+
+* **Database Level**: Reviews database-specific security settings, roles with database access, and object permissions.
+
+* **Schema Level**: Examines schema permissions, object ownership, and access controls.
+
+Each report includes:
+
+* **Security Findings**: Identified vulnerabilities or security concerns.
+
+* **Risk Assessment**: Severity levels for each finding (Critical, High, Medium, Low).
+
+* **Recommendations**: Specific actions to remediate security issues.
+
+* **Best Practices**: General security recommendations for PostgreSQL.
+
+
+Performance Reports
+*******************
+
+Performance Reports analyze query performance, configuration settings, and provide
+optimization recommendations.
+
+To generate a performance report:
+
+1. In the *Browser* tree, select a server or database.
+
+2. Choose *Tools → AI Reports → Performance* from the menu, or right-click the
+   object and select *Performance* from the context menu.
+
+3. The report will be generated and displayed in a new tab.
+
+**Performance Report Scope:**
+
+* **Server Level**: Analyzes server configuration parameters, resource utilization, and overall server performance metrics.
+
+* **Database Level**: Reviews database-specific configuration, query performance, index usage, and table statistics.
+
+Each report includes:
+
+* **Performance Metrics**: Key performance indicators and statistics.
+
+* **Configuration Analysis**: Review of relevant configuration parameters.
+
+* **Query Optimization**: Recommendations for improving slow queries.
+
+* **Index Recommendations**: Suggestions for adding, removing, or modifying indexes.
+
+* **Capacity Planning**: Resource utilization trends and recommendations.
+
+
+Design Review Reports
+*********************
+
+Design Review Reports analyze your database schema structure and suggest
+improvements for normalization, naming conventions, and best practices.
+
+To generate a design review report:
+
+1. In the *Browser* tree, select a database or schema.
+
+2. Choose *Tools → AI Reports → Design* from the menu, or right-click the
+   object and select *Design* from the context menu.
+
+3. The report will be generated and displayed in a new tab.
+
+**Design Review Scope:**
+
+* **Database Level**: Reviews overall database structure, schema organization, and cross-schema dependencies.
+
+* **Schema Level**: Analyzes tables, views, functions, and other objects within the schema.
+
+Each report includes:
+
+* **Schema Structure Analysis**: Review of table structures, relationships, and constraints.
+
+* **Normalization Review**: Recommendations for database normalization (1NF, 2NF, 3NF, etc.).
+
+* **Naming Conventions**: Suggestions for consistent naming patterns.
+
+* **Data Type Usage**: Review of data type choices and recommendations.
+
+* **Index Design**: Analysis of indexing strategy.
+
+* **Best Practices**: General PostgreSQL schema design recommendations.
+
+
+Working with Reports
+********************
+
+All AI reports are displayed in a dedicated panel with the following features:
+
+**Report Display**
+  Reports are formatted as Markdown and rendered with syntax highlighting for SQL code.
+
+**Toolbar Actions**
+
+  * **Stop** - Cancel the current report generation. This is useful if the report
+    is taking too long or if you want to change parameters.
+
+  * **Regenerate** - Generate a new report for the same object. Useful when you
+    want to get a fresh analysis or if data has changed.
+
+  * **Download** - Download the report as a Markdown (.md) file. The filename
+    includes the report type, object name, and date for easy identification.
+
+**Multiple Reports**
+  You can generate and view multiple reports simultaneously. Each report opens in
+  a new tab, allowing you to compare reports across different servers, databases,
+  or schemas.
+
+**Report Management**
+  Each report tab can be closed individually by clicking the *X* in the tab.
+  Panel titles show the object name and report type for easy identification.
+
+**Copying Content**
+  You can select and copy text from reports to use in documentation or share with
+  your team.
+
+
+Troubleshooting
+***************
+
+**"AI features are disabled in the server configuration"**
+  The administrator has disabled AI features on the server. Contact your
+  pgAdmin administrator to enable the ``LLM_ENABLED`` configuration option.
+
+**"Please configure an LLM provider in Preferences"**
+  You need to configure an LLM provider before using AI Reports. See *Configuring AI Reports* above.
+
+**"Please connect to the server/database first"**
+  You must establish a connection to the server or database before generating reports.
+
+**API Connection Errors**
+  * Verify your API key is correct (for Anthropic and OpenAI).
+  * Check your internet connection (for cloud providers).
+  * For Ollama, ensure the Ollama server is running and accessible.
+  * For Docker Model Runner, ensure Docker Desktop 4.40+ is running with the model runner enabled.
+  * Check that your firewall allows connections to the LLM provider's API.
+
+**Report Generation Fails**
+  * Check the pgAdmin logs for detailed error messages.
+  * Verify the database connection is still active.
+  * Ensure the selected model is available for your account/subscription.

docs/en_US/auto_update_desktop_app.rst

@@ -0,0 +1,96 @@
+Auto-Update of pgAdmin 4 Desktop Application
+********************************************
+
+pgAdmin 4's desktop application includes an automated update system built using 
+Electron's ``autoUpdater`` module. This feature enables users to receive and install 
+updates seamlessly, ensuring they always have access to the latest features and security fixes.
+
+Supported Platforms
+===================
+
+- **macOS:** Fully supported with automatic updates enabled by default
+- **Windows:** Not supported
+- **Linux:** Not supported
+
+Update Process Overview
+=======================
+
+1. **Check for Updates:**
+   
+   - Automatic check on application startup
+   - Manual check available via pgAdmin 4 menu > Check for Updates
+   - Uses Electron's ``autoUpdater`` API to query update server
+
+2. **Download Process:**
+   
+   - Updates download automatically when detected
+   - Progress shown via notifications
+   - Background download prevents interruption of work
+
+3. **Installation Flow:**
+   
+   - User prompted to Install & Restart or Restart Later when update ready
+   - Update applied during application restart
+
+  The flow chart for the update process is as follows:
+
+  .. image:: images/auto_update_desktop_app.png
+    :alt: Auto-update Desktop App
+    :align: center
+
+User Interface Components
+=========================
+
+1. **Notification Types:**
+   
+   - Update available
+   - Download progress
+   - Update ready to install
+   - Error notifications
+
+2. **Menu Integration:**
+   
+   - Check for Updates option in pgAdmin 4 menu
+   - Restart to Update option when  update available
+
+Error Handling
+==============
+
+The system includes comprehensive error handling:
+
+1. **Network Errors:**
+   
+   - Connection timeouts
+   - Download failures
+   - Server unavailability
+
+2. **Installation Errors:**
+   
+   - Corrupted downloads
+
+3. **Recovery Mechanisms:**
+   
+   - Fallback to manual update
+   - Error reporting to logs
+
+Security Considerations
+=======================
+
+The update system implements below security measures:
+
+1. **Secure Communication:**
+
+   - Protected update metadata
+
+Platform-Specific Notes
+=======================
+
+1. **macOS:**
+   
+   - Uses native update mechanisms
+   - Requires signed packages
+
+References
+==========
+
+- `Electron autoUpdater API Documentation <https://www.electronjs.org/docs/latest/api/auto-updater>`_

docs/en_US/backup_dialog.rst

@@ -77,13 +77,13 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 * Move switches in the **Sections** field box to select a portion of the object
   that will be backed up.
 
-   * Move the switch next to *Pre-data* towards right position to include all
+   * Move the switch next to *Pre-data* to the *Yes* position to include all
      data definition items not included in the data or post-data item lists.
 
-   * Move the switch next to *Data* towards right position to backup actual table
+   * Move the switch next to *Data* to the *Yes* position to backup actual table
      data, large-object contents, and sequence values.
 
-   * Move the switch next to *Post-data* towards right position to include
+   * Move the switch next to *Post-data* to the *Yes* position to include
      definitions of indexes, triggers, rules, and constraints other than
      validated check constraints.
 
@@ -94,13 +94,13 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 * Move switches in the **Type of objects** field box to specify details about
   the type of objects that will be backed up.
 
-   * Move the switch next to *Only data* towards right position to limit the back
+   * Move the switch next to *Only data* to the *Yes* position to limit the back
      up to data.
 
    * Move the switch next to *Only schemas* to limit the back up to schema-level
      database objects.
 
-   * Move the switch next to *Blobs* towards left position to exclude large
+   * Move the switch next to *Blobs* to the *No* position to exclude large
      objects in the backup.
 
 .. image:: images/backup_do_not_save.png
@@ -110,36 +110,36 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 * Move switches in the **Do not save** field box to select the objects that will
   not be included in the backup.
 
-   * Move the switch next to *Owner* towards right position to exclude commands
+   * Move the switch next to *Owner* to the *Yes* position to exclude commands
      that set object ownership.
 
-   * Move the switch next to *Privileges* towards right position to exclude
+   * Move the switch next to *Privileges* to the *Yes* position to exclude
      commands that create access privileges.
 
-   * Move the switch next to *Tablespaces* towards right position to exclude
+   * Move the switch next to *Tablespaces* to the *Yes* position to exclude
      tablespaces.
 
-   * Move the switch next to *Unlogged table data* towards right position to
+   * Move the switch next to *Unlogged table data* to the *Yes* position to
      exclude the contents of unlogged tables.
 
-   * Move the switch next to *Comments* towards right position to exclude
+   * Move the switch next to *Comments* to the *Yes* position to exclude
      commands that set the comments. **Note:** This option is visible only for
      database server greater than or equal to 11.
 
-   * Move the switch next to *Publications* towards right position to exclude
+   * Move the switch next to *Publications* to the *Yes* position to exclude
      publications.
 
-   * Move the switch next to *Subscriptions* towards right position to exclude
+   * Move the switch next to *Subscriptions* to the *Yes* position to exclude
      subscriptions.
 
-   * Move the switch next to *Security labels* towards right position to exclude
+   * Move the switch next to *Security labels* to the *Yes* position to exclude
      Security labels.
 
-   * Move the switch next to *Toast compressions* towards right position to exclude
+   * Move the switch next to *Toast compressions* to the *Yes* position to exclude
      Toast compressions. **Note:** This option is visible only for
      database server greater than or equal to 14.
 
-   * Move the switch next to *Table access methods* towards right position to exclude
+   * Move the switch next to *Table access methods* to the *Yes* position to exclude
      Table access methods. **Note:** This option is visible only for
      database server greater than or equal to 15.
 
@@ -150,7 +150,7 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 Click the *Query Options* tab to continue. Use these additional fields to specify
 the type of statements that should be included in the backup.
 
-   * Move the switch next to *Use INSERT commands* towards right position to
+   * Move the switch next to *Use INSERT commands* to the *Yes* position to
      dump the data in the form of INSERT statements rather than using a COPY
      command.  Please note: this may make restoration from backup slow.
 
@@ -165,16 +165,16 @@ the type of statements that should be included in the backup.
      **Note:** This option is visible only for database server greater than or
      equal to 12.
 
-   * Move the switch next to *Include CREATE DATABASE statement* towards right
+   * Move the switch next to *Include CREATE DATABASE statement* to the *Yes*
      position to include a command in the backup that creates a new database
      when restoring the backup.
 
-   * Move the switch next to *Include DROP DATABASE statement* towards right
+   * Move the switch next to *Include DROP DATABASE statement* to the *Yes*
      position to include a command in the backup that will drop any existing
      database object with the same name before recreating the object during a
      backup.
 
-   * Move the switch next to *Include IF EXISTS clause* towards right
+   * Move the switch next to *Include IF EXISTS clause* to the *Yes*
      position to add an IF EXISTS clause to drop databases and other objects.
      This option is not valid unless *Include DROP DATABASE statement* is also set.
 
@@ -185,17 +185,17 @@ the type of statements that should be included in the backup.
 Click the *Table Options* tab to continue. Use the fields in the *Table Options*
 tab related to tables that should be included in the backup.
 
-   * Move the switch next to *Use Column INSERTS* towards right position to dump
+   * Move the switch next to *Use Column INSERTS* to the *Yes* position to dump
      the data in the form of INSERT statements and include explicit column
      names. Please note: this may make restoration from backup slow.
 
-   * Move the switch next to *Load via partition root* towards right position,
+   * Move the switch next to *Load via partition root* to the *Yes* position,
      so when dumping a COPY or INSERT statement for a partitioned table, target
      the root of the partitioning hierarchy which contains it rather than the
      partition itself. **Note:** This option is visible only for database server
      greater than or equal to 11.
 
-   * Move the switch next to *Enable row security* towards right position to
+   * Move the switch next to *Enable row security* to the *Yes* position to
      set row_security to on instead, allowing the user to dump the parts of the
      contents of the table that they have access to. This option is relevant
      only when dumping the contents of a table which has row security.
@@ -235,10 +235,10 @@ tab to provide other backup options.
   that should be excluded from the backup.
 
    * Move the switch next to *Triggers* (active when creating a data-only backup)
-     towards right position to include commands that will disable triggers on the
+     to the *Yes* position to include commands that will disable triggers on the
      target table while the data is being loaded.
 
