update job queries

handle shared link
update to latest draft, apply old upload changes
2026-05-13 11:02:15 -04:00 · 2026-04-03 02:13:49 -04:00 · 2026-04-03 01:27:41 -04:00 · 2026-04-03 00:58:57 -04:00 · 2026-03-29 11:34:50 -07:00 · 2026-03-29 11:25:18 -07:00
302 changed files with 11307 additions and 10147 deletions
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -0,0 +1,148 @@
+name: Auto-close PRs
+
+on:
+  pull_request_target: # zizmor: ignore[dangerous-triggers]
+    types: [opened, edited, labeled]
+
+permissions: {}
+
+jobs:
+  parse_template:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.action != 'labeled' && github.event.pull_request.head.repo.fork == true }}
+    permissions:
+      contents: read
+    outputs:
+      uses_template: ${{ steps.check.outputs.uses_template }}
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          sparse-checkout: .github/pull_request_template.md
+          sparse-checkout-cone-mode: false
+          persist-credentials: false
+
+      - name: Check required sections
+        id: check
+        env:
+          BODY: ${{ github.event.pull_request.body }}
+        run: |
+          OK=true
+          while IFS= read -r header; do
+            printf '%s\n' "$BODY" | grep -qF "$header" || OK=false
+          done < <(sed '/<!--/,/-->/d' .github/pull_request_template.md | grep "^## ")
+          echo "uses_template=$OK" >> "$GITHUB_OUTPUT"
+
+  close_template:
+    runs-on: ubuntu-latest
+    needs: parse_template
+    if: >-
+      ${{
+        needs.parse_template.outputs.uses_template == 'false'
+        && github.event.pull_request.state != 'closed'
+        && !contains(github.event.pull_request.labels.*.name, 'auto-closed:template')
+      }}
+    permissions:
+      pull-requests: write
+    steps:
+      - name: Comment and close
+        env:
+          GH_TOKEN: ${{ github.token }}
+          NODE_ID: ${{ github.event.pull_request.node_id }}
+        run: |
+          gh api graphql \
+            -f prId="$NODE_ID" \
+            -f body="This PR has been automatically closed as the description doesn't follow our template. After you edit it to match the template, the PR will automatically be reopened." \
+            -f query='
+              mutation CommentAndClosePR($prId: ID!, $body: String!) {
+                addComment(input: {
+                  subjectId: $prId,
+                  body: $body
+                }) {
+                  __typename
+                }
+                closePullRequest(input: {
+                  pullRequestId: $prId
+                }) {
+                  __typename
+                }
+              }'
+
+      - name: Add label
+        env:
+          GH_TOKEN: ${{ github.token }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: gh pr edit "$PR_NUMBER" --repo "${{ github.repository }}" --add-label "auto-closed:template"
+
+  close_llm:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.action == 'labeled' && github.event.label.name == 'auto-closed:llm' }}
+    permissions:
+      pull-requests: write
+    steps:
+      - name: Comment and close
+        env:
+          GH_TOKEN: ${{ github.token }}
+          NODE_ID: ${{ github.event.pull_request.node_id }}
+        run: |
+          gh api graphql \
+            -f prId="$NODE_ID" \
+            -f body="Thank you for your interest in contributing to Immich! Unfortunately this PR looks like it was generated using an LLM. As noted in our [CONTRIBUTING.md](https://github.com/immich-app/immich/blob/main/CONTRIBUTING.md#use-of-generative-ai), we request that you don't use LLMs to generate PRs as those are not a good use of maintainer time." \
+            -f query='
+              mutation CommentAndClosePR($prId: ID!, $body: String!) {
+                addComment(input: {
+                  subjectId: $prId,
+                  body: $body
+                }) {
+                  __typename
+                }
+                closePullRequest(input: {
+                  pullRequestId: $prId
+                }) {
+                  __typename
+                }
+              }'
+
+  reopen:
+    runs-on: ubuntu-latest
+    needs: parse_template
+    if: >-
+      ${{
+        needs.parse_template.outputs.uses_template == 'true'
+        && github.event.pull_request.state == 'closed'
+        && contains(github.event.pull_request.labels.*.name, 'auto-closed:template')
+      }}
+    permissions:
+      pull-requests: write
+    steps:
+      - name: Remove template label
+        env:
+          GH_TOKEN: ${{ github.token }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: gh pr edit "$PR_NUMBER" --repo "${{ github.repository }}" --remove-label "auto-closed:template" || true
+
+      - name: Check for remaining auto-closed labels
+        id: check_labels
+        env:
+          GH_TOKEN: ${{ github.token }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          REMAINING=$(gh pr view "$PR_NUMBER" --repo "${{ github.repository }}" --json labels \
+            --jq '[.labels[].name | select(startswith("auto-closed:"))] | length')
+          echo "remaining=$REMAINING" >> "$GITHUB_OUTPUT"
+
+      - name: Reopen PR
+        if: ${{ steps.check_labels.outputs.remaining == '0' }}
+        env:
+          GH_TOKEN: ${{ github.token }}
+          NODE_ID: ${{ github.event.pull_request.node_id }}
+        run: |
+          gh api graphql \
+            -f prId="$NODE_ID" \
+            -f query='
+              mutation ReopenPR($prId: ID!) {
+                reopenPullRequest(input: {
+                  pullRequestId: $prId
+                }) {
+                  __typename
+                }
+              }'
@@ -51,14 +51,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -79,7 +79,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -103,7 +103,7 @@ jobs:

      - name: Restore Gradle Cache
        id: cache-gradle-restore
-        uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        with:
          path: |
            ~/.gradle/caches
@@ -114,7 +114,7 @@ jobs:
          key: build-mobile-gradle-${{ runner.os }}-main

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2.21.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -153,14 +153,14 @@ jobs:
          fi

      - name: Publish Android Artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: release-apk-signed
          path: mobile/build/app/outputs/flutter-apk/*.apk

      - name: Save Gradle Cache
        id: cache-gradle-save
-        uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        if: github.ref == 'refs/heads/main'
        with:
          path: |
@@ -185,13 +185,13 @@ jobs:
        run: sudo xcode-select -s /Applications/Xcode_26.2.app/Contents/Developer

      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: ${{ inputs.ref || github.sha }}
          persist-credentials: false

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -210,7 +210,7 @@ jobs:
        working-directory: ./mobile

      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
+        uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1.295.0
        with:
          ruby-version: '3.3'
          bundler-cache: true
@@ -291,7 +291,7 @@ jobs:
          security delete-keychain build.keychain || true

      - name: Upload IPA artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: ios-release-ipa
          path: mobile/ios/Runner.ipa
@@ -19,7 +19,7 @@ jobs:
      actions: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -24,7 +24,7 @@ jobs:
          persist-credentials: false

      - name: Check for breaking API changes
-        uses: oasdiff/oasdiff-action/breaking@748daafaf3aac877a36307f842a48d55db938ac8 # v0.0.31
+        uses: oasdiff/oasdiff-action/breaking@2a37bc82462349c03a533b8b608bebbaf57b3e60 # v0.0.33
        with:
          base: https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json
          revision: open-api/immich-openapi-specs.json
@@ -1,80 +0,0 @@
-name: Check PR Template
-
-on:
-  pull_request_target: # zizmor: ignore[dangerous-triggers]
-    types: [opened, edited]
-
-permissions: {}
-
-jobs:
-  parse:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.pull_request.head.repo.fork == true }}
-    permissions:
-      contents: read
-    outputs:
-      uses_template: ${{ steps.check.outputs.uses_template }}
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          sparse-checkout: .github/pull_request_template.md
-          sparse-checkout-cone-mode: false
-          persist-credentials: false
-
-      - name: Check required sections
-        id: check
-        env:
-          BODY: ${{ github.event.pull_request.body }}
-        run: |
-          OK=true
-          while IFS= read -r header; do
-            printf '%s\n' "$BODY" | grep -qF "$header" || OK=false
-          done < <(sed '/<!--/,/-->/d' .github/pull_request_template.md | grep "^## ")
-          echo "uses_template=$OK" >> "$GITHUB_OUTPUT"
-
-  act:
-    runs-on: ubuntu-latest
-    needs: parse
-    permissions:
-      pull-requests: write
-    steps:
-      - name: Close PR
-        if: ${{ needs.parse.outputs.uses_template == 'false' && github.event.pull_request.state != 'closed' }}
-        env:
-          GH_TOKEN: ${{ github.token }}
-          NODE_ID: ${{ github.event.pull_request.node_id }}
-        run: |
-          gh api graphql \
-            -f prId="$NODE_ID" \
-            -f body="This PR has been automatically closed as the description doesn't follow our template. After you edit it to match the template, the PR will automatically be reopened." \
-            -f query='
-              mutation CommentAndClosePR($prId: ID!, $body: String!) {
-                addComment(input: {
-                  subjectId: $prId,
-                  body: $body
-                }) {
-                  __typename
-                }
-                closePullRequest(input: {
-                  pullRequestId: $prId
-                }) {
-                  __typename
-                }
-              }'
-
-      - name: Reopen PR (sections now present, PR closed)
-        if: ${{ needs.parse.outputs.uses_template == 'true' && github.event.pull_request.state == 'closed' }}
-        env:
-          GH_TOKEN: ${{ github.token }}
-          NODE_ID: ${{ github.event.pull_request.node_id }}
-        run: |
-          gh api graphql \
-            -f prId="$NODE_ID" \
-            -f query='
-              mutation ReopenPR($prId: ID!) {
-                reopenPullRequest(input: {
-                  pullRequestId: $prId
-                }) {
-                  __typename
-                }
-              }'
@@ -31,7 +31,7 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -42,7 +42,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -71,7 +71,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -83,13 +83,13 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
+        uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          registry: ghcr.io
@@ -104,7 +104,7 @@ jobs:

      - name: Generate docker image tags
        id: metadata
-        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
        with:
          flavor: |
            latest=false
@@ -115,7 +115,7 @@ jobs:
            type=raw,value=latest,enable=${{ github.event_name == 'release' }}

      - name: Build and push image
-        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
+        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
        with:
          file: cli/Dockerfile
          platforms: linux/amd64,linux/arm64
@@ -35,7 +35,7 @@ jobs:
    needs: [get_body, should_run]
    if: ${{ needs.should_run.outputs.should_run == 'true' }}
    container:
-      image: ghcr.io/immich-app/mdq:main@sha256:4f9860d04c88f7f87861f8ee84bfeedaec15ed7ca5ca87bc7db44b036f81645f
+      image: ghcr.io/immich-app/mdq:main@sha256:df7188ba88abb0800d73cc97d3633280f0c0c3d4c441d678225067bf154150fb
    outputs:
      checked: ${{ steps.get_checkbox.outputs.checked }}
    steps:
@@ -1,38 +0,0 @@
-name: Close LLM-generated PRs
-
-on:
-  pull_request_target:
-    types: [labeled]
-
-permissions: {}
-
-jobs:
-  comment_and_close:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.label.name == 'llm-generated' }}
-    permissions:
-      pull-requests: write
-    steps:
-      - name: Comment and close
-        env:
-          GH_TOKEN: ${{ github.token }}
-          NODE_ID: ${{ github.event.pull_request.node_id }}
-        run: |
-          gh api graphql \
-            -f prId="$NODE_ID" \
-            -f body="Thank you for your interest in contributing to Immich! Unfortunately this PR looks like it was generated using an LLM. As noted in our [CONTRIBUTING.md](https://github.com/immich-app/immich/blob/main/CONTRIBUTING.md#use-of-generative-ai), we request that you don't use LLMs to generate PRs as those are not a good use of maintainer time." \
-            -f query='
-              mutation CommentAndClosePR($prId: ID!, $body: String!) {
-                addComment(input: {
-                  subjectId: $prId,
-                  body: $body
-                }) {
-                  __typename
-                }
-
-                closePullRequest(input: {
-                  pullRequestId: $prId
-                }) {
-                  __typename
-                }
-              }'
@@ -44,7 +44,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -57,7 +57,7 @@ jobs:

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/init@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
@@ -70,7 +70,7 @@ jobs:
      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
-        uses: github/codeql-action/autobuild@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/autobuild@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0

      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -83,6 +83,6 @@ jobs:
      #   ./location_of_script_within_repo/buildscript.sh

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/analyze@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0
        with:
          category: '/language:${{matrix.language}}'
@@ -23,14 +23,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -60,7 +60,7 @@ jobs:
        suffix: ['', '-cuda', '-rocm', '-openvino', '-armnn', '-rknn']
    steps:
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -90,7 +90,7 @@ jobs:
        suffix: ['']
    steps:
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -132,7 +132,7 @@ jobs:
            suffixes: '-rocm'
            platforms: linux/amd64
            runner-mapping: '{"linux/amd64": "pokedex-large"}'
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@bd49ed7a5a6022149f79b6564df48177476a822b # multi-runner-build-workflow-v2.2.1
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
    permissions:
      contents: read
      actions: read
@@ -155,7 +155,7 @@ jobs:
    name: Build and Push Server
    needs: pre-job
    if: ${{ fromJSON(needs.pre-job.outputs.should_run).server == true }}
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@bd49ed7a5a6022149f79b6564df48177476a822b # multi-runner-build-workflow-v2.2.1
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
    permissions:
      contents: read
      actions: read
@@ -178,7 +178,7 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}

@@ -189,6 +189,6 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
@@ -21,14 +21,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -54,7 +54,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -67,7 +67,7 @@ jobs:
          fetch-depth: 0

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -86,7 +86,7 @@ jobs:
        run: pnpm build

      - name: Upload build output
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: docs-build-output
          path: docs/build/
@@ -20,7 +20,7 @@ jobs:
      artifact: ${{ steps.get-artifact.outputs.result }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -119,7 +119,7 @@ jobs:
    if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -131,7 +131,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@dab18118da6476e8237ac94080fd937983fecd42 # use-mise-action-v1.1.2
+        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3

      - name: Load parameters
        id: parameters
@@ -17,7 +17,7 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -29,7 +29,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@dab18118da6476e8237ac94080fd937983fecd42 # use-mise-action-v1.1.2
+        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3

      - name: Destroy Docs Subdomain
        env:
@@ -16,7 +16,7 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -29,7 +29,7 @@ jobs:
          persist-credentials: true

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -31,7 +31,7 @@ jobs:
      - name: Generate a token
        id: generate_token
        if: ${{ inputs.skip != true }}
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -14,13 +14,13 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Require PR to have a changelog label
-        uses: mheap/github-action-required-labels@8afbe8ae6ab7647d0c9f0cfa7c2f939650d22509 # v5.5.1
+        uses: mheap/github-action-required-labels@0ac283b4e65c1fb28ce6079dea5546ceca98ccbe # v5.5.2
        with:
          token: ${{ steps.token.outputs.token }}
          mode: exactly
@@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -50,7 +50,7 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -63,10 +63,10 @@ jobs:
          ref: main

      - name: Install uv
-        uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -124,7 +124,7 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -136,13 +136,13 @@ jobs:
          persist-credentials: false

      - name: Download APK
-        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          name: release-apk-signed
          github-token: ${{ steps.generate-token.outputs.token }}

      - name: Create draft release
-        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
        with:
          draft: true
          tag_name: ${{ needs.bump_version.outputs.version }}
@@ -151,6 +151,7 @@ jobs:
          body_path: misc/release/notes.tmpl
          files: |
            docker/docker-compose.yml
+            docker/docker-compose.rootless.yml
            docker/example.env
            docker/hwaccel.ml.yml
            docker/hwaccel.transcoding.yml
@@ -14,12 +14,12 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        with:
          github-token: ${{ steps.token.outputs.token }}
          message-id: 'preview-status'
@@ -32,7 +32,7 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -48,14 +48,14 @@ jobs:
              name: 'preview'
            })

-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        if: ${{ github.event.pull_request.head.repo.fork }}
        with:
          github-token: ${{ steps.token.outputs.token }}
          message-id: 'preview-status'
          message: 'PRs from forks cannot have preview environments.'

