fix: point to real component

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Dietzler <mail@ddietzler.dev>

.devcontainer/devcontainer.json

@@ -85,7 +85,10 @@
   "features": {
     "ghcr.io/devcontainers/features/docker-in-docker:2": {
       // https://github.com/devcontainers/features/issues/1466
-      "moby": false
+      "moby": false,
+      "dockerDashComposeVersion": "none",
+      "installDockerBuildx": false,
+      "installDockerComposeSwitch": false
     }
   },
   "forwardPorts": [3000, 9231, 9230, 2283],

.gitattributes

@@ -6,6 +6,12 @@ mobile/openapi/**/*.dart linguist-generated=true
 mobile/lib/**/*.g.dart -diff -merge
 mobile/lib/**/*.g.dart linguist-generated=true
 
+mobile/android/**/*.g.kt -diff -merge
+mobile/android/**/*.g.kt linguist-generated=true
+
+mobile/ios/**/*.g.swift -diff -merge
+mobile/ios/**/*.g.swift linguist-generated=true
+
 mobile/lib/**/*.drift.dart -diff -merge
 mobile/lib/**/*.drift.dart linguist-generated=true
 

.github/.nvmrc

@@ -1 +1 @@
-24.14.1
+24.15.0

.github/workflows/auto-close.yml

@@ -51,7 +51,7 @@ jobs:
         run: |
           gh api graphql \
             -f prId="$NODE_ID" \
-            -f body="This PR has been automatically closed as the description doesn't follow our template. After you edit it to match the template, the PR will automatically be reopened." \
+            -f body="This PR has been automatically closed as the description doesn't follow [our template](https://github.com/immich-app/immich/blob/main/.github/pull_request_template.md). After you edit it to match the template, the PR will automatically be reopened." \
             -f query='
               mutation CommentAndClosePR($prId: ID!, $body: String!) {
                 addComment(input: {

.github/workflows/build-mobile.yml

@@ -51,14 +51,14 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check what should run
         id: check
-        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
+        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
@@ -79,9 +79,9 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -103,7 +103,7 @@ jobs:
 
       - name: Restore Gradle Cache
         id: cache-gradle-restore
-        uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
         with:
           path: |
             ~/.gradle/caches
@@ -121,7 +121,7 @@ jobs:
           cache: true
 
       - name: Setup Android SDK
-        uses: android-actions/setup-android@9fc6c4e9069bf8d3d10b2204b1fb8f6ef7065407 # v3.2.2
+        uses: android-actions/setup-android@40fd30fb8d7440372e1316f5d1809ec01dcd3699 # v4.0.1
         with:
           packages: ''
 
@@ -153,14 +153,14 @@ jobs:
           fi
 
       - name: Publish Android Artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: release-apk-signed
           path: mobile/build/app/outputs/flutter-apk/*.apk
 
       - name: Save Gradle Cache
         id: cache-gradle-save
-        uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
         if: github.ref == 'refs/heads/main'
         with:
           path: |
@@ -210,7 +210,7 @@ jobs:
         working-directory: ./mobile
 
       - name: Setup Ruby
-        uses: ruby/setup-ruby@3ff19f5e2baf30647122352b96108b1fbe250c64 # v1.299.0
+        uses: ruby/setup-ruby@c4e5b1316158f92e3d49443a9d58b31d25ac0f8f # v1.306.0
         with:
           ruby-version: '3.3'
           bundler-cache: true
@@ -291,7 +291,7 @@ jobs:
           security delete-keychain build.keychain || true
 
       - name: Upload IPA artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: ios-release-ipa
           path: mobile/ios/Runner.ipa

.github/workflows/cache-cleanup.yml

@@ -19,9 +19,9 @@ jobs:
       actions: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check out code

.github/workflows/check-openapi.yml

@@ -24,7 +24,7 @@ jobs:
           persist-credentials: false
 
       - name: Check for breaking API changes
-        uses: oasdiff/oasdiff-action/breaking@1f38ea5ea0b4a2e4e49901c3bcdf4386a05e9ea1 # v0.0.37
+        uses: oasdiff/oasdiff-action/breaking@37bf9ff785c7315df88216660826e71be4cc03da # v0.0.44
         with:
           base: https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json
           revision: open-api/immich-openapi-specs.json

.github/workflows/cli.yml

@@ -31,9 +31,9 @@ jobs:
         working-directory: ./cli
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -45,7 +45,7 @@ jobs:
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
 
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './cli/.nvmrc'
           registry-url: 'https://registry.npmjs.org'
@@ -71,9 +71,9 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
@@ -115,7 +115,7 @@ jobs:
             type=raw,value=latest,enable=${{ github.event_name == 'release' }}
 
       - name: Build and push image
-        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
+        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
         with:
           file: cli/Dockerfile
           platforms: linux/amd64,linux/arm64

.github/workflows/close-duplicates.yml

@@ -35,7 +35,7 @@ jobs:
     needs: [get_body, should_run]
     if: ${{ needs.should_run.outputs.should_run == 'true' }}
     container:
-      image: ghcr.io/immich-app/mdq:main@sha256:557cca601891b8b7d78b940071d35aaf7aaeb9b327d19b22cf282118edbc5272
+      image: ghcr.io/immich-app/mdq:main@sha256:32abe582452b12dff55055e1d6bc24508a8f17164f9d1831db7bb70953c014c6
     outputs:
       checked: ${{ steps.get_checkbox.outputs.checked }}
     steps:

.github/workflows/codeql-analysis.yml

@@ -44,9 +44,9 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout repository
@@ -57,7 +57,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -70,7 +70,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -83,6 +83,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           category: '/language:${{matrix.language}}'

.github/workflows/docker.yml

@@ -23,14 +23,14 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check what should run
         id: check
-        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
+        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
@@ -132,7 +132,7 @@ jobs:
             suffixes: '-rocm'
             platforms: linux/amd64
             runner-mapping: '{"linux/amd64": "pokedex-large"}'
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@5813c7c4f7016c748ae7ac5d5f684846649d4d20 # multi-runner-build-workflow-v2.4.0
     permissions:
       contents: read
       actions: read
@@ -155,7 +155,7 @@ jobs:
     name: Build and Push Server
     needs: pre-job
     if: ${{ fromJSON(needs.pre-job.outputs.should_run).server == true }}
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@61a0fc2b41524edcc7c9fffb8bb178e6b0ccf21d # multi-runner-build-workflow-v2.3.0
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@5813c7c4f7016c748ae7ac5d5f684846649d4d20 # multi-runner-build-workflow-v2.4.0
     permissions:
       contents: read
       actions: read
@@ -178,7 +178,7 @@ jobs:
     runs-on: ubuntu-latest
     if: always()
     steps:
-      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
+      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
         with:
           needs: ${{ toJSON(needs) }}
 
@@ -189,6 +189,6 @@ jobs:
     runs-on: ubuntu-latest
     if: always()
     steps:
-      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
+      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
         with:
           needs: ${{ toJSON(needs) }}

.github/workflows/docs-build.yml

@@ -21,14 +21,14 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check what should run
         id: check
-        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
+        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
@@ -54,9 +54,9 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -70,7 +70,7 @@ jobs:
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
 
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './docs/.nvmrc'
           cache: 'pnpm'
@@ -86,7 +86,7 @@ jobs:
         run: pnpm build
 
       - name: Upload build output
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: docs-build-output
           path: docs/build/

.github/workflows/docs-deploy.yml

@@ -20,16 +20,16 @@ jobs:
       artifact: ${{ steps.get-artifact.outputs.result }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - if: ${{ github.event.workflow_run.conclusion != 'success' }}
         run: echo 'The triggering workflow did not succeed' && exit 1
       - name: Get artifact
         id: get-artifact
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         with:
           github-token: ${{ steps.token.outputs.token }}
           script: |
@@ -48,7 +48,7 @@ jobs:
             return { found: true, id: matchArtifact.id };
       - name: Determine deploy parameters
         id: parameters
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         env:
           HEAD_SHA: ${{ github.event.workflow_run.head_sha }}
         with:
@@ -119,9 +119,9 @@ jobs:
     if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -131,11 +131,13 @@ jobs:
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3
+        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
+        with:
+          github_token: ${{ steps.token.outputs.token }}
 
       - name: Load parameters
         id: parameters
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         env:
           PARAM_JSON: ${{ needs.checks.outputs.parameters }}
         with:
@@ -147,7 +149,7 @@ jobs:
             core.setOutput("shouldDeploy", parameters.shouldDeploy);
 
       - name: Download artifact
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         env:
           ARTIFACT_JSON: ${{ needs.checks.outputs.artifact }}
         with:
@@ -211,7 +213,7 @@ jobs:
         run: 'mise run //deployment:tf apply'
 
       - name: Comment
-        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3.2.0
+        uses: actions-cool/maintain-one-comment@909842216bc8e8658364c572ec52100f4c2cc50a # v3.3.0
         if: ${{ steps.parameters.outputs.event == 'pr' }}
         with:
           token: ${{ steps.token.outputs.token }}

.github/workflows/docs-destroy.yml

@@ -17,9 +17,9 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -29,7 +29,9 @@ jobs:
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@035e80a7d4355d5f087ffb95db9e4a0944c04e56 # use-mise-action-v1.1.3
+        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
+        with:
+          github_token: ${{ steps.token.outputs.token }}
 
       - name: Destroy Docs Subdomain
         env:
@@ -42,7 +44,7 @@ jobs:
         run: 'mise run //deployment:tf destroy -- -refresh=false'
 
       - name: Comment
-        uses: actions-cool/maintain-one-comment@4b2dbf086015f892dcb5e8c1106f5fccd6c1476b # v3.2.0
+        uses: actions-cool/maintain-one-comment@909842216bc8e8658364c572ec52100f4c2cc50a # v3.3.0
         with:
           token: ${{ steps.token.outputs.token }}
           number: ${{ github.event.number }}

.github/workflows/fix-format.yml

@@ -16,9 +16,9 @@ jobs:
     steps:
       - name: Generate a token
         id: generate-token
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: 'Checkout'
@@ -29,10 +29,10 @@ jobs:
           persist-credentials: true
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
+        uses: pnpm/action-setup@26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a # v6.0.4
 
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './server/.nvmrc'
           cache: 'pnpm'
@@ -42,13 +42,13 @@ jobs:
         run: pnpm --recursive install && pnpm run --recursive --if-present --parallel format:fix
 
       - name: Commit and push
-        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
+        uses: EndBug/add-and-commit@290ea2c423ad77ca9c62ae0f5b224379612c0321 # v10.0.0
         with:
           default_author: github_actions
           message: 'chore: fix formatting'
 
       - name: Remove label
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         if: always()
         with:
           github-token: ${{ steps.generate-token.outputs.token }}

.github/workflows/merge-translations.yml

@@ -4,7 +4,7 @@ on:
   workflow_dispatch:
   workflow_call:
     secrets:
-      PUSH_O_MATIC_APP_ID:
+      PUSH_O_MATIC_APP_CLIENT_ID:
         required: true
       PUSH_O_MATIC_APP_KEY:
         required: true
@@ -31,9 +31,9 @@ jobs:
       - name: Generate a token
         id: generate_token
         if: ${{ inputs.skip != true }}
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Find translation PR

.github/workflows/pr-label-validation.yml

@@ -14,9 +14,9 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Require PR to have a changelog label

.github/workflows/pr-labeler.yml

@@ -12,9 +12,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1

.github/workflows/prepare-release.yml

@@ -36,7 +36,7 @@ jobs:
     permissions:
       pull-requests: write
     secrets:
-      PUSH_O_MATIC_APP_ID: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+      PUSH_O_MATIC_APP_CLIENT_ID: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
       PUSH_O_MATIC_APP_KEY: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
       WEBLATE_TOKEN: ${{ secrets.WEBLATE_TOKEN }}
 
@@ -50,9 +50,9 @@ jobs:
     steps:
       - name: Generate a token
         id: generate-token
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
@@ -63,13 +63,13 @@ jobs:
           ref: main
 
       - name: Install uv
-        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
+        uses: pnpm/action-setup@26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a # v6.0.4
 
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './server/.nvmrc'
           cache: 'pnpm'
@@ -86,7 +86,7 @@ jobs:
 
       - name: Commit and tag
         id: push-tag
-        uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5 # v9.1.4
+        uses: EndBug/add-and-commit@290ea2c423ad77ca9c62ae0f5b224379612c0321 # v10.0.0
         with:
           default_author: github_actions
           message: 'chore: version ${{ steps.output.outputs.version }}'
@@ -124,9 +124,9 @@ jobs:
     steps:
       - name: Generate a token
         id: generate-token
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
@@ -142,7 +142,7 @@ jobs:
           github-token: ${{ steps.generate-token.outputs.token }}
 
       - name: Create draft release
-        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
+        uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2.6.2
         with:
           draft: true
           tag_name: ${{ needs.bump_version.outputs.version }}

.github/workflows/preview-label.yaml

@@ -14,12 +14,12 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: mshick/add-pr-comment@64b8e914979889d746c99dea15a76e77ef64580a # v3.10.0
+      - uses: mshick/add-pr-comment@8e4927817251f1ff60c001f04568532b38e0b4a0 # v3.11.0
         with:
           github-token: ${{ steps.token.outputs.token }}
           message-id: 'preview-status'
@@ -32,12 +32,12 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         with:
           github-token: ${{ steps.token.outputs.token }}
           script: |
@@ -48,14 +48,14 @@ jobs:
               name: 'preview'
             })
 
-      - uses: mshick/add-pr-comment@64b8e914979889d746c99dea15a76e77ef64580a # v3.10.0
+      - uses: mshick/add-pr-comment@8e4927817251f1ff60c001f04568532b38e0b4a0 # v3.11.0
         if: ${{ github.event.pull_request.head.repo.fork }}
         with:
           github-token: ${{ steps.token.outputs.token }}
           message-id: 'preview-status'
           message: 'PRs from forks cannot have preview environments.'
 
