update job queries

handle shared link
update to latest draft, apply old upload changes
2026-05-19 05:52:14 -04:00 · 2026-04-03 02:13:49 -04:00 · 2026-04-03 01:27:41 -04:00 · 2026-04-03 00:58:57 -04:00 · 2026-03-29 11:34:50 -07:00 · 2026-03-29 11:25:18 -07:00
1867 changed files with 89529 additions and 79846 deletions
@@ -6,12 +6,6 @@ mobile/openapi/**/*.dart linguist-generated=true
 mobile/lib/**/*.g.dart -diff -merge
 mobile/lib/**/*.g.dart linguist-generated=true

-mobile/android/**/*.g.kt -diff -merge
-mobile/android/**/*.g.kt linguist-generated=true
-
-mobile/ios/**/*.g.swift -diff -merge
-mobile/ios/**/*.g.swift linguist-generated=true
-
 mobile/lib/**/*.drift.dart -diff -merge
 mobile/lib/**/*.drift.dart linguist-generated=true

@@ -1 +1 @@
-24.15.0
+24.14.0
@@ -30,7 +30,7 @@ jobs:
          while IFS= read -r header; do
            printf '%s\n' "$BODY" | grep -qF "$header" || OK=false
          done < <(sed '/<!--/,/-->/d' .github/pull_request_template.md | grep "^## ")
-          echo "uses_template=$OK" | tee --append "$GITHUB_OUTPUT"
+          echo "uses_template=$OK" >> "$GITHUB_OUTPUT"

  close_template:
    runs-on: ubuntu-latest
@@ -51,7 +51,7 @@ jobs:
        run: |
          gh api graphql \
            -f prId="$NODE_ID" \
-            -f body="This PR has been automatically closed as the description doesn't follow [our template](https://github.com/immich-app/immich/blob/main/.github/pull_request_template.md). After you edit it to match the template, the PR will automatically be reopened." \
+            -f body="This PR has been automatically closed as the description doesn't follow our template. After you edit it to match the template, the PR will automatically be reopened." \
            -f query='
              mutation CommentAndClosePR($prId: ID!, $body: String!) {
                addComment(input: {
@@ -128,7 +128,7 @@ jobs:
        run: |
          REMAINING=$(gh pr view "$PR_NUMBER" --repo "${{ github.repository }}" --json labels \
            --jq '[.labels[].name | select(startswith("auto-closed:"))] | length')
-          echo "remaining=$REMAINING" | tee --append "$GITHUB_OUTPUT"
+          echo "remaining=$REMAINING" >> "$GITHUB_OUTPUT"

      - name: Reopen PR
        if: ${{ steps.check_labels.outputs.remaining == '0' }}
@@ -51,14 +51,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -79,9 +79,9 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -103,7 +103,7 @@ jobs:

      - name: Restore Gradle Cache
        id: cache-gradle-restore
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        with:
          path: |
            ~/.gradle/caches
@@ -114,14 +114,14 @@ jobs:
          key: build-mobile-gradle-${{ runner.os }}-main

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@1a449444c387b1966244ae4d4f8c696479add0b2 # v2.23.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
          cache: true

      - name: Setup Android SDK
-        uses: android-actions/setup-android@40fd30fb8d7440372e1316f5d1809ec01dcd3699 # v4.0.1
+        uses: android-actions/setup-android@9fc6c4e9069bf8d3d10b2204b1fb8f6ef7065407 # v3.2.2
        with:
          packages: ''

@@ -153,14 +153,14 @@ jobs:
          fi

      - name: Publish Android Artifact
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: release-apk-signed
          path: mobile/build/app/outputs/flutter-apk/*.apk

      - name: Save Gradle Cache
        id: cache-gradle-save
-        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        if: github.ref == 'refs/heads/main'
        with:
          path: |
@@ -191,7 +191,7 @@ jobs:
          persist-credentials: false

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@1a449444c387b1966244ae4d4f8c696479add0b2 # v2.23.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -210,7 +210,7 @@ jobs:
        working-directory: ./mobile

      - name: Setup Ruby
-        uses: ruby/setup-ruby@c4e5b1316158f92e3d49443a9d58b31d25ac0f8f # v1.306.0
+        uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1.295.0
        with:
          ruby-version: '3.3'
          bundler-cache: true
@@ -291,7 +291,7 @@ jobs:
          security delete-keychain build.keychain || true

      - name: Upload IPA artifact
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: ios-release-ipa
          path: mobile/ios/Runner.ipa
@@ -19,9 +19,9 @@ jobs:
      actions: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check out code
@@ -24,7 +24,7 @@ jobs:
          persist-credentials: false

      - name: Check for breaking API changes
-        uses: oasdiff/oasdiff-action/breaking@37bf9ff785c7315df88216660826e71be4cc03da # v0.0.44
+        uses: oasdiff/oasdiff-action/breaking@2a37bc82462349c03a533b8b608bebbaf57b3e60 # v0.0.33
        with:
          base: https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json
          revision: open-api/immich-openapi-specs.json
@@ -31,9 +31,9 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -45,7 +45,7 @@ jobs:
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './cli/.nvmrc'
          registry-url: 'https://registry.npmjs.org'
@@ -71,9 +71,9 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout
@@ -89,7 +89,7 @@ jobs:
        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          registry: ghcr.io
@@ -115,7 +115,7 @@ jobs:
            type=raw,value=latest,enable=${{ github.event_name == 'release' }}

      - name: Build and push image
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
+        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
        with:
          file: cli/Dockerfile
          platforms: linux/amd64,linux/arm64
@@ -35,7 +35,7 @@ jobs:
    needs: [get_body, should_run]
    if: ${{ needs.should_run.outputs.should_run == 'true' }}
    container:
-      image: ghcr.io/immich-app/mdq:main@sha256:32abe582452b12dff55055e1d6bc24508a8f17164f9d1831db7bb70953c014c6
+      image: ghcr.io/immich-app/mdq:main@sha256:df7188ba88abb0800d73cc97d3633280f0c0c3d4c441d678225067bf154150fb
    outputs:
      checked: ${{ steps.get_checkbox.outputs.checked }}
    steps:
@@ -44,9 +44,9 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout repository
@@ -57,7 +57,7 @@ jobs:

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
+        uses: github/codeql-action/init@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
@@ -70,7 +70,7 @@ jobs:
      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
-        uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
+        uses: github/codeql-action/autobuild@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0

      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -83,6 +83,6 @@ jobs:
      #   ./location_of_script_within_repo/buildscript.sh

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
+        uses: github/codeql-action/analyze@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0
        with:
          category: '/language:${{matrix.language}}'
@@ -23,14 +23,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -60,7 +60,7 @@ jobs:
        suffix: ['', '-cuda', '-rocm', '-openvino', '-armnn', '-rknn']
    steps:
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -90,7 +90,7 @@ jobs:
        suffix: ['']
    steps:
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -132,7 +132,7 @@ jobs:
            suffixes: '-rocm'
            platforms: linux/amd64
            runner-mapping: '{"linux/amd64": "pokedex-large"}'
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@5813c7c4f7016c748ae7ac5d5f684846649d4d20 # multi-runner-build-workflow-v2.4.0
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
    permissions:
      contents: read
      actions: read
@@ -155,7 +155,7 @@ jobs:
    name: Build and Push Server
    needs: pre-job
    if: ${{ fromJSON(needs.pre-job.outputs.should_run).server == true }}
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@5813c7c4f7016c748ae7ac5d5f684846649d4d20 # multi-runner-build-workflow-v2.4.0
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
    permissions:
      contents: read
      actions: read
@@ -178,7 +178,7 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}

@@ -189,6 +189,6 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
@@ -21,14 +21,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -54,9 +54,9 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -70,7 +70,7 @@ jobs:
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './docs/.nvmrc'
          cache: 'pnpm'
@@ -86,7 +86,7 @@ jobs:
        run: pnpm build

      - name: Upload build output
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: docs-build-output
          path: docs/build/
@@ -20,16 +20,16 @@ jobs:
      artifact: ${{ steps.get-artifact.outputs.result }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - if: ${{ github.event.workflow_run.conclusion != 'success' }}
        run: echo 'The triggering workflow did not succeed' && exit 1
      - name: Get artifact
        id: get-artifact
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          github-token: ${{ steps.token.outputs.token }}
          script: |
@@ -48,7 +48,7 @@ jobs:
            return { found: true, id: matchArtifact.id };
      - name: Determine deploy parameters
        id: parameters
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        env:
          HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
        with:
@@ -119,9 +119,9 @@ jobs:
    if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -131,13 +131,11 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
-        with:
-          github_token: ${{ steps.token.outputs.token }}
+        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3

      - name: Load parameters
        id: parameters
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        env:
          PARAM_JSON: ${{ needs.checks.outputs.parameters }}
        with:
@@ -149,7 +147,7 @@ jobs:
            core.setOutput("shouldDeploy", parameters.shouldDeploy);

      - name: Download artifact
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        env:
          ARTIFACT_JSON: ${{ needs.checks.outputs.artifact }}
        with:
@@ -213,7 +211,7 @@ jobs:
        run: 'mise run //deployment:tf apply'

      - name: Comment
-        uses: actions-cool/maintain-one-comment@909842216bc8e8658364c572ec52100f4c2cc50a # v3.3.0
+        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3.2.0
        if: ${{ steps.parameters.outputs.event == 'pr' }}
        with:
          token: ${{ steps.token.outputs.token }}
@@ -17,9 +17,9 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -29,9 +29,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
-        with:
-          github_token: ${{ steps.token.outputs.token }}
+        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3

      - name: Destroy Docs Subdomain
        env:
@@ -44,7 +42,7 @@ jobs:
        run: 'mise run //deployment:tf destroy -- -refresh=false'

      - name: Comment
-        uses: actions-cool/maintain-one-comment@909842216bc8e8658364c572ec52100f4c2cc50a # v3.3.0
+        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3.2.0
        with:
          token: ${{ steps.token.outputs.token }}
          number: ${{ github.event.number }}
@@ -16,9 +16,9 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: 'Checkout'
@@ -29,10 +29,10 @@ jobs:
          persist-credentials: true

      - name: Setup pnpm
-        uses: pnpm/action-setup@26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a # v6.0.4
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './server/.nvmrc'
          cache: 'pnpm'
@@ -42,13 +42,13 @@ jobs:
        run: pnpm --recursive install && pnpm run --recursive --if-present --parallel format:fix

      - name: Commit and push
-        uses: EndBug/add-and-commit@290ea2c423ad77ca9c62ae0f5b224379612c0321 # v10.0.0
+        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
        with:
          default_author: github_actions
          message: 'chore: fix formatting'

      - name: Remove label
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        if: always()
        with:
          github-token: ${{ steps.generate-token.outputs.token }}
@@ -4,7 +4,7 @@ on:
  workflow_dispatch:
  workflow_call:
    secrets:
-      PUSH_O_MATIC_APP_CLIENT_ID:
+      PUSH_O_MATIC_APP_ID:
        required: true
      PUSH_O_MATIC_APP_KEY:
        required: true
@@ -31,9 +31,9 @@ jobs:
      - name: Generate a token
        id: generate_token
        if: ${{ inputs.skip != true }}
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Find translation PR
@@ -14,9 +14,9 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Require PR to have a changelog label
@@ -12,9 +12,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1
@@ -36,7 +36,7 @@ jobs:
    permissions:
      pull-requests: write
    secrets:
-      PUSH_O_MATIC_APP_CLIENT_ID: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+      PUSH_O_MATIC_APP_ID: ${{ secrets.PUSH_O_MATIC_APP_ID }}
      PUSH_O_MATIC_APP_KEY: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
      WEBLATE_TOKEN: ${{ secrets.WEBLATE_TOKEN }}

@@ -50,9 +50,9 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout
@@ -63,13 +63,13 @@ jobs:
          ref: main

      - name: Install uv
-        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0

      - name: Setup pnpm
-        uses: pnpm/action-setup@26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a # v6.0.4
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './server/.nvmrc'
          cache: 'pnpm'
@@ -86,7 +86,7 @@ jobs:

      - name: Commit and tag
        id: push-tag
-        uses: EndBug/add-and-commit@290ea2c423ad77ca9c62ae0f5b224379612c0321 # v10.0.0
+        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
        with:
          default_author: github_actions
          message: 'chore: version ${{ steps.output.outputs.version }}'
@@ -124,9 +124,9 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout
@@ -142,7 +142,7 @@ jobs:
          github-token: ${{ steps.generate-token.outputs.token }}

      - name: Create draft release
-        uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2.6.2
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
        with:
          draft: true
          tag_name: ${{ needs.bump_version.outputs.version }}
@@ -14,12 +14,12 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

-      - uses: mshick/add-pr-comment@8e4927817251f1ff60c001f04568532b38e0b4a0 # v3.11.0
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        with:
          github-token: ${{ steps.token.outputs.token }}
          message-id: 'preview-status'
@@ -32,12 +32,12 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

-      - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+      - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          github-token: ${{ steps.token.outputs.token }}
          script: |
@@ -48,14 +48,14 @@ jobs:
              name: 'preview'
            })

-      - uses: mshick/add-pr-comment@8e4927817251f1ff60c001f04568532b38e0b4a0 # v3.11.0
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        if: ${{ github.event.pull_request.head.repo.fork }}
        with:
          github-token: ${{ steps.token.outputs.token }}
          message-id: 'preview-status'
          message: 'PRs from forks cannot have preview environments.'

-      - uses: mshick/add-pr-comment@8e4927817251f1ff60c001f04568532b38e0b4a0 # v3.11.0
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          github-token: ${{ steps.token.outputs.token }}
@@ -19,9 +19,9 @@ jobs:
        working-directory: ./open-api/typescript-sdk
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -33,7 +33,7 @@ jobs:
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      # Setup .npmrc file to publish to npm
-      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './open-api/typescript-sdk/.nvmrc'
          registry-url: 'https://registry.npmjs.org'
@@ -20,14 +20,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -49,9 +49,9 @@ jobs:
        working-directory: ./mobile
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -61,7 +61,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@1a449444c387b1966244ae4d4f8c696479add0b2 # v2.23.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -17,14 +17,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -34,17 +34,13 @@ jobs:
              - 'web/**'
              - 'i18n/**'
              - 'open-api/typescript-sdk/**'
-              - 'pnpm-lock.yaml'
            server:
              - 'server/**'
-              - 'pnpm-lock.yaml'
            cli:
              - 'cli/**'
              - 'open-api/typescript-sdk/**'
-              - 'pnpm-lock.yaml'
            e2e:
              - 'e2e/**'
-              - 'pnpm-lock.yaml'
            mobile:
              - 'mobile/**'
            machine-learning:
@@ -67,9 +63,9 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -81,7 +77,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './server/.nvmrc'
          cache: 'pnpm'
@@ -112,9 +108,9 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -125,7 +121,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './cli/.nvmrc'
          cache: 'pnpm'
@@ -159,9 +155,9 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -172,7 +168,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './cli/.nvmrc'
          cache: 'pnpm'
@@ -201,9 +197,9 @@ jobs:
        working-directory: ./web
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -214,7 +210,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './web/.nvmrc'
          cache: 'pnpm'
@@ -245,9 +241,9 @@ jobs:
        working-directory: ./web
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -258,7 +254,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './web/.nvmrc'
          cache: 'pnpm'
@@ -283,9 +279,9 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -296,7 +292,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './web/.nvmrc'
          cache: 'pnpm'
@@ -331,9 +327,9 @@ jobs:
        working-directory: ./e2e
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -344,7 +340,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './e2e/.nvmrc'
          cache: 'pnpm'
@@ -377,9 +373,9 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -391,15 +387,11 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './server/.nvmrc'
          cache: 'pnpm'
          cache-dependency-path: '**/pnpm-lock.yaml'
-      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
-        with:
-          github_token: ${{ steps.token.outputs.token }}
      - name: Run pnpm install
        run: SHARP_IGNORE_GLOBAL_LIBVIPS=true pnpm install --frozen-lockfile
      - name: Run medium tests
@@ -420,9 +412,9 @@ jobs:
        runner: [ubuntu-latest, ubuntu-24.04-arm]
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -434,7 +426,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './e2e/.nvmrc'
          cache: 'pnpm'
@@ -472,7 +464,7 @@ jobs:
        run: docker compose logs --no-color > docker-compose-logs.txt
        working-directory: ./e2e
      - name: Archive Docker logs
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: always()
        with:
          name: e2e-server-docker-logs-${{ matrix.runner }}
@@ -492,9 +484,9 @@ jobs:
        runner: [ubuntu-latest, ubuntu-24.04-arm]
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -506,7 +498,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './e2e/.nvmrc'
          cache: 'pnpm'
@@ -530,7 +522,7 @@ jobs:
        run: pnpm test:web
        if: ${{ !cancelled() }}
      - name: Archive e2e test (web) results
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-web-test-results-${{ matrix.runner }}
@@ -541,7 +533,7 @@ jobs:
        run: pnpm test:web:ui
        if: ${{ !cancelled() }}
      - name: Archive ui test (web) results
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-ui-test-results-${{ matrix.runner }}
@@ -552,7 +544,7 @@ jobs:
        run: pnpm test:web:maintenance
        if: ${{ !cancelled() }}
      - name: Archive maintenance tests (web) results
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-maintenance-isolated-test-results-${{ matrix.runner }}
@@ -562,7 +554,7 @@ jobs:
        run: docker compose logs --no-color > docker-compose-logs.txt
        working-directory: ./e2e
      - name: Archive Docker logs
-        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: always()
        with:
          name: e2e-web-docker-logs-${{ matrix.runner }}
@@ -574,7 +566,7 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
  mobile-unit-tests:
@@ -586,9 +578,9 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -596,7 +588,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@1a449444c387b1966244ae4d4f8c696479add0b2 # v2.23.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -613,40 +605,39 @@ jobs:
    runs-on: ubuntu-latest
    permissions:
      contents: read
-    env:
-      MISE_CEILING_PATHS: ${{ github.workspace }}
-      MISE_TRUSTED_CONFIG_PATHS: ${{ github.workspace }}/machine-learning/mise.toml
    defaults:
      run:
        working-directory: ./machine-learning
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
-
-      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
+      - name: Install uv
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
        with:
-          github_token: ${{ steps.token.outputs.token }}
-          working_directory: ./machine-learning
-
+          python-version: 3.11
      - name: Install dependencies
-        run: mise run install --extra cpu
-      - name: Lint code
-        run: mise run lint --output-format=github
-      - name: Format code
-        run: mise run format
-      - name: Run type checking
-        run: mise run check
+        run: |
+          uv sync --extra cpu
+      - name: Lint with ruff
+        run: |
+          uv run ruff check --output-format=github immich_ml
+      - name: Format with ruff
+        run: |
+          uv run ruff format --check immich_ml
+      - name: Run mypy type checking
+        run: |
+          uv run mypy --strict immich_ml/
      - name: Run tests and coverage
-        run: mise run test
+        run: |
+          uv run pytest --cov=immich_ml --cov-report term-missing
  github-files-formatting:
    name: .github Files Formatting
    needs: pre-job
@@ -659,9 +650,9 @@ jobs:
        working-directory: ./.github
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -672,7 +663,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './.github/.nvmrc'
          cache: 'pnpm'
@@ -689,9 +680,9 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -710,9 +701,9 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -723,7 +714,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './server/.nvmrc'
          cache: 'pnpm'
@@ -772,9 +763,9 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Checkout code
@@ -785,7 +776,7 @@ jobs:
      - name: Setup pnpm
        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
-        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version-file: './server/.nvmrc'
          cache: 'pnpm'
@@ -24,14 +24,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -47,9 +47,9 @@ jobs:
    if: ${{ fromJSON(needs.pre-job.outputs.should_run).i18n == true }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
+          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Bot review status
@@ -68,6 +68,6 @@ jobs:
    permissions: {}
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
@@ -28,5 +28,3 @@ vite.config.js.timestamp-*
 .pnpm-store
 .devcontainer/library
 .devcontainer/.env*
-*.tsbuildinfo
-*.tsbuildInfo
@@ -1,3 +1,6 @@
+[submodule "mobile/.isar"]
+	path = mobile/.isar
+	url = https://github.com/isar/isar
 [submodule "e2e/test-assets"]
 	path = e2e/test-assets
 	url = https://github.com/immich-app/test-assets
@@ -13,6 +13,10 @@
    "editor.wordBasedSuggestions": "off"
  },
  "[javascript]": {
+    "editor.codeActionsOnSave": {
+      "source.organizeImports": "explicit",
+      "source.removeUnusedImports": "explicit"
+    },
    "editor.defaultFormatter": "esbenp.prettier-vscode",
    "editor.formatOnSave": true
  },
@@ -25,14 +29,18 @@
    "editor.formatOnSave": true
  },
  "[svelte]": {
+    "editor.codeActionsOnSave": {
+      "source.organizeImports": "explicit",
+      "source.removeUnusedImports": "explicit"
+    },
    "editor.defaultFormatter": "svelte.svelte-vscode",
-    "editor.formatOnSave": true,
-    "tailwindCSS.lint.suggestCanonicalClasses": "ignore"
-  },
-  "svelte.plugin.svelte.compilerWarnings": {
-    "state_referenced_locally": "ignore"
+    "editor.formatOnSave": true
  },
  "[typescript]": {
+    "editor.codeActionsOnSave": {
+      "source.organizeImports": "explicit",
+      "source.removeUnusedImports": "explicit"
+    },
    "editor.defaultFormatter": "esbenp.prettier-vscode",
    "editor.formatOnSave": true
  },
@@ -1 +1 @@
-24.15.0
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "@immich/cli",
-  "version": "2.7.5",
+  "version": "2.6.3",
  "description": "Command Line Interface (CLI) for Immich",
  "type": "module",
  "exports": "./dist/index.js",
@@ -20,7 +20,7 @@
    "@types/lodash-es": "^4.17.12",
    "@types/micromatch": "^4.0.9",
    "@types/mock-fs": "^4.13.1",
-    "@types/node": "^24.12.2",
+    "@types/node": "^24.12.0",
    "@vitest/coverage-v8": "^4.0.0",
    "byte-size": "^9.0.0",
    "cli-progress": "^3.12.0",
@@ -28,13 +28,13 @@
    "eslint": "^10.0.0",
    "eslint-config-prettier": "^10.1.8",
    "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^64.0.0",
+    "eslint-plugin-unicorn": "^63.0.0",
    "globals": "^17.0.0",
    "mock-fs": "^5.2.0",
    "prettier": "^3.7.4",
    "prettier-plugin-organize-imports": "^4.0.0",
-    "typescript": "^6.0.0",
-    "typescript-eslint": "^8.58.0",
+    "typescript": "^5.3.3",
+    "typescript-eslint": "^8.28.0",
    "vite": "^8.0.0",
    "vitest": "^4.0.0",
    "vitest-fetch-mock": "^0.4.0",
@@ -68,6 +68,6 @@
    "micromatch": "^4.0.8"
  },
  "volta": {
-    "node": "24.15.0"
+    "node": "24.14.0"
  }
 }
@@ -4,7 +4,7 @@ import path from 'node:path';
 import { setTimeout as sleep } from 'node:timers/promises';
 import { describe, expect, it, MockedFunction, vi } from 'vitest';

-import { AssetRejectReason, AssetUploadAction, checkBulkUpload, defaults, getSupportedMediaTypes } from '@immich/sdk';
+import { Action, checkBulkUpload, defaults, getSupportedMediaTypes, Reason } from '@immich/sdk';
 import createFetchMock from 'vitest-fetch-mock';

 import {
@@ -120,7 +120,7 @@ describe('checkForDuplicates', () => {
    vi.mocked(checkBulkUpload).mockResolvedValue({
      results: [
        {
-          action: AssetUploadAction.Accept,
+          action: Action.Accept,
          id: testFilePath,
        },
      ],
@@ -144,10 +144,10 @@ describe('checkForDuplicates', () => {
    vi.mocked(checkBulkUpload).mockResolvedValue({
      results: [
        {
-          action: AssetUploadAction.Reject,
+          action: Action.Reject,
          id: testFilePath,
          assetId: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-          reason: AssetRejectReason.Duplicate,
+          reason: Reason.Duplicate,
        },
      ],
    });
@@ -167,7 +167,7 @@ describe('checkForDuplicates', () => {
    vi.mocked(checkBulkUpload).mockResolvedValue({
      results: [
        {
-          action: AssetUploadAction.Accept,
+          action: Action.Accept,
          id: testFilePath,
        },
      ],
@@ -187,7 +187,7 @@ describe('checkForDuplicates', () => {
    mocked.mockResolvedValue({
      results: [
        {
-          action: AssetUploadAction.Accept,
+          action: Action.Accept,
          id: testFilePath,
        },
      ],
@@ -1,9 +1,9 @@
 import {
+  Action,
  AssetBulkUploadCheckItem,
  AssetBulkUploadCheckResult,
  AssetMediaResponseDto,
  AssetMediaStatus,
-  AssetUploadAction,
  Permission,
  addAssetsToAlbum,
  checkBulkUpload,
@@ -234,7 +234,7 @@ export const checkForDuplicates = async (files: string[], { concurrency, skipHas
      const results = response.results as AssetBulkUploadCheckResults;

      for (const { id: filepath, assetId, action } of results) {
-        if (action === AssetUploadAction.Accept) {
+        if (action === Action.Accept) {
          newFiles.push(filepath);
        } else {
          // rejects are always duplicates
@@ -404,6 +404,8 @@ const uploadFile = async (input: string, stats: Stats): Promise<AssetMediaRespon
  const { baseUrl, headers } = defaults;

  const formData = new FormData();
+  formData.append('deviceAssetId', `${basename(input)}-${stats.size}`.replaceAll(/\s+/g, ''));
+  formData.append('deviceId', 'CLI');
  formData.append('fileCreatedAt', stats.mtime.toISOString());
  formData.append('fileModifiedAt', stats.mtime.toISOString());
  formData.append('fileSize', String(stats.size));
@@ -15,12 +15,8 @@
    "incremental": true,
    "skipLibCheck": true,
    "esModuleInterop": true,
-    "rootDir": "./src",
-    "paths": {
-      "src/*": ["./src/*"],
-    },
-    "tsBuildInfoFile": "./dist/tsconfig.tsbuildinfo",
+    "baseUrl": "./",
    "types": ["vitest/globals"]
  },
-  "exclude": ["dist", "node_modules", "vite.config.ts"]
+  "exclude": ["dist", "node_modules"]
 }
@@ -1,6 +1,6 @@
 [tools]
-terragrunt = "1.0.3"
-opentofu = "1.11.6"
+terragrunt = "0.99.4"
+opentofu = "1.11.5"

