diff --git a/.env.template b/.env.template
index 99f693dd..457ca803 100644
--- a/.env.template
+++ b/.env.template
@@ -472,6 +472,11 @@
 ## Setting this to true will enforce the Single Org Policy to be enabled before you can enable the Reset Password policy.
 # ENFORCE_SINGLE_ORG_WITH_RESET_PW_POLICY=false
 
+## Prefer IPv6 (AAAA) resolving
+## This settings configures the DNS resolver to resolve IPv6 first, and if not available try IPv4
+## This could be useful in IPv6 only environments.
+# DNS_PREFER_IPV6=false
+
 #####################################
 ### SSO settings (OpenID Connect) ###
 #####################################
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b04f6e8a..485101d7 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -54,7 +54,7 @@ jobs:
 
       # Checkout the repo
       - name: "Checkout"
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         with:
           persist-credentials: false
           fetch-depth: 0
@@ -80,7 +80,7 @@ jobs:
 
       # Only install the clippy and rustfmt components on the default rust-toolchain
       - name: "Install rust-toolchain version"
-        uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921 # master @ Sep 16, 2025, 8:37 PM GMT+2
+        uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e # master @ Nov 20, 2025, 7:02 PM GMT+1
         if: ${{ matrix.channel == 'rust-toolchain' }}
         with:
           toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
@@ -90,7 +90,7 @@ jobs:
 
       # Install the any other channel to be used for which we do not execute clippy and rustfmt
       - name: "Install MSRV version"
-        uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921 # master @ Sep 16, 2025, 8:37 PM GMT+2
+        uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e # master @ Nov 20, 2025, 7:02 PM GMT+1
         if: ${{ matrix.channel != 'rust-toolchain' }}
         with:
           toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
@@ -115,7 +115,7 @@ jobs:
 
       # Enable Rust Caching
       - name: Rust Caching
-        uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
+        uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
         with:
           # Use a custom prefix-key to force a fresh start. This is sometimes needed with bigger changes.
           # Like changing the build host from Ubuntu 20.04 to 22.04 for example.
diff --git a/.github/workflows/check-templates.yml b/.github/workflows/check-templates.yml
index 7a6a764a..2e02f574 100644
--- a/.github/workflows/check-templates.yml
+++ b/.github/workflows/check-templates.yml
@@ -12,7 +12,7 @@ jobs:
     steps:
       # Checkout the repo
       - name: "Checkout"
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         with:
           persist-credentials: false
       # End Checkout the repo
diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml
index 9dfd7a59..aa4a5c05 100644
--- a/.github/workflows/hadolint.yml
+++ b/.github/workflows/hadolint.yml
@@ -34,7 +34,7 @@ jobs:
       # End Download hadolint
       # Checkout the repo
       - name: Checkout
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         with:
           persist-credentials: false
       # End Checkout the repo
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 95220f42..4fd722bc 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -81,7 +81,7 @@ jobs:
 
       # Checkout the repo
       - name: Checkout
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         # We need fetch-depth of 0 so we also get all the tag metadata
         with:
           persist-credentials: false
@@ -204,7 +204,7 @@ jobs:
 
       - name: Bake ${{ matrix.base_image }} containers
         id: bake_vw
-        uses: docker/bake-action@3acf805d94d93a86cce4ca44798a76464a75b88c # v6.9.0
+        uses: docker/bake-action@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4 # v6.10.0
         env:
           BASE_TAGS: "${{ steps.determine-version.outputs.BASE_TAGS }}"
           SOURCE_COMMIT: "${{ env.SOURCE_COMMIT }}"
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 43e4d6e9..131551dc 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         with:
           persist-credentials: false
 
@@ -46,6 +46,6 @@ jobs:
           severity: CRITICAL,HIGH
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
+        uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5
         with:
           sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/typos.yml b/.github/workflows/typos.yml
index d1410d24..1210a194 100644
--- a/.github/workflows/typos.yml
+++ b/.github/workflows/typos.yml
@@ -12,11 +12,11 @@ jobs:
     steps:
       # Checkout the repo
       - name: Checkout
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         with:
           persist-credentials: false
       # End Checkout the repo
 
       # When this version is updated, do not forget to update this in `.pre-commit-config.yaml` too
       - name: Spell Check Repo
-        uses: crate-ci/typos@07d900b8fa1097806b8adb6391b0d3e0ac2fdea7 # v1.39.0
+        uses: crate-ci/typos@2d0ce569feab1f8752f1dde43cc2f2aa53236e06 # v1.40.0
diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml
index a3cd0df2..8ea25a4a 100644
--- a/.github/workflows/zizmor.yml
+++ b/.github/workflows/zizmor.yml
@@ -16,12 +16,12 @@ jobs:
       security-events: write # To write the security report
     steps:
       - name: Checkout repository
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 #v6.0.0
         with:
           persist-credentials: false
 
       - name: Run zizmor
-        uses: zizmorcore/zizmor-action@e673c3917a1aef3c65c972347ed84ccd013ecda4 # v0.2.0
+        uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0
         with:
           # intentionally not scanning the entire repository,
           # since it contains integration tests.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 6d0cb9fc..757afca2 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -53,6 +53,6 @@ repos:
         - "cd docker && make"
 # When this version is updated, do not forget to update this in `.github/workflows/typos.yaml` too
 - repo: https://github.com/crate-ci/typos
-  rev: 07d900b8fa1097806b8adb6391b0d3e0ac2fdea7 # v1.39.0
+  rev: 2d0ce569feab1f8752f1dde43cc2f2aa53236e06 # v1.40.0
   hooks:
     - id: typos
diff --git a/Cargo.lock b/Cargo.lock
index fd11484e..cd998f23 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -380,7 +380,7 @@ dependencies = [
  "bytes",
  "fastrand",
  "hex",
- "http 1.3.1",
+ "http 1.4.0",
  "ring",
  "time",
  "tokio",
@@ -507,7 +507,7 @@ dependencies = [
  "hex",
  "hmac",
  "http 0.2.12",
- "http 1.3.1",
+ "http 1.4.0",
  "percent-encoding",
  "sha2",
  "time",
@@ -538,7 +538,7 @@ dependencies = [
  "futures-core",
  "futures-util",
  "http 0.2.12",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 0.4.6",
  "percent-encoding",
  "pin-project-lite",
@@ -588,7 +588,7 @@ dependencies = [
  "bytes",
  "fastrand",
  "http 0.2.12",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 0.4.6",
  "http-body 1.0.1",
  "pin-project-lite",
@@ -607,7 +607,7 @@ dependencies = [
  "aws-smithy-types",
  "bytes",
  "http 0.2.12",
- "http 1.3.1",
+ "http 1.4.0",
  "pin-project-lite",
  "tokio",
  "tracing",
@@ -624,7 +624,7 @@ dependencies = [
  "bytes",
  "bytes-utils",
  "http 0.2.12",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 0.4.6",
  "http-body 1.0.1",
  "http-body-util",
@@ -920,9 +920,9 @@ dependencies = [
 
 [[package]]
 name = "cc"
-version = "1.2.47"
+version = "1.2.48"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cd405d82c84ff7f35739f175f67d8b9fb7687a0e84ccdc78bd3568839827cf07"
+checksum = "c481bdbf0ed3b892f6f806287d72acd515b352a4ec27a208489b8c1bc839633a"
 dependencies = [
  "find-msvc-tools",
  "jobserver",
@@ -953,7 +953,7 @@ dependencies = [
  "num-traits",
  "serde",
  "wasm-bindgen",
- "windows-link 0.2.1",
+ "windows-link",
 ]
 
 [[package]]
@@ -1511,9 +1511,9 @@ dependencies = [
 
 [[package]]
 name = "diesel_derives"
-version = "2.3.4"
+version = "2.3.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9daac6489a36e42570da165a10c424f3edcefdff70c5fd55e1847c23f3dd7562"
+checksum = "8587cbca3c929fb198e7950d761d31ca72b80aa6e07c1b7bec5879d187720436"
 dependencies = [
  "diesel_table_macro_syntax",
  "dsl_auto_type",
@@ -1524,9 +1524,9 @@ dependencies = [
 
 [[package]]
 name = "diesel_migrations"
-version = "2.3.0"
+version = "2.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ee060f709c3e3b1cadd83fcd0f61711f7a8cf493348f758d3a1c1147d70b3c97"
+checksum = "745fd255645f0f1135f9ec55c7b00e0882192af9683ab4731e4bba3da82b8f9c"
 dependencies = [
  "diesel",
  "migrations_internals",
@@ -2119,7 +2119,7 @@ dependencies = [
  "fnv",
  "futures-core",
  "futures-sink",
- "http 1.3.1",
+ "http 1.4.0",
  "indexmap 2.12.1",
  "slab",
  "tokio",
@@ -2286,20 +2286,20 @@ dependencies = [
 
 [[package]]
 name = "hostname"
-version = "0.4.1"
+version = "0.4.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a56f203cd1c76362b69e3863fd987520ac36cf70a8c92627449b2f64a8cf7d65"
+checksum = "617aaa3557aef3810a6369d0a99fac8a080891b68bd9f9812a1eeda0c0730cbd"
 dependencies = [
  "cfg-if",
  "libc",
- "windows-link 0.1.3",
+ "windows-link",
 ]
 
 [[package]]
 name = "html5gum"
-version = "0.8.0"
+version = "0.8.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ba6fbe46e93059ce8ee19fbefdb0c7699cc7197fcaac048f2c3593f3e5da845f"
+checksum = "35d7500d96557cd3dd458981d5b86f528a6c7ac1577d41408efc2928f7b06f5b"
 dependencies = [
  "jetscii",
 ]
@@ -2317,12 +2317,11 @@ dependencies = [
 
 [[package]]
 name = "http"
-version = "1.3.1"
+version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f4a85d31aea989eead29a3aaf9e1115a180df8282431156e533de47660892565"
+checksum = "e3ba2a386d7f85a81f119ad7498ebe444d2e22c2af0b86b069416ace48b3311a"
 dependencies = [
  "bytes",
- "fnv",
  "itoa",
 ]
 
@@ -2344,7 +2343,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184"
 dependencies = [
  "bytes",
- "http 1.3.1",
+ "http 1.4.0",
 ]
 
 [[package]]
@@ -2355,7 +2354,7 @@ checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a"
 dependencies = [
  "bytes",
  "futures-core",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 1.0.1",
  "pin-project-lite",
 ]
@@ -2406,7 +2405,7 @@ dependencies = [
  "futures-channel",
  "futures-core",
  "h2",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 1.0.1",
  "httparse",
  "itoa",
@@ -2423,7 +2422,7 @@ version = "0.27.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58"
 dependencies = [
- "http 1.3.1",
+ "http 1.4.0",
  "hyper 1.8.1",
  "hyper-util",
  "rustls 0.23.35",
@@ -2462,7 +2461,7 @@ dependencies = [
  "futures-channel",
  "futures-core",
  "futures-util",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 1.0.1",
  "hyper 1.8.1",
  "ipnet",
@@ -2772,9 +2771,9 @@ dependencies = [
 
 [[package]]
 name = "js-sys"
-version = "0.3.82"
+version = "0.3.83"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b011eec8cc36da2aab2d5cff675ec18454fad408585853910a202391cf9f8e65"
+checksum = "464a3709c7f55f1f721e5389aa6ea4e3bc6aba669353300af094b29ffbdde1d8"
 dependencies = [
  "once_cell",
  "wasm-bindgen",
@@ -3105,7 +3104,7 @@ dependencies = [
  "bytes",
  "encoding_rs",
  "futures-util",
- "http 1.3.1",
+ "http 1.4.0",
  "httparse",
  "memchr",
  "mime",
@@ -3293,7 +3292,7 @@ dependencies = [
  "base64 0.22.1",
  "chrono",
  "getrandom 0.2.16",
- "http 1.3.1",
+ "http 1.4.0",
  "rand 0.8.5",
  "reqwest",
  "serde",
@@ -3345,7 +3344,7 @@ dependencies = [
  "crc32c",
  "futures",
  "getrandom 0.2.16",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 1.0.1",
  "jiff",
  "log",
@@ -3372,7 +3371,7 @@ dependencies = [
  "dyn-clone",
  "ed25519-dalek",
  "hmac",
- "http 1.3.1",
+ "http 1.4.0",
  "itertools",
  "log",
  "oauth2",
@@ -3521,7 +3520,7 @@ dependencies = [
  "libc",
  "redox_syscall",
  "smallvec",
- "windows-link 0.2.1",
+ "windows-link",
 ]
 
