migrate library e2e tests

fix(mobile): remove upload timeout (#27237 )
remove timeout
2026-05-21 15:16:31 -04:00 · 2026-03-25 22:24:22 +01:00 · 2026-03-24 14:40:48 -04:00 · 2026-03-24 14:31:00 +01:00 · 2026-03-24 12:40:10 +00:00 · 2026-03-24 12:06:19 +00:00
25 changed files with 567 additions and 656 deletions
@@ -51,14 +51,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -79,7 +79,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -103,7 +103,7 @@ jobs:

      - name: Restore Gradle Cache
        id: cache-gradle-restore
-        uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        with:
          path: |
            ~/.gradle/caches
@@ -114,7 +114,7 @@ jobs:
          key: build-mobile-gradle-${{ runner.os }}-main

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2.21.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -153,14 +153,14 @@ jobs:
          fi

      - name: Publish Android Artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: release-apk-signed
          path: mobile/build/app/outputs/flutter-apk/*.apk

      - name: Save Gradle Cache
        id: cache-gradle-save
-        uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
        if: github.ref == 'refs/heads/main'
        with:
          path: |
@@ -185,13 +185,13 @@ jobs:
        run: sudo xcode-select -s /Applications/Xcode_26.2.app/Contents/Developer

      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: ${{ inputs.ref || github.sha }}
          persist-credentials: false

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -210,7 +210,7 @@ jobs:
        working-directory: ./mobile

      - name: Setup Ruby
-        uses: ruby/setup-ruby@v1
+        uses: ruby/setup-ruby@319994f95fa847cf3fb3cd3dbe89f6dcde9f178f # v1.295.0
        with:
          ruby-version: '3.3'
          bundler-cache: true
@@ -291,7 +291,7 @@ jobs:
          security delete-keychain build.keychain || true

      - name: Upload IPA artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: ios-release-ipa
          path: mobile/ios/Runner.ipa
@@ -19,7 +19,7 @@ jobs:
      actions: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -24,7 +24,7 @@ jobs:
          persist-credentials: false

      - name: Check for breaking API changes
-        uses: oasdiff/oasdiff-action/breaking@748daafaf3aac877a36307f842a48d55db938ac8 # v0.0.31
+        uses: oasdiff/oasdiff-action/breaking@2a37bc82462349c03a533b8b608bebbaf57b3e60 # v0.0.33
        with:
          base: https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json
          revision: open-api/immich-openapi-specs.json
@@ -31,7 +31,7 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -42,7 +42,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -71,7 +71,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -83,13 +83,13 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
+        uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          registry: ghcr.io
@@ -104,7 +104,7 @@ jobs:

      - name: Generate docker image tags
        id: metadata
-        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
        with:
          flavor: |
            latest=false
@@ -115,7 +115,7 @@ jobs:
            type=raw,value=latest,enable=${{ github.event_name == 'release' }}

      - name: Build and push image
-        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
+        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
        with:
          file: cli/Dockerfile
          platforms: linux/amd64,linux/arm64
@@ -35,7 +35,7 @@ jobs:
    needs: [get_body, should_run]
    if: ${{ needs.should_run.outputs.should_run == 'true' }}
    container:
-      image: ghcr.io/immich-app/mdq:main@sha256:4f9860d04c88f7f87861f8ee84bfeedaec15ed7ca5ca87bc7db44b036f81645f
+      image: ghcr.io/immich-app/mdq:main@sha256:df7188ba88abb0800d73cc97d3633280f0c0c3d4c441d678225067bf154150fb
    outputs:
      checked: ${{ steps.get_checkbox.outputs.checked }}
    steps:
@@ -44,7 +44,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -57,7 +57,7 @@ jobs:

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/init@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
@@ -70,7 +70,7 @@ jobs:
      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
-        uses: github/codeql-action/autobuild@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/autobuild@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0

      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -83,6 +83,6 @@ jobs:
      #   ./location_of_script_within_repo/buildscript.sh