-      - uses: mshick/add-pr-comment@64b8e914979889d746c99dea15a76e77ef64580a # v3.10.0
+      - uses: mshick/add-pr-comment@8e4927817251f1ff60c001f04568532b38e0b4a0 # v3.11.0
         if: ${{ !github.event.pull_request.head.repo.fork }}
         with:
           github-token: ${{ steps.token.outputs.token }}

.github/workflows/sdk.yml

@@ -19,9 +19,9 @@ jobs:
         working-directory: ./open-api/typescript-sdk
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -33,7 +33,7 @@ jobs:
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
 
       # Setup .npmrc file to publish to npm
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './open-api/typescript-sdk/.nvmrc'
           registry-url: 'https://registry.npmjs.org'

.github/workflows/static_analysis.yml

@@ -20,14 +20,14 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check what should run
         id: check
-        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
+        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
@@ -49,9 +49,9 @@ jobs:
         working-directory: ./mobile
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code

.github/workflows/test.yml

@@ -17,14 +17,14 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check what should run
         id: check
-        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
+        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
@@ -34,13 +34,17 @@ jobs:
               - 'web/**'
               - 'i18n/**'
               - 'open-api/typescript-sdk/**'
+              - 'pnpm-lock.yaml'
             server:
               - 'server/**'
+              - 'pnpm-lock.yaml'
             cli:
               - 'cli/**'
               - 'open-api/typescript-sdk/**'
+              - 'pnpm-lock.yaml'
             e2e:
               - 'e2e/**'
+              - 'pnpm-lock.yaml'
             mobile:
               - 'mobile/**'
             machine-learning:
@@ -63,9 +67,9 @@ jobs:
         working-directory: ./server
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -77,11 +81,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './server/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run package manager install
         run: pnpm install
       - name: Run linter
@@ -108,9 +114,9 @@ jobs:
         working-directory: ./cli
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -121,11 +127,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './cli/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Setup typescript-sdk
         run: pnpm install && pnpm run build
         working-directory: ./open-api/typescript-sdk
@@ -155,9 +163,9 @@ jobs:
         working-directory: ./cli
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -168,11 +176,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './cli/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Setup typescript-sdk
         run: pnpm install --frozen-lockfile && pnpm build
         working-directory: ./open-api/typescript-sdk
@@ -197,9 +207,9 @@ jobs:
         working-directory: ./web
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -210,11 +220,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './web/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run setup typescript-sdk
         run: pnpm install --frozen-lockfile && pnpm build
         working-directory: ./open-api/typescript-sdk
@@ -241,9 +253,9 @@ jobs:
         working-directory: ./web
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -254,11 +266,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './web/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run setup typescript-sdk
         run: pnpm install --frozen-lockfile && pnpm build
         working-directory: ./open-api/typescript-sdk
@@ -279,9 +293,9 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -292,11 +306,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './web/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Install dependencies
         run: pnpm --filter=immich-i18n install --frozen-lockfile
       - name: Format
@@ -327,9 +343,9 @@ jobs:
         working-directory: ./e2e
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -340,11 +356,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './e2e/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run setup typescript-sdk
         run: pnpm install --frozen-lockfile && pnpm build
         working-directory: ./open-api/typescript-sdk
@@ -373,9 +391,9 @@ jobs:
         working-directory: ./server
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -387,11 +405,17 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './server/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
+      - name: Setup Mise
+        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
+        with:
+          github_token: ${{ steps.token.outputs.token }}
       - name: Run pnpm install
         run: SHARP_IGNORE_GLOBAL_LIBVIPS=true pnpm install --frozen-lockfile
       - name: Run medium tests
@@ -412,9 +436,9 @@ jobs:
         runner: [ubuntu-latest, ubuntu-24.04-arm]
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -426,11 +450,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './e2e/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run setup typescript-sdk
         run: pnpm install --frozen-lockfile && pnpm build
         working-directory: ./open-api/typescript-sdk
@@ -464,7 +490,7 @@ jobs:
         run: docker compose logs --no-color > docker-compose-logs.txt
         working-directory: ./e2e
       - name: Archive Docker logs
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         if: always()
         with:
           name: e2e-server-docker-logs-${{ matrix.runner }}
@@ -484,9 +510,9 @@ jobs:
         runner: [ubuntu-latest, ubuntu-24.04-arm]
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -498,11 +524,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './e2e/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run setup typescript-sdk
         run: pnpm install --frozen-lockfile && pnpm build
         working-directory: ./open-api/typescript-sdk
@@ -522,7 +550,7 @@ jobs:
         run: pnpm test:web
         if: ${{ !cancelled() }}
       - name: Archive e2e test (web) results
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         if: success() || failure()
         with:
           name: e2e-web-test-results-${{ matrix.runner }}
@@ -533,7 +561,7 @@ jobs:
         run: pnpm test:web:ui
         if: ${{ !cancelled() }}
       - name: Archive ui test (web) results
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         if: success() || failure()
         with:
           name: e2e-ui-test-results-${{ matrix.runner }}
@@ -544,7 +572,7 @@ jobs:
         run: pnpm test:web:maintenance
         if: ${{ !cancelled() }}
       - name: Archive maintenance tests (web) results
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         if: success() || failure()
         with:
           name: e2e-maintenance-isolated-test-results-${{ matrix.runner }}
@@ -554,7 +582,7 @@ jobs:
         run: docker compose logs --no-color > docker-compose-logs.txt
         working-directory: ./e2e
       - name: Archive Docker logs
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         if: always()
         with:
           name: e2e-web-docker-logs-${{ matrix.runner }}
@@ -566,7 +594,7 @@ jobs:
     runs-on: ubuntu-latest
     if: always()
     steps:
-      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
+      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
         with:
           needs: ${{ toJSON(needs) }}
   mobile-unit-tests:
@@ -578,9 +606,9 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -605,39 +633,40 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       contents: read
+    env:
+      MISE_CEILING_PATHS: ${{ github.workspace }}
+      MISE_TRUSTED_CONFIG_PATHS: ${{ github.workspace }}/machine-learning/mise.toml
     defaults:
       run:
         working-directory: ./machine-learning
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
-      - name: Install uv
-        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
+
+      - name: Setup Mise
+        uses: immich-app/devtools/actions/use-mise@01a4d354b70f99a6baf4a1b72827f6d4922e4978 # use-mise-action-v2.0.0
         with:
-          python-version: 3.11
+          github_token: ${{ steps.token.outputs.token }}
+          working_directory: ./machine-learning
+
       - name: Install dependencies
-        run: |
-          uv sync --extra cpu
-      - name: Lint with ruff
-        run: |
-          uv run ruff check --output-format=github immich_ml
-      - name: Format with ruff
-        run: |
-          uv run ruff format --check immich_ml
-      - name: Run mypy type checking
-        run: |
-          uv run mypy --strict immich_ml/
+        run: mise run install --extra cpu
+      - name: Lint code
+        run: mise run lint --output-format=github
+      - name: Format code
+        run: mise run format
+      - name: Run type checking
+        run: mise run check
       - name: Run tests and coverage
-        run: |
-          uv run pytest --cov=immich_ml --cov-report term-missing
+        run: mise run test
   github-files-formatting:
     name: .github Files Formatting
     needs: pre-job
@@ -650,9 +679,9 @@ jobs:
         working-directory: ./.github
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -663,11 +692,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './.github/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Run pnpm install
         run: pnpm install --frozen-lockfile
       - name: Run formatter
@@ -680,9 +711,9 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -701,9 +732,9 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -714,11 +745,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './server/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Install server dependencies
         run: SHARP_IGNORE_GLOBAL_LIBVIPS=true pnpm --filter immich install --frozen-lockfile
       - name: Build the app
@@ -763,9 +796,9 @@ jobs:
         working-directory: ./server
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
@@ -776,11 +809,13 @@ jobs:
       - name: Setup pnpm
         uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: './server/.nvmrc'
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
+      - name: Configure npm registry
+        run: pnpm set registry https://npm.raccoon.sh/
       - name: Install server dependencies
         run: SHARP_IGNORE_GLOBAL_LIBVIPS=true pnpm install --frozen-lockfile
       - name: Build the app

.github/workflows/weblate-lock.yml

@@ -24,14 +24,14 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check what should run
         id: check
-        uses: immich-app/devtools/actions/pre-job@f50e3b600b6ac1763ddb8f3dfc69093512b967a1 # pre-job-action-v2.0.3
+        uses: immich-app/devtools/actions/pre-job@91f342bb4477c4bc10c576ae739da875d85aa164 # pre-job-action-v2.0.4
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
@@ -47,9 +47,9 @@ jobs:
     if: ${{ fromJSON(needs.pre-job.outputs.should_run).i18n == true }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@57ff6ebfd507b045514442683ff06ff1b2f6efbd # create-workflow-token-action-v1.0.2
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
+          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Bot review status
@@ -68,6 +68,6 @@ jobs:
     permissions: {}
     if: always()
     steps:
-      - uses: immich-app/devtools/actions/success-check@53bb77345ee9f953f93bd6fd9980f07a2f24965e # success-check-action-v0.0.5
+      - uses: immich-app/devtools/actions/success-check@81113db03f6d743efee81e0058c0b43f6cd6f36d # success-check-action-v0.0.6
         with:
           needs: ${{ toJSON(needs) }}

.gitmodules

@@ -1,6 +1,3 @@
-[submodule "mobile/.isar"]
-	path = mobile/.isar
-	url = https://github.com/isar/isar
 [submodule "e2e/test-assets"]
 	path = e2e/test-assets
 	url = https://github.com/immich-app/test-assets