-   * Move the switch next to *$ quoting* towards right position to enable dollar
+   * Move the switch next to *$ quoting* to the *Yes* position to enable dollar
      quoting within function bodies; if disabled, the function body will be
      quoted using SQL standard string syntax.
 
@@ -249,13 +249,13 @@ tab to provide other backup options.
 * Move switches in the **Miscellaneous** field box to specify miscellaneous
   backup options.
 
-   * Move the switch next to *Verbose messages* towards left position to instruct
+   * Move the switch next to *Verbose messages* to the *No* position to instruct
      *pg_dump* to exclude verbose messages.
 
-   * Move the switch next to *Force double quotes on identifiers* towards right
+   * Move the switch next to *Force double quotes on identifiers* to the *Yes*
      position to force the quoting of all identifiers.
 
-   * Move the switch next to *Use SET SESSION AUTHORIZATION* towards right
+   * Move the switch next to *Use SET SESSION AUTHORIZATION* to the *Yes*
      position to include a statement that will use a SET SESSION AUTHORIZATION
      command to determine object ownership (instead of an ALTER OWNER command).
 
@@ -265,9 +265,9 @@ tab to provide other backup options.
    * Use the *Extra float digits* field to use the specified value when dumping
      floating-point data, instead of the maximum available precision.
 
-   * Use the *Lock wait timeout* field to do not wait forever to acquire shared
-     table locks at the beginning of the dump. Instead, fail if unable to lock a
-     table within the specified timeout.
+   * Use the *Lock wait timeout* field to specify a timeout rather than waiting
+     indefinitely to acquire shared table locks at the beginning of the dump.
+     If unable to lock a table within the specified timeout, the operation will fail.
 
 Click the *Objects* tab to continue.
 
@@ -287,6 +287,6 @@ command:
 
 * Click the *Cancel* button to exit without saving work.
 
-pgAdmin will run the backup process in background. You can view all the background
-process with there running status and logs on the :ref:`Processes <processes>`
-tab
+pgAdmin will run the backup process in the background. You can view all the background
+processes with their running status and logs on the :ref:`Processes <processes>`
+tab.

docs/en_US/backup_globals_dialog.rst

@@ -34,6 +34,6 @@ statements that should be included in the backup.
 Click the *Backup* button to build and execute a command based on your
 selections; click the *Cancel* button to exit without saving work.
 
-pgAdmin will run the backup process in background. You can view all the background
-process with there running status and logs on the :ref:`Processes <processes>`
-tab
+pgAdmin will run the backup process in the background. You can view all the background
+processes with their running status and logs on the :ref:`Processes <processes>`
+tab.

docs/en_US/backup_server_dialog.rst

@@ -34,7 +34,7 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 * Move switches in the **Type of objects** field box to specify details about
   the type of objects that will be backed up.
 
-   * Move the switch next to *Only data* towards right position to limit the back
+   * Move the switch next to *Only data* to the *Yes* position to limit the back
      up to data.
 
    * Move the switch next to *Only schemas* to limit the back up to schema-level
@@ -52,39 +52,39 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 * Move switches in the **Do not save** field box to select the objects that will
   not be included in the backup.
 
-   * Move the switch next to *Owner* towards right position to exclude commands
+   * Move the switch next to *Owner* to the *Yes* position to exclude commands
      that set object ownership.
 
-   * Move the switch next to *Role passwords* towards right position to exclude
+   * Move the switch next to *Role passwords* to the *Yes* position to exclude
      passwords for roles.
 
-   * Move the switch next to *Privileges* towards right position to exclude
+   * Move the switch next to *Privileges* to the *Yes* position to exclude
      commands that create access privileges.
 
-   * Move the switch next to *Tablespaces* towards right position to exclude
+   * Move the switch next to *Tablespaces* to the *Yes* position to exclude
      tablespaces.
 
-   * Move the switch next to *Unlogged table data* towards right position to
+   * Move the switch next to *Unlogged table data* to the *Yes* position to
      exclude the contents of unlogged tables.
 
-   * Move the switch next to *Comments* towards right position to exclude
+   * Move the switch next to *Comments* to the *Yes* position to exclude
      commands that set the comments. **Note:** This option is visible only for
      database server greater than or equal to 11.
 
-   * Move the switch next to *Publications* towards right position to exclude
+   * Move the switch next to *Publications* to the *Yes* position to exclude
      publications.
 
-   * Move the switch next to *Subscriptions* towards right position to exclude
+   * Move the switch next to *Subscriptions* to the *Yes* position to exclude
      subscriptions.
 
-   * Move the switch next to *Security labels* towards right position to exclude
+   * Move the switch next to *Security labels* to the *Yes* position to exclude
      Security labels.
 
-   * Move the switch next to *Toast compressions* towards right position to exclude
+   * Move the switch next to *Toast compressions* to the *Yes* position to exclude
      Toast compressions. **Note:** This option is visible only for
      database server greater than or equal to 14.
 
-   * Move the switch next to *Table access methods* towards right position to exclude
+   * Move the switch next to *Table access methods* to the *Yes* position to exclude
      Table access methods. **Note:** This option is visible only for
      database server greater than or equal to 15.
 
@@ -95,7 +95,7 @@ tab to provide options related to data or pgAdmin objects that correspond to *pg
 Click the *Query Options* tab to continue. Use these additional fields to specify
 the type of statements that should be included in the backup.
 
-   * Move the switch next to *Use INSERT commands* towards right position to
+   * Move the switch next to *Use INSERT commands* to the *Yes* position to
      dump the data in the form of INSERT statements rather than using a COPY
      command.  Please note: this may make restoration from backup slow.
 
@@ -110,12 +110,12 @@ the type of statements that should be included in the backup.
      **Note:** This option is visible only for database server greater than or
      equal to 12.
 
-   * Move the switch next to *Include DROP DATABASE statement* towards right
+   * Move the switch next to *Include DROP DATABASE statement* to the *Yes*
      position to include a command in the backup that will drop any existing
      database object with the same name before recreating the object during a
      backup.
 
-   * Move the switch next to *Include IF EXISTS clause* towards right
+   * Move the switch next to *Include IF EXISTS clause* to the *Yes*
      position to add an IF EXISTS clause to drop databases and other objects.
      This option is not valid unless *Include DROP DATABASE statement* is also set.
 
@@ -126,11 +126,11 @@ the type of statements that should be included in the backup.
 Click the *Table Options* tab to continue. Use the fields in the *Table Options*
 tab related to tables that should be included in the backup.
 
-   * Move the switch next to *Use Column INSERTS* towards right position to dump
+   * Move the switch next to *Use Column INSERTS* to the *Yes* position to dump
      the data in the form of INSERT statements and include explicit column
      names. Please note: this may make restoration from backup slow.
 
-   * Move the switch next to *Load via partition root* towards right position,
+   * Move the switch next to *Load via partition root* to the *Yes* position,
      so when dumping a COPY or INSERT statement for a partitioned table, target
      the root of the partitioning hierarchy which contains it rather than the
      partition itself. **Note:** This option is visible only for database server
@@ -147,10 +147,10 @@ tab to provide other backup options.
   that should be excluded from the backup.
 
    * Move the switch next to *Triggers* (active when creating a data-only backup)
-     towards right position to include commands that will disable triggers on the
+     to the *Yes* position to include commands that will disable triggers on the
      target table while the data is being loaded.
 
-   * Move the switch next to *$ quoting* towards right position to enable dollar
+   * Move the switch next to *$ quoting* to the *Yes* position to enable dollar
      quoting within function bodies; if disabled, the function body will be
      quoted using SQL standard string syntax.
 
@@ -161,13 +161,13 @@ tab to provide other backup options.
 * Move switches in the **Miscellaneous** field box to specify miscellaneous
   backup options.
 
-   * Move the switch next to *Verbose messages* towards left position to instruct
+   * Move the switch next to *Verbose messages* to the *No* position to instruct
      *pg_dumpall* to exclude verbose messages.
 
-   * Move the switch next to *Force double quotes on identifiers* towards right
+   * Move the switch next to *Force double quotes on identifiers* to the *Yes*
      position to force the quoting of all identifiers.
 
-   * Move the switch next to *Use SET SESSION AUTHORIZATION* towards right
+   * Move the switch next to *Use SET SESSION AUTHORIZATION* to the *Yes*
      position to include a statement that will use a SET SESSION AUTHORIZATION
      command to determine object ownership (instead of an ALTER OWNER command).
 
@@ -177,9 +177,9 @@ tab to provide other backup options.
    * Use the *Extra float digits* field to use the specified value when dumping
      floating-point data, instead of the maximum available precision.
 
-   * Use the *Lock wait timeout* field to do not wait forever to acquire shared
-     table locks at the beginning of the dump. Instead, fail if unable to lock a
-     table within the specified timeout.
+   * Use the *Lock wait timeout* field to specify a timeout rather than waiting
+     indefinitely to acquire shared table locks at the beginning of the dump.
+     If unable to lock a table within the specified timeout, the operation will fail.
 
 When you’ve specified the details that will be incorporated into the pg_dumpall
 command:
@@ -189,6 +189,6 @@ command:
 
 * Click the *Cancel* button to exit without saving work.
 
-pgAdmin will run the backup process in background. You can view all the background
-process with there running status and logs on the :ref:`Processes <processes>`
-tab
+pgAdmin will run the backup process in the background. You can view all the background
+processes with their running status and logs on the :ref:`Processes <processes>`
+tab.

docs/en_US/cloud_aws_rds.rst

@@ -91,8 +91,8 @@ button to deploy the instance on Amazon RDS.
 
 Once you click on the finish, one background process will start which will
 deploy the instance in the cloud and monitor the progress of the deployment.
-You can view all the background process with there running status and logs
-on the :ref:`Processes <processes>` tab
+You can view all the background processes with their running status and logs
+on the :ref:`Processes <processes>` tab.
 
 The Server will be added to the tree with the cloud deployment icon. Once the
 deployment is done, the server details will be updated.

docs/en_US/cloud_azure_database.rst

@@ -107,8 +107,8 @@ button to deploy the instance on Azure Database.
 
 Once you click on the finish, one background process will start which will
 deploy the instance in the cloud and monitor the progress of the deployment.
-You can view all the background process with there running status and logs
-on the :ref:`Processes <processes>` tab
+You can view all the background processes with their running status and logs
+on the :ref:`Processes <processes>` tab.
 
 .. image:: images/cloud_azure_bg_process_watcher.png
     :alt: Cloud Deployment

docs/en_US/cloud_edb_biganimal.rst

@@ -103,8 +103,8 @@ button to deploy the instance on EDB BigAnimal.
 
 Once you click on the finish, one background process will start which will
 deploy the instance in the cloud and monitor the progress of the deployment.
-You can view all the background process with there running status and logs
-on the :ref:`Processes <processes>` tab
+You can view all the background processes with their running status and logs
+on the :ref:`Processes <processes>` tab.
 
 The Server will be added to the tree with the cloud deployment icon. Once the
 deployment is done, the server details will be updated.

docs/en_US/cloud_google_cloud_sql.rst

@@ -105,8 +105,8 @@ button to deploy the instance on Azure PostgreSQL.
 
 Once you click on the finish, one background process will start which will
 deploy the instance in the cloud and monitor the progress of the deployment.
-You can view all the background process with there running status and logs
-on the :ref:`Processes <processes>` tab
+You can view all the background processes with their running status and logs
+on the :ref:`Processes <processes>` tab.
 
 
 The Server will be added to the tree with the cloud deployment icon. Once the

docs/en_US/code_review.rst

@@ -16,7 +16,7 @@ review process for any changes submitted for inclusion in pgAdmin.
   bulk updates every year). The start date should always be 2013, and the end year
   the current year, e.g.
 
-    Copyright (C) 2013 - 2025, The pgAdmin Development Team
+    Copyright (C) 2013 - 2026, The pgAdmin Development Team
 
 * Ensure there's a blank line immediately following any copyright headers.
 

docs/en_US/coding_standards.rst

@@ -120,7 +120,7 @@ with the required file header is shown below::
     #
     # pgAdmin 4 - PostgreSQL Tools
     #
-    # Copyright (C) 2013 - 2025, The pgAdmin Development Team
+    # Copyright (C) 2013 - 2026, The pgAdmin Development Team
     # This software is released under the PostgreSQL Licence
     #
     ##########################################################################

docs/en_US/collation_dialog.rst

@@ -40,6 +40,9 @@ settings:
   as the existing one, but will be an independent object. If you choose to copy
   an existing collation, you cannot modify the collation properties displayed on
   this tab.
+* Use the drop-down listbox next to *Provider* to select a locale services associated
+  with the collation. Possible values are: icu, libc and builtin.
+  **Note:** The builtin option is available from v17 onwards.
 * Use the *Locale* field to specify a locale; a locale specifies language and
   language formatting characteristics. If you specify this, you cannot specify
   either of the following parameters. To view a list of locales supported by
@@ -50,13 +53,11 @@ settings:
 * Use the *LC_CTYPE* field to specify a locale with specified character
   classification. The locale must be applicable to the current database encoding.
   (See CREATE DATABASE for details.)
-* Use the drop-down listbox next to *Locale Provider* to select a locale services associated
-  with the collation. Possible values are: icu, libc. libc is the default.
 * Move the switch next to *Deterministic* to *YES* to specify whether the collation should use
   deterministic comparisons. By default, this option is set to true. In a
   deterministic comparison, strings that are not byte-wise equal are considered
   unequal, even if they are considered logically equal in the comparison.
-* Use the *Rules* field to specify a rules for customizing the behavior of the collation.
+* Use the *Rules* field to specify rules for customizing the behavior of the collation.
   It includes considerations such as character ordering, case sensitivity, and accent
   sensitivity.
 * Use the *Version* field to specify version string to store with the collation object.
@@ -64,8 +65,8 @@ settings:
 
 Click the *SQL* tab to continue.
 
