update job queries

handle shared link
update to latest draft, apply old upload changes
2026-05-21 15:16:31 -04:00 · 2026-04-03 02:13:49 -04:00 · 2026-04-03 01:27:41 -04:00 · 2026-04-03 00:58:57 -04:00 · 2026-03-29 11:34:50 -07:00 · 2026-03-29 11:25:18 -07:00
238 changed files with 9852 additions and 9460 deletions
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -35,7 +35,12 @@ jobs:
  close_template:
    runs-on: ubuntu-latest
    needs: parse_template
-    if: ${{ needs.parse_template.outputs.uses_template == 'false' && github.event.pull_request.state != 'closed' }}
+    if: >-
+      ${{
+        needs.parse_template.outputs.uses_template == 'false'
+        && github.event.pull_request.state != 'closed'
+        && !contains(github.event.pull_request.labels.*.name, 'auto-closed:template')
+      }}
    permissions:
      pull-requests: write
    steps:
@@ -66,7 +71,7 @@ jobs:
        env:
          GH_TOKEN: ${{ github.token }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
-        run: gh pr edit "$PR_NUMBER" --add-label "auto-closed:template"
+        run: gh pr edit "$PR_NUMBER" --repo "${{ github.repository }}" --add-label "auto-closed:template"

  close_llm:
    runs-on: ubuntu-latest
@@ -113,7 +118,7 @@ jobs:
        env:
          GH_TOKEN: ${{ github.token }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
-        run: gh pr edit "$PR_NUMBER" --remove-label "auto-closed:template" || true
+        run: gh pr edit "$PR_NUMBER" --repo "${{ github.repository }}" --remove-label "auto-closed:template" || true

      - name: Check for remaining auto-closed labels
        id: check_labels
@@ -121,7 +126,7 @@ jobs:
          GH_TOKEN: ${{ github.token }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
        run: |
-          REMAINING=$(gh pr view "$PR_NUMBER" --json labels \
+          REMAINING=$(gh pr view "$PR_NUMBER" --repo "${{ github.repository }}" --json labels \
            --jq '[.labels[].name | select(startswith("auto-closed:"))] | length')
          echo "remaining=$REMAINING" >> "$GITHUB_OUTPUT"

@@ -178,7 +178,7 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}

@@ -189,6 +189,6 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
@@ -566,7 +566,7 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
  mobile-unit-tests:
@@ -68,6 +68,6 @@ jobs:
    permissions: {}
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "@immich/cli",
-  "version": "2.6.2",
+  "version": "2.6.3",
  "description": "Command Line Interface (CLI) for Immich",
  "type": "module",
  "exports": "./dist/index.js",
@@ -20,7 +20,7 @@
    "@types/lodash-es": "^4.17.12",
    "@types/micromatch": "^4.0.9",
    "@types/mock-fs": "^4.13.1",
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "@vitest/coverage-v8": "^4.0.0",
    "byte-size": "^9.0.0",
    "cli-progress": "^3.12.0",
@@ -68,6 +68,6 @@
    "micromatch": "^4.0.8"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -90,6 +90,7 @@ services:
      IMMICH_THIRD_PARTY_BUG_FEATURE_URL: https://github.com/immich-app/immich/issues
      IMMICH_THIRD_PARTY_DOCUMENTATION_URL: https://docs.immich.app
      IMMICH_THIRD_PARTY_SUPPORT_URL: https://docs.immich.app/community-guides
+      IMMICH_HELMET_FILE: 'true'
    ports:
      - 9230:9230
      - 9231:9231
@@ -97,7 +97,7 @@ services:
    command: ['./run.sh', '-disable-reporting']
    ports:
      - 3000:3000
-    image: grafana/grafana:12.3.2-ubuntu@sha256:6cca4b429a1dc0d37d401dee54825c12d40056c3c6f3f56e3f0d6318ce77749b
+    image: grafana/grafana:12.4.1-ubuntu@sha256:1a20dea76a2778773df17dbc365db86b1a4f2d57772b8590b6311038a3acb1db
    volumes:
      - grafana-data:/var/lib/grafana

@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -0,0 +1,28 @@
+# Duplicates Utility
+
+Immich comes with a duplicates utility to help you detect assets that look visually similar. The duplicate detection feature relies on machine learning and is enabled by default. For more information about when the duplicate detection job runs, see [Jobs and Workers](/administration/jobs-workers). Once an asset has been processed and added to a duplicate group, it becomes available to review in the "Review duplicates" utility, which can be found [here](https://my.immich.app/utilities/duplicates).
+
+## Reviewing duplicates
+
+The review duplicates page allows the user to individually select which assets should be kept and which ones should be trashed. When more than one asset is kept, there is an option to automatically put the kept assets into a stack.
+
+### Automatic preselection
+
+When using "Deduplicate All" or viewing suggestions, Immich automatically preselects which assets to keep based on:
+
+1. **Image size in bytes** — larger files are preferred as they typically have higher quality.
+2. **Count of EXIF data** — assets with more metadata are preferred.
+
+### Synchronizing metadata
+
+When resolving duplicates, metadata from trashed assets is automatically synchronized to the kept assets. The following metadata is synchronized:
+
+| Name        | Description                                                                                                                     |
+| ----------- | ------------------------------------------------------------------------------------------------------------------------------- |
+| Album       | The kept assets will be added to _every_ album that the other assets in the group belong to.                                    |
+| Favorite    | If any of the assets in the group have been added to favorites, every kept asset will also be added to favorites.               |
+| Rating      | If one or more assets in the duplicate group have a rating, the highest rating is selected and synchronized to the kept assets. |
+| Description | Descriptions from each asset are combined together and synchronized to all the kept assets.                                     |
+| Visibility  | The most restrictive visibility is applied to the kept assets.                                                                  |
+| Location    | Latitude and longitude are copied if all assets with geolocation data in the group share the same coordinates.                  |
+| Tag         | Tags from all assets in the group are merged and applied to every kept asset.                                                   |
@@ -3,8 +3,8 @@
 You may decide that you'd like to modify the style document which is used to
 draw the maps in Immich. In addition to visual customization, this also allows
 you to pick your own map tile provider instead of the default one. The default
-`style.json` for [light theme](https://github.com/immich-app/immich/tree/main/server/resources/style-light.json)
-and [dark theme](https://github.com/immich-app/immich/blob/main/server/resources/style-dark.json)
+`style.json` for [light theme](https://tiles.immich.cloud/v1/style/light.json)
+and [dark theme](https://tiles.immich.cloud/v1/style/dark.json)
 can be used as a basis for creating your own style.

 There are several sources for already-made `style.json` map themes, as well as
@@ -29,22 +29,23 @@ These environment variables are used by the `docker-compose.yml` file and do **N

 ## General

-| Variable                            | Description                                                                               |           Default            | Containers               | Workers            |
-| :---------------------------------- | :---------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
-| `TZ`                                | Timezone                                                                                  |        <sup>\*1</sup>        | server                   | microservices      |
-| `IMMICH_ENV`                        | Environment (production, development)                                                     |         `production`         | server, machine learning | api, microservices |
-| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                              |            `log`             | server, machine learning | api, microservices |
-| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                     |          `console`           | server                   | api, microservices |
-| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️ |           `/data`            | server                   | api, microservices |
-| `IMMICH_CONFIG_FILE`                | Path to config file                                                                       |                              | server                   | api, microservices |
-| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                           |           `false`            | server, machine learning |                    |
-| `CPU_CORES`                         | Number of cores available to the Immich server                                            | auto-detected CPU core count | server                   |                    |
-| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                 |            `8081`            | server                   | api                |
-| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                 |            `8082`            | server                   | microservices      |
-| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                       |                              | server                   | microservices      |
-| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                        |                              | server                   | api                |
-| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                  |                              | server                   | api, microservices |
-| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                  |            `true`            | server                   | api                |
+| Variable                            | Description                                                                                                                                            |           Default            | Containers               | Workers            |
+| :---------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
+| `TZ`                                | Timezone                                                                                                                                               |        <sup>\*1</sup>        | server                   | microservices      |
+| `IMMICH_ENV`                        | Environment (production, development)                                                                                                                  |         `production`         | server, machine learning | api, microservices |
+| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                                                                                           |            `log`             | server, machine learning | api, microservices |
+| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                                                                                  |          `console`           | server                   | api, microservices |
+| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️                                                              |           `/data`            | server                   | api, microservices |
+| `IMMICH_CONFIG_FILE`                | Path to config file                                                                                                                                    |                              | server                   | api, microservices |
+| `IMMICH_HELMET_FILE`                | Path to a json file with [helmet](https://www.npmjs.com/package/helmet) options. Set to `false` to disable. Set to `true` to use `server/helmet.json`. |           `false`            | server                   | api, microservices |
+| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                                                                                        |           `false`            | server, machine learning |                    |
+| `CPU_CORES`                         | Number of cores available to the Immich server                                                                                                         | auto-detected CPU core count | server                   |                    |
+| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                                                                              |            `8081`            | server                   | api                |
+| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                                                                              |            `8082`            | server                   | microservices      |
+| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                                                                                    |                              | server                   | microservices      |
+| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                                                                                     |                              | server                   | api                |
+| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                                                                               |                              | server                   | api, microservices |
+| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                                                                               |            `true`            | server                   | api                |

 \*1: `TZ` should be set to a `TZ identifier` from [this list][tz-list]. For example, `TZ="Etc/UTC"`.
 `TZ` is used by `exiftool` as a fallback in case the timezone cannot be determined from the image metadata. It is also used for logfile timestamps and cron job execution.
@@ -58,6 +58,6 @@
    "node": ">=20"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -1,7 +1,7 @@
 [
  {
-    "label": "v2.6.2",
-    "url": "https://docs.v2.6.2.archive.immich.app"
+    "label": "v2.6.3",
+    "url": "https://docs.v2.6.3.archive.immich.app"
  },
  {
    "label": "v2.5.6",
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "immich-e2e",
-  "version": "2.6.2",
+  "version": "2.6.3",
  "description": "",
  "main": "index.js",
  "type": "module",
@@ -32,7 +32,7 @@
    "@playwright/test": "^1.44.1",
    "@socket.io/component-emitter": "^3.1.2",
    "@types/luxon": "^3.4.2",
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "@types/pg": "^8.15.1",
    "@types/pngjs": "^6.0.4",
    "@types/supertest": "^6.0.2",
@@ -50,6 +50,7 @@
    "prettier-plugin-organize-imports": "^4.0.0",
    "sharp": "^0.34.5",
    "socket.io-client": "^4.7.4",
+    "structured-headers": "^2.0.2",
    "supertest": "^7.0.0",
    "typescript": "^5.3.3",
    "typescript-eslint": "^8.28.0",
@@ -58,6 +59,6 @@
    "vitest": "^4.0.0"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -0,0 +1,651 @@
+import { LoginResponseDto } from '@immich/sdk';
+import { createUserDto, uuidDto } from 'src/fixtures';
+import { errorDto } from 'src/responses';
+import { app, utils } from 'src/utils';
+import request from 'supertest';
+import { beforeAll, beforeEach, describe, expect, it } from 'vitest';
+
+describe('/duplicates', () => {
+  let admin: LoginResponseDto;
+  let user1: LoginResponseDto;
+  let user2: LoginResponseDto;
+
+  beforeAll(async () => {
+    await utils.resetDatabase();
+
+    admin = await utils.adminSetup();
+
+    [user1, user2] = await Promise.all([
+      utils.userSetup(admin.accessToken, createUserDto.user1),
+      utils.userSetup(admin.accessToken, createUserDto.user2),
+    ]);
+  });
+
+  beforeEach(async () => {
+    // Reset assets, albums, tags, and stacks between tests to ensure clean state for repeated test runs
+    // Note: We don't reset users since they're set up once in beforeAll
+    // Stack must be reset before asset due to foreign key constraint
+    await utils.resetDatabase(['stack', 'asset', 'album', 'tag']);
+  });
+
+  describe('GET /duplicates', () => {
+    it('should return empty array when no duplicates', async () => {
+      const { status, body } = await request(app)
+        .get('/duplicates')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual([]);
+    });
+
+    it('should return duplicate groups with suggestedKeepAssetIds', async () => {
+      // Create assets with different file sizes for duplicate detection
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Manually set duplicateId on both assets to create a duplicate group
+      const duplicateId = '00000000-0000-4000-8000-000000000001';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .get('/duplicates')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual([
+        {
+          duplicateId,
+          assets: expect.arrayContaining([
+            expect.objectContaining({ id: asset1.id }),
+            expect.objectContaining({ id: asset2.id }),
+          ]),
+          suggestedKeepAssetIds: expect.any(Array),
+        },
+      ]);
+      expect(body[0].suggestedKeepAssetIds.length).toBe(1);
+    });
+  });
+
+  describe('POST /duplicates/resolve', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .send({
+          groups: [{ duplicateId: uuidDto.dummy, keepAssetIds: [], trashAssetIds: [] }],
+        });
+
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should return failure for non-existent duplicate group', async () => {
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId: uuidDto.dummy, keepAssetIds: [], trashAssetIds: [] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        status: 'COMPLETED',
+        results: [
+          {
+            duplicateId: uuidDto.dummy,
+            status: 'FAILED',
+            reason: expect.stringContaining('not found or access denied'),
+          },
+        ],
+      });
+    });
+
+    it('should resolve duplicate group with keepers', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000002';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        status: 'COMPLETED',
+        results: [
+          {
+            duplicateId,
+            status: 'SUCCESS',
+          },
+        ],
+      });
+
+      // Verify side effects: duplicateId cleared on kept asset
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.duplicateId).toBeNull();
+
+      // Verify side effects: trashed asset is trashed and duplicateId cleared
+      const trashedAsset = await utils.getAssetInfo(user1.accessToken, asset2.id);
+      expect(trashedAsset.isTrashed).toBe(true);
+      expect(trashedAsset.duplicateId).toBeNull();
+    });
+
+    it('should reject when keepAssetIds and trashAssetIds overlap', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000003';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset1.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('disjoint');
+    });
+
+    it('should require keepAssetIds when partially trashing', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000004';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [], trashAssetIds: [asset1.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('must cover all assets');
+    });
+
+    it('should reject partial resolution (not all assets covered)', async () => {
+      const [asset1, asset2, asset3] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000010';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset3.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('must cover all assets');
+    });
+
+    it('should reject asset not in duplicate group', async () => {
+      const [asset1, asset2, outsideAsset] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000011';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [outsideAsset.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('not a member of duplicate group');
+    });
+
+    it('should allow trash-all without keepers', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000012';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [], trashAssetIds: [asset1.id, asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        status: 'COMPLETED',
+        results: [
+          {
+            duplicateId,
+            status: 'SUCCESS',
+          },
+        ],
+      });
+
+      // Verify both assets are trashed
+      const [asset1Info, asset2Info] = await Promise.all([
+        utils.getAssetInfo(user1.accessToken, asset1.id),
+        utils.getAssetInfo(user1.accessToken, asset2.id),
+      ]);
+
+      expect(asset1Info.isTrashed).toBe(true);
+      expect(asset1Info.duplicateId).toBeNull();
+      expect(asset2Info.isTrashed).toBe(true);
+      expect(asset2Info.duplicateId).toBeNull();
+    });
+
+    it('should reject cross-user duplicate group access', async () => {
+      const asset1 = await utils.createAsset(user1.accessToken);
+      const asset2 = await utils.createAsset(user2.accessToken);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000013';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user2.accessToken, asset2.id, duplicateId);
+
+      // User1 tries to resolve a group containing user2's asset
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('not a member of duplicate group');
+    });
+
+    it('should synchronize favorites when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Mark one asset as favorite
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], isFavorite: true });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000020';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify favorite was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.isFavorite).toBe(true);
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize visibility when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Archive one asset
+      await utils.archiveAssets(user1.accessToken, [asset2.id]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000021';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify visibility was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.visibility).toBe('archive');
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize rating when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Set rating on one asset
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], rating: 5 });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000022';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify rating was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.exifInfo?.rating).toBe(5);
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize description when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Set description on one asset
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], description: 'Test description for duplicate' });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000023';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify description was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.exifInfo?.description).toBe('Test description for duplicate');
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize location when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Set location on one asset
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], latitude: 40.7128, longitude: -74.006 });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000024';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify location was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.exifInfo?.latitude).toBe(40.7128);
+      expect(keptAsset.exifInfo?.longitude).toBe(-74.006);
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize albums when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Create albums and add assets to different albums
+      const album1 = await utils.createAlbum(user1.accessToken, {
+        albumName: 'Album 1',
+        assetIds: [asset1.id],
+      });
+      const album2 = await utils.createAlbum(user1.accessToken, {
+        albumName: 'Album 2',
+        assetIds: [asset2.id],
+      });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000025';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify keeper is now in both albums
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.duplicateId).toBeNull();
+
+      // Check albums directly
+      const { status: album1Status, body: album1Body } = await request(app)
+        .get(`/albums/${album1.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      const { status: album2Status, body: album2Body } = await request(app)
+        .get(`/albums/${album2.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(album1Status).toBe(200);
+      expect(album2Status).toBe(200);
+      expect(album1Body.assets.map((a: any) => a.id)).toContain(asset1.id);
+      expect(album2Body.assets.map((a: any) => a.id)).toContain(asset1.id);
+    });
+
+    it('should synchronize tags when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Wait for metadata extraction to complete before adding tags
+      // Otherwise, metadata jobs will race and overwrite our tags
+      await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+
+      // Create tags and tag assets differently
+      const tags = await utils.upsertTags(user1.accessToken, ['tag1', 'tag2']);
+      await utils.tagAssets(user1.accessToken, tags[0].id, [asset1.id]);
+      await utils.tagAssets(user1.accessToken, tags[1].id, [asset2.id]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000026';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify keeper has both tags
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.duplicateId).toBeNull();
+      expect(keptAsset.tags).toBeDefined();
+      const tagIds = keptAsset.tags?.map((t) => t.id) || [];
+      expect(tagIds).toContain(tags[0].id);
+      expect(tagIds).toContain(tags[1].id);
+    });
+
+    it('should handle batch resolve with mixed success and failure', async () => {
+      // Create first group that will succeed
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+      const duplicateId1 = '00000000-0000-4000-8000-000000000027';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId1);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId1);
+
+      // Create second group with non-existent duplicate ID (will fail)
+      const fakeId = '00000000-0000-4000-8000-000000000099';
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [
+            { duplicateId: duplicateId1, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] },
+            { duplicateId: fakeId, keepAssetIds: [], trashAssetIds: [] },
+          ],
+        });
+
+      expect(status).toBe(200);
+      expect(body.status).toBe('COMPLETED');
+      expect(body.results).toHaveLength(2);
+
+      // First group should succeed
+      expect(body.results[0].duplicateId).toBe(duplicateId1);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Second group should fail
+      expect(body.results[1].duplicateId).toBe(fakeId);
+      expect(body.results[1].status).toBe('FAILED');
+      expect(body.results[1].reason).toContain('not found or access denied');
+
+      // Verify first group was actually resolved despite second failure
+      const asset1Info = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(asset1Info.duplicateId).toBeNull();
+      const asset2Info = await utils.getAssetInfo(user1.accessToken, asset2.id);
+      expect(asset2Info.isTrashed).toBe(true);
+    });
+
+    it('should trash assets when trash is enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000028';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      // Ensure trash is enabled (default)
+      const config = await utils.getSystemConfig(admin.accessToken);
+      expect(config.trash.enabled).toBe(true);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify asset is trashed (not deleted)
+      const trashedAsset = await utils.getAssetInfo(user1.accessToken, asset2.id);
+      expect(trashedAsset.isTrashed).toBe(true);
+    });
+
+    it('should delete assets when trash is disabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000029';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      // Disable trash
+      await request(app)
+        .put('/system-config')
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send({
+          trash: { enabled: false, days: 30 },
+        });
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Asset should be marked as deleted (force delete)
+      const { status: getStatus } = await request(app)
+        .get(`/assets/${asset2.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      // Asset should still be accessible (soft deleted) but marked as deleted
+      expect(getStatus).toBe(200);
+
+      // Re-enable trash for other tests
+      await utils.resetAdminConfig(admin.accessToken);
+    });
+  });
+});
@@ -2,6 +2,8 @@ export const uuidDto = {
  invalid: 'invalid-uuid',
  // valid uuid v4
  notFound: '00000000-0000-4000-a000-000000000000',
+  dummy: '00000000-0000-4000-a000-000000000001',
+  dummy2: '00000000-0000-4000-a000-000000000002',
 };

 const adminLoginDto = {
@@ -10,7 +10,9 @@ describe('/admin/database-backups', () => {

  beforeAll(async () => {
    await utils.resetDatabase();
-    admin = await utils.adminSetup();
+    admin = await utils.adminSetup({
+      onboarding: false,
+    });
    await utils.resetBackups(admin.accessToken);
  });

@@ -94,7 +96,9 @@ describe('/admin/database-backups', () => {
        ({ status, body }) => status === 200 && !body.maintenanceMode,
      );

-      admin = await utils.adminSetup();
+      admin = await utils.adminSetup({
+        onboarding: false,
+      });
    });

    it.sequential('should not work when the server is configured', async () => {
@@ -1,6 +1,7 @@
 import { LoginResponseDto } from '@immich/sdk';
-import { test } from '@playwright/test';
-import { utils } from 'src/utils';
+import { expect, test } from '@playwright/test';
+import { readFileSync } from 'node:fs';
+import { testAssetDir, utils } from 'src/utils';

 test.describe('Album', () => {
  let admin: LoginResponseDto;
@@ -22,4 +23,41 @@ test.describe('Album', () => {
    await page.reload();
    await page.getByRole('button', { name: 'Select photos' }).waitFor();
  });
+
+  test('should keep map view open after viewing an asset from the map and going back', async ({ context, page }) => {
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    const imagePath = `${testAssetDir}/metadata/gps-position/thompson-springs.jpg`;
+    const mapAsset = await utils.createAsset(admin.accessToken, {
+      assetData: {
+        bytes: readFileSync(imagePath),
+        filename: 'thompson-springs.jpg',
+      },
+    });
+
+    await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+
+    const mapAlbum = await utils.createAlbum(admin.accessToken, {
+      albumName: 'Map Test Album',
+      assetIds: [mapAsset.id],
+    });
+
+    await page.goto(`/albums/${mapAlbum.id}`);
+    const mapButton = page.getByRole('button', { name: 'Map' });
+    await expect(mapButton).toBeVisible();
+    await mapButton.click();
+
+    const mapModal = page.getByRole('dialog');
+    await expect(mapModal).toBeVisible();
+
+    const mapMarker = mapModal.getByRole('img', { name: /Map marker/i }).first();
+    await expect(mapMarker).toBeVisible();
+    await mapMarker.click();
+
+    await page.waitForSelector('#immich-asset-viewer');
+    await page.getByRole('button', { name: 'Go back' }).click();
+
+    await expect(page.locator('#immich-asset-viewer')).not.toBeVisible();
+    await expect(mapModal).toBeVisible();
+  });
 });
@@ -510,6 +510,9 @@ export const utils = {
  createStack: (accessToken: string, assetIds: string[]) =>
    createStack({ stackCreateDto: { assetIds } }, { headers: asBearerAuth(accessToken) }),

+  setAssetDuplicateId: (accessToken: string, assetId: string, duplicateId: string | null) =>
+    updateAssets({ assetBulkUpdateDto: { ids: [assetId], duplicateId } }, { headers: asBearerAuth(accessToken) }),
+
  upsertTags: (accessToken: string, tags: string[]) =>
    upsertTags({ tagUpsertDto: { tags } }, { headers: asBearerAuth(accessToken) }),