 [[package]]
@@ -4205,7 +4204,7 @@ dependencies = [
  "hex",
  "hmac",
  "home",
- "http 1.3.1",
+ "http 1.4.0",
  "jsonwebtoken 9.3.1",
  "log",
  "once_cell",
@@ -4239,7 +4238,7 @@ dependencies = [
  "futures-core",
  "futures-util",
  "h2",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 1.0.1",
  "http-body-util",
  "hyper 1.8.1",
@@ -4560,9 +4559,9 @@ dependencies = [
 
 [[package]]
 name = "rustls-pki-types"
-version = "1.13.0"
+version = "1.13.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "94182ad936a0c91c324cd46c6511b9510ed16af436d7b5bab34beab0afd55f7a"
+checksum = "708c0f9d5f54ba0272468c1d306a52c495b31fa155e91bc25371e6df7996908c"
 dependencies = [
  "web-time",
  "zeroize",
@@ -4869,9 +4868,9 @@ dependencies = [
 
 [[package]]
 name = "serde_with"
-version = "3.16.0"
+version = "3.16.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "10574371d41b0d9b2cff89418eda27da52bcaff2cc8741db26382a77c29131f1"
+checksum = "4fa237f2807440d238e0364a218270b98f767a00d3dada77b1c53ae88940e2e7"
 dependencies = [
  "base64 0.22.1",
  "chrono",
@@ -4888,9 +4887,9 @@ dependencies = [
 
 [[package]]
 name = "serde_with_macros"
-version = "3.16.0"
+version = "3.16.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08a72d8216842fdd57820dc78d840bef99248e35fb2554ff923319e60f2d686b"
+checksum = "52a8e3ca0ca629121f70ab50f95249e5a6f925cc0f6ffe8256c45b728875706c"
 dependencies = [
  "darling 0.21.3",
  "proc-macro2",
@@ -5463,7 +5462,7 @@ dependencies = [
  "serde_spanned 1.0.3",
  "toml_datetime 0.7.3",
  "toml_parser",
- "winnow 0.7.13",
+ "winnow 0.7.14",
 ]
 
 [[package]]
@@ -5495,7 +5494,7 @@ dependencies = [
  "serde_spanned 0.6.9",
  "toml_datetime 0.6.11",
  "toml_write",
- "winnow 0.7.13",
+ "winnow 0.7.14",
 ]
 
 [[package]]
@@ -5504,7 +5503,7 @@ version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c0cbe268d35bdb4bb5a56a2de88d0ad0eb70af5384a99d648cd4b3d04039800e"
 dependencies = [
- "winnow 0.7.13",
+ "winnow 0.7.14",
 ]
 
 [[package]]
@@ -5542,14 +5541,14 @@ dependencies = [
 
 [[package]]
 name = "tower-http"
-version = "0.6.6"
+version = "0.6.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2"
+checksum = "9cf146f99d442e8e68e585f5d798ccd3cad9a7835b917e09728880a862706456"
 dependencies = [
  "bitflags",
  "bytes",
  "futures-util",
- "http 1.3.1",
+ "http 1.4.0",
  "http-body 1.0.1",
  "iri-string",
  "pin-project-lite",
@@ -5572,9 +5571,9 @@ checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3"
 
 [[package]]
 name = "tracing"
-version = "0.1.41"
+version = "0.1.43"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0"
+checksum = "2d15d90a0b5c19378952d479dc858407149d7bb45a14de0142f6c534b16fc647"
 dependencies = [
  "log",
  "pin-project-lite",
@@ -5584,9 +5583,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-attributes"
-version = "0.1.30"
+version = "0.1.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81383ab64e72a7a8b8e13130c49e3dab29def6d0c7d76a03087b3cf71c5c6903"
+checksum = "7490cfa5ec963746568740651ac6781f701c9c5ea257c58e057f3ba8cf69e8da"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -5595,9 +5594,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-core"
-version = "0.1.34"
+version = "0.1.35"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b9d12581f227e93f094d3af2ae690a574abb8a2b9b7a96e7cfe9647b2b617678"
+checksum = "7a04e24fab5c89c6a36eb8558c9656f30d81de51dfa4d3b45f26b21d61fa0a6c"
 dependencies = [
  "once_cell",
  "valuable",
@@ -5616,9 +5615,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-subscriber"
-version = "0.3.20"
+version = "0.3.22"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2054a14f5307d601f88daf0553e1cbf472acc4f2c51afab632431cdcd72124d5"
+checksum = "2f30143827ddab0d256fd843b7a66d164e9f271cfa0dde49142c5ca0ca291f1e"
 dependencies = [
  "matchers",
  "nu-ansi-term",
@@ -5653,7 +5652,7 @@ dependencies = [
  "byteorder",
  "bytes",
  "data-encoding",
- "http 1.3.1",
+ "http 1.4.0",
  "httparse",
  "log",
  "rand 0.8.5",
@@ -5804,7 +5803,7 @@ dependencies = [
  "handlebars",
  "hickory-resolver",
  "html5gum",
- "http 1.3.1",
+ "http 1.4.0",
  "job_scheduler_ng",
  "jsonwebtoken 10.2.0",
  "lettre",
@@ -5904,9 +5903,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen"
-version = "0.2.105"
+version = "0.2.106"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da95793dfc411fbbd93f5be7715b0578ec61fe87cb1a42b12eb625caa5c5ea60"
+checksum = "0d759f433fa64a2d763d1340820e46e111a7a5ab75f993d1852d70b03dbb80fd"
 dependencies = [
  "cfg-if",
  "once_cell",
@@ -5917,9 +5916,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-futures"
-version = "0.4.55"
+version = "0.4.56"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "551f88106c6d5e7ccc7cd9a16f312dd3b5d36ea8b4954304657d5dfba115d4a0"
+checksum = "836d9622d604feee9e5de25ac10e3ea5f2d65b41eac0d9ce72eb5deae707ce7c"
 dependencies = [
  "cfg-if",
  "js-sys",
@@ -5930,9 +5929,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-macro"
-version = "0.2.105"
+version = "0.2.106"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "04264334509e04a7bf8690f2384ef5265f05143a4bff3889ab7a3269adab59c2"
+checksum = "48cb0d2638f8baedbc542ed444afc0644a29166f1595371af4fecf8ce1e7eeb3"
 dependencies = [
  "quote",
  "wasm-bindgen-macro-support",
@@ -5940,9 +5939,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-macro-support"
-version = "0.2.105"
+version = "0.2.106"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "420bc339d9f322e562942d52e115d57e950d12d88983a14c79b86859ee6c7ebc"
+checksum = "cefb59d5cd5f92d9dcf80e4683949f15ca4b511f4ac0a6e14d4e1ac60c6ecd40"
 dependencies = [
  "bumpalo",
  "proc-macro2",
@@ -5953,9 +5952,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-shared"
-version = "0.2.105"
+version = "0.2.106"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "76f218a38c84bcb33c25ec7059b07847d465ce0e0a76b995e134a45adcb6af76"
+checksum = "cbc538057e648b67f72a982e708d485b2efa771e1ac05fec311f9f63e5800db4"
 dependencies = [
  "unicode-ident",
 ]
@@ -5975,9 +5974,9 @@ dependencies = [
 
 [[package]]
 name = "web-sys"
-version = "0.3.82"
+version = "0.3.83"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3a1f95c0d03a47f4ae1f7a64643a6bb97465d9b740f0fa8f90ea33915c99a9a1"
+checksum = "9b32828d774c412041098d182a8b38b16ea816958e07cf40eec2bc080ae137ac"
 dependencies = [
  "js-sys",
  "wasm-bindgen",
@@ -6135,7 +6134,7 @@ checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb"
 dependencies = [
  "windows-implement",
  "windows-interface",
- "windows-link 0.2.1",
+ "windows-link",
  "windows-result",
  "windows-strings",
 ]
@@ -6162,12 +6161,6 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "windows-link"
-version = "0.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5e6ad25900d524eaabdbbb96d20b4311e1e7ae1699af4fb28c17ae66c80d798a"
-
 [[package]]
 name = "windows-link"
 version = "0.2.1"
@@ -6180,7 +6173,7 @@ version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "02752bf7fbdcce7f2a27a742f798510f3e5ad88dbe84871e5168e2120c3d5720"
 dependencies = [
- "windows-link 0.2.1",
+ "windows-link",
  "windows-result",
  "windows-strings",
 ]
@@ -6191,7 +6184,7 @@ version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5"
 dependencies = [
- "windows-link 0.2.1",
+ "windows-link",
 ]
 
 [[package]]
@@ -6200,7 +6193,7 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091"
 dependencies = [
- "windows-link 0.2.1",
+ "windows-link",
 ]
 
 [[package]]
@@ -6245,7 +6238,7 @@ version = "0.61.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
 dependencies = [
- "windows-link 0.2.1",
+ "windows-link",
 ]
 
 [[package]]
@@ -6285,7 +6278,7 @@ version = "0.53.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4945f9f551b88e0d65f3db0bc25c33b8acea4d9e41163edf90dcd0b19f9069f3"
 dependencies = [
- "windows-link 0.2.1",
+ "windows-link",
  "windows_aarch64_gnullvm 0.53.1",
  "windows_aarch64_msvc 0.53.1",
  "windows_i686_gnu 0.53.1",
@@ -6445,9 +6438,9 @@ dependencies = [
 
 [[package]]
 name = "winnow"
-version = "0.7.13"
+version = "0.7.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "21a0236b59786fed61e2a80582dd500fe61f18b5dca67a4a067d0bc9039339cf"
+checksum = "5a5364e9d77fcdeeaa6062ced926ee3381faa2ee02d3eb83a5c27a8825540829"
 dependencies = [
  "memchr",
 ]
@@ -6559,18 +6552,18 @@ dependencies = [
 
 [[package]]
 name = "zerocopy"
-version = "0.8.28"
+version = "0.8.30"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "43fa6694ed34d6e57407afbccdeecfa268c470a7d2a5b0cf49ce9fcc345afb90"
+checksum = "4ea879c944afe8a2b25fef16bb4ba234f47c694565e97383b36f3a878219065c"
 dependencies = [
  "zerocopy-derive",
 ]
 
 [[package]]
 name = "zerocopy-derive"
-version = "0.8.28"
+version = "0.8.30"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c640b22cd9817fae95be82f0d2f90b11f7605f6c319d16705c459b27ac2cbc26"
+checksum = "cf955aa904d6040f70dc8e9384444cb1030aed272ba3cb09bbc4ab9e7c1f34f5"
 dependencies = [
  "proc-macro2",
  "quote",
diff --git a/Cargo.toml b/Cargo.toml
index 2f88aaea..55773d67 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -57,7 +57,7 @@ macros = { path = "./macros" }
 # Logging
 log = "0.4.28"
 fern = { version = "0.7.1", features = ["syslog-7", "reopen-1"] }
-tracing = { version = "0.1.41", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work
+tracing = { version = "0.1.43", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work
 
 # A `dotenv` implementation for Rust
 dotenvy = { version = "0.15.7", default-features = false }
@@ -87,8 +87,9 @@ serde = { version = "1.0.228", features = ["derive"] }
 serde_json = "1.0.145"
 
 # A safe, extensible ORM and Query builder
-diesel = { version = "2.3.3", features = ["chrono", "r2d2", "numeric"] }
-diesel_migrations = "2.3.0"
+# Currently pinned diesel to v2.3.3 as newer version break MySQL/MariaDB compatibility
+diesel = { version = "=2.3.3", features = ["chrono", "r2d2", "numeric"] }
+diesel_migrations = "2.3.1"
 
 derive_more = { version = "2.0.1", features = ["from", "into", "as_ref", "deref", "display"] }
 diesel-derive-newtype = "2.1.2"
@@ -147,7 +148,7 @@ reqwest = { version = "0.12.24", features = ["rustls-tls", "rustls-tls-native-ro
 hickory-resolver = "0.25.2"
 
 # Favicon extraction libraries
-html5gum = "0.8.0"
+html5gum = "0.8.1"
 regex = { version = "1.12.2", features = ["std", "perf", "unicode-perl"], default-features = false }
 data-url = "0.3.2"
 bytes = "1.11.0"
@@ -200,7 +201,7 @@ anyhow = { version = "1.0.100", optional = true }
 aws-config = { version = "1.8.11", features = ["behavior-version-latest", "rt-tokio", "credentials-process", "sso"], default-features = false, optional = true }
 aws-credential-types = { version = "1.2.10", optional = true }
 aws-smithy-runtime-api = { version = "1.9.2", optional = true }
-http = { version = "1.3.1", optional = true }
+http = { version = "1.4.0", optional = true }
 reqsign = { version = "0.16.5", optional = true }
 