-Your entries in the *Collation* dialog generate a SQL command (see an example b
-elow). Use the *SQL* tab for review; revisit or switch tabs to make any changes
+Your entries in the *Collation* dialog generate a SQL command (see an example
+below). Use the *SQL* tab for review; revisit or switch tabs to make any changes
 to the SQL command.
 
 Example
@@ -79,7 +80,7 @@ the *Collation* dialog:
     :align: center
 
 The example shown demonstrates creating a collation named *french* that uses the
-rules specified for the locale, *fr-BI-x-icu.  The collation is owned by
+rules specified for the locale, *fr-BI-x-icu*.  The collation is owned by
 *postgres*.
 
 * Click the *Info* button (i) to access online help. For more information about

docs/en_US/column_dialog.rst

@@ -144,7 +144,7 @@ the *Add* icon (+) to add each security label selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.

docs/en_US/container_deployment.rst

@@ -53,6 +53,7 @@ The default binary paths set in the container are as follows:
 .. code-block:: bash
 
     DEFAULT_BINARY_PATHS = {
+        'pg-18': '/usr/local/pgsql-18',
         'pg-17': '/usr/local/pgsql-17',
         'pg-16': '/usr/local/pgsql-16',
         'pg-15': '/usr/local/pgsql-15',

docs/en_US/database_dialog.rst

@@ -63,7 +63,7 @@ Use the *Definition* tab to set properties for the database:
 * Specify a connection limit in the *Connection Limit* field to configure the
   maximum number of connection requests. The default value (*-1*) allows
   unlimited connections to the database.
-* If the *templates?* is set to true, then database will be a template database.
+* If *Template?* is set to *Yes*, the database will be a template database.
 
 Click the *Security* tab to continue.
 
@@ -89,7 +89,7 @@ database. Click the *Add* icon (+) to add each security label selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.
@@ -125,8 +125,8 @@ Use the *Advanced* tab to set advanced parameters for the database.
 
 * Use *Schema restriction* field to provide a SQL restriction that will be used
   against the pg_namespace table to limit the schemas that you see.
-  For example, you might enter: *public* so that only *public* are shown in
-  the pgAdmin browser.Separate entries with a comma or tab as you type.
+  For example, you might enter: *public* so that only *public* is shown in
+  the pgAdmin browser. Separate entries with a comma or tab as you type.
 
 Click the *SQL* tab to continue.
 

docs/en_US/desktop_deployment.rst

@@ -128,3 +128,10 @@ The configuration settings are stored in *runtime_config.json* file, which
 will be available on Unix systems (~/.local/share/pgadmin/),
 on Mac OS X (~/Library/Preferences/pgadmin),
 and on Windows (%APPDATA%/pgadmin).
+
+For details on the auto-update system for the desktop application, see
+
+.. toctree::
+   :maxdepth: 1
+
+   auto_update_desktop_app

docs/en_US/developer_tools.rst

@@ -17,3 +17,4 @@ PL/SQL code.
    schema_diff
    erd_tool
    psql_tool
+   ai_tools

docs/en_US/domain_dialog.rst

@@ -89,7 +89,7 @@ Use the *Security Labels* panel to assign security labels. Click the *Add* icon
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.

docs/en_US/editgrid.rst

@@ -49,7 +49,7 @@ To modify the displayed data:
 * To change a numeric value within the grid, double-click the value to select
   the field.  Modify the content in the square in which it is displayed.
 * To change a non-numeric value within the grid, double-click the content to
-  access the edit bubble.  After modifying the contentof the edit bubble, click
+  access the edit bubble.  After modifying the content of the edit bubble, click
   the *Ok* button to display your changes in the data grid, or *Cancel* to
   exit the edit bubble without saving.
 
@@ -62,7 +62,7 @@ table. As soon as you store the data, the row is assigned a row number, and a
 fresh empty line is added to the data grid.
 
 To write a SQL NULL to the table, simply leave the field empty. When you store
-the new row, the will server fill in the default value for that column. If you
+the new row, the server will fill in the default value for that column. If you
 store a change to an existing row, the value NULL will explicitly be written.
 
 To write an empty string to the table, enter the special string '' (two single
@@ -110,9 +110,9 @@ properties of the geometries directly in map, just click the specific geometry:
 
 **JSON Data Editor**
 
-A built in json editor is provided for *JSON/JSONB Data*.Double clicking on json/jsonb
-data type cell in data grid will open JSON Editor.Editor provides different mode to
-view and edit json data.
+A built-in JSON editor is provided for *JSON/JSONB Data*. Double-clicking on a JSON/JSONB
+data type cell in the data grid will open the JSON Editor. The editor provides different modes to
+view and edit JSON data.
 
 
 .. image:: images/json_editor_modes.png
@@ -120,21 +120,21 @@ view and edit json data.
     :align: center
 
 *Code Mode*:
-Provides way to format & compact json data.Also provides ability to repair json data
-by fixing quotes and escape characters, removing comments and JSONP notation and
-turn JavaScript objects into JSON.
+Provides a way to format and compact JSON data. Also provides the ability to repair JSON data
+by fixing quotes and escape characters, removing comments and JSONP notation, and
+turning JavaScript objects into JSON.
 
 *Tree Mode*:
-Enabled to change, add, move, remove, and duplicate fields and values.Provides ability
-to searh & hilight data.
+Enables changing, adding, moving, removing, and duplicating fields and values. Provides the ability
+to search and highlight data.
 
 *Form Mode*:
-Allows only to edit values in json data there by providing ability to keep data structure
+Allows editing only the values in JSON data, thereby providing the ability to keep the data structure
 unchanged while editing.
 
 *Preview Mode*:
-Provides ability to check data before saving and also shows size of current json data.
-Format and compact json data as well.
+Provides the ability to check data before saving and also shows the size of the current JSON data.
+Allows formatting and compacting JSON data as well.
 
 
 *Editor Toolbar*
@@ -170,18 +170,18 @@ Tree/Form mode:
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
    | *Transform*          | Click to *Transform*  to filter data  using JSME query language.                       | Code, Preview, Tree       |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
-   | *Undo*               | Click to *Undo* to undo last action performed on data .                                | Code, Preview, Tree, From |
+   | *Undo*               | Click to *Undo* to undo last action performed on data.                                 | Code, Preview, Tree, Form |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
-   | *Redo*               | Click to *Redo* to repat last action performed on data .                               | Code, Preview, Tree, From |
+   | *Redo*               | Click to *Redo* to repeat last action performed on data.                               | Code, Preview, Tree, Form |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
-   | *Mode*               | Click to *Mode* dropdown to change dipaly mode of editor.Different modes avaialble     | Code, Tree, From, Preview |
-   |                      | are Code, Preview, Tree, From.                                                         |                           |
+   | *Mode*               | Click the *Mode* dropdown to change the display mode of the editor. Different modes    | Code, Tree, Form, Preview |
+   |                      | available are Code, Preview, Tree, and Form.                                           |                           |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
-   | *Expand All*         | Click to *Expand All* to expand json data.                                             | Tree, From                |
+   | *Expand All*         | Click *Expand All* to expand JSON data.                                                | Tree, Form                |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
-   | *Collapse All*       | Click to *Redo* to collapse json data.                                                 | Tree, From                |
+   | *Collapse All*       | Click *Collapse All* to collapse JSON data.                                            | Tree, Form                |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
-   | *Search Box*         | Enter partial/complete string to search in data.                                       | Tree, From                |
+   | *Search Box*         | Enter partial/complete string to search in data.                                       | Tree, Form                |
    +----------------------+----------------------------------------------------------------------------------------+---------------------------+
 
 
@@ -235,6 +235,6 @@ A View/Edit Data tab can be converted to a Query Tool Tab just by editing the qu
     :alt: Promote View/Edit Data tab to Query Tool tab warning
     :align: center
 
-You can disable the dialog by selecting the "Don't Ask again" checkbox. If you wish to resume the confirmation dialog, you can do it from "Prefrences -> Query Tool -> Editor -> Show View/Edit Data Promotion Warning?"
+You can disable the dialog by selecting the "Don't Ask again" checkbox. If you wish to resume the confirmation dialog, you can do it from "Preferences -> Query Tool -> Editor -> Show View/Edit Data Promotion Warning?"
 
 Once you chose to continue, you won't be able to use the features of View/Edit mode like the filter and sorting options, limit, etc. It is a one-way conversion. It will be a query tool now.

docs/en_US/erd_tool.rst

@@ -72,7 +72,7 @@ Export Options
    |                      | You can select the option *With DROP Table* if you wish to have DROP Table DDL statements before  |                |
    |                      | each CREATE Table DDL. You can see the option by clicking the down arrow beside the SQL button.   |                |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
-   | *Download image*     | Click the *Download image* icon to save the ERD diagram in a image formate                        | Option/Alt +   |
+   | *Download image*     | Click the *Download image* icon to save the ERD diagram in an image format.                       | Option/Alt +   |
    |                      |                                                                                                   | Ctrl + I       |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
 
@@ -86,6 +86,9 @@ Editing Options
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
    | Icon                 | Behavior                                                                                          | Shortcut       |
    +======================+===================================================================================================+================+
+   | *Search table*       | Click to search for a table in the diagram. Selecting a table from the search results will bring  | Option/Alt +   |
+   |                      | it into view and highlight it.                                                                    | Ctrl + F       |
+   +----------------------+---------------------------------------------------------------------------------------------------+----------------+
    | *Add table*          | Click this button to add a new table to the diagram. On clicking, this will open a table dialog   | Option/Alt +   |
    |                      | where you can put the table details.                                                              | Ctrl + A       |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
@@ -109,11 +112,14 @@ Table Relationship Options
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
    | Icon                 | Behavior                                                                                          | Shortcut       |
    +======================+===================================================================================================+================+
-   | *1M*                 | Click this button to open a one-to-many relationship dialog to add a relationship between the     | Option/Alt +   |
+   | *1-1*                | Click this button to open a one-to-one relationship dialog to add a relationship between the      | Option/Alt +   |
+   |                      | two tables. The selected table becomes the referencing table.                                     | Ctrl + B       |
+   +----------------------+---------------------------------------------------------------------------------------------------+----------------+
+   | *1-M*                | Click this button to open a one-to-many relationship dialog to add a relationship between the     | Option/Alt +   |
    |                      | two tables. The selected table becomes the referencing table and will have the *many* endpoint of | Ctrl + O       |
    |                      | the link.                                                                                         |                |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
-   | *MM*                 | Click this button to open a many-to-many relationship dialog to add a relationship between the    | Option/Alt +   |
+   | *M-M*                | Click this button to open a many-to-many relationship dialog to add a relationship between the    | Option/Alt +   |
    |                      | two tables. This option will create a new table based on the selected columns for the two relating| Ctrl + M       |
    |                      | tables and link them.                                                                             |                |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
@@ -129,7 +135,7 @@ Node Color Options
    | Icon                 | Behavior                                                                                                 |
    +======================+==========================================================================================================+
    | *Fill Color*         | Use Fill Color to change the background color of a table node. This is helpful if you want to            |
-   |                      | identify a of group tables. Once set, all the newly added tables will take the same color.               |
+   |                      | identify a group of tables. Once set, all the newly added tables will take the same color.               |
    +----------------------+----------------------------------------------------------------------------------------------------------+
    | *Text Color*         | Use Text Color to change the text color of a table node based on the fill color to make text             |
    |                      | easily readable.                                                                                         |
@@ -148,7 +154,7 @@ Utility Options
    | *Add/Edit note*         | Click this button to make notes on tables nodes while designing the database.                  | Option/Alt +   |
    |                         |                                                                                                | Ctrl + N       |
    +-------------------------+------------------------------------------------------------------------------------------------+----------------+
-   | *Auto align*            | Click this button to auto align all tables and links to make it look more cleaner.             | Option/Alt +   |
+   | *Auto align*            | Click this button to auto-align all tables and links to make them look cleaner.                | Option/Alt +   |
    |                         |                                                                                                | Ctrl + L       |
    +-------------------------+------------------------------------------------------------------------------------------------+----------------+
    | *Show details*          | Click this button to toggle the column details visibility. It allows you to show few or more   | Option/Alt +   |
@@ -188,7 +194,7 @@ Table Dialog
 The table dialog allows you to:
 
 * Change the table structure details.
-* It can be used edit an existing table or add a new one.
+* It can be used to edit an existing table or add a new one.
 * Refer :ref:`table dialog <table_dialog>` for information on different fields.
 