@@ -697,6 +700,16 @@ export const utils = {
      }
    }
  },
+
+  downloadAsset: async (accessToken: string, id: string) => {
+    const downloadedRes = await fetch(`${baseUrl}/api/assets/${id}/original`, {
+      headers: asBearerAuth(accessToken),
+    });
+    if (!downloadedRes.ok) {
+      throw new Error(`Failed to download asset ${id}: ${downloadedRes.status} ${await downloadedRes.text()}`);
+    }
+    return await downloadedRes.blob();
+  },
 };

 utils.initSdk();
@@ -881,7 +881,7 @@
  "daily_title_text_date": "E, MMM dd",
  "daily_title_text_date_year": "E, MMM dd, yyyy",
  "dark": "Dark",
-  "dark_theme": "Toggle dark theme",
+  "dark_theme": "Switch to dark theme",
  "date": "Date",
  "date_after": "Date after",
  "date_and_time": "Date and Time",
@@ -892,10 +892,8 @@
  "day": "Day",
  "days": "Days",
  "deduplicate_all": "Deduplicate All",
-  "deduplication_criteria_1": "Image size in bytes",
-  "deduplication_criteria_2": "Count of EXIF data",
-  "deduplication_info": "Deduplication Info",
-  "deduplication_info_description": "To automatically preselect assets and remove duplicates in bulk, we look at:",
+  "default_locale": "Default Locale",
+  "default_locale_description": "Format dates and numbers based on your browser locale",
  "delete": "Delete",
  "delete_action_confirmation_message": "Are you sure you want to delete this asset? This action will move the asset to the server's trash and will prompt if you want to delete it locally",
  "delete_action_prompt": "{count} deleted",
@@ -971,7 +969,7 @@
  "downloading_media": "Downloading media",
  "drop_files_to_upload": "Drop files anywhere to upload",
  "duplicates": "Duplicates",
-  "duplicates_description": "Resolve each group by indicating which, if any, are duplicates",
+  "duplicates_description": "Resolve each group by indicating which, if any, are duplicates.",
  "duration": "Duration",
  "edit": "Edit",
  "edit_album": "Edit album",
@@ -1388,9 +1386,11 @@
  "library_page_sort_title": "Album title",
  "licenses": "Licenses",
  "light": "Light",
+  "light_theme": "Switch to light theme",
  "like": "Like",
  "like_deleted": "Like deleted",
  "link_motion_video": "Link motion video",
+  "link_to_docs": "For more information, refer to the <link>documentation</link>.",
  "link_to_oauth": "Link to OAuth",
  "linked_oauth_account": "Linked OAuth account",
  "list": "List",
@@ -2395,6 +2395,7 @@
  "viewer_remove_from_stack": "Remove from Stack",
  "viewer_stack_use_as_main_asset": "Use as Main Asset",
  "viewer_unstack": "Un-Stack",
+  "visibility": "Visibility",
  "visibility_changed": "Visibility changed for {count, plural, one {# person} other {# people}}",
  "visual": "Visual",
  "visual_builder": "Visual builder",
@@ -1,6 +1,6 @@
 {
  "name": "immich-i18n",
-  "version": "2.6.2",
+  "version": "2.6.3",
  "private": true,
  "scripts": {
    "format": "prettier --cache --check .",
@@ -1,6 +1,6 @@
 [project]
 name = "immich-ml"
-version = "2.6.2"
+version = "2.6.3"
 description = ""
 authors = [{ name = "Hau Tran", email = "alex.tran1502@gmail.com" }]
 requires-python = ">=3.11,<4.0"
@@ -898,7 +898,7 @@ wheels = [

 [[package]]
 name = "immich-ml"
-version = "2.6.2"
+version = "2.6.3"
 source = { editable = "." }
 dependencies = [
    { name = "aiocache" },
@@ -14,9 +14,9 @@ config_roots = [
 ]

 [tools]
-node = "24.13.1"
+node = "24.14.0"
 flutter = "3.35.7"
-pnpm = "10.30.3"
+pnpm = "10.32.1"
 terragrunt = "0.99.4"
 opentofu = "1.11.5"
 java = "21.0.2"
@@ -35,8 +35,8 @@ platform :android do
      task: 'bundle', 
      build_type: 'Release',
      properties: {
-        "android.injected.version.code" => 3040,
-        "android.injected.version.name" => "2.6.2",
+        "android.injected.version.code" => 3041,
+        "android.injected.version.name" => "2.6.3",
      }
    )
    upload_to_play_store(skip_upload_apk: true, skip_upload_images: true, skip_upload_screenshots: true, aab: '../build/app/outputs/bundle/release/app-release.aab')
@@ -80,7 +80,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.6.2</string>
+	<string>2.6.3</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleURLTypes</key>
@@ -207,6 +207,11 @@ class DriftMemoryPage extends HookConsumerWidget {
                WidgetsBinding.instance.addPostFrameCallback((_) {
                  DriftMemoryPage.setMemory(ref, memories[pageNumber]);
                });
+
+                // Update currentAsset to the first asset of the new memory
+                if (memories[pageNumber].assets.isNotEmpty) {
+                  currentAsset.value = memories[pageNumber].assets.first;
+                }
              }

              currentAssetPage.value = 0;
@@ -71,16 +71,13 @@ class ViewerBottomBar extends ConsumerWidget {
                ),
                child: SafeArea(
                  top: false,
-                  child: Padding(
-                    padding: const EdgeInsets.only(top: 16),
-                    child: Column(
-                      mainAxisSize: MainAxisSize.min,
-                      children: [
-                        if (asset.isVideo) VideoControls(videoPlayerName: asset.heroTag),
-                        if (!isReadonlyModeEnabled)
-                          Row(mainAxisAlignment: MainAxisAlignment.spaceEvenly, children: actions),
-                      ],
-                    ),
+                  child: Column(
+                    mainAxisSize: MainAxisSize.min,
+                    children: [
+                      if (asset.isVideo) VideoControls(videoPlayerName: asset.heroTag),
+                      if (!isReadonlyModeEnabled)
+                        Row(mainAxisAlignment: MainAxisAlignment.spaceEvenly, children: actions),
+                    ],
                  ),
                ),
              ),
@@ -3,24 +3,21 @@ import 'dart:ui' as ui;

 import 'package:flutter/foundation.dart' show InformationCollector;
 import 'package:flutter/painting.dart';
+import 'package:immich_mobile/presentation/widgets/images/cache_aware_listener_tracker.mixin.dart';

 /// A [MultiFrameImageStreamCompleter] with support for listener tracking
 /// which makes resource cleanup possible when no longer needed.
 /// Codec is disposed through the MultiFrameImageStreamCompleter's internals onDispose method
-class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter {
-  void Function()? _onLastListenerRemoved;
-  int _listenerCount = 0;
-  // True once any image or the codec has been provided.
-  // Until then the image cache holds one listener, so "last real listener gone"
-  // is _listenerCount == 1, not 0.
-  bool didProvideImage = false;
-
+class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter with CacheAwareListenerTrackerMixin {
  AnimatedImageStreamCompleter._({
    required super.codec,
    required super.scale,
+    required bool hadInitialImage,
    super.informationCollector,
    void Function()? onLastListenerRemoved,
-  }) : _onLastListenerRemoved = onLastListenerRemoved;
+  }) {
+    setupListenerTracking(hadInitialImage: hadInitialImage, onLastListenerRemoved: onLastListenerRemoved);
+  }

  factory AnimatedImageStreamCompleter({
    required Stream<Object> stream,
@@ -33,23 +30,21 @@ class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter {
    final self = AnimatedImageStreamCompleter._(
      codec: codecCompleter.future,
      scale: scale,
+      hadInitialImage: initialImage != null,
      informationCollector: informationCollector,
      onLastListenerRemoved: onLastListenerRemoved,
    );

    if (initialImage != null) {
-      self.didProvideImage = true;
      self.setImage(initialImage);
    }

    stream.listen(
      (item) {
        if (item is ImageInfo) {
-          self.didProvideImage = true;
          self.setImage(item);
        } else if (item is ui.Codec) {
          if (!codecCompleter.isCompleted) {
-            self.didProvideImage = true;
            codecCompleter.complete(item);
          }
        }
@@ -70,27 +65,4 @@ class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter {

    return self;
  }
-
-  @override
-  void addListener(ImageStreamListener listener) {
-    super.addListener(listener);
-    _listenerCount++;
-  }
-
-  @override
-  void removeListener(ImageStreamListener listener) {
-    super.removeListener(listener);
-    _listenerCount--;
-
-    final bool onlyCacheListenerLeft = _listenerCount == 1 && !didProvideImage;
-    final bool noListenersAfterCodec = _listenerCount == 0 && didProvideImage;
-
-    if (onlyCacheListenerLeft || noListenersAfterCodec) {
-      final onLastListenerRemoved = _onLastListenerRemoved;
-      if (onLastListenerRemoved != null) {
-        _onLastListenerRemoved = null;
-        onLastListenerRemoved();
-      }
-    }
-  }
 }
@@ -0,0 +1,84 @@
+import 'package:flutter/painting.dart';
+
+/// Tracks listeners on an [ImageStreamCompleter] to safely cancel in-flight
+/// network requests without interfering with [ImageCache] internals.
+///
+/// ### Problem
+/// Cancelling fetches when the listener count drops to 1 (cache only) or 0
+/// is unsafe due to three framework behaviours:
+///
+/// 1. **Memory-pressure eviction** — `ImageCache.clear()` removes the cache
+///    listener while UI widgets still need the image. A count-based check
+///    would cancel the active fetch, leaving the UI with no image.
+/// 2. **Synchronous detach during `putIfAbsent`** — When an `initialImage`
+///    is provided, the cache attaches, receives the frame, and detaches
+///    synchronously *before* the UI widget can attach. Count reaches 0 and
+///    would trigger a false cancel.
+/// 3. **Listener misidentification** — After the cache detaches (via 1 or 2),
+///    the next UI listener could be mistaken for the cache listener, causing
+///    incorrect cancellations when that widget is disposed.
+///
+/// ### Solution: First-Listener Heuristic
+/// The cache is always the first listener attached (via `putIfAbsent`). This
+/// mixin records that identity once and uses it for all subsequent decisions:
+///
+/// * **Identity locking** — The first listener is assumed to be the cache.
+///   Once identified, `_hasIdentifiedCacheListener` prevents reassignment.
+/// * **Targeted cancellation** — Cancel only when the identified cache
+///   listener is the sole remaining listener and no image has been delivered.
+/// * **Sync-removal bypass** — When `hadInitialImage` is set, the first
+///   synchronous removal of the cache listener is ignored so the fetch
+///   survives until the UI attaches.
+mixin CacheAwareListenerTrackerMixin on ImageStreamCompleter {
+  void Function()? _onLastListenerRemoved;
+  int _listenerCount = 0;
+  bool _hadInitialImage = false;
+  bool _hasIgnoredFirstSyncRemoval = false;
+  ImageStreamListener? _cacheListener;
+  bool _hasIdentifiedCacheListener = false;
+
+  /// Initializes the tracking state. Must be called in the subclass constructor.
+  void setupListenerTracking({required bool hadInitialImage, void Function()? onLastListenerRemoved}) {
+    _hadInitialImage = hadInitialImage;
+    _onLastListenerRemoved = onLastListenerRemoved;
+  }
+
+  @override
+  void addListener(ImageStreamListener listener) {
+    if (!_hasIdentifiedCacheListener) {
+      _hasIdentifiedCacheListener = true;
+      _cacheListener = listener;
+    }
+
+    _listenerCount++;
+    super.addListener(listener);
+  }
+
+  @override
+  void removeListener(ImageStreamListener listener) {
+    super.removeListener(listener);
+    _listenerCount--;
+
+    final bool isCacheListener = listener == _cacheListener;
+    if (isCacheListener) {
+      _cacheListener = null;
+    }
+
+    if (_hadInitialImage && !_hasIgnoredFirstSyncRemoval && isCacheListener) {
+      _hasIgnoredFirstSyncRemoval = true;
+      return;
+    }
+
+    final bool onlyCacheListenerLeft = _listenerCount == 1 && _cacheListener != null;
+
+    final bool completelyAbandoned = _listenerCount == 0;
+
+    if (onlyCacheListenerLeft || completelyAbandoned) {
+      final onLastListenerRemoved = _onLastListenerRemoved;
+      if (onLastListenerRemoved != null) {
+        _onLastListenerRemoved = null;
+        onLastListenerRemoved();
+      }
+    }
+  }
+}
@@ -6,14 +6,10 @@ import 'dart:async';

 import 'package:flutter/foundation.dart';
 import 'package:flutter/painting.dart';
+import 'package:immich_mobile/presentation/widgets/images/cache_aware_listener_tracker.mixin.dart';

 /// An ImageStreamCompleter with support for loading multiple images.
-class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter {
-  void Function()? _onLastListenerRemoved;
-  int _listenerCount = 0;
-  // True once setImage() has been called at least once.
-  bool didProvideImage = false;
-
+class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter with CacheAwareListenerTrackerMixin {
  /// The constructor to create an OneFramePlaceholderImageStreamCompleter. The [images]
  /// should be the primary images to display (typically asynchronously as they load).
  /// The [initialImage] is an optional image that will be emitted synchronously
@@ -24,14 +20,14 @@ class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter {
    InformationCollector? informationCollector,
    void Function()? onLastListenerRemoved,
  }) {
+    setupListenerTracking(hadInitialImage: initialImage != null, onLastListenerRemoved: onLastListenerRemoved);
+
    if (initialImage != null) {
-      didProvideImage = true;
      setImage(initialImage);
    }
-    _onLastListenerRemoved = onLastListenerRemoved;
+
    images.listen(
      (image) {
-        didProvideImage = true;
        setImage(image);
      },
      onError: (Object error, StackTrace stack) {
@@ -45,26 +41,4 @@ class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter {
      },
    );
  }
-
-  @override
-  void addListener(ImageStreamListener listener) {
-    super.addListener(listener);
-    _listenerCount = _listenerCount + 1;
-  }
-
-  @override
-  void removeListener(ImageStreamListener listener) {
-    super.removeListener(listener);
-    _listenerCount = _listenerCount - 1;
-
-    final bool onlyCacheListenerLeft = _listenerCount == 1 && !didProvideImage;
-    final bool noListenersAfterImage = _listenerCount == 0 && didProvideImage;
-
-    final onLastListenerRemoved = _onLastListenerRemoved;
-
-    if (onLastListenerRemoved != null && (noListenersAfterImage || onlyCacheListenerLeft)) {
-      _onLastListenerRemoved = null;
-      onLastListenerRemoved();
-    }
-  }
 }
@@ -109,7 +109,7 @@ class DownloadService {
      return result != null;
    } on PlatformException catch (error, stack) {
      // Handle saving MotionPhotos on iOS
-      if (error.code == 'PHPhotosErrorDomain (-1)') {
+      if (error.code.startsWith('PHPhotosErrorDomain')) {
        final result = await _fileMediaRepository.saveImageWithFile(imageFilePath, title: task.filename);
        return result != null;
      }
@@ -19,8 +19,16 @@ abstract final class DynamicTheme {
        // Some palettes do not generate surface container colors accurately,
        // so we regenerate all colors using the primary color
        _theme = ImmichTheme(
-          light: ColorScheme.fromSeed(seedColor: primaryColor, brightness: Brightness.light),
-          dark: ColorScheme.fromSeed(seedColor: primaryColor, brightness: Brightness.dark),
+          light: ColorScheme.fromSeed(
+            seedColor: primaryColor,
+            brightness: Brightness.light,
+            dynamicSchemeVariant: DynamicSchemeVariant.fidelity,
+          ),
+          dark: ColorScheme.fromSeed(
+            seedColor: primaryColor,
+            brightness: Brightness.dark,
+            dynamicSchemeVariant: DynamicSchemeVariant.fidelity,
+          ),
        );
      }
    } catch (error) {
@@ -62,6 +62,7 @@ ThemeData getThemeData({required ColorScheme colorScheme, required Locale locale
    ),
    chipTheme: const ChipThemeData(side: BorderSide.none),
    sliderTheme: const SliderThemeData(
+      trackHeight: 12,
      // ignore: deprecated_member_use
      year2023: false,
    ),
@@ -66,9 +66,9 @@ class VideoControls extends HookConsumerWidget {
    final isLoaded = duration != Duration.zero;

    return Padding(
-      padding: const EdgeInsets.all(24),
+      padding: const EdgeInsets.only(left: 16, right: 16, bottom: 12),
      child: Column(
-        spacing: 16,
+        spacing: 4,
        children: [
          Row(
            children: [
@@ -77,8 +77,8 @@ class VideoControls extends HookConsumerWidget {
                padding: const EdgeInsets.all(12),
                constraints: const BoxConstraints(),
                icon: isFinished
-                    ? const Icon(Icons.replay, color: Colors.white, size: 32, shadows: _controlShadows)
-                    : AnimatedPlayPause(color: Colors.white, size: 32, playing: isPlaying, shadows: _controlShadows),
+                    ? const Icon(Icons.replay, color: Colors.white, shadows: _controlShadows)
+                    : AnimatedPlayPause(color: Colors.white, playing: isPlaying, shadows: _controlShadows),
                onPressed: () => _toggle(ref, isCasting),
              ),
              const Spacer(),
@@ -91,7 +91,7 @@ class VideoControls extends HookConsumerWidget {
                  shadows: _controlShadows,
                ),
              ),
-              const SizedBox(width: 16),
+              const SizedBox(width: 12),
            ],
          ),
          Slider(
@@ -3,7 +3,7 @@ Immich API

 This Dart package is automatically generated by the [OpenAPI Generator](https://openapi-generator.tech) project:

- API version: 2.6.2
+- API version: 2.6.3
 - Generator version: 7.8.0
 - Build package: org.openapitools.codegen.languages.DartClientCodegen

@@ -156,6 +156,7 @@ Class | Method | HTTP request | Description
 *DuplicatesApi* | [**deleteDuplicate**](doc//DuplicatesApi.md#deleteduplicate) | **DELETE** /duplicates/{id} | Delete a duplicate
 *DuplicatesApi* | [**deleteDuplicates**](doc//DuplicatesApi.md#deleteduplicates) | **DELETE** /duplicates | Delete duplicates
 *DuplicatesApi* | [**getAssetDuplicates**](doc//DuplicatesApi.md#getassetduplicates) | **GET** /duplicates | Retrieve duplicates
+*DuplicatesApi* | [**resolveDuplicates**](doc//DuplicatesApi.md#resolveduplicates) | **POST** /duplicates/resolve | Resolve duplicate groups
 *FacesApi* | [**createFace**](doc//FacesApi.md#createface) | **POST** /faces | Create a face
 *FacesApi* | [**deleteFace**](doc//FacesApi.md#deleteface) | **DELETE** /faces/{id} | Delete a face
 *FacesApi* | [**getFaces**](doc//FacesApi.md#getfaces) | **GET** /faces | Retrieve faces for asset
@@ -293,6 +294,11 @@ Class | Method | HTTP request | Description
 *TrashApi* | [**emptyTrash**](doc//TrashApi.md#emptytrash) | **POST** /trash/empty | Empty trash
 *TrashApi* | [**restoreAssets**](doc//TrashApi.md#restoreassets) | **POST** /trash/restore/assets | Restore assets
 *TrashApi* | [**restoreTrash**](doc//TrashApi.md#restoretrash) | **POST** /trash/restore | Restore trash
+*UploadApi* | [**cancelUpload**](doc//UploadApi.md#cancelupload) | **DELETE** /upload/{id} | 
+*UploadApi* | [**getUploadOptions**](doc//UploadApi.md#getuploadoptions) | **OPTIONS** /upload | 
+*UploadApi* | [**getUploadStatus**](doc//UploadApi.md#getuploadstatus) | **HEAD** /upload/{id} | 
+*UploadApi* | [**resumeUpload**](doc//UploadApi.md#resumeupload) | **PATCH** /upload/{id} | 
+*UploadApi* | [**startUpload**](doc//UploadApi.md#startupload) | **POST** /upload | 
 *UsersApi* | [**createProfileImage**](doc//UsersApi.md#createprofileimage) | **POST** /users/profile-image | Create user profile image
 *UsersApi* | [**deleteProfileImage**](doc//UsersApi.md#deleteprofileimage) | **DELETE** /users/profile-image | Delete user profile image
 *UsersApi* | [**deleteUserLicense**](doc//UsersApi.md#deleteuserlicense) | **DELETE** /users/me/license | Delete user product key
@@ -422,6 +428,8 @@ Class | Method | HTTP request | Description
 - [DownloadResponseDto](doc//DownloadResponseDto.md)
 - [DownloadUpdate](doc//DownloadUpdate.md)
 - [DuplicateDetectionConfig](doc//DuplicateDetectionConfig.md)
+ - [DuplicateResolveDto](doc//DuplicateResolveDto.md)
+ - [DuplicateResolveGroupDto](doc//DuplicateResolveGroupDto.md)
 - [DuplicateResponseDto](doc//DuplicateResponseDto.md)
 - [EmailNotificationsResponse](doc//EmailNotificationsResponse.md)
 - [EmailNotificationsUpdate](doc//EmailNotificationsUpdate.md)
@@ -655,6 +663,8 @@ Class | Method | HTTP request | Description
 - [UpdateAlbumUserDto](doc//UpdateAlbumUserDto.md)
 - [UpdateAssetDto](doc//UpdateAssetDto.md)
 - [UpdateLibraryDto](doc//UpdateLibraryDto.md)
+ - [UploadBackupConfig](doc//UploadBackupConfig.md)
+ - [UploadOkDto](doc//UploadOkDto.md)
 - [UsageByUserDto](doc//UsageByUserDto.md)
 - [UserAdminCreateDto](doc//UserAdminCreateDto.md)
 - [UserAdminDeleteDto](doc//UserAdminDeleteDto.md)
@@ -63,6 +63,7 @@ part 'api/system_metadata_api.dart';
 part 'api/tags_api.dart';
 part 'api/timeline_api.dart';
 part 'api/trash_api.dart';
+part 'api/upload_api.dart';
 part 'api/users_api.dart';
 part 'api/users_admin_api.dart';
 part 'api/views_api.dart';
@@ -161,6 +162,8 @@ part 'model/download_response.dart';
 part 'model/download_response_dto.dart';
 part 'model/download_update.dart';
 part 'model/duplicate_detection_config.dart';
+part 'model/duplicate_resolve_dto.dart';
+part 'model/duplicate_resolve_group_dto.dart';
 part 'model/duplicate_response_dto.dart';
 part 'model/email_notifications_response.dart';
 part 'model/email_notifications_update.dart';
@@ -394,6 +397,8 @@ part 'model/update_album_dto.dart';
 part 'model/update_album_user_dto.dart';
 part 'model/update_asset_dto.dart';
 part 'model/update_library_dto.dart';
+part 'model/upload_backup_config.dart';
+part 'model/upload_ok_dto.dart';
 part 'model/usage_by_user_dto.dart';
 part 'model/user_admin_create_dto.dart';
 part 'model/user_admin_delete_dto.dart';
@@ -163,4 +163,63 @@ class DuplicatesApi {
    }
    return null;
  }
+
+  /// Resolve duplicate groups
+  ///
+  /// Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.
+  ///
+  /// Note: This method returns the HTTP [Response].
+  ///
+  /// Parameters:
+  ///
+  /// * [DuplicateResolveDto] duplicateResolveDto (required):
+  Future<Response> resolveDuplicatesWithHttpInfo(DuplicateResolveDto duplicateResolveDto,) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/duplicates/resolve';
+
+    // ignore: prefer_final_locals
+    Object? postBody = duplicateResolveDto;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>['application/json'];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'POST',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Resolve duplicate groups
+  ///
+  /// Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.
+  ///
+  /// Parameters:
+  ///
+  /// * [DuplicateResolveDto] duplicateResolveDto (required):
+  Future<List<BulkIdResponseDto>?> resolveDuplicates(DuplicateResolveDto duplicateResolveDto,) async {
+    final response = await resolveDuplicatesWithHttpInfo(duplicateResolveDto,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      final responseBody = await _decodeBodyBytes(response);
+      return (await apiClient.deserializeAsync(responseBody, 'List<BulkIdResponseDto>') as List)
+        .cast<BulkIdResponseDto>()
+        .toList(growable: false);
+
+    }
+    return null;
+  }
 }
@@ -0,0 +1,359 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+
+class UploadApi {
+  UploadApi([ApiClient? apiClient]) : apiClient = apiClient ?? defaultApiClient;
+
+  final ApiClient apiClient;
+
+  /// Performs an HTTP 'DELETE /upload/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<Response> cancelUploadWithHttpInfo(String id, { String? key, String? slug, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'DELETE',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<void> cancelUpload(String id, { String? key, String? slug, }) async {
+    final response = await cancelUploadWithHttpInfo(id,  key: key, slug: slug, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
+
+  /// Performs an HTTP 'OPTIONS /upload' operation and returns the [Response].
+  Future<Response> getUploadOptionsWithHttpInfo() async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload';
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'OPTIONS',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  Future<void> getUploadOptions() async {
+    final response = await getUploadOptionsWithHttpInfo();
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
+
+  /// Performs an HTTP 'HEAD /upload/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<Response> getUploadStatusWithHttpInfo(String id, String uploadDraftInteropVersion, { String? key, String? slug, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    headerParams[r'upload-draft-interop-version'] = parameterToString(uploadDraftInteropVersion);
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'HEAD',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<void> getUploadStatus(String id, String uploadDraftInteropVersion, { String? key, String? slug, }) async {
+    final response = await getUploadStatusWithHttpInfo(id, uploadDraftInteropVersion,  key: key, slug: slug, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
+
+  /// Performs an HTTP 'PATCH /upload/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadComplete (required):
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] uploadOffset (required):
+  ///   Non-negative byte offset indicating the starting position of the data in the request body within the entire file.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<Response> resumeUploadWithHttpInfo(String contentLength, String id, String uploadComplete, String uploadDraftInteropVersion, String uploadOffset, { String? key, String? slug, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    headerParams[r'content-length'] = parameterToString(contentLength);
+    headerParams[r'upload-complete'] = parameterToString(uploadComplete);
+    headerParams[r'upload-draft-interop-version'] = parameterToString(uploadDraftInteropVersion);
+    headerParams[r'upload-offset'] = parameterToString(uploadOffset);
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'PATCH',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadComplete (required):
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] uploadOffset (required):
+  ///   Non-negative byte offset indicating the starting position of the data in the request body within the entire file.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<UploadOkDto?> resumeUpload(String contentLength, String id, String uploadComplete, String uploadDraftInteropVersion, String uploadOffset, { String? key, String? slug, }) async {
+    final response = await resumeUploadWithHttpInfo(contentLength, id, uploadComplete, uploadDraftInteropVersion, uploadOffset,  key: key, slug: slug, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UploadOkDto',) as UploadOkDto;
+    
+    }
+    return null;
+  }
+
+  /// Performs an HTTP 'POST /upload' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] reprDigest (required):
+  ///   RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.
+  ///
+  /// * [String] xImmichAssetData (required):
+  ///   RFC 9651 structured dictionary containing asset metadata with the following keys: - device-asset-id (string, required): Unique device asset identifier - device-id (string, required): Device identifier - file-created-at (string/date, required): ISO 8601 date string or Unix timestamp - file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp - filename (string, required): Original filename - is-favorite (boolean, optional): Favorite status - live-photo-video-id (string, optional): Live photo ID for assets from iOS devices - icloud-id (string, optional): iCloud identifier for assets from iOS devices
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  ///
+  /// * [String] uploadComplete:
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion:
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  Future<Response> startUploadWithHttpInfo(String contentLength, String reprDigest, String xImmichAssetData, { String? key, String? slug, String? uploadComplete, String? uploadDraftInteropVersion, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload';
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    headerParams[r'content-length'] = parameterToString(contentLength);
+    headerParams[r'repr-digest'] = parameterToString(reprDigest);
+    if (uploadComplete != null) {
+      headerParams[r'upload-complete'] = parameterToString(uploadComplete);
+    }
+    if (uploadDraftInteropVersion != null) {
+      headerParams[r'upload-draft-interop-version'] = parameterToString(uploadDraftInteropVersion);
+    }
+    headerParams[r'x-immich-asset-data'] = parameterToString(xImmichAssetData);
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'POST',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] reprDigest (required):
+  ///   RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.
+  ///
+  /// * [String] xImmichAssetData (required):
+  ///   RFC 9651 structured dictionary containing asset metadata with the following keys: - device-asset-id (string, required): Unique device asset identifier - device-id (string, required): Device identifier - file-created-at (string/date, required): ISO 8601 date string or Unix timestamp - file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp - filename (string, required): Original filename - is-favorite (boolean, optional): Favorite status - live-photo-video-id (string, optional): Live photo ID for assets from iOS devices - icloud-id (string, optional): iCloud identifier for assets from iOS devices
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  ///
+  /// * [String] uploadComplete:
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion:
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  Future<UploadOkDto?> startUpload(String contentLength, String reprDigest, String xImmichAssetData, { String? key, String? slug, String? uploadComplete, String? uploadDraftInteropVersion, }) async {
+    final response = await startUploadWithHttpInfo(contentLength, reprDigest, xImmichAssetData,  key: key, slug: slug, uploadComplete: uploadComplete, uploadDraftInteropVersion: uploadDraftInteropVersion, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UploadOkDto',) as UploadOkDto;
+    
+    }
+    return null;
+  }
+}
@@ -368,6 +368,10 @@ class ApiClient {
          return DownloadUpdate.fromJson(value);
        case 'DuplicateDetectionConfig':
          return DuplicateDetectionConfig.fromJson(value);
+        case 'DuplicateResolveDto':
+          return DuplicateResolveDto.fromJson(value);
+        case 'DuplicateResolveGroupDto':
+          return DuplicateResolveGroupDto.fromJson(value);
        case 'DuplicateResponseDto':
          return DuplicateResponseDto.fromJson(value);
        case 'EmailNotificationsResponse':
@@ -834,6 +838,10 @@ class ApiClient {
          return UpdateAssetDto.fromJson(value);
        case 'UpdateLibraryDto':
          return UpdateLibraryDto.fromJson(value);
+        case 'UploadBackupConfig':
+          return UploadBackupConfig.fromJson(value);
+        case 'UploadOkDto':
+          return UploadOkDto.fromJson(value);
        case 'UsageByUserDto':
          return UsageByUserDto.fromJson(value);
        case 'UserAdminCreateDto':
@@ -27,6 +27,7 @@ class BulkIdErrorReason {
  static const noPermission = BulkIdErrorReason._(r'no_permission');
  static const notFound = BulkIdErrorReason._(r'not_found');
  static const unknown = BulkIdErrorReason._(r'unknown');
+  static const validation = BulkIdErrorReason._(r'validation');