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/analyze@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0
        with:
          category: '/language:${{matrix.language}}'
@@ -23,14 +23,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -60,7 +60,7 @@ jobs:
        suffix: ['', '-cuda', '-rocm', '-openvino', '-armnn', '-rknn']
    steps:
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -90,7 +90,7 @@ jobs:
        suffix: ['']
    steps:
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
+        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -132,7 +132,7 @@ jobs:
            suffixes: '-rocm'
            platforms: linux/amd64
            runner-mapping: '{"linux/amd64": "pokedex-large"}'
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@bd49ed7a5a6022149f79b6564df48177476a822b # multi-runner-build-workflow-v2.2.1
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
    permissions:
      contents: read
      actions: read
@@ -155,7 +155,7 @@ jobs:
    name: Build and Push Server
    needs: pre-job
    if: ${{ fromJSON(needs.pre-job.outputs.should_run).server == true }}
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@bd49ed7a5a6022149f79b6564df48177476a822b # multi-runner-build-workflow-v2.2.1
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
    permissions:
      contents: read
      actions: read
@@ -21,14 +21,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -54,7 +54,7 @@ jobs:

    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -67,7 +67,7 @@ jobs:
          fetch-depth: 0

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -86,7 +86,7 @@ jobs:
        run: pnpm build

      - name: Upload build output
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: docs-build-output
          path: docs/build/
@@ -20,7 +20,7 @@ jobs:
      artifact: ${{ steps.get-artifact.outputs.result }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -119,7 +119,7 @@ jobs:
    if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -131,7 +131,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@dab18118da6476e8237ac94080fd937983fecd42 # use-mise-action-v1.1.2
+        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3

      - name: Load parameters
        id: parameters
@@ -17,7 +17,7 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -29,7 +29,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@dab18118da6476e8237ac94080fd937983fecd42 # use-mise-action-v1.1.2
+        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3

      - name: Destroy Docs Subdomain
        env:
@@ -16,7 +16,7 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -29,7 +29,7 @@ jobs:
          persist-credentials: true

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -31,7 +31,7 @@ jobs:
      - name: Generate a token
        id: generate_token
        if: ${{ inputs.skip != true }}
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -14,13 +14,13 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Require PR to have a changelog label
-        uses: mheap/github-action-required-labels@8afbe8ae6ab7647d0c9f0cfa7c2f939650d22509 # v5.5.1
+        uses: mheap/github-action-required-labels@0ac283b4e65c1fb28ce6079dea5546ceca98ccbe # v5.5.2
        with:
          token: ${{ steps.token.outputs.token }}
          mode: exactly
@@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -50,7 +50,7 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -63,10 +63,10 @@ jobs:
          ref: main

      - name: Install uv
-        uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -124,7 +124,7 @@ jobs:
    steps:
      - name: Generate a token
        id: generate-token
-        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -136,13 +136,13 @@ jobs:
          persist-credentials: false

      - name: Download APK
-        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          name: release-apk-signed
          github-token: ${{ steps.generate-token.outputs.token }}

      - name: Create draft release
-        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
        with:
          draft: true
          tag_name: ${{ needs.bump_version.outputs.version }}
@@ -14,12 +14,12 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        with:
          github-token: ${{ steps.token.outputs.token }}
          message-id: 'preview-status'
@@ -32,7 +32,7 @@ jobs:
      pull-requests: write
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -48,14 +48,14 @@ jobs:
              name: 'preview'
            })

-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        if: ${{ github.event.pull_request.head.repo.fork }}
        with:
          github-token: ${{ steps.token.outputs.token }}
          message-id: 'preview-status'
          message: 'PRs from forks cannot have preview environments.'

-      - uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2.8.2
+      - uses: mshick/add-pr-comment@ffd016c7e151d97d69d21a843022fd4cd5b96fe5 # v3.9.0
        if: ${{ !github.event.pull_request.head.repo.fork }}
        with:
          github-token: ${{ steps.token.outputs.token }}
@@ -19,7 +19,7 @@ jobs:
        working-directory: ./open-api/typescript-sdk
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -30,7 +30,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0

      # Setup .npmrc file to publish to npm
      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
@@ -20,14 +20,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -49,7 +49,7 @@ jobs:
        working-directory: ./mobile
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -61,7 +61,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2.21.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -17,14 +17,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -63,7 +63,7 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -75,7 +75,7 @@ jobs:
          token: ${{ steps.token.outputs.token }}