-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          github-token: ${{ steps.token.outputs.token }}
@@ -19,7 +19,7 @@ jobs:
        working-directory: ./open-api/typescript-sdk
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -30,7 +30,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      # Setup .npmrc file to publish to npm
      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -20,14 +20,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -49,7 +49,7 @@ jobs:
        working-directory: ./mobile
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -61,7 +61,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2.21.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -17,14 +17,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -63,7 +63,7 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -75,7 +75,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -108,7 +108,7 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -119,7 +119,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -155,7 +155,7 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -166,7 +166,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -197,7 +197,7 @@ jobs:
        working-directory: ./web
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -208,7 +208,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -241,7 +241,7 @@ jobs:
        working-directory: ./web
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -252,7 +252,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -279,7 +279,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -290,7 +290,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -327,7 +327,7 @@ jobs:
        working-directory: ./e2e
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -338,7 +338,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -373,7 +373,7 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -385,7 +385,7 @@ jobs:
          submodules: 'recursive'
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -412,7 +412,7 @@ jobs:
        runner: [ubuntu-latest, ubuntu-24.04-arm]
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -424,7 +424,7 @@ jobs:
          submodules: 'recursive'
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -464,7 +464,7 @@ jobs:
        run: docker compose logs --no-color > docker-compose-logs.txt
        working-directory: ./e2e
      - name: Archive Docker logs
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: always()
        with:
          name: e2e-server-docker-logs-${{ matrix.runner }}
@@ -484,7 +484,7 @@ jobs:
        runner: [ubuntu-latest, ubuntu-24.04-arm]
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -496,7 +496,7 @@ jobs:
          submodules: 'recursive'
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -522,7 +522,7 @@ jobs:
        run: pnpm test:web
        if: ${{ !cancelled() }}
      - name: Archive e2e test (web) results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-web-test-results-${{ matrix.runner }}
@@ -533,7 +533,7 @@ jobs:
        run: pnpm test:web:ui
        if: ${{ !cancelled() }}
      - name: Archive ui test (web) results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-ui-test-results-${{ matrix.runner }}
@@ -544,7 +544,7 @@ jobs:
        run: pnpm test:web:maintenance
        if: ${{ !cancelled() }}
      - name: Archive maintenance tests (web) results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-maintenance-isolated-test-results-${{ matrix.runner }}
@@ -554,7 +554,7 @@ jobs:
        run: docker compose logs --no-color > docker-compose-logs.txt
        working-directory: ./e2e
      - name: Archive Docker logs
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: always()
        with:
          name: e2e-web-docker-logs-${{ matrix.runner }}
@@ -566,7 +566,7 @@ jobs:
    runs-on: ubuntu-latest
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
  mobile-unit-tests:
@@ -578,7 +578,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -588,7 +588,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2.21.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -610,7 +610,7 @@ jobs:
        working-directory: ./machine-learning
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -620,7 +620,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Install uv
-        uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
        with:
          python-version: 3.11
      - name: Install dependencies
@@ -650,7 +650,7 @@ jobs:
        working-directory: ./.github
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -661,7 +661,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -680,7 +680,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -701,7 +701,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -712,7 +712,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -763,7 +763,7 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -774,7 +774,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -24,14 +24,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -47,7 +47,7 @@ jobs:
    if: ${{ fromJSON(needs.pre-job.outputs.should_run).i18n == true }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -68,6 +68,6 @@ jobs:
    permissions: {}
    if: always()
    steps:
-      - uses: immich-app/devtools/actions/success-check@68f10eb389bb02a3cf9d1156111964c549eb421b # 0.0.4
+      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
        with:
          needs: ${{ toJSON(needs) }}
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "@immich/cli",
-  "version": "2.6.0",
+  "version": "2.6.3",
  "description": "Command Line Interface (CLI) for Immich",
  "type": "module",
  "exports": "./dist/index.js",
@@ -20,7 +20,7 @@
    "@types/lodash-es": "^4.17.12",
    "@types/micromatch": "^4.0.9",
    "@types/mock-fs": "^4.13.1",
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "@vitest/coverage-v8": "^4.0.0",
    "byte-size": "^9.0.0",
    "cli-progress": "^3.12.0",
@@ -35,8 +35,7 @@
    "prettier-plugin-organize-imports": "^4.0.0",
    "typescript": "^5.3.3",
    "typescript-eslint": "^8.28.0",
-    "vite": "^7.0.0",
-    "vite-tsconfig-paths": "^6.0.0",
+    "vite": "^8.0.0",
    "vitest": "^4.0.0",
    "vitest-fetch-mock": "^0.4.0",
    "yaml": "^2.3.1"
@@ -69,6 +68,6 @@
    "micromatch": "^4.0.8"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -1,10 +1,12 @@
 import { defineConfig, UserConfig } from 'vite';
-import tsconfigPaths from 'vite-tsconfig-paths';

 export default defineConfig({
-  resolve: { alias: { src: '/src' } },
+  resolve: {
+    alias: { src: '/src' },
+    tsconfigPaths: true,
+  },
  build: {
-    rollupOptions: {
+    rolldownOptions: {
      input: 'src/index.ts',
      output: {
        dir: 'dist',
@@ -16,7 +18,6 @@ export default defineConfig({
    // bundle everything except for Node built-ins
    noExternal: /^(?!node:).*$/,
  },
-  plugins: [tsconfigPaths()],
  test: {
    name: 'cli:unit',
    globals: true,
@@ -90,6 +90,7 @@ services:
      IMMICH_THIRD_PARTY_BUG_FEATURE_URL: https://github.com/immich-app/immich/issues
      IMMICH_THIRD_PARTY_DOCUMENTATION_URL: https://docs.immich.app
      IMMICH_THIRD_PARTY_SUPPORT_URL: https://docs.immich.app/community-guides
+      IMMICH_HELMET_FILE: 'true'
    ports:
      - 9230:9230
      - 9231:9231
@@ -97,7 +97,7 @@ services:
    command: ['./run.sh', '-disable-reporting']
    ports:
      - 3000:3000
-    image: grafana/grafana:12.3.2-ubuntu@sha256:6cca4b429a1dc0d37d401dee54825c12d40056c3c6f3f56e3f0d6318ce77749b
+    image: grafana/grafana:12.4.1-ubuntu@sha256:1a20dea76a2778773df17dbc365db86b1a4f2d57772b8590b6311038a3acb1db
    volumes:
      - grafana-data:/var/lib/grafana

@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -0,0 +1,28 @@
+# Duplicates Utility
+
+Immich comes with a duplicates utility to help you detect assets that look visually similar. The duplicate detection feature relies on machine learning and is enabled by default. For more information about when the duplicate detection job runs, see [Jobs and Workers](/administration/jobs-workers). Once an asset has been processed and added to a duplicate group, it becomes available to review in the "Review duplicates" utility, which can be found [here](https://my.immich.app/utilities/duplicates).
+
+## Reviewing duplicates
+
+The review duplicates page allows the user to individually select which assets should be kept and which ones should be trashed. When more than one asset is kept, there is an option to automatically put the kept assets into a stack.
+
+### Automatic preselection
+
+When using "Deduplicate All" or viewing suggestions, Immich automatically preselects which assets to keep based on:
+
+1. **Image size in bytes** — larger files are preferred as they typically have higher quality.
+2. **Count of EXIF data** — assets with more metadata are preferred.
+
+### Synchronizing metadata
+
+When resolving duplicates, metadata from trashed assets is automatically synchronized to the kept assets. The following metadata is synchronized:
+
+| Name        | Description                                                                                                                     |
+| ----------- | ------------------------------------------------------------------------------------------------------------------------------- |
+| Album       | The kept assets will be added to _every_ album that the other assets in the group belong to.                                    |
+| Favorite    | If any of the assets in the group have been added to favorites, every kept asset will also be added to favorites.               |
+| Rating      | If one or more assets in the duplicate group have a rating, the highest rating is selected and synchronized to the kept assets. |
+| Description | Descriptions from each asset are combined together and synchronized to all the kept assets.                                     |
+| Visibility  | The most restrictive visibility is applied to the kept assets.                                                                  |
+| Location    | Latitude and longitude are copied if all assets with geolocation data in the group share the same coordinates.                  |
+| Tag         | Tags from all assets in the group are merged and applied to every kept asset.                                                   |
@@ -3,8 +3,8 @@
 You may decide that you'd like to modify the style document which is used to
 draw the maps in Immich. In addition to visual customization, this also allows
 you to pick your own map tile provider instead of the default one. The default
-`style.json` for [light theme](https://github.com/immich-app/immich/tree/main/server/resources/style-light.json)
-and [dark theme](https://github.com/immich-app/immich/blob/main/server/resources/style-dark.json)
+`style.json` for [light theme](https://tiles.immich.cloud/v1/style/light.json)
+and [dark theme](https://tiles.immich.cloud/v1/style/dark.json)
 can be used as a basis for creating your own style.

 There are several sources for already-made `style.json` map themes, as well as
@@ -29,22 +29,23 @@ These environment variables are used by the `docker-compose.yml` file and do **N

 ## General

-| Variable                            | Description                                                                               |           Default            | Containers               | Workers            |
-| :---------------------------------- | :---------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
-| `TZ`                                | Timezone                                                                                  |        <sup>\*1</sup>        | server                   | microservices      |
-| `IMMICH_ENV`                        | Environment (production, development)                                                     |         `production`         | server, machine learning | api, microservices |
-| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                              |            `log`             | server, machine learning | api, microservices |
-| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                     |          `console`           | server                   | api, microservices |
-| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️ |           `/data`            | server                   | api, microservices |
-| `IMMICH_CONFIG_FILE`                | Path to config file                                                                       |                              | server                   | api, microservices |
-| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                           |           `false`            | server, machine learning |                    |
-| `CPU_CORES`                         | Number of cores available to the Immich server                                            | auto-detected CPU core count | server                   |                    |
-| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                 |            `8081`            | server                   | api                |
-| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                 |            `8082`            | server                   | microservices      |
-| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                       |                              | server                   | microservices      |
-| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                        |                              | server                   | api                |
-| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                  |                              | server                   | api, microservices |
-| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                  |            `true`            | server                   | api                |
+| Variable                            | Description                                                                                                                                            |           Default            | Containers               | Workers            |
+| :---------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
+| `TZ`                                | Timezone                                                                                                                                               |        <sup>\*1</sup>        | server                   | microservices      |
+| `IMMICH_ENV`                        | Environment (production, development)                                                                                                                  |         `production`         | server, machine learning | api, microservices |
+| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                                                                                           |            `log`             | server, machine learning | api, microservices |
+| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                                                                                  |          `console`           | server                   | api, microservices |
+| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️                                                              |           `/data`            | server                   | api, microservices |
+| `IMMICH_CONFIG_FILE`                | Path to config file                                                                                                                                    |                              | server                   | api, microservices |
+| `IMMICH_HELMET_FILE`                | Path to a json file with [helmet](https://www.npmjs.com/package/helmet) options. Set to `false` to disable. Set to `true` to use `server/helmet.json`. |           `false`            | server                   | api, microservices |
+| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                                                                                        |           `false`            | server, machine learning |                    |
+| `CPU_CORES`                         | Number of cores available to the Immich server                                                                                                         | auto-detected CPU core count | server                   |                    |
+| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                                                                              |            `8081`            | server                   | api                |
+| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                                                                              |            `8082`            | server                   | microservices      |
+| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                                                                                    |                              | server                   | microservices      |
+| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                                                                                     |                              | server                   | api                |
+| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                                                                               |                              | server                   | api, microservices |
+| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                                                                               |            `true`            | server                   | api                |

 \*1: `TZ` should be set to a `TZ identifier` from [this list][tz-list]. For example, `TZ="Etc/UTC"`.
 `TZ` is used by `exiftool` as a fallback in case the timezone cannot be determined from the image metadata. It is also used for logfile timestamps and cron job execution.
@@ -8,7 +8,7 @@ Hardware and software requirements for Immich:

 ## Hardware

- **OS**: Recommended Linux or \*nix operating system (Ubuntu, Debian, etc).
+- **OS**: Recommended Linux or \*nix 64-bit operating system (Ubuntu, Debian, etc).
  - Non-Linux OSes tend to provide a poor Docker experience and are strongly discouraged.
    Our ability to assist with setup or troubleshooting on non-Linux OSes will be severely reduced.
    If you still want to try to use a non-Linux OS, you can set it up as follows:
@@ -19,6 +19,10 @@ Hardware and software requirements for Immich:
    If you have issues, we recommend that you switch to a supported VM deployment.
 - **RAM**: Minimum 6GB, recommended 8GB.
 - **CPU**: Minimum 2 cores, recommended 4 cores.
+  - Immich runs on the `amd64` and `arm64` platforms.
+    Since `v2.6`, the machine learning container on `amd64` requires the `>= x86-64-v2` [microarchitecture level](https://en.wikipedia.org/wiki/X86-64#Microarchitecture_levels).
+    Most CPUs released since ~2012 support this microarchitecture.
+    If you are using a virtual machine, ensure you have selected a [supported microarchitecture](https://pve.proxmox.com/pve-docs/chapter-qm.html#_qemu_cpu_types).
 - **Storage**: Recommended Unix-compatible filesystem (EXT4, ZFS, APFS, etc.) with support for user/group ownership and permissions.
  - The generation of thumbnails and transcoded video can increase the size of the photo library by 10-20% on average.