  /// List of all possible values in this [enum][BulkIdErrorReason].
  static const values = <BulkIdErrorReason>[
@@ -34,6 +35,7 @@ class BulkIdErrorReason {
    noPermission,
    notFound,
    unknown,
+    validation,
  ];

  static BulkIdErrorReason? fromJson(dynamic value) => BulkIdErrorReasonTypeTransformer().decode(value);
@@ -76,6 +78,7 @@ class BulkIdErrorReasonTypeTransformer {
        case r'no_permission': return BulkIdErrorReason.noPermission;
        case r'not_found': return BulkIdErrorReason.notFound;
        case r'unknown': return BulkIdErrorReason.unknown;
+        case r'validation': return BulkIdErrorReason.validation;
        default:
          if (!allowNull) {
            throw ArgumentError('Unknown enum value to decode: $data');
@@ -14,6 +14,7 @@ class BulkIdResponseDto {
  /// Returns a new [BulkIdResponseDto] instance.
  BulkIdResponseDto({
    this.error,
+    this.errorMessage,
    required this.id,
    required this.success,
  });
@@ -21,6 +22,14 @@ class BulkIdResponseDto {
  /// Error reason if failed
  BulkIdResponseDtoErrorEnum? error;

+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? errorMessage;
+
  /// ID
  String id;

@@ -30,6 +39,7 @@ class BulkIdResponseDto {
  @override
  bool operator ==(Object other) => identical(this, other) || other is BulkIdResponseDto &&
    other.error == error &&
+    other.errorMessage == errorMessage &&
    other.id == id &&
    other.success == success;

@@ -37,11 +47,12 @@ class BulkIdResponseDto {
  int get hashCode =>
    // ignore: unnecessary_parenthesis
    (error == null ? 0 : error!.hashCode) +
+    (errorMessage == null ? 0 : errorMessage!.hashCode) +
    (id.hashCode) +
    (success.hashCode);

  @override
-  String toString() => 'BulkIdResponseDto[error=$error, id=$id, success=$success]';
+  String toString() => 'BulkIdResponseDto[error=$error, errorMessage=$errorMessage, id=$id, success=$success]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -49,6 +60,11 @@ class BulkIdResponseDto {
      json[r'error'] = this.error;
    } else {
    //  json[r'error'] = null;
+    }
+    if (this.errorMessage != null) {
+      json[r'errorMessage'] = this.errorMessage;
+    } else {
+    //  json[r'errorMessage'] = null;
    }
      json[r'id'] = this.id;
      json[r'success'] = this.success;
@@ -65,6 +81,7 @@ class BulkIdResponseDto {

      return BulkIdResponseDto(
        error: BulkIdResponseDtoErrorEnum.fromJson(json[r'error']),
+        errorMessage: mapValueOfType<String>(json, r'errorMessage'),
        id: mapValueOfType<String>(json, r'id')!,
        success: mapValueOfType<bool>(json, r'success')!,
      );
@@ -136,6 +153,7 @@ class BulkIdResponseDtoErrorEnum {
  static const noPermission = BulkIdResponseDtoErrorEnum._(r'no_permission');
  static const notFound = BulkIdResponseDtoErrorEnum._(r'not_found');
  static const unknown = BulkIdResponseDtoErrorEnum._(r'unknown');
+  static const validation = BulkIdResponseDtoErrorEnum._(r'validation');

  /// List of all possible values in this [enum][BulkIdResponseDtoErrorEnum].
  static const values = <BulkIdResponseDtoErrorEnum>[
@@ -143,6 +161,7 @@ class BulkIdResponseDtoErrorEnum {
    noPermission,
    notFound,
    unknown,
+    validation,
  ];

  static BulkIdResponseDtoErrorEnum? fromJson(dynamic value) => BulkIdResponseDtoErrorEnumTypeTransformer().decode(value);
@@ -185,6 +204,7 @@ class BulkIdResponseDtoErrorEnumTypeTransformer {
        case r'no_permission': return BulkIdResponseDtoErrorEnum.noPermission;
        case r'not_found': return BulkIdResponseDtoErrorEnum.notFound;
        case r'unknown': return BulkIdResponseDtoErrorEnum.unknown;
+        case r'validation': return BulkIdResponseDtoErrorEnum.validation;
        default:
          if (!allowNull) {
            throw ArgumentError('Unknown enum value to decode: $data');
@@ -0,0 +1,100 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class DuplicateResolveDto {
+  /// Returns a new [DuplicateResolveDto] instance.
+  DuplicateResolveDto({
+    this.groups = const [],
+  });
+
+  /// List of duplicate groups to resolve
+  List<DuplicateResolveGroupDto> groups;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is DuplicateResolveDto &&
+    _deepEquality.equals(other.groups, groups);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (groups.hashCode);
+
+  @override
+  String toString() => 'DuplicateResolveDto[groups=$groups]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'groups'] = this.groups;
+    return json;
+  }
+
+  /// Returns a new [DuplicateResolveDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static DuplicateResolveDto? fromJson(dynamic value) {
+    upgradeDto(value, "DuplicateResolveDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return DuplicateResolveDto(
+        groups: DuplicateResolveGroupDto.listFromJson(json[r'groups']),
+      );
+    }
+    return null;
+  }
+
+  static List<DuplicateResolveDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <DuplicateResolveDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = DuplicateResolveDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, DuplicateResolveDto> mapFromJson(dynamic json) {
+    final map = <String, DuplicateResolveDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = DuplicateResolveDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of DuplicateResolveDto-objects as value to a dart map
+  static Map<String, List<DuplicateResolveDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<DuplicateResolveDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = DuplicateResolveDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'groups',
+  };
+}
+
@@ -0,0 +1,121 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class DuplicateResolveGroupDto {
+  /// Returns a new [DuplicateResolveGroupDto] instance.
+  DuplicateResolveGroupDto({
+    required this.duplicateId,
+    this.keepAssetIds = const [],
+    this.trashAssetIds = const [],
+  });
+
+  String duplicateId;
+
+  /// Asset IDs to keep
+  List<String> keepAssetIds;
+
+  /// Asset IDs to trash or delete
+  List<String> trashAssetIds;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is DuplicateResolveGroupDto &&
+    other.duplicateId == duplicateId &&
+    _deepEquality.equals(other.keepAssetIds, keepAssetIds) &&
+    _deepEquality.equals(other.trashAssetIds, trashAssetIds);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (duplicateId.hashCode) +
+    (keepAssetIds.hashCode) +
+    (trashAssetIds.hashCode);
+
+  @override
+  String toString() => 'DuplicateResolveGroupDto[duplicateId=$duplicateId, keepAssetIds=$keepAssetIds, trashAssetIds=$trashAssetIds]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'duplicateId'] = this.duplicateId;
+      json[r'keepAssetIds'] = this.keepAssetIds;
+      json[r'trashAssetIds'] = this.trashAssetIds;
+    return json;
+  }
+
+  /// Returns a new [DuplicateResolveGroupDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static DuplicateResolveGroupDto? fromJson(dynamic value) {
+    upgradeDto(value, "DuplicateResolveGroupDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return DuplicateResolveGroupDto(
+        duplicateId: mapValueOfType<String>(json, r'duplicateId')!,
+        keepAssetIds: json[r'keepAssetIds'] is Iterable
+            ? (json[r'keepAssetIds'] as Iterable).cast<String>().toList(growable: false)
+            : const [],
+        trashAssetIds: json[r'trashAssetIds'] is Iterable
+            ? (json[r'trashAssetIds'] as Iterable).cast<String>().toList(growable: false)
+            : const [],
+      );
+    }
+    return null;
+  }
+
+  static List<DuplicateResolveGroupDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <DuplicateResolveGroupDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = DuplicateResolveGroupDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, DuplicateResolveGroupDto> mapFromJson(dynamic json) {
+    final map = <String, DuplicateResolveGroupDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = DuplicateResolveGroupDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of DuplicateResolveGroupDto-objects as value to a dart map
+  static Map<String, List<DuplicateResolveGroupDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<DuplicateResolveGroupDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = DuplicateResolveGroupDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'duplicateId',
+    'keepAssetIds',
+    'trashAssetIds',
+  };
+}
+
@@ -15,6 +15,7 @@ class DuplicateResponseDto {
  DuplicateResponseDto({
    this.assets = const [],
    required this.duplicateId,
+    this.suggestedKeepAssetIds = const [],
  });

  /// Duplicate assets
@@ -23,24 +24,30 @@ class DuplicateResponseDto {
  /// Duplicate group ID
  String duplicateId;

+  /// Suggested asset IDs to keep based on file size and EXIF data
+  List<String> suggestedKeepAssetIds;
+
  @override
  bool operator ==(Object other) => identical(this, other) || other is DuplicateResponseDto &&
    _deepEquality.equals(other.assets, assets) &&
-    other.duplicateId == duplicateId;
+    other.duplicateId == duplicateId &&
+    _deepEquality.equals(other.suggestedKeepAssetIds, suggestedKeepAssetIds);

  @override
  int get hashCode =>
    // ignore: unnecessary_parenthesis
    (assets.hashCode) +
-    (duplicateId.hashCode);
+    (duplicateId.hashCode) +
+    (suggestedKeepAssetIds.hashCode);

  @override
-  String toString() => 'DuplicateResponseDto[assets=$assets, duplicateId=$duplicateId]';
+  String toString() => 'DuplicateResponseDto[assets=$assets, duplicateId=$duplicateId, suggestedKeepAssetIds=$suggestedKeepAssetIds]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
      json[r'assets'] = this.assets;
      json[r'duplicateId'] = this.duplicateId;
+      json[r'suggestedKeepAssetIds'] = this.suggestedKeepAssetIds;
    return json;
  }

@@ -55,6 +62,9 @@ class DuplicateResponseDto {
      return DuplicateResponseDto(
        assets: AssetResponseDto.listFromJson(json[r'assets']),
        duplicateId: mapValueOfType<String>(json, r'duplicateId')!,
+        suggestedKeepAssetIds: json[r'suggestedKeepAssetIds'] is Iterable
+            ? (json[r'suggestedKeepAssetIds'] as Iterable).cast<String>().toList(growable: false)
+            : const [],
      );
    }
    return null;
@@ -104,6 +114,7 @@ class DuplicateResponseDto {
  static const requiredKeys = <String>{
    'assets',
    'duplicateId',
+    'suggestedKeepAssetIds',
  };
 }

@@ -38,6 +38,8 @@ class JobName {
  static const assetFileMigration = JobName._(r'AssetFileMigration');
  static const assetGenerateThumbnailsQueueAll = JobName._(r'AssetGenerateThumbnailsQueueAll');
  static const assetGenerateThumbnails = JobName._(r'AssetGenerateThumbnails');
+  static const partialAssetCleanup = JobName._(r'PartialAssetCleanup');
+  static const partialAssetCleanupQueueAll = JobName._(r'PartialAssetCleanupQueueAll');
  static const auditLogCleanup = JobName._(r'AuditLogCleanup');
  static const auditTableCleanup = JobName._(r'AuditTableCleanup');
  static const databaseBackup = JobName._(r'DatabaseBackup');
@@ -97,6 +99,8 @@ class JobName {
    assetFileMigration,
    assetGenerateThumbnailsQueueAll,
    assetGenerateThumbnails,
+    partialAssetCleanup,
+    partialAssetCleanupQueueAll,
    auditLogCleanup,
    auditTableCleanup,
    databaseBackup,
@@ -191,6 +195,8 @@ class JobNameTypeTransformer {
        case r'AssetFileMigration': return JobName.assetFileMigration;
        case r'AssetGenerateThumbnailsQueueAll': return JobName.assetGenerateThumbnailsQueueAll;
        case r'AssetGenerateThumbnails': return JobName.assetGenerateThumbnails;
+        case r'PartialAssetCleanup': return JobName.partialAssetCleanup;
+        case r'PartialAssetCleanupQueueAll': return JobName.partialAssetCleanupQueueAll;
        case r'AuditLogCleanup': return JobName.auditLogCleanup;
        case r'AuditTableCleanup': return JobName.auditTableCleanup;
        case r'DatabaseBackup': return JobName.databaseBackup;
@@ -379,7 +379,7 @@ class MetadataSearchDto {
  ///
  bool? withExif;

-  /// Include assets with people
+  /// Include people data in response
  ///
  /// Please note: This property should have been non-nullable! Since the specification file
  /// does not include a default value (using the "default:" property), however, the generated
@@ -273,7 +273,7 @@ class RandomSearchDto {
  ///
  bool? withExif;

-  /// Include assets with people
+  /// Include people data in response
  ///
  /// Please note: This property should have been non-nullable! Since the specification file
  /// does not include a default value (using the "default:" property), however, the generated
@@ -14,25 +14,31 @@ class SystemConfigBackupsDto {
  /// Returns a new [SystemConfigBackupsDto] instance.
  SystemConfigBackupsDto({
    required this.database,
+    required this.upload,
  });

  DatabaseBackupConfig database;

+  UploadBackupConfig upload;
+
  @override
  bool operator ==(Object other) => identical(this, other) || other is SystemConfigBackupsDto &&
-    other.database == database;
+    other.database == database &&
+    other.upload == upload;

  @override
  int get hashCode =>
    // ignore: unnecessary_parenthesis
-    (database.hashCode);
+    (database.hashCode) +
+    (upload.hashCode);

  @override
-  String toString() => 'SystemConfigBackupsDto[database=$database]';
+  String toString() => 'SystemConfigBackupsDto[database=$database, upload=$upload]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
      json[r'database'] = this.database;
+      json[r'upload'] = this.upload;
    return json;
  }

@@ -46,6 +52,7 @@ class SystemConfigBackupsDto {

      return SystemConfigBackupsDto(
        database: DatabaseBackupConfig.fromJson(json[r'database'])!,
+        upload: UploadBackupConfig.fromJson(json[r'upload'])!,
      );
    }
    return null;
@@ -94,6 +101,7 @@ class SystemConfigBackupsDto {
  /// The list of required keys that must be present in a JSON.
  static const requiredKeys = <String>{
    'database',
+    'upload',
  };
 }

@@ -17,6 +17,7 @@ class SystemConfigNightlyTasksDto {
    required this.databaseCleanup,
    required this.generateMemories,
    required this.missingThumbnails,
+    required this.removeStaleUploads,
    required this.startTime,
    required this.syncQuotaUsage,
  });
@@ -33,6 +34,8 @@ class SystemConfigNightlyTasksDto {
  /// Missing thumbnails
  bool missingThumbnails;

+  bool removeStaleUploads;
+
  String startTime;

  /// Sync quota usage
@@ -44,6 +47,7 @@ class SystemConfigNightlyTasksDto {
    other.databaseCleanup == databaseCleanup &&
    other.generateMemories == generateMemories &&
    other.missingThumbnails == missingThumbnails &&
+    other.removeStaleUploads == removeStaleUploads &&
    other.startTime == startTime &&
    other.syncQuotaUsage == syncQuotaUsage;

@@ -54,11 +58,12 @@ class SystemConfigNightlyTasksDto {
    (databaseCleanup.hashCode) +
    (generateMemories.hashCode) +
    (missingThumbnails.hashCode) +
+    (removeStaleUploads.hashCode) +
    (startTime.hashCode) +
    (syncQuotaUsage.hashCode);

  @override
-  String toString() => 'SystemConfigNightlyTasksDto[clusterNewFaces=$clusterNewFaces, databaseCleanup=$databaseCleanup, generateMemories=$generateMemories, missingThumbnails=$missingThumbnails, startTime=$startTime, syncQuotaUsage=$syncQuotaUsage]';
+  String toString() => 'SystemConfigNightlyTasksDto[clusterNewFaces=$clusterNewFaces, databaseCleanup=$databaseCleanup, generateMemories=$generateMemories, missingThumbnails=$missingThumbnails, removeStaleUploads=$removeStaleUploads, startTime=$startTime, syncQuotaUsage=$syncQuotaUsage]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -66,6 +71,7 @@ class SystemConfigNightlyTasksDto {
      json[r'databaseCleanup'] = this.databaseCleanup;
      json[r'generateMemories'] = this.generateMemories;
      json[r'missingThumbnails'] = this.missingThumbnails;
+      json[r'removeStaleUploads'] = this.removeStaleUploads;
      json[r'startTime'] = this.startTime;
      json[r'syncQuotaUsage'] = this.syncQuotaUsage;
    return json;
@@ -84,6 +90,7 @@ class SystemConfigNightlyTasksDto {
        databaseCleanup: mapValueOfType<bool>(json, r'databaseCleanup')!,
        generateMemories: mapValueOfType<bool>(json, r'generateMemories')!,
        missingThumbnails: mapValueOfType<bool>(json, r'missingThumbnails')!,
+        removeStaleUploads: mapValueOfType<bool>(json, r'removeStaleUploads')!,
        startTime: mapValueOfType<String>(json, r'startTime')!,
        syncQuotaUsage: mapValueOfType<bool>(json, r'syncQuotaUsage')!,
      );
@@ -137,6 +144,7 @@ class SystemConfigNightlyTasksDto {
    'databaseCleanup',
    'generateMemories',
    'missingThumbnails',
+    'removeStaleUploads',
    'startTime',
    'syncQuotaUsage',
  };
@@ -0,0 +1,100 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UploadBackupConfig {
+  /// Returns a new [UploadBackupConfig] instance.
+  UploadBackupConfig({
+    required this.maxAgeHours,
+  });
+
+  /// Minimum value: 1
+  num maxAgeHours;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UploadBackupConfig &&
+    other.maxAgeHours == maxAgeHours;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (maxAgeHours.hashCode);
+
+  @override
+  String toString() => 'UploadBackupConfig[maxAgeHours=$maxAgeHours]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'maxAgeHours'] = this.maxAgeHours;
+    return json;
+  }
+
+  /// Returns a new [UploadBackupConfig] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UploadBackupConfig? fromJson(dynamic value) {
+    upgradeDto(value, "UploadBackupConfig");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UploadBackupConfig(
+        maxAgeHours: num.parse('${json[r'maxAgeHours']}'),
+      );
+    }
+    return null;
+  }
+
+  static List<UploadBackupConfig> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UploadBackupConfig>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UploadBackupConfig.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UploadBackupConfig> mapFromJson(dynamic json) {
+    final map = <String, UploadBackupConfig>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UploadBackupConfig.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UploadBackupConfig-objects as value to a dart map
+  static Map<String, List<UploadBackupConfig>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UploadBackupConfig>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UploadBackupConfig.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'maxAgeHours',
+  };
+}
+
@@ -0,0 +1,99 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UploadOkDto {
+  /// Returns a new [UploadOkDto] instance.
+  UploadOkDto({
+    required this.id,
+  });
+
+  String id;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UploadOkDto &&
+    other.id == id;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (id.hashCode);
+
+  @override
+  String toString() => 'UploadOkDto[id=$id]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'id'] = this.id;
+    return json;
+  }
+
+  /// Returns a new [UploadOkDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UploadOkDto? fromJson(dynamic value) {
+    upgradeDto(value, "UploadOkDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UploadOkDto(
+        id: mapValueOfType<String>(json, r'id')!,
+      );
+    }
+    return null;
+  }
+
+  static List<UploadOkDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UploadOkDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UploadOkDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UploadOkDto> mapFromJson(dynamic json) {
+    final map = <String, UploadOkDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UploadOkDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UploadOkDto-objects as value to a dart map
+  static Map<String, List<UploadOkDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UploadOkDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UploadOkDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'id',
+  };
+}
+
@@ -2,7 +2,7 @@ name: immich_mobile
 description: Immich - selfhosted backup media file on mobile phone