 # Strip debuginfo from the release builds
diff --git a/migrations/mysql/2024-03-13-170000_sso_users_cascade/up.sql b/migrations/mysql/2024-03-13-170000_sso_users_cascade/up.sql
index 4e06fe58..9e5e46df 100644
--- a/migrations/mysql/2024-03-13-170000_sso_users_cascade/up.sql
+++ b/migrations/mysql/2024-03-13-170000_sso_users_cascade/up.sql
@@ -1,2 +1,15 @@
-ALTER TABLE sso_users DROP FOREIGN KEY `sso_users_ibfk_1`;
+-- Dynamically create DROP FOREIGN KEY
+-- Some versions of MySQL or MariaDB might fail if the key doesn't exists
+-- This checks if the key exists, and if so, will drop it.
+SET @drop_sso_fk = IF((SELECT true FROM information_schema.TABLE_CONSTRAINTS WHERE
+    CONSTRAINT_SCHEMA = DATABASE() AND
+    TABLE_NAME = 'sso_users' AND
+    CONSTRAINT_NAME = 'sso_users_ibfk_1' AND
+    CONSTRAINT_TYPE = 'FOREIGN KEY') = true,
+    'ALTER TABLE sso_users DROP FOREIGN KEY sso_users_ibfk_1',
+    'SELECT 1');
+PREPARE stmt FROM @drop_sso_fk;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+
 ALTER TABLE sso_users ADD FOREIGN KEY(user_uuid) REFERENCES users(uuid) ON UPDATE CASCADE ON DELETE CASCADE;
diff --git a/src/config.rs b/src/config.rs
index 5582e9b0..1b6d3183 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -789,6 +789,10 @@ make_config! {
         /// Bitwarden enforces this by default. In Vaultwarden we encouraged to use multiple organizations because groups were not available.
         /// Setting this to true will enforce the Single Org Policy to be enabled before you can enable the Reset Password policy.
         enforce_single_org_with_reset_pw_policy: bool, false, def, false;
+
+        /// Prefer IPv6 (AAAA) resolving |> This settings configures the DNS resolver to resolve IPv6 first, and if not available try IPv4
+        /// This could be useful in IPv6 only environments.
+        dns_prefer_ipv6: bool, true, def, false;
     },
 
     /// OpenID Connect SSO settings
diff --git a/src/http_client.rs b/src/http_client.rs
index b48f340c..5462ef8e 100644
--- a/src/http_client.rs
+++ b/src/http_client.rs
@@ -185,7 +185,10 @@ impl CustomDnsResolver {
 
     fn new() -> Arc<Self> {
         match TokioResolver::builder(TokioConnectionProvider::default()) {
-            Ok(builder) => {
+            Ok(mut builder) => {
+                if CONFIG.dns_prefer_ipv6() {
+                    builder.options_mut().ip_strategy = hickory_resolver::config::LookupIpStrategy::Ipv6thenIpv4;
+                }
                 let resolver = builder.build();
                 Arc::new(Self::Hickory(Arc::new(resolver)))
             }
diff --git a/src/static/scripts/admin.js b/src/static/scripts/admin.js
index f3c41942..3f6bb1df 100644
--- a/src/static/scripts/admin.js
+++ b/src/static/scripts/admin.js
@@ -1,6 +1,6 @@
 "use strict";
 /* eslint-env es2017, browser */
-/* exported BASE_URL, _post */
+/* exported BASE_URL, _post _delete */
 
 function getBaseUrl() {
     // If the base URL is `https://vaultwarden.example.com/base/path/admin/`,
diff --git a/src/static/scripts/admin_users.js b/src/static/scripts/admin_users.js
index be30e105..99e39aab 100644
--- a/src/static/scripts/admin_users.js
+++ b/src/static/scripts/admin_users.js
@@ -1,6 +1,6 @@
 "use strict";
 /* eslint-env es2017, browser, jquery */
-/* global _post:readable, BASE_URL:readable, reload:readable, jdenticon:readable */
+/* global _post:readable, _delete:readable BASE_URL:readable, reload:readable, jdenticon:readable */
 
 function deleteUser(event) {
     event.preventDefault();
diff --git a/src/static/scripts/bootstrap.bundle.js b/src/static/scripts/bootstrap.bundle.js
index 91eea7e7..93cbd3fe 100644
--- a/src/static/scripts/bootstrap.bundle.js
+++ b/src/static/scripts/bootstrap.bundle.js
@@ -1,5 +1,5 @@
 /*!
-  * Bootstrap v5.3.7 (https://getbootstrap.com/)
+  * Bootstrap v5.3.8 (https://getbootstrap.com/)
   * Copyright 2011-2025 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
   * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
   */
@@ -647,7 +647,7 @@
    * Constants
    */
 
-  const VERSION = '5.3.7';
+  const VERSION = '5.3.8';
 
   /**
    * Class definition
@@ -3690,9 +3690,6 @@
       this._element.setAttribute('aria-expanded', 'false');
       Manipulator.removeDataAttribute(this._menu, 'popper');
       EventHandler.trigger(this._element, EVENT_HIDDEN$5, relatedTarget);
-
-      // Explicitly return focus to the trigger element
-      this._element.focus();
     }
     _getConfig(config) {
       config = super._getConfig(config);
diff --git a/src/static/scripts/bootstrap.css b/src/static/scripts/bootstrap.css
index e9479ad9..b83f5079 100644
--- a/src/static/scripts/bootstrap.css
+++ b/src/static/scripts/bootstrap.css
@@ -1,6 +1,6 @@
 @charset "UTF-8";
 /*!
- * Bootstrap  v5.3.7 (https://getbootstrap.com/)
+ * Bootstrap  v5.3.8 (https://getbootstrap.com/)
  * Copyright 2011-2025 The Bootstrap Authors
  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
  */
@@ -547,6 +547,10 @@ legend + * {
   -webkit-appearance: textfield;
   outline-offset: -2px;
 }
+[type=search]::-webkit-search-cancel-button {
+  cursor: pointer;
+  filter: grayscale(1);
+}
 
 /* rtl:raw:
 [type="tel"],
@@ -6208,6 +6212,7 @@ textarea.form-control-lg {
 .spinner-grow,
 .spinner-border {
   display: inline-block;
+  flex-shrink: 0;
   width: var(--bs-spinner-width);
   height: var(--bs-spinner-height);
   vertical-align: var(--bs-spinner-vertical-align);
diff --git a/src/static/scripts/datatables.css b/src/static/scripts/datatables.css
index 4d927abf..af6a9b1e 100644
--- a/src/static/scripts/datatables.css
+++ b/src/static/scripts/datatables.css
@@ -4,20 +4,21 @@
  *
  * To rebuild or modify this file with the latest versions of the included
  * software please visit:
- *   https://datatables.net/download/#bs5/dt-2.3.2
+ *   https://datatables.net/download/#bs5/dt-2.3.5
  *
  * Included libraries:
- *   DataTables 2.3.2
+ *   DataTables 2.3.5
  */
 
 :root {
   --dt-row-selected: 13, 110, 253;
   --dt-row-selected-text: 255, 255, 255;
-  --dt-row-selected-link: 9, 10, 11;
+  --dt-row-selected-link: 228, 228, 228;
   --dt-row-stripe: 0, 0, 0;
   --dt-row-hover: 0, 0, 0;
   --dt-column-ordering: 0, 0, 0;
   --dt-header-align-items: center;
+  --dt-header-vertical-align: middle;
   --dt-html-background: white;
 }
 :root.dark {
@@ -112,7 +113,7 @@ table.dataTable thead > tr > td.dt-ordering-asc span.dt-column-order,
 table.dataTable thead > tr > td.dt-ordering-desc span.dt-column-order {
   position: relative;
   width: 12px;
-  height: 20px;
+  height: 24px;
 }
 table.dataTable thead > tr > th.dt-orderable-asc span.dt-column-order:before, table.dataTable thead > tr > th.dt-orderable-asc span.dt-column-order:after, table.dataTable thead > tr > th.dt-orderable-desc span.dt-column-order:before, table.dataTable thead > tr > th.dt-orderable-desc span.dt-column-order:after, table.dataTable thead > tr > th.dt-ordering-asc span.dt-column-order:before, table.dataTable thead > tr > th.dt-ordering-asc span.dt-column-order:after, table.dataTable thead > tr > th.dt-ordering-desc span.dt-column-order:before, table.dataTable thead > tr > th.dt-ordering-desc span.dt-column-order:after,
 table.dataTable thead > tr > td.dt-orderable-asc span.dt-column-order:before,
@@ -144,7 +145,8 @@ table.dataTable thead > tr > td.dt-ordering-asc span.dt-column-order:before,
 table.dataTable thead > tr > td.dt-ordering-desc span.dt-column-order:after {
   opacity: 0.6;
 }
-table.dataTable thead > tr > th.sorting_desc_disabled span.dt-column-order:after, table.dataTable thead > tr > th.sorting_asc_disabled span.dt-column-order:before,
+table.dataTable thead > tr > th.dt-orderable-none:not(.dt-ordering-asc, .dt-ordering-desc) span.dt-column-order:empty, table.dataTable thead > tr > th.sorting_desc_disabled span.dt-column-order:after, table.dataTable thead > tr > th.sorting_asc_disabled span.dt-column-order:before,
+table.dataTable thead > tr > td.dt-orderable-none:not(.dt-ordering-asc, .dt-ordering-desc) span.dt-column-order:empty,
 table.dataTable thead > tr > td.sorting_desc_disabled span.dt-column-order:after,
 table.dataTable thead > tr > td.sorting_asc_disabled span.dt-column-order:before {
   display: none;
@@ -340,6 +342,7 @@ table.dataTable thead td,
 table.dataTable tfoot th,
 table.dataTable tfoot td {
   text-align: left;
+  vertical-align: var(--dt-header-vertical-align);
 }
 table.dataTable thead th.dt-head-left,
 table.dataTable thead td.dt-head-left,
@@ -422,10 +425,6 @@ table.dataTable tbody td.dt-body-nowrap {
   white-space: nowrap;
 }
 
-:root {
-  --dt-header-align-items: flex-end;
-}
-
 /*! Bootstrap 5 integration for DataTables
  *
  * ©2020 SpryMedia Ltd, all rights reserved.
@@ -453,7 +452,7 @@ table.table.dataTable > tbody > tr.selected > * {
   color: rgb(var(--dt-row-selected-text));
 }
 table.table.dataTable > tbody > tr.selected a {
-  color: rgb(9, 10, 11);
+  color: rgb(228, 228, 228);
   color: rgb(var(--dt-row-selected-link));
 }
 table.table.dataTable.table-striped > tbody > tr:nth-of-type(2n+1) > * {
diff --git a/src/static/scripts/datatables.js b/src/static/scripts/datatables.js
index 0ba22347..961af0b4 100644
--- a/src/static/scripts/datatables.js
+++ b/src/static/scripts/datatables.js
@@ -4,13 +4,13 @@
  *
  * To rebuild or modify this file with the latest versions of the included
  * software please visit:
- *   https://datatables.net/download/#bs5/dt-2.3.2
+ *   https://datatables.net/download/#bs5/dt-2.3.5
  *
  * Included libraries:
- *   DataTables 2.3.2
+ *   DataTables 2.3.5
  */
 
-/*! DataTables 2.3.2
+/*! DataTables 2.3.5
  * © SpryMedia Ltd - datatables.net/license
  */
 
@@ -178,6 +178,9 @@
 				this.id = sId;
 			}
 			
+			// Replacing an existing colgroup with our own. Not ideal, but a merge could take a lot of code
+			$this.children('colgroup').remove();
+			
 			/* Create the settings object for this table and set some of the default parameters */
 			var oSettings = $.extend( true, {}, DataTable.models.oSettings, {
 				"sDestroyWidth": $this[0].style.width,
@@ -513,7 +516,7 @@
 		 *
 		 *  @type string
 		 */
-		builder: "bs5/dt-2.3.2",
+		builder: "bs5/dt-2.3.5",
 	