@@ -58,6 +58,6 @@
    "node": ">=20"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -1,7 +1,7 @@
 [
  {
-    "label": "v2.6.0",
-    "url": "https://docs.v2.6.0.archive.immich.app"
+    "label": "v2.6.3",
+    "url": "https://docs.v2.6.3.archive.immich.app"
  },
  {
    "label": "v2.5.6",
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "immich-e2e",
-  "version": "2.6.0",
+  "version": "2.6.3",
  "description": "",
  "main": "index.js",
  "type": "module",
@@ -32,7 +32,7 @@
    "@playwright/test": "^1.44.1",
    "@socket.io/component-emitter": "^3.1.2",
    "@types/luxon": "^3.4.2",
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "@types/pg": "^8.15.1",
    "@types/pngjs": "^6.0.4",
    "@types/supertest": "^6.0.2",
@@ -50,6 +50,7 @@
    "prettier-plugin-organize-imports": "^4.0.0",
    "sharp": "^0.34.5",
    "socket.io-client": "^4.7.4",
+    "structured-headers": "^2.0.2",
    "supertest": "^7.0.0",
    "typescript": "^5.3.3",
    "typescript-eslint": "^8.28.0",
@@ -58,6 +59,6 @@
    "vitest": "^4.0.0"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -0,0 +1,651 @@
+import { LoginResponseDto } from '@immich/sdk';
+import { createUserDto, uuidDto } from 'src/fixtures';
+import { errorDto } from 'src/responses';
+import { app, utils } from 'src/utils';
+import request from 'supertest';
+import { beforeAll, beforeEach, describe, expect, it } from 'vitest';
+
+describe('/duplicates', () => {
+  let admin: LoginResponseDto;
+  let user1: LoginResponseDto;
+  let user2: LoginResponseDto;
+
+  beforeAll(async () => {
+    await utils.resetDatabase();
+
+    admin = await utils.adminSetup();
+
+    [user1, user2] = await Promise.all([
+      utils.userSetup(admin.accessToken, createUserDto.user1),
+      utils.userSetup(admin.accessToken, createUserDto.user2),
+    ]);
+  });
+
+  beforeEach(async () => {
+    // Reset assets, albums, tags, and stacks between tests to ensure clean state for repeated test runs
+    // Note: We don't reset users since they're set up once in beforeAll
+    // Stack must be reset before asset due to foreign key constraint
+    await utils.resetDatabase(['stack', 'asset', 'album', 'tag']);
+  });
+
+  describe('GET /duplicates', () => {
+    it('should return empty array when no duplicates', async () => {
+      const { status, body } = await request(app)
+        .get('/duplicates')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual([]);
+    });
+
+    it('should return duplicate groups with suggestedKeepAssetIds', async () => {
+      // Create assets with different file sizes for duplicate detection
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Manually set duplicateId on both assets to create a duplicate group
+      const duplicateId = '00000000-0000-4000-8000-000000000001';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .get('/duplicates')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual([
+        {
+          duplicateId,
+          assets: expect.arrayContaining([
+            expect.objectContaining({ id: asset1.id }),
+            expect.objectContaining({ id: asset2.id }),
+          ]),
+          suggestedKeepAssetIds: expect.any(Array),
+        },
+      ]);
+      expect(body[0].suggestedKeepAssetIds.length).toBe(1);
+    });
+  });
+
+  describe('POST /duplicates/resolve', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .send({
+          groups: [{ duplicateId: uuidDto.dummy, keepAssetIds: [], trashAssetIds: [] }],
+        });
+
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should return failure for non-existent duplicate group', async () => {
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId: uuidDto.dummy, keepAssetIds: [], trashAssetIds: [] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        status: 'COMPLETED',
+        results: [
+          {
+            duplicateId: uuidDto.dummy,
+            status: 'FAILED',
+            reason: expect.stringContaining('not found or access denied'),
+          },
+        ],
+      });
+    });
+
+    it('should resolve duplicate group with keepers', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000002';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        status: 'COMPLETED',
+        results: [
+          {
+            duplicateId,
+            status: 'SUCCESS',
+          },
+        ],
+      });
+
+      // Verify side effects: duplicateId cleared on kept asset
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.duplicateId).toBeNull();
+
+      // Verify side effects: trashed asset is trashed and duplicateId cleared
+      const trashedAsset = await utils.getAssetInfo(user1.accessToken, asset2.id);
+      expect(trashedAsset.isTrashed).toBe(true);
+      expect(trashedAsset.duplicateId).toBeNull();
+    });
+
+    it('should reject when keepAssetIds and trashAssetIds overlap', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000003';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset1.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('disjoint');
+    });
+
+    it('should require keepAssetIds when partially trashing', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000004';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [], trashAssetIds: [asset1.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('must cover all assets');
+    });
+
+    it('should reject partial resolution (not all assets covered)', async () => {
+      const [asset1, asset2, asset3] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000010';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset3.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('must cover all assets');
+    });
+
+    it('should reject asset not in duplicate group', async () => {
+      const [asset1, asset2, outsideAsset] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000011';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [outsideAsset.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('not a member of duplicate group');
+    });
+
+    it('should allow trash-all without keepers', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000012';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [], trashAssetIds: [asset1.id, asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        status: 'COMPLETED',
+        results: [
+          {
+            duplicateId,
+            status: 'SUCCESS',
+          },
+        ],
+      });
+
+      // Verify both assets are trashed
+      const [asset1Info, asset2Info] = await Promise.all([
+        utils.getAssetInfo(user1.accessToken, asset1.id),
+        utils.getAssetInfo(user1.accessToken, asset2.id),
+      ]);
+
+      expect(asset1Info.isTrashed).toBe(true);
+      expect(asset1Info.duplicateId).toBeNull();
+      expect(asset2Info.isTrashed).toBe(true);
+      expect(asset2Info.duplicateId).toBeNull();
+    });
+
+    it('should reject cross-user duplicate group access', async () => {
+      const asset1 = await utils.createAsset(user1.accessToken);
+      const asset2 = await utils.createAsset(user2.accessToken);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000013';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user2.accessToken, asset2.id, duplicateId);
+
+      // User1 tries to resolve a group containing user2's asset
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('FAILED');
+      expect(body.results[0].reason).toContain('not a member of duplicate group');
+    });
+
+    it('should synchronize favorites when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Mark one asset as favorite
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], isFavorite: true });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000020';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify favorite was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.isFavorite).toBe(true);
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize visibility when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Archive one asset
+      await utils.archiveAssets(user1.accessToken, [asset2.id]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000021';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify visibility was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.visibility).toBe('archive');
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize rating when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Set rating on one asset
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], rating: 5 });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000022';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify rating was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.exifInfo?.rating).toBe(5);
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize description when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Set description on one asset
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], description: 'Test description for duplicate' });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000023';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify description was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.exifInfo?.description).toBe('Test description for duplicate');
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize location when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Set location on one asset
+      await request(app)
+        .put('/assets')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({ ids: [asset2.id], latitude: 40.7128, longitude: -74.006 });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000024';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify location was synchronized to keeper
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.exifInfo?.latitude).toBe(40.7128);
+      expect(keptAsset.exifInfo?.longitude).toBe(-74.006);
+      expect(keptAsset.duplicateId).toBeNull();
+    });
+
+    it('should synchronize albums when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Create albums and add assets to different albums
+      const album1 = await utils.createAlbum(user1.accessToken, {
+        albumName: 'Album 1',
+        assetIds: [asset1.id],
+      });
+      const album2 = await utils.createAlbum(user1.accessToken, {
+        albumName: 'Album 2',
+        assetIds: [asset2.id],
+      });
+
+      const duplicateId = '00000000-0000-4000-8000-000000000025';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify keeper is now in both albums
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.duplicateId).toBeNull();
+
+      // Check albums directly
+      const { status: album1Status, body: album1Body } = await request(app)
+        .get(`/albums/${album1.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      const { status: album2Status, body: album2Body } = await request(app)
+        .get(`/albums/${album2.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      expect(album1Status).toBe(200);
+      expect(album2Status).toBe(200);
+      expect(album1Body.assets.map((a: any) => a.id)).toContain(asset1.id);
+      expect(album2Body.assets.map((a: any) => a.id)).toContain(asset1.id);
+    });
+
+    it('should synchronize tags when enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      // Wait for metadata extraction to complete before adding tags
+      // Otherwise, metadata jobs will race and overwrite our tags
+      await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+
+      // Create tags and tag assets differently
+      const tags = await utils.upsertTags(user1.accessToken, ['tag1', 'tag2']);
+      await utils.tagAssets(user1.accessToken, tags[0].id, [asset1.id]);
+      await utils.tagAssets(user1.accessToken, tags[1].id, [asset2.id]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000026';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify keeper has both tags
+      const keptAsset = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(keptAsset.duplicateId).toBeNull();
+      expect(keptAsset.tags).toBeDefined();
+      const tagIds = keptAsset.tags?.map((t) => t.id) || [];
+      expect(tagIds).toContain(tags[0].id);
+      expect(tagIds).toContain(tags[1].id);
+    });
+
+    it('should handle batch resolve with mixed success and failure', async () => {
+      // Create first group that will succeed
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+      const duplicateId1 = '00000000-0000-4000-8000-000000000027';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId1);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId1);
+
+      // Create second group with non-existent duplicate ID (will fail)
+      const fakeId = '00000000-0000-4000-8000-000000000099';
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [
+            { duplicateId: duplicateId1, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] },
+            { duplicateId: fakeId, keepAssetIds: [], trashAssetIds: [] },
+          ],
+        });
+
+      expect(status).toBe(200);
+      expect(body.status).toBe('COMPLETED');
+      expect(body.results).toHaveLength(2);
+
+      // First group should succeed
+      expect(body.results[0].duplicateId).toBe(duplicateId1);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Second group should fail
+      expect(body.results[1].duplicateId).toBe(fakeId);
+      expect(body.results[1].status).toBe('FAILED');
+      expect(body.results[1].reason).toContain('not found or access denied');
+
+      // Verify first group was actually resolved despite second failure
+      const asset1Info = await utils.getAssetInfo(user1.accessToken, asset1.id);
+      expect(asset1Info.duplicateId).toBeNull();
+      const asset2Info = await utils.getAssetInfo(user1.accessToken, asset2.id);
+      expect(asset2Info.isTrashed).toBe(true);
+    });
+
+    it('should trash assets when trash is enabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000028';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      // Ensure trash is enabled (default)
+      const config = await utils.getSystemConfig(admin.accessToken);
+      expect(config.trash.enabled).toBe(true);
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Verify asset is trashed (not deleted)
+      const trashedAsset = await utils.getAssetInfo(user1.accessToken, asset2.id);
+      expect(trashedAsset.isTrashed).toBe(true);
+    });
+
+    it('should delete assets when trash is disabled', async () => {
+      const [asset1, asset2] = await Promise.all([
+        utils.createAsset(user1.accessToken),
+        utils.createAsset(user1.accessToken),
+      ]);
+
+      const duplicateId = '00000000-0000-4000-8000-000000000029';
+      await utils.setAssetDuplicateId(user1.accessToken, asset1.id, duplicateId);
+      await utils.setAssetDuplicateId(user1.accessToken, asset2.id, duplicateId);
+
+      // Disable trash
+      await request(app)
+        .put('/system-config')
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send({
+          trash: { enabled: false, days: 30 },
+        });
+
+      const { status, body } = await request(app)
+        .post('/duplicates/resolve')
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({
+          groups: [{ duplicateId, keepAssetIds: [asset1.id], trashAssetIds: [asset2.id] }],
+        });
+
+      expect(status).toBe(200);
+      expect(body.results[0].status).toBe('SUCCESS');
+
+      // Asset should be marked as deleted (force delete)
+      const { status: getStatus } = await request(app)
+        .get(`/assets/${asset2.id}`)
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+
+      // Asset should still be accessible (soft deleted) but marked as deleted
+      expect(getStatus).toBe(200);
+
+      // Re-enable trash for other tests
+      await utils.resetAdminConfig(admin.accessToken);
+    });
+  });
+});
@@ -2,6 +2,8 @@ export const uuidDto = {
  invalid: 'invalid-uuid',
  // valid uuid v4
  notFound: '00000000-0000-4000-a000-000000000000',
+  dummy: '00000000-0000-4000-a000-000000000001',
+  dummy2: '00000000-0000-4000-a000-000000000002',
 };

 const adminLoginDto = {
@@ -10,7 +10,9 @@ describe('/admin/database-backups', () => {

  beforeAll(async () => {
    await utils.resetDatabase();
-    admin = await utils.adminSetup();
+    admin = await utils.adminSetup({
+      onboarding: false,
+    });
    await utils.resetBackups(admin.accessToken);
  });

@@ -94,7 +96,9 @@ describe('/admin/database-backups', () => {
        ({ status, body }) => status === 200 && !body.maintenanceMode,
      );

-      admin = await utils.adminSetup();
+      admin = await utils.adminSetup({
+        onboarding: false,
+      });
    });

    it.sequential('should not work when the server is configured', async () => {
@@ -524,14 +524,19 @@ describe('/albums', () => {
      expect(body).toEqual(errorDto.badRequest('Not found or no album.update access'));
    });

-    it('should not be able to update as an editor', async () => {
+    it('should be able to update as an editor', async () => {
      const { status, body } = await request(app)
        .patch(`/albums/${user1Albums[0].id}`)
        .set('Authorization', `Bearer ${user2.accessToken}`)
        .send({ albumName: 'New album name' });

-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Not found or no album.update access'));
+      expect(status).toBe(200);
+      expect(body).toEqual(
+        expect.objectContaining({
+          id: user1Albums[0].id,
+          albumName: 'New album name',
+        }),
+      );
    });
  });

@@ -1,6 +1,7 @@
 import { LoginResponseDto } from '@immich/sdk';
-import { test } from '@playwright/test';
-import { utils } from 'src/utils';
+import { expect, test } from '@playwright/test';
+import { readFileSync } from 'node:fs';
+import { testAssetDir, utils } from 'src/utils';

 test.describe('Album', () => {
  let admin: LoginResponseDto;
@@ -22,4 +23,41 @@ test.describe('Album', () => {
    await page.reload();
    await page.getByRole('button', { name: 'Select photos' }).waitFor();
  });
+
+  test('should keep map view open after viewing an asset from the map and going back', async ({ context, page }) => {
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    const imagePath = `${testAssetDir}/metadata/gps-position/thompson-springs.jpg`;
+    const mapAsset = await utils.createAsset(admin.accessToken, {
+      assetData: {
+        bytes: readFileSync(imagePath),
+        filename: 'thompson-springs.jpg',
+      },
+    });
+
+    await utils.waitForQueueFinish(admin.accessToken, 'metadataExtraction');
+
+    const mapAlbum = await utils.createAlbum(admin.accessToken, {
+      albumName: 'Map Test Album',
+      assetIds: [mapAsset.id],
+    });
+
+    await page.goto(`/albums/${mapAlbum.id}`);
+    const mapButton = page.getByRole('button', { name: 'Map' });
+    await expect(mapButton).toBeVisible();
+    await mapButton.click();
+
+    const mapModal = page.getByRole('dialog');
+    await expect(mapModal).toBeVisible();
+
+    const mapMarker = mapModal.getByRole('img', { name: /Map marker/i }).first();
+    await expect(mapMarker).toBeVisible();
+    await mapMarker.click();
+
+    await page.waitForSelector('#immich-asset-viewer');
+    await page.getByRole('button', { name: 'Go back' }).click();
+
+    await expect(page.locator('#immich-asset-viewer')).not.toBeVisible();
+    await expect(mapModal).toBeVisible();
+  });
 });
@@ -0,0 +1,51 @@
+import { AssetMediaResponseDto, LoginResponseDto, updateAssets } from '@immich/sdk';
+import { expect, test } from '@playwright/test';
+import crypto from 'node:crypto';
+import { asBearerAuth, utils } from 'src/utils';
+
+test.describe('Duplicates Utility', () => {
+  let admin: LoginResponseDto;
+  let firstAsset: AssetMediaResponseDto;
+  let secondAsset: AssetMediaResponseDto;
+
+  test.beforeAll(async () => {
+    utils.initSdk();
+    await utils.resetDatabase();
+    admin = await utils.adminSetup();
+  });
+
+  test.beforeEach(async ({ context }) => {
+    [firstAsset, secondAsset] = await Promise.all([
+      utils.createAsset(admin.accessToken, { deviceAssetId: 'duplicate-a' }),
+      utils.createAsset(admin.accessToken, { deviceAssetId: 'duplicate-b' }),
+    ]);
+
+    await updateAssets(
+      {
+        assetBulkUpdateDto: {
+          ids: [firstAsset.id, secondAsset.id],
+          duplicateId: crypto.randomUUID(),
+        },
+      },
+      { headers: asBearerAuth(admin.accessToken) },
+    );
+
+    await utils.setAuthCookies(context, admin.accessToken);
+  });
+
+  test('navigates with arrow keys between duplicate preview assets', async ({ page }) => {
+    await page.goto('/utilities/duplicates');
+    await page.getByRole('button', { name: 'View' }).first().click();
+    await page.waitForSelector('#immich-asset-viewer');
+
+    const getViewedAssetId = () => new URL(page.url()).pathname.split('/').at(-1) ?? '';
+    const initialAssetId = getViewedAssetId();
+    expect([firstAsset.id, secondAsset.id]).toContain(initialAssetId);
+
+    await page.keyboard.press('ArrowRight');
+    await expect.poll(getViewedAssetId).not.toBe(initialAssetId);
+
+    await page.keyboard.press('ArrowLeft');
+    await expect.poll(getViewedAssetId).toBe(initialAssetId);
+  });
+});
@@ -510,6 +510,9 @@ export const utils = {
  createStack: (accessToken: string, assetIds: string[]) =>
    createStack({ stackCreateDto: { assetIds } }, { headers: asBearerAuth(accessToken) }),

+  setAssetDuplicateId: (accessToken: string, assetId: string, duplicateId: string | null) =>
+    updateAssets({ assetBulkUpdateDto: { ids: [assetId], duplicateId } }, { headers: asBearerAuth(accessToken) }),
+
  upsertTags: (accessToken: string, tags: string[]) =>
    upsertTags({ tagUpsertDto: { tags } }, { headers: asBearerAuth(accessToken) }),

@@ -697,6 +700,16 @@ export const utils = {
      }
    }
  },
+
+  downloadAsset: async (accessToken: string, id: string) => {
+    const downloadedRes = await fetch(`${baseUrl}/api/assets/${id}/original`, {
+      headers: asBearerAuth(accessToken),
+    });
+    if (!downloadedRes.ok) {
+      throw new Error(`Failed to download asset ${id}: ${downloadedRes.status} ${await downloadedRes.text()}`);
+    }
+    return await downloadedRes.blob();
+  },
 };

 utils.initSdk();
@@ -866,6 +866,7 @@
  "crop_aspect_ratio_fixed": "Fixed",
  "crop_aspect_ratio_free": "Free",
  "crop_aspect_ratio_original": "Original",
+  "crop_aspect_ratio_square": "Square",
  "curated_object_page_title": "Things",
  "current_device": "Current device",
  "current_pin_code": "Current PIN code",
@@ -880,7 +881,7 @@
  "daily_title_text_date": "E, MMM dd",
  "daily_title_text_date_year": "E, MMM dd, yyyy",
  "dark": "Dark",
-  "dark_theme": "Toggle dark theme",
+  "dark_theme": "Switch to dark theme",
  "date": "Date",
  "date_after": "Date after",
  "date_and_time": "Date and Time",
@@ -891,10 +892,8 @@
  "day": "Day",
  "days": "Days",
  "deduplicate_all": "Deduplicate All",
-  "deduplication_criteria_1": "Image size in bytes",
-  "deduplication_criteria_2": "Count of EXIF data",
-  "deduplication_info": "Deduplication Info",
-  "deduplication_info_description": "To automatically preselect assets and remove duplicates in bulk, we look at:",
+  "default_locale": "Default Locale",
+  "default_locale_description": "Format dates and numbers based on your browser locale",
  "delete": "Delete",
  "delete_action_confirmation_message": "Are you sure you want to delete this asset? This action will move the asset to the server's trash and will prompt if you want to delete it locally",
  "delete_action_prompt": "{count} deleted",
@@ -970,7 +969,7 @@
  "downloading_media": "Downloading media",
  "drop_files_to_upload": "Drop files anywhere to upload",
  "duplicates": "Duplicates",
-  "duplicates_description": "Resolve each group by indicating which, if any, are duplicates",
+  "duplicates_description": "Resolve each group by indicating which, if any, are duplicates.",
  "duration": "Duration",
  "edit": "Edit",
  "edit_album": "Edit album",
@@ -1387,9 +1386,11 @@
  "library_page_sort_title": "Album title",
  "licenses": "Licenses",
  "light": "Light",
+  "light_theme": "Switch to light theme",
  "like": "Like",
  "like_deleted": "Like deleted",
  "link_motion_video": "Link motion video",
+  "link_to_docs": "For more information, refer to the <link>documentation</link>.",
  "link_to_oauth": "Link to OAuth",
  "linked_oauth_account": "Linked OAuth account",
  "list": "List",
@@ -2394,6 +2395,7 @@
  "viewer_remove_from_stack": "Remove from Stack",
  "viewer_stack_use_as_main_asset": "Use as Main Asset",
  "viewer_unstack": "Un-Stack",
+  "visibility": "Visibility",
  "visibility_changed": "Visibility changed for {count, plural, one {# person} other {# people}}",
  "visual": "Visual",
  "visual_builder": "Visual builder",
@@ -1,6 +1,6 @@
 {
  "name": "immich-i18n",
-  "version": "2.6.0",
+  "version": "2.6.3",
  "private": true,
  "scripts": {
    "format": "prettier --cache --check .",
@@ -1,6 +1,6 @@
 [project]
 name = "immich-ml"
-version = "2.6.0"
+version = "2.6.3"
 description = ""
 authors = [{ name = "Hau Tran", email = "alex.tran1502@gmail.com" }]
 requires-python = ">=3.11,<4.0"
@@ -898,7 +898,7 @@ wheels = [