 publish_to: 'none'
-version: 2.6.2+3040
+version: 2.6.3+3041

 environment:
  sdk: '>=3.8.0 <4.0.0'
@@ -0,0 +1,183 @@
+import 'dart:ui' as ui;
+
+import 'package:flutter/painting.dart';
+import 'package:flutter_test/flutter_test.dart';
+import 'package:immich_mobile/presentation/widgets/images/cache_aware_listener_tracker.mixin.dart';
+
+class TestImageCompleter extends ImageStreamCompleter with CacheAwareListenerTrackerMixin {
+  bool wasCancelled = false;
+
+  TestImageCompleter({required bool hadInitialImage}) {
+    setupListenerTracking(
+      hadInitialImage: hadInitialImage,
+      onLastListenerRemoved: () {
+        wasCancelled = true;
+      },
+    );
+  }
+
+  @override
+  void setImage(ImageInfo image) {
+    super.setImage(image);
+  }
+}
+
+void main() {
+  late ImageCache cache;
+  late ImageStreamListener uiListener;
+
+  setUp(() {
+    // Create a fresh, real Flutter ImageCache for every test
+    cache = ImageCache();
+    uiListener = ImageStreamListener((_, __) {});
+  });
+
+  group('CacheAwareListenerTrackerMixin with Real ImageCache', () {
+
+    testWidgets('cancels fetch when UI detaches before completion', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      // 1. Request image from the real cache (simulating the provider)
+      final stream = cache.putIfAbsent(key, () => completer)!;
+
+      // 2. UI attaches
+      stream.addListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      // 3. Simulate asynchronous network delay...
+      await tester.pump(const Duration(milliseconds: 150));
+
+      // 4. User scrolls away before network finishes. UI detaches.
+      stream.removeListener(uiListener);
+
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('survives cache eviction while UI listener is still attached', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      // 1. Request image and attach UI
+      final stream = cache.putIfAbsent(key, () => completer)!;
+      stream.addListener(uiListener);
+
+      // 2. Simulate app going to background -> OS Memory Warning -> Cache clears
+      cache.clear();
+
+      // Even though the real cache just aggressively detached its listener,
+      // the stream MUST survive because the UI widget is still on screen!
+      expect(completer.wasCancelled, isFalse);
+
+      // 3. UI widget finally detaches
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('survives synchronous cache detach during putIfAbsent with initialImage', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: true);
+      final key = Object();
+
+      // Run image creation outside FakeAsync zone to avoid hang
+      late ui.Image dummyImage;
+      await tester.runAsync(() async {
+        dummyImage = await createTestImage(width: 1, height: 1);
+      });
+
+      final initialImageInfo = ImageInfo(image: dummyImage);
+
+      final stream = cache.putIfAbsent(key, () {
+        completer.setImage(initialImageInfo);
+        return completer;
+      })!;
+
+      expect(completer.wasCancelled, isFalse);
+
+      stream.addListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('fires cleanup on full abandonment even after successful fetch', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      final stream = cache.putIfAbsent(key, () => completer)!;
+      stream.addListener(uiListener);
+
+      await tester.pump(const Duration(milliseconds: 100));
+
+      // Run image creation outside FakeAsync zone to avoid hang
+      late ui.Image dummyImage;
+      await tester.runAsync(() async {
+        dummyImage = await createTestImage(width: 1, height: 1);
+      });
+
+      completer.setImage(ImageInfo(image: dummyImage));
+
+      stream.removeListener(uiListener);
+
+      // The stream is completely abandoned (0 listeners), so it fires the cleanup hook.
+      // Since the image is already downloaded, canceling the network token is a safe no-op.
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('Multiple UI listeners — only all detached, should cancel', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      final stream = cache.putIfAbsent(key, () => completer)!;
+
+      final uiListener2 = ImageStreamListener((_, __) {});
+      stream.addListener(uiListener);
+      stream.addListener(uiListener2);
+
+      // First UI detach leaves cache + one UI → no cancel
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      // Second UI detach leaves only cache → cancel
+      stream.removeListener(uiListener2);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('Listener misidentification: new listener after cache eviction is not treated as cache', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      final stream = cache.putIfAbsent(key, () => completer)!;
+
+      // UI attaches
+      stream.addListener(uiListener);
+
+      // Cache eviction removes the cache listener
+      cache.clear();
+      expect(completer.wasCancelled, isFalse);
+
+      // A second UI listener attaches — must NOT be treated as cache
+      final uiListener2 = ImageStreamListener((_, __) {});
+      stream.addListener(uiListener2);
+
+      // Remove first UI listener; second UI still active → no cancel
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      // Remove second UI listener; completely abandoned → cancel
+      stream.removeListener(uiListener2);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('No UI listener ever attaches (cache-only) — cache detaches should cancel', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      cache.putIfAbsent(key, () => completer);
+
+      // Cache eviction removes the only listener
+      cache.clear();
+      expect(completer.wasCancelled, isTrue);
+    });
+  });
+}
@@ -5285,6 +5285,65 @@
        "x-immich-state": "Stable"
      }
    },
+    "/duplicates/resolve": {
+      "post": {
+        "description": "Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.",
+        "operationId": "resolveDuplicates",
+        "parameters": [],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/DuplicateResolveDto"
+              }
+            }
+          },
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "items": {
+                    "$ref": "#/components/schemas/BulkIdResponseDto"
+                  },
+                  "type": "array"
+                }
+              }
+            },
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "summary": "Resolve duplicate groups",
+        "tags": [
+          "Duplicates"
+        ],
+        "x-immich-history": [
+          {
+            "version": "v3.0.0",
+            "state": "Added"
+          },
+          {
+            "version": "v3.0.0",
+            "state": "Alpha"
+          }
+        ],
+        "x-immich-permission": "duplicate.delete",
+        "x-immich-state": "Alpha"
+      }
+    },
    "/duplicates/{id}": {
      "delete": {
        "description": "Delete a single duplicate asset specified by its ID.",
@@ -13987,6 +14046,320 @@
        "x-immich-state": "Stable"
      }
    },
+    "/upload": {
+      "options": {
+        "operationId": "getUploadOptions",
+        "parameters": [],
+        "responses": {
+          "204": {
+            "description": ""
+          }
+        },
+        "tags": [
+          "Upload"
+        ]
+      },
+      "post": {
+        "operationId": "startUpload",
+        "parameters": [
+          {
+            "name": "content-length",
+            "in": "header",
+            "description": "Non-negative size of the request body in bytes.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "repr-digest",
+            "in": "header",
+            "description": "RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-complete",
+            "in": "header",
+            "description": "Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-draft-interop-version",
+            "in": "header",
+            "description": "Indicates the version of the RUFH protocol supported by the client.",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "x-immich-asset-data",
+            "in": "header",
+            "description": "RFC 9651 structured dictionary containing asset metadata with the following keys:\n- device-asset-id (string, required): Unique device asset identifier\n- device-id (string, required): Device identifier\n- file-created-at (string/date, required): ISO 8601 date string or Unix timestamp\n- file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp\n- filename (string, required): Original filename\n- is-favorite (boolean, optional): Favorite status\n- live-photo-video-id (string, optional): Live photo ID for assets from iOS devices\n- icloud-id (string, optional): iCloud identifier for assets from iOS devices",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/UploadOkDto"
+                }
+              }
+            },
+            "description": ""
+          },
+          "201": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      }
+    },
+    "/upload/{id}": {
+      "delete": {
+        "operationId": "cancelUpload",
+        "parameters": [
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      },
+      "head": {
+        "operationId": "getUploadStatus",
+        "parameters": [
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-draft-interop-version",
+            "in": "header",
+            "description": "Indicates the version of the RUFH protocol supported by the client.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      },
+      "patch": {
+        "operationId": "resumeUpload",
+        "parameters": [
+          {
+            "name": "content-length",
+            "in": "header",
+            "description": "Non-negative size of the request body in bytes.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-complete",
+            "in": "header",
+            "description": "Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-draft-interop-version",
+            "in": "header",
+            "description": "Indicates the version of the RUFH protocol supported by the client.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-offset",
+            "in": "header",
+            "description": "Non-negative byte offset indicating the starting position of the data in the request body within the entire file.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/UploadOkDto"
+                }
+              }
+            },
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      }
+    },
    "/users": {
      "get": {
        "description": "Retrieve a list of all users on the server.",
@@ -15166,7 +15539,7 @@
  "info": {
    "title": "Immich",
    "description": "Immich API",
-    "version": "2.6.2",
+    "version": "2.6.3",
    "contact": {}
  },
  "tags": [
@@ -17299,7 +17672,8 @@
          "duplicate",
          "no_permission",
          "not_found",
-          "unknown"
+          "unknown",
+          "validation"
        ],
        "type": "string"
      },
@@ -17311,10 +17685,14 @@
              "duplicate",
              "no_permission",
              "not_found",
-              "unknown"
+              "unknown",
+              "validation"
            ],
            "type": "string"
          },
+          "errorMessage": {
+            "type": "string"
+          },
          "id": {
            "description": "ID",
            "type": "string"
@@ -17828,6 +18206,52 @@
        ],
        "type": "object"
      },
+      "DuplicateResolveDto": {
+        "properties": {
+          "groups": {
+            "description": "List of duplicate groups to resolve",
+            "items": {
+              "$ref": "#/components/schemas/DuplicateResolveGroupDto"
+            },
+            "minItems": 1,
+            "type": "array"
+          }
+        },
+        "required": [
+          "groups"
+        ],
+        "type": "object"
+      },
+      "DuplicateResolveGroupDto": {
+        "properties": {
+          "duplicateId": {
+            "format": "uuid",
+            "type": "string"
+          },
+          "keepAssetIds": {
+            "description": "Asset IDs to keep",
+            "items": {
+              "format": "uuid",
+              "type": "string"
+            },
+            "type": "array"
+          },
+          "trashAssetIds": {
+            "description": "Asset IDs to trash or delete",
+            "items": {
+              "format": "uuid",
+              "type": "string"
+            },
+            "type": "array"
+          }
+        },
+        "required": [
+          "duplicateId",
+          "keepAssetIds",
+          "trashAssetIds"
+        ],
+        "type": "object"
+      },
      "DuplicateResponseDto": {
        "properties": {
          "assets": {
@@ -17840,11 +18264,20 @@
          "duplicateId": {
            "description": "Duplicate group ID",
            "type": "string"
+          },
+          "suggestedKeepAssetIds": {
+            "description": "Suggested asset IDs to keep based on file size and EXIF data",
+            "items": {
+              "format": "uuid",
+              "type": "string"
+            },
+            "type": "array"
          }
        },
        "required": [
          "assets",
-          "duplicateId"
+          "duplicateId",
+          "suggestedKeepAssetIds"
        ],
        "type": "object"
      },
@@ -18153,6 +18586,8 @@
          "AssetFileMigration",
          "AssetGenerateThumbnailsQueueAll",
          "AssetGenerateThumbnails",
+          "PartialAssetCleanup",
+          "PartialAssetCleanupQueueAll",
          "AuditLogCleanup",
          "AuditTableCleanup",
          "DatabaseBackup",
@@ -19129,7 +19564,7 @@
            "type": "boolean"
          },
          "withPeople": {
-            "description": "Include assets with people",
+            "description": "Include people data in response",
            "type": "boolean"
          },
          "withStacked": {
@@ -20868,7 +21303,7 @@
            "type": "boolean"
          },
          "withPeople": {
-            "description": "Include assets with people",
+            "description": "Include people data in response",
            "type": "boolean"
          },
          "withStacked": {
@@ -23812,10 +24247,14 @@
        "properties": {
          "database": {
            "$ref": "#/components/schemas/DatabaseBackupConfig"
+          },
+          "upload": {
+            "$ref": "#/components/schemas/UploadBackupConfig"
          }
        },
        "required": [
-          "database"
+          "database",
+          "upload"
        ],
        "type": "object"
      },
@@ -24405,6 +24844,9 @@
            "description": "Missing thumbnails",
            "type": "boolean"
          },
+          "removeStaleUploads": {
+            "type": "boolean"
+          },
          "startTime": {
            "type": "string"
          },
@@ -24418,6 +24860,7 @@
          "databaseCleanup",
          "generateMemories",
          "missingThumbnails",
+          "removeStaleUploads",
          "startTime",
          "syncQuotaUsage"
        ],
@@ -25377,6 +25820,29 @@
        },
        "type": "object"
      },
+      "UploadBackupConfig": {
+        "properties": {
+          "maxAgeHours": {
+            "minimum": 1,
+            "type": "number"
+          }
+        },
+        "required": [
+          "maxAgeHours"
+        ],
+        "type": "object"
+      },
+      "UploadOkDto": {
+        "properties": {
+          "id": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "id"
+        ],
+        "type": "object"
+      },
      "UsageByUserDto": {
        "properties": {
          "photos": {
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "@immich/sdk",
-  "version": "2.6.2",
+  "version": "2.6.3",
  "description": "Auto-generated TypeScript SDK for the Immich API",
  "type": "module",
  "main": "./build/index.js",
@@ -19,7 +19,7 @@
    "@oazapfts/runtime": "^1.0.2"
  },
  "devDependencies": {
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "typescript": "^5.3.3"
  },
  "repository": {
@@ -28,6 +28,6 @@
    "directory": "open-api/typescript-sdk"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -1,6 +1,6 @@
 /**
 * Immich
- * 2.6.2
+ * 2.6.3
 * DO NOT MODIFY - This file has been generated using oazapfts.
 * See https://www.npmjs.com/package/oazapfts
 */
@@ -725,6 +725,7 @@ export type BulkIdsDto = {
 export type BulkIdResponseDto = {
    /** Error reason if failed */
    error?: Error;
+    errorMessage?: string;
    /** ID */
    id: string;
    /** Whether operation succeeded */
@@ -1163,6 +1164,19 @@ export type DuplicateResponseDto = {
    assets: AssetResponseDto[];
    /** Duplicate group ID */
    duplicateId: string;
+    /** Suggested asset IDs to keep based on file size and EXIF data */
+    suggestedKeepAssetIds: string[];
+};
+export type DuplicateResolveGroupDto = {
+    duplicateId: string;
+    /** Asset IDs to keep */
+    keepAssetIds: string[];
+    /** Asset IDs to trash or delete */
+    trashAssetIds: string[];
+};
+export type DuplicateResolveDto = {
+    /** List of duplicate groups to resolve */
+    groups: DuplicateResolveGroupDto[];
 };
 export type PersonResponseDto = {
    /** Person date of birth */
@@ -1741,7 +1755,7 @@ export type MetadataSearchDto = {
    withDeleted?: boolean;
    /** Include EXIF data in response */
    withExif?: boolean;
-    /** Include assets with people */
+    /** Include people data in response */
    withPeople?: boolean;
    /** Include stacked assets */
    withStacked?: boolean;
@@ -1855,7 +1869,7 @@ export type RandomSearchDto = {
    withDeleted?: boolean;
    /** Include EXIF data in response */
    withExif?: boolean;
-    /** Include assets with people */
+    /** Include people data in response */
    withPeople?: boolean;
    /** Include stacked assets */
    withStacked?: boolean;
@@ -2393,8 +2407,12 @@ export type DatabaseBackupConfig = {
    /** Keep last amount */
    keepLastAmount: number;
 };
+export type UploadBackupConfig = {
+    maxAgeHours: number;
+};
 export type SystemConfigBackupsDto = {
    database: DatabaseBackupConfig;
+    upload: UploadBackupConfig;
 };
 export type SystemConfigFFmpegDto = {
    /** Transcode hardware acceleration */
@@ -2584,6 +2602,7 @@ export type SystemConfigNightlyTasksDto = {
    generateMemories: boolean;
    /** Missing thumbnails */
    missingThumbnails: boolean;
+    removeStaleUploads: boolean;
    startTime: string;
    /** Sync quota usage */
    syncQuotaUsage: boolean;
@@ -2799,6 +2818,9 @@ export type TrashResponseDto = {
    /** Number of items in trash */
    count: number;
 };
+export type UploadOkDto = {
+    id: string;
+};
 export type UserUpdateMeDto = {
    /** Avatar color */
    avatarColor?: (UserAvatarColor) | null;
@@ -4531,6 +4553,21 @@ export function getAssetDuplicates(opts?: Oazapfts.RequestOpts) {
        ...opts
    }));
 }
+/**
+ * Resolve duplicate groups
+ */
+export function resolveDuplicates({ duplicateResolveDto }: {
+    duplicateResolveDto: DuplicateResolveDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: BulkIdResponseDto[];
+    }>("/duplicates/resolve", oazapfts.json({
+        ...opts,
+        method: "POST",
+        body: duplicateResolveDto
+    })));
+}
 /**
 * Delete a duplicate
 */
@@ -6536,6 +6573,97 @@ export function restoreAssets({ bulkIdsDto }: {
        body: bulkIdsDto
    })));
 }
+export function getUploadOptions(opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText("/upload", {
+        ...opts,
+        method: "OPTIONS"
+    }));
+}
+export function startUpload({ contentLength, key, reprDigest, slug, uploadComplete, uploadDraftInteropVersion, xImmichAssetData }: {
+    contentLength: string;
+    key?: string;
+    reprDigest: string;
+    slug?: string;
+    uploadComplete?: string;
+    uploadDraftInteropVersion?: string;
+    xImmichAssetData: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UploadOkDto;
+    } | {
+        status: 201;
+    }>(`/upload${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "POST",
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            "content-length": contentLength,
+            "repr-digest": reprDigest,
+            "upload-complete": uploadComplete,
+            "upload-draft-interop-version": uploadDraftInteropVersion,
+            "x-immich-asset-data": xImmichAssetData
+        })
+    }));
+}
+export function cancelUpload({ id, key, slug }: {
+    id: string;
+    key?: string;
+    slug?: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText(`/upload/${encodeURIComponent(id)}${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "DELETE"
+    }));
+}
+export function getUploadStatus({ id, key, slug, uploadDraftInteropVersion }: {
+    id: string;
+    key?: string;
+    slug?: string;
+    uploadDraftInteropVersion: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText(`/upload/${encodeURIComponent(id)}${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "HEAD",
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            "upload-draft-interop-version": uploadDraftInteropVersion
+        })
+    }));
+}
+export function resumeUpload({ contentLength, id, key, slug, uploadComplete, uploadDraftInteropVersion, uploadOffset }: {
+    contentLength: string;
+    id: string;
+    key?: string;
+    slug?: string;
+    uploadComplete: string;
+    uploadDraftInteropVersion: string;
+    uploadOffset: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UploadOkDto;
+    }>(`/upload/${encodeURIComponent(id)}${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "PATCH",
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            "content-length": contentLength,
+            "upload-complete": uploadComplete,
+            "upload-draft-interop-version": uploadDraftInteropVersion,
+            "upload-offset": uploadOffset
+        })
+    }));
+}
 /**
 * Get all users
 */
@@ -6893,13 +7021,15 @@ export enum BulkIdErrorReason {
    Duplicate = "duplicate",
    NoPermission = "no_permission",
    NotFound = "not_found",
-    Unknown = "unknown"
+    Unknown = "unknown",
+    Validation = "validation"
 }
 export enum Error {
    Duplicate = "duplicate",
    NoPermission = "no_permission",
    NotFound = "not_found",
-    Unknown = "unknown"
+    Unknown = "unknown",
+    Validation = "validation"
 }
 export enum Permission {
    All = "all",
@@ -7173,6 +7303,8 @@ export enum JobName {
    AssetFileMigration = "AssetFileMigration",
    AssetGenerateThumbnailsQueueAll = "AssetGenerateThumbnailsQueueAll",
    AssetGenerateThumbnails = "AssetGenerateThumbnails",
+    PartialAssetCleanup = "PartialAssetCleanup",
+    PartialAssetCleanupQueueAll = "PartialAssetCleanupQueueAll",
    AuditLogCleanup = "AuditLogCleanup",
    AuditTableCleanup = "AuditTableCleanup",
    DatabaseBackup = "DatabaseBackup",
@@ -1,9 +1,9 @@
 {
  "name": "immich-monorepo",
-  "version": "2.6.2",
+  "version": "2.6.3",
  "description": "Monorepo for Immich",
  "private": true,
-  "packageManager": "pnpm@10.30.3+sha512.c961d1e0a2d8e354ecaa5166b822516668b7f44cb5bd95122d590dd81922f606f5473b6d23ec4a5be05e7fcd18e8488d47d978bbe981872f1145d06e9a740017",
+  "packageManager": "pnpm@10.32.1+sha512.a706938f0e89ac1456b6563eab4edf1d1faf3368d1191fc5c59790e96dc918e4456ab2e67d613de1043d2e8c81f87303e6b40d4ffeca9df15ef1ad567348f2be",
  "engines": {
    "pnpm": ">=10.0.0"
  }
@@ -15,9 +15,9 @@
      }
    },
    "node_modules/@esbuild/aix-ppc64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.3.tgz",
-      "integrity": "sha512-9fJMTNFTWZMh5qwrBItuziu834eOCUcEqymSH7pY+zoMVEZg3gcPuBNxH1EvfVYe9h0x/Ptw8KBzv7qxb7l8dg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.4.tgz",
+      "integrity": "sha512-cQPwL2mp2nSmHHJlCyoXgHGhbEPMrEEU5xhkcy3Hs/O7nGZqEpZ2sUtLaL9MORLtDfRvVl2/3PAuEkYZH0Ty8Q==",
      "cpu": [
        "ppc64"
      ],
@@ -32,9 +32,9 @@
      }
    },
    "node_modules/@esbuild/android-arm": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.3.tgz",
-      "integrity": "sha512-i5D1hPY7GIQmXlXhs2w8AWHhenb00+GxjxRncS2ZM7YNVGNfaMxgzSGuO8o8SJzRc/oZwU2bcScvVERk03QhzA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.4.tgz",
+      "integrity": "sha512-X9bUgvxiC8CHAGKYufLIHGXPJWnr0OCdR0anD2e21vdvgCI8lIfqFbnoeOz7lBjdrAGUhqLZLcQo6MLhTO2DKQ==",
      "cpu": [
        "arm"
      ],
@@ -49,9 +49,9 @@
      }
    },
    "node_modules/@esbuild/android-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.3.tgz",
-      "integrity": "sha512-YdghPYUmj/FX2SYKJ0OZxf+iaKgMsKHVPF1MAq/P8WirnSpCStzKJFjOjzsW0QQ7oIAiccHdcqjbHmJxRb/dmg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.4.tgz",
+      "integrity": "sha512-gdLscB7v75wRfu7QSm/zg6Rx29VLdy9eTr2t44sfTW7CxwAtQghZ4ZnqHk3/ogz7xao0QAgrkradbBzcqFPasw==",
      "cpu": [
        "arm64"
      ],
@@ -66,9 +66,9 @@
      }
    },
    "node_modules/@esbuild/android-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.3.tgz",
-      "integrity": "sha512-IN/0BNTkHtk8lkOM8JWAYFg4ORxBkZQf9zXiEOfERX/CzxW3Vg1ewAhU7QSWQpVIzTW+b8Xy+lGzdYXV6UZObQ==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.4.tgz",
+      "integrity": "sha512-PzPFnBNVF292sfpfhiyiXCGSn9HZg5BcAz+ivBuSsl6Rk4ga1oEXAamhOXRFyMcjwr2DVtm40G65N3GLeH1Lvw==",
      "cpu": [
        "x64"
      ],
@@ -83,9 +83,9 @@
      }
    },
    "node_modules/@esbuild/darwin-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.3.tgz",
-      "integrity": "sha512-Re491k7ByTVRy0t3EKWajdLIr0gz2kKKfzafkth4Q8A5n1xTHrkqZgLLjFEHVD+AXdUGgQMq+Godfq45mGpCKg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.4.tgz",
+      "integrity": "sha512-b7xaGIwdJlht8ZFCvMkpDN6uiSmnxxK56N2GDTMYPr2/gzvfdQN8rTfBsvVKmIVY/X7EM+/hJKEIbbHs9oA4tQ==",
      "cpu": [
        "arm64"
      ],
@@ -100,9 +100,9 @@
      }
    },
    "node_modules/@esbuild/darwin-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.3.tgz",
-      "integrity": "sha512-vHk/hA7/1AckjGzRqi6wbo+jaShzRowYip6rt6q7VYEDX4LEy1pZfDpdxCBnGtl+A5zq8iXDcyuxwtv3hNtHFg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.4.tgz",
+      "integrity": "sha512-sR+OiKLwd15nmCdqpXMnuJ9W2kpy0KigzqScqHI3Hqwr7IXxBp3Yva+yJwoqh7rE8V77tdoheRYataNKL4QrPw==",
      "cpu": [
        "x64"
      ],
@@ -117,9 +117,9 @@
      }
    },
    "node_modules/@esbuild/freebsd-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.3.tgz",
-      "integrity": "sha512-ipTYM2fjt3kQAYOvo6vcxJx3nBYAzPjgTCk7QEgZG8AUO3ydUhvelmhrbOheMnGOlaSFUoHXB6un+A7q4ygY9w==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.4.tgz",
+      "integrity": "sha512-jnfpKe+p79tCnm4GVav68A7tUFeKQwQyLgESwEAUzyxk/TJr4QdGog9sqWNcUbr/bZt/O/HXouspuQDd9JxFSw==",
      "cpu": [
        "arm64"
      ],
@@ -134,9 +134,9 @@
      }
    },
    "node_modules/@esbuild/freebsd-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.3.tgz",
-      "integrity": "sha512-dDk0X87T7mI6U3K9VjWtHOXqwAMJBNN2r7bejDsc+j03SEjtD9HrOl8gVFByeM0aJksoUuUVU9TBaZa2rgj0oA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.4.tgz",
+      "integrity": "sha512-2kb4ceA/CpfUrIcTUl1wrP/9ad9Atrp5J94Lq69w7UwOMolPIGrfLSvAKJp0RTvkPPyn6CIWrNy13kyLikZRZQ==",
      "cpu": [
        "x64"
      ],
@@ -151,9 +151,9 @@
      }
    },
    "node_modules/@esbuild/linux-arm": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.3.tgz",
-      "integrity": "sha512-s6nPv2QkSupJwLYyfS+gwdirm0ukyTFNl3KTgZEAiJDd+iHZcbTPPcWCcRYH+WlNbwChgH2QkE9NSlNrMT8Gfw==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.4.tgz",
+      "integrity": "sha512-aBYgcIxX/wd5n2ys0yESGeYMGF+pv6g0DhZr3G1ZG4jMfruU9Tl1i2Z+Wnj9/KjGz1lTLCcorqE2viePZqj4Eg==",
      "cpu": [
        "arm"
      ],
@@ -168,9 +168,9 @@
      }
    },
    "node_modules/@esbuild/linux-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.3.tgz",
-      "integrity": "sha512-sZOuFz/xWnZ4KH3YfFrKCf1WyPZHakVzTiqji3WDc0BCl2kBwiJLCXpzLzUBLgmp4veFZdvN5ChW4Eq/8Fc2Fg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.4.tgz",
+      "integrity": "sha512-7nQOttdzVGth1iz57kxg9uCz57dxQLHWxopL6mYuYthohPKEK0vU0C3O21CcBK6KDlkYVcnDXY099HcCDXd9dA==",
      "cpu": [
        "arm64"
      ],
@@ -185,9 +185,9 @@
      }
    },
    "node_modules/@esbuild/linux-ia32": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.3.tgz",
-      "integrity": "sha512-yGlQYjdxtLdh0a3jHjuwOrxQjOZYD/C9PfdbgJJF3TIZWnm/tMd/RcNiLngiu4iwcBAOezdnSLAwQDPqTmtTYg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.4.tgz",
+      "integrity": "sha512-oPtixtAIzgvzYcKBQM/qZ3R+9TEUd1aNJQu0HhGyqtx6oS7qTpvjheIWBbes4+qu1bNlo2V4cbkISr8q6gRBFA==",
      "cpu": [
        "ia32"
      ],
@@ -202,9 +202,9 @@
      }
    },
    "node_modules/@esbuild/linux-loong64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.3.tgz",
-      "integrity": "sha512-WO60Sn8ly3gtzhyjATDgieJNet/KqsDlX5nRC5Y3oTFcS1l0KWba+SEa9Ja1GfDqSF1z6hif/SkpQJbL63cgOA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.4.tgz",
+      "integrity": "sha512-8mL/vh8qeCoRcFH2nM8wm5uJP+ZcVYGGayMavi8GmRJjuI3g1v6Z7Ni0JJKAJW+m0EtUuARb6Lmp4hMjzCBWzA==",
      "cpu": [
        "loong64"
      ],
@@ -219,9 +219,9 @@
      }
    },
    "node_modules/@esbuild/linux-mips64el": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.3.tgz",
-      "integrity": "sha512-APsymYA6sGcZ4pD6k+UxbDjOFSvPWyZhjaiPyl/f79xKxwTnrn5QUnXR5prvetuaSMsb4jgeHewIDCIWljrSxw==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.4.tgz",
+      "integrity": "sha512-1RdrWFFiiLIW7LQq9Q2NES+HiD4NyT8Itj9AUeCl0IVCA459WnPhREKgwrpaIfTOe+/2rdntisegiPWn/r/aAw==",
      "cpu": [
        "mips64el"
      ],
@@ -236,9 +236,9 @@
      }
    },
    "node_modules/@esbuild/linux-ppc64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.3.tgz",
-      "integrity": "sha512-eizBnTeBefojtDb9nSh4vvVQ3V9Qf9Df01PfawPcRzJH4gFSgrObw+LveUyDoKU3kxi5+9RJTCWlj4FjYXVPEA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.4.tgz",
+      "integrity": "sha512-tLCwNG47l3sd9lpfyx9LAGEGItCUeRCWeAx6x2Jmbav65nAwoPXfewtAdtbtit/pJFLUWOhpv0FpS6GQAmPrHA==",
      "cpu": [
        "ppc64"
      ],
@@ -253,9 +253,9 @@
      }
    },
    "node_modules/@esbuild/linux-riscv64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.3.tgz",
-      "integrity": "sha512-3Emwh0r5wmfm3ssTWRQSyVhbOHvqegUDRd0WhmXKX2mkHJe1SFCMJhagUleMq+Uci34wLSipf8Lagt4LlpRFWQ==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.4.tgz",
+      "integrity": "sha512-BnASypppbUWyqjd1KIpU4AUBiIhVr6YlHx/cnPgqEkNoVOhHg+YiSVxM1RLfiy4t9cAulbRGTNCKOcqHrEQLIw==",
      "cpu": [
        "riscv64"
      ],
@@ -270,9 +270,9 @@
      }
    },
    "node_modules/@esbuild/linux-s390x": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.3.tgz",
-      "integrity": "sha512-pBHUx9LzXWBc7MFIEEL0yD/ZVtNgLytvx60gES28GcWMqil8ElCYR4kvbV2BDqsHOvVDRrOxGySBM9Fcv744hw==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.4.tgz",
+      "integrity": "sha512-+eUqgb/Z7vxVLezG8bVB9SfBie89gMueS+I0xYh2tJdw3vqA/0ImZJ2ROeWwVJN59ihBeZ7Tu92dF/5dy5FttA==",
      "cpu": [
        "s390x"
      ],
@@ -287,9 +287,9 @@
      }
    },
    "node_modules/@esbuild/linux-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.3.tgz",
-      "integrity": "sha512-Czi8yzXUWIQYAtL/2y6vogER8pvcsOsk5cpwL4Gk5nJqH5UZiVByIY8Eorm5R13gq+DQKYg0+JyQoytLQas4dA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.4.tgz",
+      "integrity": "sha512-S5qOXrKV8BQEzJPVxAwnryi2+Iq5pB40gTEIT69BQONqR7JH1EPIcQ/Uiv9mCnn05jff9umq/5nqzxlqTOg9NA==",
      "cpu": [
        "x64"
      ],
@@ -304,9 +304,9 @@
      }
    },
    "node_modules/@esbuild/netbsd-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.3.tgz",
-      "integrity": "sha512-sDpk0RgmTCR/5HguIZa9n9u+HVKf40fbEUt+iTzSnCaGvY9kFP0YKBWZtJaraonFnqef5SlJ8/TiPAxzyS+UoA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.4.tgz",
+      "integrity": "sha512-xHT8X4sb0GS8qTqiwzHqpY00C95DPAq7nAwX35Ie/s+LO9830hrMd3oX0ZMKLvy7vsonee73x0lmcdOVXFzd6Q==",
      "cpu": [
        "arm64"
      ],
@@ -321,9 +321,9 @@
      }
    },
    "node_modules/@esbuild/netbsd-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.3.tgz",
-      "integrity": "sha512-P14lFKJl/DdaE00LItAukUdZO5iqNH7+PjoBm+fLQjtxfcfFE20Xf5CrLsmZdq5LFFZzb5JMZ9grUwvtVYzjiA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.4.tgz",
+      "integrity": "sha512-RugOvOdXfdyi5Tyv40kgQnI0byv66BFgAqjdgtAKqHoZTbTF2QqfQrFwa7cHEORJf6X2ht+l9ABLMP0dnKYsgg==",
      "cpu": [
        "x64"
      ],
@@ -338,9 +338,9 @@
      }
    },
    "node_modules/@esbuild/openbsd-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.3.tgz",
-      "integrity": "sha512-AIcMP77AvirGbRl/UZFTq5hjXK+2wC7qFRGoHSDrZ5v5b8DK/GYpXW3CPRL53NkvDqb9D+alBiC/dV0Fb7eJcw==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.4.tgz",
+      "integrity": "sha512-2MyL3IAaTX+1/qP0O1SwskwcwCoOI4kV2IBX1xYnDDqthmq5ArrW94qSIKCAuRraMgPOmG0RDTA74mzYNQA9ow==",
      "cpu": [
        "arm64"
      ],
@@ -355,9 +355,9 @@
      }
    },
    "node_modules/@esbuild/openbsd-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.3.tgz",
-      "integrity": "sha512-DnW2sRrBzA+YnE70LKqnM3P+z8vehfJWHXECbwBmH/CU51z6FiqTQTHFenPlHmo3a8UgpLyH3PT+87OViOh1AQ==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.4.tgz",
+      "integrity": "sha512-u8fg/jQ5aQDfsnIV6+KwLOf1CmJnfu1ShpwqdwC0uA7ZPwFws55Ngc12vBdeUdnuWoQYx/SOQLGDcdlfXhYmXQ==",
      "cpu": [
        "x64"
      ],
@@ -372,9 +372,9 @@
      }
    },
    "node_modules/@esbuild/openharmony-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.3.tgz",
-      "integrity": "sha512-NinAEgr/etERPTsZJ7aEZQvvg/A6IsZG/LgZy+81wON2huV7SrK3e63dU0XhyZP4RKGyTm7aOgmQk0bGp0fy2g==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.4.tgz",
+      "integrity": "sha512-JkTZrl6VbyO8lDQO3yv26nNr2RM2yZzNrNHEsj9bm6dOwwu9OYN28CjzZkH57bh4w0I2F7IodpQvUAEd1mbWXg==",
      "cpu": [
        "arm64"
      ],
@@ -389,9 +389,9 @@
      }
    },
    "node_modules/@esbuild/sunos-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.3.tgz",
-      "integrity": "sha512-PanZ+nEz+eWoBJ8/f8HKxTTD172SKwdXebZ0ndd953gt1HRBbhMsaNqjTyYLGLPdoWHy4zLU7bDVJztF5f3BHA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.4.tgz",
+      "integrity": "sha512-/gOzgaewZJfeJTlsWhvUEmUG4tWEY2Spp5M20INYRg2ZKl9QPO3QEEgPeRtLjEWSW8FilRNacPOg8R1uaYkA6g==",
      "cpu": [
        "x64"
      ],
@@ -406,9 +406,9 @@
      }
    },
    "node_modules/@esbuild/win32-arm64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.3.tgz",
-      "integrity": "sha512-B2t59lWWYrbRDw/tjiWOuzSsFh1Y/E95ofKz7rIVYSQkUYBjfSgf6oeYPNWHToFRr2zx52JKApIcAS/D5TUBnA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.4.tgz",
+      "integrity": "sha512-Z9SExBg2y32smoDQdf1HRwHRt6vAHLXcxD2uGgO/v2jK7Y718Ix4ndsbNMU/+1Qiem9OiOdaqitioZwxivhXYg==",
      "cpu": [
        "arm64"
      ],
@@ -423,9 +423,9 @@
      }
    },
    "node_modules/@esbuild/win32-ia32": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.3.tgz",
-      "integrity": "sha512-QLKSFeXNS8+tHW7tZpMtjlNb7HKau0QDpwm49u0vUp9y1WOF+PEzkU84y9GqYaAVW8aH8f3GcBck26jh54cX4Q==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.4.tgz",
+      "integrity": "sha512-DAyGLS0Jz5G5iixEbMHi5KdiApqHBWMGzTtMiJ72ZOLhbu/bzxgAe8Ue8CTS3n3HbIUHQz/L51yMdGMeoxXNJw==",
      "cpu": [
        "ia32"
      ],
@@ -440,9 +440,9 @@
      }
    },
    "node_modules/@esbuild/win32-x64": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.3.tgz",
-      "integrity": "sha512-4uJGhsxuptu3OcpVAzli+/gWusVGwZZHTlS63hh++ehExkVT8SgiEf7/uC/PclrPPkLhZqGgCTjd0VWLo6xMqA==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.4.tgz",
+      "integrity": "sha512-+knoa0BDoeXgkNvvV1vvbZX4+hizelrkwmGJBdT17t8FNPwG2lKemmuMZlmaNQ3ws3DKKCxpb4zRZEIp3UxFCg==",
      "cpu": [
        "x64"
      ],
@@ -467,9 +467,9 @@
      }
    },
    "node_modules/esbuild": {
-      "version": "0.27.3",
-      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.3.tgz",
-      "integrity": "sha512-8VwMnyGCONIs6cWue2IdpHxHnAjzxnw2Zr7MkVxB2vjmQ2ivqGFb4LEG3SMnv0Gb2F/G/2yA8zUaiL1gywDCCg==",
+      "version": "0.27.4",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.4.tgz",
+      "integrity": "sha512-Rq4vbHnYkK5fws5NF7MYTU68FPRE1ajX7heQ/8QXXWqNgqqJ/GkmmyxIzUnf2Sr/bakf8l54716CcMGHYhMrrQ==",
      "dev": true,
      "hasInstallScript": true,
      "license": "MIT",
@@ -480,32 +480,32 @@
        "node": ">=18"
      },
      "optionalDependencies": {
-        "@esbuild/aix-ppc64": "0.27.3",
-        "@esbuild/android-arm": "0.27.3",
-        "@esbuild/android-arm64": "0.27.3",
-        "@esbuild/android-x64": "0.27.3",
-        "@esbuild/darwin-arm64": "0.27.3",
-        "@esbuild/darwin-x64": "0.27.3",
-        "@esbuild/freebsd-arm64": "0.27.3",
-        "@esbuild/freebsd-x64": "0.27.3",
-        "@esbuild/linux-arm": "0.27.3",
-        "@esbuild/linux-arm64": "0.27.3",
-        "@esbuild/linux-ia32": "0.27.3",
-        "@esbuild/linux-loong64": "0.27.3",
-        "@esbuild/linux-mips64el": "0.27.3",
-        "@esbuild/linux-ppc64": "0.27.3",
-        "@esbuild/linux-riscv64": "0.27.3",
-        "@esbuild/linux-s390x": "0.27.3",
-        "@esbuild/linux-x64": "0.27.3",
-        "@esbuild/netbsd-arm64": "0.27.3",
-        "@esbuild/netbsd-x64": "0.27.3",
-        "@esbuild/openbsd-arm64": "0.27.3",
-        "@esbuild/openbsd-x64": "0.27.3",
-        "@esbuild/openharmony-arm64": "0.27.3",
-        "@esbuild/sunos-x64": "0.27.3",
-        "@esbuild/win32-arm64": "0.27.3",
-        "@esbuild/win32-ia32": "0.27.3",
-        "@esbuild/win32-x64": "0.27.3"
+        "@esbuild/aix-ppc64": "0.27.4",
+        "@esbuild/android-arm": "0.27.4",
+        "@esbuild/android-arm64": "0.27.4",
+        "@esbuild/android-x64": "0.27.4",
+        "@esbuild/darwin-arm64": "0.27.4",
+        "@esbuild/darwin-x64": "0.27.4",
+        "@esbuild/freebsd-arm64": "0.27.4",
+        "@esbuild/freebsd-x64": "0.27.4",
+        "@esbuild/linux-arm": "0.27.4",
+        "@esbuild/linux-arm64": "0.27.4",
+        "@esbuild/linux-ia32": "0.27.4",
+        "@esbuild/linux-loong64": "0.27.4",
+        "@esbuild/linux-mips64el": "0.27.4",
+        "@esbuild/linux-ppc64": "0.27.4",
+        "@esbuild/linux-riscv64": "0.27.4",
+        "@esbuild/linux-s390x": "0.27.4",
+        "@esbuild/linux-x64": "0.27.4",
+        "@esbuild/netbsd-arm64": "0.27.4",
+        "@esbuild/netbsd-x64": "0.27.4",
+        "@esbuild/openbsd-arm64": "0.27.4",
+        "@esbuild/openbsd-x64": "0.27.4",
+        "@esbuild/openharmony-arm64": "0.27.4",
+        "@esbuild/sunos-x64": "0.27.4",
+        "@esbuild/win32-arm64": "0.27.4",
+        "@esbuild/win32-ia32": "0.27.4",
+        "@esbuild/win32-x64": "0.27.4"
      }
    },
    "node_modules/typescript": {
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -15,13 +15,12 @@ log_message() {