 		/**
 		 * Buttons. For use with the Buttons extension for DataTables. This is
@@ -743,7 +746,7 @@
 		 * 
 		 * The extension options for ordering of data available here is complimentary
 		 * to the default type based ordering that DataTables typically uses. It
-		 * allows much greater control over the the data that is being used to
+		 * allows much greater control over the data that is being used to
 		 * order a column, but is necessarily therefore more complex.
 		 * 
 		 * This type of ordering is useful if you want to do ordering based on data
@@ -902,7 +905,7 @@
 			 * `{type}-asc` and `{type}-desc` together. It is generally recommended
 			 * that only `{type}-pre` is used, as this provides the optimal
 			 * implementation in terms of speed, although the others are provided
-			 * for compatibility with existing Javascript sort functions.
+			 * for compatibility with existing JavaScript sort functions.
 			 *
 			 * `{type}-pre`: Functions defined take a single parameter:
 			 *
@@ -912,7 +915,7 @@
 			 *
 			 * * `{*}` Data to be sorted upon
 			 *
-			 * `{type}-asc` and `{type}-desc`: Functions are typical Javascript sort
+			 * `{type}-asc` and `{type}-desc`: Functions are typical JavaScript sort
 			 * functions, taking two parameters:
 			 *
 		     *  1. `{*}` Data to compare to the second parameter
@@ -1136,7 +1139,7 @@
 	};
 	
 	// Convert from a formatted number with characters other than `.` as the
-	// decimal place, to a Javascript number
+	// decimal place, to a JavaScript number
 	var _numToDecimal = function ( num, decimalPoint ) {
 		// Cache created regular expressions for speed as this function is called often
 		if ( ! _re_dic[ decimalPoint ] ) {
@@ -1202,19 +1205,19 @@
 	
 	var _pluck = function ( a, prop, prop2 ) {
 		var out = [];
-		var i=0, ien=a.length;
+		var i=0, iLen=a.length;
 	
 		// Could have the test in the loop for slightly smaller code, but speed
 		// is essential here
 		if ( prop2 !== undefined ) {
-			for ( ; i<ien ; i++ ) {
+			for ( ; i<iLen ; i++ ) {
 				if ( a[i] && a[i][ prop ] ) {
 					out.push( a[i][ prop ][ prop2 ] );
 				}
 			}
 		}
 		else {
-			for ( ; i<ien ; i++ ) {
+			for ( ; i<iLen ; i++ ) {
 				if ( a[i] ) {
 					out.push( a[i][ prop ] );
 				}
@@ -1230,19 +1233,19 @@
 	var _pluck_order = function ( a, order, prop, prop2 )
 	{
 		var out = [];
-		var i=0, ien=order.length;
+		var i=0, iLen=order.length;
 	
 		// Could have the test in the loop for slightly smaller code, but speed
 		// is essential here
 		if ( prop2 !== undefined ) {
-			for ( ; i<ien ; i++ ) {
+			for ( ; i<iLen ; i++ ) {
 				if ( a[ order[i] ] && a[ order[i] ][ prop ] ) {
 					out.push( a[ order[i] ][ prop ][ prop2 ] );
 				}
 			}
 		}
 		else {
-			for ( ; i<ien ; i++ ) {
+			for ( ; i<iLen ; i++ ) {
 				if ( a[ order[i] ] ) {
 					out.push( a[ order[i] ][ prop ] );
 				}
@@ -1279,7 +1282,7 @@
 	{
 		var out = [];
 	
-		for ( var i=0, ien=a.length ; i<ien ; i++ ) {
+		for ( var i=0, iLen=a.length ; i<iLen ; i++ ) {
 			if ( a[i] ) { // careful - will remove all falsy values!
 				out.push( a[i] );
 			}
@@ -1365,7 +1368,7 @@
 		var sorted = src.slice().sort();
 		var last = sorted[0];
 	
-		for ( var i=1, ien=sorted.length ; i<ien ; i++ ) {
+		for ( var i=1, iLen=sorted.length ; i<iLen ; i++ ) {
 			if ( sorted[i] === last ) {
 				return false;
 			}
@@ -1401,10 +1404,10 @@
 		var
 			out = [],
 			val,
-			i, ien=src.length,
+			i, iLen=src.length,
 			j, k=0;
 	
-		again: for ( i=0 ; i<ien ; i++ ) {
+		again: for ( i=0 ; i<iLen ; i++ ) {
 			val = src[i];
 	
 			for ( j=0 ; j<k ; j++ ) {
@@ -1938,7 +1941,7 @@
 		var searchCols = init.aoSearchCols;
 	
 		if ( searchCols ) {
-			for ( var i=0, ien=searchCols.length ; i<ien ; i++ ) {
+			for ( var i=0, iLen=searchCols.length ; i<iLen ; i++ ) {
 				if ( searchCols[i] ) {
 					_fnCamelToHungarian( DataTable.models.oSearch, searchCols[i] );
 				}
@@ -2091,7 +2094,7 @@
 				oCol._sManualType = oOptions.sType;
 			}
 		
-			// `class` is a reserved word in Javascript, so we need to provide
+			// `class` is a reserved word in JavaScript, so we need to provide
 			// the ability to use a valid name for the camel case input
 			if ( oOptions.className && ! oOptions.sClass )
 			{
@@ -2248,14 +2251,14 @@
 	 *  @returns {int} i the number of visible columns
 	 *  @memberof DataTable#oApi
 	 */
-	function _fnVisbleColumns( settings )
+	function _fnVisibleColumns( settings )
 	{
 		var layout = settings.aoHeader;
 		var columns = settings.aoColumns;
 		var vis = 0;
 	
 		if ( layout.length ) {
-			for ( var i=0, ien=layout[0].length ; i<ien ; i++ ) {
+			for ( var i=0, iLen=layout[0].length ; i<iLen ; i++ ) {
 				if ( columns[i].bVisible && $(layout[0][i].cell).css('display') !== 'none' ) {
 					vis++;
 				}
@@ -2290,7 +2293,7 @@
 	/**
 	 * Allow the result from a type detection function to be `true` while
 	 * translating that into a string. Old type detection functions will
-	 * return the type name if it passes. An obect store would be better,
+	 * return the type name if it passes. An object store would be better,
 	 * but not backwards compatible.
 	 *
 	 * @param {*} typeDetect Object or function for type detection
@@ -2313,11 +2316,11 @@
 		var columns = settings.aoColumns;
 		var data = settings.aoData;
 		var types = DataTable.ext.type.detect;
-		var i, ien, j, jen, k, ken;
+		var i, iLen, j, jen, k, ken;
 		var col, detectedType, cache;
 	
 		// For each column, spin over the data type detection functions, seeing if one matches
-		for ( i=0, ien=columns.length ; i<ien ; i++ ) {
+		for ( i=0, iLen=columns.length ; i<iLen ; i++ ) {
 			col = columns[i];
 			cache = [];
 	
@@ -2587,7 +2590,7 @@
 		var unit;
 		var columns = settings.aoColumns;
 		
-		for ( var i=0, ien=targets.length ; i<ien ; i++ ) {
+		for ( var i=0, iLen=targets.length ; i<iLen ; i++ ) {
 			var column = columns[ targets[i] ];
 			var definedWidth = original ?
 				column.sWidthOrig :
@@ -2633,7 +2636,7 @@
 	}
 	/**
 	 * Add a data array to the table, creating DOM node etc. This is the parallel to
-	 * _fnGatherData, but for adding rows from a Javascript source, rather than a
+	 * _fnGatherData, but for adding rows from a JavaScript source, rather than a
 	 * DOM source.
 	 *  @param {object} settings dataTables settings object
 	 *  @param {array} data data array to be added
@@ -2773,10 +2776,10 @@
 		}
 	
 		if ( type === 'filter' ) {
-			var fomatters = DataTable.ext.type.search;
+			var formatters = DataTable.ext.type.search;
 	
-			if ( fomatters[ col.sType ] ) {
-				cellData = fomatters[ col.sType ]( cellData );
+			if ( formatters[ col.sType ] ) {
+				cellData = formatters[ col.sType ]( cellData );
 			}
 		}
 	
@@ -2906,7 +2909,7 @@
 	function _fnInvalidate( settings, rowIdx, src, colIdx )
 	{
 		var row = settings.aoData[ rowIdx ];
-		var i, ien;
+		var i, iLen;
 	
 		// Remove the cached data for the row
 		row._aSortData = null;
@@ -2931,7 +2934,7 @@
 					_fnWriteCell(cells[colIdx], display[colIdx]);
 				}
 				else {
-					for ( i=0, ien=cells.length ; i<ien ; i++ ) {
+					for ( i=0, iLen=cells.length ; i<iLen ; i++ ) {
 						_fnWriteCell(cells[i], display[i]);
 					}
 				}
@@ -2946,12 +2949,12 @@
 	
 			// Max length string. Its a fairly cheep recalculation, so not worth
 			// something more complicated
-			cols[ colIdx ].maxLenString = null;
+			cols[ colIdx ].wideStrings = null;
 		}
 		else {
-			for ( i=0, ien=cols.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=cols.length ; i<iLen ; i++ ) {
 				cols[i].sType = null;
-				cols[i].maxLenString = null;
+				cols[i].wideStrings = null;
 			}
 	
 			// Update DataTables special `DT_*` attributes for the row
@@ -3248,7 +3251,7 @@
 	{
 		var classes = settings.oClasses;
 		var columns = settings.aoColumns;
-		var i, ien, row;
+		var i, iLen, row;
 		var target = side === 'header'
 			? settings.nTHead
 			: settings.nTFoot;
@@ -3276,7 +3279,7 @@
 					cellCount += this.colSpan;
 				});
 	
-				for ( i=cellCount, ien=columns.length ; i<ien ; i++ ) {
+				for ( i=cellCount, iLen=columns.length ; i<iLen ; i++ ) {
 					$('<th/>')
 						.html( columns[i][titleProp] || '' )
 						.appendTo( row );
@@ -3492,6 +3495,14 @@
 			{
 				var iDataIndex = aiDisplay[j];
 				var aoData = oSettings.aoData[ iDataIndex ];
+	
+				// Row has been deleted - can't be displayed
+				if (aoData === null)
+				{
+					continue;
+				}
+	
+				// Row node hasn't been created yet
 				if ( aoData.nTr === null )
 				{
 					_fnCreateTr( oSettings, iDataIndex );
@@ -3620,7 +3631,7 @@
 	
 		return $( '<tr/>' )
 			.append( $('<td />', {
-				'colSpan': _fnVisbleColumns( settings ),
+				'colSpan': _fnVisibleColumns( settings ),
 				'class':   settings.oClasses.empty.row
 			} ).html( zero ) )[0];
 	}
@@ -3804,7 +3815,7 @@
 	
 			var line = row[ item ].contents;
 	
-			for ( var i=0, ien=line.length ; i<ien ; i++ ) {
+			for ( var i=0, iLen=line.length ; i<iLen ; i++ ) {
 				if ( ! line[i] ) {
 					continue;
 				}
@@ -3968,7 +3979,7 @@
 	/**
 	 * Use the DOM source to create up an array of header cells. The idea here is to
 	 * create a layout grid (array) of rows x columns, which contains a reference
-	 * to the cell that that point in the grid (regardless of col/rowspan), such that
+	 * to the cell at that point in the grid (regardless of col/rowspan), such that
 	 * any column / row could be removed and the new grid constructed
 	 *  @param {node} thead The header/footer element for the table
 	 *  @returns {array} Calculated layout array
@@ -4170,24 +4181,21 @@
 	 *     DataTables - may be augmented by developer callbacks
 	 * @param {function} fn Callback function to run when data is obtained
 	 */
-	function _fnBuildAjax( oSettings, data, fn )
-	{
+	function _fnBuildAjax(oSettings, data, fn) {
 		var ajaxData;
 		var ajax = oSettings.ajax;
 		var instance = oSettings.oInstance;
-		var callback = function ( json ) {
-			var status = oSettings.jqXHR
-				? oSettings.jqXHR.status
-				: null;
+		var callback = function (json) {
+			var status = oSettings.jqXHR ? oSettings.jqXHR.status : null;
 	
-			if ( json === null || (typeof status === 'number' && status == 204 ) ) {
+			if (json === null || (typeof status === 'number' && status == 204)) {
 				json = {};
-				_fnAjaxDataSrc( oSettings, json, [] );
+				_fnAjaxDataSrc(oSettings, json, []);
 			}
 	
 			var error = json.error || json.sError;
-			if ( error ) {
-				_fnLog( oSettings, 0, error );
+			if (error) {
+				_fnLog(oSettings, 0, error);
 			}
 	