 [[package]]
 name = "immich-ml"
-version = "2.6.0"
+version = "2.6.3"
 source = { editable = "." }
 dependencies = [
    { name = "aiocache" },
@@ -14,9 +14,9 @@ config_roots = [
 ]

 [tools]
-node = "24.13.1"
+node = "24.14.0"
 flutter = "3.35.7"
-pnpm = "10.30.3"
+pnpm = "10.32.1"
 terragrunt = "0.99.4"
 opentofu = "1.11.5"
 java = "21.0.2"
@@ -23,10 +23,18 @@ import okhttp3.HttpUrl
 import okhttp3.HttpUrl.Companion.toHttpUrlOrNull
 import okhttp3.OkHttpClient
 import org.chromium.net.CronetEngine
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
 import kotlinx.serialization.Serializable
 import kotlinx.serialization.json.Json
 import java.io.ByteArrayInputStream
 import java.io.File
+import java.io.IOException
+import java.nio.file.FileVisitResult
+import java.nio.file.Files
+import java.nio.file.Path
+import java.nio.file.SimpleFileVisitor
+import java.nio.file.attribute.BasicFileAttributes
 import java.net.Authenticator
 import java.net.CookieHandler
 import java.net.PasswordAuthentication
@@ -277,10 +285,13 @@ object HttpClientManager {
    return result
  }

-  fun rebuildCronetEngine(): CronetEngine {
-    val old = cronetEngine!!
-    cronetEngine = buildCronetEngine()
-    return old
+  suspend fun rebuildCronetEngine(): Result<Long> {
+    return runCatching {
+      cronetEngine?.shutdown()
+      val deletionResult = deleteFolderAndGetSize(cronetStoragePath.toPath())
+      cronetEngine = buildCronetEngine()
+      deletionResult
+    }
  }

  val cronetStoragePath: File get() = cronetStorageDir
@@ -301,7 +312,7 @@ object HttpClientManager {
    }
  }

-  private fun buildCronetEngine(): CronetEngine {
+  fun buildCronetEngine(): CronetEngine {
    return CronetEngine.Builder(appContext)
      .enableHttp2(true)
      .enableQuic(true)
@@ -312,6 +323,27 @@ object HttpClientManager {
      .build()
  }

+  private suspend fun deleteFolderAndGetSize(root: Path): Long = withContext(Dispatchers.IO) {
+    var totalSize = 0L
+
+    Files.walkFileTree(root, object : SimpleFileVisitor<Path>() {
+      override fun visitFile(file: Path, attrs: BasicFileAttributes): FileVisitResult {
+        totalSize += attrs.size()
+        Files.delete(file)
+        return FileVisitResult.CONTINUE
+      }
+
+      override fun postVisitDirectory(dir: Path, exc: IOException?): FileVisitResult {
+        if (dir != root) {
+          Files.delete(dir)
+        }
+        return FileVisitResult.CONTINUE
+      }
+    })
+
+    totalSize
+  }
+
  private fun build(cacheDir: File): OkHttpClient {
    val connectionPool = ConnectionPool(
      maxIdleConnections = KEEP_ALIVE_CONNECTIONS,
@@ -21,11 +21,6 @@ import java.io.EOFException
 import java.io.File
 import java.io.IOException
 import java.nio.ByteBuffer
-import java.nio.file.FileVisitResult
-import java.nio.file.Files
-import java.nio.file.Path
-import java.nio.file.SimpleFileVisitor
-import java.nio.file.attribute.BasicFileAttributes
 import java.util.concurrent.ConcurrentHashMap

 private class RemoteRequest(val cancellationSignal: CancellationSignal)
@@ -205,18 +200,15 @@ private class CronetImageFetcher : ImageFetcher {

  private fun onDrained() {
    val onCacheCleared = synchronized(stateLock) {
-      val onCacheCleared = onCacheCleared
+      val onCacheCleared = this.onCacheCleared
      this.onCacheCleared = null
      onCacheCleared
-    }
-    if (onCacheCleared != null) {
-      val oldEngine = HttpClientManager.rebuildCronetEngine()
-      oldEngine.shutdown()
-      CoroutineScope(Dispatchers.IO).launch {
-        val result = runCatching { deleteFolderAndGetSize(HttpClientManager.cronetStoragePath.toPath()) }
-        synchronized(stateLock) { draining = false }
-        onCacheCleared(result)
-      }
+    } ?: return
+
+    CoroutineScope(Dispatchers.IO).launch {
+      val result = HttpClientManager.rebuildCronetEngine()
+      synchronized(stateLock) { draining = false }
+      onCacheCleared(result)
    }
  }

@@ -306,26 +298,6 @@ private class CronetImageFetcher : ImageFetcher {
    }
  }

-  suspend fun deleteFolderAndGetSize(root: Path): Long = withContext(Dispatchers.IO) {
-    var totalSize = 0L
-
-    Files.walkFileTree(root, object : SimpleFileVisitor<Path>() {
-      override fun visitFile(file: Path, attrs: BasicFileAttributes): FileVisitResult {
-        totalSize += attrs.size()
-        Files.delete(file)
-        return FileVisitResult.CONTINUE
-      }
-
-      override fun postVisitDirectory(dir: Path, exc: IOException?): FileVisitResult {
-        if (dir != root) {
-          Files.delete(dir)
-        }
-        return FileVisitResult.CONTINUE
-      }
-    })
-
-    totalSize
-  }
 }

 private class OkHttpImageFetcher private constructor(
@@ -35,8 +35,8 @@ platform :android do
      task: 'bundle', 
      build_type: 'Release',
      properties: {
-        "android.injected.version.code" => 3038,
-        "android.injected.version.name" => "2.6.0",
+        "android.injected.version.code" => 3041,
+        "android.injected.version.name" => "2.6.3",
      }
    )
    upload_to_play_store(skip_upload_apk: true, skip_upload_images: true, skip_upload_screenshots: true, aab: '../build/app/outputs/bundle/release/app-release.aab')
@@ -150,7 +150,6 @@ class URLSessionManager: NSObject {
    config.httpCookieStorage = cookieStorage
    config.httpMaximumConnectionsPerHost = 64
    config.timeoutIntervalForRequest = 60
-    config.timeoutIntervalForResource = 300

    var headers = UserDefaults.group.dictionary(forKey: HEADERS_KEY) as? [String: String] ?? [:]
    headers["User-Agent"] = headers["User-Agent"] ?? userAgent
@@ -80,7 +80,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.6.0</string>
+	<string>2.6.3</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleURLTypes</key>
@@ -7,7 +7,7 @@ const Map<String, Locale> locales = {
  'Arabic (ar)': Locale('ar'),
  'Bulgarian (bg)': Locale('bg'),
  'Catalan (ca)': Locale('ca'),
-  'Chinese Simplified (zh_CN)': Locale.fromSubtags(languageCode: 'zh', scriptCode: 'SIMPLIFIED'),
+  'Chinese Simplified (zh_CN)': Locale.fromSubtags(languageCode: 'zh', scriptCode: 'Hans'),
  'Chinese Traditional (zh_TW)': Locale.fromSubtags(languageCode: 'zh', scriptCode: 'Hant'),
  'Croatian (hr)': Locale('hr'),
  'Czech (cs)': Locale('cs'),
@@ -207,6 +207,11 @@ class DriftMemoryPage extends HookConsumerWidget {
                WidgetsBinding.instance.addPostFrameCallback((_) {
                  DriftMemoryPage.setMemory(ref, memories[pageNumber]);
                });
+
+                // Update currentAsset to the first asset of the new memory
+                if (memories[pageNumber].assets.isNotEmpty) {
+                  currentAsset.value = memories[pageNumber].assets.first;
+                }
              }

              currentAssetPage.value = 0;
@@ -79,6 +79,7 @@ class _DriftPeopleCollectionPageState extends ConsumerState<DriftPeopleCollectio
                    final person = people[index];

                    return Column(
+                      key: ValueKey(person.id),
                      children: [
                        GestureDetector(
                          onTap: () {
@@ -88,6 +89,7 @@ class _DriftPeopleCollectionPageState extends ConsumerState<DriftPeopleCollectio
                            shape: const CircleBorder(side: BorderSide.none),
                            elevation: 3,
                            child: CircleAvatar(
+                              key: ValueKey('avatar-${person.id}'),
                              maxRadius: isTablet ? 100 / 2 : 96 / 2,
                              backgroundImage: RemoteImageProvider(url: getFaceThumbnailUrl(person.id)),
                            ),
@@ -69,6 +69,7 @@ class DriftSearchPage extends HookConsumerWidget {
    );

    final previousFilter = useState<SearchFilter?>(null);
+    final hasRequestedSearch = useState<bool>(false);
    final dateInputFilter = useState<DateFilterInputModel?>(null);

    final peopleCurrentFilterWidget = useState<Widget?>(null);
@@ -91,9 +92,11 @@ class DriftSearchPage extends HookConsumerWidget {

      if (filter.isEmpty) {
        previousFilter.value = null;
+        hasRequestedSearch.value = false;
        return;
      }

+      hasRequestedSearch.value = true;
      unawaited(ref.read(paginatedSearchProvider.notifier).search(filter));
      previousFilter.value = filter;
    }
@@ -107,6 +110,8 @@ class DriftSearchPage extends HookConsumerWidget {
    searchPreFilter() {
      if (preFilter != null) {
        Future.delayed(Duration.zero, () {
+          filter.value = preFilter;
+          textSearchController.clear();
          searchFilter(preFilter);

          if (preFilter.location.city != null) {
@@ -719,7 +724,7 @@ class DriftSearchPage extends HookConsumerWidget {
              ),
            ),
          ),
-          if (filter.value.isEmpty)
+          if (!hasRequestedSearch.value)
            const _SearchSuggestions()
          else
            _SearchResultGrid(onScrollEnd: loadMoreSearchResults),
@@ -24,20 +24,22 @@ class SimilarPhotosActionButton extends ConsumerWidget {
    }

    ref.invalidate(assetViewerProvider);
-    ref
-        .read(searchPreFilterProvider.notifier)
-        .setFilter(
-          SearchFilter(
-            assetId: assetId,
-            people: {},
-            location: SearchLocationFilter(),
-            camera: SearchCameraFilter(),
-            date: SearchDateFilter(),
-            display: SearchDisplayFilters(isNotInAlbum: false, isArchive: false, isFavorite: false),
-            rating: SearchRatingFilter(),
-            mediaType: AssetType.image,
-          ),
-        );
+    ref.invalidate(paginatedSearchProvider);
+
+    ref.read(searchPreFilterProvider.notifier)
+      ..clear()
+      ..setFilter(
+        SearchFilter(
+          assetId: assetId,
+          people: {},
+          location: SearchLocationFilter(),
+          camera: SearchCameraFilter(),
+          date: SearchDateFilter(),
+          display: SearchDisplayFilters(isNotInAlbum: false, isArchive: false, isFavorite: false),
+          rating: SearchRatingFilter(),
+          mediaType: AssetType.image,
+        ),
+      );

    unawaited(context.navigateTo(const DriftSearchRoute()));
  }
@@ -71,16 +71,13 @@ class ViewerBottomBar extends ConsumerWidget {
                ),
                child: SafeArea(
                  top: false,
-                  child: Padding(
-                    padding: const EdgeInsets.only(top: 16),
-                    child: Column(
-                      mainAxisSize: MainAxisSize.min,
-                      children: [
-                        if (asset.isVideo) VideoControls(videoPlayerName: asset.heroTag),
-                        if (!isReadonlyModeEnabled)
-                          Row(mainAxisAlignment: MainAxisAlignment.spaceEvenly, children: actions),
-                      ],
-                    ),
+                  child: Column(
+                    mainAxisSize: MainAxisSize.min,
+                    children: [
+                      if (asset.isVideo) VideoControls(videoPlayerName: asset.heroTag),
+                      if (!isReadonlyModeEnabled)
+                        Row(mainAxisAlignment: MainAxisAlignment.spaceEvenly, children: actions),
+                    ],
                  ),
                ),
              ),
@@ -39,6 +39,16 @@ class _RatingBarState extends State<RatingBar> {
    _currentRating = widget.initialRating;
  }

+  @override
+  void didUpdateWidget(covariant RatingBar oldWidget) {
+    super.didUpdateWidget(oldWidget);
+    if (oldWidget.initialRating != widget.initialRating && _currentRating != widget.initialRating) {
+      setState(() {
+        _currentRating = widget.initialRating;
+      });
+    }
+  }
+
  void _updateRating(Offset localPosition, bool isRTL, {bool isTap = false}) {
    final totalWidth = widget.itemCount * widget.itemSize + (widget.itemCount - 1) * widget.starPadding;
    double dx = localPosition.dx;
@@ -3,24 +3,21 @@ import 'dart:ui' as ui;

 import 'package:flutter/foundation.dart' show InformationCollector;
 import 'package:flutter/painting.dart';
+import 'package:immich_mobile/presentation/widgets/images/cache_aware_listener_tracker.mixin.dart';

 /// A [MultiFrameImageStreamCompleter] with support for listener tracking
 /// which makes resource cleanup possible when no longer needed.
 /// Codec is disposed through the MultiFrameImageStreamCompleter's internals onDispose method
-class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter {
-  void Function()? _onLastListenerRemoved;
-  int _listenerCount = 0;
-  // True once any image or the codec has been provided.
-  // Until then the image cache holds one listener, so "last real listener gone"
-  // is _listenerCount == 1, not 0.
-  bool didProvideImage = false;
-
+class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter with CacheAwareListenerTrackerMixin {
  AnimatedImageStreamCompleter._({
    required super.codec,
    required super.scale,
+    required bool hadInitialImage,
    super.informationCollector,
    void Function()? onLastListenerRemoved,
-  }) : _onLastListenerRemoved = onLastListenerRemoved;
+  }) {
+    setupListenerTracking(hadInitialImage: hadInitialImage, onLastListenerRemoved: onLastListenerRemoved);
+  }

  factory AnimatedImageStreamCompleter({
    required Stream<Object> stream,
@@ -33,23 +30,21 @@ class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter {
    final self = AnimatedImageStreamCompleter._(
      codec: codecCompleter.future,
      scale: scale,
+      hadInitialImage: initialImage != null,
      informationCollector: informationCollector,
      onLastListenerRemoved: onLastListenerRemoved,
    );

    if (initialImage != null) {
-      self.didProvideImage = true;
      self.setImage(initialImage);
    }

    stream.listen(
      (item) {
        if (item is ImageInfo) {
-          self.didProvideImage = true;
          self.setImage(item);
        } else if (item is ui.Codec) {
          if (!codecCompleter.isCompleted) {
-            self.didProvideImage = true;
            codecCompleter.complete(item);
          }
        }
@@ -70,27 +65,4 @@ class AnimatedImageStreamCompleter extends MultiFrameImageStreamCompleter {