.vscode/settings.json

@@ -13,10 +13,6 @@
     "editor.wordBasedSuggestions": "off"
   },
   "[javascript]": {
-    "editor.codeActionsOnSave": {
-      "source.organizeImports": "explicit",
-      "source.removeUnusedImports": "explicit"
-    },
     "editor.defaultFormatter": "esbenp.prettier-vscode",
     "editor.formatOnSave": true
   },
@@ -29,18 +25,14 @@
     "editor.formatOnSave": true
   },
   "[svelte]": {
-    "editor.codeActionsOnSave": {
-      "source.organizeImports": "explicit",
-      "source.removeUnusedImports": "explicit"
-    },
     "editor.defaultFormatter": "svelte.svelte-vscode",
-    "editor.formatOnSave": true
+    "editor.formatOnSave": true,
+    "tailwindCSS.lint.suggestCanonicalClasses": "ignore"
+  },
+  "svelte.plugin.svelte.compilerWarnings": {
+    "state_referenced_locally": "ignore"
   },
   "[typescript]": {
-    "editor.codeActionsOnSave": {
-      "source.organizeImports": "explicit",
-      "source.removeUnusedImports": "explicit"
-    },
     "editor.defaultFormatter": "esbenp.prettier-vscode",
     "editor.formatOnSave": true
   },

cli/.nvmrc

@@ -1 +1 @@
-24.14.1
+24.15.0

cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@immich/cli",
-  "version": "2.7.4",
+  "version": "2.7.5",
   "description": "Command Line Interface (CLI) for Immich",
   "type": "module",
   "exports": "./dist/index.js",
@@ -20,7 +20,7 @@
     "@types/lodash-es": "^4.17.12",
     "@types/micromatch": "^4.0.9",
     "@types/mock-fs": "^4.13.1",
-    "@types/node": "^24.12.0",
+    "@types/node": "^24.12.2",
     "@vitest/coverage-v8": "^4.0.0",
     "byte-size": "^9.0.0",
     "cli-progress": "^3.12.0",
@@ -68,6 +68,6 @@
     "micromatch": "^4.0.8"
   },
   "volta": {
-    "node": "24.14.1"
+    "node": "24.15.0"
   }
 }

cli/src/commands/asset.spec.ts

@@ -4,7 +4,7 @@ import path from 'node:path';
 import { setTimeout as sleep } from 'node:timers/promises';
 import { describe, expect, it, MockedFunction, vi } from 'vitest';
 
-import { Action, checkBulkUpload, defaults, getSupportedMediaTypes, Reason } from '@immich/sdk';
+import { AssetRejectReason, AssetUploadAction, checkBulkUpload, defaults, getSupportedMediaTypes } from '@immich/sdk';
 import createFetchMock from 'vitest-fetch-mock';
 
 import {
@@ -120,7 +120,7 @@ describe('checkForDuplicates', () => {
     vi.mocked(checkBulkUpload).mockResolvedValue({
       results: [
         {
-          action: Action.Accept,
+          action: AssetUploadAction.Accept,
           id: testFilePath,
         },
       ],
@@ -144,10 +144,10 @@ describe('checkForDuplicates', () => {
     vi.mocked(checkBulkUpload).mockResolvedValue({
       results: [
         {
-          action: Action.Reject,
+          action: AssetUploadAction.Reject,
           id: testFilePath,
           assetId: 'fc5621b1-86f6-44a1-9905-403e607df9f5',
-          reason: Reason.Duplicate,
+          reason: AssetRejectReason.Duplicate,
         },
       ],
     });
@@ -167,7 +167,7 @@ describe('checkForDuplicates', () => {
     vi.mocked(checkBulkUpload).mockResolvedValue({
       results: [
         {
-          action: Action.Accept,
+          action: AssetUploadAction.Accept,
           id: testFilePath,
         },
       ],
@@ -187,7 +187,7 @@ describe('checkForDuplicates', () => {
     mocked.mockResolvedValue({
       results: [
         {
-          action: Action.Accept,
+          action: AssetUploadAction.Accept,
           id: testFilePath,
         },
       ],

cli/src/commands/asset.ts

@@ -1,9 +1,9 @@
 import {
-  Action,
   AssetBulkUploadCheckItem,
   AssetBulkUploadCheckResult,
   AssetMediaResponseDto,
   AssetMediaStatus,
+  AssetUploadAction,
   Permission,
   addAssetsToAlbum,
   checkBulkUpload,
@@ -234,7 +234,7 @@ export const checkForDuplicates = async (files: string[], { concurrency, skipHas
       const results = response.results as AssetBulkUploadCheckResults;
 
       for (const { id: filepath, assetId, action } of results) {
-        if (action === Action.Accept) {
+        if (action === AssetUploadAction.Accept) {
           newFiles.push(filepath);
         } else {
           // rejects are always duplicates
@@ -404,8 +404,6 @@ const uploadFile = async (input: string, stats: Stats): Promise<AssetMediaRespon
   const { baseUrl, headers } = defaults;
 
   const formData = new FormData();
-  formData.append('deviceAssetId', `${basename(input)}-${stats.size}`.replaceAll(/\s+/g, ''));
-  formData.append('deviceId', 'CLI');
   formData.append('fileCreatedAt', stats.mtime.toISOString());
   formData.append('fileModifiedAt', stats.mtime.toISOString());
   formData.append('fileSize', String(stats.size));

deployment/mise.toml

@@ -1,6 +1,6 @@
 [tools]
-terragrunt = "0.99.5"
-opentofu = "1.11.5"
+terragrunt = "1.0.3"
+opentofu = "1.11.6"
 
 [tasks."tg:fmt"]
 run = "terragrunt hclfmt"

docker/docker-compose.dev.yml

@@ -20,6 +20,7 @@ services:
       - /tmp
     volumes:
       - ..:/usr/src/app
+      # - ../../ui:/usr/src/ui
       - pnpm_cache:/buildcache/pnpm_cache
       - server_node_modules:/usr/src/app/server/node_modules
       - web_node_modules:/usr/src/app/web/node_modules

docker/docker-compose.prod.yml

@@ -85,7 +85,7 @@ services:
     container_name: immich_prometheus
     ports:
       - 9090:9090
-    image: prom/prometheus@sha256:dda13e28bf95a5e5ca5b8ed56852006094c1c8e8871d9c9dbeed30aa6e55271f
+    image: prom/prometheus@sha256:e4254400b85610324913f0dc4acf92603d9984e7519414c5a12811aa6146acc3
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus-data:/prometheus
@@ -97,7 +97,7 @@ services:
     command: ['./run.sh', '-disable-reporting']
     ports:
       - 3000:3000
-    image: grafana/grafana:12.4.2-ubuntu@sha256:78839fe49e1425c02416fa8072591533a72bd9598e563b54a07d78f9e27fb5d3
+    image: grafana/grafana:12.4.3-ubuntu@sha256:ca3f764fdc48cebdf22dd206f33ecb0795a9a7210eacd1b5c02204aebd78b223
     volumes:
       - grafana-data:/var/lib/grafana
 

docs/.nvmrc

@@ -1 +1 @@
-24.14.1
+24.15.0

docs/docs/administration/backup-and-restore.md

@@ -210,7 +210,7 @@ The provided restore process ensures your database is never in a broken state by
 
 ## Filesystem
 
-Immich stores two types of content in the filesystem: (a) original, unmodified assets (photos and videos), and (b) generated content. We recommend backing up the entire contents of `UPLOAD_LOCATION`, but only the original content is critical, which is stored in the following folders:
+Immich does not handle filesystem backups for you. You have to arrange these yourself! Immich stores two types of content in the filesystem: (a) original, unmodified assets (photos and videos), and (b) generated content. We recommend backing up the entire contents of `UPLOAD_LOCATION`, but only the original content is critical, which is stored in the following folders:
 
 1. `UPLOAD_LOCATION/library`
 2. `UPLOAD_LOCATION/upload`

docs/docs/administration/oauth.md

@@ -50,6 +50,10 @@ Before enabling OAuth in Immich, a new client application needs to be configured
    - `https://immich.example.com/auth/login`
    - `https://immich.example.com/user-settings`
 
+3. Configure Backchannel logout URL
+
+   If the authentication server supports it, the **Backchannel logout URL** can be specified, and it is of the form: `http://DOMAIN:PORT/api/oauth/backchannel-logout`.
+
 ## Enable OAuth
 
 Once you have a new OAuth client application configured, Immich can be configured using the Administration Settings page, available on the web (Administration -> Settings).
@@ -63,6 +67,8 @@ Once you have a new OAuth client application configured, Immich can be configure
 | `scope`                                              | string  | openid email profile | Full list of scopes to send with the request (space delimited)                      |
 | `id_token_signed_response_alg`                       | string  | RS256                | The algorithm used to sign the id token (examples: RS256, HS256)                    |
 | `userinfo_signed_response_alg`                       | string  | none                 | The algorithm used to sign the userinfo response (examples: RS256, HS256)           |
+| `prompt`                                             | string  | (empty)              | Prompt parameter for authorization url (examples: select_account, login, consent)   |
+| `end_session_endpoint`                               | URL     | (empty)              | Http(s) alternative end session endpoint (logout URI)                               |
 | Request timeout                                      | string  | 30,000 (30 seconds)  | Number of milliseconds to wait for http requests to complete before giving up       |
 | Storage Label Claim                                  | string  | preferred_username   | Claim mapping for the user's storage label**¹**                                     |
 | Role Claim                                           | string  | immich_role          | Claim mapping for the user's role. (should return "user" or "admin")**¹**           |
@@ -181,6 +187,7 @@ Configuration of OAuth in Immich System Settings
 | Scope                              | openid email profile immich_scope                                   |
 | ID Token Signed Response Algorithm | RS256                                                               |
 | Userinfo Signed Response Algorithm | RS256                                                               |
+| End Session Endpoint               | https://auth.example.com/logout?rd=https://immich.example.com/      |
 | Storage Label Claim                | uid                                                                 |
 | Storage Quota Claim                | immich_quota                                                        |
 | Default Storage Quota (GiB)        | 0 (empty for unlimited quota)                                       |

docs/docs/administration/postgres-standalone.md

@@ -81,7 +81,7 @@ VectorChord is the successor extension to pgvecto.rs, allowing for higher perfor
 
 ### Migrating from pgvecto.rs
 
-Support for pgvecto.rs will be dropped in a later release, hence we recommend all users currently using pgvecto.rs to migrate to VectorChord at their convenience. There are two primary approaches to do so.
+Support for pgvecto.rs has been dropped as of 3.0, hence all users currently using pgvecto.rs should migrate to VectorChord. There are two primary approaches to do so.
 
 The easiest option is to have both extensions installed during the migration:
 

docs/docs/developer/setup.md

@@ -80,9 +80,9 @@ To see local changes to `@immich/ui` in Immich, do the following:
 
 1. Install `@immich/ui` as a sibling to `immich/`, for example `/home/user/immich` and `/home/user/ui`
 2. Build the `@immich/ui` project via `pnpm run build`
-3. Uncomment the corresponding volume in web service of the `docker/docker-compose.dev.yaml` file (`../../ui:/usr/ui`)
-4. Uncomment the corresponding alias in the `web/vite.config.js` file (`'@immich/ui': path.resolve(\_\_dirname, '../../ui')`)
-5. Uncomment the import statement in `web/src/app.css` file `@import '/usr/ui/dist/theme/default.css';` and comment out `@import '@immich/ui/theme/default.css';`
+3. Uncomment the corresponding volume in web service of the `docker/docker-compose.dev.yml` file (`../../ui:/usr/src/ui`)
+4. Uncomment the corresponding alias in the `web/vite.config.ts` file (`'@immich/ui': path.resolve(\_\_dirname, '../../ui/packages/ui')`)
+5. Uncomment the import statement in `web/src/app.css` file `@import '../../../ui/packages/ui/dist/theme/default.css';` and comment out `@import '@immich/ui/theme/default.css';`
 6. Start up the stack via `make dev`
 7. After making changes in `@immich/ui`, rebuild it (`pnpm run build`)
 

docs/docs/features/libraries.md

@@ -50,6 +50,8 @@ Some basic examples:
 - `**/Raw/**` will exclude all files in any directory named `Raw`
 - `**/*.{tif,jpg}` will exclude all files with the extension `.tif` or `.jpg`
 
+Note that `*` is a wildcard matching zero or more characters (i.e., withinin a filename or single directory name). `**` matches zero or more subdirectories, recursively. It also includes any/all files within a subdirectory, i.e., when used at the end of a pattern. For example, `**/exclude_me/**` will exclude all files in any directory named `exclude_me`, as well as all files in any subdirectories of `exclude_me`, recursively.
+
 Special characters such as @ should be escaped, for instance:
 
 - `**/\@eaDir/**` will exclude all files in any directory named `@eaDir`

docs/docs/features/ml-hardware-acceleration.md

@@ -47,6 +47,7 @@ You do not need to redo any machine learning jobs after enabling hardware accele
 