      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -108,7 +108,7 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -119,7 +119,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -155,7 +155,7 @@ jobs:
        working-directory: ./cli
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -166,7 +166,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -197,7 +197,7 @@ jobs:
        working-directory: ./web
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -208,7 +208,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -241,7 +241,7 @@ jobs:
        working-directory: ./web
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -252,7 +252,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -279,7 +279,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -290,7 +290,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -327,7 +327,7 @@ jobs:
        working-directory: ./e2e
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -338,7 +338,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -373,7 +373,7 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -385,7 +385,7 @@ jobs:
          submodules: 'recursive'
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -412,7 +412,7 @@ jobs:
        runner: [ubuntu-latest, ubuntu-24.04-arm]
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -424,7 +424,7 @@ jobs:
          submodules: 'recursive'
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -464,7 +464,7 @@ jobs:
        run: docker compose logs --no-color > docker-compose-logs.txt
        working-directory: ./e2e
      - name: Archive Docker logs
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: always()
        with:
          name: e2e-server-docker-logs-${{ matrix.runner }}
@@ -484,7 +484,7 @@ jobs:
        runner: [ubuntu-latest, ubuntu-24.04-arm]
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -496,7 +496,7 @@ jobs:
          submodules: 'recursive'
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -522,7 +522,7 @@ jobs:
        run: pnpm test:web
        if: ${{ !cancelled() }}
      - name: Archive e2e test (web) results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-web-test-results-${{ matrix.runner }}
@@ -533,7 +533,7 @@ jobs:
        run: pnpm test:web:ui
        if: ${{ !cancelled() }}
      - name: Archive ui test (web) results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-ui-test-results-${{ matrix.runner }}
@@ -544,7 +544,7 @@ jobs:
        run: pnpm test:web:maintenance
        if: ${{ !cancelled() }}
      - name: Archive maintenance tests (web) results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: success() || failure()
        with:
          name: e2e-maintenance-isolated-test-results-${{ matrix.runner }}
@@ -554,7 +554,7 @@ jobs:
        run: docker compose logs --no-color > docker-compose-logs.txt
        working-directory: ./e2e
      - name: Archive Docker logs
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        if: always()
        with:
          name: e2e-web-docker-logs-${{ matrix.runner }}
@@ -578,7 +578,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -588,7 +588,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup Flutter SDK
-        uses: subosito/flutter-action@fd55f4c5af5b953cc57a2be44cb082c8f6635e8e # v2.21.0
+        uses: subosito/flutter-action@0ca7a949e71ae44c8e688a51c5e7e93b2c87e295 # v2.22.0
        with:
          channel: 'stable'
          flutter-version-file: ./mobile/pubspec.yaml
@@ -610,7 +610,7 @@ jobs:
        working-directory: ./machine-learning
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -620,7 +620,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Install uv
-        uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
        with:
          python-version: 3.11
      - name: Install dependencies
@@ -650,7 +650,7 @@ jobs:
        working-directory: ./.github
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -661,7 +661,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -680,7 +680,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -701,7 +701,7 @@ jobs:
      contents: read
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -712,7 +712,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -763,7 +763,7 @@ jobs:
        working-directory: ./server
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -774,7 +774,7 @@ jobs:
          persist-credentials: false
          token: ${{ steps.token.outputs.token }}
      - name: Setup pnpm
-        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4.3.0
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
      - name: Setup Node
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
@@ -24,14 +24,14 @@ jobs:
      should_run: ${{ steps.check.outputs.should_run }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

      - name: Check what should run
        id: check
-        uses: immich-app/devtools/actions/pre-job@eed0f8b8165ffcb951f2ba854b2dd031935e1d73 # pre-job-action-v2.0.2
+        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
        with:
          github-token: ${{ steps.token.outputs.token }}
          filters: |
@@ -47,7 +47,7 @@ jobs:
    if: ${{ fromJSON(needs.pre-job.outputs.should_run).i18n == true }}
    steps:
      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@05e16407c0a5492138bb38139c9d9bf067b40886 # create-workflow-token-action-v1.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
        with:
          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -1,5 +1,5 @@
 import { LibraryResponseDto, LoginResponseDto, getAllLibraries } from '@immich/sdk';
-import { cpSync, existsSync, rmSync, unlinkSync } from 'node:fs';
+import { cpSync, existsSync } from 'node:fs';
 import { Socket } from 'socket.io-client';
 import { userDto, uuidDto } from 'src/fixtures';
 import { errorDto } from 'src/responses';
@@ -768,553 +768,6 @@ describe('/libraries', () => {