 [tasks."tg:fmt"]
 run = "terragrunt hclfmt"
@@ -20,7 +20,6 @@ services:
      - /tmp
    volumes:
      - ..:/usr/src/app
-      # - ../../ui:/usr/src/ui
      - pnpm_cache:/buildcache/pnpm_cache
      - server_node_modules:/usr/src/app/server/node_modules
      - web_node_modules:/usr/src/app/web/node_modules
@@ -157,7 +156,7 @@ services:

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:3b55fbaa0cd93cf0d9d961f405e4dfcc70efe325e2d84da207a0a8e6d8fde4f9
+    image: docker.io/valkey/valkey:9@sha256:3eeb09785cd61ec8e3be35f8804c8892080f3ca21934d628abc24ee4ed1698f6
    healthcheck:
      test: redis-cli ping || exit 1

@@ -56,7 +56,7 @@ services:

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:3b55fbaa0cd93cf0d9d961f405e4dfcc70efe325e2d84da207a0a8e6d8fde4f9
+    image: docker.io/valkey/valkey:9@sha256:3eeb09785cd61ec8e3be35f8804c8892080f3ca21934d628abc24ee4ed1698f6
    healthcheck:
      test: redis-cli ping || exit 1
    restart: always
@@ -85,7 +85,7 @@ services:
    container_name: immich_prometheus
    ports:
      - 9090:9090
-    image: prom/prometheus@sha256:e4254400b85610324913f0dc4acf92603d9984e7519414c5a12811aa6146acc3
+    image: prom/prometheus@sha256:4a61322ac1103a0e3aea2a61ef1718422a48fa046441f299d71e660a3bc71ae9
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus-data:/prometheus
@@ -97,7 +97,7 @@ services:
    command: ['./run.sh', '-disable-reporting']
    ports:
      - 3000:3000
-    image: grafana/grafana:12.4.3-ubuntu@sha256:ca3f764fdc48cebdf22dd206f33ecb0795a9a7210eacd1b5c02204aebd78b223
+    image: grafana/grafana:12.4.1-ubuntu@sha256:1a20dea76a2778773df17dbc365db86b1a4f2d57772b8590b6311038a3acb1db
    volumes:
      - grafana-data:/var/lib/grafana

@@ -61,7 +61,7 @@ services:

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:3b55fbaa0cd93cf0d9d961f405e4dfcc70efe325e2d84da207a0a8e6d8fde4f9
+    image: docker.io/valkey/valkey:9@sha256:3eeb09785cd61ec8e3be35f8804c8892080f3ca21934d628abc24ee4ed1698f6
    user: '1000:1000'
    security_opt:
      - no-new-privileges:true
@@ -49,7 +49,7 @@ services:

  redis:
    container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:3b55fbaa0cd93cf0d9d961f405e4dfcc70efe325e2d84da207a0a8e6d8fde4f9
+    image: docker.io/valkey/valkey:9@sha256:3eeb09785cd61ec8e3be35f8804c8892080f3ca21934d628abc24ee4ed1698f6
    healthcheck:
      test: redis-cli ping || exit 1
    restart: always
@@ -1 +1 @@
-24.15.0
+24.14.0
@@ -210,7 +210,7 @@ The provided restore process ensures your database is never in a broken state by

 ## Filesystem

-Immich does not handle filesystem backups for you. You have to arrange these yourself! Immich stores two types of content in the filesystem: (a) original, unmodified assets (photos and videos), and (b) generated content. We recommend backing up the entire contents of `UPLOAD_LOCATION`, but only the original content is critical, which is stored in the following folders:
+Immich stores two types of content in the filesystem: (a) original, unmodified assets (photos and videos), and (b) generated content. We recommend backing up the entire contents of `UPLOAD_LOCATION`, but only the original content is critical, which is stored in the following folders:

 1. `UPLOAD_LOCATION/library`
 2. `UPLOAD_LOCATION/upload`
@@ -14,7 +14,6 @@ Immich supports 3rd party authentication via [OpenID Connect][oidc] (OIDC), an i
 - [Authelia](https://www.authelia.com/integration/openid-connect/immich/)
 - [Okta](https://www.okta.com/openid-connect/)
 - [Google](https://developers.google.com/identity/openid-connect/openid-connect)
- [Keycloak](https://www.keycloak.org)

 ## Prerequisites

@@ -50,10 +49,6 @@ Before enabling OAuth in Immich, a new client application needs to be configured
   - `https://immich.example.com/auth/login`
   - `https://immich.example.com/user-settings`

-3. Configure Backchannel logout URL
-
-   If the authentication server supports it, the **Backchannel logout URL** can be specified, and it is of the form: `http://DOMAIN:PORT/api/oauth/backchannel-logout`.
-
 ## Enable OAuth

 Once you have a new OAuth client application configured, Immich can be configured using the Administration Settings page, available on the web (Administration -> Settings).
@@ -67,8 +62,6 @@ Once you have a new OAuth client application configured, Immich can be configure
 | `scope`                                              | string  | openid email profile | Full list of scopes to send with the request (space delimited)                      |
 | `id_token_signed_response_alg`                       | string  | RS256                | The algorithm used to sign the id token (examples: RS256, HS256)                    |
 | `userinfo_signed_response_alg`                       | string  | none                 | The algorithm used to sign the userinfo response (examples: RS256, HS256)           |
-| `prompt`                                             | string  | (empty)              | Prompt parameter for authorization url (examples: select_account, login, consent)   |
-| `end_session_endpoint`                               | URL     | (empty)              | Http(s) alternative end session endpoint (logout URI)                               |
 | Request timeout                                      | string  | 30,000 (30 seconds)  | Number of milliseconds to wait for http requests to complete before giving up       |
 | Storage Label Claim                                  | string  | preferred_username   | Claim mapping for the user's storage label**¹**                                     |
 | Role Claim                                           | string  | immich_role          | Claim mapping for the user's role. (should return "user" or "admin")**¹**           |
@@ -187,7 +180,6 @@ Configuration of OAuth in Immich System Settings
 | Scope                              | openid email profile immich_scope                                   |
 | ID Token Signed Response Algorithm | RS256                                                               |
 | Userinfo Signed Response Algorithm | RS256                                                               |
-| End Session Endpoint               | https://auth.example.com/logout?rd=https://immich.example.com/      |
 | Storage Label Claim                | uid                                                                 |
 | Storage Quota Claim                | immich_quota                                                        |
 | Default Storage Quota (GiB)        | 0 (empty for unlimited quota)                                       |
@@ -261,40 +253,4 @@ Configuration of OAuth in Immich System Settings

 </details>

-<details>
-<summary>Keycloak Example</summary>
-
-### Keycloak Example
-
-Here's an example of OAuth configured for Keycloak:
-
-Create your immich client on your Keycloak Realm.
-
-<img src={require('./img/keycloak-general-settings.webp').default} width='100%' title="Keycloak Client general Settings" />
-<img src={require('./img/keycloak-access-settings.webp').default} width='100%' title="Keycloak Client Access Settings" />
-<img src={require('./img/keycloak-capability-config.webp').default} width='100%' title="Keycloak Client Capability Configuration" />
-
-Configuration of OAuth in Immich System Settings
-
-| Setting                      | Value                                                 |
-| ---------------------------- | ----------------------------------------------------- |
-| Issuer URL                   | `https://<KEYCLOAK_DOMAIN>/realms/<YOUR_REALM>`       |
-| Client ID                    | immich                                                |
-| Client Secret                | can be optained from Clients -> immich -> Credentials |
-| Scope                        | openid email profile                                  |
-| Signing Algorithm            | RS256                                                 |
-| Storage Label Claim          | preferred_username                                    |
-| Role Claim                   | immich_role                                           |
-| Storage Quota Claim          | immich_quota                                          |
-| Default Storage Quota (GiB)  | 0 (empty for unlimited quota)                         |
-| Button Text                  | Sign in with Keycloak (recommended)                   |
-| Auto Register                | Enabled (optional)                                    |
-| Auto Launch                  | Enabled (optional)                                    |
-| Mobile Redirect URI Override | Disabled                                              |
-| Mobile Redirect URI          |                                                       |
-
-Role Claim can be managed via Client Role. Remember to create a mapper with claim name `immich_role`.
-
-</details>
-
 [oidc]: https://openid.net/connect/
@@ -81,7 +81,7 @@ VectorChord is the successor extension to pgvecto.rs, allowing for higher perfor

 ### Migrating from pgvecto.rs

-Support for pgvecto.rs has been dropped as of 3.0, hence all users currently using pgvecto.rs should migrate to VectorChord. There are two primary approaches to do so.
+Support for pgvecto.rs will be dropped in a later release, hence we recommend all users currently using pgvecto.rs to migrate to VectorChord at their convenience. There are two primary approaches to do so.

 The easiest option is to have both extensions installed during the migration:

@@ -80,9 +80,9 @@ To see local changes to `@immich/ui` in Immich, do the following:

 1. Install `@immich/ui` as a sibling to `immich/`, for example `/home/user/immich` and `/home/user/ui`
 2. Build the `@immich/ui` project via `pnpm run build`
-3. Uncomment the corresponding volume in web service of the `docker/docker-compose.dev.yml` file (`../../ui:/usr/src/ui`)
-4. Uncomment the corresponding alias in the `web/vite.config.ts` file (`'@immich/ui': path.resolve(\_\_dirname, '../../ui/packages/ui')`)
-5. Uncomment the import statement in `web/src/app.css` file `@import '../../../ui/packages/ui/dist/theme/default.css';` and comment out `@import '@immich/ui/theme/default.css';`
+3. Uncomment the corresponding volume in web service of the `docker/docker-compose.dev.yaml` file (`../../ui:/usr/ui`)
+4. Uncomment the corresponding alias in the `web/vite.config.js` file (`'@immich/ui': path.resolve(\_\_dirname, '../../ui')`)
+5. Uncomment the import statement in `web/src/app.css` file `@import '/usr/ui/dist/theme/default.css';` and comment out `@import '@immich/ui/theme/default.css';`
 6. Start up the stack via `make dev`
 7. After making changes in `@immich/ui`, rebuild it (`pnpm run build`)

@@ -50,8 +50,6 @@ Some basic examples:
 - `**/Raw/**` will exclude all files in any directory named `Raw`
 - `**/*.{tif,jpg}` will exclude all files with the extension `.tif` or `.jpg`

-Note that `*` is a wildcard matching zero or more characters (i.e., withinin a filename or single directory name). `**` matches zero or more subdirectories, recursively. It also includes any/all files within a subdirectory, i.e., when used at the end of a pattern. For example, `**/exclude_me/**` will exclude all files in any directory named `exclude_me`, as well as all files in any subdirectories of `exclude_me`, recursively.
-
 Special characters such as @ should be escaped, for instance:

 - `**/\@eaDir/**` will exclude all files in any directory named `@eaDir`
@@ -47,7 +47,6 @@ You do not need to redo any machine learning jobs after enabling hardware accele

 #### ROCm

- On Linux, The [AMDGPU driver module](https://rocm.docs.amd.com/projects/install-on-linux/en/latest/how-to/docker.html) needs to be installed on the server and, if secure boot is used, the signing key of DKMS [needs to be enrolled in UEFI BIOS](https://wiki.debian.org/SecureBoot)
 - The GPU must be supported by ROCm. If it isn't officially supported, you can attempt to use the `HSA_OVERRIDE_GFX_VERSION` environmental variable: `HSA_OVERRIDE_GFX_VERSION=<a supported version, e.g. 10.3.0>`. If this doesn't work, you might need to also set `HSA_USE_SVM=0`.
 - The ROCm image is quite large and requires at least 35GiB of free disk space. However, pulling later updates to the service through Docker will generally only amount to a few hundred megabytes as the rest will be cached.
 - This backend is new and may experience some issues. For example, GPU power consumption can be higher than usual after running inference, even if the machine learning service is idle. In this case, it will only go back to normal after being idle for 5 minutes (configurable with the [MACHINE_LEARNING_MODEL_TTL](/install/environment-variables) setting).
@@ -18,7 +18,6 @@ You can search the following types of content:
 | People                              | Faces that are recognized in your photos/videos.      |
 | Contextual                          | Content of the photos and videos.                     |
 | File name or extension              | Full or partial file's name, or file's extension      |
-| Full path or folder                 | Full or partial folder names from the original path.  |
 | Description                         | Description added to assets.                          |
 | Optical Character Recognition (OCR) | Text in images                                        |
 | Locations                           | Cities, states, and countries from reverse geocoding. |
@@ -27,16 +26,10 @@ You can search the following types of content:
 | Time frame                          | Start and end date of a specific time bucket          |
 | Media type                          | Image or video or both                                |
 | Display options                     | In Archive, in Favorites or Not in any album          |
-| Star rating                         | User-assigned star rating                             |
+| Start rating                        | User-assigned start rating                            |

 <img src={require('./img/advanced-search-filters.webp').default} width="70%" title='Advanced search filters' />

-### Full path or folder
-
-Use this mode when you know a folder name or part of the original asset path.
-
-Example: for /John/Projects/3D_Printing/2026-07-01/IMG_0001.jpg, searches like Projects, 3D, Printing, or 2026 match the asset.
-
 ## Configuration

 Navigating to `Administration > Settings > Machine Learning Settings > Smart Search` will show the options available.
@@ -18,7 +18,6 @@ For the full list, refer to the [Immich source code](https://github.com/immich-a
 | `JPEG 2000` | `.jp2`                        | :white_check_mark: |                 |
 | `JPEG`      | `.jpeg` `.jpg` `.jpe` `.insp` | :white_check_mark: |                 |
 | `JPEG XL`   | `.jxl`                        | :white_check_mark: |                 |
-| `MPO`       | `.mpo`                        | :white_check_mark: | Multi-Picture   |
 | `PNG`       | `.png`                        | :white_check_mark: |                 |
 | `PSD`       | `.psd`                        | :white_check_mark: | Adobe Photoshop |
 | `RAW`       | `.raw`                        | :white_check_mark: |                 |
@@ -29,17 +28,17 @@ For the full list, refer to the [Immich source code](https://github.com/immich-a

 ## Video formats

-| Format      | Extension(s)                |     Supported?     | Notes |
-| :---------- | :-------------------------- | :----------------: | :---- |
-| `3GPP`      | `.3gp` `.3gpp`              | :white_check_mark: |       |
-| `AVI`       | `.avi`                      | :white_check_mark: |       |
-| `FLV`       | `.flv`                      | :white_check_mark: |       |
-| `M4V`       | `.m4v`                      | :white_check_mark: |       |
-| `MATROSKA`  | `.mkv`                      | :white_check_mark: |       |
-| `MP2T`      | `.mts` `.m2ts` `.m2t` `.ts` | :white_check_mark: |       |
-| `MP4`       | `.mp4` `.insv`              | :white_check_mark: |       |
-| `MPEG`      | `.mpg` `.mpe` `.mpeg`       | :white_check_mark: |       |
-| `MXF`       | `.mxf`                      | :white_check_mark: |       |
-| `QUICKTIME` | `.mov`                      | :white_check_mark: |       |
-| `WEBM`      | `.webm`                     | :white_check_mark: |       |
-| `WMV`       | `.wmv`                      | :white_check_mark: |       |
+| Format      | Extension(s)          |     Supported?     | Notes |
+| :---------- | :-------------------- | :----------------: | :---- |
+| `3GPP`      | `.3gp` `.3gpp`        | :white_check_mark: |       |
+| `AVI`       | `.avi`                | :white_check_mark: |       |
+| `FLV`       | `.flv`                | :white_check_mark: |       |
+| `M4V`       | `.m4v`                | :white_check_mark: |       |
+| `MATROSKA`  | `.mkv`                | :white_check_mark: |       |
+| `MP2T`      | `.mts` `.m2ts` `.m2t` | :white_check_mark: |       |
+| `MP4`       | `.mp4` `.insv`        | :white_check_mark: |       |
+| `MPEG`      | `.mpg` `.mpe` `.mpeg` | :white_check_mark: |       |
+| `MXF`       | `.mxf`                | :white_check_mark: |       |
+| `QUICKTIME` | `.mov`                | :white_check_mark: |       |
+| `WEBM`      | `.webm`               | :white_check_mark: |       |
+| `WMV`       | `.wmv`                | :white_check_mark: |       |
@@ -20,6 +20,8 @@ def upload(file):
    }

    data = {
+        'deviceAssetId': f'{file}-{stats.st_mtime}',
+        'deviceId': 'python',
        'fileCreatedAt': datetime.fromtimestamp(stats.st_mtime),
        'fileModifiedAt': datetime.fromtimestamp(stats.st_mtime),
        'isFavorite': 'false',
@@ -39,7 +39,7 @@ You can learn how to set up Tailscale together with Immich with the [tutorial vi
 ### Cons

 - The Tailscale client usually needs to run as root on your devices and it increases the attack surface slightly compared to a minimal Wireguard server. e.g., an [RCE vulnerability](https://github.com/tailscale/tailscale/security/advisories/GHSA-vqp6-rc3h-83cp) was discovered in the Windows Tailscale client in November 2022.
- Tailscale is a paid service. However, there is a generous [free tier](https://tailscale.com/pricing/) suitable for personal use.
+- Tailscale is a paid service. However, there is a generous [free tier](https://tailscale.com/pricing/) that permits up to 3 users and up to 100 devices.
 - Tailscale needs to be installed and running on both server-side and client-side.

 ## Option 3: Reverse Proxy
@@ -193,7 +193,6 @@ The default configuration looks like this:
    "defaultStorageQuota": null,
    "enabled": false,
    "issuerUrl": "",
-    "endSessionEndpoint": "",
    "mobileOverrideEnabled": false,
    "mobileRedirectUri": "",
    "profileSigningAlgorithm": "none",
@@ -29,31 +29,29 @@ These environment variables are used by the `docker-compose.yml` file and do **N

 ## General

-| Variable                            | Description                                                                                                                                                          |           Default            | Containers               | Workers            |
-| :---------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
-| `TZ`                                | Timezone                                                                                                                                                             |        <sup>\*1</sup>        | server                   | microservices      |
-| `IMMICH_ENV`                        | Environment (production, development)                                                                                                                                |         `production`         | server, machine learning | api, microservices |
-| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                                                                                                         |            `log`             | server, machine learning | api, microservices |
-| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                                                                                                |          `console`           | server                   | api, microservices |
-| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️                                                                            |           `/data`            | server                   | api, microservices |
-| `IMMICH_CONFIG_FILE`                | Path to config file                                                                                                                                                  |                              | server                   | api, microservices |
-| `IMMICH_HELMET_FILE`                | Path to a json file with [helmet](https://www.npmjs.com/package/helmet) options. Set to `false` to disable. Set to `true` to use `server/helmet.json`<sup>\*3</sup>. |           `false`            | server                   | api                |
-| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                                                                                                      |           `false`            | server, machine learning |                    |
-| `CPU_CORES`                         | Number of cores available to the Immich server                                                                                                                       | auto-detected CPU core count | server                   |                    |
-| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                                                                                            |            `8081`            | server                   | api                |
-| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                                                                                            |            `8082`            | server                   | microservices      |
-| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                                                                                                  |                              | server                   | microservices      |
-| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                                                                                                   |                              | server                   | api                |
-| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                                                                                             |                              | server                   | api, microservices |
-| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                                                                                             |            `true`            | server                   | api                |
+| Variable                            | Description                                                                                                                                            |           Default            | Containers               | Workers            |
+| :---------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
+| `TZ`                                | Timezone                                                                                                                                               |        <sup>\*1</sup>        | server                   | microservices      |
+| `IMMICH_ENV`                        | Environment (production, development)                                                                                                                  |         `production`         | server, machine learning | api, microservices |
+| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                                                                                           |            `log`             | server, machine learning | api, microservices |
+| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                                                                                  |          `console`           | server                   | api, microservices |
+| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️                                                              |           `/data`            | server                   | api, microservices |
+| `IMMICH_CONFIG_FILE`                | Path to config file                                                                                                                                    |                              | server                   | api, microservices |
+| `IMMICH_HELMET_FILE`                | Path to a json file with [helmet](https://www.npmjs.com/package/helmet) options. Set to `false` to disable. Set to `true` to use `server/helmet.json`. |           `false`            | server                   | api, microservices |
+| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                                                                                        |           `false`            | server, machine learning |                    |
+| `CPU_CORES`                         | Number of cores available to the Immich server                                                                                                         | auto-detected CPU core count | server                   |                    |
+| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                                                                              |            `8081`            | server                   | api                |
+| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                                                                              |            `8082`            | server                   | microservices      |
+| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                                                                                    |                              | server                   | microservices      |
+| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                                                                                     |                              | server                   | api                |
+| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                                                                               |                              | server                   | api, microservices |
+| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                                                                               |            `true`            | server                   | api                |

 \*1: `TZ` should be set to a `TZ identifier` from [this list][tz-list]. For example, `TZ="Etc/UTC"`.
 `TZ` is used by `exiftool` as a fallback in case the timezone cannot be determined from the image metadata. It is also used for logfile timestamps and cron job execution.

 \*2: This path is where the Immich code looks for the files, which is internal to the docker container. Setting it to a path on your host will certainly break things, you should use the `UPLOAD_LOCATION` variable instead.

-\*3: The [default configuration](https://helmetjs.github.io/#content-security-policy) sets `upgrade-insecure-requests`, which tells the browser to upgrade all requests to HTTPS. This breaks on HTTP-only deployments. If you cannot use HTTPS, you should use a custom helmet config file with `"upgrade-insecure-requests": null`.
-
 ## Workers

 | Variable                 | Description                                                                                          | Default | Containers |
@@ -83,7 +81,7 @@ Information on the current workers can be found [here](/administration/jobs-work
 | `DB_PASSWORD`                       | Database password                                                                      | `postgres` | server, database<sup>\*1</sup> |
 | `DB_DATABASE_NAME`                  | Database name                                                                          |  `immich`  | server, database<sup>\*1</sup> |
 | `DB_SSL_MODE`                       | Database SSL mode                                                                      |            | server                         |
-| `DB_VECTOR_EXTENSION`<sup>\*2</sup> | Database vector extension (one of [`vectorchord`, `pgvector`])                         |            | server                         |
+| `DB_VECTOR_EXTENSION`<sup>\*2</sup> | Database vector extension (one of [`vectorchord`, `pgvector`, `pgvecto.rs`])           |            | server                         |
 | `DB_SKIP_MIGRATIONS`                | Whether to skip running migrations on startup (one of [`true`, `false`])               |  `false`   | server                         |
 | `DB_STORAGE_TYPE`                   | Optimize concurrent IO on SSDs or sequential IO on HDDs ([`SSD`, `HDD`])<sup>\*3</sup> |   `SSD`    | database                       |

@@ -49,7 +49,7 @@ Immich requires [**Docker**](https://docs.docker.com/get-started/get-docker/) wi
 The Compose plugin will be installed by both Docker Engine and Desktop by following the linked installation guides; it can also be [separately installed](https://docs.docker.com/compose/install/).

 :::note
-Immich requires the command `docker compose`; the similarly named `docker-compose` is [deprecated](https://docs.docker.com/retired/#docker-compose-v1-replaced-by-compose-v2) and is no longer supported by Immich.
+Immich requires the command `docker compose`; the similarly named `docker-compose` is [deprecated](https://docs.docker.com/compose/migrate/) and is no longer supported by Immich.
 :::

 ### Special requirements for Windows users
@@ -130,3 +130,7 @@ These storage mediums have different performance characteristics. As a result, t
 #### Can I use the new database image as a general PostgreSQL image outside of Immich?

 It’s a standard PostgreSQL container image that additionally contains the VectorChord, pgvector, and (optionally) pgvecto.rs extensions. If you were using the previous pgvecto.rs image for other purposes, you can similarly do so with this image.
+
+#### If pgvecto.rs and pgvector still work, why should I switch to VectorChord?
+
+VectorChord is faster, more stable, uses less RAM, and (with the settings Immich uses) offers higher-quality results than pgvector and pgvecto.rs. This translates to better search and facial recognition experiences. In addition, pgvecto.rs support will be dropped in the future, so changing it sooner will avoid disruption.
@@ -6,8 +6,6 @@ You can read more about the differences between storage template engine on and o

 The admin user can set the template by using the template builder in the `Administration -> Settings -> Storage Template`. Immich provides a set of variables that you can use in constructing the template, along with additional custom text. If the template produces [multiple files with the same filename, they won't be overwritten](https://github.com/immich-app/immich/discussions/3324) as a sequence number is appended to the filename.