 #### ROCm
 
+- On Linux, The [AMDGPU driver module](https://rocm.docs.amd.com/projects/install-on-linux/en/latest/how-to/docker.html) needs to be installed on the server and, if secure boot is used, the signing key of DKMS [needs to be enrolled in UEFI BIOS](https://wiki.debian.org/SecureBoot)
 - The GPU must be supported by ROCm. If it isn't officially supported, you can attempt to use the `HSA_OVERRIDE_GFX_VERSION` environmental variable: `HSA_OVERRIDE_GFX_VERSION=<a supported version, e.g. 10.3.0>`. If this doesn't work, you might need to also set `HSA_USE_SVM=0`.
 - The ROCm image is quite large and requires at least 35GiB of free disk space. However, pulling later updates to the service through Docker will generally only amount to a few hundred megabytes as the rest will be cached.
 - This backend is new and may experience some issues. For example, GPU power consumption can be higher than usual after running inference, even if the machine learning service is idle. In this case, it will only go back to normal after being idle for 5 minutes (configurable with the [MACHINE_LEARNING_MODEL_TTL](/install/environment-variables) setting).

docs/docs/features/searching.md

@@ -18,6 +18,7 @@ You can search the following types of content:
 | People                              | Faces that are recognized in your photos/videos.      |
 | Contextual                          | Content of the photos and videos.                     |
 | File name or extension              | Full or partial file's name, or file's extension      |
+| Full path or folder                 | Full or partial folder names from the original path.  |
 | Description                         | Description added to assets.                          |
 | Optical Character Recognition (OCR) | Text in images                                        |
 | Locations                           | Cities, states, and countries from reverse geocoding. |
@@ -30,6 +31,12 @@ You can search the following types of content:
 
 <img src={require('./img/advanced-search-filters.webp').default} width="70%" title='Advanced search filters' />
 
+### Full path or folder
+
+Use this mode when you know a folder name or part of the original asset path.
+
+Example: for /John/Projects/3D_Printing/2026-07-01/IMG_0001.jpg, searches like Projects, 3D, Printing, or 2026 match the asset.
+
 ## Configuration
 
 Navigating to `Administration > Settings > Machine Learning Settings > Smart Search` will show the options available.

docs/docs/features/supported-formats.md

@@ -18,6 +18,7 @@ For the full list, refer to the [Immich source code](https://github.com/immich-a
 | `JPEG 2000` | `.jp2`                        | :white_check_mark: |                 |
 | `JPEG`      | `.jpeg` `.jpg` `.jpe` `.insp` | :white_check_mark: |                 |
 | `JPEG XL`   | `.jxl`                        | :white_check_mark: |                 |
+| `MPO`       | `.mpo`                        | :white_check_mark: | Multi-Picture   |
 | `PNG`       | `.png`                        | :white_check_mark: |                 |
 | `PSD`       | `.psd`                        | :white_check_mark: | Adobe Photoshop |
 | `RAW`       | `.raw`                        | :white_check_mark: |                 |

docs/docs/guides/python-file-upload.md

@@ -20,8 +20,6 @@ def upload(file):
     }
 
     data = {
-        'deviceAssetId': f'{file}-{stats.st_mtime}',
-        'deviceId': 'python',
         'fileCreatedAt': datetime.fromtimestamp(stats.st_mtime),
         'fileModifiedAt': datetime.fromtimestamp(stats.st_mtime),
         'isFavorite': 'false',

docs/docs/guides/remote-access.md

@@ -39,7 +39,7 @@ You can learn how to set up Tailscale together with Immich with the [tutorial vi
 ### Cons
 
 - The Tailscale client usually needs to run as root on your devices and it increases the attack surface slightly compared to a minimal Wireguard server. e.g., an [RCE vulnerability](https://github.com/tailscale/tailscale/security/advisories/GHSA-vqp6-rc3h-83cp) was discovered in the Windows Tailscale client in November 2022.
-- Tailscale is a paid service. However, there is a generous [free tier](https://tailscale.com/pricing/) that permits up to 3 users and up to 100 devices.
+- Tailscale is a paid service. However, there is a generous [free tier](https://tailscale.com/pricing/) suitable for personal use.
 - Tailscale needs to be installed and running on both server-side and client-side.
 
 ## Option 3: Reverse Proxy

docs/docs/install/config-file.md

@@ -193,6 +193,7 @@ The default configuration looks like this:
     "defaultStorageQuota": null,
     "enabled": false,
     "issuerUrl": "",
+    "endSessionEndpoint": "",
     "mobileOverrideEnabled": false,
     "mobileRedirectUri": "",
     "profileSigningAlgorithm": "none",

docs/docs/install/environment-variables.md

@@ -29,29 +29,31 @@ These environment variables are used by the `docker-compose.yml` file and do **N
 
 ## General
 
-| Variable                            | Description                                                                                                                                            |           Default            | Containers               | Workers            |
-| :---------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
-| `TZ`                                | Timezone                                                                                                                                               |        <sup>\*1</sup>        | server                   | microservices      |
-| `IMMICH_ENV`                        | Environment (production, development)                                                                                                                  |         `production`         | server, machine learning | api, microservices |
-| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                                                                                           |            `log`             | server, machine learning | api, microservices |
-| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                                                                                  |          `console`           | server                   | api, microservices |
-| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️                                                              |           `/data`            | server                   | api, microservices |
-| `IMMICH_CONFIG_FILE`                | Path to config file                                                                                                                                    |                              | server                   | api, microservices |
-| `IMMICH_HELMET_FILE`                | Path to a json file with [helmet](https://www.npmjs.com/package/helmet) options. Set to `false` to disable. Set to `true` to use `server/helmet.json`. |           `false`            | server                   | api, microservices |
-| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                                                                                        |           `false`            | server, machine learning |                    |
-| `CPU_CORES`                         | Number of cores available to the Immich server                                                                                                         | auto-detected CPU core count | server                   |                    |
-| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                                                                              |            `8081`            | server                   | api                |
-| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                                                                              |            `8082`            | server                   | microservices      |
-| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                                                                                    |                              | server                   | microservices      |
-| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                                                                                     |                              | server                   | api                |
-| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                                                                               |                              | server                   | api, microservices |
-| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                                                                               |            `true`            | server                   | api                |
+| Variable                            | Description                                                                                                                                                          |           Default            | Containers               | Workers            |
+| :---------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :----------------------- | :----------------- |
+| `TZ`                                | Timezone                                                                                                                                                             |        <sup>\*1</sup>        | server                   | microservices      |
+| `IMMICH_ENV`                        | Environment (production, development)                                                                                                                                |         `production`         | server, machine learning | api, microservices |
+| `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                                                                                                         |            `log`             | server, machine learning | api, microservices |
+| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                                                                                                |          `console`           | server                   | api, microservices |
+| `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️                                                                            |           `/data`            | server                   | api, microservices |
+| `IMMICH_CONFIG_FILE`                | Path to config file                                                                                                                                                  |                              | server                   | api, microservices |
+| `IMMICH_HELMET_FILE`                | Path to a json file with [helmet](https://www.npmjs.com/package/helmet) options. Set to `false` to disable. Set to `true` to use `server/helmet.json`<sup>\*3</sup>. |           `false`            | server                   | api                |
+| `NO_COLOR`                          | Set to `true` to disable color-coded log output                                                                                                                      |           `false`            | server, machine learning |                    |
+| `CPU_CORES`                         | Number of cores available to the Immich server                                                                                                                       | auto-detected CPU core count | server                   |                    |
+| `IMMICH_API_METRICS_PORT`           | Port for the OTEL metrics                                                                                                                                            |            `8081`            | server                   | api                |
+| `IMMICH_MICROSERVICES_METRICS_PORT` | Port for the OTEL metrics                                                                                                                                            |            `8082`            | server                   | microservices      |
+| `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                                                                                                  |                              | server                   | microservices      |
+| `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                                                                                                   |                              | server                   | api                |
+| `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                                                                                             |                              | server                   | api, microservices |
+| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                                                                                             |            `true`            | server                   | api                |
 
 \*1: `TZ` should be set to a `TZ identifier` from [this list][tz-list]. For example, `TZ="Etc/UTC"`.
 `TZ` is used by `exiftool` as a fallback in case the timezone cannot be determined from the image metadata. It is also used for logfile timestamps and cron job execution.
 
 \*2: This path is where the Immich code looks for the files, which is internal to the docker container. Setting it to a path on your host will certainly break things, you should use the `UPLOAD_LOCATION` variable instead.
 
+\*3: The [default configuration](https://helmetjs.github.io/#content-security-policy) sets `upgrade-insecure-requests`, which tells the browser to upgrade all requests to HTTPS. This breaks on HTTP-only deployments. If you cannot use HTTPS, you should use a custom helmet config file with `"upgrade-insecure-requests": null`.
+
 ## Workers
 
 | Variable                 | Description                                                                                          | Default | Containers |
@@ -81,7 +83,7 @@ Information on the current workers can be found [here](/administration/jobs-work
 | `DB_PASSWORD`                       | Database password                                                                      | `postgres` | server, database<sup>\*1</sup> |
 | `DB_DATABASE_NAME`                  | Database name                                                                          |  `immich`  | server, database<sup>\*1</sup> |
 | `DB_SSL_MODE`                       | Database SSL mode                                                                      |            | server                         |
-| `DB_VECTOR_EXTENSION`<sup>\*2</sup> | Database vector extension (one of [`vectorchord`, `pgvector`, `pgvecto.rs`])           |            | server                         |
+| `DB_VECTOR_EXTENSION`<sup>\*2</sup> | Database vector extension (one of [`vectorchord`, `pgvector`])                         |            | server                         |
 | `DB_SKIP_MIGRATIONS`                | Whether to skip running migrations on startup (one of [`true`, `false`])               |  `false`   | server                         |
 | `DB_STORAGE_TYPE`                   | Optimize concurrent IO on SSDs or sequential IO on HDDs ([`SSD`, `HDD`])<sup>\*3</sup> |   `SSD`    | database                       |
 

docs/docs/install/upgrading.md

@@ -130,7 +130,3 @@ These storage mediums have different performance characteristics. As a result, t
 #### Can I use the new database image as a general PostgreSQL image outside of Immich?
 
 It’s a standard PostgreSQL container image that additionally contains the VectorChord, pgvector, and (optionally) pgvecto.rs extensions. If you were using the previous pgvecto.rs image for other purposes, you can similarly do so with this image.
-
-#### If pgvecto.rs and pgvector still work, why should I switch to VectorChord?
-
-VectorChord is faster, more stable, uses less RAM, and (with the settings Immich uses) offers higher-quality results than pgvector and pgvecto.rs. This translates to better search and facial recognition experiences. In addition, pgvecto.rs support will be dropped in the future, so changing it sooner will avoid disruption.

docs/docs/partials/_storage-template.md

@@ -6,6 +6,8 @@ You can read more about the differences between storage template engine on and o
 
 The admin user can set the template by using the template builder in the `Administration -> Settings -> Storage Template`. Immich provides a set of variables that you can use in constructing the template, along with additional custom text. If the template produces [multiple files with the same filename, they won't be overwritten](https://github.com/immich-app/immich/discussions/3324) as a sequence number is appended to the filename.
 