    return self;
  }
-
-  @override
-  void addListener(ImageStreamListener listener) {
-    super.addListener(listener);
-    _listenerCount++;
-  }
-
-  @override
-  void removeListener(ImageStreamListener listener) {
-    super.removeListener(listener);
-    _listenerCount--;
-
-    final bool onlyCacheListenerLeft = _listenerCount == 1 && !didProvideImage;
-    final bool noListenersAfterCodec = _listenerCount == 0 && didProvideImage;
-
-    if (onlyCacheListenerLeft || noListenersAfterCodec) {
-      final onLastListenerRemoved = _onLastListenerRemoved;
-      if (onLastListenerRemoved != null) {
-        _onLastListenerRemoved = null;
-        onLastListenerRemoved();
-      }
-    }
-  }
 }
@@ -0,0 +1,84 @@
+import 'package:flutter/painting.dart';
+
+/// Tracks listeners on an [ImageStreamCompleter] to safely cancel in-flight
+/// network requests without interfering with [ImageCache] internals.
+///
+/// ### Problem
+/// Cancelling fetches when the listener count drops to 1 (cache only) or 0
+/// is unsafe due to three framework behaviours:
+///
+/// 1. **Memory-pressure eviction** — `ImageCache.clear()` removes the cache
+///    listener while UI widgets still need the image. A count-based check
+///    would cancel the active fetch, leaving the UI with no image.
+/// 2. **Synchronous detach during `putIfAbsent`** — When an `initialImage`
+///    is provided, the cache attaches, receives the frame, and detaches
+///    synchronously *before* the UI widget can attach. Count reaches 0 and
+///    would trigger a false cancel.
+/// 3. **Listener misidentification** — After the cache detaches (via 1 or 2),
+///    the next UI listener could be mistaken for the cache listener, causing
+///    incorrect cancellations when that widget is disposed.
+///
+/// ### Solution: First-Listener Heuristic
+/// The cache is always the first listener attached (via `putIfAbsent`). This
+/// mixin records that identity once and uses it for all subsequent decisions:
+///
+/// * **Identity locking** — The first listener is assumed to be the cache.
+///   Once identified, `_hasIdentifiedCacheListener` prevents reassignment.
+/// * **Targeted cancellation** — Cancel only when the identified cache
+///   listener is the sole remaining listener and no image has been delivered.
+/// * **Sync-removal bypass** — When `hadInitialImage` is set, the first
+///   synchronous removal of the cache listener is ignored so the fetch
+///   survives until the UI attaches.
+mixin CacheAwareListenerTrackerMixin on ImageStreamCompleter {
+  void Function()? _onLastListenerRemoved;
+  int _listenerCount = 0;
+  bool _hadInitialImage = false;
+  bool _hasIgnoredFirstSyncRemoval = false;
+  ImageStreamListener? _cacheListener;
+  bool _hasIdentifiedCacheListener = false;
+
+  /// Initializes the tracking state. Must be called in the subclass constructor.
+  void setupListenerTracking({required bool hadInitialImage, void Function()? onLastListenerRemoved}) {
+    _hadInitialImage = hadInitialImage;
+    _onLastListenerRemoved = onLastListenerRemoved;
+  }
+
+  @override
+  void addListener(ImageStreamListener listener) {
+    if (!_hasIdentifiedCacheListener) {
+      _hasIdentifiedCacheListener = true;
+      _cacheListener = listener;
+    }
+
+    _listenerCount++;
+    super.addListener(listener);
+  }
+
+  @override
+  void removeListener(ImageStreamListener listener) {
+    super.removeListener(listener);
+    _listenerCount--;
+
+    final bool isCacheListener = listener == _cacheListener;
+    if (isCacheListener) {
+      _cacheListener = null;
+    }
+
+    if (_hadInitialImage && !_hasIgnoredFirstSyncRemoval && isCacheListener) {
+      _hasIgnoredFirstSyncRemoval = true;
+      return;
+    }
+
+    final bool onlyCacheListenerLeft = _listenerCount == 1 && _cacheListener != null;
+
+    final bool completelyAbandoned = _listenerCount == 0;
+
+    if (onlyCacheListenerLeft || completelyAbandoned) {
+      final onLastListenerRemoved = _onLastListenerRemoved;
+      if (onLastListenerRemoved != null) {
+        _onLastListenerRemoved = null;
+        onLastListenerRemoved();
+      }
+    }
+  }
+}
@@ -6,14 +6,10 @@ import 'dart:async';

 import 'package:flutter/foundation.dart';
 import 'package:flutter/painting.dart';
+import 'package:immich_mobile/presentation/widgets/images/cache_aware_listener_tracker.mixin.dart';

 /// An ImageStreamCompleter with support for loading multiple images.
-class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter {
-  void Function()? _onLastListenerRemoved;
-  int _listenerCount = 0;
-  // True once setImage() has been called at least once.
-  bool didProvideImage = false;
-
+class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter with CacheAwareListenerTrackerMixin {
  /// The constructor to create an OneFramePlaceholderImageStreamCompleter. The [images]
  /// should be the primary images to display (typically asynchronously as they load).
  /// The [initialImage] is an optional image that will be emitted synchronously
@@ -24,14 +20,14 @@ class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter {
    InformationCollector? informationCollector,
    void Function()? onLastListenerRemoved,
  }) {
+    setupListenerTracking(hadInitialImage: initialImage != null, onLastListenerRemoved: onLastListenerRemoved);
+
    if (initialImage != null) {
-      didProvideImage = true;
      setImage(initialImage);
    }
-    _onLastListenerRemoved = onLastListenerRemoved;
+
    images.listen(
      (image) {
-        didProvideImage = true;
        setImage(image);
      },
      onError: (Object error, StackTrace stack) {
@@ -45,26 +41,4 @@ class OneFramePlaceholderImageStreamCompleter extends ImageStreamCompleter {
      },
    );
  }
-
-  @override
-  void addListener(ImageStreamListener listener) {
-    super.addListener(listener);
-    _listenerCount = _listenerCount + 1;
-  }
-
-  @override
-  void removeListener(ImageStreamListener listener) {
-    super.removeListener(listener);
-    _listenerCount = _listenerCount - 1;
-
-    final bool onlyCacheListenerLeft = _listenerCount == 1 && !didProvideImage;
-    final bool noListenersAfterImage = _listenerCount == 0 && didProvideImage;
-
-    final onLastListenerRemoved = _onLastListenerRemoved;
-
-    if (onLastListenerRemoved != null && (noListenersAfterImage || onlyCacheListenerLeft)) {
-      _onLastListenerRemoved = null;
-      onLastListenerRemoved();
-    }
-  }
 }
@@ -6,6 +6,7 @@ import 'package:device_info_plus/device_info_plus.dart';
 import 'package:immich_mobile/domain/models/store.model.dart';
 import 'package:immich_mobile/entities/store.entity.dart';
 import 'package:immich_mobile/infrastructure/repositories/network.repository.dart';
+import 'package:immich_mobile/models/auth/auxilary_endpoint.model.dart';
 import 'package:immich_mobile/utils/debug_print.dart';
 import 'package:immich_mobile/utils/url_helper.dart';
 import 'package:logging/logging.dart';
@@ -184,8 +185,8 @@ class ApiService {
    if (externalJson != null) {
      final List<dynamic> list = jsonDecode(externalJson);
      for (final entry in list) {
-        final url = entry['url'] as String?;
-        if (url != null && url.isNotEmpty) urls.add(url);
+        final url = AuxilaryEndpoint.fromJson(entry).url;
+        if (url.isNotEmpty) urls.add(url);
      }
    }
    return urls;
@@ -67,6 +67,9 @@ class AuthService {
    bool isValid = false;

    try {
+      final urls = ApiService.getServerUrls();
+      urls.add(url);
+      await NetworkRepository.setHeaders(ApiService.getRequestHeaders(), urls);
      final uri = Uri.parse('$url/users/me');
      final response = await NetworkRepository.client.get(uri);
      if (response.statusCode == 200) {
@@ -109,7 +109,7 @@ class DownloadService {
      return result != null;
    } on PlatformException catch (error, stack) {
      // Handle saving MotionPhotos on iOS
-      if (error.code == 'PHPhotosErrorDomain (-1)') {
+      if (error.code.startsWith('PHPhotosErrorDomain')) {
        final result = await _fileMediaRepository.saveImageWithFile(imageFilePath, title: task.filename);
        return result != null;
      }
@@ -19,8 +19,16 @@ abstract final class DynamicTheme {
        // Some palettes do not generate surface container colors accurately,
        // so we regenerate all colors using the primary color
        _theme = ImmichTheme(
-          light: ColorScheme.fromSeed(seedColor: primaryColor, brightness: Brightness.light),
-          dark: ColorScheme.fromSeed(seedColor: primaryColor, brightness: Brightness.dark),
+          light: ColorScheme.fromSeed(
+            seedColor: primaryColor,
+            brightness: Brightness.light,
+            dynamicSchemeVariant: DynamicSchemeVariant.fidelity,
+          ),
+          dark: ColorScheme.fromSeed(
+            seedColor: primaryColor,
+            brightness: Brightness.dark,
+            dynamicSchemeVariant: DynamicSchemeVariant.fidelity,
+          ),
        );
      }
    } catch (error) {
@@ -62,6 +62,7 @@ ThemeData getThemeData({required ColorScheme colorScheme, required Locale locale
    ),
    chipTheme: const ChipThemeData(side: BorderSide.none),
    sliderTheme: const SliderThemeData(
+      trackHeight: 12,
      // ignore: deprecated_member_use
      year2023: false,
    ),
@@ -143,8 +143,7 @@ enum ActionButtonType {
            !context.isInLockedView && //
            context.currentAlbum != null,
      ActionButtonType.setAlbumCover =>
-        context.isOwner && //
-            !context.isInLockedView && //
+        !context.isInLockedView && //
            context.currentAlbum != null && //
            context.selectedCount == 1,
      ActionButtonType.unstack =>
@@ -20,7 +20,7 @@ final class CustomImageCache implements ImageCache {
  set maximumSize(int value) => _small.maximumSize = value;

  @override
-  set maximumSizeBytes(int value) => _small.maximumSize = value;
+  set maximumSizeBytes(int value) => _small.maximumSizeBytes = value;

  @override
  void clear() {
@@ -66,9 +66,9 @@ class VideoControls extends HookConsumerWidget {
    final isLoaded = duration != Duration.zero;

    return Padding(
-      padding: const EdgeInsets.all(24),
+      padding: const EdgeInsets.only(left: 16, right: 16, bottom: 12),
      child: Column(
-        spacing: 16,
+        spacing: 4,
        children: [
          Row(
            children: [
@@ -77,8 +77,8 @@ class VideoControls extends HookConsumerWidget {
                padding: const EdgeInsets.all(12),
                constraints: const BoxConstraints(),
                icon: isFinished
-                    ? const Icon(Icons.replay, color: Colors.white, size: 32, shadows: _controlShadows)
-                    : AnimatedPlayPause(color: Colors.white, size: 32, playing: isPlaying, shadows: _controlShadows),
+                    ? const Icon(Icons.replay, color: Colors.white, shadows: _controlShadows)
+                    : AnimatedPlayPause(color: Colors.white, playing: isPlaying, shadows: _controlShadows),
                onPressed: () => _toggle(ref, isCasting),
              ),
              const Spacer(),
@@ -91,7 +91,7 @@ class VideoControls extends HookConsumerWidget {
                  shadows: _controlShadows,
                ),
              ),
-              const SizedBox(width: 16),
+              const SizedBox(width: 12),
            ],
          ),
          Slider(
@@ -16,9 +16,15 @@ class SearchDropdown<T> extends StatelessWidget {
  final Widget? label;
  final Widget? leadingIcon;

+  static const WidgetStatePropertyAll<EdgeInsetsGeometry> _optionPadding = WidgetStatePropertyAll<EdgeInsetsGeometry>(
+    EdgeInsetsDirectional.fromSTEB(16, 0, 16, 0),
+  );
+
  @override
  Widget build(BuildContext context) {
-    final menuStyle = const MenuStyle(
+    final mediaQuery = MediaQuery.of(context);
+    final maxMenuHeight = mediaQuery.size.height * 0.5 - mediaQuery.viewPadding.bottom;
+    const menuStyle = MenuStyle(
      shape: WidgetStatePropertyAll<OutlinedBorder>(
        RoundedRectangleBorder(borderRadius: BorderRadius.all(Radius.circular(15))),
      ),
@@ -26,11 +32,26 @@ class SearchDropdown<T> extends StatelessWidget {

    return LayoutBuilder(
      builder: (context, constraints) {
+        final styledEntries = dropdownMenuEntries
+            .map(
+              (entry) => DropdownMenuEntry<T>(
+                value: entry.value,
+                label: entry.label,
+                labelWidget: entry.labelWidget,
+                enabled: entry.enabled,
+                leadingIcon: entry.leadingIcon,
+                trailingIcon: entry.trailingIcon,
+                style: (entry.style ?? const ButtonStyle()).copyWith(padding: _optionPadding),
+              ),
+            )
+            .toList(growable: false);
+
        return DropdownMenu(
          controller: controller,
          leadingIcon: leadingIcon,
          width: constraints.maxWidth,
-          dropdownMenuEntries: dropdownMenuEntries,
+          menuHeight: maxMenuHeight,
+          dropdownMenuEntries: styledEntries,
          label: label,
          menuStyle: menuStyle,
          trailingIcon: const Icon(Icons.arrow_drop_down_rounded),
@@ -3,7 +3,7 @@ Immich API

 This Dart package is automatically generated by the [OpenAPI Generator](https://openapi-generator.tech) project:

- API version: 2.6.0
+- API version: 2.6.3
 - Generator version: 7.8.0
 - Build package: org.openapitools.codegen.languages.DartClientCodegen