      utils.removeImageFile(`${testAssetDir}/temp/reimport/asset.jpg`);
    });
-
-    it('should set an asset offline if its file is missing', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp/offline`],
-      });
-
-      utils.createImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-      expect(assets.count).toBe(1);
-
-      utils.removeImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const trashedAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-      expect(trashedAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(trashedAsset.isOffline).toEqual(true);
-
-      const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-      expect(newAssets.items).toEqual([]);
-    });
-
-    it('should set an asset offline if its file is not in any import path', async () => {
-      utils.createImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp/offline`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-      expect(assets.count).toBe(1);
-
-      utils.createDirectory(`${testAssetDir}/temp/another-path/`);
-
-      await utils.updateLibrary(admin.accessToken, library.id, {
-        importPaths: [`${testAssetDirInternal}/temp/another-path/`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const trashedAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-      expect(trashedAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(trashedAsset.isOffline).toBe(true);
-
-      const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-      expect(newAssets.items).toEqual([]);
-
-      utils.removeImageFile(`${testAssetDir}/temp/offline/offline.png`);
-      utils.removeDirectory(`${testAssetDir}/temp/another-path/`);
-    });
-
-    it('should set an asset offline if its file is covered by an exclusion pattern', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, {
-        libraryId: library.id,
-        originalFileName: 'assetB.png',
-      });
-      expect(assets.count).toBe(1);
-
-      await utils.updateLibrary(admin.accessToken, library.id, { exclusionPatterns: ['**/directoryB/**'] });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const trashedAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-      expect(trashedAsset.isTrashed).toBe(true);
-      expect(trashedAsset.originalPath).toBe(`${testAssetDirInternal}/temp/directoryB/assetB.png`);
-      expect(trashedAsset.isOffline).toBe(true);
-
-      const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-      expect(newAssets.items).toEqual([
-        expect.objectContaining({
-          originalFileName: 'assetA.png',
-        }),
-      ]);
-    });
-
-    it('should not set an asset offline if its file exists, is in an import path, and not covered by an exclusion pattern', async () => {
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets: assetsBefore } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-      expect(assetsBefore.count).toBeGreaterThan(1);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-      expect(assets).toEqual(assetsBefore);
-    });
-
-    describe('xmp metadata', async () => {
-      it('should import metadata from file.xmp', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2000-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should import metadata from file.ext.xmp', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2000-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should import metadata in file.ext.xmp before file.xmp if both exist', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2010.xmp`, `${testAssetDir}/temp/xmp/glarus.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2000-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should switch from using file.xmp to file.ext.xmp when asset refreshes', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_000);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2010.xmp`, `${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        unlinkSync(`${testAssetDir}/temp/xmp/glarus.xmp`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_001);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2010-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should switch from using file metadata to file.xmp metadata when asset refreshes', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_000);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.xmp`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_001);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2000-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should switch from using file metadata to file.ext.xmp metadata when asset refreshes', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_000);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_001);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2000-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should switch from using file.ext.xmp to file.xmp when asset refreshes', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_000);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2010.xmp`, `${testAssetDir}/temp/xmp/glarus.xmp`);
-        unlinkSync(`${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_001);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2010-09-27T12:35:33.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should switch from using file.ext.xmp to file metadata', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_000);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        unlinkSync(`${testAssetDir}/temp/xmp/glarus.nef.xmp`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_001);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2010-07-20T17:27:12.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-
-      it('should switch from using file.xmp to file metadata', async () => {
-        const library = await utils.createLibrary(admin.accessToken, {
-          ownerId: admin.userId,
-          importPaths: [`${testAssetDirInternal}/temp/xmp`],
-        });
-
-        cpSync(`${testAssetDir}/metadata/xmp/dates/2000.xmp`, `${testAssetDir}/temp/xmp/glarus.xmp`);
-        cpSync(`${testAssetDir}/formats/raw/Nikon/D80/glarus.nef`, `${testAssetDir}/temp/xmp/glarus.nef`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_000);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        unlinkSync(`${testAssetDir}/temp/xmp/glarus.xmp`);
-        await utimes(`${testAssetDir}/temp/xmp/glarus.nef`, 447_775_200_001);
-
-        await utils.scan(admin.accessToken, library.id);
-