 			// Microsoft often wrap JSON as a string in another JSON object
@@ -4195,30 +4203,27 @@
 			if (json.d && typeof json.d === 'string') {
 				try {
 					json = JSON.parse(json.d);
-				}
-				catch (e) {
+				} catch (e) {
 					// noop
 				}
 			}
 	
 			oSettings.json = json;
 	
-			_fnCallbackFire( oSettings, null, 'xhr', [oSettings, json, oSettings.jqXHR], true );
-			fn( json );
+			_fnCallbackFire(oSettings, null, 'xhr', [oSettings, json, oSettings.jqXHR], true);
+			fn(json);
 		};
 	
-		if ( $.isPlainObject( ajax ) && ajax.data )
-		{
+		if ($.isPlainObject(ajax) && ajax.data) {
 			ajaxData = ajax.data;
 	
-			var newData = typeof ajaxData === 'function' ?
-				ajaxData( data, oSettings ) :  // fn can manipulate data or return
-				ajaxData;                      // an object object or array to merge
+			var newData =
+				typeof ajaxData === 'function'
+					? ajaxData(data, oSettings) // fn can manipulate data or return
+					: ajaxData; // an object or array to merge
 	
 			// If the function returned something, use that alone
-			data = typeof ajaxData === 'function' && newData ?
-				newData :
-				$.extend( true, data, newData );
+			data = typeof ajaxData === 'function' && newData ? newData : $.extend(true, data, newData);
 	
 			// Remove the data property as we've resolved it already and don't want
 			// jQuery to do it again (it is restored at the end of the function)
@@ -4226,50 +4231,53 @@
 		}
 	
 		var baseAjax = {
-			"url": typeof ajax === 'string' ?
-				ajax :
-				'',
-			"data": data,
-			"success": callback,
-			"dataType": "json",
-			"cache": false,
-			"type": oSettings.sServerMethod,
-			"error": function (xhr, error) {
-				var ret = _fnCallbackFire( oSettings, null, 'xhr', [oSettings, null, oSettings.jqXHR], true );
-	
-				if ( ret.indexOf(true) === -1 ) {
-					if ( error == "parsererror" ) {
-						_fnLog( oSettings, 0, 'Invalid JSON response', 1 );
+			url: typeof ajax === 'string' ? ajax : '',
+			data: data,
+			success: callback,
+			dataType: 'json',
+			cache: false,
+			type: oSettings.sServerMethod,
+			error: function (xhr, error) {
+				var ret = _fnCallbackFire(
+					oSettings,
+					null,
+					'xhr',
+					[oSettings, null, oSettings.jqXHR],
+					true
+				);
+	
+				if (ret.indexOf(true) === -1) {
+					if (error == 'parsererror') {
+						_fnLog(oSettings, 0, 'Invalid JSON response', 1);
 					}
-					else if ( xhr.readyState === 4 ) {
-						_fnLog( oSettings, 0, 'Ajax error', 7 );
+					else if (xhr.readyState === 4) {
+						_fnLog(oSettings, 0, 'Ajax error', 7);
 					}
 				}
 	
-				_fnProcessingDisplay( oSettings, false );
+				_fnProcessingDisplay(oSettings, false);
 			}
 		};
 	
 		// If `ajax` option is an object, extend and override our default base
-		if ( $.isPlainObject( ajax ) ) {
-			$.extend( baseAjax, ajax )
+		if ($.isPlainObject(ajax)) {
+			$.extend(baseAjax, ajax);
 		}
 	
 		// Store the data submitted for the API
 		oSettings.oAjaxData = data;
 	
 		// Allow plug-ins and external processes to modify the data
-		_fnCallbackFire( oSettings, null, 'preXhr', [oSettings, data, baseAjax], true );
+		_fnCallbackFire(oSettings, null, 'preXhr', [oSettings, data, baseAjax], true);
 	
 		// Custom Ajax option to submit the parameters as a JSON string
 		if (baseAjax.submitAs === 'json' && typeof data === 'object') {
 			baseAjax.data = JSON.stringify(data);
 		}
 	
-		if ( typeof ajax === 'function' )
-		{
+		if (typeof ajax === 'function') {
 			// Is a function - let the caller define what needs to be done
-			oSettings.jqXHR = ajax.call( instance, data, callback, oSettings );
+			oSettings.jqXHR = ajax.call(instance, data, callback, oSettings);
 		}
 		else if (ajax.url === '') {
 			// No url, so don't load any data. Just apply an empty data array
@@ -4281,37 +4289,30 @@
 		}
 		else {
 			// Object to extend the base settings
-			oSettings.jqXHR = $.ajax( baseAjax );
+			oSettings.jqXHR = $.ajax(baseAjax);
 		}
 	
 		// Restore for next time around
-		if ( ajaxData ) {
+		if (ajaxData) {
 			ajax.data = ajaxData;
 		}
 	}
 	
-	
 	/**
 	 * Update the table using an Ajax call
 	 *  @param {object} settings dataTables settings object
 	 *  @returns {boolean} Block the table drawing or not
 	 *  @memberof DataTable#oApi
 	 */
-	function _fnAjaxUpdate( settings )
-	{
+	function _fnAjaxUpdate(settings) {
 		settings.iDraw++;
-		_fnProcessingDisplay( settings, true );
+		_fnProcessingDisplay(settings, true);
 	
-		_fnBuildAjax(
-			settings,
-			_fnAjaxParameters( settings ),
-			function(json) {
-				_fnAjaxUpdateDraw( settings, json );
-			}
-		);
+		_fnBuildAjax(settings, _fnAjaxParameters(settings), function (json) {
+			_fnAjaxUpdateDraw(settings, json);
+		});
 	}
 	
-	
 	/**
 	 * Build up the parameters in an object needed for a server-side processing
 	 * request.
@@ -4319,22 +4320,18 @@
 	 *  @returns {bool} block the table drawing or not
 	 *  @memberof DataTable#oApi
 	 */
-	function _fnAjaxParameters( settings )
-	{
-		var
-			columns = settings.aoColumns,
+	function _fnAjaxParameters(settings) {
+		var columns = settings.aoColumns,
 			features = settings.oFeatures,
 			preSearch = settings.oPreviousSearch,
 			preColSearch = settings.aoPreSearchCols,
-			colData = function ( idx, prop ) {
-				return typeof columns[idx][prop] === 'function' ?
-					'function' :
-					columns[idx][prop];
+			colData = function (idx, prop) {
+				return typeof columns[idx][prop] === 'function' ? 'function' : columns[idx][prop];
 			};
 	
 		return {
 			draw: settings.iDraw,
-			columns: columns.map( function ( column, i ) {
+			columns: columns.map(function (column, i) {
 				return {
 					data: colData(i, 'mData'),
 					name: column.sName,
@@ -4343,40 +4340,43 @@
 					search: {
 						value: preColSearch[i].search,
 						regex: preColSearch[i].regex,
-						fixed: Object.keys(column.searchFixed).map( function(name) {
-							return {
-								name: name,
-								term: column.searchFixed[name].toString()
-							}
-						})
+						fixed: Object.keys(column.searchFixed)
+							.map(function (name) {
+								return {
+									name: name,
+									term: typeof column.searchFixed[name] !== 'function'
+										? column.searchFixed[name].toString()
+										: 'function'
+									};
+							})
 					}
 				};
-			} ),
-			order: _fnSortFlatten( settings ).map( function ( val ) {
+			}),
+			order: _fnSortFlatten(settings).map(function (val) {
 				return {
 					column: val.col,
 					dir: val.dir,
 					name: colData(val.col, 'sName')
 				};
-			} ),
+			}),
 			start: settings._iDisplayStart,
-			length: features.bPaginate ?
-				settings._iDisplayLength :
-				-1,
+			length: features.bPaginate ? settings._iDisplayLength : -1,
 			search: {
 				value: preSearch.search,
 				regex: preSearch.regex,
-				fixed: Object.keys(settings.searchFixed).map( function(name) {
-					return {
-						name: name,
-						term: settings.searchFixed[name].toString()
-					}
-				})
+				fixed: Object.keys(settings.searchFixed)
+					.map(function (name) {
+						return {
+							name: name,
+							term: typeof settings.searchFixed[name] !== 'function'
+								? settings.searchFixed[name].toString()
+								: 'function'
+						};
+					})
 			}
 		};
 	}
 	
-	
 	/**
 	 * Data the data from the server (nuking the old) and redraw the table
 	 *  @param {object} oSettings dataTables settings object
@@ -4388,42 +4388,40 @@
 	 *  @param {string} [json.sColumns] Column ordering (sName, comma separated)
 	 *  @memberof DataTable#oApi
 	 */
-	function _fnAjaxUpdateDraw ( settings, json )
-	{
+	function _fnAjaxUpdateDraw(settings, json) {
 		var data = _fnAjaxDataSrc(settings, json);
 		var draw = _fnAjaxDataSrcParam(settings, 'draw', json);
 		var recordsTotal = _fnAjaxDataSrcParam(settings, 'recordsTotal', json);
 		var recordsFiltered = _fnAjaxDataSrcParam(settings, 'recordsFiltered', json);
 	
-		if ( draw !== undefined ) {
+		if (draw !== undefined) {
 			// Protect against out of sequence returns
-			if ( draw*1 < settings.iDraw ) {
+			if (draw * 1 < settings.iDraw) {
 				return;
 			}
 			settings.iDraw = draw * 1;
 		}
 	
 		// No data in returned object, so rather than an array, we show an empty table
-		if ( ! data ) {
+		if (!data) {
 			data = [];
 		}
 	
-		_fnClearTable( settings );
-		settings._iRecordsTotal   = parseInt(recordsTotal, 10);
+		_fnClearTable(settings);
+		settings._iRecordsTotal = parseInt(recordsTotal, 10);
 		settings._iRecordsDisplay = parseInt(recordsFiltered, 10);
 	
-		for ( var i=0, ien=data.length ; i<ien ; i++ ) {
-			_fnAddData( settings, data[i] );
+		for (var i = 0, iLen = data.length; i < iLen; i++) {
+			_fnAddData(settings, data[i]);
 		}
 		settings.aiDisplay = settings.aiDisplayMaster.slice();
 	
 		_fnColumnTypes(settings);
-		_fnDraw( settings, true );
-		_fnInitComplete( settings );
-		_fnProcessingDisplay( settings, false );
+		_fnDraw(settings, true);
+		_fnInitComplete(settings);
+		_fnProcessingDisplay(settings, false);
 	}
 	
-	
 	/**
 	 * Get the data from the JSON data source to use for drawing a table. Using
 	 * `_fnGetObjectDataFn` allows the data to be sourced from a property of the
@@ -4432,11 +4430,10 @@
 	 *  @param  {object} json Data source object / array from the server
 	 *  @return {array} Array of data to use
 	 */
-	function _fnAjaxDataSrc ( settings, json, write )
-	{
+	function _fnAjaxDataSrc(settings, json, write) {
 		var dataProp = 'data';
 	
-		if ($.isPlainObject( settings.ajax ) && settings.ajax.dataSrc !== undefined) {
+		if ($.isPlainObject(settings.ajax) && settings.ajax.dataSrc !== undefined) {
 			// Could in inside a `dataSrc` object, or not!
 			var dataSrc = settings.ajax.dataSrc;
 	
@@ -4449,20 +4446,18 @@
 			}
 		}
 	
-		if ( ! write ) {
-			if ( dataProp === 'data' ) {
+		if (!write) {
+			if (dataProp === 'data') {
 				// If the default, then we still want to support the old style, and safely ignore
 				// it if possible
 				return json.aaData || json[dataProp];
 			}
 	
-			return dataProp !== "" ?
-				_fnGetObjectDataFn( dataProp )( json ) :
-				json;
+			return dataProp !== '' ? _fnGetObjectDataFn(dataProp)(json) : json;
 		}
-		
+	
 		// set
-		_fnSetObjectDataFn( dataProp )( json, write );
+		_fnSetObjectDataFn(dataProp)(json, write);
 	}
 	
 	/**
@@ -4472,14 +4467,12 @@
 	 * @param {*} json JSON data
 	 * @returns Resolved value
 	 */
-	function _fnAjaxDataSrcParam (settings, param, json) {
-		var dataSrc = $.isPlainObject( settings.ajax )
-			? settings.ajax.dataSrc
-			: null;
+	function _fnAjaxDataSrcParam(settings, param, json) {
+		var dataSrc = $.isPlainObject(settings.ajax) ? settings.ajax.dataSrc : null;
 	
 		if (dataSrc && dataSrc[param]) {
 			// Get from custom location
-			return _fnGetObjectDataFn( dataSrc[param] )( json );
+			return _fnGetObjectDataFn(dataSrc[param])(json);
 		}
 	