+Date and time variables in storage templates are rendered in the server's local timezone.
+
 ```bash title="Default template"
 Year/Year-Month-Day/Filename.Extension
 ```

docs/package.json

@@ -17,10 +17,10 @@
     "write-heading-ids": "docusaurus write-heading-ids"
   },
   "dependencies": {
-    "@docusaurus/core": "~3.9.0",
-    "@docusaurus/preset-classic": "~3.9.0",
-    "@docusaurus/theme-common": "~3.9.0",
-    "@docusaurus/theme-mermaid": "~3.9.0",
+    "@docusaurus/core": "~3.10.0",
+    "@docusaurus/preset-classic": "~3.10.0",
+    "@docusaurus/theme-common": "~3.10.0",
+    "@docusaurus/theme-mermaid": "~3.10.0",
     "@mdi/js": "^7.3.67",
     "@mdi/react": "^1.6.1",
     "@mdx-js/react": "^3.0.0",
@@ -36,9 +36,9 @@
     "url": "^0.11.0"
   },
   "devDependencies": {
-    "@docusaurus/module-type-aliases": "~3.9.0",
+    "@docusaurus/module-type-aliases": "~3.10.0",
     "@docusaurus/tsconfig": "^3.10.0",
-    "@docusaurus/types": "^3.7.0",
+    "@docusaurus/types": "^3.10.0",
     "prettier": "^3.7.4",
     "typescript": "^6.0.0"
   },
@@ -58,6 +58,6 @@
     "node": ">=20"
   },
   "volta": {
-    "node": "24.14.1"
+    "node": "24.15.0"
   }
 }

docs/static/archived-versions.json

@@ -1,7 +1,7 @@
 [
   {
-    "label": "v2.7.4",
-    "url": "https://docs.v2.7.4.archive.immich.app"
+    "label": "v2.7.5",
+    "url": "https://docs.v2.7.5.archive.immich.app"
   },
   {
     "label": "v2.6.3",

e2e-auth-server/auth-server.ts

@@ -1,5 +1,12 @@
-import { exportJWK, generateKeyPair } from 'jose';
+import {
+  calculateJwkThumbprint,
+  exportJWK,
+  importPKCS8,
+  importSPKI,
+  SignJWT,
+} from 'jose';
 import Provider from 'oidc-provider';
+import { PRIVATE_KEY_PEM, PUBLIC_KEY_PEM } from './test-keys';
 
 export enum OAuthClient {
   DEFAULT = 'client-default',
@@ -44,6 +51,29 @@ const claims = [
   },
 ];
 
+const privateKey = await importPKCS8(PRIVATE_KEY_PEM, 'RS256', {
+  extractable: true,
+});
+const publicKey = await importSPKI(PUBLIC_KEY_PEM, 'RS256', {
+  extractable: true,
+});
+const kid = await calculateJwkThumbprint(await exportJWK(publicKey));
+
+export async function generateLogoutToken(iss: string, sub: string) {
+  return await new SignJWT({
+    iss: iss,
+    aud: OAuthClient.DEFAULT,
+    iat: Math.floor(Date.now() / 1000),
+    jti: crypto.randomUUID(),
+    sub: sub,
+    events: {
+      'http://schemas.openid.net/event/backchannel-logout': {},
+    },
+  })
+    .setProtectedHeader({ alg: 'RS256', typ: 'logout+jwt', kid: kid })
+    .sign(privateKey);
+}
+
 const withDefaultClaims = (sub: string) => ({
   sub,
   email: `${sub}@immich.app`,
@@ -66,8 +96,6 @@ const getClaims = (sub: string, use?: string) => {
 };
 
 const setup = async () => {
-  const { privateKey, publicKey } = await generateKeyPair('RS256');
-
   const redirectUris = [
     'http://127.0.0.1:2285/auth/login',
     'https://photos.immich.app/oauth/mobile-redirect',

e2e-auth-server/package.json

@@ -7,9 +7,10 @@
     "start": "tsx startup.ts"
   },
   "devDependencies": {
-    "jose": "^5.6.3",
+    "jose": "^6.0.0",
     "@types/oidc-provider": "^9.0.0",
     "oidc-provider": "^9.0.0",
     "tsx": "^4.20.6"
-  }
+  },
+  "packageManager": "pnpm@10.33.1"
 }

e2e-auth-server/test-keys.ts

@@ -0,0 +1,38 @@
+export const PRIVATE_KEY_PEM = `-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCVj5C7hzN3E2HO
+TcJ+DN/e2NSTQFj4rPylz4J8xjm8Es7l0k2kK5EEGvUNVGZbw7s055c+6kwP9eqg
+B5XFE7+26Fcq1sou6Tbm310kU4dnMW5l2CgwrhaGyb1pNysao0AMLT60dFYqtUwn
+ha9ceCsa+ZU1JrknVf3rONtppBvhWoI7CO9XX1keVQ0unHPzCWUjpXTzC8OGEbmB
+2w7ZIUf8OfJkd5RZ4OtIpML71W9n13aDxT50x2/EW/pFLFtQ/oaleOKHpvlRXDRX
+W86G4moUJym3gHMXMUj2aOcFG2UJnpLruKz3i5qZwYiTRlBP6O9EIQNCVtYxchuN
+V1CCcBU1AgMBAAECggEAJLfXMu8Nx89ynPVyyUMMaFfoEpHC9iR0L5obQVpiPMYK
+VRqVVLecdftPS9s7eQ58BNBRzdC0ZVu841aRYs3HLNbsZZhPkYZQpAxU//Dg5okY
+fzj7Hv5yidt4HN9+Pd8z/3lRMnj4WapifLaBt8xJ2ujJBMBRxzJBsXDnT0+Kx7+y
+bYDeuVfyUTEikaK3QZTbuRF3D3eiuN16GG+hv8UqTF2eYbPxdiLjYpTSHa4mH88C
+qfJz2Xt4SEzmyeo3G+MO17wDFOwtEe8ojlJfULHnHJSFdUwTfYIFM1bg5/fJ9MOS
+/fO3TSG+wkQqjQa6eoGssAzP87fL2XNLzlDtGY/7uQKBgQDHuJHOtf1EjOvNYiP7
+EN+8QGs41ghzt9CQRQxWbHpusR3IW3P83KMXwYmrlG70oOUXBRGSB/ESXUofXc5W
+pu5+Y55S44aUnu/a9yOBttYW0dtHZSL0zFT+PlVASwUzFZ2zcH1KXlUkSpfL5OAD
+PyDDTnBZ2AWh45fRO9wLo6PPuQKBgQC/tI03RqU3mOjqukKbquYeIpXHfRU5Z0DM
+u9ru1THYEl6fmkMXycxo/mvW3awyFuyKy/VodqIgKnFgumEqCHZh6OAMm/LC7TfA
+l9tjFSs/MyOqQVD4kbX+z6Oq4c4GccDoXfsQ3gzECoBapegi/F+6/25y+/C8ghXb
+J/Jg1GQXXQKBgQDFgWbfzuVZZyrBfu4qGLPJDMN7/114YizknwPma3xf/tN/EcGQ
+K/k1QvWMMkvPq1UiAKcxjJ0AFjV482FcG9T6NDWbrtmmG88C8Sex3Ue2ZW2+GuwI
+vhDHJIlV/Vp0/Elp7DJa2xLDwuh+gCZvz3vs6KL+ljxrrhCyn8mp0PfsMQKBgFFZ
+KnuETOO0zVGdzFoGQTQUdP58A5+iQwsdxB+I9Ge+E80iRso3ZbhADj7VPhbbR3D2
+b6LuhImluQrUzBpsEOAnU7vGCVPSGdBuIDiBaSKebsn2gYeZPWNtdQQ0YZq2dqek
+Cb/0mfIuipzsvf7qnSza62F7q4IyqVegMegI+Jg5AoGATM3NMy7JZeKzSkm+3ohU
+3xZOwgqKV9SH+0OeYWpuBxT7D7FlrKKI4NJ3XN3hg2f/DJAF6dH11CPe7pk94yol
+HMbh+PQUQ6GYvAzxIOvagWboQ3lzeyubNMpyFjfOrIE/WOQCUBZ9tIwCHIarIuyi
+QRuNOj3+U8T/n1Ww352HBdw=
+-----END PRIVATE KEY-----`;
+
+export const PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY+Qu4czdxNhzk3Cfgzf
+3tjUk0BY+Kz8pc+CfMY5vBLO5dJNpCuRBBr1DVRmW8O7NOeXPupMD/XqoAeVxRO/
+tuhXKtbKLuk25t9dJFOHZzFuZdgoMK4Whsm9aTcrGqNADC0+tHRWKrVMJ4WvXHgr
+GvmVNSa5J1X96zjbaaQb4VqCOwjvV19ZHlUNLpxz8wllI6V08wvDhhG5gdsO2SFH
+/DnyZHeUWeDrSKTC+9VvZ9d2g8U+dMdvxFv6RSxbUP6GpXjih6b5UVw0V1vOhuJq
+FCcpt4BzFzFI9mjnBRtlCZ6S67is94uamcGIk0ZQT+jvRCEDQlbWMXIbjVdQgnAV
+NQIDAQAB
+-----END PUBLIC KEY-----`;

e2e/.nvmrc

@@ -1 +1 @@
-24.14.1
+24.15.0

e2e/package.json

@@ -1,6 +1,6 @@
 {
   "name": "immich-e2e",
-  "version": "2.7.4",
+  "version": "2.7.5",
   "description": "",
   "main": "index.js",
   "type": "module",
@@ -32,7 +32,7 @@
     "@playwright/test": "^1.44.1",
     "@socket.io/component-emitter": "^3.1.2",
     "@types/luxon": "^3.4.2",
-    "@types/node": "^24.12.0",
+    "@types/node": "^24.12.2",
     "@types/pg": "^8.15.1",
     "@types/pngjs": "^6.0.4",
     "@types/supertest": "^7.0.0",
@@ -44,6 +44,7 @@
     "exiftool-vendored": "^35.0.0",
     "globals": "^17.0.0",
     "luxon": "^3.4.4",
+    "orchestration-ui": "0.1.69",
     "pg": "^8.11.3",
     "pngjs": "^7.0.0",
     "prettier": "^3.7.4",
@@ -58,6 +59,6 @@
     "vitest": "^4.0.0"
   },
   "volta": {
-    "node": "24.14.1"
+    "node": "24.15.0"
   }
 }

e2e/src/responses.ts

@@ -2,82 +2,44 @@ import { expect } from 'vitest';
 
 export const errorDto = {
   unauthorized: {
-    error: 'Unauthorized',
-    statusCode: 401,
     message: 'Authentication required',
-    correlationId: expect.any(String),
   },
   unauthorizedWithMessage: (message: string) => ({
-    error: 'Unauthorized',
-    statusCode: 401,
     message,
-    correlationId: expect.any(String),
   }),
   forbidden: {
-    error: 'Forbidden',
-    statusCode: 403,
     message: expect.any(String),
-    correlationId: expect.any(String),
   },
   missingPermission: (permission: string) => ({
-    error: 'Forbidden',
-    statusCode: 403,
     message: `Missing required permission: ${permission}`,
-    correlationId: expect.any(String),
   }),
   wrongPassword: {
-    error: 'Bad Request',
-    statusCode: 400,
     message: 'Wrong password',
-    correlationId: expect.any(String),
   },
   invalidToken: {
-    error: 'Unauthorized',
-    statusCode: 401,
     message: 'Invalid user token',
-    correlationId: expect.any(String),
   },
   invalidShareKey: {
-    error: 'Unauthorized',
-    statusCode: 401,
     message: 'Invalid share key',
-    correlationId: expect.any(String),
   },
   passwordRequired: {
-    error: 'Unauthorized',
-    statusCode: 401,
     message: 'Password required',
-    correlationId: expect.any(String),
   },
   badRequest: (message: any = null) => ({
-    error: 'Bad Request',
-    statusCode: 400,
     message: message ?? expect.anything(),
-    correlationId: expect.any(String),
+  }),
+  validationError: (errors?: ReadonlyArray<{ path: ReadonlyArray<string | number>; message: string }>) => ({
+    message: 'Validation failed',
+    errors: errors ? expect.arrayContaining(errors.map((e) => expect.objectContaining(e))) : expect.any(Array),
   }),
   noPermission: {
-    error: 'Bad Request',
-    statusCode: 400,
     message: expect.stringContaining('Not found or no'),
-    correlationId: expect.any(String),
   },
   incorrectLogin: {
-    error: 'Unauthorized',
-    statusCode: 401,
     message: 'Incorrect email or password',
-    correlationId: expect.any(String),
   },
   alreadyHasAdmin: {
-    error: 'Bad Request',
-    statusCode: 400,
     message: 'The server already has an admin',
-    correlationId: expect.any(String),
-  },
-  invalidEmail: {
-    error: 'Bad Request',
-    statusCode: 400,
-    message: ['email must be an email'],
-    correlationId: expect.any(String),
   },
 };
 