-        const { assets: newAssets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-        expect(newAssets.items).toEqual([
-          expect.objectContaining({
-            originalFileName: 'glarus.nef',
-            fileCreatedAt: '2010-07-20T17:27:12.000Z',
-          }),
-        ]);
-
-        rmSync(`${testAssetDir}/temp/xmp`, { recursive: true, force: true });
-      });
-    });
-
-    it('should set an offline asset to online if its file exists, is in an import path, and not covered by an exclusion pattern', async () => {
-      utils.createImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp/offline`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-      expect(assets.count).toBe(1);
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline/offline.png`, `${testAssetDir}/temp/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const offlineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-      expect(offlineAsset.isTrashed).toBe(true);
-      expect(offlineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(offlineAsset.isOffline).toBe(true);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-        expect(assets.count).toBe(1);
-      }
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline.png`, `${testAssetDir}/temp/offline/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const backOnlineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-      expect(backOnlineAsset.isTrashed).toBe(false);
-      expect(backOnlineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(backOnlineAsset.isOffline).toBe(false);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-        expect(assets.count).toBe(1);
-      }
-    });
-
-    it('should set a trashed offline asset to online but keep it in trash', async () => {
-      utils.createImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp/offline`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-      expect(assets.count).toBe(1);
-
-      await utils.deleteAssets(admin.accessToken, [assets.items[0].id]);
-
-      {
-        const trashedAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-        expect(trashedAsset.isTrashed).toBe(true);
-      }
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline/offline.png`, `${testAssetDir}/temp/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const offlineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-      expect(offlineAsset.isTrashed).toBe(true);
-      expect(offlineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(offlineAsset.isOffline).toBe(true);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-        expect(assets.count).toBe(1);
-      }
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline.png`, `${testAssetDir}/temp/offline/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const backOnlineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-      expect(backOnlineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(backOnlineAsset.isOffline).toBe(false);
-      expect(backOnlineAsset.isTrashed).toBe(true);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-        expect(assets.count).toBe(1);
-      }
-    });
-
-    it('should not set an offline asset to online if its file exists, is not covered by an exclusion pattern, but is outside of all import paths', async () => {
-      utils.createImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp/offline`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline/offline.png`, `${testAssetDir}/temp/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-        expect(assets.count).toBe(1);
-      }
-
-      const offlineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-      expect(offlineAsset.isTrashed).toBe(true);
-      expect(offlineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(offlineAsset.isOffline).toBe(true);
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline.png`, `${testAssetDir}/temp/offline/offline.png`);
-
-      utils.createDirectory(`${testAssetDir}/temp/another-path/`);
-
-      await utils.updateLibrary(admin.accessToken, library.id, {
-        importPaths: [`${testAssetDirInternal}/temp/another-path`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const stillOfflineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-      expect(stillOfflineAsset.isTrashed).toBe(true);
-      expect(stillOfflineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(stillOfflineAsset.isOffline).toBe(true);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-        expect(assets.count).toBe(1);
-      }
-
-      utils.removeDirectory(`${testAssetDir}/temp/another-path/`);
-    });
-
-    it('should not set an offline asset to online if its file exists, is in an import path, but is covered by an exclusion pattern', async () => {
-      utils.createImageFile(`${testAssetDir}/temp/offline/offline.png`);
-
-      const library = await utils.createLibrary(admin.accessToken, {
-        ownerId: admin.userId,
-        importPaths: [`${testAssetDirInternal}/temp/offline`],
-      });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      {
-        const { assets: assetsBefore } = await utils.searchAssets(admin.accessToken, { libraryId: library.id });
-        expect(assetsBefore.count).toBe(1);
-      }
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline/offline.png`, `${testAssetDir}/temp/offline.png`);
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-      expect(assets.count).toBe(1);
-
-      const offlineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-      expect(offlineAsset.isTrashed).toBe(true);
-      expect(offlineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(offlineAsset.isOffline).toBe(true);
-
-      utils.renameImageFile(`${testAssetDir}/temp/offline.png`, `${testAssetDir}/temp/offline/offline.png`);
-
-      await utils.updateLibrary(admin.accessToken, library.id, { exclusionPatterns: ['**/offline/**'] });
-
-      await utils.scan(admin.accessToken, library.id);
-
-      const stillOfflineAsset = await utils.getAssetInfo(admin.accessToken, assets.items[0].id);
-
-      expect(stillOfflineAsset.isTrashed).toBe(true);
-      expect(stillOfflineAsset.originalPath).toBe(`${testAssetDirInternal}/temp/offline/offline.png`);
-      expect(stillOfflineAsset.isOffline).toBe(true);
-
-      {
-        const { assets } = await utils.searchAssets(admin.accessToken, { libraryId: library.id, withDeleted: true });
-        expect(assets.count).toBe(1);
-      }
-    });
  });