 		// else - Default behaviour
@@ -4496,9 +4489,7 @@
 			old = 'iTotalDisplayRecords';
 		}
 	
-		return json[old] !== undefined
-			? json[old]
-			: json[param];
+		return json[old] !== undefined ? json[old] : json[param];
 	}
 	
 	
@@ -4571,7 +4562,7 @@
 		var displayRows = settings.aiDisplay;
 		var row, rowIdx;
 	
-		for ( var i=0, ien=filters.length ; i<ien ; i++ ) {
+		for ( var i=0, iLen=filters.length ; i<iLen ; i++ ) {
 			var rows = [];
 	
 			// Loop over each row and see if it should be included
@@ -4639,7 +4630,7 @@
 	 *  @param {string} sSearch string to search for
 	 *  @param {bool} bRegex treat as a regular expression or not
 	 *  @param {bool} bSmart perform smart filtering or not
-	 *  @param {bool} bCaseInsensitive Do case insensitive matching or not
+	 *  @param {bool} bCaseInsensitive Do case-insensitive matching or not
 	 *  @returns {RegExp} constructed object
 	 *  @memberof DataTable#oApi
 	 */
@@ -5382,7 +5373,7 @@
 		}
 	
 		// 4. Clean up
-		// Figure out if there are scrollbar present - if so then we need a the header and footer to
+		// Figure out if there are scrollbar present - if so then we need the header and footer to
 		// provide a bit more space to allow "overflow" scrolling (i.e. past the scrollbar)
 		var isScrolling = Math.floor(table.height()) > divBodyEl.clientHeight || divBody.css('overflow-y') == "scroll";
 		var paddingSide = 'padding' + (browser.bScrollbarLeft ? 'Left' : 'Right' );
@@ -5437,7 +5428,7 @@
 			visibleColumns = _fnGetColumns( settings, 'bVisible' ),
 			tableWidthAttr = table.getAttribute('width'), // from DOM element
 			tableContainer = table.parentNode,
-			i, column, columnIdx;
+			i, j, column, columnIdx;
 			
 		var styleWidth = table.style.width;
 		var containerWidth = _fnWrapperWidth(settings);
@@ -5471,17 +5462,16 @@
 			false
 		);
 	
-		// Construct a single row, worst case, table with the widest
-		// node in the data, assign any user defined widths, then insert it into
-		// the DOM and allow the browser to do all the hard work of calculating
-		// table widths
+		// Construct a worst case table with the widest, assign any user defined
+		// widths, then insert it into  the DOM and allow the browser to do all
+		// the hard work of calculating table widths
 		var tmpTable = $(table.cloneNode())
 			.css( 'visibility', 'hidden' )
+			.css( 'margin', 0 )
 			.removeAttr( 'id' );
 	
 		// Clean up the table body
-		tmpTable.append('<tbody>')
-		var tr = $('<tr/>').appendTo( tmpTable.find('tbody') );
+		tmpTable.append('<tbody/>')
 	
 		// Clone the table header and footer - we can't use the header / footer
 		// from the cloned table, since if scrolling is active, the table's
@@ -5521,23 +5511,37 @@
 			}
 		} );
 	
-		// Find the widest piece of data for each column and put it into the table
+		// Get the widest strings for each of the visible columns and add them to
+		// our table to create a "worst case"
+		var longestData = [];
+	
 		for ( i=0 ; i<visibleColumns.length ; i++ ) {
-			columnIdx = visibleColumns[i];
-			column = columns[ columnIdx ];
-	
-			var longest = _fnGetMaxLenString(settings, columnIdx);
-			var autoClass = _ext.type.className[column.sType];
-			var text = longest + column.sContentPadding;
-			var insert = longest.indexOf('<') === -1
-				? document.createTextNode(text)
-				: text
-			
-			$('<td/>')
-				.addClass(autoClass)
-				.addClass(column.sClass)
-				.append(insert)
-				.appendTo(tr);
+			longestData.push(_fnGetWideStrings(settings, visibleColumns[i]));
+		}
+	
+		if (longestData.length) {
+			for ( i=0 ; i<longestData[0].length ; i++ ) {
+				var tr = $('<tr/>').appendTo( tmpTable.find('tbody') );
+	
+				for ( j=0 ; j<visibleColumns.length ; j++ ) {
+					columnIdx = visibleColumns[j];
+					column = columns[ columnIdx ];
+	
+					var longest = longestData[j][i] || '';
+					var autoClass = _ext.type.className[column.sType];
+					var padding = column.sContentPadding || (scrollX ? '-' : '');
+					var text = longest + padding;
+					var insert = longest.indexOf('<') === -1
+						? document.createTextNode(text)
+						: text
+	
+					$('<td/>')
+						.addClass(autoClass)
+						.addClass(column.sClass)
+						.append(insert)
+						.appendTo(tr);
+				}
+			}
 		}
 	
 		// Tidy the temporary table - remove name attributes so there aren't
@@ -5676,20 +5680,32 @@
 	}
 	
 	/**
-	 * Get the maximum strlen for each data column
+	 * Get the widest strings for each column.
+	 *
+	 * It is very difficult to determine what the widest string actually is due to variable character
+	 * width and kerning. Doing an exact calculation with the DOM or even Canvas would kill performance
+	 * and this is a critical point, so we use two techniques to determine a collection of the longest
+	 * strings from the column, which will likely contain the widest strings:
+	 *
+	 * 1) Get the top three longest strings from the column
+	 * 2) Get the top three widest words (i.e. an unbreakable phrase)
+	 *
 	 *  @param {object} settings dataTables settings object
 	 *  @param {int} colIdx column of interest
-	 *  @returns {string} string of the max length
+	 *  @returns {string[]} Array of the longest strings
 	 *  @memberof DataTable#oApi
 	 */
-	function _fnGetMaxLenString( settings, colIdx )
+	function _fnGetWideStrings( settings, colIdx )
 	{
 		var column = settings.aoColumns[colIdx];
 	
-		if (! column.maxLenString) {
-			var s, max='', maxLen = -1;
-		
-			for ( var i=0, ien=settings.aiDisplayMaster.length ; i<ien ; i++ ) {
+		// Do we need to recalculate (i.e. was invalidated), or just use the cached data?
+		if (! column.wideStrings) {
+			var allStrings = [];
+			var collection = [];
+	
+			// Create an array with the string information for the column
+			for ( var i=0, iLen=settings.aiDisplayMaster.length ; i<iLen ; i++ ) {
 				var rowIdx = settings.aiDisplayMaster[i];
 				var data = _fnGetRowDisplay(settings, rowIdx)[colIdx];
 	
@@ -5703,21 +5719,49 @@
 					.replace(/id=".*?"/g, '')
 					.replace(/name=".*?"/g, '');
 	
-				s = _stripHtml(cellString)
+				var s = _stripHtml(cellString)
 					.replace( /&nbsp;/g, ' ' );
 		
-				if ( s.length > maxLen ) {
-					// We want the HTML in the string, but the length that
-					// is important is the stripped string
-					max = cellString;
-					maxLen = s.length;
-				}
+				collection.push({
+					str: s,
+					len: s.length
+				});
+	
+				allStrings.push(s);
+			}
+	
+			// Order and then cut down to the size we need
+			collection
+				.sort(function (a, b) {
+					return b.len - a.len;
+				})
+				.splice(3);
+	
+			column.wideStrings = collection.map(function (item) {
+				return item.str;
+			});
+	
+			// Longest unbroken string
+			let parts = allStrings.join(' ').split(' ');
+	
+			parts.sort(function (a, b) {
+				return b.length - a.length;
+			});
+	
+			if (parts.length) {
+				column.wideStrings.push(parts[0]);
+			}
+	
+			if (parts.length > 1) {
+				column.wideStrings.push(parts[1]);
 			}
 	
-			column.maxLenString = max;
+			if (parts.length > 2) {
+				column.wideStrings.push(parts[3]);
+			}
 		}
 	
-		return column.maxLenString;
+		return column.wideStrings;
 	}
 	
 	
@@ -5811,7 +5855,7 @@
 						: [column];
 	
 			if ( columns.length ) {
-				for ( var i=0, ien=columns.length ; i<ien ; i++ ) {
+				for ( var i=0, iLen=columns.length ; i<iLen ; i++ ) {
 					var ret = _fnSortAdd( settings, columns[i], i, e.shiftKey );
 	
 					if (ret !== false) {
@@ -5860,7 +5904,7 @@
 			masterMap[master[i]] = i;
 		}
 	
-		// And then cache what would be the indexOf fom the display
+		// And then cache what would be the indexOf from the display
 		for (i=0 ; i<display.length ; i++) {
 			map[display[i]] = masterMap[display[i]];
 		}
@@ -5986,7 +6030,7 @@
 	function _fnSort ( oSettings, col, dir )
 	{
 		var
-			i, ien, iLen,
+			i, iLen,
 			aiOrig = [],
 			extSort = DataTable.ext.type.order,
 			aoData = oSettings.aoData,
@@ -6017,7 +6061,7 @@
 			aSort = _fnSortFlatten( oSettings );
 		}
 	
-		for ( i=0, ien=aSort.length ; i<ien ; i++ ) {
+		for ( i=0, iLen=aSort.length ; i<iLen ; i++ ) {
 			sortCol = aSort[i];
 	
 			// Load the data needed for the sort, for each cell
@@ -6040,7 +6084,7 @@
 	
 			/* Do the sort - here we want multi-column sorting based on a given data source (column)
 			 * and sorting function (from oSort) in a certain direction. It's reasonably complex to
-			 * follow on it's own, but this is what we want (example two column sorting):
+			 * follow on its own, but this is what we want (example two column sorting):
 			 *  fnLocalSorting = function(a,b){
 			 *    var test;
 			 *    test = oSort['string-asc']('data11', 'data12');
@@ -6164,7 +6208,7 @@
 					nextSortIdx = 0; // can't remove sorting completely
 				}
 	
-				if ( nextSortIdx === null ) {
+				if ( nextSortIdx === null || asSorting[ nextSortIdx ] === '' ) {
 					sorting.splice( sortIdx, 1 );
 				}
 				else {
@@ -6214,11 +6258,11 @@
 		var sortClass = settings.oClasses.order.position;
 		var sort = _fnSortFlatten( settings );
 		var features = settings.oFeatures;
-		var i, ien, colIdx;
+		var i, iLen, colIdx;
 	
 		if ( features.bSort && features.bSortClasses ) {
 			// Remove old sorting classes
-			for ( i=0, ien=oldSort.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=oldSort.length ; i<iLen ; i++ ) {
 				colIdx = oldSort[i].src;
 	
 				// Remove column sorting
@@ -6227,7 +6271,7 @@
 			}
 	
 			// Add new column sorting
-			for ( i=0, ien=sort.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=sort.length ; i<iLen ; i++ ) {
 				colIdx = sort[i].src;
 	
 				$( _pluck( settings.aoData, 'anCells', colIdx ) )
@@ -6361,7 +6405,7 @@
 	}
 	
 	function _fnImplementState ( settings, s, callback) {
-		var i, ien;
+		var i, iLen;
 		var columns = settings.aoColumns;
 		var currentNames = _pluck(settings.aoColumns, 'sName');
 	
@@ -6490,7 +6534,7 @@
 	
 			// If the number of columns to restore is different from current, then all bets are off.
 			if (set.length === columns.length) {
-				for ( i=0, ien=set.length ; i<ien ; i++ ) {
+				for ( i=0, iLen=set.length ; i<iLen ; i++ ) {
 					var col = set[i];
 	
 					// Visibility
@@ -6513,7 +6557,9 @@
 	
 				// If the api is defined then we need to adjust the columns once the visibility has been changed
 				if (api) {
-					api.columns.adjust();
+					api.one('draw', function () {
+						api.columns.adjust();
+					});
 				}
 			}
 		}
@@ -6644,7 +6690,7 @@
 	
 	
 	/**
-	 * Bind an event handers to allow a click or return key to activate the callback.
+	 * Bind an event handler to allow a click or return key to activate the callback.
 	 * This is good for accessibility since a return on the keyboard will have the
 	 * same effect as a click, if the element has focus.
 	 *  @param {element} n Element to bind the action to
@@ -6833,7 +6879,7 @@
 	}
 	