-Date and time variables in storage templates are rendered in the server's local timezone.
-
 ```bash title="Default template"
 Year/Year-Month-Day/Filename.Extension
 ```
@@ -17,10 +17,10 @@
    "write-heading-ids": "docusaurus write-heading-ids"
  },
  "dependencies": {
-    "@docusaurus/core": "~3.10.0",
-    "@docusaurus/preset-classic": "~3.10.0",
-    "@docusaurus/theme-common": "~3.10.0",
-    "@docusaurus/theme-mermaid": "~3.10.0",
+    "@docusaurus/core": "~3.9.0",
+    "@docusaurus/preset-classic": "~3.9.0",
+    "@docusaurus/theme-common": "~3.9.0",
+    "@docusaurus/theme-mermaid": "~3.9.0",
    "@mdi/js": "^7.3.67",
    "@mdi/react": "^1.6.1",
    "@mdx-js/react": "^3.0.0",
@@ -30,17 +30,17 @@
    "postcss": "^8.4.25",
    "prism-react-renderer": "^2.3.1",
    "raw-loader": "^4.0.2",
-    "react": "^19.0.0",
-    "react-dom": "^19.0.0",
+    "react": "^18.0.0",
+    "react-dom": "^18.0.0",
    "tailwindcss": "^3.2.4",
    "url": "^0.11.0"
  },
  "devDependencies": {
-    "@docusaurus/module-type-aliases": "~3.10.0",
-    "@docusaurus/tsconfig": "^3.10.0",
-    "@docusaurus/types": "^3.10.0",
+    "@docusaurus/module-type-aliases": "~3.9.0",
+    "@docusaurus/tsconfig": "^3.7.0",
+    "@docusaurus/types": "^3.7.0",
    "prettier": "^3.7.4",
-    "typescript": "^6.0.0"
+    "typescript": "^5.1.6"
  },
  "browserslist": {
    "production": [
@@ -58,6 +58,6 @@
    "node": ">=20"
  },
  "volta": {
-    "node": "24.15.0"
+    "node": "24.14.0"
  }
 }
@@ -1,8 +1,4 @@
 [
-  {
-    "label": "v2.7.5",
-    "url": "https://docs.v2.7.5.archive.immich.app"
-  },
  {
    "label": "v2.6.3",
    "url": "https://docs.v2.6.3.archive.immich.app"
@@ -1,4 +1,8 @@
 {
  // This file is not used in compilation. It is here just for a nice editor experience.
-  "extends": "@docusaurus/tsconfig"
+  "extends": "@docusaurus/tsconfig",
+
+  "compilerOptions": {
+    "baseUrl": "."
+  }
 }
@@ -1,12 +1,5 @@
-import {
-  calculateJwkThumbprint,
-  exportJWK,
-  importPKCS8,
-  importSPKI,
-  SignJWT,
-} from 'jose';
+import { exportJWK, generateKeyPair } from 'jose';
 import Provider from 'oidc-provider';
-import { PRIVATE_KEY_PEM, PUBLIC_KEY_PEM } from './test-keys';

 export enum OAuthClient {
  DEFAULT = 'client-default',
@@ -51,29 +44,6 @@ const claims = [
  },
 ];

-const privateKey = await importPKCS8(PRIVATE_KEY_PEM, 'RS256', {
-  extractable: true,
-});
-const publicKey = await importSPKI(PUBLIC_KEY_PEM, 'RS256', {
-  extractable: true,
-});
-const kid = await calculateJwkThumbprint(await exportJWK(publicKey));
-
-export async function generateLogoutToken(iss: string, sub: string) {
-  return await new SignJWT({
-    iss: iss,
-    aud: OAuthClient.DEFAULT,
-    iat: Math.floor(Date.now() / 1000),
-    jti: crypto.randomUUID(),
-    sub: sub,
-    events: {
-      'http://schemas.openid.net/event/backchannel-logout': {},
-    },
-  })
-    .setProtectedHeader({ alg: 'RS256', typ: 'logout+jwt', kid: kid })
-    .sign(privateKey);
-}
-
 const withDefaultClaims = (sub: string) => ({
  sub,
  email: `${sub}@immich.app`,
@@ -96,6 +66,8 @@ const getClaims = (sub: string, use?: string) => {
 };

 const setup = async () => {
+  const { privateKey, publicKey } = await generateKeyPair('RS256');
+
  const redirectUris = [
    'http://127.0.0.1:2285/auth/login',
    'https://photos.immich.app/oauth/mobile-redirect',
@@ -7,7 +7,7 @@
    "start": "tsx startup.ts"
  },
  "devDependencies": {
-    "jose": "^6.0.0",
+    "jose": "^5.6.3",
    "@types/oidc-provider": "^9.0.0",
    "oidc-provider": "^9.0.0",
    "tsx": "^4.20.6"
@@ -1,38 +0,0 @@
-export const PRIVATE_KEY_PEM = `-----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCVj5C7hzN3E2HO
-TcJ+DN/e2NSTQFj4rPylz4J8xjm8Es7l0k2kK5EEGvUNVGZbw7s055c+6kwP9eqg
-B5XFE7+26Fcq1sou6Tbm310kU4dnMW5l2CgwrhaGyb1pNysao0AMLT60dFYqtUwn
-ha9ceCsa+ZU1JrknVf3rONtppBvhWoI7CO9XX1keVQ0unHPzCWUjpXTzC8OGEbmB
-2w7ZIUf8OfJkd5RZ4OtIpML71W9n13aDxT50x2/EW/pFLFtQ/oaleOKHpvlRXDRX
-W86G4moUJym3gHMXMUj2aOcFG2UJnpLruKz3i5qZwYiTRlBP6O9EIQNCVtYxchuN
-V1CCcBU1AgMBAAECggEAJLfXMu8Nx89ynPVyyUMMaFfoEpHC9iR0L5obQVpiPMYK
-VRqVVLecdftPS9s7eQ58BNBRzdC0ZVu841aRYs3HLNbsZZhPkYZQpAxU//Dg5okY
-fzj7Hv5yidt4HN9+Pd8z/3lRMnj4WapifLaBt8xJ2ujJBMBRxzJBsXDnT0+Kx7+y
-bYDeuVfyUTEikaK3QZTbuRF3D3eiuN16GG+hv8UqTF2eYbPxdiLjYpTSHa4mH88C
-qfJz2Xt4SEzmyeo3G+MO17wDFOwtEe8ojlJfULHnHJSFdUwTfYIFM1bg5/fJ9MOS
-/fO3TSG+wkQqjQa6eoGssAzP87fL2XNLzlDtGY/7uQKBgQDHuJHOtf1EjOvNYiP7
-EN+8QGs41ghzt9CQRQxWbHpusR3IW3P83KMXwYmrlG70oOUXBRGSB/ESXUofXc5W
-pu5+Y55S44aUnu/a9yOBttYW0dtHZSL0zFT+PlVASwUzFZ2zcH1KXlUkSpfL5OAD
-PyDDTnBZ2AWh45fRO9wLo6PPuQKBgQC/tI03RqU3mOjqukKbquYeIpXHfRU5Z0DM
-u9ru1THYEl6fmkMXycxo/mvW3awyFuyKy/VodqIgKnFgumEqCHZh6OAMm/LC7TfA
-l9tjFSs/MyOqQVD4kbX+z6Oq4c4GccDoXfsQ3gzECoBapegi/F+6/25y+/C8ghXb
-J/Jg1GQXXQKBgQDFgWbfzuVZZyrBfu4qGLPJDMN7/114YizknwPma3xf/tN/EcGQ
-K/k1QvWMMkvPq1UiAKcxjJ0AFjV482FcG9T6NDWbrtmmG88C8Sex3Ue2ZW2+GuwI
-vhDHJIlV/Vp0/Elp7DJa2xLDwuh+gCZvz3vs6KL+ljxrrhCyn8mp0PfsMQKBgFFZ
-KnuETOO0zVGdzFoGQTQUdP58A5+iQwsdxB+I9Ge+E80iRso3ZbhADj7VPhbbR3D2
-b6LuhImluQrUzBpsEOAnU7vGCVPSGdBuIDiBaSKebsn2gYeZPWNtdQQ0YZq2dqek
-Cb/0mfIuipzsvf7qnSza62F7q4IyqVegMegI+Jg5AoGATM3NMy7JZeKzSkm+3ohU
-3xZOwgqKV9SH+0OeYWpuBxT7D7FlrKKI4NJ3XN3hg2f/DJAF6dH11CPe7pk94yol
-HMbh+PQUQ6GYvAzxIOvagWboQ3lzeyubNMpyFjfOrIE/WOQCUBZ9tIwCHIarIuyi
-QRuNOj3+U8T/n1Ww352HBdw=
-----END PRIVATE KEY-----`;
-
-export const PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY+Qu4czdxNhzk3Cfgzf
-3tjUk0BY+Kz8pc+CfMY5vBLO5dJNpCuRBBr1DVRmW8O7NOeXPupMD/XqoAeVxRO/
-tuhXKtbKLuk25t9dJFOHZzFuZdgoMK4Whsm9aTcrGqNADC0+tHRWKrVMJ4WvXHgr
-GvmVNSa5J1X96zjbaaQb4VqCOwjvV19ZHlUNLpxz8wllI6V08wvDhhG5gdsO2SFH
-/DnyZHeUWeDrSKTC+9VvZ9d2g8U+dMdvxFv6RSxbUP6GpXjih6b5UVw0V1vOhuJq
-FCcpt4BzFzFI9mjnBRtlCZ6S67is94uamcGIk0ZQT+jvRCEDQlbWMXIbjVdQgnAV
-NQIDAQAB
-----END PUBLIC KEY-----`;
@@ -1 +1 @@
-24.15.0
+24.14.0
@@ -44,7 +44,7 @@ services:

  redis:
    container_name: immich-e2e-redis
-    image: docker.io/valkey/valkey:9@sha256:3b55fbaa0cd93cf0d9d961f405e4dfcc70efe325e2d84da207a0a8e6d8fde4f9
+    image: docker.io/valkey/valkey:9@sha256:3eeb09785cd61ec8e3be35f8804c8892080f3ca21934d628abc24ee4ed1698f6
    healthcheck:
      test: redis-cli ping || exit 1

@@ -1,6 +1,6 @@
 {
  "name": "immich-e2e",
-  "version": "2.7.5",
+  "version": "2.6.3",
  "description": "",
  "main": "index.js",
  "type": "module",
@@ -32,15 +32,15 @@
    "@playwright/test": "^1.44.1",
    "@socket.io/component-emitter": "^3.1.2",
    "@types/luxon": "^3.4.2",
-    "@types/node": "^24.12.2",
+    "@types/node": "^24.12.0",
    "@types/pg": "^8.15.1",
    "@types/pngjs": "^6.0.4",
-    "@types/supertest": "^7.0.0",
+    "@types/supertest": "^6.0.2",
    "dotenv": "^17.2.3",
    "eslint": "^10.0.0",
    "eslint-config-prettier": "^10.1.8",
    "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^64.0.0",
+    "eslint-plugin-unicorn": "^63.0.0",
    "exiftool-vendored": "^35.0.0",
    "globals": "^17.0.0",
    "luxon": "^3.4.4",
@@ -50,14 +50,15 @@
    "prettier-plugin-organize-imports": "^4.0.0",
    "sharp": "^0.34.5",
    "socket.io-client": "^4.7.4",
+    "structured-headers": "^2.0.2",
    "supertest": "^7.0.0",
-    "typescript": "^6.0.0",
+    "typescript": "^5.3.3",
    "typescript-eslint": "^8.28.0",
    "utimes": "^5.2.1",
    "vite-tsconfig-paths": "^6.1.1",
    "vitest": "^4.0.0"
  },
  "volta": {
-    "node": "24.15.0"
+    "node": "24.14.0"
  }
 }
@@ -2,44 +2,82 @@ import { expect } from 'vitest';

 export const errorDto = {
  unauthorized: {
+    error: 'Unauthorized',
+    statusCode: 401,
    message: 'Authentication required',
+    correlationId: expect.any(String),
  },
  unauthorizedWithMessage: (message: string) => ({
+    error: 'Unauthorized',
+    statusCode: 401,
    message,
+    correlationId: expect.any(String),
  }),
  forbidden: {
+    error: 'Forbidden',
+    statusCode: 403,
    message: expect.any(String),
+    correlationId: expect.any(String),
  },
  missingPermission: (permission: string) => ({
+    error: 'Forbidden',
+    statusCode: 403,
    message: `Missing required permission: ${permission}`,
+    correlationId: expect.any(String),
  }),
  wrongPassword: {
+    error: 'Bad Request',
+    statusCode: 400,
    message: 'Wrong password',
+    correlationId: expect.any(String),
  },
  invalidToken: {
+    error: 'Unauthorized',
+    statusCode: 401,
    message: 'Invalid user token',
+    correlationId: expect.any(String),
  },
  invalidShareKey: {
+    error: 'Unauthorized',
+    statusCode: 401,
    message: 'Invalid share key',
+    correlationId: expect.any(String),
  },
  passwordRequired: {
+    error: 'Unauthorized',
+    statusCode: 401,
    message: 'Password required',
+    correlationId: expect.any(String),
  },
  badRequest: (message: any = null) => ({
+    error: 'Bad Request',
+    statusCode: 400,
    message: message ?? expect.anything(),
-  }),
-  validationError: (errors?: ReadonlyArray<{ path: ReadonlyArray<string | number>; message: string }>) => ({
-    message: 'Validation failed',
-    errors: errors ? expect.arrayContaining(errors.map((e) => expect.objectContaining(e))) : expect.any(Array),
+    correlationId: expect.any(String),
  }),
  noPermission: {
+    error: 'Bad Request',
+    statusCode: 400,
    message: expect.stringContaining('Not found or no'),
+    correlationId: expect.any(String),
  },
  incorrectLogin: {
+    error: 'Unauthorized',
+    statusCode: 401,
    message: 'Incorrect email or password',
+    correlationId: expect.any(String),
  },
  alreadyHasAdmin: {
+    error: 'Bad Request',
+    statusCode: 400,
    message: 'The server already has an admin',
+    correlationId: expect.any(String),
+  },
+  invalidEmail: {
+    error: 'Bad Request',
+    statusCode: 400,
+    message: ['email must be an email'],
+    correlationId: expect.any(String),
  },
 };

@@ -130,11 +130,12 @@ describe('/albums', () => {
  describe('GET /albums', () => {
    it("should not show other users' favorites", async () => {
      const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[0].id}`)
+        .get(`/albums/${user1Albums[0].id}?withoutAssets=false`)
        .set('Authorization', `Bearer ${user2.accessToken}`);
      expect(status).toEqual(200);
      expect(body).toEqual({
        ...user1Albums[0],
+        assets: [expect.objectContaining({ isFavorite: false })],
        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
        lastModifiedAssetTimestamp: expect.any(String),
        startDate: expect.any(String),
@@ -154,31 +155,23 @@ describe('/albums', () => {
      expect(body).toEqual(
        expect.arrayContaining([
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedLink,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedEditorUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedViewerUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user2.userId,
            albumName: user2SharedUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user2.userId }) },
-            ]),
            shared: true,
          }),
        ]),
@@ -192,31 +185,23 @@ describe('/albums', () => {
      expect(body).toEqual(
        expect.arrayContaining([
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedEditorUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedViewerUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedLink,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1NotShared,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: false,
          }),
        ]),
@@ -232,31 +217,23 @@ describe('/albums', () => {
      expect(body).toEqual(
        expect.arrayContaining([
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedEditorUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedViewerUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1SharedLink,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: true,
          }),
          expect.objectContaining({
+            ownerId: user2.userId,
            albumName: user2SharedUser,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user2.userId }) },
-            ]),
            shared: true,
          }),
        ]),
@@ -272,10 +249,8 @@ describe('/albums', () => {
      expect(body).toEqual(
        expect.arrayContaining([
          expect.objectContaining({
+            ownerId: user1.userId,
            albumName: user1NotShared,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
-            ]),
            shared: false,
          }),
        ]),
@@ -312,17 +287,13 @@ describe('/albums', () => {
      expect(body).toEqual(
        expect.arrayContaining([
          expect.objectContaining({
+            ownerId: user4.userId,
            albumName: user4DeletedAsset,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user4.userId }) },
-            ]),
            shared: false,
          }),
          expect.objectContaining({
+            ownerId: user4.userId,
            albumName: user4Empty,
-            albumUsers: expect.arrayContaining([
-              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user4.userId }) },
-            ]),
            shared: false,
          }),
        ]),
@@ -333,12 +304,13 @@ describe('/albums', () => {
  describe('GET /albums/:id', () => {
    it('should return album info for own album', async () => {
      const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[0].id}`)
+        .get(`/albums/${user1Albums[0].id}?withoutAssets=false`)
        .set('Authorization', `Bearer ${user1.accessToken}`);

      expect(status).toBe(200);
      expect(body).toEqual({
        ...user1Albums[0],
+        assets: [expect.objectContaining({ id: user1Albums[0].assets[0].id })],
        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
        lastModifiedAssetTimestamp: expect.any(String),
        startDate: expect.any(String),
@@ -350,7 +322,7 @@ describe('/albums', () => {

    it('should return album info for shared album (editor)', async () => {
      const { status, body } = await request(app)
-        .get(`/albums/${user2Albums[0].id}`)
+        .get(`/albums/${user2Albums[0].id}?withoutAssets=false`)
        .set('Authorization', `Bearer ${user1.accessToken}`);

      expect(status).toBe(200);
@@ -359,14 +331,14 @@ describe('/albums', () => {

    it('should return album info for shared album (viewer)', async () => {
      const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[3].id}`)
+        .get(`/albums/${user1Albums[3].id}?withoutAssets=false`)
        .set('Authorization', `Bearer ${user2.accessToken}`);

      expect(status).toBe(200);
      expect(body).toMatchObject({ id: user1Albums[3].id });
    });

-    it('should return album info', async () => {
+    it('should return album info with assets when withoutAssets is undefined', async () => {
      const { status, body } = await request(app)
        .get(`/albums/${user1Albums[0].id}`)
        .set('Authorization', `Bearer ${user1.accessToken}`);
@@ -374,6 +346,25 @@ describe('/albums', () => {
      expect(status).toBe(200);
      expect(body).toEqual({
        ...user1Albums[0],
+        assets: [expect.objectContaining({ id: user1Albums[0].assets[0].id })],
+        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
+        lastModifiedAssetTimestamp: expect.any(String),
+        startDate: expect.any(String),
+        endDate: expect.any(String),
+        albumUsers: expect.any(Array),
+        shared: true,
+      });
+    });
+
+    it('should return album info without assets when withoutAssets is true', async () => {
+      const { status, body } = await request(app)
+        .get(`/albums/${user1Albums[0].id}?withoutAssets=true`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        ...user1Albums[0],
+        assets: [],
        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
        assetCount: 1,
        lastModifiedAssetTimestamp: expect.any(String),
@@ -388,21 +379,21 @@ describe('/albums', () => {
      await utils.deleteAssets(user1.accessToken, [user1Asset2.id]);

      const { status, body } = await request(app)
-        .get(`/albums/${user2Albums[0].id}`)
+        .get(`/albums/${user2Albums[0].id}?withoutAssets=true`)
        .set('Authorization', `Bearer ${user1.accessToken}`);

      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
-          assetCount: 1,
-          lastModifiedAssetTimestamp: expect.any(String),
-          endDate: expect.any(String),
-          startDate: expect.any(String),
-          albumUsers: expect.any(Array),
-          shared: true,
-        }),
-      );
+      expect(body).toEqual({
+        ...user2Albums[0],
+        assets: [],
+        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
+        assetCount: 1,
+        lastModifiedAssetTimestamp: expect.any(String),
+        endDate: expect.any(String),
+        startDate: expect.any(String),
+        albumUsers: expect.any(Array),
+        shared: true,
+      });
    });
  });

@@ -428,13 +419,16 @@ describe('/albums', () => {
        id: expect.any(String),
        createdAt: expect.any(String),
        updatedAt: expect.any(String),
+        ownerId: user1.userId,
        albumName: 'New album',
        description: '',
        albumThumbnailAssetId: null,
        shared: false,
-        albumUsers: [{ role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) }],
+        albumUsers: [],
        hasSharedLink: false,
+        assets: [],
        assetCount: 0,
+        owner: expect.objectContaining({ email: user1.userEmail }),
        isActivityEnabled: true,
        order: AssetOrder.Desc,
      });
@@ -650,11 +644,11 @@ describe('/albums', () => {
      expect(status).toBe(200);
      expect(body).toEqual(
        expect.objectContaining({
-          albumUsers: expect.arrayContaining([
+          albumUsers: [
            expect.objectContaining({
              user: expect.objectContaining({ id: user2.userId }),
            }),
-          ]),
+          ],
        }),
      );
    });
@@ -666,7 +660,7 @@ describe('/albums', () => {
        .send({ albumUsers: [{ userId: user1.userId, role: AlbumUserRole.Editor }] });

      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('User already added'));
+      expect(body).toEqual(errorDto.badRequest('Cannot be shared with owner'));
    });

    it('should not be able to add existing user to shared album', async () => {
@@ -692,7 +686,7 @@ describe('/albums', () => {
        albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
      });

-      expect(album.albumUsers[1].role).toEqual(AlbumUserRole.Viewer);
+      expect(album.albumUsers[0].role).toEqual(AlbumUserRole.Viewer);

      const { status } = await request(app)
        .put(`/albums/${album.id}/user/${user2.userId}`)
@@ -707,10 +701,7 @@ describe('/albums', () => {
        .set('Authorization', `Bearer ${user1.accessToken}`);
      expect(body).toEqual(
        expect.objectContaining({
-          albumUsers: [
-            expect.objectContaining({ role: AlbumUserRole.Owner }),
-            expect.objectContaining({ role: AlbumUserRole.Editor }),
-          ],
+          albumUsers: [expect.objectContaining({ role: AlbumUserRole.Editor })],
        }),
      );
    });
@@ -721,7 +712,7 @@ describe('/albums', () => {
        albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
      });

-      expect(album.albumUsers[1].role).toEqual(AlbumUserRole.Viewer);
+      expect(album.albumUsers[0].role).toEqual(AlbumUserRole.Viewer);

      const { status, body } = await request(app)
        .put(`/albums/${album.id}/user/${user2.userId}`)
@@ -1,6 +1,7 @@
 import {
  AssetMediaResponseDto,
  AssetMediaStatus,
+  AssetResponseDto,
  AssetTypeEnum,
  AssetVisibility,
  getAssetInfo,
@@ -18,7 +19,7 @@ import { Socket } from 'socket.io-client';
 import { createUserDto, uuidDto } from 'src/fixtures';
 import { makeRandomImage } from 'src/generators';
 import { errorDto } from 'src/responses';
-import { app, asBearerAuth, tempDir, testAssetDir, utils } from 'src/utils';
+import { app, asBearerAuth, tempDir, TEN_TIMES, testAssetDir, utils } from 'src/utils';
 import request from 'supertest';
 import { afterAll, beforeAll, describe, expect, it } from 'vitest';

@@ -94,8 +95,8 @@ describe('/asset', () => {
      utils.createAsset(user1.accessToken),
      utils.createAsset(user1.accessToken, {
        isFavorite: true,
-        fileCreatedAt: yesterday.toUTC().toISO(),
-        fileModifiedAt: yesterday.toUTC().toISO(),
+        fileCreatedAt: yesterday.toISO(),
+        fileModifiedAt: yesterday.toISO(),
        assetData: { filename: 'example.mp4' },
      }),
      utils.createAsset(user1.accessToken),
@@ -379,12 +380,62 @@ describe('/asset', () => {
    });
  });

+  describe('GET /assets/random', () => {
+    beforeAll(async () => {
+      await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      await utils.waitForQueueFinish(admin.accessToken, 'thumbnailGeneration');
+    });
+
+    it.each(TEN_TIMES)('should return 1 random assets', async () => {
+      const { status, body } = await request(app)
+        .get('/assets/random')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+
+      const assets: AssetResponseDto[] = body;
+      expect(assets.length).toBe(1);
+      expect(assets[0].ownerId).toBe(user1.userId);
+    });
+
+    it.each(TEN_TIMES)('should return 2 random assets', async () => {
+      const { status, body } = await request(app)
+        .get('/assets/random?count=2')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+
+      const assets: AssetResponseDto[] = body;
+      expect(assets.length).toBe(2);
+
+      for (const asset of assets) {
+        expect(asset.ownerId).toBe(user1.userId);
+      }
+    });
+
+    it.skip('should return 1 asset if there are 10 assets in the database but user 2 only has 1', async () => {
+      const { status, body } = await request(app)
+        .get('/assets/random')
+        .set('Authorization', `Bearer ${user2.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual([expect.objectContaining({ id: user2Assets[0].id })]);
+    });
+  });
+
  describe('PUT /assets/:id', () => {
    it('should require access', async () => {
      const { status, body } = await request(app)
        .put(`/assets/${user2Assets[0].id}`)
-        .set('Authorization', `Bearer ${user1.accessToken}`)
-        .send({});
+        .set('Authorization', `Bearer ${user1.accessToken}`);
      expect(status).toBe(400);
      expect(body).toEqual(errorDto.noPermission);
    });
@@ -1091,6 +1142,8 @@ describe('/asset', () => {
      const { body, status } = await request(app)
        .post('/assets')
        .set('Authorization', `Bearer ${quotaUser.accessToken}`)
+        .field('deviceAssetId', 'example-image')
+        .field('deviceId', 'e2e')
        .field('fileCreatedAt', new Date().toISOString())
        .field('fileModifiedAt', new Date().toISOString())
        .attach('assetData', makeRandomImage(), 'example.jpg');
@@ -1107,6 +1160,8 @@ describe('/asset', () => {
      const { body, status } = await request(app)
        .post('/assets')
        .set('Authorization', `Bearer ${quotaUser.accessToken}`)
+        .field('deviceAssetId', 'example-image')
+        .field('deviceId', 'e2e')
        .field('fileCreatedAt', new Date().toISOString())
        .field('fileModifiedAt', new Date().toISOString())
        .attach('assetData', randomBytes(2014), 'example.jpg');
@@ -1160,4 +1215,29 @@ describe('/asset', () => {
      expect(video.checksum).toStrictEqual(checksum);
    });
  });
+
+  describe('POST /assets/exist', () => {
+    it('ignores invalid deviceAssetIds', async () => {
+      const response = await utils.checkExistingAssets(user1.accessToken, {
+        deviceId: 'test-assets-exist',
+        deviceAssetIds: ['invalid', 'INVALID'],
+      });
+
+      expect(response.existingIds).toHaveLength(0);
+    });
+
+    it('returns the IDs of existing assets', async () => {
+      await utils.createAsset(user1.accessToken, {
+        deviceId: 'test-assets-exist',
+        deviceAssetId: 'test-asset-0',
+      });
+
+      const response = await utils.checkExistingAssets(user1.accessToken, {
+        deviceId: 'test-assets-exist',
+        deviceAssetIds: ['test-asset-0'],
+      });
+
+      expect(response.existingIds).toEqual(['test-asset-0']);
+    });
+  });
 });
@@ -110,9 +110,7 @@ describe('/libraries', () => {
        });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['importPaths'], message: 'Array must have unique items' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(["All importPaths's elements must be unique"]));
    });

    it('should not create an external library with duplicate exclusion patterns', async () => {
@@ -127,9 +125,7 @@ describe('/libraries', () => {
        });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['exclusionPatterns'], message: 'Array must have unique items' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(["All exclusionPatterns's elements must be unique"]));
    });
  });