 Table Node
@@ -200,11 +206,11 @@ Table Node
 
 The table node shows table details in a graphical representation:
 
-* The top bar has a *details toggle button* that is used to toggle column details visibility. There is also a *note button* that is visible only if there is some note added. you can click on this button to quickly change the note.
+* The top bar has a *details toggle button* that is used to toggle column details visibility. There is also a *note button* that is visible only if there is some note added. You can click on this button to quickly change the note.
 * The first row shows the schema name of the table. Eg. *public* in above image.
 * The second row shows the table name. Eg. *users* in above image.
 * All other rows below the table name are the columns of the table along with data type. If the column is a primary key then it will have lock key icon eg. id is the primary key in above image. Otherwise, it will have column icon.
-* you can click on the node and drag to move on the canvas.
+* You can click on the node and drag to move on the canvas.
 * Upon double click on the table node or by clicking the edit button from the toolbar, the table dialog opens where you can change the table details. Refer :ref:`table dialog <table_dialog>` for information on different fields.
 
 The One to One Link Dialog
@@ -219,7 +225,7 @@ The one to one link dialog allows you to:
 * Add a one to one relationship between two tables.
 * *Local Table* is the table that references a table and has the *one* end point.
 * *Local Column* the column that references.
-* *Select Constraint* To implement one to one relationship, the *Local Column* must have primaty key or unique constraint. The default is a unique constraint. Please note that this field is visible only when the selected *Local Column* does not have either of the mentioned constraints.
+* *Select Constraint* To implement a one-to-one relationship, the *Local Column* must have a primary key or unique constraint. The default is a unique constraint. Please note that this field is visible only when the selected *Local Column* does not have either of the mentioned constraints.
 * *Referenced Table* is the table that is being referred and has the *one* end point.
 * *Referenced Column* the column that is being referred.
 
@@ -266,7 +272,7 @@ The table link shows relationship between tables:
 * The single line endpoint of the link shows the column that is being referred.
 * The three line endpoint of the link shows the column that refers.
 * If one of the columns that is being referred or that refers is removed from the table then the link will get dropped.
-* you can click on the link and drag to move on the canvas.
+* You can click on the link and drag to move on the canvas.
 
 
 The Table Notes

docs/en_US/event_trigger_dialog.rst

@@ -67,7 +67,7 @@ in the *Delete Row* popup.
 
 Click the *SQL* tab to continue.
 
-Your entries in the *Event Trigger* dialog generate a generate a SQL command.
+Your entries in the *Event Trigger* dialog generate a SQL command.
 Use the *SQL* tab for review; revisit or switch tabs to make any changes to the
 SQL command.
 

docs/en_US/export_data_using_query.rst

@@ -58,8 +58,8 @@ Click the *Query* tab to continue.
 
 Use the fields in the *Query* tab to write the query that will be exported:
 
-* Use the *Export Data Query* field to specifies A SELECT, VALUES, INSERT, UPDATE,
-  DELETE, or MERGE command whose results are to be copied .
+* Use the *Export Data Query* field to specify a SELECT, VALUES, INSERT, UPDATE,
+  DELETE, or MERGE command whose results are to be copied.
 
 * Use *Force Quote columns* field to forces quoting to be used for all non-NULL
   values in each specified column. NULL output is never quoted. This is a creatable

docs/en_US/extension_dialog.rst

@@ -23,7 +23,7 @@ Use the fields in the *General* tab to identify an extension:
 
 * Use the drop-down listbox in the *Name* field to select the extension. Each
   extension must have a unique name.
-* Move the switch next to *Cascade?* towards right position to automatically
+* Move the switch next to *Cascade?* to the *Yes* position to automatically
   install any extensions that this extension depends on that are not already
   installed.
 * Store notes about the extension in the *Comment* field.

docs/en_US/foreign_table_dialog.rst

@@ -131,7 +131,7 @@ function. Click the *Add* icon (+) to add each security label selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.

docs/en_US/function_dialog.rst

@@ -41,6 +41,9 @@ Use the fields in the *Definition* tab to define the function:
   will change to an input text field.
 * Use the drop-down listbox next to *Language* to select the implementation
   language. The default is *sql*.
+* Use the drop-down listbox next to *Depends on extensions* to select the extension that this function
+  depends on (for example, plpgsql). If set, dropping the extension will automatically drop the
+  function as well.
 * Use the fields in the *Arguments* to define an argument. Click the *Add*
   icon (+) to set parameters and values for the argument:
 
@@ -153,7 +156,7 @@ function. Click the *Add* icon (+) to add each security label selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.
@@ -164,7 +167,7 @@ in the *Delete Row* popup.
 
 Click the *SQL* tab to continue.
 
-Your entries in the *Function* dialog generate a generate a SQL command (see an
+Your entries in the *Function* dialog generate a SQL command (see an
 example below). Use the *SQL* tab for review; revisit or switch tabs to make any
 changes to the SQL command.
 
@@ -178,8 +181,8 @@ the *Function* dialog:
     :alt: Function dialog sql tab
     :align: center
 
-The example demonstrates creating an *plpgsql* function named *hire_salesmen*. The
-function have three columns (p_ename, p_sal and p_comm).
+The example demonstrates creating a *plpgsql* function named *hire_salesmen*. The
+function has three columns (p_ename, p_sal and p_comm).
 
 * Click the *Info* button (i) to access online help.
 * Click the *Save* button to save work.

docs/en_US/grant_wizard.rst

@@ -46,7 +46,7 @@ Use the fields in the *Privileges Selection* window to grant
 privileges. If you grant a privilege WITH GRANT OPTION, the Grantee will have
 the right to grant privileges on the object to others. If WITH GRANT OPTION is
 subsequently revoked, any role who received access to that object from that
-Grantee (directly or through a chain of grants) will lose thier privileges on
+Grantee (directly or through a chain of grants) will lose their privileges on
 the object.
 
 * Click the *Add* icon (+) to assign a set of privileges.

docs/en_US/import_export_servers.rst

@@ -194,4 +194,6 @@ The following example shows both a minimally defined and a fully defined server:
                 "PostConnectionSQL": "set timezone='America/New_York'"
             }
         }
-    }
+    }
+
+.. note:: If you're running pgAdmin in Server Mode, the values for parameters that require file paths should be specified relative to the user's home directory which is /<DATA_DIR>/storage/<user_id>/. If DATA_DIR is not specified, then it will be /var/lib/pgadmin/storage/<user_id>/

docs/en_US/index_dialog.rst

@@ -48,6 +48,31 @@ Use the fields in the *Definition* tab to define the index:
     * Select *brin* to create a BRIN index.  A BRIN index may improve
       performance when managing minimum and maximum values and ranges.
 
+* Use the drop-down listbox next to *Depends on extensions* to select the extension 
+  that this index depends on (for example, edbspl). If set, dropping the extension 
+  will automatically drop the index as well.
+* Move the switch next to *Only Table?* to the *Yes* position to create the index
+  only on the parent table without recursing to its partitions. This button will be
+  enabled for partition tables only. The default is *No*.
+* Move the switch next to *Unique?* to the *Yes* position to check for duplicate values
+  in the table when the index is created and when data is added. The default is *No*.
+* Move the switch next to *NULLs not distinct?* to the *Yes* position to treat null values as not distinct. 
+  The default is *No*. This option is available only on PostgreSQL 15 and above.
+* Move the *Clustered?* switch to the *Yes* position to instruct the server to
+  cluster the table.
+* Move the *Concurrent build?* switch to the *Yes* position to build the index
+  without taking any locks that prevent concurrent inserts, updates, or deletes
+  on the table.
+* Use the *Constraint* field to provide a constraint expression; a constraint
+  expression limits the entries in the index to those rows that satisfy the
+  constraint.
+
+Click the *With* tab to continue.
+
+.. image:: images/index_with.png
+    :alt: Index dialog with tab
+    :align: center
+
 * Use the *Fill Factor* field to specify a fill factor for the index. The fill
   factor specifies how full the selected method will try to fill each index
   page.
@@ -57,24 +82,12 @@ Use the fields in the *Definition* tab to define the index:
   for each entry of a BRIN index.
 * Select *Buffering* to specify whether the buffering build technique is used to build the index. The default is
   *Auto*
-* Move the switch next to *Deduplicate items?* towards the *right position* to control usage of the B-tree 
+* Move the switch next to *Deduplicate items?* to the *Yes* position to control usage of the B-tree 
   deduplication technique. The default is *Yes*. This option is available only on PostgreSQL 13 and above.
-* Move the switch next to *Fast update?* towards the *right position* to control usage of the fast update technique. 
+* Move the switch next to *Fast update?* to the *Yes* position to control usage of the fast update technique. 
   The default is *Yes*.
-* Move the switch next to *Autosummarize* towards the *right position* to define whether a summarization run is 
+* Move the switch next to *Autosummarize* to the *Yes* position to define whether a summarization run is 
   queued for the previous page range whenever an insertion is detected on the next one. The default is *No*
-* Move the switch next to *Unique?* towards the *right position* to check for duplicate values
-  in the table when the index is created and when data is added. The default is *No*.
-* Move the switch next to *NULLs not distinct?* towards the *right position* to treat null values as not distinct. 
-  The default is*No*. This option is available only on PostgreSQL 15 and above.
-* Move the *Clustered?* switch to the *Yes* position to instruct the server to
-  cluster the table.
-* Move the *Concurrent build?* switch to the *Yes* position to build the index
-  without taking any locks that prevent concurrent inserts, updates, or deletes
-  on the table.
-* Use the *Constraint* field to provide a constraint expression; a constraint
-  expression limits the entries in the index to those rows that satisfy the
-  constraint.
 
 Click the *Columns* tab to continue.
 

docs/en_US/language_dialog.rst

@@ -64,7 +64,7 @@ function. Click the *Add* icon (+) to add each security label selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.

docs/en_US/ldap.rst

@@ -87,6 +87,8 @@ There are 3 ways to configure LDAP:
    "LDAP_KEY_FILE","Specifies the path to the server private key file. This parameter
    is applicable only if you are using *ldaps* as connection protocol or you have
    set *LDAP_USE_STARTTLS* parameter to *True*."
+   "LDAP_CERT_VALIDATE", "Set this parameter to *False* if you want to bypass
+   the TLS certificate validation. By default it is set to True."
    "LDAP_IGNORE_MALFORMED_SCHEMA", "Some flaky LDAP servers returns malformed schema.
    If this parameter set to *True*, no exception will be raised and schema is thrown away
    but authentication will be done. This parameter should remain False, as recommended."

docs/en_US/licence.rst

@@ -13,7 +13,7 @@ documentation is attributed to the
 
 .. topic:: pgAdmin 4
 
-    Copyright (C) 2013 - 2025, The pgAdmin Development Team
+    Copyright (C) 2013 - 2026, The pgAdmin Development Team
 
     Permission to use, copy, modify, and distribute this software and its
     documentation for any purpose, without fee, and without a written agreement is

docs/en_US/maintenance_dialog.rst

@@ -29,31 +29,31 @@ maintenance:
    * Move the *ANALYZE* switch to the *Yes* position to issue ANALYZE commands
      whenever the content of a table has changed sufficiently.
 
-   * Move the *DISABLE PAGE SKIPPING* switch to the *Yes* position to disables
+   * Move the *DISABLE PAGE SKIPPING* switch to the *Yes* position to disable
      all page-skipping behavior.
 
-   * Move the *SKIP LOCKED* switch to the *Yes* position to specifies that
+   * Move the *SKIP LOCKED* switch to the *Yes* position to specify that
      VACUUM should not wait for any conflicting locks to be released when
      beginning work on a relation. This option is available from v12 onwards.
 
-   * Move the *TRUNCATE* switch to the *Yes* position to specifies that VACUUM
+   * Move the *TRUNCATE* switch to the *Yes* position to specify that VACUUM
      should attempt to truncate off any empty pages at the end of the table and
      allow the disk space for the truncated pages to be returned to the operating
      system. This option is available from v12 onwards.
 
-   * Move the *PROCESS TOAST* switch to the *Yes* position to specifies that
+   * Move the *PROCESS TOAST* switch to the *Yes* position to specify that
      VACUUM should attempt to process the corresponding TOAST table for each
      relation, if one exists. This option is available from v14 onwards.
 
-   * Move the *PROCESS MAIN* switch to the *Yes* position to specifies that
+   * Move the *PROCESS MAIN* switch to the *Yes* position to specify that
      VACUUM should attempt to process the main relation. This option is available
      from v16 onwards.
 
-   * Move the *SKIP DATABASE STATS* switch to the *Yes* position to specifies
+   * Move the *SKIP DATABASE STATS* switch to the *Yes* position to specify
      that VACUUM should skip updating the database-wide statistics about oldest
      unfrozen XIDs. This option is available from v16 onwards.
 