 	/**
-	 * Add elements to an array as quickly as possible, but stack stafe.
+	 * Add elements to an array as quickly as possible, but stack safe.
 	 *
 	 * @param {*} arr Array to add the data to
 	 * @param {*} data Data array that is to be added
@@ -7109,7 +7155,7 @@
 	
 		each: function ( fn )
 		{
-			for ( var i=0, ien=this.length ; i<ien; i++ ) {
+			for ( var i=0, iLen=this.length ; i<iLen; i++ ) {
 				fn.call( this, this[i], i, this );
 			}
 	
@@ -7155,7 +7201,7 @@
 		iterator: function ( flatten, type, fn, alwaysNew ) {
 			var
 				a = [], ret,
-				i, ien, j, jen,
+				i, iLen, j, jen,
 				context = this.context,
 				rows, items, item,
 				selector = this.selector;
@@ -7168,7 +7214,7 @@
 				flatten = false;
 			}
 	
-			for ( i=0, ien=context.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=context.length ; i<iLen ; i++ ) {
 				var apiInst = new _Api( context[i] );
 	
 				if ( type === 'table' ) {
@@ -7290,18 +7336,18 @@
 	} );
 	
 	
-	function _api_scope( scope, fn, struc ) {
+	function _api_scope( scope, fn, struct ) {
 		return function () {
 			var ret = fn.apply( scope || this, arguments );
 	
 			// Method extension
-			_Api.extend( ret, ret, struc.methodExt );
+			_Api.extend( ret, ret, struct.methodExt );
 			return ret;
 		};
 	}
 	
 	function _api_find( src, name ) {
-		for ( var i=0, ien=src.length ; i<ien ; i++ ) {
+		for ( var i=0, iLen=src.length ; i<iLen ; i++ ) {
 			if ( src[i].name === name ) {
 				return src[i];
 			}
@@ -7319,10 +7365,10 @@
 		}
 	
 		var
-			i, ien,
+			i, iLen,
 			struct;
 	
-		for ( i=0, ien=ext.length ; i<ien ; i++ ) {
+		for ( i=0, iLen=ext.length ; i<iLen ; i++ ) {
 			struct = ext[i];
 	
 			if (struct.name === '__proto__') {
@@ -7377,12 +7423,12 @@
 		}
 	
 		var
-			i, ien,
+			i, iLen,
 			heir = name.split('.'),
 			struct = __apiStruct,
 			key, method;
 	
-		for ( i=0, ien=heir.length ; i<ien ; i++ ) {
+		for ( i=0, iLen=heir.length ; i<iLen ; i++ ) {
 			method = heir[i].indexOf('()') !== -1;
 			key = method ?
 				heir[i].replace('()', '') :
@@ -7400,7 +7446,7 @@
 				struct.push( src );
 			}
 	
-			if ( i === ien-1 ) {
+			if ( i === iLen-1 ) {
 				src.val = val;
 				src.type = typeof val === 'function' ?
 					'function' :
@@ -7742,7 +7788,7 @@
 	 */
 	_api_register( 'page.len()', function ( len ) {
 		// Note that we can't call this function 'length()' because `length`
-		// is a Javascript property of functions which defines how many arguments
+		// is a JavaScript property of functions which defines how many arguments
 		// the function expects.
 		if ( len === undefined ) {
 			return this.context.length !== 0 ?
@@ -7785,7 +7831,7 @@
 				_fnClearTable( settings );
 	
 				var data = _fnAjaxDataSrc( settings, json );
-				for ( var i=0, ien=data.length ; i<ien ; i++ ) {
+				for ( var i=0, iLen=data.length ; i<iLen ; i++ ) {
 					_fnAddData( settings, data[i] );
 				}
 	
@@ -7908,7 +7954,7 @@
 	{
 		var
 			out = [], res,
-			i, ien,
+			i, iLen,
 			selectorType = typeof selector;
 	
 		// Can't just check for isArray here, as an API or jQuery instance might be
@@ -7917,7 +7963,7 @@
 			selector = [ selector ];
 		}
 	
-		for ( i=0, ien=selector.length ; i<ien ; i++ ) {
+		for ( i=0, iLen=selector.length ; i<iLen ; i++ ) {
 			res = selectFn( typeof selector[i] === 'string' ? selector[i].trim() : selector[i] );
 	
 			// Remove empty items
@@ -7933,7 +7979,7 @@
 		// selector extensions
 		var ext = _ext.selector[ type ];
 		if ( ext.length ) {
-			for ( i=0, ien=ext.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=ext.length ; i<iLen ; i++ ) {
 				out = ext[i]( settings, opts, out );
 			}
 		}
@@ -7988,7 +8034,7 @@
 	var _selector_row_indexes = function ( settings, opts )
 	{
 		var
-			i, ien, tmp, a=[],
+			i, iLen, tmp, a=[],
 			displayFiltered = settings.aiDisplay,
 			displayMaster = settings.aiDisplayMaster;
 	
@@ -8011,7 +8057,7 @@
 			// Current page implies that order=current and filter=applied, since it is
 			// fairly senseless otherwise, regardless of what order and search actually
 			// are
-			for ( i=settings._iDisplayStart, ien=settings.fnDisplayEnd() ; i<ien ; i++ ) {
+			for ( i=settings._iDisplayStart, iLen=settings.fnDisplayEnd() ; i<iLen ; i++ ) {
 				a.push( displayFiltered[i] );
 			}
 		}
@@ -8026,7 +8072,7 @@
 				// O(n+m) solution by creating a hash map
 				var displayFilteredMap = {};
 	
-				for ( i=0, ien=displayFiltered.length ; i<ien ; i++ ) {
+				for ( i=0, iLen=displayFiltered.length ; i<iLen ; i++ ) {
 					displayFilteredMap[displayFiltered[i]] = null;
 				}
 	
@@ -8038,7 +8084,7 @@
 			}
 		}
 		else if ( order == 'index' || order == 'original' ) {
-			for ( i=0, ien=settings.aoData.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=settings.aoData.length ; i<iLen ; i++ ) {
 				if (! settings.aoData[i]) {
 					continue;
 				}
@@ -8255,7 +8301,7 @@
 		var context = this.context;
 	
 		// `iterator` will drop undefined values, but in this case we want them
-		for ( var i=0, ien=context.length ; i<ien ; i++ ) {
+		for ( var i=0, iLen=context.length ; i<iLen ; i++ ) {
 			for ( var j=0, jen=this[i].length ; j<jen ; j++ ) {
 				var id = context[i].rowIdFn( context[i].aoData[ this[i][j] ]._aData );
 				a.push( (hash === true ? '#' : '' )+ id );
@@ -8299,10 +8345,10 @@
 	
 	_api_register( 'rows.add()', function ( rows ) {
 		var newRows = this.iterator( 'table', function ( settings ) {
-				var row, i, ien;
+				var row, i, iLen;
 				var out = [];
 	
-				for ( i=0, ien=rows.length ; i<ien ; i++ ) {
+				for ( i=0, iLen=rows.length ; i<iLen ; i++ ) {
 					row = rows[i];
 	
 					if ( row.nodeName && row.nodeName.toUpperCase() === 'TR' ) {
@@ -8449,7 +8495,7 @@
 		var addRow = function ( r, k ) {
 			// Recursion to allow for arrays of jQuery objects
 			if ( Array.isArray( r ) || r instanceof $ ) {
-				for ( var i=0, ien=r.length ; i<ien ; i++ ) {
+				for ( var i=0, iLen=r.length ; i<iLen ; i++ ) {
 					addRow( r[i], k );
 				}
 				return;
@@ -8469,7 +8515,7 @@
 				
 				$('td', created)
 					.addClass( k )
-					.html( r )[0].colSpan = _fnVisbleColumns( ctx );
+					.html( r )[0].colSpan = _fnVisibleColumns( ctx );
 	
 				rows.push( created[0] );
 			}
@@ -8507,7 +8553,7 @@
 			var row = ctx[0].aoData[ idx !== undefined ? idx : api[0] ];
 	
 			if ( row && row._details ) {
-				row._details.remove();
+				row._details.detach();
 	
 				row._detailsShow = undefined;
 				row._details = undefined;
@@ -8581,9 +8627,9 @@
 	
 				// Update the colspan for the details rows (note, only if it already has
 				// a colspan)
-				var row, visible = _fnVisbleColumns( ctx );
+				var row, visible = _fnVisibleColumns( ctx );
 	
-				for ( var i=0, ien=data.length ; i<ien ; i++ ) {
+				for ( var i=0, iLen=data.length ; i<iLen ; i++ ) {
 					row = data[i];
 	
 					if ( row && row._details ) {
@@ -8604,7 +8650,7 @@
 					return;
 				}
 	
-				for ( var i=0, ien=data.length ; i<ien ; i++ ) {
+				for ( var i=0, iLen=data.length ; i<iLen ; i++ ) {
 					if ( data[i] && data[i]._details ) {
 						__details_remove( api, i );
 					}
@@ -8708,7 +8754,7 @@
 	// iterator callback in columns().data()
 	var __columnData = function ( settings, column, r1, r2, rows, type ) {
 		var a = [];
-		for ( var row=0, ien=rows.length ; row<ien ; row++ ) {
+		for ( var row=0, iLen=rows.length ; row<iLen ; row++ ) {
 			a.push( _fnGetCellData( settings, rows[row], column, type ) );
 		}
 		return a;
@@ -8908,7 +8954,7 @@
 			cols = settings.aoColumns,
 			col  = cols[ column ],
 			data = settings.aoData,
-			cells, i, ien, tr;
+			cells, i, iLen, tr;
 	
 		// Get
 		if ( vis === undefined ) {
@@ -8926,7 +8972,7 @@
 			// Need to decide if we should use appendChild or insertBefore
 			var insertBefore = _pluck(cols, 'bVisible').indexOf(true, column+1);
 	
-			for ( i=0, ien=data.length ; i<ien ; i++ ) {
+			for ( i=0, iLen=data.length ; i<iLen ; i++ ) {
 				if (data[i]) {
 					tr = data[i].nTr;
 					cells = data[i].anCells;
@@ -9056,13 +9102,16 @@
 	
 	_api_registerPlural( 'columns().types()', 'column().type()', function () {
 		return this.iterator( 'column', function ( settings, column ) {
-			var type = settings.aoColumns[column].sType;
+			var colObj = settings.aoColumns[column]
+			var type = colObj.sType;
 	
 			// If the type was invalidated, then resolve it. This actually does
 			// all columns at the moment. Would only happen once if getting all
 			// column's data types.
 			if (! type) {
 				_fnColumnTypes(settings);
+	
+				type = colObj.sType;
 			}
 	
 			return type;
@@ -9092,7 +9141,7 @@
 				// Update colspan for no records display. Child rows and extensions will use their own
 				// listeners to do this - only need to update the empty table item here
 				if ( ! settings.aiDisplay.length ) {
-					$(settings.nTBody).find('td[colspan]').attr('colspan', _fnVisbleColumns(settings));
+					$(settings.nTBody).find('td[colspan]').attr('colspan', _fnVisibleColumns(settings));
 				}
 		
 				_fnSaveState( settings );
@@ -9178,7 +9227,7 @@
 		var allCells = $(_flatten( [], cells ));
 		var row;
 		var columns = settings.aoColumns.length;
-		var a, i, ien, j, o, host;
+		var a, i, iLen, j, o, host;
 	
 		var run = function ( s ) {
 			var fnSelector = typeof s === 'function';
@@ -9187,7 +9236,7 @@
 				// All cells and function selectors
 				a = [];
 	
-				for ( i=0, ien=rows.length ; i<ien ; i++ ) {
+				for ( i=0, iLen=rows.length ; i<iLen ; i++ ) {
 					row = rows[i];
 	
 					for ( j=0 ; j<columns ; j++ ) {
@@ -9292,12 +9341,12 @@
 		// Row + column selector
 		var columns = this.columns( columnSelector, internalOpts );
 		var rows = this.rows( rowSelector, internalOpts );
-		var i, ien, j, jen;
+		var i, iLen, j, jen;
 	
 		var cellsNoOpts = this.iterator( 'table', function ( settings, idx ) {
 			var a = [];
 	
-			for ( i=0, ien=rows[idx].length ; i<ien ; i++ ) {
+			for ( i=0, iLen=rows[idx].length ; i<iLen ; i++ ) {
 				for ( j=0, jen=columns[idx].length ; j<jen ; j++ ) {
 					a.push( {
 						row:    rows[idx][i],
@@ -9509,7 +9558,7 @@
 			return this.iterator( 'column', function ( settings, idx ) {
 				var sort = _fnSortFlatten( settings );
 	