@@ -161,9 +157,7 @@ describe('/libraries', () => {
        .send({ name: '' });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['name'], message: 'Too small: expected string to have >=1 characters' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['name should not be empty']));
    });

    it('should change the import paths', async () => {
@@ -187,9 +181,7 @@ describe('/libraries', () => {
        .send({ importPaths: [''] });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['importPaths'], message: 'Array items must not be empty' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['each value in importPaths should not be empty']));
    });

    it('should reject duplicate import paths', async () => {
@@ -199,9 +191,7 @@ describe('/libraries', () => {
        .send({ importPaths: ['/path', '/path'] });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['importPaths'], message: 'Array must have unique items' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(["All importPaths's elements must be unique"]));
    });

    it('should change the exclusion pattern', async () => {
@@ -225,9 +215,7 @@ describe('/libraries', () => {
        .send({ exclusionPatterns: ['**/*.jpg', '**/*.jpg'] });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['exclusionPatterns'], message: 'Array must have unique items' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(["All exclusionPatterns's elements must be unique"]));
    });

    it('should reject an empty exclusion pattern', async () => {
@@ -237,9 +225,7 @@ describe('/libraries', () => {
        .send({ exclusionPatterns: [''] });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['exclusionPatterns'], message: 'Array items must not be empty' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['each value in exclusionPatterns should not be empty']));
    });
  });

@@ -109,9 +109,7 @@ describe('/map', () => {
        .get('/map/reverse-geocode?lon=123')
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['lat'], message: 'Invalid input: expected number, received NaN' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['lat must be a number between -90 and 90']));
    });

    it('should throw an error if a lat is not a number', async () => {
@@ -119,9 +117,7 @@ describe('/map', () => {
        .get('/map/reverse-geocode?lat=abc&lon=123.456')
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['lat'], message: 'Invalid input: expected number, received NaN' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['lat must be a number between -90 and 90']));
    });

    it('should throw an error if a lat is out of range', async () => {
@@ -129,9 +125,7 @@ describe('/map', () => {
        .get('/map/reverse-geocode?lat=91&lon=123.456')
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['lat'], message: 'Too big: expected number to be <=90' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['lat must be a number between -90 and 90']));
    });

    it('should throw an error if a lon is not provided', async () => {
@@ -139,9 +133,7 @@ describe('/map', () => {
        .get('/map/reverse-geocode?lat=75')
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['lon'], message: 'Invalid input: expected number, received NaN' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['lon must be a number between -180 and 180']));
    });

    const reverseGeocodeTestCases = [
@@ -1,10 +1,9 @@
-import { OAuthClient, OAuthUser, generateLogoutToken } from '@immich/e2e-auth-server';
+import { OAuthClient, OAuthUser } from '@immich/e2e-auth-server';
 import {
  LoginResponseDto,
  SystemConfigOAuthDto,
  getConfigDefaults,
  getMyUser,
-  getSessions,
  startOAuth,
  updateConfig,
 } from '@immich/sdk';
@@ -77,7 +76,6 @@ const setupOAuth = async (token: string, dto: Partial<SystemConfigOAuthDto>) =>
    ...defaults.oauth,
    buttonText: 'Login with Immich',
    issuerUrl: `${authServer.internal}/.well-known/openid-configuration`,
-    allowInsecureRequests: true,
    ...dto,
  };
  await updateConfig({ systemConfigDto: { ...defaults, oauth: merged } }, options);
@@ -89,27 +87,21 @@ describe(`/oauth`, () => {
  beforeAll(async () => {
    await utils.resetDatabase();
    admin = await utils.adminSetup();
+
+    await setupOAuth(admin.accessToken, {
+      enabled: true,
+      clientId: OAuthClient.DEFAULT,
+      clientSecret: OAuthClient.DEFAULT,
+      buttonText: 'Login with Immich',
+      storageLabelClaim: 'immich_username',
+    });
  });

  describe('POST /oauth/authorize', () => {
-    beforeAll(async () => {
-      await setupOAuth(admin.accessToken, {
-        enabled: true,
-        clientId: OAuthClient.DEFAULT,
-        clientSecret: OAuthClient.DEFAULT,
-        buttonText: 'Login with Immich',
-        storageLabelClaim: 'immich_username',
-      });
-    });
-
    it(`should throw an error if a redirect uri is not provided`, async () => {
      const { status, body } = await request(app).post('/oauth/authorize').send({});
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([
-          { path: ['redirectUri'], message: 'Invalid input: expected string, received undefined' },
-        ]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['redirectUri must be a string', 'redirectUri should not be empty']));
    });

    it('should return a redirect uri', async () => {
@@ -125,60 +117,19 @@ describe(`/oauth`, () => {
      expect(params.get('redirect_uri')).toBe('http://127.0.0.1:2285/auth/login');
      expect(params.get('state')).toBeDefined();
    });
-
-    it('should not include the prompt parameter when not configured', async () => {
-      const { status, body } = await request(app)
-        .post('/oauth/authorize')
-        .send({ redirectUri: 'http://127.0.0.1:2285/auth/login' });
-      expect(status).toBe(201);
-
-      const params = new URL(body.url).searchParams;
-      expect(params.get('prompt')).toBeNull();
-    });
-
-    it('should include the prompt parameter when configured', async () => {
-      await setupOAuth(admin.accessToken, {
-        enabled: true,
-        clientId: OAuthClient.DEFAULT,
-        clientSecret: OAuthClient.DEFAULT,
-        prompt: 'select_account',
-      });
-
-      const { status, body } = await request(app)
-        .post('/oauth/authorize')
-        .send({ redirectUri: 'http://127.0.0.1:2285/auth/login' });
-      expect(status).toBe(201);
-
-      const params = new URL(body.url).searchParams;
-      expect(params.get('prompt')).toBe('select_account');
-    });
  });

  describe('POST /oauth/callback', () => {
-    beforeAll(async () => {
-      await setupOAuth(admin.accessToken, {
-        enabled: true,
-        clientId: OAuthClient.DEFAULT,
-        clientSecret: OAuthClient.DEFAULT,
-        buttonText: 'Login with Immich',
-        storageLabelClaim: 'immich_username',
-      });
-    });
-
    it(`should throw an error if a url is not provided`, async () => {
      const { status, body } = await request(app).post('/oauth/callback').send({});
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['url'], message: 'Invalid input: expected string, received undefined' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['url must be a string', 'url should not be empty']));
    });

    it(`should throw an error if the url is empty`, async () => {
      const { status, body } = await request(app).post('/oauth/callback').send({ url: '' });
      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['url'], message: 'Too small: expected string to have >=1 characters' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['url should not be empty']));
    });

    it(`should throw an error if the state is not provided`, async () => {
@@ -207,9 +158,10 @@ describe(`/oauth`, () => {
    it(`should throw an error if the codeVerifier doesn't match the challenge`, async () => {
      const callbackParams = await loginWithOAuth('oauth-auto-register');
      const { codeVerifier } = await loginWithOAuth('oauth-auto-register');
-      const { status } = await request(app)
+      const { status, body } = await request(app)
        .post('/oauth/callback')
        .send({ ...callbackParams, codeVerifier });
+      console.log(body);
      expect(status).toBeGreaterThanOrEqual(400);
    });

@@ -306,7 +258,7 @@ describe(`/oauth`, () => {
        accessToken: expect.any(String),
        isAdmin: false,
        name: 'OAuth User',
-        userEmail: 'oauth-rs256-token@immich.app',
+        userEmail: 'oauth-RS256-token@immich.app',
        userId: expect.any(String),
      });
    });
@@ -340,7 +292,9 @@ describe(`/oauth`, () => {
      const { status, body } = await request(app).post('/oauth/callback').send(callbackParams);
      expect(status).toBe(500);
      expect(body).toMatchObject({
+        error: 'Internal Server Error',
        message: 'Failed to finish oauth',
+        statusCode: 500,
      });
    });

@@ -359,7 +313,7 @@ describe(`/oauth`, () => {
        const callbackParams = await loginWithOAuth('oauth-no-auto-register');
        const { status, body } = await request(app).post('/oauth/callback').send(callbackParams);
        expect(status).toBe(400);
-        expect(body).toEqual(errorDto.badRequest('OAuth authentication failed'));
+        expect(body).toEqual(errorDto.badRequest('User does not exist and auto registering is disabled.'));
      });

      it('should link to an existing user by email', async () => {
@@ -379,54 +333,6 @@ describe(`/oauth`, () => {
    });
  });

-  describe(`POST /oauth/backchannel-logout`, () => {
-    it(`should throw an error if the logout_token is not provided`, async () => {
-      const { status, body } = await request(app).post('/oauth/backchannel-logout').send({});
-      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([
-          { path: ['logout_token'], message: 'Invalid input: expected string, received undefined' },
-        ]),
-      );
-    });
-
-    it(`should throw an error if an invalid logout token is provided`, async () => {
-      const { status, body } = await request(app)
-        .post('/oauth/backchannel-logout')
-        .send({ logout_token: 'invalid token' });
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Error backchannel logout: token validation failed'));
-    });
-
-    it(`should logout user if a valid logout token is provided`, async () => {
-      await setupOAuth(admin.accessToken, {
-        enabled: true,
-        clientId: OAuthClient.DEFAULT,
-        clientSecret: OAuthClient.DEFAULT,
-        autoRegister: true,
-        signingAlgorithm: 'RS256',
-        buttonText: 'Login with Immich',
-      });
-
-      const callbackParams = await loginWithOAuth('backchannel-logout-user');
-      const { status: callbackStatus, body: callbackBody } = await request(app)
-        .post('/oauth/callback')
-        .send(callbackParams);
-      expect(callbackStatus).toBe(201);
-
-      await expect(getSessions({ headers: asBearerAuth(callbackBody.accessToken) })).resolves.toHaveLength(1);
-
-      const logoutToken = await generateLogoutToken('http://0.0.0.0:2286', 'backchannel-logout-user');
-      const { status, body } = await request(app).post('/oauth/backchannel-logout').send({ logout_token: logoutToken });
-      expect(status).toBe(200);
-      expect(body).toMatchObject({});
-
-      await expect(getSessions({ headers: asBearerAuth(callbackBody.accessToken) })).rejects.toMatchObject({
-        status: 401,
-      });
-    });
-  });
-
  describe('mobile redirect override', () => {
    beforeAll(async () => {
      await setupOAuth(admin.accessToken, {
@@ -493,22 +399,4 @@ describe(`/oauth`, () => {
      });
    });
  });
-
-  describe('allowInsecureRequests: false', () => {
-    beforeAll(async () => {
-      await setupOAuth(admin.accessToken, {
-        enabled: true,
-        clientId: OAuthClient.DEFAULT,
-        clientSecret: OAuthClient.DEFAULT,
-        allowInsecureRequests: false,
-      });
-    });
-
-    it('should reject OAuth discovery over HTTP', async () => {
-      const { status } = await request(app)
-        .post('/oauth/authorize')
-        .send({ redirectUri: 'http://127.0.0.1:2285/auth/login' });
-      expect(status).toBe(500);
-    });
-  });
 });
@@ -74,6 +74,7 @@ describe('/search', () => {
      const bytes = await readFile(join(testAssetDir, filename));
      assets.push(
        await utils.createAsset(admin.accessToken, {
+          deviceAssetId: `test-${filename}`,
          assetData: { bytes, filename },
          ...dto,
        }),
@@ -457,7 +458,7 @@ describe('/search', () => {
      expect(Array.isArray(body)).toBe(true);
      if (Array.isArray(body)) {
        expect(body.length).toBeGreaterThan(10);
-        expect(body[0].name).toEqual(expect.stringContaining(name));
+        expect(body[0].name).toEqual(name);
        expect(body[0].admin2name).toEqual(name);
      }
    });
@@ -207,6 +207,16 @@ describe('/server', () => {
    });
  });

+  describe('GET /server/theme', () => {
+    it('should respond with the server theme', async () => {
+      const { status, body } = await request(app).get('/server/theme');
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        customCss: '',
+      });
+    });
+  });
+
  describe('GET /server/license', () => {
    it('should require authentication', async () => {
      const { status, body } = await request(app).get('/server/license');
@@ -243,21 +243,9 @@ describe('/shared-links', () => {
    });

    it('should get data for correct password protected link', async () => {
-      const response = await request(app)
-        .post('/shared-links/login')
-        .send({ password: 'foo' })
-        .query({ key: linkWithPassword.key });
-
-      expect(response.status).toBe(201);
-
-      const cookies = response.get('Set-Cookie') ?? [];
-      expect(cookies).toHaveLength(1);
-      expect(cookies[0]).toContain('immich_shared_link_token');
-
      const { status, body } = await request(app)
        .get('/shared-links/me')
-        .query({ key: linkWithPassword.key })
-        .set('Cookie', cookies);
+        .query({ key: linkWithPassword.key, password: 'foo' });

      expect(status).toBe(200);
      expect(body).toEqual(
@@ -341,9 +329,7 @@ describe('/shared-links', () => {
        .set('Authorization', `Bearer ${user1.accessToken}`);

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: [], message: 'Invalid input: expected object, received undefined' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest());
    });

    it('should require an asset/album id', async () => {
@@ -41,9 +41,7 @@ describe('/stacks', () => {
        .send({ assetIds: [asset.id] });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([{ path: ['assetIds'], message: 'Too small: expected array to have >=2 items' }]),
-      );
+      expect(body).toEqual(errorDto.badRequest());
    });

    it('should require a valid id', async () => {
@@ -53,12 +51,7 @@ describe('/stacks', () => {
        .send({ assetIds: [uuidDto.invalid, uuidDto.invalid] });

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([
-          { path: ['assetIds', 0], message: 'Invalid UUID' },
-          { path: ['assetIds', 1], message: 'Invalid UUID' },
-        ]),
-      );
+      expect(body).toEqual(errorDto.badRequest());
    });

    it('should require access', async () => {
@@ -309,7 +309,7 @@ describe('/tags', () => {
        .get(`/tags/${uuidDto.invalid}`)
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.validationError([{ path: ['id'], message: 'Invalid UUID' }]));
+      expect(body).toEqual(errorDto.badRequest(['id must be a UUID']));
    });

    it('should get tag details', async () => {
@@ -427,7 +427,7 @@ describe('/tags', () => {
        .delete(`/tags/${uuidDto.invalid}`)
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.validationError([{ path: ['id'], message: 'Invalid UUID' }]));
+      expect(body).toEqual(errorDto.badRequest(['id must be a UUID']));
    });

    it('should delete a tag', async () => {
@@ -108,20 +108,14 @@ describe('/admin/users', () => {
      expect(body).toEqual(errorDto.forbidden);
    });

-    for (const [key, message] of [
-      ['password', 'Invalid input: expected string, received null'],
-      ['email', 'Invalid input: expected email, received object'],
-      ['name', 'Invalid input: expected string, received null'],
-      ['shouldChangePassword', 'Invalid input: expected boolean, received null'],
-      ['notify', 'Invalid input: expected boolean, received null'],
-    ] as const) {
+    for (const key of ['password', 'email', 'name', 'quotaSizeInBytes', 'shouldChangePassword', 'notify']) {
      it(`should not allow null ${key}`, async () => {
        const { status, body } = await request(app)
          .post(`/admin/users`)
          .set('Authorization', `Bearer ${admin.accessToken}`)
          .send({ ...createUserDto.user1, [key]: null });
        expect(status).toBe(400);
-        expect(body).toEqual(errorDto.validationError([{ path: [key], message }]));
+        expect(body).toEqual(errorDto.badRequest());
      });
    }

@@ -159,19 +153,14 @@ describe('/admin/users', () => {
      expect(body).toEqual(errorDto.forbidden);
    });

-    for (const [key, message] of [
-      ['password', 'Invalid input: expected string, received null'],
-      ['email', 'Invalid input: expected email, received object'],
-      ['name', 'Invalid input: expected string, received null'],
-      ['shouldChangePassword', 'Invalid input: expected boolean, received null'],
-    ] as const) {
+    for (const key of ['password', 'email', 'name', 'shouldChangePassword']) {
      it(`should not allow null ${key}`, async () => {
        const { status, body } = await request(app)
          .put(`/admin/users/${uuidDto.notFound}`)
          .set('Authorization', `Bearer ${admin.accessToken}`)
          .send({ [key]: null });
        expect(status).toBe(400);
-        expect(body).toEqual(errorDto.validationError([{ path: [key], message }]));
+        expect(body).toEqual(errorDto.badRequest());
      });
    }

@@ -298,8 +287,7 @@ describe('/admin/users', () => {
    it('should delete user', async () => {
      const { status, body } = await request(app)
        .delete(`/admin/users/${userToDelete.userId}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({});
+        .set('Authorization', `Bearer ${admin.accessToken}`);

      expect(status).toBe(200);
      expect(body).toMatchObject({
@@ -120,7 +120,7 @@ describe('/users', () => {
        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);

      expect(status).toBe(400);
-      expect(body).toMatchObject(errorDto.badRequest('Email is not available'));
+      expect(body).toMatchObject(errorDto.badRequest('Email already in use by another account'));
    });

    it('should update my email', async () => {
@@ -178,11 +178,7 @@ describe('/users', () => {
        .set('Authorization', `Bearer ${admin.accessToken}`);

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([
-          { path: ['download', 'archiveSize'], message: 'Invalid input: expected int, received number' },
-        ]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['download.archiveSize must be an integer number']));
    });

    it('should update download archive size', async () => {
@@ -208,11 +204,7 @@ describe('/users', () => {
        .set('Authorization', `Bearer ${admin.accessToken}`);

      expect(status).toBe(400);
-      expect(body).toEqual(
-        errorDto.validationError([
-          { path: ['download', 'includeEmbeddedVideos'], message: 'Invalid input: expected boolean, received number' },
-        ]),
-      );
+      expect(body).toEqual(errorDto.badRequest(['download.includeEmbeddedVideos must be a boolean value']));
    });

    it('should update download include embedded videos', async () => {
@@ -1,9 +1,7 @@
 import { AssetMediaResponseDto, LoginResponseDto, SharedLinkType } from '@immich/sdk';
 import { expect, test } from '@playwright/test';
-import { readFile } from 'node:fs/promises';
-import { basename, join } from 'node:path';
 import type { Socket } from 'socket.io-client';
-import { testAssetDir, utils } from 'src/utils';
+import { utils } from 'src/utils';

 test.describe('Detail Panel', () => {
  let admin: LoginResponseDto;
@@ -85,42 +83,4 @@ test.describe('Detail Panel', () => {
    await utils.waitForWebsocketEvent({ event: 'assetUpdate', id: asset.id });
    await expect(textarea).toHaveValue('new description');
  });
-
-  test.describe('Date editor', () => {
-    test('displays inferred asset timezone', async ({ context, page }) => {
-      const test = {
-        filepath: 'metadata/dates/datetimeoriginal-gps.jpg',
-        expected: {
-          dateTime: '2025-12-01T11:30',
-          // Test with a timezone which is NOT the first among timezones with the same offset
-          // This is to check that the editor does not simply fall back to the first available timezone with that offset
-          // America/Denver (-07:00) is not the first among timezones with offset -07:00
-          timeZoneWithOffset: 'America/Denver (-07:00)',
-        },
-      };
-
-      const asset = await utils.createAsset(admin.accessToken, {
-        assetData: {
-          bytes: await readFile(join(testAssetDir, test.filepath)),
-          filename: basename(test.filepath),
-        },
-      });
-
-      await utils.waitForWebsocketEvent({ event: 'assetUpload', id: asset.id });
-
-      // asset viewer -> detail panel -> date editor
-      await utils.setAuthCookies(context, admin.accessToken);
-      await page.goto(`/photos/${asset.id}`);
-      await page.waitForSelector('#immich-asset-viewer');
-
-      await page.getByRole('button', { name: 'Info' }).click();
-      await page.getByTestId('detail-panel-edit-date-button').click();
-      await page.waitForSelector('[role="dialog"]');
-
-      const datetime = page.locator('#datetime');
-      await expect(datetime).toHaveValue(test.expected.dateTime);
-      const timezone = page.getByRole('combobox', { name: 'Timezone' });
-      await expect(timezone).toHaveValue(test.expected.timeZoneWithOffset);
-    });
-  });
 });
@@ -16,8 +16,8 @@ test.describe('Duplicates Utility', () => {

  test.beforeEach(async ({ context }) => {
    [firstAsset, secondAsset] = await Promise.all([
-      utils.createAsset(admin.accessToken, {}),
-      utils.createAsset(admin.accessToken, {}),
+      utils.createAsset(admin.accessToken, { deviceAssetId: 'duplicate-a' }),
+      utils.createAsset(admin.accessToken, { deviceAssetId: 'duplicate-b' }),
    ]);

    await updateAssets(
@@ -77,4 +77,18 @@ test.describe('Photo Viewer', () => {
    });
    expect(tagAtCenter).toBe('IMG');
  });
+
+  test('reloads photo when checksum changes', async ({ page }) => {
+    await page.goto(`/photos/${asset.id}`);
+
+    const preview = page.getByTestId('preview').filter({ visible: true });
+    await expect(preview).toHaveAttribute('src', /.+/);
+    const initialSrc = await preview.getAttribute('src');
+
+    const websocketEvent = utils.waitForWebsocketEvent({ event: 'assetUpdate', id: asset.id });
+    await utils.replaceAsset(admin.accessToken, asset.id);
+    await websocketEvent;
+
+    await expect(preview).not.toHaveAttribute('src', initialSrc!);
+  });
 });
@@ -32,12 +32,8 @@ export function generateThumbhash(rng: SeededRandom): string {
  return Array.from({ length: 10 }, () => rng.nextInt(0, 256).toString(16).padStart(2, '0')).join('');
 }