e2e/src/specs/maintenance/server/yucca-backups.e2e-spec.ts

@@ -0,0 +1,385 @@
+import { LoginResponseDto, StorageFolder } from '@immich/sdk';
+import * as sdk from 'orchestration-ui/sdk';
+import { io, Socket } from 'socket.io-client';
+import { createUserDto } from 'src/fixtures';
+import { errorDto } from 'src/responses';
+import { app, asBearerAuth, baseUrl, utils } from 'src/utils';
+import request from 'supertest';
+import { afterAll, beforeAll, describe, expect, it } from 'vitest';
+
+describe('/yucca', () => {
+  let admin: LoginResponseDto;
+  let nonAdmin: LoginResponseDto;
+  let requestOpts: any;
+  let filename: string;
+
+  let socket: Socket;
+  let libraryId: string;
+
+  beforeAll(async () => {
+    sdk.defaults.baseUrl = baseUrl;
+
+    await utils.resetDatabase();
+    admin = await utils.adminSetup();
+    nonAdmin = await utils.userSetup(admin.accessToken, createUserDto.user1);
+
+    requestOpts = { headers: asBearerAuth(admin.accessToken) };
+
+    await utils.resetBackups(admin.accessToken);
+    await sdk.resetOrchestrator(requestOpts);
+
+    socket = io(baseUrl, {
+      path: '/api/yucca/socket.io',
+      transports: ['websocket'],
+      extraHeaders: asBearerAuth(admin.accessToken),
+    });
+
+    socket.onAny(console.info);
+  });
+
+  afterAll(async () => {
+    socket.close();
+
+    // "resetDatabase" does not reinit the module config, trigger an update / clean up
+    if (libraryId) {
+      await utils.deleteLibrary(admin.accessToken, libraryId);
+    }
+  });
+
+  const waitForMessage = (type: string) => {
+    return new Promise((resolve) => {
+      const listener = (msg: string) => {
+        const payload = JSON.parse(msg);
+        if (payload.type !== type) {
+          return;
+        }
+
+        resolve(payload);
+        socket.offAny(listener);
+      };
+
+      socket.onAny(listener);
+    });
+  };
+
+  describe('Orchestration Module', async () => {
+    it('works', async () => {
+      await expect(sdk.onboardingStatus(requestOpts)).resolves.toEqual(
+        expect.objectContaining({
+          hasOnboardedKey: false,
+          hasBackend: false,
+          hasBackup: false,
+          hasSchedule: false,
+          hasSkippedExtraConfig: false,
+        }),
+      );
+    });
+
+    it('is inaccessible without admin', async () => {
+      await expect(sdk.onboardingStatus({ headers: asBearerAuth(nonAdmin.accessToken) })).rejects.toEqual(
+        expect.objectContaining({ data: errorDto.forbidden }),
+      );
+    });
+
+    it('is inaccessible without logging in', async () => {
+      await expect(sdk.onboardingStatus()).rejects.toEqual(expect.objectContaining({ data: errorDto.unauthorized }));
+    });
+  });
+
+  describe.sequential('Local Backup', async () => {
+    beforeAll(async () => {
+      await sdk.importRecoveryKey(
+        {
+          recoveryKey: '0'.repeat(64),
+        },
+        requestOpts,
+      );
+    });
+
+    it.sequential('configures a local backend', async () => {
+      await utils.mkdir('/local-backend');
+
+      await sdk.createLocalBackend(
+        {
+          path: '/local-backend',
+        },
+        requestOpts,
+      );
+    });
+
+    it.sequential('configures Immich backup', async () => {
+      const event = waitForMessage('IntegrationUpdate');
+
+      await sdk.configureImmichIntegration(
+        {
+          name: 'Immich',
+          worm: false,
+          cron: '0 3 * * *',
+          backupConfiguration: true,
+          dataFolders: [StorageFolder.Backups, StorageFolder.Upload],
+          libraries: 'all',
+        },
+        requestOpts,
+      );
+
+      await event;
+
+      await expect(sdk.getIntegrations(requestOpts)).resolves.toEqual(
+        expect.objectContaining({
+          immichIntegration: expect.objectContaining({
+            configuration: {
+              backupConfiguration: true,
+              dataFolders: ['backups', 'upload'],
+              libraries: 'all',
+            },
+          }),
+          immichState: {
+            dataFolders: expect.arrayContaining(Object.values(StorageFolder)),
+            dataPath: '/data',
+            libraries: [],
+          },
+        }),
+      );
+    });
+
+    it.sequential('updates configuration', async () => {
+      await utils.mkdir('/test');
+
+      ({ id: libraryId } = await utils.createLibrary(admin.accessToken, {
+        ownerId: admin.userId,
+        name: 'My Library',
+        importPaths: ['/test'],
+      }));
+
+      await expect(sdk.getIntegrations(requestOpts)).resolves.toEqual(
+        expect.objectContaining({
+          immichIntegration: expect.any(Object),
+          immichState: expect.objectContaining({
+            libraries: expect.arrayContaining([
+              expect.objectContaining({
+                name: 'My Library',
+                importPaths: ['/test'],
+              }),
+            ]),
+          }),
+        }),
+      );
+    });
+
+    it.sequential('creates a snapshot', async () => {
+      const event = waitForMessage('TaskEnd');
+
+      const {
+        repositories: [{ id }],
+      } = await sdk.getRepositories(requestOpts);
+
+      filename = await utils.createBackup(admin.accessToken);
+
+      await sdk.createBackup(id, requestOpts);
+      await event;
+
+      const {
+        snapshots: [{ id: snapshotId }],
+      } = await sdk.getSnapshots(id, requestOpts);
+
+      await expect(sdk.getSnapshotListing(id, snapshotId, {}, requestOpts)).resolves.toMatchInlineSnapshot(`
+        {
+          "items": [
+            {
+              "isDirectory": true,
+              "path": "/data",
+            },
+            {
+              "isDirectory": true,
+              "path": "/test",
+            },
+            {
+              "isDirectory": true,
+              "path": "/yucca",
+            },
+          ],
+          "parent": "/",
+          "path": "/",
+        }
+      `);
+
+      await expect(sdk.getSnapshotListing(id, snapshotId, { path: '/data' }, requestOpts)).resolves
+        .toMatchInlineSnapshot(`
+        {
+          "items": [
+            {
+              "isDirectory": true,
+              "path": "/data/backups",
+            },
+            {
+              "isDirectory": true,
+              "path": "/data/upload",
+            },
+          ],
+          "parent": "/",
+          "path": "/data",
+        }
+      `);
+
+      await expect(sdk.getSnapshotListing(id, snapshotId, { path: '/data/backups' }, requestOpts)).resolves.toEqual(
+        expect.objectContaining({
+          items: [
+            {
+              isDirectory: false,
+              path: '/data/backups/.immich',
+            },
+            {
+              isDirectory: false,
+              path: expect.stringContaining('/data/backups/immich-db-backup-'),
+            },
+          ],
+          parent: '/data',
+          path: '/data/backups',
+        }),
+      );
+    });
+  });
+
+  describe.sequential('Restore Local Backup', async () => {
+    let cookie: string;
+
+    beforeAll(async () => {
+      await sdk.resetOrchestrator(requestOpts);
+      await utils.resetDatabase();
+      socket.disconnect();
+      await utils.disconnectDatabase();
+    });
+
+    afterAll(async () => {
+      await utils.connectDatabase();
+    });
+
+    it.sequential(
+      'restores backup',
+      async () => {
+        const { status, headers } = await request(app).post('/admin/database-backups/start-restore').send();
+        expect(status).toBe(201);
+        cookie = headers['set-cookie'][0].split(';')[0];
+
+        await expect
+          .poll(
+            async () => {
+              const { status, body } = await request(app).get('/server/config');
+              expect(status).toBe(200);
+              return body.maintenanceMode;
+            },
+            {
+              interval: 500,
+              timeout: 10_000,
+            },
+          )
+          .toBeTruthy();
+
+        const maintenanceRequestOpts = {
+          headers: {
+            cookie,
+          },
+        };
+
+        await expect(sdk.getSchedules(maintenanceRequestOpts)).resolves.toEqual({ schedules: [] });
+
+        await sdk.importRecoveryKey(
+          {
+            recoveryKey: '0'.repeat(64),
+          },
+          maintenanceRequestOpts,
+        );
+
+        const {
+          backend: { id: backendId },
+        } = await sdk.createLocalBackend(
+          {
+            path: '/local-backend',
+          },
+          maintenanceRequestOpts,
+        );
+
+        const {
+          repositories: [
+            {
+              id: repositoryId,
+              snapshots: [{ id: snapshotId }],
+            },
+          ],
+        } = await sdk.inspectRepositories(maintenanceRequestOpts);
+
+        socket = io(baseUrl, {
+          path: '/api/yucca/socket.io',
+          transports: ['websocket'],
+          extraHeaders: {
+            cookie,
+          },
+        });
+
+        const event = waitForMessage('TaskEnd');
+        await sdk.restoreFromPoint(
+          repositoryId,
+          snapshotId,
+          backendId,
+          {
+            yuccaConfig: '/yucca',
+            include: ['/data'],
+          },
+          maintenanceRequestOpts,
+        );
+
+        await event;
+        socket.disconnect();
+
+        const { status: restoreStatus } = await request(app).post('/admin/maintenance').set('Cookie', cookie).send({
+          action: 'restore_database',
+          restoreBackupFilename: filename,
+        });
+
+        expect(restoreStatus).toBe(201);
+
+        await expect
+          .poll(
+            async () => {
+              const { status, body } = await request(app).get('/server/config');
+              expect(status).toBe(200);
+              return body.maintenanceMode;
+            },
+            {
+              interval: 500,
+              timeout: 10_000,
+            },
+          )
+          .toBeTruthy();
+
+        const { status: status2, body } = await request(app).get('/admin/maintenance/status');
+        expect(status2).toBe(200);
+        expect(body).toEqual(
+          expect.objectContaining({
+            active: true,
+            action: 'restore_database',
+          }),
+        );
+
+        await expect
+          .poll(
+            async () => {
+              const { status, body } = await request(app).get('/server/config');
+              expect(status).toBe(200);
+              return body.maintenanceMode;
+            },
+            {
+              interval: 500,
+              timeout: 60_000,
+            },
+          )
+          .toBeFalsy();
+
+        await expect(sdk.getSchedules(requestOpts)).resolves.toEqual({
+          schedules: expect.arrayContaining([expect.objectContaining({ id: expect.any(String) })]),
+        });
+      },
+      60_000,
+    );
+  });
+});

e2e/src/specs/maintenance/web/database-backups.e2e-spec.ts

@@ -95,6 +95,7 @@ test.describe('Database Backups', () => {
       await page.waitForURL('/maintenance**');
     }
 
+    await page.getByRole('button', { name: 'Database Backup' }).click();
     await page.getByRole('button', { name: 'Next' }).click();
     await page.getByRole('button', { name: 'Restore', exact: true }).click();
     await page.getByRole('dialog').getByRole('button', { name: 'Restore' }).click();