 log_message "Initializing Immich $IMMICH_SOURCE_REF"

-# TODO: Update to mimalloc v3 when verified memory isn't released issue is fixed
-# lib_path="/usr/lib/$(arch)-linux-gnu/libmimalloc.so.3"
-# if [ -f "$lib_path" ]; then
-#   export LD_PRELOAD="$lib_path"
-# else
-#   echo "skipping libmimalloc - path not found $lib_path"
-# fi
+lib_path="/usr/lib/$(arch)-linux-gnu/libmimalloc.so.3"
+if [ -f "$lib_path" ]; then
+  export LD_PRELOAD="$lib_path"
+else
+  echo "skipping libmimalloc - path not found $lib_path"
+fi
 export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/lib/jellyfin-ffmpeg/lib"
 SERVER_HOME="$(readlink -f "$(dirname "$0")/..")"

@@ -0,0 +1,21 @@
+{
+  "contentSecurityPolicy": {
+    "directives": {
+      "default-src": ["'self'"],
+      "script-src": ["'self'", "'wasm-unsafe-eval", "'unsafe-inline'", "https://www.gstatic.com"],
+      "style-src": ["'self'", "'unsafe-inline'"],
+      "img-src": ["'self'", "'data:'", "'blob:'"],
+      "connect-src": [
+        "'self'",
+        "blob:",
+        "https://pay.futo.org",
+        "https://static.immich.cloud",
+        "https://tiles.immich.cloud"
+      ],
+      "worker-src": ["'self'", "blob:"],
+      "frame-src": ["'none'"],
+      "object-src": ["'none'"],
+      "base-uri": ["'self'"]
+    }
+  }
+}
@@ -1,10 +1,15 @@
 {
  "name": "immich",
-  "version": "2.6.2",
+  "version": "2.6.3",
  "description": "",
  "author": "",
  "private": true,
  "license": "GNU Affero General Public License version 3",
+  "files": [
+    "bin",
+    "dist",
+    "helmet.json"
+  ],
  "scripts": {
    "build": "nest build",
    "format": "prettier --cache --check .",
@@ -77,12 +82,13 @@
    "fluent-ffmpeg": "^2.1.2",
    "geo-tz": "^8.0.0",
    "handlebars": "^4.7.8",
+    "helmet": "^8.1.0",
    "i18n-iso-countries": "^7.6.0",
    "ioredis": "^5.8.2",
    "jose": "^5.10.0",
    "js-yaml": "^4.1.0",
    "jsonwebtoken": "^9.0.2",
-    "kysely": "0.28.11",
+    "kysely": "0.28.14",
    "kysely-postgres-js": "^3.0.0",
    "lodash": "^4.17.21",
    "luxon": "^3.4.2",
@@ -109,6 +115,7 @@
    "sharp": "^0.34.5",
    "sirv": "^3.0.0",
    "socket.io": "^4.8.1",
+    "structured-headers": "^2.0.2",
    "tailwindcss-preset-email": "^1.4.0",
    "thumbhash": "^0.1.1",
    "transformation-matrix": "^3.1.0",
@@ -136,7 +143,7 @@
    "@types/luxon": "^3.6.2",
    "@types/mock-fs": "^4.13.1",
    "@types/multer": "^2.0.0",
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "@types/nodemailer": "^7.0.0",
    "@types/picomatch": "^4.0.0",
    "@types/pngjs": "^6.0.5",
@@ -168,7 +175,7 @@
    "vitest": "^3.0.0"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  },
  "overrides": {
    "sharp": "^0.34.5"
@@ -2,9 +2,10 @@ import { NestExpressApplication } from '@nestjs/platform-express';
 import { json } from 'body-parser';
 import compression from 'compression';
 import cookieParser from 'cookie-parser';
+import helmetMiddleware from 'helmet';
 import { existsSync } from 'node:fs';
 import sirv from 'sirv';
-import { excludePaths, serverVersion } from 'src/constants';
+import { IMMICH_SERVER_START, excludePaths, serverVersion } from 'src/constants';
 import { MaintenanceWorkerService } from 'src/maintenance/maintenance-worker.service';
 import { WebSocketAdapter } from 'src/middleware/websocket.adapter';
 import { ConfigRepository } from 'src/repositories/config.repository';
@@ -39,7 +40,7 @@ export async function configureExpress(
  },
 ) {
  const configRepository = app.get(ConfigRepository);
-  const { environment, host, port, resourcePaths, network } = configRepository.getEnv();
+  const { environment, host, port, helmet, resourcePaths, network } = configRepository.getEnv();

  const logger = await app.resolve(LoggingRepository);
  logger.setContext('Bootstrap');
@@ -47,6 +48,12 @@ export async function configureExpress(

  app.set('trust proxy', ['loopback', ...network.trustedProxies]);
  app.set('etag', 'strong');
+
+  if (helmet.config) {
+    app.use(helmetMiddleware(helmet.config));
+    logger.log('Initialized helmet middleware');
+  }
+
  app.use(cookieParser());
  app.use(json({ limit: '10mb' }));

@@ -83,5 +90,5 @@ export async function configureExpress(
  const server = await (host ? app.listen(port, host) : app.listen(port));
  server.requestTimeout = 24 * 60 * 60 * 1000;

-  logger.log(`Immich Server is listening on ${await app.getUrl()} [v${serverVersion}] [${environment}] `);
+  logger.log(`${IMMICH_SERVER_START} on ${await app.getUrl()} [v${serverVersion}] [${environment}] `);
 }
@@ -29,6 +29,7 @@ import { ProcessRepository } from 'src/repositories/process.repository';
 import { StorageRepository } from 'src/repositories/storage.repository';
 import { SystemMetadataRepository } from 'src/repositories/system-metadata.repository';
 import { teardownTelemetry, TelemetryRepository } from 'src/repositories/telemetry.repository';
+import { UserRepository } from 'src/repositories/user.repository';
 import { WebsocketRepository } from 'src/repositories/websocket.repository';
 import { services } from 'src/services';
 import { AuthService } from 'src/services/auth.service';
@@ -111,6 +112,7 @@ export class ApiModule extends BaseModule {}
    StorageRepository,
    ProcessRepository,
    DatabaseRepository,
+    UserRepository,
    SystemMetadataRepository,
    AppRepository,
    MaintenanceHealthRepository,
@@ -22,6 +22,9 @@ export type SystemConfig = {
      cronExpression: string;
      keepLastAmount: number;
    };
+    upload: {
+      maxAgeHours: number;
+    };
  };
  ffmpeg: {
    crf: number;
@@ -140,6 +143,7 @@ export type SystemConfig = {
    clusterNewFaces: boolean;
    generateMemories: boolean;
    syncQuotaUsage: boolean;
+    removeStaleUploads: boolean;
  };
  trash: {
    enabled: boolean;
@@ -198,6 +202,9 @@ export const defaults = Object.freeze<SystemConfig>({
      cronExpression: CronExpression.EVERY_DAY_AT_2AM,
      keepLastAmount: 14,
    },
+    upload: {
+      maxAgeHours: 72,
+    },
  },
  ffmpeg: {
    crf: 23,
@@ -346,6 +353,7 @@ export const defaults = Object.freeze<SystemConfig>({
    syncQuotaUsage: true,
    missingThumbnails: true,
    clusterNewFaces: true,
+    removeStaleUploads: true,
  },
  trash: {
    enabled: true,
@@ -4,6 +4,8 @@ import { dirname, join } from 'node:path';
 import { SemVer } from 'semver';
 import { ApiTag, AudioCodec, DatabaseExtension, ExifOrientation, VectorIndex } from 'src/enum';