@@ -156,6 +156,7 @@ Class | Method | HTTP request | Description
 *DuplicatesApi* | [**deleteDuplicate**](doc//DuplicatesApi.md#deleteduplicate) | **DELETE** /duplicates/{id} | Delete a duplicate
 *DuplicatesApi* | [**deleteDuplicates**](doc//DuplicatesApi.md#deleteduplicates) | **DELETE** /duplicates | Delete duplicates
 *DuplicatesApi* | [**getAssetDuplicates**](doc//DuplicatesApi.md#getassetduplicates) | **GET** /duplicates | Retrieve duplicates
+*DuplicatesApi* | [**resolveDuplicates**](doc//DuplicatesApi.md#resolveduplicates) | **POST** /duplicates/resolve | Resolve duplicate groups
 *FacesApi* | [**createFace**](doc//FacesApi.md#createface) | **POST** /faces | Create a face
 *FacesApi* | [**deleteFace**](doc//FacesApi.md#deleteface) | **DELETE** /faces/{id} | Delete a face
 *FacesApi* | [**getFaces**](doc//FacesApi.md#getfaces) | **GET** /faces | Retrieve faces for asset
@@ -293,6 +294,11 @@ Class | Method | HTTP request | Description
 *TrashApi* | [**emptyTrash**](doc//TrashApi.md#emptytrash) | **POST** /trash/empty | Empty trash
 *TrashApi* | [**restoreAssets**](doc//TrashApi.md#restoreassets) | **POST** /trash/restore/assets | Restore assets
 *TrashApi* | [**restoreTrash**](doc//TrashApi.md#restoretrash) | **POST** /trash/restore | Restore trash
+*UploadApi* | [**cancelUpload**](doc//UploadApi.md#cancelupload) | **DELETE** /upload/{id} | 
+*UploadApi* | [**getUploadOptions**](doc//UploadApi.md#getuploadoptions) | **OPTIONS** /upload | 
+*UploadApi* | [**getUploadStatus**](doc//UploadApi.md#getuploadstatus) | **HEAD** /upload/{id} | 
+*UploadApi* | [**resumeUpload**](doc//UploadApi.md#resumeupload) | **PATCH** /upload/{id} | 
+*UploadApi* | [**startUpload**](doc//UploadApi.md#startupload) | **POST** /upload | 
 *UsersApi* | [**createProfileImage**](doc//UsersApi.md#createprofileimage) | **POST** /users/profile-image | Create user profile image
 *UsersApi* | [**deleteProfileImage**](doc//UsersApi.md#deleteprofileimage) | **DELETE** /users/profile-image | Delete user profile image
 *UsersApi* | [**deleteUserLicense**](doc//UsersApi.md#deleteuserlicense) | **DELETE** /users/me/license | Delete user product key
@@ -422,6 +428,8 @@ Class | Method | HTTP request | Description
 - [DownloadResponseDto](doc//DownloadResponseDto.md)
 - [DownloadUpdate](doc//DownloadUpdate.md)
 - [DuplicateDetectionConfig](doc//DuplicateDetectionConfig.md)
+ - [DuplicateResolveDto](doc//DuplicateResolveDto.md)
+ - [DuplicateResolveGroupDto](doc//DuplicateResolveGroupDto.md)
 - [DuplicateResponseDto](doc//DuplicateResponseDto.md)
 - [EmailNotificationsResponse](doc//EmailNotificationsResponse.md)
 - [EmailNotificationsUpdate](doc//EmailNotificationsUpdate.md)
@@ -655,6 +663,8 @@ Class | Method | HTTP request | Description
 - [UpdateAlbumUserDto](doc//UpdateAlbumUserDto.md)
 - [UpdateAssetDto](doc//UpdateAssetDto.md)
 - [UpdateLibraryDto](doc//UpdateLibraryDto.md)
+ - [UploadBackupConfig](doc//UploadBackupConfig.md)
+ - [UploadOkDto](doc//UploadOkDto.md)
 - [UsageByUserDto](doc//UsageByUserDto.md)
 - [UserAdminCreateDto](doc//UserAdminCreateDto.md)
 - [UserAdminDeleteDto](doc//UserAdminDeleteDto.md)
@@ -63,6 +63,7 @@ part 'api/system_metadata_api.dart';
 part 'api/tags_api.dart';
 part 'api/timeline_api.dart';
 part 'api/trash_api.dart';
+part 'api/upload_api.dart';
 part 'api/users_api.dart';
 part 'api/users_admin_api.dart';
 part 'api/views_api.dart';
@@ -161,6 +162,8 @@ part 'model/download_response.dart';
 part 'model/download_response_dto.dart';
 part 'model/download_update.dart';
 part 'model/duplicate_detection_config.dart';
+part 'model/duplicate_resolve_dto.dart';
+part 'model/duplicate_resolve_group_dto.dart';
 part 'model/duplicate_response_dto.dart';
 part 'model/email_notifications_response.dart';
 part 'model/email_notifications_update.dart';
@@ -394,6 +397,8 @@ part 'model/update_album_dto.dart';
 part 'model/update_album_user_dto.dart';
 part 'model/update_asset_dto.dart';
 part 'model/update_library_dto.dart';
+part 'model/upload_backup_config.dart';
+part 'model/upload_ok_dto.dart';
 part 'model/usage_by_user_dto.dart';
 part 'model/user_admin_create_dto.dart';
 part 'model/user_admin_delete_dto.dart';
@@ -163,4 +163,63 @@ class DuplicatesApi {
    }
    return null;
  }
+
+  /// Resolve duplicate groups
+  ///
+  /// Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.
+  ///
+  /// Note: This method returns the HTTP [Response].
+  ///
+  /// Parameters:
+  ///
+  /// * [DuplicateResolveDto] duplicateResolveDto (required):
+  Future<Response> resolveDuplicatesWithHttpInfo(DuplicateResolveDto duplicateResolveDto,) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/duplicates/resolve';
+
+    // ignore: prefer_final_locals
+    Object? postBody = duplicateResolveDto;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>['application/json'];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'POST',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Resolve duplicate groups
+  ///
+  /// Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.
+  ///
+  /// Parameters:
+  ///
+  /// * [DuplicateResolveDto] duplicateResolveDto (required):
+  Future<List<BulkIdResponseDto>?> resolveDuplicates(DuplicateResolveDto duplicateResolveDto,) async {
+    final response = await resolveDuplicatesWithHttpInfo(duplicateResolveDto,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      final responseBody = await _decodeBodyBytes(response);
+      return (await apiClient.deserializeAsync(responseBody, 'List<BulkIdResponseDto>') as List)
+        .cast<BulkIdResponseDto>()
+        .toList(growable: false);
+
+    }
+    return null;
+  }
 }
@@ -0,0 +1,359 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+
+class UploadApi {
+  UploadApi([ApiClient? apiClient]) : apiClient = apiClient ?? defaultApiClient;
+
+  final ApiClient apiClient;
+
+  /// Performs an HTTP 'DELETE /upload/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<Response> cancelUploadWithHttpInfo(String id, { String? key, String? slug, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'DELETE',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<void> cancelUpload(String id, { String? key, String? slug, }) async {
+    final response = await cancelUploadWithHttpInfo(id,  key: key, slug: slug, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
+
+  /// Performs an HTTP 'OPTIONS /upload' operation and returns the [Response].
+  Future<Response> getUploadOptionsWithHttpInfo() async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload';
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'OPTIONS',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  Future<void> getUploadOptions() async {
+    final response = await getUploadOptionsWithHttpInfo();
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
+
+  /// Performs an HTTP 'HEAD /upload/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<Response> getUploadStatusWithHttpInfo(String id, String uploadDraftInteropVersion, { String? key, String? slug, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    headerParams[r'upload-draft-interop-version'] = parameterToString(uploadDraftInteropVersion);
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'HEAD',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<void> getUploadStatus(String id, String uploadDraftInteropVersion, { String? key, String? slug, }) async {
+    final response = await getUploadStatusWithHttpInfo(id, uploadDraftInteropVersion,  key: key, slug: slug, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
+
+  /// Performs an HTTP 'PATCH /upload/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadComplete (required):
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] uploadOffset (required):
+  ///   Non-negative byte offset indicating the starting position of the data in the request body within the entire file.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<Response> resumeUploadWithHttpInfo(String contentLength, String id, String uploadComplete, String uploadDraftInteropVersion, String uploadOffset, { String? key, String? slug, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    headerParams[r'content-length'] = parameterToString(contentLength);
+    headerParams[r'upload-complete'] = parameterToString(uploadComplete);
+    headerParams[r'upload-draft-interop-version'] = parameterToString(uploadDraftInteropVersion);
+    headerParams[r'upload-offset'] = parameterToString(uploadOffset);
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'PATCH',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [String] uploadComplete (required):
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion (required):
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  ///
+  /// * [String] uploadOffset (required):
+  ///   Non-negative byte offset indicating the starting position of the data in the request body within the entire file.
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  Future<UploadOkDto?> resumeUpload(String contentLength, String id, String uploadComplete, String uploadDraftInteropVersion, String uploadOffset, { String? key, String? slug, }) async {
+    final response = await resumeUploadWithHttpInfo(contentLength, id, uploadComplete, uploadDraftInteropVersion, uploadOffset,  key: key, slug: slug, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UploadOkDto',) as UploadOkDto;
+    
+    }
+    return null;
+  }
+
+  /// Performs an HTTP 'POST /upload' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] reprDigest (required):
+  ///   RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.
+  ///
+  /// * [String] xImmichAssetData (required):
+  ///   RFC 9651 structured dictionary containing asset metadata with the following keys: - device-asset-id (string, required): Unique device asset identifier - device-id (string, required): Device identifier - file-created-at (string/date, required): ISO 8601 date string or Unix timestamp - file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp - filename (string, required): Original filename - is-favorite (boolean, optional): Favorite status - live-photo-video-id (string, optional): Live photo ID for assets from iOS devices - icloud-id (string, optional): iCloud identifier for assets from iOS devices
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  ///
+  /// * [String] uploadComplete:
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion:
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  Future<Response> startUploadWithHttpInfo(String contentLength, String reprDigest, String xImmichAssetData, { String? key, String? slug, String? uploadComplete, String? uploadDraftInteropVersion, }) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/upload';
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (key != null) {
+      queryParams.addAll(_queryParams('', 'key', key));
+    }
+    if (slug != null) {
+      queryParams.addAll(_queryParams('', 'slug', slug));
+    }
+
+    headerParams[r'content-length'] = parameterToString(contentLength);
+    headerParams[r'repr-digest'] = parameterToString(reprDigest);
+    if (uploadComplete != null) {
+      headerParams[r'upload-complete'] = parameterToString(uploadComplete);
+    }
+    if (uploadDraftInteropVersion != null) {
+      headerParams[r'upload-draft-interop-version'] = parameterToString(uploadDraftInteropVersion);
+    }
+    headerParams[r'x-immich-asset-data'] = parameterToString(xImmichAssetData);
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'POST',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] contentLength (required):
+  ///   Non-negative size of the request body in bytes.
+  ///
+  /// * [String] reprDigest (required):
+  ///   RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.
+  ///
+  /// * [String] xImmichAssetData (required):
+  ///   RFC 9651 structured dictionary containing asset metadata with the following keys: - device-asset-id (string, required): Unique device asset identifier - device-id (string, required): Device identifier - file-created-at (string/date, required): ISO 8601 date string or Unix timestamp - file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp - filename (string, required): Original filename - is-favorite (boolean, optional): Favorite status - live-photo-video-id (string, optional): Live photo ID for assets from iOS devices - icloud-id (string, optional): iCloud identifier for assets from iOS devices
+  ///
+  /// * [String] key:
+  ///
+  /// * [String] slug:
+  ///
+  /// * [String] uploadComplete:
+  ///   Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.
+  ///
+  /// * [String] uploadDraftInteropVersion:
+  ///   Indicates the version of the RUFH protocol supported by the client.
+  Future<UploadOkDto?> startUpload(String contentLength, String reprDigest, String xImmichAssetData, { String? key, String? slug, String? uploadComplete, String? uploadDraftInteropVersion, }) async {
+    final response = await startUploadWithHttpInfo(contentLength, reprDigest, xImmichAssetData,  key: key, slug: slug, uploadComplete: uploadComplete, uploadDraftInteropVersion: uploadDraftInteropVersion, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UploadOkDto',) as UploadOkDto;
+    
+    }
+    return null;
+  }
+}
@@ -368,6 +368,10 @@ class ApiClient {
          return DownloadUpdate.fromJson(value);
        case 'DuplicateDetectionConfig':
          return DuplicateDetectionConfig.fromJson(value);
+        case 'DuplicateResolveDto':
+          return DuplicateResolveDto.fromJson(value);
+        case 'DuplicateResolveGroupDto':
+          return DuplicateResolveGroupDto.fromJson(value);
        case 'DuplicateResponseDto':
          return DuplicateResponseDto.fromJson(value);
        case 'EmailNotificationsResponse':
@@ -834,6 +838,10 @@ class ApiClient {
          return UpdateAssetDto.fromJson(value);
        case 'UpdateLibraryDto':
          return UpdateLibraryDto.fromJson(value);
+        case 'UploadBackupConfig':
+          return UploadBackupConfig.fromJson(value);
+        case 'UploadOkDto':
+          return UploadOkDto.fromJson(value);
        case 'UsageByUserDto':
          return UsageByUserDto.fromJson(value);
        case 'UserAdminCreateDto':
@@ -27,6 +27,7 @@ class BulkIdErrorReason {
  static const noPermission = BulkIdErrorReason._(r'no_permission');
  static const notFound = BulkIdErrorReason._(r'not_found');
  static const unknown = BulkIdErrorReason._(r'unknown');
+  static const validation = BulkIdErrorReason._(r'validation');

  /// List of all possible values in this [enum][BulkIdErrorReason].
  static const values = <BulkIdErrorReason>[
@@ -34,6 +35,7 @@ class BulkIdErrorReason {
    noPermission,
    notFound,
    unknown,
+    validation,
  ];

  static BulkIdErrorReason? fromJson(dynamic value) => BulkIdErrorReasonTypeTransformer().decode(value);
@@ -76,6 +78,7 @@ class BulkIdErrorReasonTypeTransformer {
        case r'no_permission': return BulkIdErrorReason.noPermission;
        case r'not_found': return BulkIdErrorReason.notFound;
        case r'unknown': return BulkIdErrorReason.unknown;
+        case r'validation': return BulkIdErrorReason.validation;
        default:
          if (!allowNull) {
            throw ArgumentError('Unknown enum value to decode: $data');
@@ -14,6 +14,7 @@ class BulkIdResponseDto {
  /// Returns a new [BulkIdResponseDto] instance.
  BulkIdResponseDto({
    this.error,
+    this.errorMessage,
    required this.id,
    required this.success,
  });
@@ -21,6 +22,14 @@ class BulkIdResponseDto {
  /// Error reason if failed
  BulkIdResponseDtoErrorEnum? error;

+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? errorMessage;
+
  /// ID
  String id;

@@ -30,6 +39,7 @@ class BulkIdResponseDto {
  @override
  bool operator ==(Object other) => identical(this, other) || other is BulkIdResponseDto &&
    other.error == error &&
+    other.errorMessage == errorMessage &&
    other.id == id &&
    other.success == success;

@@ -37,11 +47,12 @@ class BulkIdResponseDto {
  int get hashCode =>
    // ignore: unnecessary_parenthesis
    (error == null ? 0 : error!.hashCode) +
+    (errorMessage == null ? 0 : errorMessage!.hashCode) +
    (id.hashCode) +
    (success.hashCode);

  @override
-  String toString() => 'BulkIdResponseDto[error=$error, id=$id, success=$success]';
+  String toString() => 'BulkIdResponseDto[error=$error, errorMessage=$errorMessage, id=$id, success=$success]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -49,6 +60,11 @@ class BulkIdResponseDto {
      json[r'error'] = this.error;
    } else {
    //  json[r'error'] = null;
+    }
+    if (this.errorMessage != null) {
+      json[r'errorMessage'] = this.errorMessage;
+    } else {
+    //  json[r'errorMessage'] = null;
    }
      json[r'id'] = this.id;
      json[r'success'] = this.success;
@@ -65,6 +81,7 @@ class BulkIdResponseDto {

      return BulkIdResponseDto(
        error: BulkIdResponseDtoErrorEnum.fromJson(json[r'error']),
+        errorMessage: mapValueOfType<String>(json, r'errorMessage'),
        id: mapValueOfType<String>(json, r'id')!,
        success: mapValueOfType<bool>(json, r'success')!,
      );
@@ -136,6 +153,7 @@ class BulkIdResponseDtoErrorEnum {
  static const noPermission = BulkIdResponseDtoErrorEnum._(r'no_permission');
  static const notFound = BulkIdResponseDtoErrorEnum._(r'not_found');
  static const unknown = BulkIdResponseDtoErrorEnum._(r'unknown');
+  static const validation = BulkIdResponseDtoErrorEnum._(r'validation');

  /// List of all possible values in this [enum][BulkIdResponseDtoErrorEnum].
  static const values = <BulkIdResponseDtoErrorEnum>[
@@ -143,6 +161,7 @@ class BulkIdResponseDtoErrorEnum {
    noPermission,
    notFound,
    unknown,
+    validation,
  ];

  static BulkIdResponseDtoErrorEnum? fromJson(dynamic value) => BulkIdResponseDtoErrorEnumTypeTransformer().decode(value);
@@ -185,6 +204,7 @@ class BulkIdResponseDtoErrorEnumTypeTransformer {
        case r'no_permission': return BulkIdResponseDtoErrorEnum.noPermission;
        case r'not_found': return BulkIdResponseDtoErrorEnum.notFound;
        case r'unknown': return BulkIdResponseDtoErrorEnum.unknown;
+        case r'validation': return BulkIdResponseDtoErrorEnum.validation;
        default:
          if (!allowNull) {
            throw ArgumentError('Unknown enum value to decode: $data');
@@ -0,0 +1,100 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class DuplicateResolveDto {
+  /// Returns a new [DuplicateResolveDto] instance.
+  DuplicateResolveDto({
+    this.groups = const [],
+  });
+
+  /// List of duplicate groups to resolve
+  List<DuplicateResolveGroupDto> groups;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is DuplicateResolveDto &&
+    _deepEquality.equals(other.groups, groups);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (groups.hashCode);
+
+  @override
+  String toString() => 'DuplicateResolveDto[groups=$groups]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'groups'] = this.groups;
+    return json;
+  }
+
+  /// Returns a new [DuplicateResolveDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static DuplicateResolveDto? fromJson(dynamic value) {
+    upgradeDto(value, "DuplicateResolveDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return DuplicateResolveDto(
+        groups: DuplicateResolveGroupDto.listFromJson(json[r'groups']),
+      );
+    }
+    return null;
+  }
+
+  static List<DuplicateResolveDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <DuplicateResolveDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = DuplicateResolveDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, DuplicateResolveDto> mapFromJson(dynamic json) {
+    final map = <String, DuplicateResolveDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = DuplicateResolveDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of DuplicateResolveDto-objects as value to a dart map
+  static Map<String, List<DuplicateResolveDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<DuplicateResolveDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = DuplicateResolveDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'groups',
+  };
+}
+
@@ -0,0 +1,121 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class DuplicateResolveGroupDto {
+  /// Returns a new [DuplicateResolveGroupDto] instance.
+  DuplicateResolveGroupDto({
+    required this.duplicateId,
+    this.keepAssetIds = const [],
+    this.trashAssetIds = const [],
+  });
+
+  String duplicateId;
+
+  /// Asset IDs to keep
+  List<String> keepAssetIds;
+
+  /// Asset IDs to trash or delete
+  List<String> trashAssetIds;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is DuplicateResolveGroupDto &&
+    other.duplicateId == duplicateId &&
+    _deepEquality.equals(other.keepAssetIds, keepAssetIds) &&
+    _deepEquality.equals(other.trashAssetIds, trashAssetIds);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (duplicateId.hashCode) +
+    (keepAssetIds.hashCode) +
+    (trashAssetIds.hashCode);
+
+  @override
+  String toString() => 'DuplicateResolveGroupDto[duplicateId=$duplicateId, keepAssetIds=$keepAssetIds, trashAssetIds=$trashAssetIds]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'duplicateId'] = this.duplicateId;
+      json[r'keepAssetIds'] = this.keepAssetIds;
+      json[r'trashAssetIds'] = this.trashAssetIds;
+    return json;
+  }
+
+  /// Returns a new [DuplicateResolveGroupDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static DuplicateResolveGroupDto? fromJson(dynamic value) {
+    upgradeDto(value, "DuplicateResolveGroupDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return DuplicateResolveGroupDto(
+        duplicateId: mapValueOfType<String>(json, r'duplicateId')!,
+        keepAssetIds: json[r'keepAssetIds'] is Iterable
+            ? (json[r'keepAssetIds'] as Iterable).cast<String>().toList(growable: false)
+            : const [],
+        trashAssetIds: json[r'trashAssetIds'] is Iterable
+            ? (json[r'trashAssetIds'] as Iterable).cast<String>().toList(growable: false)
+            : const [],
+      );
+    }
+    return null;
+  }
+
+  static List<DuplicateResolveGroupDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <DuplicateResolveGroupDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = DuplicateResolveGroupDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, DuplicateResolveGroupDto> mapFromJson(dynamic json) {
+    final map = <String, DuplicateResolveGroupDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = DuplicateResolveGroupDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of DuplicateResolveGroupDto-objects as value to a dart map
+  static Map<String, List<DuplicateResolveGroupDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<DuplicateResolveGroupDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = DuplicateResolveGroupDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'duplicateId',
+    'keepAssetIds',
+    'trashAssetIds',
+  };
+}
+
@@ -15,6 +15,7 @@ class DuplicateResponseDto {
  DuplicateResponseDto({
    this.assets = const [],
    required this.duplicateId,
+    this.suggestedKeepAssetIds = const [],
  });

  /// Duplicate assets
@@ -23,24 +24,30 @@ class DuplicateResponseDto {
  /// Duplicate group ID
  String duplicateId;