  describe('POST /libraries/:id/validate', () => {
@@ -150,7 +150,6 @@ class URLSessionManager: NSObject {
    config.httpCookieStorage = cookieStorage
    config.httpMaximumConnectionsPerHost = 64
    config.timeoutIntervalForRequest = 60
-    config.timeoutIntervalForResource = 300

    var headers = UserDefaults.group.dictionary(forKey: HEADERS_KEY) as? [String: String] ?? [:]
    headers["User-Agent"] = headers["User-Agent"] ?? userAgent
@@ -52,7 +52,7 @@ FROM builder AS plugins

 ARG TARGETPLATFORM

-COPY --from=ghcr.io/jdx/mise:2026.1.1@sha256:a55c391f7582f34c58bce1a85090cd526596402ba77fc32b06c49b8404ef9c14 /usr/local/bin/mise /usr/local/bin/mise
+COPY --from=ghcr.io/jdx/mise:2026.3.12@sha256:0210678cbf58413806531a27adb2c7daf1c37238e56e8f7ea381d73521571775 /usr/local/bin/mise /usr/local/bin/mise

 WORKDIR /usr/src/app
 COPY ./plugins/mise.toml ./plugins/
@@ -30,6 +30,7 @@ import { DatabaseRepository } from 'src/repositories/database.repository';
 import { EmailRepository } from 'src/repositories/email.repository';
 import { EventRepository } from 'src/repositories/event.repository';
 import { JobRepository } from 'src/repositories/job.repository';
+import { LibraryRepository } from 'src/repositories/library.repository';
 import { LoggingRepository } from 'src/repositories/logging.repository';
 import { MachineLearningRepository } from 'src/repositories/machine-learning.repository';
 import { MapRepository } from 'src/repositories/map.repository';
@@ -406,6 +407,7 @@ const newRealRepository = <T>(key: ClassConstructor<T>, db: Kysely<DB>): T => {
    case AssetEditRepository:
    case AssetJobRepository:
    case MemoryRepository:
+    case LibraryRepository:
    case NotificationRepository:
    case OcrRepository:
    case PartnerRepository:
@@ -468,6 +470,7 @@ const newMockRepository = <T>(key: ClassConstructor<T>) => {
    case AssetJobRepository:
    case ConfigRepository:
    case CryptoRepository:
+    case LibraryRepository:
    case MemoryRepository:
    case NotificationRepository:
    case OcrRepository:
@@ -0,0 +1,456 @@
+import { Kysely } from 'kysely';
+import { Stats } from 'node:fs';
+import { join } from 'node:path';
+import { AssetStatus, JobName, JobStatus } from 'src/enum';
+import { AssetJobRepository } from 'src/repositories/asset-job.repository';
+import { AssetRepository } from 'src/repositories/asset.repository';
+import { CryptoRepository } from 'src/repositories/crypto.repository';
+import { JobRepository } from 'src/repositories/job.repository';
+import { LibraryRepository } from 'src/repositories/library.repository';
+import { LoggingRepository } from 'src/repositories/logging.repository';
+import { StorageRepository } from 'src/repositories/storage.repository';
+import { DB } from 'src/schema';
+import { LibraryService } from 'src/services/library.service';
+import { newMediumService, testAssetsDir } from 'test/medium.factory';
+import { getKyselyDB } from 'test/utils';
+
+let defaultDatabase: Kysely<DB>;
+
+const createFileStats = (mtimeMs: number): Stats => {
+  return { mtime: new Date(mtimeMs) } as Stats;
+};
+
+const setup = (db?: Kysely<DB>) => {
+  const context = newMediumService(LibraryService, {
+    database: db || defaultDatabase,
+    real: [AssetRepository, AssetJobRepository, CryptoRepository, LibraryRepository],
+    mock: [StorageRepository, JobRepository, LoggingRepository],
+  });
+
+  const jobs = context.ctx.getMock(JobRepository);
+  jobs.queue.mockResolvedValue();
+  jobs.queueAll.mockResolvedValue();
+
+  return context;
+};
+
+beforeAll(async () => {
+  defaultDatabase = await getKyselyDB();
+});
+
+describe(LibraryService.name, () => {
+  const importRoot = '/libraries/offline';
+  const importPath = `${importRoot}/in-path`;
+  const excludedPath = `${importRoot}/excluded`;
+  const outsidePath = '/libraries/outside';
+
+  const createLibrary = async (
+    ctx: ReturnType<typeof setup>['ctx'],
+    options: { importPaths?: string[]; exclusionPatterns?: string[] } = {},
+  ) => {
+    const { user } = await ctx.newUser();
+    return ctx.get(LibraryRepository).create({
+      ownerId: user.id,
+      name: 'Medium test library',
+      importPaths: options.importPaths ?? [importPath],
+      exclusionPatterns: options.exclusionPatterns ?? [],
+    });
+  };
+
+  describe('offline asset handling', () => {
+    it('should set an asset offline if its file is missing', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx);