e2e/src/specs/maintenance/web/yucca-backups.e2e-spec.ts

@@ -0,0 +1,141 @@
+import { LoginResponseDto, confirmRecoveryKey, importRecoveryKey, resetOrchestrator } from '@immich/sdk';
+import { expect, test } from '@playwright/test';
+import { io, type Socket } from 'socket.io-client';
+import { asBearerAuth, baseUrl, utils } from 'src/utils';
+
+test.describe.configure({ mode: 'serial' });
+
+test.describe('Yucca Backups', () => {
+  let admin: LoginResponseDto;
+  let socket: Socket;
+
+  const waitForTaskEnd = () =>
+    new Promise<void>((resolve) => {
+      const listener = (msg: string) => {
+        try {
+          const payload = JSON.parse(msg);
+          if (payload.type === 'TaskEnd') {
+            socket.offAny(listener);
+            resolve();
+          }
+        } catch {
+          // no-op
+        }
+      };
+      socket.onAny(listener);
+    });
+
+  test.beforeAll(async () => {
+    utils.initSdk();
+    await utils.resetDatabase();
+    admin = await utils.adminSetup();
+
+    const headers = asBearerAuth(admin.accessToken);
+    await resetOrchestrator({ headers });
+    await importRecoveryKey({ importRecoveryKeyRequest: { recoveryKey: '0'.repeat(64) } }, { headers });
+    await confirmRecoveryKey({ headers });
+    await utils.mkdir('/local-backend');
+
+    socket = io(baseUrl, {
+      path: '/api/yucca/socket.io',
+      transports: ['websocket'],
+      extraHeaders: headers,
+      forceNew: true,
+    });
+    await new Promise<void>((resolve) => socket.on('connect', () => resolve()));
+  });
+
+  test.afterAll(async () => {
+    socket?.close();
+  });
+
+  test('onboarding configures a local backend', async ({ context, page }) => {
+    test.setTimeout(30_000);
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    await page.goto('/backups');
+
+    const dialog = page.getByRole('dialog');
+    await expect(dialog.filter({ hasText: 'Backup options' })).toBeVisible();
+    await dialog.getByText('Local Folder').click();
+
+    await expect(dialog.filter({ hasText: 'Create local backend' })).toBeVisible();
+    await dialog.getByLabel('Path').fill('/local-backend');
+    await dialog.getByRole('button', { name: 'Save' }).click();
+
+    await expect(dialog.filter({ hasText: 'Configure Your Immich Backup' })).toBeVisible();
+    await dialog.getByRole('button', { name: 'Save' }).click();
+    await expect(dialog).toHaveCount(0);
+
+    await expect(page.getByRole('link', { name: 'Repositories' })).toBeVisible();
+  });
+
+  test('manually triggers a backup and waits for completion', async ({ context, page }) => {
+    test.setTimeout(60_000);
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    await page.goto('/backups/repositories');
+    const backupNow = page.getByRole('button', { name: 'Backup Now' });
+    await expect(backupNow).toBeVisible();
+
+    const taskEnd = waitForTaskEnd();
+    await backupNow.click();
+    await expect(page.getByRole('dialog').filter({ hasText: 'Log Output' })).toBeVisible();
+
+    await taskEnd;
+  });
+
+  test('resets immich and restores from the local yucca backup', async ({ context, page }) => {
+    test.setTimeout(120_000);
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    await utils.resetBackups(admin.accessToken);
+    await utils.createBackup(admin.accessToken);
+
+    await resetOrchestrator({ headers: asBearerAuth(admin.accessToken) });
+    await utils.resetDatabase();
+
+    await page.goto('/');
+    await page.getByRole('button', { name: 'Restore from backup' }).click();
+
+    try {
+      await page.waitForURL('/maintenance**');
+    } catch {
+      await page.goto('/maintenance');
+      await page.waitForURL('/maintenance**');
+    }
+
+    await page.getByRole('button', { name: 'FUTO Backups' }).click();
+
+    const dialog = page.getByRole('dialog');
+    await expect(dialog.filter({ hasText: 'Import recovery key' })).toBeVisible();
+    await dialog.getByLabel('Recovery Key').fill('0'.repeat(64));
+    await dialog.getByRole('button', { name: 'Save' }).click();
+
+    await expect(dialog.filter({ hasText: 'Where would you like to restore from?' })).toBeVisible();
+    await dialog.getByText('Local Folder').click();
+
+    await expect(dialog.filter({ hasText: 'Create local backend' })).toBeVisible();
+    await dialog.getByLabel('Path').fill('/local-backend');
+    await dialog.getByRole('button', { name: 'Save' }).click();
+
+    await expect(dialog.filter({ hasText: 'Select Restore Point' })).toBeVisible();
+    await dialog.getByRole('button', { name: 'Select' }).first().click();
+
+    await expect(dialog.filter({ hasText: /Restore from/ })).toBeVisible();
+    await dialog.getByRole('button', { name: 'Restore' }).first().click();
+
+    await expect(dialog.filter({ hasText: 'Confirm restore from snapshot' })).toBeVisible();
+    await dialog.getByRole('button', { name: 'Restore' }).click();
+
+    await expect(dialog.filter({ hasText: 'Restoring' })).toBeVisible();
+    await expect(dialog.filter({ hasText: 'Restoring' })).toBeHidden({ timeout: 60_000 });
+
+    await page.getByRole('button', { name: 'Next' }).click();
+    await page.getByRole('button', { name: 'Restore', exact: true }).click();
+    await page.getByRole('dialog').getByRole('button', { name: 'Restore' }).click();
+
+    await page.waitForURL('/maintenance?**');
+    await page.waitForURL('/photos', { timeout: 90_000 });
+  });
+});

e2e/src/specs/server/api/album.e2e-spec.ts

@@ -130,12 +130,11 @@ describe('/albums', () => {
   describe('GET /albums', () => {
     it("should not show other users' favorites", async () => {
       const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[0].id}?withoutAssets=false`)
+        .get(`/albums/${user1Albums[0].id}`)
         .set('Authorization', `Bearer ${user2.accessToken}`);
       expect(status).toEqual(200);
       expect(body).toEqual({
         ...user1Albums[0],
-        assets: [expect.objectContaining({ isFavorite: false })],
         contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
         lastModifiedAssetTimestamp: expect.any(String),
         startDate: expect.any(String),
@@ -147,7 +146,7 @@ describe('/albums', () => {
 
     it('should not return shared albums with a deleted owner', async () => {
       const { status, body } = await request(app)
-        .get('/albums?shared=true')
+        .get('/albums?isShared=true')
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
@@ -155,23 +154,31 @@ describe('/albums', () => {
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedLink,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedEditorUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedViewerUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user2.userId,
             albumName: user2SharedUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user2.userId }) },
+            ]),
             shared: true,
           }),
         ]),
@@ -181,82 +188,164 @@ describe('/albums', () => {
     it('should return the album collection including owned and shared', async () => {
       const { status, body } = await request(app).get('/albums').set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
-      expect(body).toHaveLength(4);
+      expect(body).toHaveLength(5);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedEditorUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedViewerUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedLink,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1NotShared,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: false,
           }),
+          expect.objectContaining({
+            albumName: user2SharedUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user2.userId }) },
+            ]),
+            shared: true,
+          }),
         ]),
       );
     });
 
-    it('should return the album collection filtered by shared', async () => {
+    it('should return the album collection filtered by isShared', async () => {
       const { status, body } = await request(app)
-        .get('/albums?shared=true')
+        .get('/albums?isShared=true')
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
       expect(body).toHaveLength(4);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedEditorUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedViewerUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1SharedLink,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: true,
           }),
           expect.objectContaining({
-            ownerId: user2.userId,
             albumName: user2SharedUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user2.userId }) },
+            ]),
             shared: true,
           }),
         ]),
       );
     });
 
-    it('should return the album collection filtered by NOT shared', async () => {
+    it('should return the album collection filtered by NOT isShared', async () => {
       const { status, body } = await request(app)
-        .get('/albums?shared=false')
+        .get('/albums?isShared=false')
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
       expect(body).toHaveLength(1);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
-            ownerId: user1.userId,
             albumName: user1NotShared,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) },
+            ]),
             shared: false,
           }),
         ]),
       );
     });
 
+    it('should return only owned albums when filtered by isOwned=true', async () => {
+      const { status, body } = await request(app)
+        .get('/albums?isOwned=true')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toHaveLength(4);
+      expect(body).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ albumName: user1SharedEditorUser }),
+          expect.objectContaining({ albumName: user1SharedViewerUser }),
+          expect.objectContaining({ albumName: user1SharedLink }),
+          expect.objectContaining({ albumName: user1NotShared }),
+        ]),
+      );
+    });
+
+    it('should return only shared-with-me albums when filtered by isOwned=false', async () => {
+      const { status, body } = await request(app)
+        .get('/albums?isOwned=false')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toHaveLength(1);
+      expect(body).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({
+            albumName: user2SharedUser,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user2.userId }) },
+            ]),
+          }),
+        ]),
+      );
+    });
+
+    it('should return owned shared-out albums when filtered by isOwned=true&ishared=true', async () => {
+      const { status, body } = await request(app)
+        .get('/albums?isOwned=true&isShared=true')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toHaveLength(3);
+      expect(body).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ albumName: user1SharedEditorUser }),
+          expect.objectContaining({ albumName: user1SharedViewerUser }),
+          expect.objectContaining({ albumName: user1SharedLink }),
+        ]),
+      );
+    });
+
+    it('should return empty list when filtered by isOwned=false&isShared=false', async () => {
+      const { status, body } = await request(app)
+        .get('/albums?isOwned=false&isShared=false')
+        .set('Authorization', `Bearer ${user1.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toHaveLength(0);
+    });
+
     it('should return the album collection filtered by assetId', async () => {
       const { status, body } = await request(app)
         .get(`/albums?assetId=${user1Asset2.id}`)
@@ -265,17 +354,17 @@ describe('/albums', () => {
       expect(body).toHaveLength(2);
     });
 
-    it('should return the album collection filtered by assetId and ignores shared=true', async () => {
+    it('should return the album collection filtered by assetId and ignores isShared=true', async () => {
       const { status, body } = await request(app)
-        .get(`/albums?shared=true&assetId=${user1Asset1.id}`)
+        .get(`/albums?isShared=true&assetId=${user1Asset1.id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
       expect(body).toHaveLength(5);
     });
 
-    it('should return the album collection filtered by assetId and ignores shared=false', async () => {
+    it('should return the album collection filtered by assetId and ignores isShared=false', async () => {
       const { status, body } = await request(app)
-        .get(`/albums?shared=false&assetId=${user1Asset1.id}`)
+        .get(`/albums?isShared=false&assetId=${user1Asset1.id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(status).toBe(200);
       expect(body).toHaveLength(5);
@@ -287,13 +376,17 @@ describe('/albums', () => {
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({
-            ownerId: user4.userId,
             albumName: user4DeletedAsset,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user4.userId }) },
+            ]),
             shared: false,
           }),
           expect.objectContaining({
-            ownerId: user4.userId,
             albumName: user4Empty,
+            albumUsers: expect.arrayContaining([
+              { role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user4.userId }) },
+            ]),
             shared: false,
           }),
         ]),
@@ -304,13 +397,12 @@ describe('/albums', () => {
   describe('GET /albums/:id', () => {
     it('should return album info for own album', async () => {
       const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[0].id}?withoutAssets=false`)
+        .get(`/albums/${user1Albums[0].id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
       expect(body).toEqual({
         ...user1Albums[0],
-        assets: [expect.objectContaining({ id: user1Albums[0].assets[0].id })],
         contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
         lastModifiedAssetTimestamp: expect.any(String),
         startDate: expect.any(String),
@@ -322,7 +414,7 @@ describe('/albums', () => {
 
     it('should return album info for shared album (editor)', async () => {
       const { status, body } = await request(app)
-        .get(`/albums/${user2Albums[0].id}?withoutAssets=false`)
+        .get(`/albums/${user2Albums[0].id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
@@ -331,14 +423,14 @@ describe('/albums', () => {
 
     it('should return album info for shared album (viewer)', async () => {
       const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[3].id}?withoutAssets=false`)
+        .get(`/albums/${user1Albums[3].id}`)
         .set('Authorization', `Bearer ${user2.accessToken}`);
 
       expect(status).toBe(200);
       expect(body).toMatchObject({ id: user1Albums[3].id });
     });
 
-    it('should return album info with assets when withoutAssets is undefined', async () => {
+    it('should return album info', async () => {
       const { status, body } = await request(app)
         .get(`/albums/${user1Albums[0].id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
@@ -346,25 +438,6 @@ describe('/albums', () => {
       expect(status).toBe(200);
       expect(body).toEqual({
         ...user1Albums[0],
-        assets: [expect.objectContaining({ id: user1Albums[0].assets[0].id })],
-        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
-        lastModifiedAssetTimestamp: expect.any(String),
-        startDate: expect.any(String),
-        endDate: expect.any(String),
-        albumUsers: expect.any(Array),
-        shared: true,
-      });
-    });
-
-    it('should return album info without assets when withoutAssets is true', async () => {
-      const { status, body } = await request(app)
-        .get(`/albums/${user1Albums[0].id}?withoutAssets=true`)
-        .set('Authorization', `Bearer ${user1.accessToken}`);
-
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        ...user1Albums[0],
-        assets: [],
         contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
         assetCount: 1,
         lastModifiedAssetTimestamp: expect.any(String),
@@ -379,21 +452,21 @@ describe('/albums', () => {
       await utils.deleteAssets(user1.accessToken, [user1Asset2.id]);
 
       const { status, body } = await request(app)
-        .get(`/albums/${user2Albums[0].id}?withoutAssets=true`)
+        .get(`/albums/${user2Albums[0].id}`)
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(200);
-      expect(body).toEqual({
-        ...user2Albums[0],
-        assets: [],
-        contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
-        assetCount: 1,
-        lastModifiedAssetTimestamp: expect.any(String),
-        endDate: expect.any(String),
-        startDate: expect.any(String),
-        albumUsers: expect.any(Array),
-        shared: true,
-      });
+      expect(body).toEqual(
+        expect.objectContaining({
+          contributorCounts: [{ userId: user1.userId, assetCount: 1 }],
+          assetCount: 1,
+          lastModifiedAssetTimestamp: expect.any(String),
+          endDate: expect.any(String),
+          startDate: expect.any(String),
+          albumUsers: expect.any(Array),
+          shared: true,
+        }),
+      );
     });
   });
 