+  /// Suggested asset IDs to keep based on file size and EXIF data
+  List<String> suggestedKeepAssetIds;
+
  @override
  bool operator ==(Object other) => identical(this, other) || other is DuplicateResponseDto &&
    _deepEquality.equals(other.assets, assets) &&
-    other.duplicateId == duplicateId;
+    other.duplicateId == duplicateId &&
+    _deepEquality.equals(other.suggestedKeepAssetIds, suggestedKeepAssetIds);

  @override
  int get hashCode =>
    // ignore: unnecessary_parenthesis
    (assets.hashCode) +
-    (duplicateId.hashCode);
+    (duplicateId.hashCode) +
+    (suggestedKeepAssetIds.hashCode);

  @override
-  String toString() => 'DuplicateResponseDto[assets=$assets, duplicateId=$duplicateId]';
+  String toString() => 'DuplicateResponseDto[assets=$assets, duplicateId=$duplicateId, suggestedKeepAssetIds=$suggestedKeepAssetIds]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
      json[r'assets'] = this.assets;
      json[r'duplicateId'] = this.duplicateId;
+      json[r'suggestedKeepAssetIds'] = this.suggestedKeepAssetIds;
    return json;
  }

@@ -55,6 +62,9 @@ class DuplicateResponseDto {
      return DuplicateResponseDto(
        assets: AssetResponseDto.listFromJson(json[r'assets']),
        duplicateId: mapValueOfType<String>(json, r'duplicateId')!,
+        suggestedKeepAssetIds: json[r'suggestedKeepAssetIds'] is Iterable
+            ? (json[r'suggestedKeepAssetIds'] as Iterable).cast<String>().toList(growable: false)
+            : const [],
      );
    }
    return null;
@@ -104,6 +114,7 @@ class DuplicateResponseDto {
  static const requiredKeys = <String>{
    'assets',
    'duplicateId',
+    'suggestedKeepAssetIds',
  };
 }

@@ -38,6 +38,8 @@ class JobName {
  static const assetFileMigration = JobName._(r'AssetFileMigration');
  static const assetGenerateThumbnailsQueueAll = JobName._(r'AssetGenerateThumbnailsQueueAll');
  static const assetGenerateThumbnails = JobName._(r'AssetGenerateThumbnails');
+  static const partialAssetCleanup = JobName._(r'PartialAssetCleanup');
+  static const partialAssetCleanupQueueAll = JobName._(r'PartialAssetCleanupQueueAll');
  static const auditLogCleanup = JobName._(r'AuditLogCleanup');
  static const auditTableCleanup = JobName._(r'AuditTableCleanup');
  static const databaseBackup = JobName._(r'DatabaseBackup');
@@ -97,6 +99,8 @@ class JobName {
    assetFileMigration,
    assetGenerateThumbnailsQueueAll,
    assetGenerateThumbnails,
+    partialAssetCleanup,
+    partialAssetCleanupQueueAll,
    auditLogCleanup,
    auditTableCleanup,
    databaseBackup,
@@ -191,6 +195,8 @@ class JobNameTypeTransformer {
        case r'AssetFileMigration': return JobName.assetFileMigration;
        case r'AssetGenerateThumbnailsQueueAll': return JobName.assetGenerateThumbnailsQueueAll;
        case r'AssetGenerateThumbnails': return JobName.assetGenerateThumbnails;
+        case r'PartialAssetCleanup': return JobName.partialAssetCleanup;
+        case r'PartialAssetCleanupQueueAll': return JobName.partialAssetCleanupQueueAll;
        case r'AuditLogCleanup': return JobName.auditLogCleanup;
        case r'AuditTableCleanup': return JobName.auditTableCleanup;
        case r'DatabaseBackup': return JobName.databaseBackup;
@@ -379,7 +379,7 @@ class MetadataSearchDto {
  ///
  bool? withExif;

-  /// Include assets with people
+  /// Include people data in response
  ///
  /// Please note: This property should have been non-nullable! Since the specification file
  /// does not include a default value (using the "default:" property), however, the generated
@@ -273,7 +273,7 @@ class RandomSearchDto {
  ///
  bool? withExif;

-  /// Include assets with people
+  /// Include people data in response
  ///
  /// Please note: This property should have been non-nullable! Since the specification file
  /// does not include a default value (using the "default:" property), however, the generated
@@ -14,25 +14,31 @@ class SystemConfigBackupsDto {
  /// Returns a new [SystemConfigBackupsDto] instance.
  SystemConfigBackupsDto({
    required this.database,
+    required this.upload,
  });

  DatabaseBackupConfig database;

+  UploadBackupConfig upload;
+
  @override
  bool operator ==(Object other) => identical(this, other) || other is SystemConfigBackupsDto &&
-    other.database == database;
+    other.database == database &&
+    other.upload == upload;

  @override
  int get hashCode =>
    // ignore: unnecessary_parenthesis
-    (database.hashCode);
+    (database.hashCode) +
+    (upload.hashCode);

  @override
-  String toString() => 'SystemConfigBackupsDto[database=$database]';
+  String toString() => 'SystemConfigBackupsDto[database=$database, upload=$upload]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
      json[r'database'] = this.database;
+      json[r'upload'] = this.upload;
    return json;
  }

@@ -46,6 +52,7 @@ class SystemConfigBackupsDto {

      return SystemConfigBackupsDto(
        database: DatabaseBackupConfig.fromJson(json[r'database'])!,
+        upload: UploadBackupConfig.fromJson(json[r'upload'])!,
      );
    }
    return null;
@@ -94,6 +101,7 @@ class SystemConfigBackupsDto {
  /// The list of required keys that must be present in a JSON.
  static const requiredKeys = <String>{
    'database',
+    'upload',
  };
 }

@@ -17,6 +17,7 @@ class SystemConfigNightlyTasksDto {
    required this.databaseCleanup,
    required this.generateMemories,
    required this.missingThumbnails,
+    required this.removeStaleUploads,
    required this.startTime,
    required this.syncQuotaUsage,
  });
@@ -33,6 +34,8 @@ class SystemConfigNightlyTasksDto {
  /// Missing thumbnails
  bool missingThumbnails;

+  bool removeStaleUploads;
+
  String startTime;

  /// Sync quota usage
@@ -44,6 +47,7 @@ class SystemConfigNightlyTasksDto {
    other.databaseCleanup == databaseCleanup &&
    other.generateMemories == generateMemories &&
    other.missingThumbnails == missingThumbnails &&
+    other.removeStaleUploads == removeStaleUploads &&
    other.startTime == startTime &&
    other.syncQuotaUsage == syncQuotaUsage;

@@ -54,11 +58,12 @@ class SystemConfigNightlyTasksDto {
    (databaseCleanup.hashCode) +
    (generateMemories.hashCode) +
    (missingThumbnails.hashCode) +
+    (removeStaleUploads.hashCode) +
    (startTime.hashCode) +
    (syncQuotaUsage.hashCode);

  @override
-  String toString() => 'SystemConfigNightlyTasksDto[clusterNewFaces=$clusterNewFaces, databaseCleanup=$databaseCleanup, generateMemories=$generateMemories, missingThumbnails=$missingThumbnails, startTime=$startTime, syncQuotaUsage=$syncQuotaUsage]';
+  String toString() => 'SystemConfigNightlyTasksDto[clusterNewFaces=$clusterNewFaces, databaseCleanup=$databaseCleanup, generateMemories=$generateMemories, missingThumbnails=$missingThumbnails, removeStaleUploads=$removeStaleUploads, startTime=$startTime, syncQuotaUsage=$syncQuotaUsage]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -66,6 +71,7 @@ class SystemConfigNightlyTasksDto {
      json[r'databaseCleanup'] = this.databaseCleanup;
      json[r'generateMemories'] = this.generateMemories;
      json[r'missingThumbnails'] = this.missingThumbnails;
+      json[r'removeStaleUploads'] = this.removeStaleUploads;
      json[r'startTime'] = this.startTime;
      json[r'syncQuotaUsage'] = this.syncQuotaUsage;
    return json;
@@ -84,6 +90,7 @@ class SystemConfigNightlyTasksDto {
        databaseCleanup: mapValueOfType<bool>(json, r'databaseCleanup')!,
        generateMemories: mapValueOfType<bool>(json, r'generateMemories')!,
        missingThumbnails: mapValueOfType<bool>(json, r'missingThumbnails')!,
+        removeStaleUploads: mapValueOfType<bool>(json, r'removeStaleUploads')!,
        startTime: mapValueOfType<String>(json, r'startTime')!,
        syncQuotaUsage: mapValueOfType<bool>(json, r'syncQuotaUsage')!,
      );
@@ -137,6 +144,7 @@ class SystemConfigNightlyTasksDto {
    'databaseCleanup',
    'generateMemories',
    'missingThumbnails',
+    'removeStaleUploads',
    'startTime',
    'syncQuotaUsage',
  };
@@ -0,0 +1,100 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UploadBackupConfig {
+  /// Returns a new [UploadBackupConfig] instance.
+  UploadBackupConfig({
+    required this.maxAgeHours,
+  });
+
+  /// Minimum value: 1
+  num maxAgeHours;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UploadBackupConfig &&
+    other.maxAgeHours == maxAgeHours;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (maxAgeHours.hashCode);
+
+  @override
+  String toString() => 'UploadBackupConfig[maxAgeHours=$maxAgeHours]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'maxAgeHours'] = this.maxAgeHours;
+    return json;
+  }
+
+  /// Returns a new [UploadBackupConfig] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UploadBackupConfig? fromJson(dynamic value) {
+    upgradeDto(value, "UploadBackupConfig");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UploadBackupConfig(
+        maxAgeHours: num.parse('${json[r'maxAgeHours']}'),
+      );
+    }
+    return null;
+  }
+
+  static List<UploadBackupConfig> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UploadBackupConfig>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UploadBackupConfig.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UploadBackupConfig> mapFromJson(dynamic json) {
+    final map = <String, UploadBackupConfig>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UploadBackupConfig.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UploadBackupConfig-objects as value to a dart map
+  static Map<String, List<UploadBackupConfig>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UploadBackupConfig>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UploadBackupConfig.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'maxAgeHours',
+  };
+}
+
@@ -0,0 +1,99 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UploadOkDto {
+  /// Returns a new [UploadOkDto] instance.
+  UploadOkDto({
+    required this.id,
+  });
+
+  String id;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UploadOkDto &&
+    other.id == id;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (id.hashCode);
+
+  @override
+  String toString() => 'UploadOkDto[id=$id]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'id'] = this.id;
+    return json;
+  }
+
+  /// Returns a new [UploadOkDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UploadOkDto? fromJson(dynamic value) {
+    upgradeDto(value, "UploadOkDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UploadOkDto(
+        id: mapValueOfType<String>(json, r'id')!,
+      );
+    }
+    return null;
+  }
+
+  static List<UploadOkDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UploadOkDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UploadOkDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UploadOkDto> mapFromJson(dynamic json) {
+    final map = <String, UploadOkDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UploadOkDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UploadOkDto-objects as value to a dart map
+  static Map<String, List<UploadOkDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UploadOkDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UploadOkDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'id',
+  };
+}
+
@@ -2,7 +2,7 @@ name: immich_mobile
 description: Immich - selfhosted backup media file on mobile phone

 publish_to: 'none'
-version: 2.6.0+3038
+version: 2.6.3+3041

 environment:
  sdk: '>=3.8.0 <4.0.0'
@@ -0,0 +1,183 @@
+import 'dart:ui' as ui;
+
+import 'package:flutter/painting.dart';
+import 'package:flutter_test/flutter_test.dart';
+import 'package:immich_mobile/presentation/widgets/images/cache_aware_listener_tracker.mixin.dart';
+
+class TestImageCompleter extends ImageStreamCompleter with CacheAwareListenerTrackerMixin {
+  bool wasCancelled = false;
+
+  TestImageCompleter({required bool hadInitialImage}) {
+    setupListenerTracking(
+      hadInitialImage: hadInitialImage,
+      onLastListenerRemoved: () {
+        wasCancelled = true;
+      },
+    );
+  }
+
+  @override
+  void setImage(ImageInfo image) {
+    super.setImage(image);
+  }
+}
+
+void main() {
+  late ImageCache cache;
+  late ImageStreamListener uiListener;
+
+  setUp(() {
+    // Create a fresh, real Flutter ImageCache for every test
+    cache = ImageCache();
+    uiListener = ImageStreamListener((_, __) {});
+  });
+
+  group('CacheAwareListenerTrackerMixin with Real ImageCache', () {
+
+    testWidgets('cancels fetch when UI detaches before completion', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      // 1. Request image from the real cache (simulating the provider)
+      final stream = cache.putIfAbsent(key, () => completer)!;
+
+      // 2. UI attaches
+      stream.addListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      // 3. Simulate asynchronous network delay...
+      await tester.pump(const Duration(milliseconds: 150));
+
+      // 4. User scrolls away before network finishes. UI detaches.
+      stream.removeListener(uiListener);
+
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('survives cache eviction while UI listener is still attached', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      // 1. Request image and attach UI
+      final stream = cache.putIfAbsent(key, () => completer)!;
+      stream.addListener(uiListener);
+
+      // 2. Simulate app going to background -> OS Memory Warning -> Cache clears
+      cache.clear();
+
+      // Even though the real cache just aggressively detached its listener,
+      // the stream MUST survive because the UI widget is still on screen!
+      expect(completer.wasCancelled, isFalse);
+
+      // 3. UI widget finally detaches
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('survives synchronous cache detach during putIfAbsent with initialImage', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: true);
+      final key = Object();
+
+      // Run image creation outside FakeAsync zone to avoid hang
+      late ui.Image dummyImage;
+      await tester.runAsync(() async {
+        dummyImage = await createTestImage(width: 1, height: 1);
+      });
+
+      final initialImageInfo = ImageInfo(image: dummyImage);
+
+      final stream = cache.putIfAbsent(key, () {
+        completer.setImage(initialImageInfo);
+        return completer;
+      })!;
+
+      expect(completer.wasCancelled, isFalse);
+
+      stream.addListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('fires cleanup on full abandonment even after successful fetch', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      final stream = cache.putIfAbsent(key, () => completer)!;
+      stream.addListener(uiListener);
+
+      await tester.pump(const Duration(milliseconds: 100));
+
+      // Run image creation outside FakeAsync zone to avoid hang
+      late ui.Image dummyImage;
+      await tester.runAsync(() async {
+        dummyImage = await createTestImage(width: 1, height: 1);
+      });
+
+      completer.setImage(ImageInfo(image: dummyImage));
+
+      stream.removeListener(uiListener);
+
+      // The stream is completely abandoned (0 listeners), so it fires the cleanup hook.
+      // Since the image is already downloaded, canceling the network token is a safe no-op.
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('Multiple UI listeners — only all detached, should cancel', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      final stream = cache.putIfAbsent(key, () => completer)!;
+
+      final uiListener2 = ImageStreamListener((_, __) {});
+      stream.addListener(uiListener);
+      stream.addListener(uiListener2);
+
+      // First UI detach leaves cache + one UI → no cancel
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      // Second UI detach leaves only cache → cancel
+      stream.removeListener(uiListener2);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('Listener misidentification: new listener after cache eviction is not treated as cache', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      final stream = cache.putIfAbsent(key, () => completer)!;
+
+      // UI attaches
+      stream.addListener(uiListener);
+
+      // Cache eviction removes the cache listener
+      cache.clear();
+      expect(completer.wasCancelled, isFalse);
+
+      // A second UI listener attaches — must NOT be treated as cache
+      final uiListener2 = ImageStreamListener((_, __) {});
+      stream.addListener(uiListener2);
+
+      // Remove first UI listener; second UI still active → no cancel
+      stream.removeListener(uiListener);
+      expect(completer.wasCancelled, isFalse);
+
+      // Remove second UI listener; completely abandoned → cancel
+      stream.removeListener(uiListener2);
+      expect(completer.wasCancelled, isTrue);
+    });
+
+    testWidgets('No UI listener ever attaches (cache-only) — cache detaches should cancel', (WidgetTester tester) async {
+      final completer = TestImageCompleter(hadInitialImage: false);
+      final key = Object();
+
+      cache.putIfAbsent(key, () => completer);
+
+      // Cache eviction removes the only listener
+      cache.clear();
+      expect(completer.wasCancelled, isTrue);
+    });
+  });
+}
@@ -727,7 +727,7 @@ void main() {
        expect(ActionButtonType.setAlbumCover.shouldShow(context), isTrue);
      });

-      test('should not show when not owner', () {
+      test('should show when not owner', () {
        final album = createRemoteAlbum();
        final context = ActionButtonContext(
          asset: mergedAsset,
@@ -742,7 +742,7 @@ void main() {
          selectedCount: 1,
        );