-   * Move the *ONLY DATABASE STATS* switch to the *Yes* position to specifies
+   * Move the *ONLY DATABASE STATS* switch to the *Yes* position to specify
      that VACUUM should do nothing except update the database-wide statistics
      about oldest unfrozen XIDs . This option is available from v16 onwards.
 
@@ -64,7 +64,7 @@ maintenance:
      of VACUUM in parallel using integer background workers. This option is
      available from v13 onwards.
 
-   * Use the *BUFFER USAGE LIMIT* field to specifies the Buffer Access Strategy
+   * Use the *BUFFER USAGE LIMIT* field to specify the Buffer Access Strategy
      ring buffer size for VACUUM. This size is used to calculate the number of
      shared buffers which will be reused as part of this strategy. This option
      is available from v16 onwards
@@ -78,11 +78,11 @@ maintenance:
   This enables the query optimizer to select the fastest query plan for optimal
   performance.
 
-   * Move the *SKIP LOCKED* switch to the *Yes* position to specifies that
+   * Move the *SKIP LOCKED* switch to the *Yes* position to specify that
      ANALYZE should not wait for any conflicting locks to be released when
      beginning work on a relation. This option is available from v12 onwards.
 
-   * Use the *BUFFER USAGE LIMIT* field to specifies the Buffer Access Strategy
+   * Use the *BUFFER USAGE LIMIT* field to specify the Buffer Access Strategy
      ring buffer size for ANALYZE. This size is used to calculate the number of
      shared buffers which will be reused as part of this strategy. This option
      is available from v16 onwards
@@ -103,7 +103,7 @@ maintenance:
      without taking any locks that prevent concurrent inserts, updates, or
      deletes on the table. This option is available from v12 onwards.
 
-   * Use the *TABLESPACE* field to specifies that indexes will be rebuilt on
+   * Use the *TABLESPACE* field to specify that indexes will be rebuilt on
      a new tablespace. This option is available from v14 onwards.
 
 .. image:: images/maintenance_cluster.png
@@ -118,6 +118,6 @@ switch to the *No* position; by default, status messages are included.
 When you've completed the dialog, click *OK* to start the background process;
 to exit the dialog without performing maintenance operations, click *Cancel*.
 
-pgAdmin will run the maintenance process in background. You can view all the background
-process with there running status and logs on the :ref:`Processes <processes>`
+pgAdmin will run the maintenance process in the background. You can view all the background
+processes with their running status and logs on the :ref:`Processes <processes>`
 tab.

docs/en_US/materialized_view_dialog.rst

@@ -10,7 +10,7 @@ the REFRESH MATERIALIZED VIEW command to update the content of a materialized
 view.
 
 The *Materialized View* dialog organizes the development of a materialized_view
-through the following dialog tabs: *General*, *Definition*, *Storage*,
+through the following dialog tabs: *General*, *Definition*, *Code*,
 *Parameter*, and *Security*. The *SQL* tab displays the SQL code generated by
 dialog selections.
 
@@ -31,10 +31,10 @@ Use the fields in the *General* tab to identify the materialized view:
 Click the *Definition* tab to continue.
 
 .. image:: images/materialized_view_definition.png
-    :alt: Materialized view dialog storage tab
+    :alt: Materialized view dialog definition tab
     :align: center
 
-Use the fields in the *Storage* tab to maintain the materialized view:
+Use the fields in the *Definition* tab to maintain the materialized view:
 
 * Move the *With Data* switch to the *Yes* position to specify the materialized
   view should be populated at creation time. If not, the materialized view
@@ -47,11 +47,14 @@ Use the fields in the *Storage* tab to maintain the materialized view:
 * Use the *Fill Factor* field to specify a fill factor for the materialized
   view. The fill factor for a table is a percentage between 10 and 100. 100
   (complete packing) is the default.
+* Use the drop-down listbox next to *Depends on extensions* to select the extension that this materialized view
+  depends on (for example, edbspl). If set, dropping the extension will automatically drop the
+  materialized view as well.
 
 Click the *Code* tab to continue.
 
 .. image:: images/materialized_view_code.png
-    :alt: Materialized view dialog definition tab
+    :alt: Materialized view dialog code tab
     :align: center
 
 Use the text editor field in the *Code* tab to provide the query that will
@@ -101,7 +104,7 @@ selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.

docs/en_US/menu_bar.rst

@@ -5,8 +5,10 @@
 *****************
 
 The pgAdmin menu bar provides drop-down menus for access to options, commands,
-and utilities. The menu bar displays the following selections: *File*, *Object*,
-Tools*, and *Help*. Selections may be grayed out which indicates they are
+and utilities. Its layout adapts based on your deployment: in Web mode,
+you will see *File*, *Object*, *Tools*, and *Help* menus. In Desktop mode,
+the *pgAdmin4* application menu replaces the standard *File* menu.
+Selections may be grayed out which indicates they are
 disabled for the object currently selected in the *pgAdmin* tree control.
 
 The File Menu
@@ -16,7 +18,7 @@ The File Menu
     :alt: pgAdmin file menu bar
     :align: center
 
-Use the *File* menu to access the following options:
+Use the *File* menu available in web mode to access the following options:
 
 +-------------------------+---------------------------------------------------------------------------------------------------------+
 | Option                  | Action                                                                                                  |
@@ -25,8 +27,30 @@ Use the *File* menu to access the following options:
 +-------------------------+---------------------------------------------------------------------------------------------------------+
 | *Reset Layout*          | If you have modified the workspace, click to restore the default layout.                                |
 +-------------------------+---------------------------------------------------------------------------------------------------------+
-| *Runtime*               | Click to open a submenu to Configure, View Log and Zoom settings. Only visible when pgAdmin4 runs in    |
-|                         | desktop mode. To know more about runtime menu :ref:`click here <desktop_deployment>`                    |
+
+
+The pgAdmin4 Menu
+*****************
+
+.. image:: /images/pgadmin4_menu.png
+    :alt: pgAdmin pgadmin4 menu bar
+    :align: center
+
+Use the *pgAdmin4* menu available in desktop mode to access the following options:
+
++-------------------------+---------------------------------------------------------------------------------------------------------+
+| Option                  | Action                                                                                                  |
++=========================+=========================================================================================================+
+| *About pgAdmin 4*       | Provide pgadmin4 configuration information like version, mode etc.                                      |
++-------------------------+---------------------------------------------------------------------------------------------------------+
+| *Preferences/settings*  | Click to open the :ref:`Preferences <preferences>` dialog to customize your pgAdmin settings.           |
++-------------------------+---------------------------------------------------------------------------------------------------------+
+| *Reset Layout*          | If you have modified the workspace, click to restore the default layout.                                |
++-------------------------+---------------------------------------------------------------------------------------------------------+
+| *View Logs*             | This will show current pgadmin4 logs.                                                                   |
++-------------------------+---------------------------------------------------------------------------------------------------------+
+| *Configure runtime*     | Click to open a  window that allows to configure application port, connection timeout to launch the     |
+|                         | application. To know more about runtime menu :ref:`click here <desktop_deployment>`                     |
 +-------------------------+---------------------------------------------------------------------------------------------------------+
 
 The Object Menu
@@ -63,11 +87,11 @@ following options (in alphabetical order):
 | *Create*                    | Click *Create* to access a context menu that provides context-sensitive selections.                                      |
 |                             | Your selection opens a *Create* dialog for creating a new object.                                                        |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
-| *Delete*                    | Click to delete the currently selected object from the server.                                                           |
+| *Drop*                      | Click to drop the currently selected object from the server.                                                             |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
-| *Delete (Cascade)*          | Click to delete the currently selected object and all dependent objects from the server.                                 |
+| *Drop (Cascade)*            | Click to drop the currently selected object and all dependent objects from the server.                                   |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
-| *Delete (Force)*            | Click to delete the currently selected database with force option.                                                       |
+| *Drop (Force)*              | Click to drop the currently selected database with force option.                                                         |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
 | *Disconnect from server*    | Click to disconnect from the currently selected server.                                                                  |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
@@ -81,9 +105,9 @@ following options (in alphabetical order):
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
 | *Trigger(s)*                | Click to *Disable* or *Enable* trigger(s) for the currently selected table. Options are displayed on the flyout menu.    |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
-| *Truncate*                  | Click to remove all rows from a table (*Truncate*), to remove all rows from a table and its child tables                 |
-|                             | (*Truncate Cascade*) or to remove all rows from a table and automatically restart sequences owned by columns             |
-|                             | (*Truncate Restart Identity*). Options are displayed on the flyout menu.                                                 |
+| *Truncate*                  | Click to remove all rows from a table/foreign tables (*Truncate*), to remove all rows from a table/foreign tables and    |
+|                             | its child tables (*Truncate Cascade*) or to remove all rows from a table/foreign tables and automatically restart        |
+|                             | sequences owned by columns (*Truncate Restart Identity*). Options are displayed on the flyout menu.                      |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
 | *View Data*                 | Click to access a context menu that provides several options for viewing data (see below).                               |
 +-----------------------------+--------------------------------------------------------------------------------------------------------------------------+
@@ -132,6 +156,12 @@ Use the *Tools* menu to access the following options (in alphabetical order):
 +------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
 | *Search Objects...*          | Click to open the :ref:`Search Objects... <search_objects>` and start searching any kind of objects in a database.                        |
 +------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+| *AI Reports*                 | Click to access a submenu with AI-powered analysis options (requires :ref:`AI configuration <ai_tools>`):                                 |
+|                              |                                                                                                                                           |
+|                              | - *Security Report* - Generate an AI-powered security analysis for the selected server, database, or schema.                              |
+|                              | - *Performance Report* - Generate an AI-powered performance analysis for the selected server or database.                                 |
+|                              | - *Design Report* - Generate an AI-powered design review for the selected database or schema.                                             |
++------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
 | *Add named restore point*    | Click to open the :ref:`Add named restore point... <add_restore_point_dialog>` dialog to take a point-in-time snapshot of the current     |
 |                              | server state.                                                                                                                             |
 +------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+

docs/en_US/oauth2.rst

@@ -1,15 +1,40 @@
 .. _oauth2:
 
-*****************************************
-`Enabling OAUTH2 Authentication`:index:
-*****************************************
+*******************************************************
+`Enabling OAUTH2 and OIDC Authentication`:index:
+*******************************************************
 
 
-To enable OAUTH2 authentication for pgAdmin, you must configure the OAUTH2
-settings in the *config_local.py* or *config_system.py* file (see the
-:ref:`config.py <config_py>` documentation) on the system where pgAdmin is
-installed in Server mode. You can copy these settings from *config.py* file
-and modify the values for the following parameters:
+To enable OAUTH2 or OpenID Connect (OIDC) authentication for pgAdmin, you must
+configure the OAUTH2 settings in the *config_local.py* or *config_system.py*
+file (see the :ref:`config.py <config_py>` documentation) on the system where
+pgAdmin is installed in Server mode. You can copy these settings from *config.py*
+file and modify the values for the following parameters.
+
+OAuth2 vs OpenID Connect (OIDC)
+================================
+
+pgAdmin supports both OAuth2 and OIDC authentication protocols:
+
+**OAuth2** is an authorization framework that allows third-party applications to
+obtain limited access to user accounts. When using OAuth2, pgAdmin must explicitly
+call the provider's userinfo endpoint to retrieve user profile information.
+
+**OpenID Connect (OIDC)** is an identity layer built on top of OAuth2 that provides
+standardized user authentication and profile information. When using OIDC, user
+identity information is included directly in the ID token, which is more efficient
+and secure.
+
+.. note::
+   When **OAUTH2_SERVER_METADATA_URL** is configured, pgAdmin treats the provider
+   as an OIDC provider and will:
+
+   - Use ID token claims for user identity (sub, email, preferred_username)
+   - Skip the userinfo endpoint call when ID token contains sufficient information
+   - Validate the ID token automatically using the provider's public keys
+
+   This is the **recommended approach** for modern identity providers like
+   Microsoft Entra ID (Azure AD), Google, Keycloak, Auth0, and Okta.
 