-export function generateDuration(rng: SeededRandom): number {
-  return (
-    rng.nextInt(GENERATION_CONSTANTS.MIN_VIDEO_DURATION_SECONDS, GENERATION_CONSTANTS.MAX_VIDEO_DURATION_SECONDS) *
-      1000 +
-    rng.nextInt(0, 1000)
-  );
+export function generateDuration(rng: SeededRandom): string {
+  return `${rng.nextInt(GENERATION_CONSTANTS.MIN_VIDEO_DURATION_SECONDS, GENERATION_CONSTANTS.MAX_VIDEO_DURATION_SECONDS)}.${rng.nextInt(0, 1000).toString().padStart(3, '0')}`;
 }

 export function generateUUID(): string {
@@ -3,7 +3,6 @@
 */

 import {
-  AlbumUserRole,
  AssetTypeEnum,
  AssetVisibility,
  UserAvatarColor,
@@ -316,9 +315,11 @@ export function toAssetResponseDto(asset: MockTimelineAsset, owner?: UserRespons

  return {
    id: asset.id,
+    deviceAssetId: `device-${asset.id}`,
    ownerId: asset.ownerId,
    owner: owner || defaultOwner,
    libraryId: `library-${asset.ownerId}`,
+    deviceId: `device-${asset.ownerId}`,
    type: asset.isVideo ? AssetTypeEnum.Video : AssetTypeEnum.Image,
    originalPath: `/original/${asset.id}.${asset.isVideo ? 'mp4' : 'jpg'}`,
    originalFileName: `${asset.id}.${asset.isVideo ? 'mp4' : 'jpg'}`,
@@ -333,7 +334,7 @@ export function toAssetResponseDto(asset: MockTimelineAsset, owner?: UserRespons
    isArchived: false,
    isTrashed: asset.isTrashed,
    visibility: asset.visibility,
-    duration: asset.duration,
+    duration: asset.duration || '0:00:00.00000',
    exifInfo,
    livePhotoVideoId: asset.livePhotoVideoId,
    tags: [],
@@ -421,11 +422,14 @@ export function getAlbum(
    albumThumbnailAssetId: album.thumbnailAssetId,
    createdAt: album.createdAt,
    updatedAt: album.updatedAt,
-    albumUsers: [{ user: albumOwner, role: AlbumUserRole.Owner }],
+    ownerId: albumOwner.id,
+    owner: albumOwner,
+    albumUsers: [], // Empty array for non-shared album
    shared: false,
    hasSharedLink: false,
    isActivityEnabled: true,
    assetCount: albumAssets.length,
+    assets: albumAssets,
    startDate: albumAssets.length > 0 ? albumAssets.at(-1)?.fileCreatedAt : undefined,
    endDate: albumAssets.length > 0 ? albumAssets[0].fileCreatedAt : undefined,
    lastModifiedAssetTimestamp: albumAssets.length > 0 ? albumAssets[0].fileCreatedAt : undefined,
@@ -43,7 +43,7 @@ export type MockTimelineAsset = {
  isTrashed: boolean;
  isVideo: boolean;
  isImage: boolean;
-  duration: number | null;
+  duration: string | null;
  projectionType: string | null;
  livePhotoVideoId: string | null;
  city: string | null;
@@ -1,5 +1,5 @@
 import { BrowserContext } from '@playwright/test';
-import { playwrightHost } from 'src/../playwright.config';
+import { playwrightHost } from 'playwright.config';

 export const setupBaseMockApiRoutes = async (context: BrowserContext, adminUserId: string) => {
  await context.addCookies([
@@ -173,7 +173,6 @@ export const setupBaseMockApiRoutes = async (context: BrowserContext, adminUserI
          '.mpeg',
          '.mpg',
          '.mts',
-          '.ts',
          '.vob',
          '.webm',
          '.wmv',
@@ -223,7 +222,6 @@ export const setupBaseMockApiRoutes = async (context: BrowserContext, adminUserI
          '.jp2',
          '.jpe',
          '.jxl',
-          '.mpo',
          '.svg',
          '.tif',
          '.tiff',
@@ -16,6 +16,7 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
  const now = new Date().toISOString();
  return {
    id: assetId,
+    deviceAssetId: `device-${assetId}`,
    ownerId,
    owner: {
      id: ownerId,
@@ -26,6 +27,7 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
      avatarColor: 'blue' as never,
    },
    libraryId: `library-${ownerId}`,
+    deviceId: `device-${ownerId}`,
    type: AssetTypeEnum.Image,
    originalPath: `/original/${assetId}.jpg`,
    originalFileName: `${assetId}.jpg`,
@@ -40,7 +42,7 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
    isArchived: false,
    isTrashed: false,
    visibility: AssetVisibility.Timeline,
-    duration: null,
+    duration: '0:00:00.00000',
    exifInfo: {
      make: null,
      model: null,
@@ -67,7 +69,7 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
    tags: [],
    people: [],
    unassignedFaces: [],
-    stack: undefined,
+    stack: null,
    isOffline: false,
    hasMetadata: true,
    duplicateId: null,
@@ -1,55 +0,0 @@
-import { faker } from '@faker-js/faker';
-import type { AssetOcrResponseDto } from '@immich/sdk';
-import { BrowserContext } from '@playwright/test';
-
-export type MockOcrBox = {
-  text: string;
-  x1: number;
-  y1: number;
-  x2: number;
-  y2: number;
-  x3: number;
-  y3: number;
-  x4: number;
-  y4: number;
-};
-
-export const createMockOcrData = (assetId: string, boxes: MockOcrBox[]): AssetOcrResponseDto[] => {
-  return boxes.map((box) => ({
-    id: faker.string.uuid(),
-    assetId,
-    x1: box.x1,
-    y1: box.y1,
-    x2: box.x2,
-    y2: box.y2,
-    x3: box.x3,
-    y3: box.y3,
-    x4: box.x4,
-    y4: box.y4,
-    boxScore: 0.95,
-    textScore: 0.9,
-    text: box.text,
-  }));
-};
-
-export const setupOcrMockApiRoutes = async (
-  context: BrowserContext,
-  ocrDataByAssetId: Map<string, AssetOcrResponseDto[]>,
-) => {
-  await context.route('**/assets/*/ocr', async (route, request) => {
-    if (request.method() !== 'GET') {
-      return route.fallback();
-    }
-    const url = new URL(request.url());
-    const segments = url.pathname.split('/');
-    const assetIdIndex = segments.indexOf('assets') + 1;
-    const assetId = segments[assetIdIndex];
-
-    const ocrData = ocrDataByAssetId.get(assetId) ?? [];
-    return route.fulfill({
-      status: 200,
-      contentType: 'application/json',
-      json: ocrData,
-    });
-  });
-};
@@ -1,300 +0,0 @@
-import type { AssetOcrResponseDto, AssetResponseDto } from '@immich/sdk';
-import { expect, test } from '@playwright/test';
-import { toAssetResponseDto } from 'src/ui/generators/timeline';
-import {
-  createMockStack,
-  createMockStackAsset,
-  MockStack,
-  setupBrokenAssetMockApiRoutes,
-} from 'src/ui/mock-network/broken-asset-network';
-import { createMockOcrData, setupOcrMockApiRoutes } from 'src/ui/mock-network/ocr-network';
-import { assetViewerUtils } from '../timeline/utils';
-import { setupAssetViewerFixture } from './utils';
-
-test.describe.configure({ mode: 'parallel' });
-
-const PRIMARY_OCR_BOXES = [
-  { text: 'Hello World', x1: 0.1, y1: 0.1, x2: 0.4, y2: 0.1, x3: 0.4, y3: 0.15, x4: 0.1, y4: 0.15 },
-  { text: 'Immich Photo', x1: 0.2, y1: 0.3, x2: 0.6, y2: 0.3, x3: 0.6, y3: 0.36, x4: 0.2, y4: 0.36 },
-];
-
-const SECONDARY_OCR_BOXES = [
-  { text: 'Second Asset Text', x1: 0.15, y1: 0.2, x2: 0.55, y2: 0.2, x3: 0.55, y3: 0.26, x4: 0.15, y4: 0.26 },
-];
-
-test.describe('OCR bounding boxes', () => {
-  const fixture = setupAssetViewerFixture(920);
-
-  test.beforeEach(async ({ context }) => {
-    const primaryAssetDto = toAssetResponseDto(fixture.primaryAsset);
-    const ocrDataByAssetId = new Map<string, AssetOcrResponseDto[]>([
-      [primaryAssetDto.id, createMockOcrData(primaryAssetDto.id, PRIMARY_OCR_BOXES)],
-    ]);
-
-    await setupOcrMockApiRoutes(context, ocrDataByAssetId);
-  });
-
-  test('OCR bounding boxes appear when clicking OCR button', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    const ocrButton = page.getByLabel('Text recognition');
-    await expect(ocrButton).toBeVisible();
-    await ocrButton.click();
-
-    const ocrBoxes = page.locator('[data-viewer-content] [data-testid="ocr-box"]');
-    await expect(ocrBoxes).toHaveCount(2);
-
-    await expect(ocrBoxes.nth(0)).toContainText('Hello World');
-    await expect(ocrBoxes.nth(1)).toContainText('Immich Photo');
-  });
-
-  test('OCR bounding boxes toggle off on second click', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    const ocrButton = page.getByLabel('Text recognition');
-    await ocrButton.click();
-    await expect(page.locator('[data-viewer-content] [data-testid="ocr-box"]').first()).toBeVisible();
-
-    await ocrButton.click();
-    await expect(page.locator('[data-viewer-content] [data-testid="ocr-box"]')).toHaveCount(0);
-  });
-});
-
-test.describe('OCR with stacked assets', () => {
-  const fixture = setupAssetViewerFixture(921);
-  let mockStack: MockStack;
-  let primaryAssetDto: AssetResponseDto;
-  let secondAssetDto: AssetResponseDto;
-
-  test.beforeAll(async () => {
-    primaryAssetDto = toAssetResponseDto(fixture.primaryAsset);
-    secondAssetDto = createMockStackAsset(fixture.adminUserId);
-    secondAssetDto.originalFileName = 'second-ocr-asset.jpg';
-    mockStack = createMockStack(primaryAssetDto, [secondAssetDto], new Set());
-  });
-
-  test.beforeEach(async ({ context }) => {
-    await setupBrokenAssetMockApiRoutes(context, mockStack);
-
-    const ocrDataByAssetId = new Map<string, AssetOcrResponseDto[]>([
-      [primaryAssetDto.id, createMockOcrData(primaryAssetDto.id, PRIMARY_OCR_BOXES)],
-      [secondAssetDto.id, createMockOcrData(secondAssetDto.id, SECONDARY_OCR_BOXES)],
-    ]);
-
-    await setupOcrMockApiRoutes(context, ocrDataByAssetId);
-  });
-
-  test('different OCR boxes shown for different stacked assets', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    const ocrButton = page.getByLabel('Text recognition');
-    await expect(ocrButton).toBeVisible();
-    await ocrButton.click();
-
-    const ocrBoxes = page.locator('[data-viewer-content] [data-testid="ocr-box"]');
-    await expect(ocrBoxes).toHaveCount(2);
-    await expect(ocrBoxes.nth(0)).toContainText('Hello World');
-
-    const stackThumbnails = page.locator('#stack-slideshow [data-asset]');
-    await expect(stackThumbnails).toHaveCount(2);
-    await stackThumbnails.nth(1).click();
-
-    // refreshOcr() clears showOverlay when switching assets, so re-enable it
-    await expect(ocrBoxes).toHaveCount(0);
-    await expect(ocrButton).toBeVisible();
-    await ocrButton.click();
-
-    await expect(ocrBoxes).toHaveCount(1);
-    await expect(ocrBoxes.first()).toContainText('Second Asset Text');
-  });
-});
-
-test.describe('OCR boxes and zoom', () => {
-  const fixture = setupAssetViewerFixture(922);
-
-  test.beforeEach(async ({ context }) => {
-    const primaryAssetDto = toAssetResponseDto(fixture.primaryAsset);
-    const ocrDataByAssetId = new Map<string, AssetOcrResponseDto[]>([
-      [primaryAssetDto.id, createMockOcrData(primaryAssetDto.id, PRIMARY_OCR_BOXES)],
-    ]);
-
-    await setupOcrMockApiRoutes(context, ocrDataByAssetId);
-  });
-
-  test('OCR boxes scale with zoom', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    const ocrButton = page.getByLabel('Text recognition');
-    await expect(ocrButton).toBeVisible();
-    await ocrButton.click();
-
-    const ocrBox = page.locator('[data-viewer-content] [data-testid="ocr-box"]').first();
-    await expect(ocrBox).toBeVisible();
-
-    const initialBox = await ocrBox.boundingBox();
-    expect(initialBox).toBeTruthy();
-
-    const { width, height } = page.viewportSize()!;
-    await page.mouse.move(width / 2, height / 2);
-    await page.mouse.wheel(0, -3);
-
-    await expect(async () => {
-      const zoomedBox = await ocrBox.boundingBox();
-      expect(zoomedBox).toBeTruthy();
-      expect(zoomedBox!.width).toBeGreaterThan(initialBox!.width);
-      expect(zoomedBox!.height).toBeGreaterThan(initialBox!.height);
-    }).toPass({ timeout: 2000 });
-  });
-});
-
-test.describe('OCR text interaction', () => {
-  const fixture = setupAssetViewerFixture(923);
-
-  test.beforeEach(async ({ context }) => {
-    const primaryAssetDto = toAssetResponseDto(fixture.primaryAsset);
-    const ocrDataByAssetId = new Map<string, AssetOcrResponseDto[]>([
-      [primaryAssetDto.id, createMockOcrData(primaryAssetDto.id, PRIMARY_OCR_BOXES)],
-    ]);
-
-    await setupOcrMockApiRoutes(context, ocrDataByAssetId);
-  });
-
-  test('OCR text box has data-overlay-interactive attribute', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    await page.getByLabel('Text recognition').click();
-
-    const ocrBox = page.locator('[data-viewer-content] [data-testid="ocr-box"]').first();
-    await expect(ocrBox).toBeVisible();
-    await expect(ocrBox).toHaveAttribute('data-overlay-interactive');
-  });
-
-  test('OCR text box receives focus on click', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    await page.getByLabel('Text recognition').click();
-
-    const ocrBox = page.locator('[data-viewer-content] [data-testid="ocr-box"]').first();
-    await expect(ocrBox).toBeVisible();
-
-    await ocrBox.click();
-    await expect(ocrBox).toBeFocused();
-  });
-
-  test('dragging on OCR text box does not trigger image pan', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    await page.getByLabel('Text recognition').click();
-
-    const ocrBox = page.locator('[data-viewer-content] [data-testid="ocr-box"]').first();
-    await expect(ocrBox).toBeVisible();
-
-    const imgLocator = page.locator('[data-viewer-content] img[draggable="false"]');
-    const initialTransform = await imgLocator.evaluate((element) => {
-      return getComputedStyle(element.closest('[style*="transform"]') ?? element).transform;
-    });
-
-    const box = await ocrBox.boundingBox();
-    expect(box).toBeTruthy();
-    const centerX = box!.x + box!.width / 2;
-    const centerY = box!.y + box!.height / 2;
-
-    await page.mouse.move(centerX, centerY);
-    await page.mouse.down();
-    await page.mouse.move(centerX + 50, centerY + 30, { steps: 5 });
-    await page.mouse.up();
-
-    const afterTransform = await imgLocator.evaluate((element) => {
-      return getComputedStyle(element.closest('[style*="transform"]') ?? element).transform;
-    });
-    expect(afterTransform).toBe(initialTransform);
-  });
-
-  test('split touch gesture across zoom container does not trigger zoom', async ({ page }) => {
-    await page.goto(`/photos/${fixture.primaryAsset.id}`);
-    await assetViewerUtils.waitForViewerLoad(page, fixture.primaryAsset);
-
-    await page.getByLabel('Text recognition').click();
-    const ocrBox = page.locator('[data-viewer-content] [data-testid="ocr-box"]').first();
-    await expect(ocrBox).toBeVisible();
-
-    const imgLocator = page.locator('[data-viewer-content] img[draggable="false"]');
-    const initialTransform = await imgLocator.evaluate((element) => {
-      return getComputedStyle(element.closest('[style*="transform"]') ?? element).transform;
-    });
-
-    const viewerContent = page.locator('[data-viewer-content]');
-    const viewerBox = await viewerContent.boundingBox();
-    expect(viewerBox).toBeTruthy();
-
-    // Dispatch a synthetic split gesture: one touch inside the viewer, one outside
-    await page.evaluate(
-      ({ viewerCenterX, viewerCenterY, outsideY }) => {
-        const viewer = document.querySelector('[data-viewer-content]');
-        if (!viewer) {
-          return;
-        }
-
-        const createTouch = (id: number, x: number, y: number) => {
-          return new Touch({
-            identifier: id,
-            target: viewer,
-            clientX: x,
-            clientY: y,
-          });
-        };
-
-        const insideTouch = createTouch(0, viewerCenterX, viewerCenterY);
-        const outsideTouch = createTouch(1, viewerCenterX, outsideY);
-
-        const touchStartEvent = new TouchEvent('touchstart', {
-          touches: [insideTouch, outsideTouch],
-          targetTouches: [insideTouch],
-          changedTouches: [insideTouch, outsideTouch],
-          bubbles: true,
-          cancelable: true,
-        });
-
-        const touchMoveEvent = new TouchEvent('touchmove', {
-          touches: [createTouch(0, viewerCenterX, viewerCenterY - 30), createTouch(1, viewerCenterX, outsideY + 30)],
-          targetTouches: [createTouch(0, viewerCenterX, viewerCenterY - 30)],
-          changedTouches: [
-            createTouch(0, viewerCenterX, viewerCenterY - 30),
-            createTouch(1, viewerCenterX, outsideY + 30),
-          ],
-          bubbles: true,
-          cancelable: true,
-        });
-
-        const touchEndEvent = new TouchEvent('touchend', {
-          touches: [],
-          targetTouches: [],
-          changedTouches: [insideTouch, outsideTouch],
-          bubbles: true,
-          cancelable: true,
-        });
-
-        viewer.dispatchEvent(touchStartEvent);
-        viewer.dispatchEvent(touchMoveEvent);
-        viewer.dispatchEvent(touchEndEvent);
-      },
-      {
-        viewerCenterX: viewerBox!.x + viewerBox!.width / 2,
-        viewerCenterY: viewerBox!.y + viewerBox!.height / 2,
-        outsideY: 10, // near the top of the page, outside the viewer
-      },
-    );
-
-    const afterTransform = await imgLocator.evaluate((element) => {
-      return getComputedStyle(element.closest('[style*="transform"]') ?? element).transform;
-    });
-    expect(afterTransform).toBe(initialTransform);
-  });
-});
@@ -6,7 +6,6 @@ import {
  generateTimelineData,
  TimelineAssetConfig,
  TimelineData,
-  toAssetResponseDto,
 } from 'src/ui/generators/timeline';
 import { setupBaseMockApiRoutes } from 'src/ui/mock-network/base-network';
 import { setupTimelineMockApiRoutes, TimelineTestContext } from 'src/ui/mock-network/timeline-network';
@@ -31,10 +30,6 @@ test.describe('search gallery-viewer', () => {
  };

  test.beforeAll(async () => {
-    test.fail(
-      process.env.PW_EXPERIMENTAL_SERVICE_WORKER_NETWORK_EVENTS !== '1',
-      'This test requires env var: PW_EXPERIMENTAL_SERVICE_WORKER_NETWORK_EVENTS=1',
-    );
    adminUserId = faker.string.uuid();
    testContext.adminId = adminUserId;
    timelineRestData = generateTimelineData({ ...createDefaultTimelineConfig(), ownerId: adminUserId });
@@ -49,10 +44,7 @@ test.describe('search gallery-viewer', () => {

    await context.route('**/api/search/metadata', async (route, request) => {
      if (request.method() === 'POST') {
-        const searchAssets = assets
-          .slice(0, 5)
-          .filter((asset) => !changes.assetDeletions.includes(asset.id))
-          .map((asset) => toAssetResponseDto(asset));
+        const searchAssets = assets.slice(0, 5).filter((asset) => !changes.assetDeletions.includes(asset.id));
        return route.fulfill({
          status: 200,
          contentType: 'application/json',
@@ -304,7 +304,7 @@ test.describe('Timeline', () => {
      await page.keyboard.down('Shift');
      await thumbnailUtils.withAssetId(page, assets[2].id).hover();
      await expect(
-        thumbnailUtils.locator(page).locator('.absolute.top-0.size-full.bg-immich-primary.opacity-40'),
+        thumbnailUtils.locator(page).locator('.absolute.top-0.h-full.w-full.bg-immich-primary.opacity-40'),
      ).toHaveCount(3);
      await thumbnailUtils.selectButton(page, assets[2].id).click();
      await page.keyboard.up('Shift');
@@ -349,7 +349,7 @@ test.describe('Timeline', () => {
        expect(visibleMockAssetsYearMonths).toContain(month);
      }
    });
-    test.skip('Deep link to last photo, scroll up', async ({ page }) => {
+    test('Deep link to last photo, scroll up', async ({ page }) => {
      const lastAsset = assets.at(-1)!;
      await pageUtils.deepLinkPhotosPage(page, lastAsset.id);

@@ -361,7 +361,7 @@ test.describe('Timeline', () => {

      await thumbnailUtils.expectInViewport(page, '14e5901f-fd7f-40c0-b186-4d7e7fc67968');
    });
-    test.skip('Deep link to first bucket, scroll down', async ({ page }) => {
+    test('Deep link to first bucket, scroll down', async ({ page }) => {
      const lastAsset = assets.at(0)!;
      await pageUtils.deepLinkPhotosPage(page, lastAsset.id);
      await timelineUtils.locator(page).hover();
@@ -440,7 +440,7 @@ test.describe('Timeline', () => {
      await thumbnailUtils.expectInViewport(page, asset.id);
      await thumbnailUtils.expectSelectedDisabled(page, asset.id);
    });
-    test.skip('Add photos to album', async ({ page }) => {
+    test('Add photos to album', async ({ page }) => {
      const album = timelineRestData.album;
      await pageUtils.openAlbumPage(page, album.id);
      await page.locator('nav button[aria-label="Add photos"]').click();
@@ -752,7 +752,7 @@ test.describe('Timeline', () => {
      await page.getByText('Photos', { exact: true }).click();
      await thumbnailUtils.expectInViewport(page, assetToFavorite.id);
    });
-    test.skip('open /favorites, archive photo, unarchive photo', async ({ page }) => {
+    test('open /favorites, archive photo, unarchive photo', async ({ page }) => {
      await pageUtils.openFavorites(page);
      const assetToArchive = getAsset(timelineRestData, 'ad31e29f-2069-4574-b9a9-ad86523c92cb')!;
      await thumbnailUtils.withAssetId(page, assetToArchive.id).hover();
@@ -62,7 +62,7 @@ export const thumbnailUtils = {
    return page.locator(`[data-thumbnail-focus-container][data-asset="${assetId}"]`);
  },
  selectButton(page: Page, assetId: string) {
-    return page.locator(`[data-thumbnail-focus-container][data-asset="${assetId}"] button[role="checkbox"]`);
+    return page.locator(`[data-thumbnail-focus-container][data-asset="${assetId}"] button`);
  },
  selectedAsset(page: Page) {
    return page.locator('[data-thumbnail-focus-container][data-selected]');
@@ -3,6 +3,7 @@ import {
  AssetMediaResponseDto,
  AssetResponseDto,
  AssetVisibility,
+  CheckExistingAssetsDto,
  CreateAlbumDto,
  CreateLibraryDto,
  JobCreateDto,
@@ -19,6 +20,7 @@ import {
  UserAdminCreateDto,
  UserPreferencesUpdateDto,
  ValidateLibraryDto,
+  checkExistingAssets,
  createAlbum,
  createApiKey,
  createJob,
@@ -341,6 +343,8 @@ export const utils = {
    },
  ) => {
    const _dto = {
+      deviceAssetId: 'test-1',
+      deviceId: 'test',
      fileCreatedAt: new Date().toISOString(),
      fileModifiedAt: new Date().toISOString(),
      ...dto,
@@ -371,6 +375,40 @@ export const utils = {
    return body as AssetMediaResponseDto;
  },

+  replaceAsset: async (
+    accessToken: string,
+    assetId: string,
+    dto?: Partial<Omit<AssetMediaCreateDto, 'assetData'>> & { assetData?: FileData },
+  ) => {
+    const _dto = {
+      deviceAssetId: 'test-1',
+      deviceId: 'test',
+      fileCreatedAt: new Date().toISOString(),
+      fileModifiedAt: new Date().toISOString(),
+      ...dto,
+    };
+
+    const assetData = dto?.assetData?.bytes || makeRandomImage();
+    const filename = dto?.assetData?.filename || 'example.png';
+
+    if (dto?.assetData?.bytes) {
+      console.log(`Uploading ${filename}`);
+    }
+
+    const builder = request(app)
+      .put(`/assets/${assetId}/original`)
+      .attach('assetData', assetData, filename)
+      .set('Authorization', `Bearer ${accessToken}`);
+
+    for (const [key, value] of Object.entries(_dto)) {
+      void builder.field(key, String(value));
+    }
+
+    const { body } = await builder;
+
+    return body as AssetMediaResponseDto;
+  },
+
  createImageFile: (path: string) => {
    if (!existsSync(dirname(path))) {
      mkdirSync(dirname(path), { recursive: true });
@@ -412,6 +450,9 @@ export const utils = {

  getAssetInfo: (accessToken: string, id: string) => getAssetInfo({ id }, { headers: asBearerAuth(accessToken) }),