-        expect(ActionButtonType.setAlbumCover.shouldShow(context), isFalse);
+        expect(ActionButtonType.setAlbumCover.shouldShow(context), isTrue);
      });

      test('should not show when in locked view', () {
@@ -5285,6 +5285,65 @@
        "x-immich-state": "Stable"
      }
    },
+    "/duplicates/resolve": {
+      "post": {
+        "description": "Resolve duplicate groups by synchronizing metadata across assets and deleting/trashing duplicates.",
+        "operationId": "resolveDuplicates",
+        "parameters": [],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/DuplicateResolveDto"
+              }
+            }
+          },
+          "required": true
+        },
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "items": {
+                    "$ref": "#/components/schemas/BulkIdResponseDto"
+                  },
+                  "type": "array"
+                }
+              }
+            },
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "summary": "Resolve duplicate groups",
+        "tags": [
+          "Duplicates"
+        ],
+        "x-immich-history": [
+          {
+            "version": "v3.0.0",
+            "state": "Added"
+          },
+          {
+            "version": "v3.0.0",
+            "state": "Alpha"
+          }
+        ],
+        "x-immich-permission": "duplicate.delete",
+        "x-immich-state": "Alpha"
+      }
+    },
    "/duplicates/{id}": {
      "delete": {
        "description": "Delete a single duplicate asset specified by its ID.",
@@ -13987,6 +14046,320 @@
        "x-immich-state": "Stable"
      }
    },
+    "/upload": {
+      "options": {
+        "operationId": "getUploadOptions",
+        "parameters": [],
+        "responses": {
+          "204": {
+            "description": ""
+          }
+        },
+        "tags": [
+          "Upload"
+        ]
+      },
+      "post": {
+        "operationId": "startUpload",
+        "parameters": [
+          {
+            "name": "content-length",
+            "in": "header",
+            "description": "Non-negative size of the request body in bytes.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "repr-digest",
+            "in": "header",
+            "description": "RFC 9651 structured dictionary containing an `sha` (bytesequence) checksum used to detect duplicate files and validate data integrity.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-complete",
+            "in": "header",
+            "description": "Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-draft-interop-version",
+            "in": "header",
+            "description": "Indicates the version of the RUFH protocol supported by the client.",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "x-immich-asset-data",
+            "in": "header",
+            "description": "RFC 9651 structured dictionary containing asset metadata with the following keys:\n- device-asset-id (string, required): Unique device asset identifier\n- device-id (string, required): Device identifier\n- file-created-at (string/date, required): ISO 8601 date string or Unix timestamp\n- file-modified-at (string/date, required): ISO 8601 date string or Unix timestamp\n- filename (string, required): Original filename\n- is-favorite (boolean, optional): Favorite status\n- live-photo-video-id (string, optional): Live photo ID for assets from iOS devices\n- icloud-id (string, optional): iCloud identifier for assets from iOS devices",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/UploadOkDto"
+                }
+              }
+            },
+            "description": ""
+          },
+          "201": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      }
+    },
+    "/upload/{id}": {
+      "delete": {
+        "operationId": "cancelUpload",
+        "parameters": [
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      },
+      "head": {
+        "operationId": "getUploadStatus",
+        "parameters": [
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-draft-interop-version",
+            "in": "header",
+            "description": "Indicates the version of the RUFH protocol supported by the client.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      },
+      "patch": {
+        "operationId": "resumeUpload",
+        "parameters": [
+          {
+            "name": "content-length",
+            "in": "header",
+            "description": "Non-negative size of the request body in bytes.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "type": "string"
+            }
+          },
+          {
+            "name": "key",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "slug",
+            "required": false,
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-complete",
+            "in": "header",
+            "description": "Structured boolean indicating whether this request completes the file. Use Upload-Incomplete instead for version <= 3.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-draft-interop-version",
+            "in": "header",
+            "description": "Indicates the version of the RUFH protocol supported by the client.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "upload-offset",
+            "in": "header",
+            "description": "Non-negative byte offset indicating the starting position of the data in the request body within the entire file.",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/UploadOkDto"
+                }
+              }
+            },
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "tags": [
+          "Upload"
+        ],
+        "x-immich-permission": "asset.upload"
+      }
+    },
    "/users": {
      "get": {
        "description": "Retrieve a list of all users on the server.",
@@ -15166,7 +15539,7 @@
  "info": {
    "title": "Immich",
    "description": "Immich API",
-    "version": "2.6.0",
+    "version": "2.6.3",
    "contact": {}
  },
  "tags": [
@@ -17299,7 +17672,8 @@
          "duplicate",
          "no_permission",
          "not_found",
-          "unknown"
+          "unknown",
+          "validation"
        ],
        "type": "string"
      },
@@ -17311,10 +17685,14 @@
              "duplicate",
              "no_permission",
              "not_found",
-              "unknown"
+              "unknown",
+              "validation"
            ],
            "type": "string"
          },
+          "errorMessage": {
+            "type": "string"
+          },
          "id": {
            "description": "ID",
            "type": "string"
@@ -17828,6 +18206,52 @@
        ],
        "type": "object"
      },
+      "DuplicateResolveDto": {
+        "properties": {
+          "groups": {
+            "description": "List of duplicate groups to resolve",
+            "items": {
+              "$ref": "#/components/schemas/DuplicateResolveGroupDto"
+            },
+            "minItems": 1,
+            "type": "array"
+          }
+        },
+        "required": [
+          "groups"
+        ],
+        "type": "object"
+      },
+      "DuplicateResolveGroupDto": {
+        "properties": {
+          "duplicateId": {
+            "format": "uuid",
+            "type": "string"
+          },
+          "keepAssetIds": {
+            "description": "Asset IDs to keep",
+            "items": {
+              "format": "uuid",
+              "type": "string"
+            },
+            "type": "array"
+          },
+          "trashAssetIds": {
+            "description": "Asset IDs to trash or delete",
+            "items": {
+              "format": "uuid",
+              "type": "string"
+            },
+            "type": "array"
+          }
+        },
+        "required": [
+          "duplicateId",
+          "keepAssetIds",
+          "trashAssetIds"
+        ],
+        "type": "object"
+      },
      "DuplicateResponseDto": {
        "properties": {
          "assets": {
@@ -17840,11 +18264,20 @@
          "duplicateId": {
            "description": "Duplicate group ID",
            "type": "string"
+          },
+          "suggestedKeepAssetIds": {
+            "description": "Suggested asset IDs to keep based on file size and EXIF data",
+            "items": {
+              "format": "uuid",
+              "type": "string"
+            },
+            "type": "array"
          }
        },
        "required": [
          "assets",
-          "duplicateId"
+          "duplicateId",
+          "suggestedKeepAssetIds"
        ],
        "type": "object"
      },
@@ -18153,6 +18586,8 @@
          "AssetFileMigration",
          "AssetGenerateThumbnailsQueueAll",
          "AssetGenerateThumbnails",
+          "PartialAssetCleanup",
+          "PartialAssetCleanupQueueAll",
          "AuditLogCleanup",
          "AuditTableCleanup",
          "DatabaseBackup",
@@ -19129,7 +19564,7 @@
            "type": "boolean"
          },
          "withPeople": {
-            "description": "Include assets with people",
+            "description": "Include people data in response",
            "type": "boolean"
          },
          "withStacked": {
@@ -20868,7 +21303,7 @@
            "type": "boolean"
          },
          "withPeople": {
-            "description": "Include assets with people",
+            "description": "Include people data in response",
            "type": "boolean"
          },
          "withStacked": {
@@ -23812,10 +24247,14 @@
        "properties": {
          "database": {
            "$ref": "#/components/schemas/DatabaseBackupConfig"
+          },
+          "upload": {
+            "$ref": "#/components/schemas/UploadBackupConfig"
          }
        },
        "required": [
-          "database"
+          "database",
+          "upload"
        ],
        "type": "object"
      },
@@ -24405,6 +24844,9 @@
            "description": "Missing thumbnails",
            "type": "boolean"
          },
+          "removeStaleUploads": {
+            "type": "boolean"
+          },
          "startTime": {
            "type": "string"
          },
@@ -24418,6 +24860,7 @@
          "databaseCleanup",
          "generateMemories",
          "missingThumbnails",
+          "removeStaleUploads",
          "startTime",
          "syncQuotaUsage"
        ],
@@ -25377,6 +25820,29 @@
        },
        "type": "object"
      },
+      "UploadBackupConfig": {
+        "properties": {
+          "maxAgeHours": {
+            "minimum": 1,
+            "type": "number"
+          }
+        },
+        "required": [
+          "maxAgeHours"
+        ],
+        "type": "object"
+      },
+      "UploadOkDto": {
+        "properties": {
+          "id": {
+            "type": "string"
+          }
+        },
+        "required": [
+          "id"
+        ],
+        "type": "object"
+      },
      "UsageByUserDto": {
        "properties": {
          "photos": {
@@ -1 +1 @@
-24.13.1
+24.14.0
@@ -1,6 +1,6 @@
 {
  "name": "@immich/sdk",
-  "version": "2.6.0",
+  "version": "2.6.3",
  "description": "Auto-generated TypeScript SDK for the Immich API",
  "type": "module",
  "main": "./build/index.js",
@@ -19,7 +19,7 @@
    "@oazapfts/runtime": "^1.0.2"
  },
  "devDependencies": {
-    "@types/node": "^24.11.0",
+    "@types/node": "^24.12.0",
    "typescript": "^5.3.3"
  },
  "repository": {
@@ -28,6 +28,6 @@
    "directory": "open-api/typescript-sdk"
  },
  "volta": {
-    "node": "24.13.1"
+    "node": "24.14.0"
  }
 }
@@ -1,6 +1,6 @@
 /**
 * Immich
- * 2.6.0
+ * 2.6.3
 * DO NOT MODIFY - This file has been generated using oazapfts.
 * See https://www.npmjs.com/package/oazapfts
 */
@@ -725,6 +725,7 @@ export type BulkIdsDto = {
 export type BulkIdResponseDto = {
    /** Error reason if failed */
    error?: Error;
+    errorMessage?: string;
    /** ID */
    id: string;
    /** Whether operation succeeded */
@@ -1163,6 +1164,19 @@ export type DuplicateResponseDto = {
    assets: AssetResponseDto[];
    /** Duplicate group ID */
    duplicateId: string;
+    /** Suggested asset IDs to keep based on file size and EXIF data */
+    suggestedKeepAssetIds: string[];
+};
+export type DuplicateResolveGroupDto = {
+    duplicateId: string;
+    /** Asset IDs to keep */
+    keepAssetIds: string[];
+    /** Asset IDs to trash or delete */
+    trashAssetIds: string[];
+};
+export type DuplicateResolveDto = {
+    /** List of duplicate groups to resolve */
+    groups: DuplicateResolveGroupDto[];
 };
 export type PersonResponseDto = {
    /** Person date of birth */
@@ -1741,7 +1755,7 @@ export type MetadataSearchDto = {
    withDeleted?: boolean;
    /** Include EXIF data in response */
    withExif?: boolean;
-    /** Include assets with people */
+    /** Include people data in response */
    withPeople?: boolean;
    /** Include stacked assets */
    withStacked?: boolean;
@@ -1855,7 +1869,7 @@ export type RandomSearchDto = {
    withDeleted?: boolean;
    /** Include EXIF data in response */
    withExif?: boolean;
-    /** Include assets with people */
+    /** Include people data in response */
    withPeople?: boolean;
    /** Include stacked assets */
    withStacked?: boolean;
@@ -2393,8 +2407,12 @@ export type DatabaseBackupConfig = {
    /** Keep last amount */
    keepLastAmount: number;
 };
+export type UploadBackupConfig = {
+    maxAgeHours: number;
+};
 export type SystemConfigBackupsDto = {
    database: DatabaseBackupConfig;
+    upload: UploadBackupConfig;
 };
 export type SystemConfigFFmpegDto = {
    /** Transcode hardware acceleration */
@@ -2584,6 +2602,7 @@ export type SystemConfigNightlyTasksDto = {
    generateMemories: boolean;
    /** Missing thumbnails */
    missingThumbnails: boolean;
+    removeStaleUploads: boolean;
    startTime: string;
    /** Sync quota usage */
    syncQuotaUsage: boolean;
@@ -2799,6 +2818,9 @@ export type TrashResponseDto = {
    /** Number of items in trash */
    count: number;
 };
+export type UploadOkDto = {
+    id: string;
+};
 export type UserUpdateMeDto = {
    /** Avatar color */
    avatarColor?: (UserAvatarColor) | null;
@@ -4531,6 +4553,21 @@ export function getAssetDuplicates(opts?: Oazapfts.RequestOpts) {
        ...opts
    }));
 }
+/**
+ * Resolve duplicate groups
+ */
+export function resolveDuplicates({ duplicateResolveDto }: {
+    duplicateResolveDto: DuplicateResolveDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: BulkIdResponseDto[];
+    }>("/duplicates/resolve", oazapfts.json({
+        ...opts,
+        method: "POST",
+        body: duplicateResolveDto
+    })));
+}
 /**
 * Delete a duplicate
 */
@@ -6536,6 +6573,97 @@ export function restoreAssets({ bulkIdsDto }: {
        body: bulkIdsDto
    })));
 }
+export function getUploadOptions(opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText("/upload", {
+        ...opts,
+        method: "OPTIONS"
+    }));
+}
+export function startUpload({ contentLength, key, reprDigest, slug, uploadComplete, uploadDraftInteropVersion, xImmichAssetData }: {
+    contentLength: string;
+    key?: string;
+    reprDigest: string;
+    slug?: string;
+    uploadComplete?: string;
+    uploadDraftInteropVersion?: string;
+    xImmichAssetData: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UploadOkDto;
+    } | {
+        status: 201;
+    }>(`/upload${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "POST",
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            "content-length": contentLength,
+            "repr-digest": reprDigest,
+            "upload-complete": uploadComplete,
+            "upload-draft-interop-version": uploadDraftInteropVersion,
+            "x-immich-asset-data": xImmichAssetData
+        })
+    }));
+}
+export function cancelUpload({ id, key, slug }: {
+    id: string;
+    key?: string;
+    slug?: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText(`/upload/${encodeURIComponent(id)}${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "DELETE"
+    }));
+}
+export function getUploadStatus({ id, key, slug, uploadDraftInteropVersion }: {
+    id: string;
+    key?: string;
+    slug?: string;
+    uploadDraftInteropVersion: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText(`/upload/${encodeURIComponent(id)}${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "HEAD",
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            "upload-draft-interop-version": uploadDraftInteropVersion
+        })
+    }));
+}
+export function resumeUpload({ contentLength, id, key, slug, uploadComplete, uploadDraftInteropVersion, uploadOffset }: {
+    contentLength: string;
+    id: string;
+    key?: string;
+    slug?: string;
+    uploadComplete: string;
+    uploadDraftInteropVersion: string;
+    uploadOffset: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UploadOkDto;
+    }>(`/upload/${encodeURIComponent(id)}${QS.query(QS.explode({
+        key,
+        slug
+    }))}`, {
+        ...opts,
+        method: "PATCH",
+        headers: oazapfts.mergeHeaders(opts?.headers, {
+            "content-length": contentLength,
+            "upload-complete": uploadComplete,
+            "upload-draft-interop-version": uploadDraftInteropVersion,
+            "upload-offset": uploadOffset
+        })
+    }));
+}
 /**
 * Get all users
 */
@@ -6893,13 +7021,15 @@ export enum BulkIdErrorReason {
    Duplicate = "duplicate",
    NoPermission = "no_permission",
    NotFound = "not_found",
-    Unknown = "unknown"
+    Unknown = "unknown",
+    Validation = "validation"
 }
 export enum Error {
    Duplicate = "duplicate",
    NoPermission = "no_permission",
    NotFound = "not_found",
-    Unknown = "unknown"
+    Unknown = "unknown",
+    Validation = "validation"
 }
 export enum Permission {
    All = "all",
@@ -7173,6 +7303,8 @@ export enum JobName {
    AssetFileMigration = "AssetFileMigration",
    AssetGenerateThumbnailsQueueAll = "AssetGenerateThumbnailsQueueAll",
    AssetGenerateThumbnails = "AssetGenerateThumbnails",
+    PartialAssetCleanup = "PartialAssetCleanup",
+    PartialAssetCleanupQueueAll = "PartialAssetCleanupQueueAll",
    AuditLogCleanup = "AuditLogCleanup",
    AuditTableCleanup = "AuditTableCleanup",
    DatabaseBackup = "DatabaseBackup",
@@ -1,9 +1,9 @@
 {
  "name": "immich-monorepo",
-  "version": "2.6.0",
+  "version": "2.6.3",
  "description": "Monorepo for Immich",
  "private": true,
-  "packageManager": "pnpm@10.30.3+sha512.c961d1e0a2d8e354ecaa5166b822516668b7f44cb5bd95122d590dd81922f606f5473b6d23ec4a5be05e7fcd18e8488d47d978bbe981872f1145d06e9a740017",
+  "packageManager": "pnpm@10.32.1+sha512.a706938f0e89ac1456b6563eab4edf1d1faf3368d1191fc5c59790e96dc918e4456ab2e67d613de1043d2e8c81f87303e6b40d4ffeca9df15ef1ad567348f2be",
  "engines": {
    "pnpm": ">=10.0.0"
  }
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .13.1
 .14.0