 
 .. _AzureAD: https://learn.microsoft.com/en-us/security/zero-trust/develop/configure-tokens-group-claims-app-roles
@@ -23,31 +48,32 @@ and modify the values for the following parameters:
 
    "AUTHENTICATION_SOURCES", "The default value for this parameter is *internal*.
    To enable OAUTH2 authentication, you must include *oauth2* in the list of values
-   for this parameter. you can modify the value as follows:
+   for this parameter. You can modify the value as follows:
 
    * [‘oauth2’, ‘internal’]: pgAdmin will display an additional button for authenticating with oauth2"
     "OAUTH2_NAME", "The name of the Oauth2 provider, ex: Google, Github"
     "OAUTH2_DISPLAY_NAME", "Oauth2 display name in pgAdmin"
     "OAUTH2_CLIENT_ID", "Oauth2 Client ID"
-    "OAUTH2_CLIENT_SECRET", "Oauth2 Client Secret"
+    "OAUTH2_CLIENT_SECRET", "Oauth2 Client Secret. **Optional for public clients using Authorization Code + PKCE**. For confidential clients (server-side apps), keep this set. For public clients (no secret), pgAdmin will enforce PKCE and perform an unauthenticated token exchange."
+    "OAUTH2_CLIENT_AUTH_METHOD", "Client authentication method for the token endpoint. Default behavior uses *OAUTH2_CLIENT_SECRET* (confidential client), or PKCE when no secret is provided (public client). Set to *workload_identity* to authenticate using an Azure Entra ID workload identity (federated credential) without a client secret."
+    "OAUTH2_WORKLOAD_IDENTITY_TOKEN_FILE", "When **OAUTH2_CLIENT_AUTH_METHOD** is *workload_identity*, path to the projected OIDC token file (Kubernetes service account JWT). This file must exist at pgAdmin startup."
     "OAUTH2_TOKEN_URL", "Oauth2 Access Token endpoint"
     "OAUTH2_AUTHORIZATION_URL", "Endpoint for user authorization"
-    "OAUTH2_SERVER_METADATA_URL", "Server metadata url for your OAuth2 provider"
+    "OAUTH2_SERVER_METADATA_URL", "**OIDC Discovery URL** (recommended for OIDC providers). When set, pgAdmin will use OIDC flow with automatic ID token validation and user claims from the ID token. Example: *https://login.microsoftonline.com/{tenant}/v2.0/.well-known/openid-configuration*. When using this parameter, OAUTH2_TOKEN_URL and OAUTH2_AUTHORIZATION_URL are optional as they will be discovered automatically."
     "OAUTH2_API_BASE_URL", "Oauth2 base URL endpoint to make requests simple, ex: *https://api.github.com/*"
-    "OAUTH2_USERINFO_ENDPOINT", "User Endpoint, ex: *user* (for github, or *user/emails* if the user's email address is private) and *userinfo* (for google),"
-    "OAUTH2_SCOPE", "Oauth scope, ex: 'openid email profile'. Note that an 'email' claim is required in the resulting profile."
+    "OAUTH2_USERINFO_ENDPOINT", "User Endpoint, ex: *user* (for github, or *user/emails* if the user's email address is private) and *userinfo* (for google). **For OIDC providers**, this is optional if the ID token contains sufficient claims (email, preferred_username, or sub)."
+    "OAUTH2_SCOPE", "Oauth scope, ex: 'openid email profile'. **For OIDC providers**, include 'openid' scope to receive an ID token."
     "OAUTH2_ICON", "The Font-awesome icon to be placed on the oauth2 button,  ex: fa-github"
     "OAUTH2_BUTTON_COLOR", "Oauth2 button color"
-    "OAUTH2_USERNAME_CLAIM", "The claim which is used for the username. If the value is empty
-    the email is used as username, but if a value is provided, the claim has to exist. Ex: *oid* (for AzureAD), *email* (for Github)"
+    "OAUTH2_USERNAME_CLAIM", "The claim which is used for the username. If the value is empty, **for OIDC providers** pgAdmin will use: 1) email, 2) preferred_username, or 3) sub (in that order). **For OAuth2 providers** without OIDC, email is required. Ex: *oid* (for AzureAD), *email* (for Github), *preferred_username* (for Keycloak)"
     "OAUTH2_AUTO_CREATE_USER", "Set the value to *True* if you want to automatically
     create a pgAdmin user corresponding to a successfully authenticated Oauth2 user.
     Please note that password is not stored in the pgAdmin database."
-    "OAUTH2_ADDITIONAL_CLAIMS", "If a dictionary is provided, pgAdmin will check for a matching key and value on the userinfo endpoint 
-    and in the Id Token. In case there is no match with the provided config, the user will receive an authorization error.
-    Useful for checking AzureAD_ *wids* or *groups*, GitLab_ *owner*, *maintainer* and *reporter* claims."
+    "OAUTH2_ADDITIONAL_CLAIMS", "If a dictionary is provided, pgAdmin will check for a matching key and value on the **ID token first** (for OIDC providers), then fall back to the userinfo endpoint response. In case there is no match with the provided config, the user will receive an authorization error. Useful for checking AzureAD_ *wids* or *groups*, GitLab_ *owner*, *maintainer* and *reporter* claims."
     "OAUTH2_SSL_CERT_VERIFICATION", "Set this variable to False to disable SSL certificate verification for OAuth2 provider.
     This may need to set False, in case of self-signed certificates."
+    "OAUTH2_CHALLENGE_METHOD", "Enable PKCE workflow. PKCE method name, only *S256* is supported"
+    "OAUTH2_RESPONSE_TYPE", "Enable PKCE workflow. Mandatory with OAUTH2_CHALLENGE_METHOD, must be set to *code*"
 
 Redirect URL
 ============
@@ -65,12 +91,256 @@ the PostgreSQL server password.
 To accomplish this, set the configuration parameter MASTER_PASSWORD to *True*, so upon setting the master password,
 it will be used as an encryption key while storing the password. If it is False, the server password can not be stored.
 
-
 Login Page
-============
+==========
 
 After configuration, on restart, you can see the login page with the Oauth2 login button(s).
 
 .. image:: images/oauth2_login.png
     :alt: Oauth2 login
     :align: center
+
+PKCE Workflow
+=============
+
+Ref: https://oauth.net/2/pkce
+
+To enable PKCE workflow, set the configuration parameters OAUTH2_CHALLENGE_METHOD to *S256* and OAUTH2_RESPONSE_TYPE to *code*.
+Both parameters are mandatory to enable PKCE workflow.
+
+Public vs Confidential OAuth Clients
+====================================
+
+OAuth providers support two common client types:
+
+- **Confidential clients** have a client secret and can authenticate to the token endpoint.
+- **Public clients** do not have a client secret (or the secret cannot be safely stored).
+
+pgAdmin supports interactive user login for both client types:
+
+- If **OAUTH2_CLIENT_SECRET** is set, pgAdmin treats the provider as a confidential client.
+- If **OAUTH2_CLIENT_SECRET** is missing, empty, or set to *None*, pgAdmin treats the provider as a public client and **requires PKCE**.
+
+.. note::
+    For public clients, pgAdmin uses Authlib's native behavior to perform an **unauthenticated token exchange**
+    (token endpoint client authentication method: ``none``). This is required for Authorization Code + PKCE
+    flows where no client secret is available.
+
+Azure Entra ID Workload Identity (AKS) (No Client Secret)
+=========================================================
+
+pgAdmin can authenticate to Microsoft Entra ID (Azure AD) **without a client secret** using an
+AKS Workload Identity projected service account token (OIDC federated credential).
+
+This is a **confidential client** scenario (server-side app), but client authentication to the token
+endpoint is performed using a **JWT client assertion**.
+
+Enable workload identity mode
+-----------------------------
+
+Set the following parameters in your provider configuration:
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        'OAUTH2_NAME': 'entra-workload-identity',
+        'OAUTH2_DISPLAY_NAME': 'Microsoft Entra ID',
+        'OAUTH2_CLIENT_ID': '<Application (client) ID>',
+        'OAUTH2_CLIENT_SECRET': None,  # not required
+        'OAUTH2_CLIENT_AUTH_METHOD': 'workload_identity',
+        'OAUTH2_WORKLOAD_IDENTITY_TOKEN_FILE':
+            '/var/run/secrets/azure/tokens/azure-identity-token',
+        'OAUTH2_SERVER_METADATA_URL':
+            'https://login.microsoftonline.com/<tenant-id>/v2.0/.well-known/openid-configuration',
+        'OAUTH2_SCOPE': 'openid email profile',
+    }]
+
+With this configuration:
+
+- pgAdmin will **not** require **OAUTH2_CLIENT_SECRET**.
+- pgAdmin will **not** use PKCE for this provider.
+- During the token exchange, pgAdmin will send:
+
+    - ``client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer``
+    - ``client_assertion=<projected service account JWT>``
+
+Azure App Registration setup
+----------------------------
+
+In Microsoft Entra ID:
+
+- Create an **App registration** for pgAdmin.
+- Configure a **Redirect URI** to ``<http/https>://<pgAdmin Server URL>/oauth2/authorize``.
+- In **Certificates & secrets**, you do **not** need to create a client secret for workload identity.
+
+Federated credential (workload identity) configuration
+------------------------------------------------------
+
+Add a **Federated credential** to the App registration:
+
+- **Issuer**: your AKS cluster OIDC issuer URL.
+- **Subject**: ``system:serviceaccount:<namespace>:<serviceaccount-name>``
+- **Audience**: typically ``api://AzureADTokenExchange``
+
+AKS ServiceAccount example
+--------------------------
+
+Example ServiceAccount for AKS Workload Identity:
+
+.. code-block:: yaml
+
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: pgadmin
+      namespace: pgadmin
+      annotations:
+        azure.workload.identity/client-id: "<Application (client) ID>"
+    ---
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: pgadmin
+      namespace: pgadmin
+    spec:
+      template:
+        metadata:
+          labels:
+            azure.workload.identity/use: "true"
+        spec:
+          serviceAccountName: pgadmin
+
+.. note::
+    The projected token file path can vary by cluster configuration.
+    In many AKS setups it is provided via the ``AZURE_FEDERATED_TOKEN_FILE`` environment
+    variable and mounted under ``/var/run/secrets/azure/tokens/``.
+
+OIDC Configuration Examples
+============================
+
+Using OIDC with Discovery Metadata (Recommended)
+-------------------------------------------------
+
+When using OIDC providers, configure the **OAUTH2_SERVER_METADATA_URL** parameter
+to enable automatic discovery and ID token validation:
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        'OAUTH2_NAME': 'my-oidc-provider',
+        'OAUTH2_DISPLAY_NAME': 'My OIDC Provider',
+        'OAUTH2_CLIENT_ID': 'your-client-id',
+        'OAUTH2_CLIENT_SECRET': 'your-client-secret',
+        'OAUTH2_SERVER_METADATA_URL': 'https://provider.example.com/.well-known/openid-configuration',
+        'OAUTH2_SCOPE': 'openid email profile',
+        # OAUTH2_USERINFO_ENDPOINT is optional when using OIDC
+        # Token and authorization URLs are discovered automatically
+    }]
+
+With this configuration:
+
+- pgAdmin will use the OIDC discovery endpoint to automatically find token and authorization URLs
+- User identity will be extracted from ID token claims (sub, email, preferred_username)
+- The userinfo endpoint will only be called as a fallback if ID token lacks required claims
+- ID token will be automatically validated using the provider's public keys
+
+Using OIDC as a Public Client (No Client Secret) with PKCE
+-----------------------------------------------------------
+
+If your OAuth/OIDC application is configured as a **public client** (no client secret), pgAdmin can still perform
+interactive user login using Authorization Code + PKCE.
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        'OAUTH2_NAME': 'my-oidc-public',
+        'OAUTH2_DISPLAY_NAME': 'My OIDC Provider (Public Client)',
+        'OAUTH2_CLIENT_ID': 'your-client-id',
+        # Public client: omit OAUTH2_CLIENT_SECRET or set it to None/empty.
+        'OAUTH2_CLIENT_SECRET': None,
+        'OAUTH2_SERVER_METADATA_URL': 'https://provider.example.com/.well-known/openid-configuration',
+        'OAUTH2_SCOPE': 'openid email profile',
+        # PKCE is mandatory for public clients
+        'OAUTH2_CHALLENGE_METHOD': 'S256',
+        'OAUTH2_RESPONSE_TYPE': 'code',
+    }]
+
+With this configuration:
+
+- pgAdmin enforces PKCE (challenge method + response type)
+- The token exchange is performed without a client secret
+
+Username Resolution for OIDC
+-----------------------------
+
+When **OAUTH2_SERVER_METADATA_URL** is configured (OIDC mode), pgAdmin will
+resolve the username in the following order:
+
+1. **OAUTH2_USERNAME_CLAIM** (if configured) - checks ID token first, then userinfo
+2. **email** claim from ID token or userinfo endpoint
+3. **preferred_username** claim from ID token (standard OIDC claim)
+4. **sub** claim from ID token (always present in OIDC, used as last resort)
+
+Example with custom username claim:
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        # ... other config ...
+        'OAUTH2_USERNAME_CLAIM': 'preferred_username',
+        # pgAdmin will use 'preferred_username' from ID token for the username
+    }]
+
+Example without custom claim (uses automatic fallback):
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        # ... other config ...
+        # No OAUTH2_USERNAME_CLAIM specified
+        # pgAdmin will try: email -> preferred_username -> sub
+    }]
+
+Additional Claims Authorization with OIDC
+------------------------------------------
+
+When using **OAUTH2_ADDITIONAL_CLAIMS** with OIDC providers, pgAdmin will:
+
+1. Check the ID token claims first (more secure, no additional network call)
+2. Fall back to userinfo endpoint response if needed
+
+Example:
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        # ... other config ...
+        'OAUTH2_ADDITIONAL_CLAIMS': {
+            'groups': ['admin-group', 'pgadmin-users'],
+            'roles': ['database-admin']
+        },
+        # pgAdmin will check these claims in ID token first,
+        # then userinfo endpoint if not found
+    }]
+
+Legacy OAuth2 Configuration (Without OIDC)
+-------------------------------------------
+
+For providers that don't support OIDC discovery, configure all endpoints manually:
+
+.. code-block:: python
+
+    OAUTH2_CONFIG = [{
+        'OAUTH2_NAME': 'github',
+        'OAUTH2_DISPLAY_NAME': 'GitHub',
+        'OAUTH2_CLIENT_ID': 'your-client-id',
+        'OAUTH2_CLIENT_SECRET': 'your-client-secret',
+        'OAUTH2_TOKEN_URL': 'https://github.com/login/oauth/access_token',
+        'OAUTH2_AUTHORIZATION_URL': 'https://github.com/login/oauth/authorize',
+        'OAUTH2_API_BASE_URL': 'https://api.github.com/',
+        'OAUTH2_USERINFO_ENDPOINT': 'user',
+        'OAUTH2_SCOPE': 'user:email',
+        # No OAUTH2_SERVER_METADATA_URL - pure OAuth2 mode
+    }]
+
+In this mode, user identity is retrieved only from the userinfo endpoint.

docs/en_US/preferences.rst

@@ -27,6 +27,83 @@ The left pane of the *Preferences* tab displays a tree control; each node of
 the tree control provides access to options that are related to the node under
 which they are displayed.
 