-				for ( var i=0, ien=sort.length ; i<ien ; i++ ) {
+				for ( var i=0, iLen=sort.length ; i<iLen ; i++ ) {
 					if ( sort[i].col === idx ) {
 						return sort[i].dir;
 					}
@@ -10200,9 +10249,11 @@
 		}
 	
 		if ( $.isPlainObject( resolved ) ) {
-			resolved = plural !== undefined && resolved[ plural ] !== undefined ?
-				resolved[ plural ] :
-				resolved._;
+			resolved = plural !== undefined && resolved[ plural ] !== undefined
+				? resolved[ plural ]
+				: plural === false
+					? resolved
+					: resolved._;
 		}
 	
 		return typeof resolved === 'string'
@@ -10231,7 +10282,7 @@
 	 *  @type string
 	 *  @default Version number
 	 */
-	DataTable.version = "2.3.2";
+	DataTable.version = "2.3.5";
 	
 	/**
 	 * Private data store, containing all of the settings objects that are
@@ -10264,7 +10315,7 @@
 	 */
 	DataTable.models.oSearch = {
 		/**
-		 * Flag to indicate if the filtering should be case insensitive or not
+		 * Flag to whether or not the filtering should be case-insensitive
 		 */
 		"caseInsensitive": true,
 	
@@ -10533,8 +10584,8 @@
 		 */
 		"sWidthOrig": null,
 	
-		/** Cached string which is the longest in the column */
-		maxLenString: null,
+		/** Cached longest strings from a column */
+		wideStrings: null,
 	
 		/**
 		 * Store for named searches
@@ -10549,7 +10600,7 @@
 	 * from v1.10 onwards the primary interface is camel case. In order to avoid
 	 * breaking backwards compatibility utterly with this change, the Hungarian
 	 * version is still, internally the primary interface, but is is not documented
-	 * - hence the @name tags in each doc comment. This allows a Javascript function
+	 * - hence the @name tags in each doc comment. This allows a JavaScript function
 	 * to create a map from Hungarian notation to camel case (going the other direction
 	 * would require each property to be listed, which would add around 3K to the size
 	 * of DataTables, while this method is about a 0.5K hit).
@@ -10568,7 +10619,7 @@
 		/**
 		 * An array of data to use for the table, passed in at initialisation which
 		 * will be used in preference to any data which is already in the DOM. This is
-		 * particularly useful for constructing tables purely in Javascript, for
+		 * particularly useful for constructing tables purely in JavaScript, for
 		 * example with a custom Ajax call.
 		 */
 		"aaData": null,
@@ -10635,7 +10686,7 @@
 		 * * `dataSrc` - By default DataTables will look for the property `data` (or
 		 *   `aaData` for compatibility with DataTables 1.9-) when obtaining data
 		 *   from an Ajax source or for server-side processing - this parameter
-		 *   allows that property to be changed. You can use Javascript dotted
+		 *   allows that property to be changed. You can use JavaScript dotted
 		 *   object notation to get a data source for multiple levels of nesting, or
 		 *   it my be used as a function. As a function it takes a single parameter,
 		 *   the JSON returned from the server, which can be manipulated as
@@ -10759,13 +10810,13 @@
 		"bFilter": true,
 	
 		/**
-		 * Used only for compatiblity with DT1
+		 * Used only for compatibility with DT1
 		 * @deprecated
 		 */
 		"bInfo": true,
 	
 		/**
-		 * Used only for compatiblity with DT1
+		 * Used only for compatibility with DT1
 		 * @deprecated
 		 */
 		"bLengthChange": true,
@@ -10856,7 +10907,7 @@
 		 * Enable or disable state saving. When enabled HTML5 `localStorage` will be
 		 * used to save table display information such as pagination information,
 		 * display length, filtering and sorting. As such when the end user reloads
-		 * the page the display display will match what thy had previously set up.
+		 * the page the display will match what thy had previously set up.
 		 */
 		"bStateSave": false,
 	
@@ -11213,7 +11264,7 @@
 			/**
 			 * When using Ajax sourced data and during the first draw when DataTables is
 			 * gathering the data, this message is shown in an empty row in the table to
-			 * indicate to the end user the the data is being loaded. Note that this
+			 * indicate to the end user the data is being loaded. Note that this
 			 * parameter is not used when loading data by server-side processing, just
 			 * Ajax sourced data with client-side processing.
 			 */
@@ -11474,8 +11525,8 @@
 		 * * `string` - read an object property from the data source. There are
 		 *   three 'special' options that can be used in the string to alter how
 		 *   DataTables reads the data from the source object:
-		 *    * `.` - Dotted Javascript notation. Just as you use a `.` in
-		 *      Javascript to read from nested objects, so to can the options
+		 *    * `.` - Dotted JavaScript notation. Just as you use a `.` in
+		 *      JavaScript to read from nested objects, so to can the options
 		 *      specified in `data`. For example: `browser.version` or
 		 *      `browser.name`. If your object parameter name contains a period, use
 		 *      `\\` to escape it - i.e. `first\\.name`.
@@ -11533,7 +11584,7 @@
 		 * This property is the rendering partner to `data` and it is suggested that
 		 * when you want to manipulate data for display (including filtering,
 		 * sorting etc) without altering the underlying data for the table, use this
-		 * property. `render` can be considered to be the the read only companion to
+		 * property. `render` can be considered to be the read only companion to
 		 * `data` which is read / write (then as such more complex). Like `data`
 		 * this option can be given in a number of different ways to effect its
 		 * behaviour:
@@ -11543,8 +11594,8 @@
 		 * * `string` - read an object property from the data source. There are
 		 *   three 'special' options that can be used in the string to alter how
 		 *   DataTables reads the data from the source object:
-		 *    * `.` - Dotted Javascript notation. Just as you use a `.` in
-		 *      Javascript to read from nested objects, so to can the options
+		 *    * `.` - Dotted JavaScript notation. Just as you use a `.` in
+		 *      JavaScript to read from nested objects, so to can the options
 		 *      specified in `data`. For example: `browser.version` or
 		 *      `browser.name`. If your object parameter name contains a period, use
 		 *      `\\` to escape it - i.e. `first\\.name`.
@@ -11647,7 +11698,7 @@
 		 * The type allows you to specify how the data for this column will be
 		 * ordered. Four types (string, numeric, date and html (which will strip
 		 * HTML tags before ordering)) are currently available. Note that only date
-		 * formats understood by Javascript's Date() object will be accepted as type
+		 * formats understood by JavaScript's Date() object will be accepted as type
 		 * date. For example: "Mar 26, 2008 5:03 PM". May take the values: 'string',
 		 * 'numeric', 'date' or 'html' (by default). Further types can be adding
 		 * through plug-ins.
@@ -11699,7 +11750,7 @@
 			/**
 			 * Delay the creation of TR and TD elements until they are actually
 			 * needed by a driven page draw. This can give a significant speed
-			 * increase for Ajax source and Javascript source data, but makes no
+			 * increase for Ajax source and JavaScript source data, but makes no
 			 * difference at all for DOM and server-side processing tables.
 			 * Note that this parameter will be set by the initialisation routine. To
 			 * set a default use {@link DataTable.defaults}.
@@ -11716,13 +11767,13 @@
 			"bFilter": null,
 	
 			/**
-			 * Used only for compatiblity with DT1
+			 * Used only for compatibility with DT1
 			 * @deprecated
 			 */
 			"bInfo": true,
 	
 			/**
-			 * Used only for compatiblity with DT1
+			 * Used only for compatibility with DT1
 			 * @deprecated
 			 */
 			"bLengthChange": true,
@@ -12593,7 +12644,7 @@
 					},
 					order: {
 						pre: function (d) {
-							// The renderer gives us Moment, Luxon or Date obects for the sorting, all of which have a
+							// The renderer gives us Moment, Luxon or Date objects for the sorting, all of which have a
 							// `valueOf` which gives milliseconds epoch
 							return d.valueOf();
 						}
@@ -12648,7 +12699,10 @@
 				}
 				
 				var formatted = to === null
-					? __mld(dt, 'toDate', 'toJSDate', '')[localeString]()
+					? __mld(dt, 'toDate', 'toJSDate', '')[localeString](
+						navigator.language,
+						{ timeZone: "UTC" }
+					)
 					: __mld(dt, 'format', 'toFormat', 'toISOString', to);
 	
 				// XSS protection
@@ -13159,7 +13213,7 @@
 	
 		// If a decimal place other than `.` is used, it needs to be given to the
 		// function so we can detect it and replace with a `.` which is the only
-		// decimal place Javascript recognises - it is not locale aware.
+		// decimal place JavaScript recognises - it is not locale aware.
 		if ( decimalPlace ) {
 			d = _numToDecimal( d, decimalPlace );
 		}
@@ -13217,7 +13271,7 @@
 				// on destroy, while the `dt` namespaced event is the one we are
 				// listening for
 				$(settings.nTable).on( 'order.dt.DT column-visibility.dt.DT', function ( e, ctx, column ) {
-					if ( settings !== ctx ) { // need to check this this is the host
+					if ( settings !== ctx ) { // need to check if this is the host
 						return;               // table, not a nested one
 					}
 	
diff --git a/src/static/templates/admin/base.hbs b/src/static/templates/admin/base.hbs
index 4cdec626..f56d8262 100644
--- a/src/static/templates/admin/base.hbs
+++ b/src/static/templates/admin/base.hbs
@@ -11,26 +11,19 @@
     <script src="{{urlpath}}/vw_static/admin.js"></script>
 </head>
 <body>
-    <svg class="d-none">
+    <svg xmlns="http://www.w3.org/2000/svg" class="d-none">
         <symbol id="vw-icon-sun" viewBox="0 0 24 24">
-            <circle cx="12" cy="12" r="5" fill="currentColor"></circle>
-            <g stroke="currentColor" stroke-width="1.5" stroke-linecap="round">
-                <line x1="12" y1="2" x2="12" y2="5"></line>
-                <line x1="12" y1="19" x2="12" y2="22"></line>
-                <line x1="4.22" y1="4.22" x2="6.34" y2="6.34"></line>
-                <line x1="17.66" y1="17.66" x2="19.78" y2="19.78"></line>
-                <line x1="2" y1="12" x2="5" y2="12"></line>
-                <line x1="19" y1="12" x2="22" y2="12"></line>
-                <line x1="4.22" y1="19.78" x2="6.34" y2="17.66"></line>
-                <line x1="17.66" y1="6.34" x2="19.78" y2="4.22"></line>
+            <circle cx="12" cy="12" r="5" fill="currentColor"/>
+            <g stroke="currentColor" stroke-linecap="round" stroke-width="1.5">
+                <path d="M12 2v3M12 19v3M4.22 4.22l2.12 2.12M17.66 17.66l2.12 2.12M2 12h3M19 12h3M4.22 19.78l2.12-2.12M17.66 6.34l2.12-2.12"/>
             </g>
         </symbol>
-        <symbol id="vw-icon-moon" viewBox="0 0 32 32">
-            <path fill="currentColor" transform="translate(0,-1.2)" d="M25.2 27.3a11.2 11.2 0 0 1-6.6-20.5A13 13 0 1 0 29.6 25.5 11.6 11.6 0 0 1 25.2 27.3z"></path>
+        <symbol id="vw-icon-moon" viewBox="0 0 24 24">
+            <path fill="currentColor" stroke-width=".8" d="M18.4 17.8A9 8.6 0 0 1 13 2a10.5 10 0 1 0 9 14.4 9.4 9 0 0 1-3.6 1.4"/>
         </symbol>
         <symbol id="vw-icon-auto" viewBox="0 0 24 24">
-            <circle cx="12" cy="12" r="9" fill="none" stroke="currentColor" stroke-width="1.5"></circle>
-            <path fill="currentColor" d="M12 3a9 9 0 1 1 0 18V3z"></path>
+            <circle cx="12" cy="12" r="9" fill="none" stroke="currentColor" stroke-width="1.5"/>
+            <path fill="currentColor" d="M12 3a9 9 0 1 1 0 18Z"/>
         </symbol>
     </svg>
     <nav class="navbar navbar-expand-md navbar-dark bg-dark mb-4 shadow fixed-top">
@@ -61,7 +54,7 @@
                     </li>
                 </ul>
 
-                <ul class="navbar-nav">
+                <ul class="navbar-nav mx-3">
                     <li class="nav-item dropdown">
                         <button
                             class="btn btn-link nav-link py-0 px-0 px-md-2 dropdown-toggle d-flex align-items-center"