+  checkExistingAssets: (accessToken: string, checkExistingAssetsDto: CheckExistingAssetsDto) =>
+    checkExistingAssets({ checkExistingAssetsDto }, { headers: asBearerAuth(accessToken) }),
+
  searchAssets: async (accessToken: string, dto: MetadataSearchDto) => {
    return searchAssets({ metadataSearchDto: dto }, { headers: asBearerAuth(accessToken) });
  },
@@ -659,6 +700,16 @@ export const utils = {
      }
    }
  },
+
+  downloadAsset: async (accessToken: string, id: string) => {
+    const downloadedRes = await fetch(`${baseUrl}/api/assets/${id}/original`, {
+      headers: asBearerAuth(accessToken),
+    });
+    if (!downloadedRes.ok) {
+      throw new Error(`Failed to download asset ${id}: ${downloadedRes.status} ${await downloadedRes.text()}`);
+    }
+    return await downloadedRes.blob();
+  },
 };

 utils.initSdk();
@@ -14,10 +14,8 @@
    "outDir": "./dist",
    "incremental": true,
    "skipLibCheck": true,
-    "paths": {
-      "src/*": ["./src/*"]
-    },
    "esModuleInterop": true,
+    "baseUrl": "./"
  },
  "include": ["src/**/*.ts", "vitest*.config.ts"],
  "exclude": ["dist", "node_modules"]
@@ -178,17 +178,6 @@
  "stop_motion_photo": "Stop bewegingsfoto",
  "stop_photo_sharing": "Staak die deel van u foto’s?",
  "stop_photo_sharing_description": "{partner} sal nie meer toegang tot u foto’s hê nie.",
-  "unnamed_share": "Naamlose deelskakel",
-  "unsaved_change": "Onbewaarde verandering",
-  "unselect_all": "Ontkies alles",
-  "unselect_all_duplicates": "Ontkies alle duplikate",
-  "unselect_all_in": "Ontkies alles in {group}",
-  "unstack": "Ontstapel",
-  "unstack_action_prompt": "{count} ongestapel",
-  "unstacked_assets_count": "{count, plural, one {# item} other {# items}} ontstapel",
-  "unsupported_field_type": "Onondersteunde veldtipe",
-  "unsupported_file_type": "Lêer {file} kan nie opgelaai word nie omdat die lêertipe {type} nie ondersteun word nie.",
-  "untagged": "Sonder etiket",
  "untitled_workflow": "Naamlose werkvloei",
  "up_next": "Volgende",
  "update_location_action_prompt": "Werk die ligging van {count} gekose items by met:",
@@ -198,7 +187,6 @@
  "upload_concurrency": "Aantal gelyktydige oplaaie",
  "upload_details": "Oplaaidetails",
  "upload_dialog_info": "Wil u ’n rugsteun maak van die gekose item(s) op die bediener?",
-  "upload_dialog_title": "Laai item op",
  "upload_error_with_count": "Oplaaifout vir {count, plural, one {# item} other {# items}}",
  "upload_errors": "Oplaai voltooi met {count, plural, one {# fout} other {# foute}}, verfris die blad om die nuwe items te sien.",
  "upload_finished": "Klaar opgelaai",
@@ -269,7 +257,6 @@
  "viewer_remove_from_stack": "Verwyder van stapel",
  "viewer_stack_use_as_main_asset": "Gebruik as hoofitem",
  "viewer_unstack": "Ontstapel",
-  "visibility": "Sigbaarheid",
  "visibility_changed": "Sigbaarheid verander vir {count, plural, one {# mens} other {# mense}}",
  "visual": "Visueel",
  "visual_builder": "Visuele bouer",
@@ -3,7 +3,7 @@
  "account": "حساب",
  "account_settings": "إعدادات الحساب",
  "acknowledge": "أُدرك ذلك",
-  "action": "إجراء",
+  "action": "عملية",
  "action_common_update": "تحديث",
  "action_description": "مجموعة من الفعاليات التي ستنفذ على الأصول التي تم تصفيتها",
  "actions": "عمليات",
@@ -61,8 +61,8 @@
    "backup_onboarding_1_description": "نسخة خارج الموقع في موقع آخر.",
    "backup_onboarding_2_description": "نسخ محلية على أجهزة مختلفة. يشمل ذلك الملفات الرئيسية ونسخة احتياطية محلية منها.",
    "backup_onboarding_3_description": "إجمالي نُسخ بياناتك، بما في ذلك الملفات الأصلية. يشمل ذلك نسخةً واحدةً خارج الموقع ونسختين محليتين.",
-    "backup_onboarding_description": "يُنصح باتباع <backblaze-link>استراتيجية النسخ الاحتياطي 3-2- 1</backblaze-link> لحماية بياناتك. احتفظ بنسخ احتياطية من صورك/فيديوهاتك المحمّلة، بالإضافة إلى قاعدة بيانات Immich، لضمان حل نسخ احتياطي شامل.",
-    "backup_onboarding_footer": "لمزيد من المعلومات حول النسخ الاحتياطي لـ <link>Immich</link>، يرجى الرجوع إلى <link>الوثائق</link>.",
+    "backup_onboarding_description": "يُنصح باتباع <backblaze-link>استراتيجية النسخ الاحتياطي 3-2-1</backblaze-link> لحماية بياناتك. احتفظ بنسخ احتياطية من صورك/فيديوهاتك المحمّلة، بالإضافة إلى قاعدة بيانات Immich، لضمان حل نسخ احتياطي شامل.",
+    "backup_onboarding_footer": "لمزيد من المعلومات حول النسخ الاحتياطي لـ Immich، يرجى الرجوع إلى <link> التعليمات </link>.",
    "backup_onboarding_parts_title": "يتضمن النسخ الاحتياطي 3-2-1 ما يلي:",
    "backup_onboarding_title": "النسخ الاحتياطية",
    "backup_settings": "إعدادات تفريغ قاعدة البيانات",
@@ -333,7 +333,7 @@
    "storage_template_migration_description": "قم بتطبيق القالب الحالي <link>{template}</link> على المحتويات التي تم رفعها سابقًا",
    "storage_template_migration_info": "تغييرات النموذج الخزني ستغير جميع الصيغ الى احرف صغيرة. تغييرات النموذج ستنطبق فقط على المحتويات الجديدة. لتطبيق النموذج على المحتويات التي تم رفعها سابقًا، قم بتشغيل <link>{job}</link>.",
    "storage_template_migration_job": "وظيفة تهجير قالب التخزين",
-    "storage_template_more_details": "لمزيد من التفاصيل حول هذه الميزة، يرجى الرجوع إلى <template-link>Storage Template</template-link> و <implications-link>implications</implications-link>.",
+    "storage_template_more_details": "لمزيد من التفاصيل حول هذه الميزة، يرجى الرجوع إلى <template-link>Storage Template</template-link> و<implications-link>implications</implications-link>",
    "storage_template_onboarding_description_v2": "عند التفعيل. هذه الخاصية ستقوم بالترتيب التلقائي للملفات بناء على نموذج معرف من قبل المستخدم. رجاء اطلع على <link>التوثيق</link>.",
    "storage_template_path_length": "الحد التقريبي لطول المسار: <b>{length, number}</b>/{limit, number}",
    "storage_template_settings": "قالب التخزين",
@@ -372,7 +372,7 @@
    "transcoding_audio_codec": "كود الصوت",
    "transcoding_audio_codec_description": "Opus هو الخيار ذو أعلى جودة، ولكنه يتمتع بتوافق أقل مع الأجهزة أو البرمجيات القديمة.",
    "transcoding_bitrate_description": "مقاطع الفيديو التي يتجاوز معدل البت أقصى قيمة أو التي لا تكون في تنسيق مقبول",
-    "transcoding_codecs_learn_more": "لمعرفة المزيد حول المصطلحات المستخدمة هنا، يرجى الرجوع إلى وثائق FFmpeg لـ <h264-link>H.264 codec</h264-link>، و <hevc-link>HEVC codec</hevc-link> و <vp9-link>VP9 codec</vp9-link>.",
+    "transcoding_codecs_learn_more": "لمعرفة المزيد حول المصطلحات المستخدمة هنا، يرجى الرجوع إلى وثائق FFmpeg لل<h264-link>H.264 codec</h264-link>, <hevc-link>HEVC codec</hevc-link> and <vp9-link>VP9 codec</vp9-link>.",
    "transcoding_constant_quality_mode": "وضع الجودة الثابتة",
    "transcoding_constant_quality_mode_description": "ICQ أفضل من CQP، ولكن بعض أجهزة عتاد التسريع لا تدعم هذا الوضع. تعيين هذا الخيار يسجعل الأفضلية للوضع المحدد عند استخدام الترميز بناءً على الجودة. يتم تجاهله بواسطة NVENC لأنه لا يدعم ICQ.",
    "transcoding_constant_rate_factor": "عامل معدل الجودة الثابت (-crf)",
@@ -441,7 +441,7 @@
    "user_successfully_removed": "المستخدم {email} تمت ازالته بنجاح.",
    "users_page_description": "صفحة ادارة المستخدمين",
    "version_check_enabled_description": "تفعيل التحقق من الإصدارات الجديدة",
-    "version_check_implications": "تعتمد ميزة التحقق من الإصدار على التواصل الدوري مع {server}",
+    "version_check_implications": "تعتمد ميزة التحقق من الإصدار على التواصل الدوري مع github.com",
    "version_check_settings": "التحقق من الإصدار",
    "version_check_settings_description": "تفعيل/تعطيل الإشعار لإصدار جديد",
    "video_conversion_job": "تحويل أشرطة الفيديو",
@@ -849,12 +849,9 @@
  "create_link_to_share": "إنشاء رابط للمشاركة",
  "create_link_to_share_description": "السماح لأي شخص لديه الرابط بمشاهدة الصورة (الصور) المحددة",
  "create_new": "انشاء جديد",
-  "create_new_face": "إنشاء وجه جديد",
  "create_new_person": "إنشاء شخص جديد",
  "create_new_person_hint": "تعيين المحتويات المحددة لشخص جديد",
  "create_new_user": "إنشاء مستخدم جديد",
-  "create_person": "إنشاء شخص",
-  "create_person_subtitle": "أضف اسماً للوجه المحدد لإنشاء الشخص الجديد والإشارة إليه",
  "create_shared_album_page_share_add_assets": "إضافة الأصول",
  "create_shared_album_page_share_select_photos": "حدد الصور",
  "create_shared_link": "انشاء رابط مشترك",
@@ -869,7 +866,6 @@
  "crop_aspect_ratio_fixed": "تم الاصلاح",
  "crop_aspect_ratio_free": "حر",
  "crop_aspect_ratio_original": "اصلي",
-  "crop_aspect_ratio_square": "مربع",
  "curated_object_page_title": "أشياء",
  "current_device": "الجهاز الحالي",
  "current_pin_code": "رمز PIN الحالي",
@@ -884,7 +880,7 @@
  "daily_title_text_date": "E ، MMM DD",
  "daily_title_text_date_year": "E ، MMM DD ، yyyy",
  "dark": "معتم",
-  "dark_theme": "تبديل المظهر إلى الداكن",
+  "dark_theme": "تبديل المظهر الداكن",
  "date": "تاريخ",
  "date_after": "التارخ بعد",
  "date_and_time": "التاريخ و الوقت",
@@ -895,8 +891,10 @@
  "day": "يوم",
  "days": "ايام",
  "deduplicate_all": "إلغاء تكرار الكل",
-  "default_locale": "الإعدادات المحلية الافتراضية",
-  "default_locale_description": "تنسيق التواريخ والأرقام بناءً على الإعدادات المحلية للمتصفح",
+  "deduplication_criteria_1": "حجم الصورة بوحدات البايت",
+  "deduplication_criteria_2": "عدد بيانات EXIF",
+  "deduplication_info": "معلومات إلغاء البيانات المكررة",
+  "deduplication_info_description": "لتحديد الأصول مسبقا تلقائيا وإزالة التكرارات بكميات كبيرة، ننظر إلى:",
  "delete": "حذف",
  "delete_action_confirmation_message": "هل انت متأكد من حذف هذا الملف؟ هذا سؤدي الى نقل الملف الى سلة مهملات الخادم وسيتم اشعارك ان كنت تريد حذفه على الجهاز",
  "delete_action_prompt": "تم حذف {count}",
@@ -972,7 +970,7 @@
  "downloading_media": "تنزيل الوسائط",
  "drop_files_to_upload": "قم بإسقاط الملفات في أي مكان لرفعها",
  "duplicates": "التكرارات",
-  "duplicates_description": "قم بحل كل مجموعة من خلال الإشارة إلى التكرارات، إن وجدت.",
+  "duplicates_description": "قم بحل كل مجموعة من خلال الإشارة إلى التكرارات، إن وجدت",
  "duration": "المدة",
  "edit": "تعديل",
  "edit_album": "تعديل الألبوم",
@@ -1389,11 +1387,9 @@
  "library_page_sort_title": "عنوان الألبوم",
  "licenses": "رُخَص",
  "light": "المضيئ",
-  "light_theme": "التبديل إلى المظهر الفاتح",
  "like": "اعجاب",
  "like_deleted": "تم حذف الإعجاب",
  "link_motion_video": "رابط فيديو الحركة",
-  "link_to_docs": "لمزيد من المعلومات، يُرجى الرجوع إلى <link>الوثائق</link>.",
  "link_to_oauth": "الربط مع OAuth",
  "linked_oauth_account": "حساب مرتبط بـ OAuth",
  "list": "قائمة",
@@ -1655,7 +1651,6 @@
  "only_favorites": "المفضلة فقط",
  "open": "فتح",
  "open_calendar": "افتح الرزنامة",
-  "open_in_browser": "فتح في متصفح",
  "open_in_map_view": "فتح في عرض الخريطة",
  "open_in_openstreetmap": "فتح في OpenStreetMap",
  "open_the_search_filters": "افتح مرشحات البحث",
@@ -2217,7 +2212,6 @@
  "tag": "العلامة",
  "tag_assets": "أصول العلامة",
  "tag_created": "تم إنشاء العلامة: {tag}",
-  "tag_face": "علِّم الوجه",
  "tag_feature_description": "تصفح الصور ومقاطع الفيديو المجمعة حسب مواضيع العلامات المنطقية",
  "tag_not_found_question": "لا يمكن العثور على علامة؟ <link>قم بإنشاء علامة جديدة.</link>",
  "tag_people": "علِّم الأشخاص",
@@ -2392,14 +2386,13 @@
  "view_name": "عرض",
  "view_next_asset": "عرض المحتوى التالي",
  "view_previous_asset": "عرض المحتوى السابق",
-  "view_qr_code": "عرض رمز الاستجابة السريعة",
+  "view_qr_code": "عرض رمز الاستجابة السريعة",
  "view_similar_photos": "عرض صور مشابهة",
  "view_stack": "عرض التكديس",
  "view_user": "عرض المستخدم",
  "viewer_remove_from_stack": "حذف من الكومه أو المجموعة",
  "viewer_stack_use_as_main_asset": "استخدم كأصل رئيسي",
  "viewer_unstack": "فك الكومه",
-  "visibility": "إمكانية الرؤية",
  "visibility_changed": "الرؤية تغيرت لـ {count, plural, one {شخص واحد} other {# عدة أشخاص}}",
  "visual": "مرئي",
  "visual_builder": "اداة نشاء مرئية",
@@ -2411,14 +2404,14 @@
  "welcome_to_immich": "مرحباً بك في Immich",
  "width": "عُرض",
  "wifi_name": "اسم شبكة Wi-Fi",
-  "workflow_delete_prompt": "متأكد من حذف سير العمل هذا؟",
+  "workflow_delete_prompt": "هل أنت متأكد من حذف سير العمل هذا؟",
  "workflow_deleted": "تم حذف سير العمل",
  "workflow_description": "وصف سير العمل",
  "workflow_info": "معلومات سير العمل",
  "workflow_json": "ملف JSON لسير العمل",
  "workflow_json_help": "قم بتعديل إعدادات سير العمل بصيغة JSON. ستتم مزامنة التغييرات مع أداة الإنشاء المرئية.",
  "workflow_name": "اسم سير العمل",
-  "workflow_navigation_prompt": "متاكد من المغادرة بدون حفظ التغييرات؟",
+  "workflow_navigation_prompt": "هل انت متاكد من المغادرة بدون حفظ التغييرات؟",
  "workflow_summary": "ملخص سير العمل",
  "workflow_update_success": "تم تحديث سير العمل بنجاح",
  "workflow_updated": "تم تحديث سير العمل",
@@ -239,7 +239,7 @@
    "user_settings": "Налады карыстальніка",
    "user_settings_description": "Кіраванне наладамі карыстальніка",
    "version_check_enabled_description": "Уключыць праверку версіі",
-    "version_check_implications": "Функцыя праверкі версіі перыядычна звяртаецца да {server}",
+    "version_check_implications": "Функцыя праверкі версіі перыядычна звяртаецца да github.com",
    "version_check_settings": "Праверка версіі",
    "version_check_settings_description": "Уключыць/адключыць апавяшчэнні аб новай версіі"
  },
@@ -333,7 +333,7 @@
    "storage_template_migration_description": "Прилагане на текущия <link>{template}</link> към предишно качените файлове",
    "storage_template_migration_info": "Шаблона ще преобразува всички разширения на имената на файловете в долен регистър. Промените в шаблоните ще се прилагат само за нови елементи. За да приложите принудително шаблона към вече качени елементи, изпълнете <link>{job}</link>.",
    "storage_template_migration_job": "Задача за миграция на шаблона за съхранение",
-    "storage_template_more_details": "За повече подробности относно тази функция се обърнете към шаблона <template-link>Storage Template</template-link> и неговите <implications-link>последствия</implications-link>",
+    "storage_template_more_details": "За повече подробности относно тази функция се обърнете към шаблона <template-link>Storage Template</template-link> и неговите <implications-link> последствия </implications-link>",
    "storage_template_onboarding_description_v2": "Когато е разрешена, тази функция ще организира автоматично файловете, според шаблон, дефиниран от потребителя. За допълнителна информация, моля вижте <link>документацията</link>.",
    "storage_template_path_length": "Ограничение на дължината на пътя: <b>{length, number}</b>/{limit, number}",
    "storage_template_settings": "Шаблон за съхранение",
@@ -441,7 +441,7 @@
    "user_successfully_removed": "Потребител {email} е успешно премахнат.",
    "users_page_description": "Страница за администриране на потребители",
    "version_check_enabled_description": "Активирай проверка на версията",
-    "version_check_implications": "Функцията за проверка на версията разчита на периодична комуникация с {server}",
+    "version_check_implications": "Функцията за проверка на версията разчита на периодична комуникация с github.com",
    "version_check_settings": "Проверка на версията",
    "version_check_settings_description": "Активирайте/деактивирайте известието за нова версия",
    "video_conversion_job": "Транскодиране на видеоклиповете",
@@ -849,12 +849,9 @@
  "create_link_to_share": "Създаване на линк за споделяне",
  "create_link_to_share_description": "Позволете на всеки, който има линк, да види избраната(ите) снимка(и)",
  "create_new": "СЪЗДАЙ НОВ",
-  "create_new_face": "Създай ново лице",
  "create_new_person": "Създаване на ново лице",
  "create_new_person_hint": "Присвойте избраните файлове на нов човек",
  "create_new_user": "Създаване на нов потребител",
-  "create_person": "Създай човек",
-  "create_person_subtitle": "Добави име към избраното лице за да създадеш и да сложиш етикет на новия човек",
  "create_shared_album_page_share_add_assets": "ДОБАВИ ОБЕКТИ",
  "create_shared_album_page_share_select_photos": "Избери снимки",
  "create_shared_link": "Създай линк за споделяне",
@@ -869,7 +866,6 @@
  "crop_aspect_ratio_fixed": "Фиксиран",
  "crop_aspect_ratio_free": "Свободен",
  "crop_aspect_ratio_original": "Оригинален",
-  "crop_aspect_ratio_square": "Квадрат",
  "curated_object_page_title": "Неща",
  "current_device": "Текущо устройство",
  "current_pin_code": "Сегашен PIN код",
@@ -884,7 +880,7 @@
  "daily_title_text_date": "E, dd MMM",
  "daily_title_text_date_year": "E, dd MMM yyyy",
  "dark": "Тъмен",
-  "dark_theme": "Премини към тъмна тема",
+  "dark_theme": "Тъмна тема",
  "date": "Дата",
  "date_after": "Дата след",
  "date_and_time": "Дата и час",
@@ -895,8 +891,10 @@
  "day": "Ден",
  "days": "Дни",
  "deduplicate_all": "Дедупликиране на всички",
-  "default_locale": "Език по подразбиране",
-  "default_locale_description": "Формат на дата и числа според езиковата настройка на браузъра",
+  "deduplication_criteria_1": "Размер на снимката в байтове",
+  "deduplication_criteria_2": "Брой EXIF данни",
+  "deduplication_info": "Информация за дедупликацията",
+  "deduplication_info_description": "За автоматично предварително избиране на ресурси и премахване на дубликати на едро, разглеждаме:",
  "delete": "Изтрий",
  "delete_action_confirmation_message": "Сигурни ли сте, че искате да изтриете този обект? Следва преместване на обекта в коша за отпадъци на сървъра и ще получите предложение обекта да бъде изтрит локално",
  "delete_action_prompt": "{count} са изтрити",
@@ -972,7 +970,7 @@
  "downloading_media": "Изтегляне на медия",
  "drop_files_to_upload": "Пуснете файловете, за да ги качите",
  "duplicates": "Дубликати",
-  "duplicates_description": "Изберете всяка група, като посочите кои, ако има такива, са дубликати.",
+  "duplicates_description": "Изберете всяка група, като посочите кои, ако има такива, са дубликати",
  "duration": "Продължителност",
  "edit": "Редактиране",
  "edit_album": "Редактиране на албум",
@@ -1389,11 +1387,9 @@
  "library_page_sort_title": "Заглавие на албума",
  "licenses": "Лицензи",
  "light": "Светло",
-  "light_theme": "Премини към светла тема",
  "like": "Харесайте",
  "like_deleted": "Като изтрит",
  "link_motion_video": "Линк към видео",
-  "link_to_docs": "За повече информация вижте <link>документацията</link>.",
  "link_to_oauth": "Линк към OAuth",
  "linked_oauth_account": "Свързан OAuth акаунт",
  "list": "Лист",
@@ -1655,14 +1651,13 @@
  "only_favorites": "Само любими",
  "open": "Отвори",
  "open_calendar": "Отвори календар",
-  "open_in_browser": "Отвори в браузър",
  "open_in_map_view": "Отвори изглед на карта",
  "open_in_openstreetmap": "Отвори в OpenStreetMap",
  "open_the_search_filters": "Отвари филтрите за търсене",
  "options": "Настройки",
  "or": "или",
-  "organize_into_albums": "Подредете в албуми",
-  "organize_into_albums_description": "Добавете наличните снимки в албуми, като използвате текущите настройки за синхронизиране",
+  "organize_into_albums": "Organitzar per àlbums",
+  "organize_into_albums_description": "Posar les fotos existents dins dels àlbums fent servir la configuració de sincronització",
  "organize_your_library": "Организиране на вашата библиотека",
  "original": "оригинал",
  "other": "Други",
@@ -1810,7 +1805,7 @@
  "purchase_server_description_2": "Статус на поддръжник",
  "purchase_server_title": "Сървър",