+export const IMMICH_SERVER_START = 'Immich Server is listening';
+
 export const ErrorMessages = {
  InconsistentMediaLocation:
    'Detected an inconsistent media location. For more information, see https://docs.immich.app/errors#inconsistent-media-location',
@@ -0,0 +1,445 @@
+import { createHash, randomUUID } from 'node:crypto';
+import { AssetUploadController } from 'src/controllers/asset-upload.controller';
+import { AssetUploadService } from 'src/services/asset-upload.service';
+import { serializeDictionary } from 'structured-headers';
+import request from 'supertest';
+import { factory } from 'test/small.factory';
+import { ControllerContext, controllerSetup, mockBaseService } from 'test/utils';
+
+const makeAssetData = (overrides?: Partial<any>): string => {
+  return serializeDictionary({
+    filename: 'test-image.jpg',
+    'device-asset-id': 'test-asset-id',
+    'device-id': 'test-device',
+    'file-created-at': new Date('2025-01-02T00:00:00Z').toISOString(),
+    'file-modified-at': new Date('2025-01-01T00:00:00Z').toISOString(),
+    'is-favorite': false,
+    ...overrides,
+  });
+};
+
+describe(AssetUploadController.name, () => {
+  let ctx: ControllerContext;
+  let buffer: Buffer;
+  let checksum: string;
+  const service = mockBaseService(AssetUploadService);
+
+  beforeAll(async () => {
+    ctx = await controllerSetup(AssetUploadController, [{ provide: AssetUploadService, useValue: service }]);
+    return () => ctx.close();
+  });
+
+  beforeEach(() => {
+    service.resetAllMocks();
+    service.startUpload.mockImplementation((_, __, res, ___) => {
+      res.send();
+      return Promise.resolve();
+    });
+    service.resumeUpload.mockImplementation((_, __, res, ___, ____) => {
+      res.send();
+      return Promise.resolve();
+    });
+    service.cancelUpload.mockImplementation((_, __, res) => {
+      res.send();
+      return Promise.resolve();
+    });
+    service.getUploadStatus.mockImplementation((_, res, __, ___) => {
+      res.send();
+      return Promise.resolve();
+    });
+    ctx.reset();
+
+    buffer = Buffer.from(randomUUID());
+    checksum = `sha=:${createHash('sha1').update(buffer).digest('base64')}:`;
+  });
+
+  describe('POST /upload', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).post('/upload');
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it('should require at least version 3 of Upload-Draft-Interop-Version header if provided', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Upload-Draft-Interop-Version', '2')
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining(['version must not be less than 3']),
+        }),
+      );
+    });
+
+    it('should require X-Immich-Asset-Data header', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: 'x-immich-asset-data header is required' }));
+    });
+
+    it('should require Repr-Digest header', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: 'Missing repr-digest header' }));
+    });
+
+    it('should allow conventional upload without Upload-Complete header', async () => {
+      const { status } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Repr-Digest', checksum)
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(201);
+    });
+
+    it('should require Upload-Length header for incomplete upload', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?0')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: 'Missing upload-length header' }));
+    });
+
+    it('should infer upload length from content length if complete upload', async () => {
+      const { status } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .send(buffer);
+
+      expect(status).toBe(201);
+    });
+
+    it('should reject invalid Repr-Digest format', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', checksum)
+        .set('Repr-Digest', 'invalid-format')
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: 'Invalid repr-digest header' }));
+    });
+
+    it('should validate device-asset-id is required in asset data', async () => {
+      const assetData = serializeDictionary({
+        filename: 'test.jpg',
+        'device-id': 'test-device',
+        'file-created-at': new Date().toISOString(),
+        'file-modified-at': new Date().toISOString(),
+      });
+
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', assetData)
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining([expect.stringContaining('deviceAssetId')]),
+        }),
+      );
+    });
+
+    it('should validate device-id is required in asset data', async () => {
+      const assetData = serializeDictionary({
+        filename: 'test.jpg',
+        'device-asset-id': 'test-asset',
+        'file-created-at': new Date().toISOString(),
+        'file-modified-at': new Date().toISOString(),
+      });
+
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', assetData)
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining([expect.stringContaining('deviceId')]),
+        }),
+      );
+    });
+
+    it('should validate filename is required in asset data', async () => {
+      const assetData = serializeDictionary({
+        'device-asset-id': 'test-asset',
+        'device-id': 'test-device',
+        'file-created-at': new Date().toISOString(),
+        'file-modified-at': new Date().toISOString(),
+      });
+
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', assetData)
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining([expect.stringContaining('filename')]),
+        }),
+      );
+    });
+
+    it('should accept Upload-Incomplete header for version 3', async () => {
+      const { body, status } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '3')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Repr-Digest', checksum)
+        .set('Upload-Incomplete', '?0')
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(body).toEqual({});
+      expect(status).not.toBe(400);
+    });
+
+    it('should validate Upload-Complete is a boolean structured field', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', 'true')
+        .set('Upload-Length', '1024')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: 'upload-complete must be a structured boolean value' }));
+    });
+
+    it('should validate Upload-Length is a positive integer', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .post('/upload')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('X-Immich-Asset-Data', makeAssetData())
+        .set('Repr-Digest', checksum)
+        .set('Upload-Complete', '?1')
+        .set('Upload-Length', '-100')
+        .send(buffer);
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining(['uploadLength must not be less than 1']),
+        }),
+      );
+    });
+  });
+
+  describe('PATCH /upload/:id', () => {
+    const uploadId = factory.uuid();
+
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).patch(`/upload/${uploadId}`);
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it('should require Upload-Draft-Interop-Version header', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Offset', '0')
+        .set('Upload-Complete', '?1')
+        .send(Buffer.from('test'));
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining(['version must be an integer number', 'version must not be less than 3']),
+        }),
+      );
+    });
+
+    it('should require Upload-Offset header', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('Upload-Complete', '?1')
+        .send(Buffer.from('test'));
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining([
+            'uploadOffset must be an integer number',
+            'uploadOffset must not be less than 0',
+          ]),
+        }),
+      );
+    });
+
+    it('should require Upload-Complete header', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('Upload-Offset', '0')
+        .set('Content-Type', 'application/partial-upload')
+        .send(Buffer.from('test'));
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: ['uploadComplete must be a boolean value'] }));
+    });
+
+    it('should validate UUID parameter', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .patch('/upload/invalid-uuid')
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('Upload-Offset', '0')
+        .set('Upload-Complete', '?0')
+        .send(Buffer.from('test'));
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: ['id must be a UUID'] }));
+    });
+
+    it('should validate Upload-Offset is a non-negative integer', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Draft-Interop-Version', '8')
+        .set('Upload-Offset', '-50')
+        .set('Upload-Complete', '?0')
+        .send(Buffer.from('test'));
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining(['uploadOffset must not be less than 0']),
+        }),
+      );
+    });
+
+    it('should require Content-Type: application/partial-upload for version >= 6', async () => {
+      const { status, body } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Draft-Interop-Version', '6')
+        .set('Upload-Offset', '0')
+        .set('Upload-Complete', '?0')
+        .set('Content-Type', 'application/octet-stream')
+        .send(Buffer.from('test'));
+
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        expect.objectContaining({
+          message: ['contentType must be equal to application/partial-upload'],
+        }),
+      );
+    });
+
+    it('should allow other Content-Type for version < 6', async () => {
+      const { body } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Draft-Interop-Version', '3')
+        .set('Upload-Offset', '0')
+        .set('Upload-Incomplete', '?1')
+        .set('Content-Type', 'application/octet-stream')
+        .send();
+
+      // Will fail for other reasons, but not content-type validation
+      expect(body).not.toEqual(
+        expect.objectContaining({
+          message: expect.arrayContaining([expect.stringContaining('contentType')]),
+        }),
+      );
+    });
+
+    it('should accept Upload-Incomplete header for version 3', async () => {
+      const { status } = await request(ctx.getHttpServer())
+        .patch(`/upload/${uploadId}`)
+        .set('Upload-Draft-Interop-Version', '3')
+        .set('Upload-Offset', '0')
+        .set('Upload-Incomplete', '?1')
+        .send();
+
+      // Should not fail validation
+      expect(status).not.toBe(400);
+    });
+  });
+
+  describe('DELETE /upload/:id', () => {
+    const uploadId = factory.uuid();
+
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).delete(`/upload/${uploadId}`);
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it('should validate UUID parameter', async () => {
+      const { status, body } = await request(ctx.getHttpServer()).delete('/upload/invalid-uuid');
+
+      expect(status).toBe(400);
+      expect(body).toEqual(expect.objectContaining({ message: ['id must be a UUID'] }));
+    });
+  });
+
+  describe('HEAD /upload/:id', () => {
+    const uploadId = factory.uuid();
+
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).head(`/upload/${uploadId}`);
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it('should require Upload-Draft-Interop-Version header', async () => {
+      const { status } = await request(ctx.getHttpServer()).head(`/upload/${uploadId}`);
+
+      expect(status).toBe(400);
+    });
+
+    it('should validate UUID parameter', async () => {
+      const { status } = await request(ctx.getHttpServer())
+        .head('/upload/invalid-uuid')
+        .set('Upload-Draft-Interop-Version', '8');
+
+      expect(status).toBe(400);
+    });
+  });
+});
@@ -0,0 +1,108 @@
+import { Controller, Delete, Head, HttpCode, HttpStatus, Options, Param, Patch, Post, Req, Res } from '@nestjs/common';
+import { ApiHeader, ApiOkResponse, ApiTags } from '@nestjs/swagger';
+import { Request, Response } from 'express';
+import { GetUploadStatusDto, Header, ResumeUploadDto, StartUploadDto, UploadOkDto } from 'src/dtos/asset-upload.dto';
+import { AuthDto } from 'src/dtos/auth.dto';
+import { ImmichHeader, Permission } from 'src/enum';
+import { Auth, Authenticated } from 'src/middleware/auth.guard';
+import { AssetUploadService } from 'src/services/asset-upload.service';
+import { validateSyncOrReject } from 'src/utils/request';
+import { UUIDParamDto } from 'src/validation';
+
+const apiInteropVersion = {
+  name: Header.InteropVersion,
+  description: `Indicates the version of the RUFH protocol supported by the client.`,
+  required: true,
+};
+
+const apiUploadComplete = {
+  name: Header.UploadComplete,
+  description:
+    'Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.',
+  required: true,
+};
+
+const apiContentLength = {
+  name: Header.ContentLength,
+  description: 'Non-negative size of the request body in bytes.',
+  required: true,
+};
+
+// This is important to let go of the asset lock for an inactive request
+const SOCKET_TIMEOUT_MS = 30_000;
+
+@ApiTags('Upload')
+@Controller('upload')
+export class AssetUploadController {
+  constructor(private service: AssetUploadService) {}
+
+  @Post()
+  @Authenticated({ sharedLink: true, permission: Permission.AssetUpload })
+  @ApiHeader({
+    name: ImmichHeader.AssetData,
+    description: `RFC 9651 structured dictionary containing asset metadata with the following keys:
+- device-asset-id (string, required): Unique device asset identifier
+- device-id (string, required): Device identifier
+- file-created-at (string/date, required): ISO 8601 date string or Unix timestamp
+- file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp
+- filename (string, required): Original filename
+- is-favorite (boolean, optional): Favorite status
+- live-photo-video-id (string, optional): Live photo ID for assets from iOS devices
+- icloud-id (string, optional): iCloud identifier for assets from iOS devices`,
+    required: true,
+    example:
+      'device-asset-id="abc123", device-id="phone1", filename="photo.jpg", file-created-at="2024-01-01T00:00:00Z", file-modified-at="2024-01-01T00:00:00Z"',
+  })
+  @ApiHeader({
+    name: Header.ReprDigest,
+    description:
+      'RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.',
+    required: true,
+  })
+  @ApiHeader({ ...apiInteropVersion, required: false })
+  @ApiHeader({ ...apiUploadComplete, required: false })
+  @ApiHeader(apiContentLength)
+  @ApiOkResponse({ type: UploadOkDto })
+  startUpload(@Auth() auth: AuthDto, @Req() req: Request, @Res() res: Response): Promise<void> {
+    res.setTimeout(SOCKET_TIMEOUT_MS);
+    return this.service.startUpload(auth, req, res, validateSyncOrReject(StartUploadDto, req.headers));
+  }
+
+  @Patch(':id')
+  @Authenticated({ sharedLink: true, permission: Permission.AssetUpload })
+  @ApiHeader({
+    name: Header.UploadOffset,
+    description:
+      'Non-negative byte offset indicating the starting position of the data in the request body within the entire file.',
+    required: true,
+  })
+  @ApiHeader(apiInteropVersion)
+  @ApiHeader(apiUploadComplete)
+  @ApiHeader(apiContentLength)
+  @ApiOkResponse({ type: UploadOkDto })
+  resumeUpload(@Auth() auth: AuthDto, @Req() req: Request, @Res() res: Response, @Param() { id }: UUIDParamDto) {
+    res.setTimeout(SOCKET_TIMEOUT_MS);
+    return this.service.resumeUpload(auth, req, res, id, validateSyncOrReject(ResumeUploadDto, req.headers));
+  }
+
+  @Delete(':id')
+  @Authenticated({ sharedLink: true, permission: Permission.AssetUpload })
+  cancelUpload(@Auth() auth: AuthDto, @Res() res: Response, @Param() { id }: UUIDParamDto) {
+    res.setTimeout(SOCKET_TIMEOUT_MS);
+    return this.service.cancelUpload(auth, id, res);
+  }
+
+  @Head(':id')
+  @Authenticated({ sharedLink: true, permission: Permission.AssetUpload })
+  @ApiHeader(apiInteropVersion)
+  getUploadStatus(@Auth() auth: AuthDto, @Req() req: Request, @Res() res: Response, @Param() { id }: UUIDParamDto) {
+    res.setTimeout(SOCKET_TIMEOUT_MS);
+    return this.service.getUploadStatus(auth, res, id, validateSyncOrReject(GetUploadStatusDto, req.headers));
+  }
+
+  @Options()
+  @HttpCode(HttpStatus.NO_CONTENT)
+  getUploadOptions(@Res() res: Response) {
+    return this.service.getUploadOptions(res);
+  }
+}
@@ -0,0 +1,47 @@
+import { DuplicateController } from 'src/controllers/duplicate.controller';
+import { DuplicateService } from 'src/services/duplicate.service';
+import request from 'supertest';
+import { factory } from 'test/small.factory';
+import { ControllerContext, controllerSetup, mockBaseService } from 'test/utils';
+
+describe(DuplicateController.name, () => {
+  let ctx: ControllerContext;
+  const service = mockBaseService(DuplicateService);
+
+  beforeAll(async () => {
+    ctx = await controllerSetup(DuplicateController, [{ provide: DuplicateService, useValue: service }]);
+    return () => ctx.close();
+  });
+
+  beforeEach(() => {
+    service.resetAllMocks();
+    ctx.reset();
+  });
+
+  describe('GET /duplicates', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).get('/duplicates');
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+  });
+
+  describe('DELETE /duplicates', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).delete('/duplicates');
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+  });
+
+  describe('DELETE /duplicates/:id', () => {
+    it('should be an authenticated route', async () => {
+      await request(ctx.getHttpServer()).delete(`/duplicates/${factory.uuid()}`);
+      expect(ctx.authenticate).toHaveBeenCalled();
+    });
+
+    it('should require a valid uuid', async () => {
+      const { status, body } = await request(ctx.getHttpServer()).delete(`/duplicates/123`);
+      expect(status).toBe(400);
+      expect(body).toEqual(factory.responses.badRequest(['id must be a UUID']));
+    });
+  });
+});
@@ -1,9 +1,9 @@
-import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param } from '@nestjs/common';
+import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Post } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
 import { Endpoint, HistoryBuilder } from 'src/decorators';
-import { BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
+import { BulkIdResponseDto, BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { DuplicateResponseDto } from 'src/dtos/duplicate.dto';
+import { DuplicateResolveDto, DuplicateResponseDto } from 'src/dtos/duplicate.dto';
 import { ApiTag, Permission } from 'src/enum';
 import { Auth, Authenticated } from 'src/middleware/auth.guard';
 import { DuplicateService } from 'src/services/duplicate.service';
@@ -48,4 +48,16 @@ export class DuplicateController {
  deleteDuplicate(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<void> {
    return this.service.delete(auth, id);
  }
+
+  @Post('resolve')
+  @HttpCode(HttpStatus.OK)
+  @Authenticated({ permission: Permission.DuplicateDelete })
+  @Endpoint({
+    summary: 'Resolve duplicate groups',
+    description: 'Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.',
+    history: new HistoryBuilder().added('v3.0.0').alpha('v3.0.0'),
+  })
+  resolveDuplicates(@Auth() auth: AuthDto, @Body() dto: DuplicateResolveDto): Promise<BulkIdResponseDto[]> {
+    return this.service.resolve(auth, dto);
+  }
 }
@@ -3,6 +3,7 @@ import { AlbumController } from 'src/controllers/album.controller';
 import { ApiKeyController } from 'src/controllers/api-key.controller';
 import { AppController } from 'src/controllers/app.controller';
 import { AssetMediaController } from 'src/controllers/asset-media.controller';
+import { AssetUploadController } from 'src/controllers/asset-upload.controller';
 import { AssetController } from 'src/controllers/asset.controller';
 import { AuthAdminController } from 'src/controllers/auth-admin.controller';
 import { AuthController } from 'src/controllers/auth.controller';
@@ -45,6 +46,7 @@ export const controllers = [
  AppController,
  AssetController,
  AssetMediaController,
+  AssetUploadController,
  AuthController,
  AuthAdminController,
  DatabaseBackupController,
@@ -5,6 +5,7 @@ import {
  AssetFileType,
  AssetType,
  AssetVisibility,
+  ChecksumAlgorithm,
  MemoryType,
  Permission,
  PluginContext,
@@ -112,6 +113,7 @@ export type Memory = {
 export type Asset = {
  id: string;
  checksum: Buffer<ArrayBufferLike>;
+  checksumAlgorithm: ChecksumAlgorithm;
  deviceAssetId: string;
  deviceId: string;
  fileCreatedAt: Date;
@@ -330,6 +332,7 @@ export const columns = {
  asset: [
    'asset.id',
    'asset.checksum',
+    'asset.checksumAlgorithm',
    'asset.deviceAssetId',
    'asset.deviceId',
    'asset.fileCreatedAt',
@@ -345,6 +348,7 @@ export const columns = {
    'asset.type',
    'asset.width',
    'asset.height',
+    'asset.isEdited',
  ],
  assetFiles: ['asset_file.id', 'asset_file.path', 'asset_file.type', 'asset_file.isEdited'],
  assetFilesForThumbnail: [
@@ -23,6 +23,7 @@ export enum BulkIdErrorReason {
  NO_PERMISSION = 'no_permission',
  NOT_FOUND = 'not_found',
  UNKNOWN = 'unknown',
+  VALIDATION = 'validation',
 }

 export class BulkIdsDto {
@@ -37,4 +38,5 @@ export class BulkIdResponseDto {
  success!: boolean;
  @ApiPropertyOptional({ description: 'Error reason if failed', enum: BulkIdErrorReason })
  error?: BulkIdErrorReason;
+  errorMessage?: string;
 }
@@ -13,7 +13,7 @@ import {
 } from 'src/dtos/person.dto';
 import { TagResponseDto, mapTag } from 'src/dtos/tag.dto';
 import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
-import { AssetStatus, AssetType, AssetVisibility } from 'src/enum';
+import { AssetStatus, AssetType, AssetVisibility, ChecksumAlgorithm } from 'src/enum';
 import { ImageDimensions, MaybeDehydrated } from 'src/types';
 import { getDimensions } from 'src/utils/asset.util';
 import { hexOrBufferToBase64 } from 'src/utils/bytes';
@@ -148,6 +148,7 @@ export type MapAsset = {
  updateId: string;
  status: AssetStatus;
  checksum: Buffer<ArrayBufferLike>;
+  checksumAlgorithm: ChecksumAlgorithm;
  deviceAssetId: string;
  deviceId: string;
  duplicateId: string | null;
@@ -0,0 +1,196 @@
+import { BadRequestException } from '@nestjs/common';
+import { ApiProperty } from '@nestjs/swagger';
+import { Expose, plainToInstance, Transform, Type } from 'class-transformer';
+import { Equals, IsBoolean, IsInt, IsNotEmpty, IsString, Min, ValidateIf, ValidateNested } from 'class-validator';
+import { ImmichHeader } from 'src/enum';
+import { Optional, ValidateBoolean, ValidateDate } from 'src/validation';
+import { parseDictionary } from 'structured-headers';
+
+export enum Header {
+  ContentLength = 'content-length',
+  ContentType = 'content-type',
+  InteropVersion = 'upload-draft-interop-version',
+  ReprDigest = 'repr-digest',
+  UploadComplete = 'upload-complete',
+  UploadIncomplete = 'upload-incomplete',
+  UploadLength = 'upload-length',
+  UploadOffset = 'upload-offset',
+}
+
+export class UploadAssetDataDto {
+  @IsNotEmpty()
+  @IsString()
+  deviceAssetId!: string;
+
+  @IsNotEmpty()
+  @IsString()
+  deviceId!: string;
+
+  @ValidateDate()
+  fileCreatedAt!: Date;
+
+  @ValidateDate()
+  fileModifiedAt!: Date;
+
+  @IsString()
+  @IsNotEmpty()
+  filename!: string;
+
+  @ValidateBoolean({ optional: true })
+  isFavorite?: boolean;
+
+  @Optional()
+  @IsString()
+  @IsNotEmpty()
+  livePhotoVideoId?: string;
+
+  @Optional()
+  @IsString()
+  @IsNotEmpty()
+  iCloudId!: string;
+}
+
+export class BaseUploadHeadersDto {
+  @Expose({ name: Header.ContentLength })
+  @Min(0)
+  @IsInt()
+  @Type(() => Number)
+  contentLength!: number;
+}
+
+export class StartUploadDto extends BaseUploadHeadersDto {
+  @Expose({ name: Header.InteropVersion })
+  @Optional()
+  @Min(3)
+  @IsInt()
+  @Type(() => Number)
+  version?: number;
+
+  @Expose({ name: ImmichHeader.AssetData })
+  @ValidateNested()
+  @Transform(({ value }) => {
+    if (!value) {
+      throw new BadRequestException(`${ImmichHeader.AssetData} header is required`);
+    }
+
+    try {
+      const dict = parseDictionary(value);
+      return plainToInstance(UploadAssetDataDto, {
+        deviceAssetId: dict.get('device-asset-id')?.[0],
+        deviceId: dict.get('device-id')?.[0],
+        filename: dict.get('filename')?.[0],
+        duration: dict.get('duration')?.[0],
+        fileCreatedAt: dict.get('file-created-at')?.[0],
+        fileModifiedAt: dict.get('file-modified-at')?.[0],
+        isFavorite: dict.get('is-favorite')?.[0],
+        livePhotoVideoId: dict.get('live-photo-video-id')?.[0],
+        iCloudId: dict.get('icloud-id')?.[0],
+      });
+    } catch {
+      throw new BadRequestException(`${ImmichHeader.AssetData} must be a valid structured dictionary`);
+    }
+  })
+  assetData!: UploadAssetDataDto;
+
+  @Expose({ name: Header.ReprDigest })
+  @Transform(({ value }) => {
+    if (!value) {
+      throw new BadRequestException(`Missing ${Header.ReprDigest} header`);
+    }
+
+    const checksum = parseDictionary(value).get('sha')?.[0];
+    if (checksum instanceof ArrayBuffer && checksum.byteLength === 20) {
+      return Buffer.from(checksum);
+    }
+    throw new BadRequestException(`Invalid ${Header.ReprDigest} header`);
+  })
+  checksum!: Buffer;
+
+  @Expose()
+  @Min(1)
+  @IsInt()
+  @Transform(({ obj }) => {
+    const uploadLength = obj[Header.UploadLength];
+    if (uploadLength != undefined) {
+      return Number(uploadLength);
+    }
+
+    const contentLength = obj[Header.ContentLength];
+    if (contentLength && isUploadComplete(obj) !== false) {
+      return Number(contentLength);
+    }
+    throw new BadRequestException(`Missing ${Header.UploadLength} header`);
+  })
+  uploadLength!: number;
+
+  @Expose()
+  @Transform(({ obj }) => isUploadComplete(obj))
+  uploadComplete?: boolean;
+}
+
+export class ResumeUploadDto extends BaseUploadHeadersDto {
+  @Expose({ name: Header.InteropVersion })
+  @Min(3)
+  @IsInt()
+  @Type(() => Number)
+  version!: number;
+
+  @Expose({ name: Header.ContentType })
+  @ValidateIf((o) => o.version && o.version >= 6)
+  @Equals('application/partial-upload')
+  contentType!: string;
+
+  @Expose({ name: Header.UploadLength })
+  @Min(1)
+  @IsInt()
+  @Type(() => Number)
+  @Optional()
+  uploadLength?: number;
+
+  @Expose({ name: Header.UploadOffset })
+  @Min(0)
+  @IsInt()
+  @Type(() => Number)
+  uploadOffset!: number;
+
+  @Expose()
+  @IsBoolean()
+  @Transform(({ obj }) => isUploadComplete(obj))
+  uploadComplete!: boolean;
+}
+
+export class GetUploadStatusDto {
+  @Expose({ name: Header.InteropVersion })
+  @Min(3)
+  @IsInt()
+  @Type(() => Number)
+  version!: number;
+}
+
+export class UploadOkDto {
+  @ApiProperty()
+  id!: string;
+}
+
+const STRUCTURED_TRUE = '?1';
+const STRUCTURED_FALSE = '?0';
+
+function isUploadComplete(obj: any) {
+  const uploadComplete = obj[Header.UploadComplete];
+  if (uploadComplete === STRUCTURED_TRUE) {
+    return true;
+  } else if (uploadComplete === STRUCTURED_FALSE) {
+    return false;
+  } else if (uploadComplete !== undefined) {
+    throw new BadRequestException('upload-complete must be a structured boolean value');
+  }
+
+  const uploadIncomplete = obj[Header.UploadIncomplete];
+  if (uploadIncomplete === STRUCTURED_TRUE) {
+    return false;
+  } else if (uploadIncomplete === STRUCTURED_FALSE) {
+    return true;
+  } else if (uploadIncomplete !== undefined) {
+    throw new BadRequestException('upload-incomplete must be a structured boolean value');
+  }
+}
@@ -1,9 +1,35 @@
 import { ApiProperty } from '@nestjs/swagger';
+import { Type } from 'class-transformer';
+import { ArrayMinSize, IsArray, ValidateNested } from 'class-validator';
 import { AssetResponseDto } from 'src/dtos/asset-response.dto';
+import { ValidateUUID } from 'src/validation';

 export class DuplicateResponseDto {
  @ApiProperty({ description: 'Duplicate group ID' })
  duplicateId!: string;
  @ApiProperty({ description: 'Duplicate assets' })
  assets!: AssetResponseDto[];
+
+  @ValidateUUID({ each: true, description: 'Suggested asset IDs to keep based on file size and EXIF data' })
+  suggestedKeepAssetIds!: string[];
+}
+
+export class DuplicateResolveGroupDto {
+  @ValidateUUID()
+  duplicateId!: string;
+
+  @ValidateUUID({ each: true, description: 'Asset IDs to keep' })
+  keepAssetIds!: string[];
+
+  @ValidateUUID({ each: true, description: 'Asset IDs to trash or delete' })
+  trashAssetIds!: string[];
+}
+
+export class DuplicateResolveDto {
+  @ApiProperty({ description: 'List of duplicate groups to resolve' })
+  @ValidateNested({ each: true })
+  @IsArray()
+  @Type(() => DuplicateResolveGroupDto)
+  @ArrayMinSize(1)
+  groups!: DuplicateResolveGroupDto[];
 }
@@ -42,6 +42,10 @@ export class EnvDto {
  @Optional()
  IMMICH_CONFIG_FILE?: string;