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${importPath}/offline.png`,
+        isExternal: true,
+        isOffline: false,
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockRejectedValue(new Error('ENOENT'));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: true }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+
+    it('should set an asset offline if its file is not in any import path', async () => {
+      const { sut, ctx } = setup();
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, { importPaths: [importPath] });
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${outsidePath}/offline.png`,
+        isExternal: true,
+        isOffline: false,
+        status: AssetStatus.Active,
+      });
+
+      await expect(sut.handleQueueSyncAssets({ id: library.id })).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: true }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+
+    it('should set an asset offline if its file is covered by an exclusion pattern', async () => {
+      const { sut, ctx } = setup();
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, {
+        importPaths: [importRoot],
+        exclusionPatterns: ['**/excluded/**'],
+      });
+
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${excludedPath}/offline.png`,
+        isExternal: true,
+        isOffline: false,
+        status: AssetStatus.Active,
+      });
+
+      await expect(sut.handleQueueSyncAssets({ id: library.id })).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: true }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+
+    it('should not set an asset offline if file exists in import path and is not excluded', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, {
+        importPaths: [importRoot],
+        exclusionPatterns: ['**/excluded/**'],
+      });
+
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${importPath}/online.png`,
+        isExternal: true,
+        isOffline: false,
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_000));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: false }));
+      expect(updated?.deletedAt).toBeNull();
+    });
+
+    it('should set an offline asset to online if its file exists in an import path and is not excluded', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, { importPaths: [importPath] });
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${importPath}/offline.png`,
+        isExternal: true,
+        isOffline: true,
+        deletedAt: new Date(),
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_000));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: false }));
+      expect(updated?.deletedAt).toBeNull();
+    });
+
+    it('should not set an offline asset to online if its file exists in an import path but is excluded', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, {
+        importPaths: [importRoot],
+        exclusionPatterns: ['**/offline/**'],
+      });
+
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${importRoot}/offline/offline.png`,
+        isExternal: true,
+        isOffline: true,
+        deletedAt: new Date(),
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_000));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: true }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+
+    it('should keep an offline asset offline if it is outside import paths', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, { importPaths: [importPath] });
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${outsidePath}/offline.png`,
+        isExternal: true,
+        isOffline: true,
+        deletedAt: new Date(),
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_000));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: true }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+
+    it('should set a trashed asset offline if its file is missing', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, { importPaths: [importPath] });
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${importPath}/offline.png`,
+        isExternal: true,
+        isOffline: false,
+        deletedAt: new Date(),
+        status: AssetStatus.Trashed,
+      });
+
+      storage.stat.mockRejectedValue(new Error('ENOENT'));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: true }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+