+The AI Node
+***********
+
+Use preferences found in the *AI* node of the tree control to configure
+AI-powered features and LLM (Large Language Model) providers.
+
+.. image:: images/preferences_ai.png
+    :alt: Preferences AI section
+    :align: center
+
+**Note:** AI features must be enabled in the server configuration (``LLM_ENABLED = True``
+in ``config.py``) for these preferences to be available.
+
+Use the fields on the *AI* panel to configure your LLM provider:
+
+* Use the *Default Provider* drop-down to select your LLM provider. Options include:
+  *Anthropic*, *OpenAI*, *Ollama*, or *Docker Model Runner*.
+
+**Anthropic Settings:**
+
+* Use the *API URL* field to set a custom API endpoint URL. Leave empty to use
+  the default Anthropic API (``https://api.anthropic.com/v1``). Set a custom URL
+  to use an Anthropic-compatible API provider.
+
+* Use the *API Key File* field to specify the path to a file containing your
+  Anthropic API key. This path refers to the filesystem where the pgAdmin
+  server is running (e.g., inside the container if using Docker). The ``~``
+  prefix is expanded to the home directory of the user running the pgAdmin
+  server process. The API key may be optional when using a custom API URL
+  with a provider that does not require authentication.
+
+* Use the *Model* field to select from the available Claude models. Click the
+  refresh button to fetch the latest available models from your configured
+  endpoint.
+
+**OpenAI Settings:**
+
+* Use the *API URL* field to set a custom API endpoint URL. Leave empty to use
+  the default OpenAI API (``https://api.openai.com/v1``). Set a custom URL to
+  use any OpenAI-compatible API provider (e.g., LiteLLM, LM Studio, EXO).
+  Include the ``/v1`` path prefix if required by your provider
+  (e.g., ``http://localhost:1234/v1``).
+
+* Use the *API Key File* field to specify the path to a file containing your
+  OpenAI API key. This path refers to the filesystem where the pgAdmin
+  server is running (e.g., inside the container if using Docker). The ``~``
+  prefix is expanded to the home directory of the user running the pgAdmin
+  server process. The API key may be optional when using a custom API URL
+  with a provider that does not require authentication.
+
+* Use the *Model* field to select from the available GPT models. Click the
+  refresh button to fetch the latest available models from your configured
+  endpoint.
+
+**Ollama Settings:**
+
+* Use the *API URL* field to specify the Ollama server URL
+  (default: ``http://localhost:11434``).
+
+* Use the *Model* field to select from the available models or enter a custom
+  model name (e.g., ``llama2``, ``mistral``). Click the refresh button to fetch
+  the latest available models from your Ollama server.
+
+**Docker Model Runner Settings:**
+
+* Use the *API URL* field to specify the Docker Model Runner API URL
+  (default: ``http://localhost:12434``). Available in Docker Desktop 4.40+.
+
+* Use the *Model* field to select from the available models or enter a custom
+  model name. Click the refresh button to fetch the latest available models
+  from your Docker Model Runner.
+
+.. note:: You can also use the *OpenAI* provider with a custom API URL for any
+   OpenAI-compatible endpoint, including Docker Model Runner, LM Studio, EXO,
+   and other local inference servers. This can be useful when you want to use
+   a provider that isn't explicitly listed but supports the OpenAI API format.
+
 The Browser Node
 ****************
 
@@ -60,6 +137,9 @@ Use the fields on the *Display* panel to specify general display preferences:
   all the shared servers from the object explorer. **Note:** This option is visible only when
   pgAdmin is running in server mode.
 
+* When the *Show column data type?* switch is turned off, then the data types 
+  of the columns will not be displayed alongside their column names.
+
 * When the *Show empty object collections?* switch is turned off, then all object
   collections which are empty will be hidden from browser tree.
 
@@ -101,7 +181,7 @@ related settings:
     :align: center
 
 * Use *Enable object breadcrumbs?* to enable or disable object breadcrumbs
-  displayed on on object mouse hover.
+  displayed on object mouse hover.
 
 * Use *Show comment with object breadcrumbs?* to enable or disable the
   comment visibility which comes displayed with object breadcrumbs.
@@ -139,11 +219,11 @@ Use field on *Tab settings* panel to specify the tab related properties.
 
 * Use *Debugger tab title placeholder* field to customize the Debugger tab title.
 
-* When the *Dynamic tab size* If set to True, the tabs will take full size as per the title, it will also applicable for already opened tabs
+* When the *Dynamic tab size* switch is set to *True*, the tabs will take full size as per the title. This will also apply to already opened tabs.
 
 * Use the *PSQL tool tab title placeholder* field to customize the PSQL tool tab title.
 
-* When the *Open in new browser tab* filed is selected for Query tool, Schema Diff or Debugger, it will
+* When the *Open in new browser tab* field is selected for Query tool, Schema Diff or Debugger, it will
   open in a new browser tab when invoked.
 
 * Use the *Query tool tab title placeholder* field to customize the query tool tab title.
@@ -172,7 +252,7 @@ Expand the *Dashboards* node to specify your dashboard display preferences.
     :alt: Preferences dashboard refresh options
     :align: center
 
-Use the fields on the *Refresh rates* panel to specify your refersh rates
+Use the fields on the *Refresh rates* panel to specify your refresh rate
 preferences for the graphs on the *Dashboard* tab:
 
 * Use the *Average load statistics refresh rate* field to specify the number of
@@ -254,6 +334,12 @@ Use the fields on the *Options* panel to manage ERD preferences.
 * Use *Cardinality Notation* to change the cardinality notation format
   used to present relationship links.
 
+* Use *Format ERD Project File?* if you want to format the .pgerd ERD
+  project file. It's a JSON file which will be formatted.
+
+* Use *Image Download Resolution* to change the ERD image download
+  resolution. Higher values will use higher memory and slower rendering.
+
 * When the *SQL With DROP Table* switch is set to *True*, the SQL
   generated by the ERD Tool will add DROP table DDL before each CREATE
   table DDL.
@@ -262,6 +348,93 @@ Use the fields on the *Options* panel to manage ERD preferences.
   It allows to set the limit on the depth level pgAdmin should traverse
   to find the relations. Use -1 to set no limit.
 
+
+The Editor Node
+*****************
+
+Expand the *Editor* node to access panels that allow you to specify your preferences
+for the editor across pgAdmin 4
+
+.. image:: images/preferences_editor_keyboard_shortcuts.png
+    :alt: Preferences editor keyboard shortcuts section
+    :align: center
+
+Use the fields on the *Keyboard shortcuts* panel to configure shortcuts for the
+editor.
+
+.. image:: images/preferences_editor_options.png
+    :alt: Preferences editor options section
+    :align: center
+
+Use the fields on the *Options* panel to manage editor preferences.
+
+* Use the *Auto-indent new line?* switch to specify whether the editor will
+  automatically indent new lines. When set to *True*, the editor will indent
+  new lines according to the indentation of the previous line.
+
+* When the *Brace matching?* switch is set to *True*, the editor will highlight
+  pairs of matched braces.
+
+* When the *Code folding?* switch is set to *False*, the editor will disable
+  code folding. Disabling will improve editor performance with large files.
+
+* Use the *Cursor blink rate* field to adjust the speed at which the text cursor
+  blinks within the editors.
+
+* Use the *Font family* field to be used for all SQL editors. The specified
+  font should already be installed on your system. If the font is not found,
+  the editor will fall back to the default font, Source Code Pro.
+
+* When the *Font ligatures?* switch is set to *True*, ligatures will be
+  enabled in SQL text boxes and editors provided the configured font family
+  supports them.
+
+* Use the *Font size* field to specify the font size that will be used in text
+  boxes and editors.
+
+* When the *Highlight selection matches?* switch is set to *True*, the editor will
+  highlight matched selected text.
+
+* When the *Insert bracket pairs?* switch is set to *True*, the editor will
+  automatically insert paired brackets.
+
+* When the *Line wrapping* switch is set to *True*, the editor will implement
+  line-wrapping behavior.
+
+* When the *Plain text mode?* switch is set to *True*, the editor mode will be
+  changed to text/plain. Keyword highlighting and code folding will be disabled.
+  This will improve editor performance with large files.
+
+.. image:: images/preferences_editor_sql_formatting.png
+    :alt: Preferences SQL Formatting section
+    :align: center
+
+Use the fields on the *SQL formatting* panel to specify your preferences for
+reformatting of SQL.
+
+* Use the *Data type case* option to specify whether to change data types
+  into upper, lower, or preserve case.
+* Use the *Expression width* option to specify maximum number of characters
+  in parenthesized expressions to be kept on single line.
+* Use the *Function case* option to specify whether to change function
+  names into upper, lower, or preserve case.
+* Use the *Identifier case* option to specify whether to change identifiers
+  (object names) into upper, lower, or capitalized case.
+* Use the *Keyword case* option to specify whether to change keywords into
+  upper, lower, or preserve case.
+* Use *Lines between queries* to specify how many empty lines to leave
+  between SQL statements. If set to zero it puts no new line.
+* Use *Logical operator new line* to specify newline placement before or
+  after logical operators (AND, OR, XOR).
+* Use *New line before semicolon?* to specify whether to place query
+  separator (;) on a separate line.
+* Use the *Spaces around operators?* option to specify whether or not to include
+  spaces on either side of operators.
+* Use the *Tab size* option to specify the number of spaces per tab or indent.
+* Use the *Use spaces?* option to select whether to use spaces or tabs when
+  indenting.
+
+
 The Graphs Node
 ***************
 
@@ -296,11 +469,17 @@ Use the fields on the *File Downloads* panel to manage file downloads related pr
 
 * When the *Automatically open downloaded files?* switch is set to *True*
   the downloaded file will automatically open in the system's default
-  application associated with that file type.
+  application associated with that file type. **Note:** This option is applicable and
+  visible only in desktop mode.
+
+* When the *Enable binary data download?* switch is set to *True*,
+  binary data can be downloaded from the result grid. Default is set to *False*
+  to prevent excessive memory usage on the server.
 
 * When the *Prompt for the download location?* switch is set to *True*
   a prompt will appear after clicking the download button, allowing you
-  to choose the download location.
+  to choose the download location. **Note:** This option is applicable and
+  visible only in desktop mode.
 
 **Note:** File Downloads related settings are applicable and visible only in desktop mode.
 
@@ -364,7 +543,7 @@ monitored databases:
   locations used by PostgreSQL.
 
 **Note:** Use the 'Validate path' button to check the existence of the utility
-programs (pg_dump, pg_dumpall, pg_restore and psql) and there respective versions.
+programs (pg_dump, pg_dumpall, pg_restore and psql) and their respective versions.
 
 .. image:: images/preferences_paths_help.png
     :alt: Preferences binary path help section
@@ -427,46 +606,6 @@ Tool display.
 * When the *Show query success notification?* switch is set to *True*, the Query Tool
   will show notifications on successful query execution.
 