+  @IsString()
+  @Optional()
+  IMMICH_HELMET_FILE?: string;
+
  @IsEnum(ImmichEnvironment)
  @Optional()
  IMMICH_ENV?: ImmichEnvironment;
@@ -146,7 +146,7 @@ export class RandomSearchDto extends BaseSearchWithResultsDto {
  @ValidateBoolean({ optional: true, description: 'Include stacked assets' })
  withStacked?: boolean;

-  @ValidateBoolean({ optional: true, description: 'Include assets with people' })
+  @ValidateBoolean({ optional: true, description: 'Include people data in response' })
  withPeople?: boolean;
 }

@@ -57,11 +57,23 @@ export class DatabaseBackupConfig {
  keepLastAmount!: number;
 }

+export class UploadBackupConfig {
+  @IsInt()
+  @IsPositive()
+  @IsNotEmpty()
+  maxAgeHours!: number;
+}
+
 export class SystemConfigBackupsDto {
  @Type(() => DatabaseBackupConfig)
  @ValidateNested()
  @IsObject()
  database!: DatabaseBackupConfig;
+
+  @Type(() => UploadBackupConfig)
+  @ValidateNested()
+  @IsObject()
+  upload!: UploadBackupConfig;
 }

 export class SystemConfigFFmpegDto {
@@ -387,6 +399,9 @@ class SystemConfigNightlyTasksDto {

  @ValidateBoolean({ description: 'Sync quota usage' })
  syncQuotaUsage!: boolean;
+
+  @ValidateBoolean()
+  removeStaleUploads!: boolean;
 }

 class SystemConfigOAuthDto {
@@ -21,6 +21,7 @@ export enum ImmichHeader {
  SharedLinkSlug = 'x-immich-share-slug',
  Checksum = 'x-immich-checksum',
  Cid = 'x-immich-cid',
+  AssetData = 'x-immich-asset-data',
 }

 export enum ImmichQuery {
@@ -37,6 +38,11 @@ export enum AssetType {
  Other = 'OTHER',
 }

+export enum ChecksumAlgorithm {
+  sha1File = 'sha1', // sha1 checksum of the whole file contents
+  sha1Path = 'sha1-path', // sha1 checksum of "path:" plus the file path, currently used in external libraries, deprecated
+}
+
 export enum AssetFileType {
  /**
   * An full/large-size image extracted/converted from RAW photos
@@ -353,6 +359,7 @@ export enum AssetStatus {
  Active = 'active',
  Trashed = 'trashed',
  Deleted = 'deleted',
+  Partial = 'partial',
 }

 export enum SourceType {
@@ -549,6 +556,7 @@ export enum BootstrapEventPriority {
  JobService = -190,
  // Initialise config after other bootstrap services, stop other services from using config on bootstrap
  SystemConfig = 100,
+  UploadService = 200,
 }

 export enum QueueName {
@@ -597,6 +605,8 @@ export enum JobName {
  AssetFileMigration = 'AssetFileMigration',
  AssetGenerateThumbnailsQueueAll = 'AssetGenerateThumbnailsQueueAll',
  AssetGenerateThumbnails = 'AssetGenerateThumbnails',
+  PartialAssetCleanup = 'PartialAssetCleanup',
+  PartialAssetCleanupQueueAll = 'PartialAssetCleanupQueueAll',

  AuditLogCleanup = 'AuditLogCleanup',
  AuditTableCleanup = 'AuditTableCleanup',
@@ -1,6 +1,7 @@
 import { Injectable } from '@nestjs/common';
 import { fork } from 'node:child_process';
 import { dirname, join } from 'node:path';
+import { IMMICH_SERVER_START } from 'src/constants';

@Injectable()
 export class MaintenanceHealthRepository {
@@ -20,45 +21,27 @@ export class MaintenanceHealthRepository {
        stdio: ['ignore', 'pipe', 'ignore', 'ipc'],
      });

-      async function checkHealth() {
-        try {
-          const response = await fetch('http://127.0.0.1:33001/api/server/config');
-          const { isOnboarded } = await response.json();
-          if (isOnboarded) {
-            resolve();
-          } else {
-            reject(new Error('Server health check failed, no admin exists.'));
-          }
-        } catch (error) {
-          reject(error);
-        } finally {
-          if (worker.exitCode === null) {
-            worker.kill('SIGTERM');
-          }
-        }
-      }
-
-      let output = '',
-        alive = false;
+      let output = '';

      worker.stdout?.on('data', (data) => {
-        if (alive) {
+        if (worker.exitCode !== null) {
          return;
        }

        output += data;

-        if (output.includes('Immich Server is listening')) {
-          alive = true;
-          void checkHealth();
+        if (output.includes(IMMICH_SERVER_START)) {
+          resolve();
+          worker.kill('SIGTERM');
        }
      });

-      worker.on('exit', reject);
-      worker.on('error', reject);
+      worker.on('exit', (code, signal) => reject(`Server health check failed, server exited with ${signal ?? code}`));
+      worker.on('error', (error) => reject(`Server health check failed, process threw: ${error}`));

      setTimeout(() => {
        if (worker.exitCode === null) {
+          reject('Server health check failed, took too long to start.');
          worker.kill('SIGTERM');
        }
      }, 20_000);
@@ -160,6 +160,16 @@ where
  "session"."userId" = $1
  and "session"."id" in ($2)

+-- AccessRepository.duplicate.checkOwnerAccess
+select
+  "asset"."duplicateId"
+from
+  "asset"
+where
+  "asset"."duplicateId" in ($1)
+  and "asset"."ownerId" = $2
+  and "asset"."deletedAt" is null
+
 -- AccessRepository.memory.checkOwnerAccess
 select
  "memory"."id"
@@ -164,6 +164,28 @@ order by
  "album"."createdAt" desc,
  "album"."createdAt" desc

+-- AlbumRepository.getByAssetIds
+select
+  "album"."id",
+  "album_asset"."assetId"
+from
+  "album"
+  inner join "album_asset" on "album_asset"."albumId" = "album"."id"
+where
+  (
+    "album"."ownerId" = $1
+    or exists (
+      select
+      from
+        "album_user"
+      where
+        "album_user"."albumId" = "album"."id"
+        and "album_user"."userId" = $2
+    )
+  )
+  and "album_asset"."assetId" in ($3)
+  and "album"."deletedAt" is null
+
 -- AlbumRepository.getMetadataForIds
 select
  "album_asset"."albumId" as "albumId",
@@ -14,6 +14,7 @@ from
  left join "smart_search" on "asset"."id" = "smart_search"."assetId"
 where
  "asset"."id" = $1::uuid
+  and "asset"."status" != 'partial'
 limit
  $2

@@ -44,6 +45,7 @@ from
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
  "asset"."id" = $2::uuid
+  and "asset"."status" != 'partial'
 limit
  $3

@@ -72,6 +74,7 @@ from
  "asset"
 where
  "asset"."id" = $2::uuid
+  and "asset"."status" != 'partial'
 limit
  $3

@@ -83,7 +86,8 @@ from
  "asset"
  inner join "asset_job_status" on "asset_job_status"."assetId" = "asset"."id"
 where
-  "asset"."deletedAt" is null
+  "asset"."status" != 'partial'
+  and "asset"."deletedAt" is null
  and "asset"."visibility" != 'hidden'
  and (
    not exists (
@@ -195,6 +199,7 @@ from
  "asset"
 where
  "asset"."id" = $1
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getForGenerateThumbnailJob
 select
@@ -244,11 +249,13 @@ from
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
  "asset"."id" = $4
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getForMetadataExtraction
 select
  "asset"."id",
  "asset"."checksum",
+  "asset"."checksumAlgorithm",
  "asset"."deviceAssetId",
  "asset"."deviceId",
  "asset"."fileCreatedAt",
@@ -264,6 +271,7 @@ select
  "asset"."type",
  "asset"."width",
  "asset"."height",
+  "asset"."isEdited",
  (
    select
      coalesce(json_agg(agg), '[]')
@@ -300,14 +308,17 @@ from
  "asset"
 where
  "asset"."id" = $3
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getLockedPropertiesForMetadataExtraction
 select
  "asset_exif"."lockedProperties"
 from
  "asset_exif"
+  inner join "asset" on "asset"."id" = "asset_exif"."assetId"
 where
  "asset_exif"."assetId" = $1
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getAlbumThumbnailFiles
 select
@@ -317,8 +328,10 @@ select
  "asset_file"."isEdited"
 from
  "asset_file"
+  inner join "asset" on "asset"."id" = "asset_file"."assetId"
 where
  "asset_file"."assetId" = $1
+  and "asset"."status" != 'partial'
  and "asset_file"."type" = $2

 -- AssetJobRepository.streamForSearchDuplicates
@@ -329,7 +342,8 @@ from
  inner join "smart_search" on "asset"."id" = "smart_search"."assetId"
  inner join "asset_job_status" as "job_status" on "job_status"."assetId" = "asset"."id"
 where
-  "asset"."deletedAt" is null
+  "asset"."status" != 'partial'
+  and "asset"."deletedAt" is null
  and "asset"."visibility" in ('archive', 'timeline')
  and "job_status"."duplicatesDetectedAt" is null

@@ -341,6 +355,7 @@ from
  inner join "asset_job_status" as "job_status" on "assetId" = "asset"."id"
 where
  "asset"."visibility" != $1
+  and "asset"."status" != 'partial'
  and "asset"."deletedAt" is null
  and exists (
    select
@@ -383,6 +398,7 @@ from
  "asset"
 where
  "asset"."id" = $2
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getForDetectFacesJob
 select
@@ -424,6 +440,7 @@ from
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
  "asset"."id" = $2
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getForOcr
 select
@@ -441,6 +458,7 @@ from
  "asset"
 where
  "asset"."id" = $2
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getForSyncAssets
 select
@@ -454,6 +472,7 @@ from
  "asset"
 where
  "asset"."id" = any ($1::uuid[])
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.getForAssetDeletion
 select
@@ -512,6 +531,7 @@ from
  ) as "stack_result" on true
 where
  "asset"."id" = $3
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.streamForVideoConversion
 select
@@ -530,6 +550,7 @@ where
      and "asset_file"."type" = 'encoded_video'
  )
  and "asset"."visibility" != 'hidden'
+  and "asset"."status" != 'partial'
  and "asset"."deletedAt" is null

 -- AssetJobRepository.getForVideoConversion
@@ -558,6 +579,7 @@ from
 where
  "asset"."id" = $1
  and "asset"."type" = 'VIDEO'
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.streamForMetadataExtraction
 select
@@ -570,6 +592,7 @@ where
    "asset_job_status"."metadataExtractedAt" is null
    or "asset_job_status"."assetId" is null
  )
+  and "asset"."status" != 'partial'
  and "asset"."deletedAt" is null

 -- AssetJobRepository.getForStorageTemplateJob
@@ -610,7 +633,8 @@ from
  "asset"
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."deletedAt" is null
+  "asset"."status" != 'partial'
+  and "asset"."deletedAt" is null
  and "asset"."id" = $2
  and "asset"."visibility" != $3

@@ -652,7 +676,8 @@ from
  "asset"
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."deletedAt" is null
+  "asset"."status" != 'partial'
+  and "asset"."deletedAt" is null
  and "asset"."visibility" != $2

 -- AssetJobRepository.streamForDeletedJob
@@ -663,6 +688,7 @@ from
  "asset"
 where
  "asset"."deletedAt" <= $1
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.streamForSidecar
 select
@@ -679,6 +705,7 @@ where
      "asset_file"."assetId" = "asset"."id"
      and "asset_file"."type" = $1
  )
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.streamForDetectFacesJob
 select
@@ -688,6 +715,7 @@ from
  inner join "asset_job_status" as "job_status" on "assetId" = "asset"."id"
 where
  "asset"."visibility" != $1
+  and "asset"."status" != 'partial'
  and "asset"."deletedAt" is null
  and exists (
    select
@@ -697,6 +725,7 @@ where
      "assetId" = "asset"."id"
      and "asset_file"."type" = $2
  )
+  and "asset"."status" != 'partial'
 order by
  "asset"."fileCreatedAt" desc

@@ -710,6 +739,7 @@ where
  "asset_job_status"."ocrAt" is null
  and "asset"."deletedAt" is null
  and "asset"."visibility" != $1
+  and "asset"."status" != 'partial'

 -- AssetJobRepository.streamForMigrationJob
 select
@@ -717,4 +747,14 @@ select
 from
  "asset"
 where
-  "asset"."deletedAt" is null
+  "asset"."status" != 'partial'
+  and "asset"."deletedAt" is null
+
+-- AssetJobRepository.streamForPartialAssetCleanupJob
+select
+  "id"
+from
+  "asset"
+where
+  "asset"."status" = 'partial'
+  and "asset"."createdAt" < $1
@@ -101,6 +101,87 @@ where
  and "key" = $2
 commit

+-- AssetRepository.getCompletionMetadata
+select
+  "originalPath" as "path",
+  "status",
+  "fileModifiedAt",
+  "createdAt",
+  "checksum",
+  "fileSizeInByte" as "size"
+from
+  "asset"
+  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
+where
+  "id" = $1
+  and "ownerId" = $2
+
+-- AssetRepository.setComplete
+with
+  "completed_asset" as (
+    update "asset" as "complete_asset"
+    set
+      "status" = 'active',
+      "visibility" = case
+        when (
+          "complete_asset"."type" = 'VIDEO'
+          and exists (
+            select
+            from
+              "asset"
+            where
+              "complete_asset"."id" = "asset"."livePhotoVideoId"
+          )
+        ) then 'hidden'::asset_visibility_enum
+        else 'timeline'::asset_visibility_enum
+      end
+    where
+      "id" = $1
+      and "status" = 'partial'
+    returning
+      *
+  ),
+  "shared_link" as (
+    insert into
+      "album_asset" ("albumId", "assetId")
+    select
+      $2 as "albumId",
+      "completed_asset"."id"
+    from
+      "completed_asset"
+    on conflict do nothing
+  )
+select
+  *
+from
+  "completed_asset"
+
+-- AssetRepository.removeAndDecrementQuota
+with
+  "asset_exif" as (
+    select
+      "fileSizeInByte"
+    from
+      "asset_exif"
+    where
+      "assetId" = $1
+  ),
+  "asset" as (
+    delete from "asset"
+    where
+      "id" = $2
+    returning
+      "ownerId"
+  )
+update "user"
+set
+  "quotaUsageInBytes" = "quotaUsageInBytes" - "fileSizeInByte"
+from
+  "asset_exif",
+  "asset"
+where
+  "user"."id" = "asset"."ownerId"
+
 -- AssetRepository.getByDayOfYear
 with
  "res" as (
@@ -341,7 +422,9 @@ where

 -- AssetRepository.getUploadAssetIdByChecksum
 select
-  "id"
+  "id",
+  "status",
+  "createdAt"
 from
  "asset"
 where
@@ -15,7 +15,26 @@ with
      inner join lateral (
        select
          "asset".*,
-          "asset_exif" as "exifInfo"
+          to_json("asset_exif") as "exifInfo",
+          (
+            select
+              coalesce(json_agg(agg), '[]')
+            from
+              (
+                select
+                  "tag"."id",
+                  "tag"."value",
+                  "tag"."createdAt",
+                  "tag"."updatedAt",
+                  "tag"."color",
+                  "tag"."parentId"
+                from
+                  "tag"
+                  inner join "tag_asset" on "tag"."id" = "tag_asset"."tagId"
+                where
+                  "tag_asset"."assetId" = "asset"."id"
+              ) as agg
+          ) as "tags"
        from
          "asset_exif"
        where
@@ -29,36 +48,84 @@ with
      and "asset"."stackId" is null
    group by
      "asset"."duplicateId"
-  ),
-  "unique" as (
-    select
-      "duplicateId"
-    from
-      "duplicates"
-    where
-      json_array_length("assets") = $2
-  ),
-  "removed_unique" as (
-    update "asset"
-    set
-      "duplicateId" = $3
-    from
-      "unique"
-    where
-      "asset"."duplicateId" = "unique"."duplicateId"
  )
 select
  *
 from
  "duplicates"
 where
-  not exists (
+  json_array_length("assets") > $2
+
+-- DuplicateRepository.cleanupSingletonGroups
+with
+  "singletons" as (
    select
+      "duplicateId"
    from
-      "unique"
+      "asset"
    where
-      "unique"."duplicateId" = "duplicates"."duplicateId"
+      "ownerId" = $1::uuid
+      and "duplicateId" is not null
+      and "deletedAt" is null
+      and "stackId" is null
+    group by
+      "duplicateId"
+    having
+      count("id") = $2
  )
+update "asset"
+set
+  "duplicateId" = $3
+from
+  "singletons"
+where
+  "asset"."duplicateId" = "singletons"."duplicateId"
+
+-- DuplicateRepository.get
+select
+  "asset"."duplicateId",
+  json_agg(
+    "asset2"
+    order by
+      "asset"."localDateTime" asc
+  ) as "assets"
+from
+  "asset"
+  inner join lateral (
+    select
+      "asset".*,
+      to_json("asset_exif") as "exifInfo",
+      (
+        select
+          coalesce(json_agg(agg), '[]')
+        from
+          (
+            select
+              "tag"."id",
+              "tag"."value",
+              "tag"."createdAt",
+              "tag"."updatedAt",
+              "tag"."color",
+              "tag"."parentId"
+            from
+              "tag"
+              inner join "tag_asset" on "tag"."id" = "tag_asset"."tagId"
+            where
+              "tag_asset"."assetId" = "asset"."id"
+          ) as agg
+      ) as "tags"
+    from
+      "asset_exif"
+    where
+      "asset_exif"."assetId" = "asset"."id"
+  ) as "asset2" on true
+where
+  "asset"."visibility" in ('archive', 'timeline')
+  and "asset"."duplicateId" = $1::uuid
+  and "asset"."deletedAt" is null
+  and "asset"."stackId" is null
+group by
+  "asset"."duplicateId"

 -- DuplicateRepository.delete
 update "asset"
@@ -228,12 +228,12 @@ select
 from
  "asset_face"
  left join "asset" on "asset"."id" = "asset_face"."assetId"
-  and "asset_face"."personId" = $1
  and "asset"."visibility" = 'timeline'
  and "asset"."deletedAt" is null
 where
  "asset_face"."deletedAt" is null
  and "asset_face"."isVisible" is true
+  and "asset_face"."personId" = $1

 -- PersonRepository.getNumberOfPeople
 select
@@ -254,6 +254,7 @@ where
  and "visibility" = $2
  and "deletedAt" is null
  and "state" is not null
+  and "state" != $3

 -- SearchRepository.getCities
 select distinct
@@ -266,6 +267,7 @@ where
  and "visibility" = $2
  and "deletedAt" is null
  and "city" is not null
+  and "city" != $3

 -- SearchRepository.getCameraMakes
 select distinct
@@ -278,6 +280,7 @@ where
  and "visibility" = $2
  and "deletedAt" is null
  and "make" is not null
+  and "make" != $3

 -- SearchRepository.getCameraModels
 select distinct
@@ -290,6 +293,7 @@ where
  and "visibility" = $2
  and "deletedAt" is null
  and "model" is not null
+  and "model" != $3

 -- SearchRepository.getCameraLensModels
 select distinct
@@ -302,3 +306,4 @@ where
  and "visibility" = $2
  and "deletedAt" is null
  and "lensModel" is not null
+  and "lensModel" != $3
@@ -3,37 +3,64 @@
 -- SharedLinkRepository.get
 select
  "shared_link".*,
-  coalesce(
-    json_agg("a") filter (
-      where
-        "a"."id" is not null
-    ),
-    '[]'
+  (
+    select
+      coalesce(json_agg(agg), '[]')
+    from
+      (
+        select
+          "asset".*,
+          to_json("exifInfo") as "exifInfo"
+        from
+          "shared_link_asset"
+          inner join "asset" on "asset"."id" = "shared_link_asset"."assetId"
+          inner join lateral (
+            select
+              "asset_exif"."assetId",
+              "asset_exif"."autoStackId",
+              "asset_exif"."bitsPerSample",
+              "asset_exif"."city",
+              "asset_exif"."colorspace",
+              "asset_exif"."country",
+              "asset_exif"."dateTimeOriginal",
+              "asset_exif"."description",
+              "asset_exif"."exifImageHeight",
+              "asset_exif"."exifImageWidth",
+              "asset_exif"."exposureTime",
+              "asset_exif"."fileSizeInByte",
+              "asset_exif"."fNumber",
+              "asset_exif"."focalLength",
+              "asset_exif"."fps",
+              "asset_exif"."iso",
+              "asset_exif"."latitude",
+              "asset_exif"."lensModel",
+              "asset_exif"."livePhotoCID",
+              "asset_exif"."longitude",
+              "asset_exif"."make",
+              "asset_exif"."model",
+              "asset_exif"."modifyDate",
+              "asset_exif"."orientation",
+              "asset_exif"."profileDescription",
+              "asset_exif"."projectionType",
+              "asset_exif"."rating",
+              "asset_exif"."state",
+              "asset_exif"."tags",
+              "asset_exif"."timeZone"
+            from
+              "asset_exif"
+            where
+              "asset_exif"."assetId" = "asset"."id"
+          ) as "exifInfo" on true
+        where
+          "shared_link"."id" = "shared_link_asset"."sharedLinkId"
+          and "asset"."deletedAt" is null
+        order by
+          "asset"."fileCreatedAt" asc
+      ) as agg
  ) as "assets",
  to_json("album") as "album"
 from
  "shared_link"
-  left join lateral (
-    select
-      "asset".*,
-      to_json("exifInfo") as "exifInfo"
-    from
-      "shared_link_asset"
-      inner join "asset" on "asset"."id" = "shared_link_asset"."assetId"
-      inner join lateral (
-        select
-          "asset_exif".*
-        from
-          "asset_exif"
-        where
-          "asset_exif"."assetId" = "asset"."id"
-      ) as "exifInfo" on true
-    where
-      "shared_link"."id" = "shared_link_asset"."sharedLinkId"
-      and "asset"."deletedAt" is null
-    order by
-      "asset"."fileCreatedAt" asc
-  ) as "a" on true
  left join lateral (
    select
      "album".*,
@@ -60,7 +87,36 @@ from
          "asset"
          inner join lateral (
            select
-              "asset_exif".*
+              "asset_exif"."assetId",
+              "asset_exif"."autoStackId",
+              "asset_exif"."bitsPerSample",
+              "asset_exif"."city",
+              "asset_exif"."colorspace",
+              "asset_exif"."country",
+              "asset_exif"."dateTimeOriginal",
+              "asset_exif"."description",
+              "asset_exif"."exifImageHeight",
+              "asset_exif"."exifImageWidth",
+              "asset_exif"."exposureTime",
+              "asset_exif"."fileSizeInByte",
+              "asset_exif"."fNumber",
+              "asset_exif"."focalLength",
+              "asset_exif"."fps",
+              "asset_exif"."iso",
+              "asset_exif"."latitude",
+              "asset_exif"."lensModel",
+              "asset_exif"."livePhotoCID",
+              "asset_exif"."longitude",
+              "asset_exif"."make",
+              "asset_exif"."model",
+              "asset_exif"."modifyDate",
+              "asset_exif"."orientation",
+              "asset_exif"."profileDescription",
+              "asset_exif"."projectionType",
+              "asset_exif"."rating",
+              "asset_exif"."state",
+              "asset_exif"."tags",
+              "asset_exif"."timeZone"
            from
              "asset_exif"
            where
@@ -74,7 +130,12 @@ from
      ) as "assets" on true
      inner join lateral (
        select
-          "user".*
+          "id",
+          "name",
+          "email",
+          "avatarColor",
+          "profileImagePath",
+          "profileChangedAt"
        from
          "user"
        where
@@ -95,9 +156,6 @@ where
    "shared_link"."type" = $3
    or "album"."id" is not null
  )
-group by
-  "shared_link"."id",
-  "album".*
 order by
  "shared_link"."createdAt" desc