+    it('should set a trashed offline asset to online but keep it in trash', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const assetRepo = ctx.get(AssetRepository);
+
+      const library = await createLibrary(ctx, { importPaths: [importPath] });
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: `${importPath}/offline.png`,
+        isExternal: true,
+        isOffline: true,
+        deletedAt: new Date(),
+        status: AssetStatus.Trashed,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_000));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      const updated = await assetRepo.getById(asset.id);
+      expect(updated).toEqual(expect.objectContaining({ isOffline: false }));
+      expect(updated?.deletedAt).toBeInstanceOf(Date);
+    });
+  });
+
+  describe('xmp scan behavior', () => {
+    it('should queue sidecar checks for newly imported assets', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const jobs = ctx.getMock(JobRepository);
+      jobs.queueAll.mockResolvedValue();
+
+      const library = await createLibrary(ctx, { importPaths: ['/libraries/xmp'] });
+      const rawPath = join(testAssetsDir, 'formats/raw/Nikon/D80/glarus.nef');
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_000));
+
+      await expect(
+        sut.handleSyncFiles({
+          libraryId: library.id,
+          paths: [rawPath],
+          progressCounter: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      expect(jobs.queueAll).toHaveBeenCalledWith([
+        expect.objectContaining({
+          name: JobName.SidecarCheck,
+          data: expect.objectContaining({ id: expect.any(String) }),
+        }),
+      ]);
+    });
+
+    it('should queue sidecar checks for assets whose file changed', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const jobs = ctx.getMock(JobRepository);
+      jobs.queueAll.mockResolvedValue();
+
+      const library = await createLibrary(ctx, { importPaths: ['/libraries/xmp'] });
+      const rawPath = join(testAssetsDir, 'formats/raw/Nikon/D80/glarus.nef');
+
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: rawPath,
+        fileModifiedAt: new Date(1_700_000_000_000),
+        isExternal: true,
+        isOffline: false,
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(1_700_000_000_001));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      expect(jobs.queueAll).toHaveBeenCalledWith([
+        {
+          name: JobName.SidecarCheck,
+          data: { id: asset.id, source: 'upload' },
+        },
+      ]);
+    });
+
+    it('should not queue sidecar checks for unchanged assets', async () => {
+      const { sut, ctx } = setup();
+      const storage = ctx.getMock(StorageRepository);
+      const jobs = ctx.getMock(JobRepository);
+      jobs.queueAll.mockResolvedValue();
+
+      const library = await createLibrary(ctx, { importPaths: ['/libraries/xmp'] });
+      const rawPath = join(testAssetsDir, 'formats/raw/Nikon/D80/glarus.nef');
+
+      const mtimeMs = 1_700_000_000_000;
+      const { asset } = await ctx.newAsset({
+        ownerId: library.ownerId,
+        libraryId: library.id,
+        originalPath: rawPath,
+        fileModifiedAt: new Date(mtimeMs),
+        isExternal: true,
+        isOffline: false,
+        status: AssetStatus.Active,
+      });
+
+      storage.stat.mockResolvedValue(createFileStats(mtimeMs));
+
+      await expect(
+        sut.handleSyncAssets({
+          libraryId: library.id,
+          importPaths: library.importPaths,
+          exclusionPatterns: library.exclusionPatterns,
+          assetIds: [asset.id],
+          progressCounter: 1,
+          totalAssets: 1,
+        }),
+      ).resolves.toBe(JobStatus.Success);
+
+      expect(jobs.queueAll).not.toHaveBeenCalled();
+    });
+  });
+});
Author	SHA1	Message	Date
Jonathan Jogenfors	21c54c740a	migrate library e2e tests	2026-03-25 22:24:22 +01:00
Mert	a9666d2cef	fix(mobile): remove upload timeout (#27237 ) remove timeout	2026-03-24 14:40:48 -04:00
renovate[bot]	4af9edc20b	chore(deps): update github-actions (#27215 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-24 14:31:00 +01:00
renovate[bot]	c975fe5bc7	chore(deps): update github-actions (major) (#27225 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-24 12:40:10 +00:00
renovate[bot]	12a4d8e2ee	chore(deps): update ghcr.io/jdx/mise docker tag to v2026.3.12 (#27224 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-03-24 12:06:19 +00:00