  "purchase_settings_server_activated": "Продуктовият ключ на сървъра се управлява от администратора",
-  "query_asset_id": "Търсене на елемент по ID",
+  "query_asset_id": "Buscar item per ID",
  "queue_status": "В опашка {count} от {total}",
  "rate_asset": "Задаване на рейтинг",
  "rating": "Оценка със звезди",
@@ -2217,7 +2212,6 @@
  "tag": "Таг",
  "tag_assets": "Тагни елементи",
  "tag_created": "Създаден етикет: {tag}",
-  "tag_face": "Отбележи лице",
  "tag_feature_description": "Разглеждане на снимки и видеоклипове, групирани по теми с логически тагове",
  "tag_not_found_question": "Не можете да намерите етикет? <link>Създайте нов етикет.</link>",
  "tag_people": "Отбележи Хора",
@@ -2399,7 +2393,6 @@
  "viewer_remove_from_stack": "Премахване от опашката",
  "viewer_stack_use_as_main_asset": "Използвай като основен",
  "viewer_unstack": "Премахни от опашката",
-  "visibility": "Видимост",
  "visibility_changed": "Видимостта е променена за {count, plural, one {# човек} other {# човека}}",
  "visual": "Визуален",
  "visual_builder": "Визуален конструктор",
@@ -231,8 +231,6 @@
    "metadata_settings_description": "মেটাডেটা সেটিংস পরিচালনা করুন (Manage metadata settings)",
    "migration_job": "মাইগ্রেশন (Migration)",
    "migration_job_description": "অ্যাসেট এবং ফেস থাম্বনেইলগুলোকে সর্বশেষ ফোল্ডার স্ট্রাকচারে মাইগ্রেট করুন। (Migrate thumbnails for assets and faces to the latest folder structure)",
-    "nightly_tasks_cluster_faces_setting_description": "নতুন শনাক্ত হওয়া মুখগুলিতে ফেসিয়াল রিকগনিশন চালান",
-    "nightly_tasks_cluster_new_faces_setting": "নতুন মুখগুলোর গুচ্ছ",
    "nightly_tasks_database_cleanup_setting": "ডেটাবেস ক্লিনআপ টাস্কসমূহ (Database cleanup tasks)",
    "nightly_tasks_database_cleanup_setting_description": "ডেটাবেস থেকে পুরোনো এবং মেয়াদোত্তীর্ণ ডেটা মুছে ফেলুন",
    "nightly_tasks_generate_memories_setting": "মেমোরিজ তৈরি করুন (Generate memories)",
@@ -259,20 +257,6 @@
    "notification_email_secure": "SMTPS (স্মার্ট মেইল ট্রান্সফার প্রোটোকল সিকিউর)",
    "notification_email_secure_description": "SMTPS (SMTP over TLS) ব্যবহার করুন",
    "notification_email_sent_test_email_button": "টেস্ট ইমেল পাঠান এবং সেভ করুন",
-    "notification_email_setting_description": "ইমেল নোটিফিকেশন পাঠানোর সেটিংস",
-    "notification_email_test_email": "পরীক্ষামূলক ইমেইল পাঠান",
-    "notification_email_test_email_failed": "পরীক্ষামূলক ইমেল পাঠানো সম্ভব হয়নি, আপনার সেটিংস যাচাই করুন",
-    "notification_email_test_email_sent": "{email}-এ একটি পরীক্ষামূলক ইমেল পাঠানো হয়েছে। অনুগ্রহ করে আপনার ইনবক্স দেখুন।",
-    "notification_email_username_description": "ইমেল সার্ভারে ভেরিফিকেসনের জন্য ব্যবহৃত ইউজারনেম",
-    "notification_enable_email_notifications": "ইমেল নোটিফিকেসন সক্রিয় করুন",
-    "notification_settings": "নোটিফিকেসন সেটিংস",
-    "notification_settings_description": "ইমেইল সহ নোটিফিকেশন সেটিংস পরিচালনা করুন",
-    "oauth_auto_launch": "অটো লঞ্চ",
-    "oauth_auto_launch_description": "লগইন পেজে প্রবেশ করার সাথে সাথে OAuth লগইন প্রক্রিয়াটি স্বয়ংক্রিয়ভাবে শুরু করুন",
-    "oauth_auto_register": "সয়ংক্রিয়ভাবে রেজিস্টার করুন",
-    "oauth_auto_register_description": "OAuth দিয়ে সাইন ইন করার পর নতুন ব্যবহারকারীদের স্বয়ংক্রিয়ভাবে নিবন্ধন করুন",
-    "oauth_button_text": "বাটন টেক্সট",
-    "oauth_client_secret_description": "গোপনীয় ক্লায়েন্টের জন্য প্রয়োজন, অথবা যদি পাবলিক ক্লায়েন্টের জন্য PKCE (Proof Key for Code Exchange) সমর্থিত না হয়।",
    "oauth_enable_description": "OAuth-এর মাধ্যমে লগইন করুন",
    "oauth_mobile_redirect_uri": "মোবাইল রিডাইরেক্ট ইউআরআই (URI)",
    "oauth_mobile_redirect_uri_override": "মোবাইল রিডাইরেক্ট ইউআরআই (URI) ওভাররাইড",
@@ -339,20 +323,6 @@
    "storage_template_settings": "স্টোরেজ টেমপ্লেট (Storage Template)",
    "storage_template_settings_description": "আপলোড করা অ্যাসেটের ফোল্ডার স্ট্রাকচার এবং ফাইল নেম ম্যানেজ করুন",
    "storage_template_user_label": "<code>{label}</code> হলো ব্যবহারকারীর স্টোরেজ লেবেল (Storage Label)",
-    "system_settings": "সিস্টেম সেটিংস",
-    "tag_cleanup_job": "ট্যাগ মুছে ফেলা",
-    "template_email_available_tags": "আপনি আপনার টেমপ্লেটে নিম্নলিখিত ভেরিয়েবলগুলো ব্যবহার করতে পারেন: {tags}",
-    "template_email_if_empty": "টেমপ্লেটটি খালি থাকলে ডিফল্ট ইমেল ব্যবহার করা হবে।",
-    "template_email_invite_album": "ইনভাইট অ্যালবাম টেমপ্লেট",
-    "template_email_preview": "প্রিভিউ",
-    "template_email_settings": "ইমেইল টেমপ্লেট",
-    "template_email_update_album": "অ্যালবাম টেমপ্লেট আপডেট করুন",
-    "template_email_welcome": "স্বাগতম ইমেইল টেমপ্লেট",
-    "template_settings": "নোটিফিকেশন টেমপ্লেট",
-    "template_settings_description": "নোটিফিকেশনের জন্য কাস্টম টেমপ্লেট পরিচালনা করুন",
-    "theme_custom_css_settings": "কাস্টম CSS",
-    "theme_custom_css_settings_description": "ক্যাসকেডিং স্টাইল শীট ব্যবহার করে Immich এর ডিজাইন কাস্টমাইজ করা যায়।",
-    "theme_settings": "থীম সেটিংস",
    "theme_settings_description": "ইমিচ (Immich) ওয়েব ইন্টারফেসের কাস্টমাইজেশন ম্যানেজ করুন",
    "thumbnail_generation_job": "থাম্বনেইল তৈরি করুন (Generate Thumbnails)",
    "thumbnail_generation_job_description": "প্রতিটি অ্যাসেটের জন্য বড়, ছোট এবং ব্লার (অস্পষ্ট) থাম্বনেইল তৈরি করুন, সেই সাথে প্রতিটি ব্যক্তির জন্যও থাম্বনেইল তৈরি করুন।",
@@ -364,281 +334,8 @@
    "transcoding_acceleration_vaapi": "VA-API (ভিডিও অ্যাক্সিলারেশন এপিআই)",
    "transcoding_accepted_audio_codecs": "গ্রহণযোগ্য অডিও কোডেকসমূহ (Accepted audio codecs)",
    "transcoding_accepted_audio_codecs_description": "কোন অডিও কোডেকগুলো ট্রানসকোড করার প্রয়োজন নেই তা নির্বাচন করুন। এটি শুধুমাত্র নির্দিষ্ট ট্রানসকোড পলিসির (transcode policies) জন্য ব্যবহৃত হয়।",
-    "transcoding_accepted_containers": "গ্রহণযোগ্য কন্টেইনারসমূহ (Accepted containers)",
-    "transcoding_accepted_containers_description": "কোন কন্টেইনার ফরম্যাটগুলোকে MP4-এ রিমুক্স করার প্রয়োজন নেই তা নির্বাচন করুন। শুধুমাত্র নির্দিষ্ট ট্রান্সকোড পলিসির জন্য ব্যবহৃত হয়।",
-    "transcoding_accepted_video_codecs": "সমর্থিত ভিডিও কোডেকগুলো",
-    "transcoding_accepted_video_codecs_description": "কোন ভিডিও কোডেকগুলো ট্রান্সকোড করার প্রয়োজন নেই তা নির্বাচন করুন। শুধুমাত্র নির্দিষ্ট ট্রান্সকোড নীতির জন্য ব্যবহৃত হয়।",
-    "transcoding_advanced_options_description": "বেশিরভাগ ব্যবহারকারীর পরিবর্তন করার প্রয়োজন নেই এমন অপশনসমূহ",
-    "transcoding_audio_codec": "অডিও কোডেক",
-    "transcoding_audio_codec_description": "Opus সর্বোচ্চ মানের অপশন, তবে পুরোনো ডিভাইস বা সফটওয়্যারের সাথে এর সামঞ্জস্য কম।",
-    "transcoding_bitrate_description": "সর্বোচ্চ বিটরেটের চেয়ে বেশি বা সমর্থিত ফরম্যাটে নয় এমন ভিডিও",
-    "transcoding_codecs_learn_more": "এখানে ব্যবহৃত পরিভাষা সম্পর্কে আরও জানতে FFmpeg ডকুমেন্টেশন দেখুন, <h264-link>H.264 কোডেক</h264-link>, <hevc-link>HEVC কোডেক</hevc-link> এবং <vp9-link>VP9 কোডেক</vp9-link>।",
-    "transcoding_constant_quality_mode": "নির্দিষ্ট মান মোড",
-    "transcoding_constant_quality_mode_description": "ICQ, CQP-এর চেয়ে ভালো মান দেয়, কিন্তু সব হার্ডওয়্যার অ্যাক্সেলারেশন ডিভাইসে কাজ করে না। এই অপশন চালু থাকলে কোয়ালিটি-ভিত্তিক এনকোডিংয়ে এটি প্রাধান্য পাবে। NVENC এটি সমর্থন করে না, তাই এটি উপেক্ষা করা হবে।",
-    "transcoding_constant_rate_factor": "নির্দিষ্ট রেট ফ্যাক্টর (-crf)",
-    "transcoding_constant_rate_factor_description": "ভিডিওর গুণমানের স্তর। সাধারণ মানগুলো হলো H.264-এর জন্য ২৩, HEVC-এর জন্য ২৮, VP9-এর জন্য ৩১ এবং AV1-এর জন্য ৩৫। মান যত কম হবে, ভিডিওর গুণমান তত উন্নত হবে, তবে ফাইলের আকার তত বড় হবে।",
-    "transcoding_disabled_description": "কোনো ভিডিও ট্রান্সকোড করবেন না, এতে কিছু ক্লায়েন্টে প্লেব্যাক নষ্ট হতে পারে",
-    "transcoding_encoding_options": "এনকোডিং এর অপশনগুলি",
-    "transcoding_encoding_options_description": "এনকোড করা ভিডিওগুলির জন্য কোডেক, রেজোলিউশন, কোয়ালিটি এবং অন্যান্য অপশন সেট করুন",
-    "transcoding_hardware_acceleration": "হার্ডওয়্যার এক্সিলারেসন (Acceleration)",
-    "transcoding_hardware_acceleration_description": "পরীক্ষামূলক: দ্রুততর ট্রান্সকোডিং, কিন্তু একই বিটরেটে গুণমান হ্রাস পেতে পারে",
-    "transcoding_hardware_decoding": "হার্ডওয়্যার ডিকোডিং",
-    "transcoding_hardware_decoding_setting_description": "শুধু এনকোডিং অ্যাক্সিলারেশন করার পরিবর্তে এটি এন্ড-টু-এন্ড অ্যাক্সিলারেশন সক্ষম করে। সব ভিডিওতে কাজ নাও করতে পারে।",
-    "transcoding_max_b_frames": "সর্বোচ্চ বি-ফ্রেম (B-frames)",
-    "transcoding_max_b_frames_description": "মান যত বেশি হবে, কমপ্রেশন তত ভালো হবে কিন্তু এনকোডিং ধীরে চলবে। পুরোনো ডিভাইসে হার্ডওয়্যার অ্যাক্সেলারেশন কাজ নাও করতে পারে। ০ দিলে B-frames বন্ধ থাকবে, -১ দিলে এটি নিজে থেকেই ঠিক হবে।",
-    "transcoding_max_bitrate": "সর্বোচ্চ বিটরেট",
-    "transcoding_max_bitrate_description": "সর্বোচ্চ বিটরেট নির্ধারণ করলে ফাইলের আকার আরও অনুমানযোগ্য হতে পারে, তবে এর ফলে কোয়ালিটির কিছুটা অবনতি ঘটে। 720p-তে, VP9 বা HEVC-এর জন্য সাধারণ মান হলো 2600 kbit/s, অথবা H.264-এর জন্য 4500 kbit/s।এর মান 0 সেট করা হলে এটি বন্ধ থাকে। যখন কোনো একক নির্দিষ্ট করা থাকে না, তখন k (kbit/s-এর জন্য) ধরে নেওয়া হয়; তাই 5000, 5000k, এবং 5M (Mbit/s-এর জন্য) সমতুল্য।",
-    "transcoding_max_keyframe_interval": "সর্বোচ্চ কীফ্রেম ব্যবধান",
-    "transcoding_max_keyframe_interval_description": "কীফ্রেমের মধ্যে সর্বোচ্চ ফ্রেম দূরত্ব নির্ধারণ করে। মান কম হলে কমপ্রেশন দক্ষতা কমে, তবে ভিডিওতে খুঁজে বের করা দ্রুত হয় এবং দ্রুত চলমান দৃশ্যে মানও কিছুটা ভালো হতে পারে। ০ দিলে এই মান স্বয়ংক্রিয়ভাবে নির্ধারিত হয়।",
-    "transcoding_optimal_description": "নির্দিষ্ট রেজোলিউশনের চেয়ে বড় বা সমর্থিত ফরম্যাটে নয় এমন ভিডিও",
-    "transcoding_policy": "ট্রান্সকোড নীতি",
-    "transcoding_policy_description": "ভিডিও কখন ট্রান্সকোড করা হবে তা সেট করুন",
-    "transcoding_preferred_hardware_device": "পছন্দের হার্ডওয়্যার ডিভাইস",
-    "transcoding_preferred_hardware_device_description": "শুধুমাত্র VAAPI এবং QSV-এর ক্ষেত্রে প্রযোজ্য। হার্ডওয়্যার ট্রান্সকোডিংয়ের জন্য ব্যবহৃত dri নোড নির্ধারণ করে।",
-    "transcoding_preset_preset": "প্রিসেট (-preset)",
-    "transcoding_preset_preset_description": "কম্প্রেশন স্পিড। ধীরগতির প্রিসেটগুলো ছোট ফাইল তৈরি করে এবং একটি নির্দিষ্ট বিটরেট লক্ষ্য করার সময় গুণমান বৃদ্ধি করে। VP9 'faster'-এর চেয়ে বেশি গতি উপেক্ষা করে।",
-    "transcoding_reference_frames": "রেফারেন্স ফ্রেম",
-    "transcoding_reference_frames_description": "একটি ফ্রেম কম্প্রেস করার সময় কতটি ফ্রেমকে রেফারেন্স হিসেবে নেওয়া হবে। মান যত বেশি হবে, কমপ্রেশন দক্ষতা তত ভালো হবে, তবে এনকোডিং ধীর হবে। ০ দিলে এই মান স্বয়ংক্রিয়ভাবে নির্ধারিত হবে।",
-    "transcoding_required_description": "শুধুমাত্র অনুমোদিত ফরম্যাটে নেই এমন ভিডিও",
-    "transcoding_settings": "ভিডিও ট্রান্সকোডিং সেটিংস",
-    "transcoding_settings_description": "নির্ধারণ করুন কোন ভিডিওগুলোকে ট্রান্সকোড করতে হবে এবং কিভাবে প্রক্রিয়া করতে হবে",
-    "transcoding_target_resolution": "টার্গেট রেজোলিউশন",
-    "transcoding_target_resolution_description": "উচ্চ রেজোলিউশন বেশি বিস্তারিত রাখে, কিন্তু এনকোডিং ধীরে হয়, ফাইল বড় হয়, এবং অ্যাপ ধীর প্রতিক্রিয়া করতে পারে।",
-    "transcoding_temporal_aq": "টেম্পোরাল AQ",
-    "transcoding_temporal_aq_description": "শুধুমাত্র NVENC-এর ক্ষেত্রে প্রযোজ্য। টেম্পোরাল অ্যাডাপটিভ কোয়ান্টাইজেশন (Adaptive Quantization) উচ্চ-বিস্তারিত ও স্বল্প-গতির দৃশ্যের মান বৃদ্ধি করে। পুরোনো ডিভাইসগুলোর সাথে সামঞ্জস্যপূর্ণ নাও হতে পারে।",
-    "transcoding_threads": "থ্রেড",
-    "transcoding_threads_description": "উচ্চ মানে এনকোডিং দ্রুত হয়, কিন্তু সার্ভার কম কাজ করতে পারে। CPU কোরের বেশি মান দেওয়া উচিত নয়। ০ দিলে সর্বাধিক ব্যবহার হবে।",
-    "transcoding_tone_mapping": "টোন-ম্যাপিং",
-    "transcoding_tone_mapping_description": "এইচডিআর (HDR) ভিডিওকে এসডিআর (SDR)-এ রূপান্তর করার সময় এর বাহ্যিক রূপ অক্ষুণ্ণ রাখার চেষ্টা করা হয়। প্রতিটি অ্যালগরিদম রঙ, ডিটেইল এবং উজ্জ্বলতার জন্য ভিন্ন ভিন্ন সমন্বয় করে। হেবল ডিটেইল, মোবিয়াস রঙ এবং রাইনহার্ড উজ্জ্বলতা অক্ষুণ্ণ রাখে।",
-    "transcoding_transcode_policy": "ট্রান্সকোড নীতি",
-    "transcoding_transcode_policy_description": "কখন একটি ভিডিও ট্রান্সকোড করা হবে তার নীতিমালা। HDR ভিডিও এবং YUV 4:2:0 ব্যতীত অন্য পিক্সেল ফরম্যাটের ভিডিও সর্বদা ট্রান্সকোড করা হবে (যদি না ট্রান্সকোডিং বন্ধ করা থাকে)।",
-    "transcoding_two_pass_encoding": "টু-পাস এনকোডিং",
-    "transcoding_two_pass_encoding_setting_description": "আরও উন্নত মানের এনকোডেড ভিডিও তৈরি করতে দুই ধাপে ট্রান্সকোড করুন। যখন সর্বোচ্চ বিটরেট সক্রিয় করা হয় (যা H.264 এবং HEVC-এর সাথে কাজ করার জন্য আবশ্যক), তখন এই মোডটি সর্বোচ্চ বিটরেটের উপর ভিত্তি করে একটি বিটরেট রেঞ্জ ব্যবহার করে এবং CRF উপেক্ষা করে। VP9-এর ক্ষেত্রে, সর্বোচ্চ বিটরেট নিষ্ক্রিয় থাকলেও CRF ব্যবহার করা যেতে পারে।",
-    "transcoding_video_codec": "ভিডিও কোডেক",
-    "transcoding_video_codec_description": "VP9 উচ্চ কর্মদক্ষতা সম্পন্ন এবং ওয়েবের সাথে সামঞ্জস্যপূর্ণ, কিন্তু ট্রান্সকোড করতে বেশি সময় লাগে। HEVC-এর কর্মক্ষমতাও প্রায় একই রকম, কিন্তু এর ওয়েব সামঞ্জস্যতা কম। H.264 ব্যাপকভাবে সামঞ্জস্যপূর্ণ এবং দ্রুত ট্রান্সকোড করা যায়, কিন্তু এটি অনেক বড় ফাইল তৈরি করে। AV1 সবচেয়ে কর্মদক্ষ কোডেক, কিন্তু পুরোনো ডিভাইসগুলোতে এর সমর্থন নেই।",
-    "trash_enabled_description": "ট্র্যাশ ফিচার চালু করুন",
-    "trash_number_of_days": "দিনের সংখ্যা",
-    "trash_number_of_days_description": "ট্র্যাশে থাকা অ্যাসেটগুলো স্থায়ীভাবে মুছে ফেলার আগে রাখার দিন সংখ্যা",
-    "trash_settings": "ট্র্যাশ সেটিংস",
-    "trash_settings_description": "ট্র্যাশ সেটিংস পরিচালনা করুন",
-    "unlink_all_oauth_accounts": "সকল OAuth অ্যাকাউন্ট আনলিঙ্ক করুন",
-    "unlink_all_oauth_accounts_description": "নতুন প্রোভাইডারে মাইগ্রেট করার আগে সব OAuth অ্যাকাউন্ট আনলিঙ্ক করুন।",
-    "unlink_all_oauth_accounts_prompt": "আপনি কি সব OAuth অ্যাকাউন্ট আনলিঙ্ক করতে নিশ্চিত? এটি প্রতিটি ব্যবহারকারীর OAuth আইডি রিসেট করে দেবে এবং এটি আর পূর্বাবস্থায় ফেরানো যাবে না।",
-    "user_cleanup_job": "ইউজার ক্লিনআপ",
-    "user_delete_delay": "<b>{user}</b>-এর অ্যাকাউন্ট এবং অ্যাসেট {delay, plural, one {# day} other {# days}} পর স্থায়ীভাবে মুছে ফেলার জন্য নির্ধারিত হবে।",
-    "user_delete_delay_settings": "মুছে ফেলার সময় বিলম্ব",
-    "user_delete_delay_settings_description": "অ্যাকাউন্ট এবং অ্যাসেট মুছে ফেলার পর কত দিনের মধ্যে স্থায়ীভাবে মুছে ফেলা হবে। ব্যবহারকারী মুছে ফেলার কাজ মধ্যরাতে চালানো হয় এবং দেখা হয় কোন ব্যবহারকারী স্থায়ীভাবে মুছে ফেলার জন্য প্রস্তুত। এই সেটিং পরিবর্তন করলে পরবর্তী এক্সিকিউশনের সময় তা প্রযোজ্য হবে।",
-    "user_delete_immediately": "<b>{user}</b>-এর অ্যাকাউন্ট এবং অ্যাসেট স্থায়ীভাবে মুছে ফেলার জন্য <b>immediately</b> কিউতে অন্তর্ভুক্ত করা হবে।",
-    "user_delete_immediately_checkbox": "ব্যবহারকারী ও অ্যাসেট তৎক্ষণাৎ মুছে ফেলার জন্য কিউ",
-    "user_details": "ব্যবহারকারী তথ্য",
-    "user_management": "ব্যবহারকারী ম্যানেজমেন্ট",
-    "user_password_has_been_reset": "ব্যবহারকারীর পাসওয়ার্ড রিসেট করা হয়েছে:",
-    "user_password_reset_description": "দয়া করে ব্যবহারকারীর জন্য সাময়িক পাসওয়ার্ড দিন এবং জানিয়ে দিন যে তারা পরবর্তী লগইনে পাসওয়ার্ড পরিবর্তন করবেন।",
-    "user_restore_description": "<b>{user}</b> এর অ্যাকাউন্ট পুনরুদ্ধার করা হবে।",
-    "user_restore_scheduled_removal": "ব্যবহারকারী পুনরুদ্ধার করুন - মুছে ফেলার জন্য নির্ধারিত তারিখ:{date, date, long}",
-    "user_settings": "ব্যবহারকারী সেটিংস",
-    "user_settings_description": "ব্যবহারকারী সেটিংস ম্যানেজ করুন",
-    "user_successfully_removed": "সফলভাবে ইউজার {email}-কে সরিয়ে দেওয়া হয়েছে।",
-    "version_check_enabled_description": "ভার্সন যাচাই চালু করুন",
-    "version_check_implications": "ভার্সন চেক ফিচারটি github.com-এর সঙ্গে নিয়মিত সংযোগের ওপর নির্ভরশীল",
-    "version_check_settings": "ভার্সন যাচাই",
-    "version_check_settings_description": "নতুন ভার্সনের নোটিফিকেশন চালু/বন্ধ করুন",
-    "video_conversion_job": "ভিডিও ট্রান্সকোড করুন",
-    "video_conversion_job_description": "ব্রাউজার এবং ডিভাইসে আরও ভালোভাবে চলার জন্য ভিডিও ট্রান্সকোড করুন"
+    "transcoding_accepted_containers": "গ্রহণযোগ্য কন্টেইনারসমূহ (Accepted containers)"
  },
-  "admin_email": "অ্যাডমিনের ইমেইল",
-  "admin_password": "অ্যাডমিনের পাসওয়ার্ড",
-  "administration": "অ্যাডমিন",
-  "advanced": "অ্যাডভান্সড",
-  "age_months": "বয়স {months, plural, one {# month} other {# months}}",
-  "age_year_months": "বয়স ১ বছর, {months, plural, one {# month} other {# months}}",
-  "album_added": "অ্যালবাম যুক্ত করা হয়েছে",
-  "album_added_notification_setting_description": "শেয়ার করা অ্যালবামে যুক্ত হলে ইমেইল নোটিফিকেশন পান",
-  "album_cover_updated": "অ্যালবামের কভার আপডেট হয়েছে",
-  "album_delete_confirmation": "আপনি কি সত্যিই অ্যালবাম {album} মুছে ফেলতে চান?",
-  "album_delete_confirmation_description": "অ্যালবামটি শেয়ার করা থাকলেও অন্য ব্যবহারকারীরা আর এটি অ্যাক্সেস করতে পারবেন না।",
-  "album_info_updated": "অ্যালবামের তথ্য আপডেট করা হয়েছে",
-  "album_leave": "অ্যালবাম থেকে বেরিয়ে যেতে চান ?",
-  "album_leave_confirmation": "আপনি কি নিশ্চিত যে আপনি {album} ছেড়ে যেতে চান?",
-  "album_name": "অ্যালবামের নাম",
-  "album_options": "অ্যালবামের অপশনসমূহ",
-  "album_remove_user": "ব্যবহারকারী সরাতে চান?",
-  "album_remove_user_confirmation": "আপনি কি নিশ্চিত যে আপনি {user}-কে সরাতে চান?",
-  "album_share_no_users": "এই অ্যালবামটি সব ব্যবহারকারীর সঙ্গে শেয়ার করা হয়েছে, বা শেয়ার করার জন্য কোনো ব্যবহারকারী নেই।",
-  "album_updated": "অ্যালবাম আপডেট করা হয়েছে",
-  "album_updated_setting_description": "নতুন অ্যাসেট যুক্ত হলে শেয়ার করা অ্যালবামের জন্য ইমেইল নোটিফিকেশন পান",
-  "album_user_left": "বাম {album}",
-  "album_user_removed": "{user} কে সরানো হয়েছে",
-  "album_with_link_access": "লিঙ্ক থাকা যে কেউ এই অ্যালবামের ছবি ও মানুষজনকে দেখতে পারবে।",
-  "albums": "অ্যালবামসমূহ",
-  "all": "সব",
-  "all_albums": "সকল অ্যালবামসমূহ",
-  "all_people": "সব ব্যবহারকারী",
-  "all_videos": "সব ভিডিও",
-  "allow_dark_mode": "ডার্ক মোড চালু করুন",
-  "allow_edits": "এডিটের অনুমতি দিন",
-  "allow_public_user_to_download": "সাধারণ ব্যবহারকারী ডাউনলোড করতে পারবে",
-  "allow_public_user_to_upload": "সাধারণ ব্যবহারকারী আপলোড করতে পারবে",
-  "anti_clockwise": "বিপরীত দিক",
-  "api_key": "API কী",
-  "api_key_description": "এই মান একবারই দেখানো হবে। উইন্ডো বন্ধ করার আগে অবশ্যই এটি কপি করুন।",
-  "api_key_empty": "API কী-এর নাম খালি রাখা যাবে না",
-  "api_keys": "API কী সমূহ",
-  "app_settings": "অ্যাপ সেটিংস",
-  "appears_in": "v1.106.4 থেকে, অ্যাসেট সাইডবারে ব্যবহার হয় ‘[albums]-এ উপস্থিত’ বোঝাতে",
-  "archive": "আর্কাইভ",
-  "archive_or_unarchive_photo": "ফটো আর্কাইভ অথবা আনআর্কাইভ করুন",
-  "archive_size": "আর্কাইভ সাইজ",
-  "archive_size_description": "ডাউনলোডের আর্কাইভ সাইজ নির্ধারণ করুন (GiB)",
-  "are_these_the_same_person": "এরা কি একই ব্যক্তি?",
-  "are_you_sure_to_do_this": "আপনি কি নিশ্চিত যে আপনি এটি করতে চান?",
-  "asset_added_to_album": "অ্যালবামে যুক্ত করা হয়েছে",
-  "asset_adding_to_album": "অ্যালবামে যুক্ত করা হচ্ছে…",
-  "asset_description_updated": "অ্যাসেটের বিবরণ আপডেট করা হয়েছে",
-  "asset_filename_is_offline": "{filename} অ্যাসেটটি বর্তমানে অফলাইন",
-  "asset_has_unassigned_faces": "অ্যাসেটটির কিছু মুখ অনির্ধারিত ফেস রয়েছে",
-  "asset_hashing": "হ্যাশিং চলছে…",
-  "asset_offline": "অ্যাসেট বর্তমানে অফলাইন",
-  "asset_offline_description": "এই এক্সটার্নাল অ্যাসেটটি এখন ডিস্কে নেই। সহায়তার জন্য Immich অ্যাডমিনিস্ট্রেটরের সাথে যোগাযোগ করুন।",
-  "asset_skipped": "এড়ানো হয়েছে",
-  "asset_skipped_in_trash": "ট্র্যাশে",
-  "asset_uploaded": "আপলোড সম্পন্ন",
-  "asset_uploading": "আপলোড চলছে…",
-  "assets": "অ্যাসেটসমূহ",
-  "assets_added_to_album_count": "অ্যালবামে {count, plural, one {# asset} other {# assets}} যুক্ত করা হয়েছে",