@@ -134,21 +192,12 @@ from
      "album"
      inner join lateral (
        select
-          "user"."id",
-          "user"."email",
-          "user"."createdAt",
-          "user"."profileImagePath",
-          "user"."isAdmin",
-          "user"."shouldChangePassword",
-          "user"."deletedAt",
-          "user"."oauthId",
-          "user"."updatedAt",
-          "user"."storageLabel",
-          "user"."name",
-          "user"."quotaSizeInBytes",
-          "user"."quotaUsageInBytes",
-          "user"."status",
-          "user"."profileChangedAt"
+          "id",
+          "name",
+          "email",
+          "avatarColor",
+          "profileImagePath",
+          "profileChangedAt"
        from
          "user"
        where
@@ -267,7 +316,36 @@ from
      "asset"
      inner join lateral (
        select
-          *
+          "asset_exif"."assetId",
+          "asset_exif"."autoStackId",
+          "asset_exif"."bitsPerSample",
+          "asset_exif"."city",
+          "asset_exif"."colorspace",
+          "asset_exif"."country",
+          "asset_exif"."dateTimeOriginal",
+          "asset_exif"."description",
+          "asset_exif"."exifImageHeight",
+          "asset_exif"."exifImageWidth",
+          "asset_exif"."exposureTime",
+          "asset_exif"."fileSizeInByte",
+          "asset_exif"."fNumber",
+          "asset_exif"."focalLength",
+          "asset_exif"."fps",
+          "asset_exif"."iso",
+          "asset_exif"."latitude",
+          "asset_exif"."lensModel",
+          "asset_exif"."livePhotoCID",
+          "asset_exif"."longitude",
+          "asset_exif"."make",
+          "asset_exif"."model",
+          "asset_exif"."modifyDate",
+          "asset_exif"."orientation",
+          "asset_exif"."profileDescription",
+          "asset_exif"."projectionType",
+          "asset_exif"."rating",
+          "asset_exif"."state",
+          "asset_exif"."tags",
+          "asset_exif"."timeZone"
        from
          "asset_exif"
        where
@@ -582,7 +582,6 @@ where
  "asset_face"."updateId" < $1
  and "asset_face"."updateId" > $2
  and "asset"."ownerId" = $3
-  and "asset_face"."isVisible" = $4
 order by
  "asset_face"."updateId" asc

@@ -1,5 +1,5 @@
 import { Injectable } from '@nestjs/common';
-import { Kysely, sql } from 'kysely';
+import { Kysely, NotNull, sql } from 'kysely';
 import { InjectKysely } from 'nestjs-kysely';
 import { ChunkedSet, DummyValue, GenerateSql } from 'src/decorators';
 import { AlbumUserRole, AssetVisibility } from 'src/enum';
@@ -285,6 +285,28 @@ class AuthDeviceAccess {
  }
 }

+class DuplicateAccess {
+  constructor(private db: Kysely<DB>) {}
+
+  @GenerateSql({ params: [DummyValue.UUID, DummyValue.UUID_SET] })
+  @ChunkedSet({ paramIndex: 1 })
+  async checkOwnerAccess(userId: string, duplicateIds: Set<string>) {
+    if (duplicateIds.size === 0) {
+      return new Set<string>();
+    }
+
+    return this.db
+      .selectFrom('asset')
+      .select('asset.duplicateId')
+      .where('asset.duplicateId', 'in', [...duplicateIds])
+      .where('asset.ownerId', '=', userId)
+      .where('asset.deletedAt', 'is', null)
+      .$narrowType<{ duplicateId: NotNull }>()
+      .execute()
+      .then((assets) => new Set(assets.map((asset) => asset.duplicateId)));
+  }
+}
+
 class NotificationAccess {
  constructor(private db: Kysely<DB>) {}

@@ -488,6 +510,7 @@ export class AccessRepository {
  album: AlbumAccess;
  asset: AssetAccess;
  authDevice: AuthDeviceAccess;
+  duplicate: DuplicateAccess;
  memory: MemoryAccess;
  notification: NotificationAccess;
  person: PersonAccess;
@@ -503,6 +526,7 @@ export class AccessRepository {
    this.album = new AlbumAccess(db);
    this.asset = new AssetAccess(db);
    this.authDevice = new AuthDeviceAccess(db);
+    this.duplicate = new DuplicateAccess(db);
    this.memory = new MemoryAccess(db);
    this.notification = new NotificationAccess(db);
    this.person = new PersonAccess(db);
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
mertalev	f633612427	update job queries	2026-04-03 02:13:49 -04:00
mertalev	1d713f4829	handle shared link	2026-04-03 01:27:41 -04:00
mertalev	0a587bd48d	update to latest draft, apply old upload changes	2026-04-03 00:58:57 -04:00
Ben McCann	253143ed49	add a missing import	2026-03-29 11:34:50 -07:00
Ben McCann	f7780883c4	format	2026-03-29 11:25:18 -07:00
Ben McCann	901d544efd	run make open-api	2026-03-29 11:15:13 -07:00
Ben McCann	c07e87a7e5	regenerate sql files	2026-03-29 11:13:12 -07:00
Ben McCann	5133ff1909	fix build	2026-03-29 10:34:29 -07:00
Ben McCann	0c7f2dd8d2	merge main	2026-03-29 09:33:19 -07:00
Tony Fung	b09ebb11e9	perf(server): optimize people page query (#27346 ) Optimize People page query: modified SQL to use index for faster performance	2026-03-28 21:33:05 +00:00
Nicolas-micuda-becker	181b028b09	fix(web): keep upload totals stable when dismissing items (#27247 ) (#27354 ) * fix(web): keep upload totals stable when dismissing items (#27247) * chore: remove package-lock.json --------- Co-authored-by: bwees <brandonwees@gmail.com>	2026-03-28 16:25:44 -05:00
bo0tzz	eb20b715e4	fix: don't auto-close manually reopened PRs (#27347 )	2026-03-28 12:50:09 +00:00
Luis Nachtigall	a277c6311f	fix(mobile): streamline error handling for live photo saving (#27337 )	2026-03-27 19:07:38 -05:00
Jason Rasmussen	5889c42eb6	refactor: asset select manager (#27329 )	2026-03-27 14:23:33 -04:00
Jason Rasmussen	14cce0cba3	refactor: asset select manager (#27327 )	2026-03-27 13:48:51 -04:00
Jason Rasmussen	9b80ffd9c6	refactor: selection mananger (#27325 )	2026-03-27 12:41:52 -04:00
Luis Nachtigall	306a3b8c7f	fix(mobile): images loads sometimes cancel too early (#27067 ) * refactor listener tracking for image stream completers and fix early cancel call * fix: improve cache listener identification in image stream tracking * add documentation and test cases for listener tracking in ImageStreamCompleter * fix: remove unnecessary image provision flag from listener tracking * fix: override setImage method in cache aware listener tracker mixin * fix: rename test file	2026-03-27 10:35:50 -04:00
Putu Prema	be0fc403d8	fix(mobile): mismatch between system and app color when using low-chroma system color scheme (#27282 ) use DynamicSchemeVariant.fidelity to preserve low-chroma system color scheme as the app color	2026-03-27 09:21:43 -05:00
Yaros	c13fd9e4b5	fix(mobile): video icon not showing on memories (#27311 )	2026-03-27 09:11:02 -05:00
Thomas	8724848fce	chore(mobile): reduce spacing on video controls (#27313 ) The spacing was required for the old slider, but the new one has its own spacing and makes it redundant. There is too much now, and we've received feedback that it should be less sparse. The default track height of 16px is an improvement over the old track height, but it is very thick. A middleground of 12px might be better.	2026-03-27 09:10:19 -05:00
Min Idzelis	2d950db940	refactor(web): replace intersection booleans with enum (#27306 ) Change-Id: I0c9703d5960031142ae47fef23805e0a6a6a6964	2026-03-27 08:37:12 -04:00
Min Idzelis	4b9ebc2cff	refactor(web): migrate isFaceEditMode from standalone store to assetViewerManager (#27307 )	2026-03-27 13:20:15 +01:00
Saurav Sharma	e2d26ebdea	fix(web): prevent Safari from overwriting live photo image with video (#26898 ) When downloading a live photo, Safari overwrites the image file with the motion video because both share the same base filename. Append '-motion' suffix to the video filename to prevent collision. For example, IMG_1234.heic and IMG_1234.mov become IMG_1234.heic and IMG_1234-motion.mov. Fixes #23055	2026-03-26 14:37:05 -04:00
Phlogi	8c6adf7157	feat(server): resolve duplicates (#25316 ) * feat(web): Synchronize information from deduplicated images * Added new settings menu to the the deduplication tab. * The toggable options in the settings are synchronization of: albums, favorites, ratings, description, visibility and location. * When synchronizing the albums, the resolved images will be added to all albums of the duplicates. * When synchronizing the favorite status, the resolved images will be marked as favorite, if at least one selectable image is marked as favorite. * When synchronizing the ratings, the highest rating from the selectable images will be applied to the resolved image. * When synchronizing the description, all descriptions from the selectable images will be merged into one description for the resolved image. * When synchronizing the visibility, the most restrictive visibility setting from the selectable images will be applied to the resolved image. * When synchronizing the location, if exactly one unique location exists among the selectable images, this location will be applied to the resolved image. * There is no additional UI for these settings to keep the visual clutter minimal. The settings are applied automatically based on the user's preferences. * Replace addAssetToAlbums with copyAsset * fix linter * feat(web): add duplicate sync fields and fix typo * feat(web): add tag sync and enhance duplicate resolution This update introduces tag synchronization for duplicate resolution, ensuring all unique tag IDs from duplicates are applied to kept assets. The visibility sync logic is updated to use a simplified ordering, as the hidden status items will never show up in a duplicate set. Album synchronization now merges albums directly via addAssetsToAlbums; as the approach with copyAsset API endpoint was ineffiecient. Description, rating, and location sync logic is improved for correctness. and deduplication. i18n strings were added / updated. * feat(server): move duplicate resolution to backend with sync and stacking Moves duplicate metadata synchronization from frontend to backend, enabling robust batch operations and proper validation. This is an improved refactor of PR #13851. New endpoints: - POST /duplicates/resolve - batch resolve with configurable metadata sync - POST /duplicates/stack - create stacks from duplicate groups - GET /duplicates - now includes suggestedKeepAssetIds based on file size and EXIF Key changes: - Move sync logic (albums, tags, favorites, ratings, descriptions, location, visibility) to server - Add server-side metadata merge policies with proper conflict resolution - Replace client-side resolution logic with new backend endpoints - Add comprehensive E2E tests (70+ test cases) and unit tests - Update OpenAPI specs and TypeScript SDK No breaking changes - only additions to existing API. * feat(preferences): enable all duplicate sync settings by default * chore: clean up * chore: clean up * refactor: rename & clean up * fix: preference upgrade * chore: linting * refactor(e2e): use updateAssets API for setAssetDuplicateId * fix: visibility sync logic in duplicate resolution * fix(duplicate): write description to exifUpdate Previously the duplicate resolution populated assetUpdate.description even though description belongs to exif info. * fix(duplicate): remove redundant updateLockedColumns wrapper updateAllExif already computes lockedProperties via distinctLocked using Object.keys(options). The wrapper added a lockedProperties key to the options object, causing the spurious string 'lockedProperties' to be stored in the lockedProperties array. * fix(duplicate): write merged tags to asset_exif to survive metadata re-extraction During duplicate resolution, replaceAssetTags correctly wrote merged tag IDs to the tag_asset table, but never updated asset_exif.tags or locked the tags property. The subsequent SidecarWrite → AssetExtractMetadata chain calls applyTagList, which destructively replaces tag_asset rows with whatever is in asset_exif.tags — still the original per-asset tags, not the merged set. Write merged tag values to asset_exif.tags via updateAllExif (which also locks the property via distinctLocked), and queue SidecarWrite when tags change so they persist to the sidecar file. * docs(duplicates): clarify location and tag sync behavior * refactor(duplicate): remove sync settings, always sync all metadata on resolve Remove DuplicateSyncSettingsDto and the per-field sync toggles (albums, favorites, rating, description, visibility, location, tags). Duplicate resolution now unconditionally syncs all metadata from trashed assets to kept assets. - Remove DuplicateSyncSettingsDto and settings field from DuplicateResolveDto - Update DuplicateService to always run all sync logic without conditionals - Delete DuplicateSettingsModal.svelte and settings gear button from UI - Remove DuplicateSettings type and duplicateSettings persisted store - Update unit and e2e tests to remove settings from resolve requests * docs: update duplicates utility to reflect automatic metadata sync * docs(web): replace duplicates info modal with link to documentation * chore: clean up * fix: add missing type cast to jsonAgg in duplicate repository getAll * fix: skip persisting rating=0 in duplicate merge to avoid unnecessary sidecar write --------- Co-authored-by: Toni <51962051+EinToni@users.noreply.github.com> Co-authored-by: Jason Rasmussen <jason@rasm.me> Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>	2026-03-26 18:33:55 +00:00
Mees Frensel	48fdd39d30	feat(web): use ui pin input element (#27200 )	2026-03-26 18:24:46 +00:00
Jonathan Jogenfors	22bf7c2005	feat(server): add checksum algorithm field (#26573 ) * feat: add checksum algorithm field * fix comments * chore: rename migration --------- Co-authored-by: Jason Rasmussen <jason@rasm.me>	2026-03-26 18:20:25 +00:00
Mees Frensel	47b45453c8	chore(web): refactor activity status (#26956 ) * chore(web): refactor activity status * fix: size change --------- Co-authored-by: Jason Rasmussen <jason@rasm.me>	2026-03-26 18:15:42 +00:00
Robin Wohlers-Reichel	448c069fb6	feat(web): add shortcuts to rotate images (#26927 )	2026-03-26 19:13:01 +01:00
Diogo Tavares Sendim Fernandes	958f270f0d	fix(web): keep map view open after closing asset viewer (#26980 )	2026-03-26 18:11:05 +00:00
renovate[bot]	9f699fdfc3	chore(deps): update typescript-projects (#26973 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Daniel Dietzler <mail@ddietzler.dev>	2026-03-26 19:02:27 +01:00
renovate[bot]	00da7b88a1	chore(deps): update dependency @types/node to ^24.12.0 (#26966 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-26 13:52:45 -04:00
Michel Heusschen	144a57ddff	refactor(server): use helpers for shared link queries (#27088 ) * fix(server): prevent album shared link from breaking after uploads * update test * add withSharedAssets helper * remove options * add more helpers * update selects	2026-03-26 13:51:00 -04:00
Daniel Dietzler	1bd2d474d7	fix: various comamnd palette usages (#27304 )	2026-03-26 17:45:14 +00:00
Jason Rasmussen	b33874ef12	feat: add support for helmet configuration (#27058 )	2026-03-26 17:41:23 +00:00
bo0tzz	dbaf4b548b	fix: pin success-check-action to correct tag (#27230 )	2026-03-26 17:37:23 +00:00
Jason Rasmussen	7d58d5be12	refactor: memory manager (#27206 )	2026-03-26 17:36:25 +00:00
renovate[bot]	42fe86d24c	chore(deps): update grafana/grafana docker tag to v12.4.1 (#26969 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-26 18:31:08 +01:00
Michael Maycock	eeb55c279b	fix(web): preserve timezone when changing timestamp (Closes #25354 ) (#27095 )	2026-03-26 17:30:47 +00:00
renovate[bot]	5c159d70a7	chore(deps): update node.js to v24.14.0 (#26972 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-26 18:30:38 +01:00
Paul Makles	44ae0fa7ed	fix(database restores): don't assume onboarding has completed (#27052 )	2026-03-26 18:30:14 +01:00
renovate[bot]	f782782662	fix(deps): update dependency kysely to v0.28.14 [security] (#27068 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-26 18:29:53 +01:00
renovate[bot]	4436cab827	chore(deps): update dependency yaml to v2.8.3 [security] (#27293 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-26 18:28:46 +01:00
renovate[bot]	74789ad1c4	chore(deps): update dependency picomatch to v4.0.4 [security] (#27281 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-26 18:28:05 +01:00
Jason Rasmussen	7877097b3f	refactor: asset viewing store (#27204 )	2026-03-26 13:22:40 -04:00
Jason Rasmussen	fb84c1cf61	chore: remove unused file (#27202 )	2026-03-26 13:22:31 -04:00
Jason Rasmussen	940a1d4ab8	refactor: change location (#27201 )	2026-03-26 13:22:14 -04:00
Jason Rasmussen	fae25dbe65	chore: whitelist server deploy files (#27056 )	2026-03-26 13:22:03 -04:00
Mert	8dd0d7f34c	fix(server): memory fragmentation (#27027 )	2026-03-26 18:21:52 +01:00
Jason Rasmussen	9b78f2c0ba	chore: remove unused resources (#27055 )	2026-03-26 13:21:36 -04:00
Timon	67cedfef17	feat(web): add RemoveFromAlbumAction to asset viewer nav bar (#27000 )	2026-03-26 18:20:28 +01:00
Andreas Heinz	c9c2322b9d	feat(web): focus on face-editor search input (#27136 )	2026-03-26 18:18:23 +01:00
Daniel Dietzler	389356149a	refactor: actionable toasts (#27203 )	2026-03-26 18:18:06 +01:00
Michel Heusschen	4812a2e2d8	fix(server): refresh unedited asset dimensions on metadata extraction (#27220 )	2026-03-26 18:17:32 +01:00
Vogeluff	8f01d06927	feat(web): add a seperate tooltip for switching from dark to light mode (#27297 )	2026-03-26 18:15:16 +01:00
github-actions	a2ff075e9a	chore: version v2.6.3	2026-03-26 16:23:35 +00:00
Brandon Wees	d8b39906f9	fix: incorrect asset face sync (#27243 ) * fix: incorrect asset face sync * chore: sync sql	2026-03-26 09:39:02 -05:00
Michel Heusschen	b36911a16b	fix(server): filter out empty search suggestions (#27292 ) * fix(server): filter out empty search suggestions * make sql	2026-03-26 09:36:04 -05:00
Alex	b074ee202e	chore: move slideshow control button group to the left (#27287 )	2026-03-26 14:31:11 +00:00
bo0tzz	78bb6cf926	chore: log id of existing asset on duplicate upload (#27266 )	2026-03-26 11:50:53 +01:00
Yaros	c980f5fc19	chore(docs): withPeople parameter description (#27262 ) * fix(server): withPeople inconsistent * fix: query failing in some occasions * test: add medium tests for withPeople option * Revert "test: add medium tests for withPeople option" This reverts commit `6c1505ba6b`. * Revert "fix: query failing in some occasions" This reverts commit `221feeca45`. * Revert "fix(server): withPeople inconsistent" This reverts commit `4289a9f23d`. * chore: change endpoint description * chore: generate open-api	2026-03-26 11:50:29 +01:00
Yaros	a26d9e05ba	fix(web): shifting motion image button (#27275 )	2026-03-26 11:49:21 +01:00
bo0tzz	c862163204	fix: explicitly specify repo in auto-close job (#27291 )	2026-03-26 10:43:51 +00:00
Michel Heusschen	5fb8f9bf1a	fix(web): prevent horizontal scroll bar in asset viewer side panel (#27270 ) * fix(web): prevent horizontal scroll bar in asset viewer side panel * simplify	2026-03-25 21:02:31 -05:00
mertalev	7ba458668b	remove upload-length from conventional upload e2e	2025-11-06 12:15:54 -05:00
mertalev	ea034f21bc	linting	2025-11-06 12:15:54 -05:00
mertalev	a68513247d	redundant check	2025-11-06 12:15:54 -05:00
mertalev	59f7f3c23e	update api	2025-11-06 12:15:54 -05:00
mertalev	c88bde3cab	lint	2025-11-06 12:15:54 -05:00
mertalev	818bd51036	support conventional uploads	2025-11-06 12:15:54 -05:00
mertalev	3c72409712	require header for incomplete uploads	2025-11-06 12:15:54 -05:00
mertalev	8d1a8b9465	reject empty file	2025-11-06 12:15:54 -05:00
mertalev	d880e7baed	infer upload length when possible	2025-11-06 12:15:54 -05:00
mertalev	42801ace35	update api	2025-11-06 12:15:54 -05:00
mertalev	838b8e9126	set `max-age` limit	2025-11-06 12:15:19 -05:00
mertalev	9da5a48bdd	add live photo e2e	2025-11-06 12:15:19 -05:00
mertalev	27f126bd58	better abort check	2025-11-06 12:15:19 -05:00
mertalev	a238c6a70d	unnecessary change	2025-11-06 12:15:19 -05:00
mertalev	7222d7af30	configurable cleanup	2025-11-06 12:15:19 -05:00
mertalev	d660ab2218	handle live photos	2025-11-06 12:13:33 -05:00
mertalev	69ffbcd5cf	tweak types	2025-11-06 12:13:33 -05:00
mertalev	bc84486668	MUST NOT validation	2025-11-06 12:13:33 -05:00
mertalev	2666ee2b4f	remove log	2025-11-06 12:12:27 -05:00
mertalev	72ea7799c0	lint	2025-11-06 12:12:27 -05:00
mertalev	98c8c28b62	test interruption + abort	2025-11-06 12:12:27 -05:00
mertalev	6b1d26d3a2	more content length test inputs	2025-11-06 12:12:27 -05:00
mertalev	5e07976288	fix abortion return	2025-11-06 12:12:27 -05:00
mertalev	3f1133f9b7	typo	2025-11-06 12:12:27 -05:00
mertalev	3a087ed2cd	proactive abortion	2025-11-06 12:12:27 -05:00
mertalev	c723a9ac78	better content length handling	2025-11-06 12:09:27 -05:00
mertalev	550460891d	add timeout	2025-11-06 12:09:27 -05:00
mertalev	e3e8da168f	tidying	2025-11-06 12:09:27 -05:00
mertalev	de117ebe7a	listen to upload event in e2e test resume with real image	2025-11-06 12:09:27 -05:00
mertalev	3d507015e0	add service tests	2025-11-06 12:09:26 -05:00
mertalev	fe71662d24	add controller tests, move validation testing from e2e revert unnecessary change update mocks add structured-headers to e2e deps	2025-11-06 12:09:26 -05:00
mertalev	81a66350f6	add note about RFC 9651 authdto remove excess logs use structured dictionary	2025-11-06 12:07:34 -05:00
mertalev	c33e65362a	clean up stale uploads stale upload cleanup try/catch file check	2025-11-06 12:07:34 -05:00
mertalev	bb5519036a	unnecessary quota check	2025-11-06 12:07:34 -05:00
mertalev	177c997d96	interim+500 interim+500 interim+500	2025-11-06 12:07:34 -05:00
mertalev	2d6a2dc77b	more e2e tests consistent e2e sections decrement quota on cancel	2025-11-06 12:07:34 -05:00
mertalev	e193cb3a5b	tweaks shared pipe method shared pipe method require size upfront make length optional for patch requests	2025-11-06 12:07:34 -05:00
mertalev	4b63d3d055	ensure stream is closed before releasing lock	2025-11-06 12:07:34 -05:00
mertalev	4ed92f5df5	dto refactor add logging handle metadata	2025-11-06 12:07:34 -05:00
mertalev	6f61bf04e4	backward compatibility	2025-11-06 12:07:34 -05:00
mertalev	b21d0a1c53	working e2e	2025-11-06 12:07:34 -05:00
mertalev	f80326872e	interop v8 compliance	2025-11-06 12:07:34 -05:00
mertalev	7561c5e1c4	chunked upload controller	2025-11-06 12:05:56 -05:00
@@ -1 +1 @@
 .13.1
 .14.0