-.. image:: images/preferences_sql_editor.png
-    :alt: Preferences sqleditor editor settings
-    :align: center
-
-Use the fields on the *Editor* panel to change settings of the query editor.
-
-* Use the *Auto-indent new line?* switch to specify whether the editor will
-  automatically indent new lines. When set to *True*, the editor will indent
-  new lines according to the indentation of the previous line.
-
-* When the *Brace matching?* switch is set to *True*, the editor will highlight
-  pairs of matched braces.
-
-* When the *Code folding?* switch is set to *False*, the editor will disable
-  code folding. Disabling will improve editor performance with large files.
-
-* Use the *Font family* field to be used for all SQL editors. The specified
-  font should already be installed on your system. If the font is not found,
-  the editor will fall back to the default font, Source Code Pro.
-
-* When the *Font ligatures?* switch is set to *True*, ligatures will be
-  enabled in SQL text boxes and editors provided the configured font family
-  supports them.
-
-* Use the *Font size* field to specify the font size that will be used in text
-  boxes and editors.
-
-* When the *Highlight selection matches?* switch is set to *True*, the editor will
-  highlight matched selected text.
-
-* When the *Insert bracket pairs?* switch is set to *True*, the editor will
-  automatically insert paired brackets.
-
-* When the *Line wrapping* switch is set to *True*, the editor will implement
-  line-wrapping behavior.
-
-* When the *Plain text mode?* switch is set to *True*, the editor mode will be
-  changed to text/plain. Keyword highlighting and code folding will be disabled.
-  This will improve editor performance with large files.
-
 .. image:: images/preferences_sql_explain.png
     :alt: Preferences sqleditor explain options
     :align: center
@@ -552,6 +691,10 @@ Use the fields on the *Options* panel to manage editor preferences.
   will warn upon clicking the *Execute Query* button in the query tool.  The warning
   will appear only if *Underline query at cursor?* is set to *False*.
 
+* When the *Use server cursor?* switch is set to *True*, the dataset will be fetched
+  using a server-side cursor after the query is executed.
+
+
 .. image:: images/preferences_sql_results_grid.png
     :alt: Preferences sql results grid section
     :align: center
@@ -588,34 +731,6 @@ preferences for copied data.
 Use the fields on the *Keyboard shortcuts* panel to configure shortcuts for the
 Query Tool window navigation.
 
-.. image:: images/preferences_sql_formatting.png
-    :alt: Preferences SQL Formatting section
-    :align: center
-
-Use the fields on the *SQL formatting* panel to specify your preferences for
-reformatting of SQL.
-
-* Use the *Data type case* option to specify whether to change data types
-  into upper, lower, or preserve case.
-* Use the *Expression width* option to specify maximum number of characters
-  in parenthesized expressions to be kept on single line.
-* Use the *Function case* option to specify whether to change function
-  names into upper, lower, or preserve case.
-* Use the *Identifier case* option to specify whether to change identifiers
-  (object names) into upper, lower, or capitalized case.
-* Use the *Keyword case* option to specify whether to change keywords into
-  upper, lower, or preserve case.
-* Use *Lines between queries* to specify how many empty lines to leave
-  between SQL statements. If set to zero it puts no new line.
-* Use *Logical operator new line* to specify newline placement before or
-  after logical operators (AND, OR, XOR).
-* Use *New line before semicolon?* to specify whether to place query
-  separator (;) on a separate line.
-* Use the *Spaces around operators?* option to specify whether or not to include
-  spaces on either side of operators.
-* Use the *Tab size* option to specify the number of spaces per tab or indent.
-* Use the *Use spaces?* option to select whether to use spaces or tabs when
-  indenting.
 
 The Schema Diff Node
 ********************

docs/en_US/procedure_dialog.rst

@@ -36,6 +36,9 @@ Use the fields in the *Definition* tab to define the procedure:
 
 * Use the drop-down listbox next to *Language* to select a language. The default
   is *edbspl*.
+* Use the drop-down listbox next to *Depends on extensions* to select the extension that this procedure
+  depends on (for example, edbspl). If set, dropping the extension will automatically drop the
+  procedure as well.
 * Use the fields in the *Arguments* section to define an argument. Click *Add* to set
   parameters and values for the argument:
 * Use the drop-down listbox next to *Data type* to select a data type.
@@ -132,7 +135,7 @@ procedure. Click *Add* to add each security label selection:
 
 * Specify a security label provider in the *Provider* field. The named provider
   must be loaded and must consent to the proposed labeling operation.
-* Specify a a security label in the *Security Label* field. The meaning of a
+* Specify a security label in the *Security Label* field. The meaning of a
   given label is at the discretion of the label provider. PostgreSQL places no
   restrictions on whether or how a label provider must interpret security
   labels; it merely provides a mechanism for storing them.

docs/en_US/query_tool.rst

@@ -32,8 +32,9 @@ The Query Tool features two panels:
 
 * The upper panel displays the *SQL Editor*. You can use the panel to enter,
   edit, or execute a query or a script. It also shows the *History* tab which can be used
-  to view the queries that have been executed in the session, and a *Scratch Pad*
-  which can be used to hold text snippets during editing. If the Scratch Pad is
+  to view the queries that have been executed in the session, a *Scratch Pad*
+  which can be used to hold text snippets during editing, and an *AI Assistant*
+  tab for generating SQL from natural language (when AI is configured). If the Scratch Pad is
   closed, it can be re-opened (or additional ones opened) by right-clicking in
   the SQL Editor and other panels and adding a new panel.
 * The lower panel displays the *Data Output* panel. The tabbed panel displays
@@ -201,6 +202,49 @@ can be adjusted in ``config_local.py`` or ``config_system.py`` (see the
 `MAX_QUERY_HIST_STORED` value. See the :ref:`Deployment <deployment>` section
 for more information.
 
+AI Assistant Panel
+******************
+
+The *AI Assistant* tab provides a chat-style interface for generating SQL queries
+from natural language descriptions. This feature requires an AI provider to be
+configured in *Preferences > AI*. For configuration details, see the
+:ref:`preferences` documentation.
+
+.. image:: images/query_ai_assistant.png
+    :alt: Query tool AI Assistant panel
+    :align: center
+
+To use the AI Assistant:
+
+1. Click on the *AI Assistant* tab in the upper panel, or use the *AI Assistant*
+   toolbar button.
+2. Type a description of the SQL query you need in natural language.
+3. Press Enter or click the send button to submit your request.
+4. The AI will analyze your database schema and generate appropriate SQL.
+
+The AI Assistant displays conversations with your messages and AI responses. When
+the AI generates SQL, it appears in a syntax-highlighted code block with action
+buttons:
+
+* **Insert** - Insert the SQL at the current cursor position in the SQL Editor.
+* **Replace** - Replace all content in the SQL Editor with the generated SQL.
+* **Copy** - Copy the SQL to the clipboard.
+
+The AI Assistant maintains conversation context, allowing you to refine queries
+iteratively. For example, you can ask for a query and then follow up with
+"also add a filter for active users" to modify the previous result.
+
+**Tips for effective use:**
+
+* Be specific about table and column names if you know them.
+* Describe the desired output format (e.g., "show count by category").
+* For complex queries, break down requirements step by step.
+* Use the *Clear* button to start a fresh conversation.
+
+**Note:** The AI Assistant uses database schema inspection tools to understand
+your database structure. It supports SELECT, INSERT, UPDATE, DELETE, and DDL
+statements. All generated queries should be reviewed before execution.
+
 The Data Output Panel
 *********************
 
@@ -275,6 +319,8 @@ the drop down on the right side of *Explain Analyze* button in the toolbar.
 
 Please note that pgAdmin generates the *Explain [Analyze]* plan in JSON format.
 
+**Note**: If multiple queries are present and none is selected, *Explain [Analyze]* runs the query located at the cursor position.
+
 On successful generation of *Explain* plan, it will create three tabs/panels
 under the Explain panel.
 
@@ -333,6 +379,44 @@ If planner mis-estimated number of rows (actual vs planned) by
     :alt: Query tool explain plan statistics
     :align: center
 
+* AI Insights
+
+The *AI Insights* tab provides AI-powered analysis of query execution plans,
+identifying performance bottlenecks and suggesting optimizations. This tab is
+only available when an AI provider is configured in *Preferences > AI*.
+
+.. image:: images/query_explain_ai_insights.png
+    :alt: Query tool explain plan AI insights
+    :align: center
+
+When you switch to the AI Insights tab, the AI analyzes the execution plan and
+provides:
+
+**Performance Bottlenecks** - Issues identified in the query plan, such as:
+
+* Sequential scans on large tables that could benefit from indexes
+* Significant differences between estimated and actual row counts
+* Expensive sort or hash operations
+* Nested loops with high iteration counts
+
+**Recommendations** - Concrete suggestions to improve query performance:
+
+* Index creation statements with appropriate columns
+* ANALYZE commands to update table statistics
+* Configuration parameter adjustments
+* Query restructuring suggestions
+
+Each recommendation that includes SQL (such as CREATE INDEX statements) has
+action buttons to *Copy* the SQL to the clipboard or *Insert* it into the
+Query Editor.
+
+Click the *Regenerate* button to request a fresh analysis of the current plan.
+
+**Note:** AI analysis is generated on-demand when you first click the AI Insights
+tab or when a new explain plan is generated while the tab is active. The analysis
+provides guidance but all suggested changes should be carefully evaluated before
+applying to production databases.
+
 Messages Panel
 **************
 
@@ -558,3 +642,31 @@ To execute a macro, simply select the appropriate shortcut keys, or select it fr
 .. image:: images/query_output_data.png
    :alt: Query Tool Macros Execution
    :align: center
+
+
+Server Side Cursor
+******************
+
+Server-side cursors allow partial retrieval of large datasets, making them particularly useful when working with
+very large result sets. However, they may offer lower performance in typical, everyday usage scenarios.
+
+To enable server-side cursors:
+
+* Go to Preferences > Query Tool > Options and set "Use server cursor?" to True.
+* Alternatively, you can enable it on a per-session basis via the Query Tool’s Execute menu.
+
+.. image:: images/query_tool_server_cursor_execute_menu.png
+   :alt: Query Tool Server Cursor
+   :align: center
+
+
+Limitations:
+
+1. Transaction Requirement: Server-side cursors work only in transaction mode.
+If enabled pgAdmin will automatically ensure queries run within a transaction.
+
+2. Limited Use Case: Use server-side cursors only when fetching large datasets.
+
+3. Pagination Limitation: In the Result Grid, the First and Last page buttons will be disabled,
+as server-side cursors do not return a total row count. Consequently, the total number of rows
+will not be displayed after execution.

docs/en_US/query_tool_toolbar.rst

@@ -140,20 +140,27 @@ Query Execution
    |                      |                                                                                                   |                |
    |                      | Navigate through the *Explain Options* menu to select options for the EXPLAIN command:            |                |
    |                      |                                                                                                   |                |
-   |                      |  * Select *Verbose* to display additional information regarding the query plan.                   |                |
+   |                      |  * Select *Buffers* to include information on buffer usage.                                       |                |
    |                      |                                                                                                   |                |
    |                      |  * Select *Costs* to include information on the estimated startup and total cost of each          |                |
    |                      |    plan node, as well as the estimated number of rows and the estimated width of each             |                |
    |                      |    row.                                                                                           |                |
    |                      |                                                                                                   |                |
-   |                      |  * Select *Buffers* to include information on buffer usage.                                       |                |
+   |                      |  * Select *Generic Plan* to include the information on the Generic Plan.                          |                |
+   |                      |                                                                                                   |                |
+   |                      |  * Select *Memory* to include the information on memory consumption by the query planning phase.  |                |
+   |                      |                                                                                                   |                |
+   |                      |  * Select *Serialize* to include information on the cost of serializing the query's output data,  |                |
+   |                      |    that is converting it to text or binary format to send to the client.                          |                |
+   |                      |                                                                                                   |                |
+   |                      |  * Select *Settings* to include the information on the configuration parameters.                  |                |
+   |                      |                                                                                                   |                |
+   |                      |  * Select *Summary* to include the summary information about the query plan.                      |                |
    |                      |                                                                                                   |                |
    |                      |  * Select *Timing* to include information about the startup time and the amount of time           |                |
    |                      |    spent in each node of the query.                                                               |                |
    |                      |                                                                                                   |                |
-   |                      |  * Select *Summary* to include the summary information about the query plan.                      |                |
-   |                      |                                                                                                   |                |
-   |                      |  * Select *Settings* to include the information on the configuration parameters.                  |                |
+   |                      |  * Select *Verbose* to display additional information regarding the query plan.                   |                |
    |                      |                                                                                                   |                |
    |                      |  * Select *Wal* to include the information on WAL record generation.                              |                |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
@@ -234,6 +241,8 @@ Pagination Options
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
    | *Edit Range*         | Click to open the from and to rows range inputs to allow setting them.                            |                |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
+   | *Show Entire Range*  | Click to get all the rows and set the from and to rows range                                      |                |
+   +----------------------+---------------------------------------------------------------------------------------------------+----------------+
    | *Page No*            | Enter the page no you want to jump to out of total shown next to this input                       |                |
    +----------------------+---------------------------------------------------------------------------------------------------+----------------+
    | *First Page*         | Click to go to the first page.                                                                    |                |

docs/en_US/release_notes.rst

@@ -12,6 +12,15 @@ notes for it.
    :maxdepth: 1
 
 
+   release_notes_9_14
+   release_notes_9_13
+   release_notes_9_12
+   release_notes_9_11
+   release_notes_9_10
+   release_notes_9_9
+   release_notes_9_8
+   release_notes_9_7
+   release_notes_9_6
    release_notes_9_5
    release_notes_9_4
    release_notes_9_3