-  "assets_moved_to_trash_count": "{count, plural, one {# asset} other {# assets}} ট্র্যাশে সরানো হয়েছে",
-  "assets_permanently_deleted_count": "{count, plural, one {# asset} other {# assets}} স্থায়ীভাবে মুছে ফেলা হয়েছে",
-  "assets_removed_count": "{count, plural, one {# asset} other {# assets}} সরানো হয়েছে",
-  "assets_restore_confirmation": "আপনি কি সত্যিই আপনার সব ট্র্যাশ করা অ্যাসেট পুনরুদ্ধার করতে চান? এটি পূর্বাবস্থায় ফিরানো যাবে না। তবে অফলাইন অ্যাসেট এইভাবে পুনরুদ্ধার হবে না।",
-  "assets_restored_count": "{count, plural, one {# asset} other {# assets}} পুনরুদ্ধার করা হয়েছে",
-  "assets_trashed_count": "{count, plural, one {# asset} other {# assets}} ট্র্যাশে পাঠানো হয়েছে",
-  "assets_were_part_of_album_count": "{count, plural, one {Asset was} other {Assets were}} আগেই অ্যালবামে যুক্ত ছিল",
-  "authorized_devices": "অনুমোদিত ডিভাইস",
-  "back": "ফিরে যান",
-  "back_close_deselect": "ফিরে যান, বন্ধ করুন বা নির্বাচন বাতিল করুন",
-  "backward": "পিছনে",
-  "birthdate_saved": "জন্ম তারিখ সংরক্ষণ সম্পন্ন",
-  "birthdate_set_description": "একটি ছবির সময়ে ব্যক্তির বয়স গণনার জন্য জন্ম তারিখ ব্যবহার করা হয়।",
-  "blurred_background": "ব্লারড ব্যাকগ্রাউন্ড",
-  "bugs_and_feature_requests": "বাগ ও ফিচার রিকোয়েস্ট",
-  "build": "বিল্ড",
-  "build_image": "বিল্ড ইমেজ",
-  "bulk_delete_duplicates_confirmation": "আপনি কি সত্যিই {count, plural, one {# duplicate asset} other {# duplicate assets}} একসাথে মুছে ফেলতে চান? প্রতিটি গ্রুপের সবচেয়ে বড় অ্যাসেট রাখা হবে, বাকিগুলো স্থায়ীভাবে মুছে যাবে। এটি পূর্বাবস্থায় ফিরানো যাবে না!",
-  "bulk_keep_duplicates_confirmation": "আপনি কি সত্যিই {count, plural, one {# duplicate asset} other {# duplicate assets}} রাখতে চান? সব ডুপ্লিকেট গ্রুপ ঠিক করা হবে, কোনো কিছু মুছে ফেলা হবে না।",
-  "bulk_trash_duplicates_confirmation": "আপনি কি সত্যিই {count, plural, one {# duplicate asset} other {# duplicate assets}} একসাথে ট্র্যাশ করতে চান? প্রতিটি গ্রুপের সবচেয়ে বড় অ্যাসেট রাখা হবে, বাকিগুলো ট্র্যাশে যাবে।",
-  "buy": "Immich ক্রয় করুন",
-  "camera": "ক্যামেরা",
-  "camera_brand": "ক্যামেরা ব্র্যান্ড",
-  "camera_model": "ক্যামেরা মডেল",
-  "cancel": "বাতিল",
-  "cancel_search": "সার্চ বন্ধ করুন",
-  "cannot_merge_people": "ব্যক্তিদের একত্র করা সম্ভব নয়",
-  "cannot_undo_this_action": "এই কাজ পূর্বাবস্থায় ফেরানো যাবে না!",
-  "cannot_update_the_description": "বিবরণ পরিবর্তন সম্ভব নয়",
-  "change_date": "তারিখ পরিবর্তন",
-  "change_expiration_time": "মেয়াদ শেষের সময় পরিবর্তন",
-  "change_location": "লোকেশন পরিবর্তন",
-  "change_name": "নাম পরিবর্তন করুন",
-  "change_name_successfully": "নাম সফলভাবে পরিবর্তন হয়েছে",
-  "change_password": "পাসওয়ার্ড পরিবর্তন করুন",
-  "change_password_description": "আপনি হয়তো প্রথমবার লগইন করছেন বা পাসওয়ার্ড পরিবর্তনের অনুরোধ করেছেন। নিচে নতুন পাসওয়ার্ড দিন।",
-  "change_your_password": "আপনার পাসওয়ার্ড পরিবর্তন করুন",
-  "changed_visibility_successfully": "ভিসিবিলিটি সফলভাবে পরিবর্তন হয়েছে",
-  "check_logs": "লগ দেখুন",
-  "choose_matching_people_to_merge": "একত্র করার জন্য মিল থাকা ব্যক্তিদের নির্বাচন করুন",
-  "city": "শহর",
-  "clear": "মুছুন",
-  "clear_all": "সব মুছুন",
-  "clear_all_recent_searches": "সাম্প্রতিক সব অনুসন্ধান পরিষ্কার করুন",
-  "clear_message": "মেসেজ পরিষ্কার করুন",
-  "clear_value": "ভ্যালু মুছুন",
-  "clockwise": "ঘড়ির কাঁটার দিকে",
-  "close": "বন্ধ",
-  "collapse": "সংকুচিত করুন",
-  "collapse_all": "সব সংকুচিত",
-  "color": "রং",
-  "color_theme": "কালার থিম",
-  "comment_deleted": "মন্তব্য মুছে ফেলা হয়েছে",
-  "comment_options": "মন্তব্য অপশন",
-  "comments_and_likes": "মন্তব্য ও লাইক",
-  "comments_are_disabled": "মন্তব্য বন্ধ করা হয়েছে",
-  "confirm": "নিশ্চিত",
-  "confirm_admin_password": "অ্যাডমিন পাসওয়ার্ড পুনরায় লিখুন",
-  "confirm_delete_shared_link": "আপনি কি নিশ্চিত যে আপনি এই শেয়ার করা লিঙ্কটি মুছে ফেলতে চান?",
-  "confirm_keep_this_delete_others": "স্ট্যাকের এই অ্যাসেট ছাড়া সব অন্যান্য অ্যাসেট মুছে যাবে। আপনি কি নিশ্চিত যে আপনি চালিয়ে যেতে চান?",
-  "confirm_password": "পাসওয়ার্ড পুনরায় লিখুন",
-  "contain": "মাপমত",
-  "context": "প্রসঙ্গ",
-  "continue": "এগিয়ে যান",
-  "copied_image_to_clipboard": "ছবি ক্লিপবোর্ডে কপি হয়েছে।",
-  "copied_to_clipboard": "ক্লিপবোর্ডে কপি হয়েছে!",
-  "copy_error": "Error-টি কপি করুন",
-  "copy_file_path": "ফাইল পাথ কপি",
-  "copy_image": "ছবি কপি",
-  "copy_link": "লিঙ্ক কপি",
-  "copy_link_to_clipboard": "ক্লিপবোর্ডে লিঙ্ক কপি করুন",
-  "copy_password": "পাসওয়ার্ড কপি করুন",
-  "copy_to_clipboard": "ক্লিপবোর্ডে কপি করুন",
-  "country": "দেশ",
-  "cover": "সম্পূর্ণভাবে",
-  "covers": "কভারস",
-  "create": "তৈরি করুন",
-  "create_album": "অ্যালবাম তৈরি",
-  "create_library": "লাইব্রেরি তৈরি",
-  "create_link": "লিঙ্ক তৈরি",
-  "create_link_to_share": "শেয়ার লিঙ্ক তৈরি",
-  "create_link_to_share_description": "লিঙ্কের মাধ্যমে সবাই নির্বাচিত ছবি দেখতে পারবে",
-  "create_new_person": "নতুন ব্যক্তি যোগ করুন",
-  "create_new_person_hint": "নির্বাচিত অ্যাসেট নতুন ব্যক্তির সঙ্গে যুক্ত করুন",
-  "create_new_user": "নতুন ব্যবহারকারী যোগ করুন",
-  "create_tag": "ট্যাগ তৈরি",
-  "create_tag_description": "নতুন ট্যাগ তৈরি করুন। নেস্টেড ট্যাগের ক্ষেত্রে সম্পূর্ণ পাথ - ফরওয়ার্ড স্ল্যাশসহ দিন।",
-  "create_user": "ব্যবহারকারী যোগ করুন",
-  "created": "যোগ করা হয়েছে",
-  "current_device": "চলতি ডিভাইস",
-  "custom_locale": "কাস্টম লোকেল",
-  "custom_locale_description": "নির্বাচিত ভাষা এবং অঞ্চলের ভিত্তিতে তারিখ, সময় এবং সংখ্যা ফরম্যাট করুন",
-  "dark": "ডার্ক",
-  "date_after": "এর পরের তারিখ",
-  "date_and_time": "তারিখ এবং সময়",
-  "date_before": "এর আগের তারিখ",
-  "date_of_birth_saved": "জন্ম তারিখ সফলভাবে সংরক্ষণ করা হয়েছে",
-  "delete": "মুছুন",
-  "delete_album": "অ্যালবাম মুছুন",
-  "delete_api_key_prompt": "আপনি কি সত্যিই এই API key মুছে ফেলতে চান?",
-  "delete_duplicates_confirmation": "আপনি কি সত্যিই এই ডুপ্লিকেটগুলো স্থায়ীভাবে মুছতে চান?",
-  "delete_key": "key মুছুন",
-  "delete_library": "লাইব্রেরি মুছুন",
-  "delete_link": "লিঙ্ক মুছুন",
-  "delete_others": "বাকিগুলো মুছুন",
-  "delete_shared_link": "শেয়ার করা লিঙ্ক মুছুন",
-  "delete_tag": "ট্যাগ মুছুন",
-  "delete_tag_confirmation_prompt": "আপনি কি নিশ্চিতভাবে {tagName} ট্যাগটি মুছতে চান?",
-  "delete_user": "ইউজার মুছুন",
-  "deleted_shared_link": "শেয়ার করা লিঙ্কটি মুছুন",
-  "deletes_missing_assets": "ডিস্ক থেকে হারানো অ্যাসেটগুলো মুছে",
-  "description": "বিবরন",
-  "details": "বিস্তারিত",
-  "direction": "দিকনির্দেশনা",
-  "disabled": "নিষ্ক্রিয়",
-  "disallow_edits": "সম্পাদনা করার অনুমতি দেবেন না",
-  "discord": "ডিসকর্ড",
-  "discover": "ডিসকভার",
-  "dismiss_all_errors": "সব ত্রুটি বাতিল করুন",
-  "dismiss_error": "ত্রুটি বাতিল করুন",
-  "display_options": "ডিসপ্লে অপশন",
-  "display_order": "ডিসপ্লে অর্ডার",
-  "display_original_photos": "অরিজিনাল ছবি দেখান",
-  "display_original_photos_setting_description": "অরিজিনাল অ্যাসেটটি ওয়েব-সামঞ্জস্যপূর্ণ (web-compatible) হলে অ্যাসেট দেখার সময় থাম্বনেইলের পরিবর্তে মূল ফটোটি প্রদর্শন করতে অগ্রাধিকার দিন। এর ফলে ফটো প্রদর্শনের গতি কিছুটা ধীর হতে পারে।",
-  "do_not_show_again": "এই মেসেজটি আর দেখাবেন না",
-  "documentation": "সহায়ক নির্দেশিকা",
-  "done": "সম্পন্ন",
-  "download": "ডাউনলোড",
-  "download_include_embedded_motion_videos": "এমবেডেড ভিডিও",
-  "download_include_embedded_motion_videos_description": "মোশন ফটোর (motion photos) মধ্যে থাকা ভিডিওগুলোকে আলাদা ফাইল হিসেবে অন্তর্ভুক্ত করুন",
-  "download_settings": "ডাউনলোড",
-  "download_settings_description": "অ্যাসেট ডাউনলোডের সেটিংস পরিচালনা করুন",
-  "open_in_browser": "ব্রাউজারে ওপেন করুন",
  "user_usage_stats": "অ্যাকাউন্ট ব্যবহারের পরিসংখ্যান",
  "user_usage_stats_description": "অ্যাকাউন্ট ব্যবহারের পরিসংখ্যান দেখুন",
  "yes": "হ্যাঁ",
@@ -372,7 +372,7 @@
    "transcoding_audio_codec": "Còdec d'àudio",
    "transcoding_audio_codec_description": "Opus és l'opció de màxima qualitat, però té menor compatibilitat amb dispositius o programari antics.",
    "transcoding_bitrate_description": "Vídeos superiors a la taxa de bits màxima o que no tenen un format acceptat",
-    "transcoding_codecs_learn_more": "Per obtenir més informació sobre la terminologia utilitzada, consulteu la documentació de FFmpeg per al <h264-link>còdec H.264</h264-link>, <hevc-link>còdec HEVC</hevc-link> i <vp9-link>còdec VP9</vp9-link>.",
+    "transcoding_codecs_learn_more": "Per obtenir més informació sobre la terminologia utilitzada, consulteu la documentació de FFmpeg per al <h264-link> còdec H.264</h264-link>, <hevc-link> còdec HEVC</hevc-link> i <vp9-link> còdec VP9</vp9-link>.",
    "transcoding_constant_quality_mode": "Mode de qualitat constant",
    "transcoding_constant_quality_mode_description": "ICQ és millor que CQP, però alguns dispositius d'acceleració de maquinari no admeten aquest mode. Establir aquesta opció preferirà el mode especificat quan utilitzeu la codificació basada en la qualitat. Ignorat per NVENC perquè no és compatible amb ICQ.",
    "transcoding_constant_rate_factor": "Factor de taxa constant (-crf)",
@@ -441,7 +441,7 @@
    "user_successfully_removed": "L'usuari {email} s'ha eliminat correctament.",
    "users_page_description": "Pàgina d'usuaris de l'administrador",
    "version_check_enabled_description": "Activa la comprovació de la versió",
-    "version_check_implications": "La funció de comprovació de versions depèn de comunicacions periòdiques amb {server}",
+    "version_check_implications": "La funció de comprovació de versions depèn de comunicacions periòdiques amb github.com",
    "version_check_settings": "Comprovació de versió",
    "version_check_settings_description": "Activa/desactiva la notificació de nova versió",
    "video_conversion_job": "Transcodificació de vídeos",
@@ -849,12 +849,9 @@
  "create_link_to_share": "Crear enllaç per compartir",
  "create_link_to_share_description": "Deixa que qualsevol persona amb l'enllaç vegi les fotos seleccionades",
  "create_new": "CREAR NOU",
-  "create_new_face": "Crea una nova cara",
  "create_new_person": "Crea una nova persona",
  "create_new_person_hint": "Assigna els elements seleccionats a una persona nova",
  "create_new_user": "Crea un usuari nou",
-  "create_person": "Crea una persona",
-  "create_person_subtitle": "Afegeix un nom a la cara seleccionada per crear i etiquetar la nova persona",
  "create_shared_album_page_share_add_assets": "AFEGEIX ELEMENTS",
  "create_shared_album_page_share_select_photos": "Escull fotografies",
  "create_shared_link": "Crea un enllaç compartit",
@@ -869,7 +866,6 @@
  "crop_aspect_ratio_fixed": "Fixat",
  "crop_aspect_ratio_free": "Lliure",
  "crop_aspect_ratio_original": "Original",
-  "crop_aspect_ratio_square": "Quadrat",
  "curated_object_page_title": "Coses",
  "current_device": "Dispositiu actual",
  "current_pin_code": "Codi PIN actual",
@@ -884,7 +880,7 @@
  "daily_title_text_date": "E, dd MMM",
  "daily_title_text_date_year": "E, dd MMM, yyyy",
  "dark": "Fosc",
-  "dark_theme": "Canvia a tema fosc",
+  "dark_theme": "Canviar a tema fosc",
  "date": "Data",
  "date_after": "Data posterior a",
  "date_and_time": "Data i hora",
@@ -895,8 +891,10 @@
  "day": "Dia",
  "days": "Dies",
  "deduplicate_all": "Desduplica-ho tot",
-  "default_locale": "Configuració regional predeterminada",
-  "default_locale_description": "Format de dades i números en funció de la configuració local",
+  "deduplication_criteria_1": "Mida d'imatge en bytes",
+  "deduplication_criteria_2": "Quantitat de dades EXIF",
+  "deduplication_info": "Informació de deduplicació",
+  "deduplication_info_description": "Per preseleccionar recursos automàticament i eliminar els duplicats de manera massiva, ens fixem en:",
  "delete": "Esborrar",
  "delete_action_confirmation_message": "Segur que vols eliminar aquest recurs? Aquesta acció el mourà a la paperera del servidor, i et preguntarà si el vols eliminar localment",
  "delete_action_prompt": "{count} eliminats",
@@ -972,7 +970,7 @@
  "downloading_media": "Descàrrega multimèdia",
  "drop_files_to_upload": "Deixeu els fitxers a qualsevol lloc per pujar-los",
  "duplicates": "Duplicats",
-  "duplicates_description": "Resol cada grup indicant, si n'hi ha, quins són duplicats.",
+  "duplicates_description": "Resol cada grup indicant, si n'hi ha, quins són duplicats",
  "duration": "Durada",
  "edit": "Editar",
  "edit_album": "Edita l'àlbum",
@@ -994,7 +992,7 @@
  "edit_location_dialog_title": "Ubicació",
  "edit_name": "Edita el nom",
  "edit_people": "Edita la gent",
-  "edit_tag": "Edita etiqueta",
+  "edit_tag": "Editar etiqueta",
  "edit_title": "Edita títol",
  "edit_user": "Edita l'usuari",
  "edit_workflow": "Edita el flux de treball",
@@ -1009,8 +1007,6 @@
  "editor_edits_applied_success": "Les modificacions s'han aplicat correctament",
  "editor_flip_horizontal": "Capgira horitzontalment",
  "editor_flip_vertical": "Capgira verticalment",
-  "editor_handle_corner": "{corner, select, top_left {Top-left} top_right {Top-right} bottom_left {Bottom-left} bottom_right {Bottom-right} other {A}} cantó per agafar",
-  "editor_handle_edge": "{edge, select, top {Top} bottom {Bottom} left {Left} right {Right} other {An}} cantó per agafar",
  "editor_orientation": "Orientació",
  "editor_reset_all_changes": "Reiniciar canvis",
  "editor_rotate_left": "Rota 90º al contrari de les agulles",
@@ -1172,7 +1168,7 @@
  "exif_bottom_sheet_description_error": "No s'ha pogut actualitzar la descripció",
  "exif_bottom_sheet_details": "DETALLS",
  "exif_bottom_sheet_location": "UBICACIÓ",
-  "exif_bottom_sheet_no_description": "Sense descripció",
+  "exif_bottom_sheet_no_description": "Sense descrioció",
  "exif_bottom_sheet_people": "PERSONES",
  "exif_bottom_sheet_person_add_person": "Afegir nom",
  "exit_slideshow": "Surt de la presentació de diapositives",
@@ -1389,11 +1385,9 @@
  "library_page_sort_title": "Títol de l'àlbum",
  "licenses": "Llicències",
  "light": "Llum",
-  "light_theme": "Canviar a tema clar",
  "like": "M'agrada",
  "like_deleted": "M'agrada suprimit",
  "link_motion_video": "Enllaçar vídeo en moviment",
-  "link_to_docs": "Per més informació, mirar la <link>documentation</link>.",
  "link_to_oauth": "Enllaç a OAuth",
  "linked_oauth_account": "Compte OAuth enllaçat",
  "list": "Llista",
@@ -1655,7 +1649,6 @@
  "only_favorites": "Només preferits",
  "open": "Obrir",
  "open_calendar": "Obrir el calendari",
-  "open_in_browser": "Obre al navegador",
  "open_in_map_view": "Obrir a la vista del mapa",
  "open_in_openstreetmap": "Obre a OpenStreetMap",
  "open_the_search_filters": "Obriu els filtres de cerca",
@@ -2217,7 +2210,6 @@
  "tag": "Etiqueta",
  "tag_assets": "Etiquetar actius",
  "tag_created": "Etiqueta creada: {tag}",
-  "tag_face": "Etiqueta una cara",
  "tag_feature_description": "Exploreu fotos i vídeos agrupats per temes d'etiquetes lògiques",
  "tag_not_found_question": "No trobeu una etiqueta? <link>Crear una nova etiqueta.</link>",
  "tag_people": "Etiquetar personas",
@@ -2399,7 +2391,6 @@
  "viewer_remove_from_stack": "Elimina de la pila",
  "viewer_stack_use_as_main_asset": "Fes servir com a element principal",
  "viewer_unstack": "Desapila",
-  "visibility": "Visibilitat",
  "visibility_changed": "La visibilitat ha canviat per {count, plural, one {# persona} other {# persones}}",
  "visual": "Visual",
  "visual_builder": "Constructor visual",
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
mertalev	f633612427	update job queries	2026-04-03 02:13:49 -04:00
mertalev	1d713f4829	handle shared link	2026-04-03 01:27:41 -04:00
mertalev	0a587bd48d	update to latest draft, apply old upload changes	2026-04-03 00:58:57 -04:00
Ben McCann	253143ed49	add a missing import	2026-03-29 11:34:50 -07:00
Ben McCann	f7780883c4	format	2026-03-29 11:25:18 -07:00
Ben McCann	901d544efd	run make open-api	2026-03-29 11:15:13 -07:00
Ben McCann	c07e87a7e5	regenerate sql files	2026-03-29 11:13:12 -07:00
Ben McCann	5133ff1909	fix build	2026-03-29 10:34:29 -07:00
Ben McCann	0c7f2dd8d2	merge main	2026-03-29 09:33:19 -07:00
mertalev	7ba458668b	remove upload-length from conventional upload e2e	2025-11-06 12:15:54 -05:00
mertalev	ea034f21bc	linting	2025-11-06 12:15:54 -05:00
mertalev	a68513247d	redundant check	2025-11-06 12:15:54 -05:00
mertalev	59f7f3c23e	update api	2025-11-06 12:15:54 -05:00
mertalev	c88bde3cab	lint	2025-11-06 12:15:54 -05:00
mertalev	818bd51036	support conventional uploads	2025-11-06 12:15:54 -05:00
mertalev	3c72409712	require header for incomplete uploads	2025-11-06 12:15:54 -05:00
mertalev	8d1a8b9465	reject empty file	2025-11-06 12:15:54 -05:00
mertalev	d880e7baed	infer upload length when possible	2025-11-06 12:15:54 -05:00
mertalev	42801ace35	update api	2025-11-06 12:15:54 -05:00
mertalev	838b8e9126	set `max-age` limit	2025-11-06 12:15:19 -05:00
mertalev	9da5a48bdd	add live photo e2e	2025-11-06 12:15:19 -05:00
mertalev	27f126bd58	better abort check	2025-11-06 12:15:19 -05:00
mertalev	a238c6a70d	unnecessary change	2025-11-06 12:15:19 -05:00
mertalev	7222d7af30	configurable cleanup	2025-11-06 12:15:19 -05:00
mertalev	d660ab2218	handle live photos	2025-11-06 12:13:33 -05:00
mertalev	69ffbcd5cf	tweak types	2025-11-06 12:13:33 -05:00
mertalev	bc84486668	MUST NOT validation	2025-11-06 12:13:33 -05:00
mertalev	2666ee2b4f	remove log	2025-11-06 12:12:27 -05:00
mertalev	72ea7799c0	lint	2025-11-06 12:12:27 -05:00
mertalev	98c8c28b62	test interruption + abort	2025-11-06 12:12:27 -05:00
mertalev	6b1d26d3a2	more content length test inputs	2025-11-06 12:12:27 -05:00
mertalev	5e07976288	fix abortion return	2025-11-06 12:12:27 -05:00
mertalev	3f1133f9b7	typo	2025-11-06 12:12:27 -05:00
mertalev	3a087ed2cd	proactive abortion	2025-11-06 12:12:27 -05:00
mertalev	c723a9ac78	better content length handling	2025-11-06 12:09:27 -05:00
mertalev	550460891d	add timeout	2025-11-06 12:09:27 -05:00
mertalev	e3e8da168f	tidying	2025-11-06 12:09:27 -05:00
mertalev	de117ebe7a	listen to upload event in e2e test resume with real image	2025-11-06 12:09:27 -05:00
mertalev	3d507015e0	add service tests	2025-11-06 12:09:26 -05:00
mertalev	fe71662d24	add controller tests, move validation testing from e2e revert unnecessary change update mocks add structured-headers to e2e deps	2025-11-06 12:09:26 -05:00
mertalev	81a66350f6	add note about RFC 9651 authdto remove excess logs use structured dictionary	2025-11-06 12:07:34 -05:00
mertalev	c33e65362a	clean up stale uploads stale upload cleanup try/catch file check	2025-11-06 12:07:34 -05:00
mertalev	bb5519036a	unnecessary quota check	2025-11-06 12:07:34 -05:00
mertalev	177c997d96	interim+500 interim+500 interim+500	2025-11-06 12:07:34 -05:00
mertalev	2d6a2dc77b	more e2e tests consistent e2e sections decrement quota on cancel	2025-11-06 12:07:34 -05:00
mertalev	e193cb3a5b	tweaks shared pipe method shared pipe method require size upfront make length optional for patch requests	2025-11-06 12:07:34 -05:00
mertalev	4b63d3d055	ensure stream is closed before releasing lock	2025-11-06 12:07:34 -05:00
mertalev	4ed92f5df5	dto refactor add logging handle metadata	2025-11-06 12:07:34 -05:00
mertalev	6f61bf04e4	backward compatibility	2025-11-06 12:07:34 -05:00
mertalev	b21d0a1c53	working e2e	2025-11-06 12:07:34 -05:00
mertalev	f80326872e	interop v8 compliance	2025-11-06 12:07:34 -05:00
mertalev	7561c5e1c4	chunked upload controller	2025-11-06 12:05:56 -05:00
@@ -1 +1 @@
 .15.0
 .14.0