@@ -419,16 +492,13 @@ describe('/albums', () => {
         id: expect.any(String),
         createdAt: expect.any(String),
         updatedAt: expect.any(String),
-        ownerId: user1.userId,
         albumName: 'New album',
         description: '',
         albumThumbnailAssetId: null,
         shared: false,
-        albumUsers: [],
+        albumUsers: [{ role: AlbumUserRole.Owner, user: expect.objectContaining({ id: user1.userId }) }],
         hasSharedLink: false,
-        assets: [],
         assetCount: 0,
-        owner: expect.objectContaining({ email: user1.userEmail }),
         isActivityEnabled: true,
         order: AssetOrder.Desc,
       });
@@ -644,11 +714,11 @@ describe('/albums', () => {
       expect(status).toBe(200);
       expect(body).toEqual(
         expect.objectContaining({
-          albumUsers: [
+          albumUsers: expect.arrayContaining([
             expect.objectContaining({
               user: expect.objectContaining({ id: user2.userId }),
             }),
-          ],
+          ]),
         }),
       );
     });
@@ -660,7 +730,7 @@ describe('/albums', () => {
         .send({ albumUsers: [{ userId: user1.userId, role: AlbumUserRole.Editor }] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('Cannot be shared with owner'));
+      expect(body).toEqual(errorDto.badRequest('User already added'));
     });
 
     it('should not be able to add existing user to shared album', async () => {
@@ -686,7 +756,7 @@ describe('/albums', () => {
         albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
       });
 
-      expect(album.albumUsers[0].role).toEqual(AlbumUserRole.Viewer);
+      expect(album.albumUsers[1].role).toEqual(AlbumUserRole.Viewer);
 
       const { status } = await request(app)
         .put(`/albums/${album.id}/user/${user2.userId}`)
@@ -701,7 +771,10 @@ describe('/albums', () => {
         .set('Authorization', `Bearer ${user1.accessToken}`);
       expect(body).toEqual(
         expect.objectContaining({
-          albumUsers: [expect.objectContaining({ role: AlbumUserRole.Editor })],
+          albumUsers: [
+            expect.objectContaining({ role: AlbumUserRole.Owner }),
+            expect.objectContaining({ role: AlbumUserRole.Editor }),
+          ],
         }),
       );
     });
@@ -712,7 +785,7 @@ describe('/albums', () => {
         albumUsers: [{ userId: user2.userId, role: AlbumUserRole.Viewer }],
       });
 
-      expect(album.albumUsers[0].role).toEqual(AlbumUserRole.Viewer);
+      expect(album.albumUsers[1].role).toEqual(AlbumUserRole.Viewer);
 
       const { status, body } = await request(app)
         .put(`/albums/${album.id}/user/${user2.userId}`)

e2e/src/specs/server/api/asset.e2e-spec.ts

@@ -1,7 +1,6 @@
 import {
   AssetMediaResponseDto,
   AssetMediaStatus,
-  AssetResponseDto,
   AssetTypeEnum,
   AssetVisibility,
   getAssetInfo,
@@ -19,7 +18,7 @@ import { Socket } from 'socket.io-client';
 import { createUserDto, uuidDto } from 'src/fixtures';
 import { makeRandomImage } from 'src/generators';
 import { errorDto } from 'src/responses';
-import { app, asBearerAuth, tempDir, TEN_TIMES, testAssetDir, utils } from 'src/utils';
+import { app, asBearerAuth, tempDir, testAssetDir, utils } from 'src/utils';
 import request from 'supertest';
 import { afterAll, beforeAll, describe, expect, it } from 'vitest';
 
@@ -95,8 +94,8 @@ describe('/asset', () => {
       utils.createAsset(user1.accessToken),
       utils.createAsset(user1.accessToken, {
         isFavorite: true,
-        fileCreatedAt: yesterday.toISO(),
-        fileModifiedAt: yesterday.toISO(),
+        fileCreatedAt: yesterday.toUTC().toISO(),
+        fileModifiedAt: yesterday.toUTC().toISO(),
         assetData: { filename: 'example.mp4' },
       }),
       utils.createAsset(user1.accessToken),
@@ -380,62 +379,12 @@ describe('/asset', () => {
     });
   });
 
-  describe('GET /assets/random', () => {
-    beforeAll(async () => {
-      await Promise.all([
-        utils.createAsset(user1.accessToken),
-        utils.createAsset(user1.accessToken),
-        utils.createAsset(user1.accessToken),
-        utils.createAsset(user1.accessToken),
-        utils.createAsset(user1.accessToken),
-        utils.createAsset(user1.accessToken),
-      ]);
-
-      await utils.waitForQueueFinish(admin.accessToken, 'thumbnailGeneration');
-    });
-
-    it.each(TEN_TIMES)('should return 1 random assets', async () => {
-      const { status, body } = await request(app)
-        .get('/assets/random')
-        .set('Authorization', `Bearer ${user1.accessToken}`);
-
-      expect(status).toBe(200);
-
-      const assets: AssetResponseDto[] = body;
-      expect(assets.length).toBe(1);
-      expect(assets[0].ownerId).toBe(user1.userId);
-    });
-
-    it.each(TEN_TIMES)('should return 2 random assets', async () => {
-      const { status, body } = await request(app)
-        .get('/assets/random?count=2')
-        .set('Authorization', `Bearer ${user1.accessToken}`);
-
-      expect(status).toBe(200);
-
-      const assets: AssetResponseDto[] = body;
-      expect(assets.length).toBe(2);
-
-      for (const asset of assets) {
-        expect(asset.ownerId).toBe(user1.userId);
-      }
-    });
-
-    it.skip('should return 1 asset if there are 10 assets in the database but user 2 only has 1', async () => {
-      const { status, body } = await request(app)
-        .get('/assets/random')
-        .set('Authorization', `Bearer ${user2.accessToken}`);
-
-      expect(status).toBe(200);
-      expect(body).toEqual([expect.objectContaining({ id: user2Assets[0].id })]);
-    });
-  });
-
   describe('PUT /assets/:id', () => {
     it('should require access', async () => {
       const { status, body } = await request(app)
         .put(`/assets/${user2Assets[0].id}`)
-        .set('Authorization', `Bearer ${user1.accessToken}`);
+        .set('Authorization', `Bearer ${user1.accessToken}`)
+        .send({});
       expect(status).toBe(400);
       expect(body).toEqual(errorDto.noPermission);
     });
@@ -1142,8 +1091,6 @@ describe('/asset', () => {
       const { body, status } = await request(app)
         .post('/assets')
         .set('Authorization', `Bearer ${quotaUser.accessToken}`)
-        .field('deviceAssetId', 'example-image')
-        .field('deviceId', 'e2e')
         .field('fileCreatedAt', new Date().toISOString())
         .field('fileModifiedAt', new Date().toISOString())
         .attach('assetData', makeRandomImage(), 'example.jpg');
@@ -1160,8 +1107,6 @@ describe('/asset', () => {
       const { body, status } = await request(app)
         .post('/assets')
         .set('Authorization', `Bearer ${quotaUser.accessToken}`)
-        .field('deviceAssetId', 'example-image')
-        .field('deviceId', 'e2e')
         .field('fileCreatedAt', new Date().toISOString())
         .field('fileModifiedAt', new Date().toISOString())
         .attach('assetData', randomBytes(2014), 'example.jpg');
@@ -1215,29 +1160,4 @@ describe('/asset', () => {
       expect(video.checksum).toStrictEqual(checksum);
     });
   });
-
-  describe('POST /assets/exist', () => {
-    it('ignores invalid deviceAssetIds', async () => {
-      const response = await utils.checkExistingAssets(user1.accessToken, {
-        deviceId: 'test-assets-exist',
-        deviceAssetIds: ['invalid', 'INVALID'],
-      });
-
-      expect(response.existingIds).toHaveLength(0);
-    });
-
-    it('returns the IDs of existing assets', async () => {
-      await utils.createAsset(user1.accessToken, {
-        deviceId: 'test-assets-exist',
-        deviceAssetId: 'test-asset-0',
-      });
-
-      const response = await utils.checkExistingAssets(user1.accessToken, {
-        deviceId: 'test-assets-exist',
-        deviceAssetIds: ['test-asset-0'],
-      });
-
-      expect(response.existingIds).toEqual(['test-asset-0']);
-    });
-  });
 });

e2e/src/specs/server/api/library.e2e-spec.ts

@@ -110,7 +110,9 @@ describe('/libraries', () => {
         });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(["All importPaths's elements must be unique"]));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['importPaths'], message: 'Array must have unique items' }]),
+      );
     });
 
     it('should not create an external library with duplicate exclusion patterns', async () => {
@@ -125,7 +127,9 @@ describe('/libraries', () => {
         });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(["All exclusionPatterns's elements must be unique"]));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['exclusionPatterns'], message: 'Array must have unique items' }]),
+      );
     });
   });
 
@@ -157,7 +161,9 @@ describe('/libraries', () => {
         .send({ name: '' });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['name should not be empty']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['name'], message: 'Too small: expected string to have >=1 characters' }]),
+      );
     });
 
     it('should change the import paths', async () => {
@@ -181,7 +187,9 @@ describe('/libraries', () => {
         .send({ importPaths: [''] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['each value in importPaths should not be empty']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['importPaths'], message: 'Array items must not be empty' }]),
+      );
     });
 
     it('should reject duplicate import paths', async () => {
@@ -191,7 +199,9 @@ describe('/libraries', () => {
         .send({ importPaths: ['/path', '/path'] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(["All importPaths's elements must be unique"]));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['importPaths'], message: 'Array must have unique items' }]),
+      );
     });
 
     it('should change the exclusion pattern', async () => {
@@ -215,7 +225,9 @@ describe('/libraries', () => {
         .send({ exclusionPatterns: ['**/*.jpg', '**/*.jpg'] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(["All exclusionPatterns's elements must be unique"]));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['exclusionPatterns'], message: 'Array must have unique items' }]),
+      );
     });
 
     it('should reject an empty exclusion pattern', async () => {
@@ -225,7 +237,9 @@ describe('/libraries', () => {
         .send({ exclusionPatterns: [''] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['each value in exclusionPatterns should not be empty']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['exclusionPatterns'], message: 'Array items must not be empty' }]),
+      );
     });
   });
 

e2e/src/specs/server/api/map.e2e-spec.ts

@@ -109,7 +109,9 @@ describe('/map', () => {
         .get('/map/reverse-geocode?lon=123')
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['lat must be a number between -90 and 90']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['lat'], message: 'Invalid input: expected number, received NaN' }]),
+      );
     });
 
     it('should throw an error if a lat is not a number', async () => {
@@ -117,7 +119,9 @@ describe('/map', () => {
         .get('/map/reverse-geocode?lat=abc&lon=123.456')
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['lat must be a number between -90 and 90']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['lat'], message: 'Invalid input: expected number, received NaN' }]),
+      );
     });
 
     it('should throw an error if a lat is out of range', async () => {
@@ -125,7 +129,9 @@ describe('/map', () => {
         .get('/map/reverse-geocode?lat=91&lon=123.456')
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['lat must be a number between -90 and 90']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['lat'], message: 'Too big: expected number to be <=90' }]),
+      );
     });
 
     it('should throw an error if a lon is not provided', async () => {
@@ -133,7 +139,9 @@ describe('/map', () => {
         .get('/map/reverse-geocode?lat=75')
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['lon must be a number between -180 and 180']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['lon'], message: 'Invalid input: expected number, received NaN' }]),
+      );
     });
 
     const reverseGeocodeTestCases = [

e2e/src/specs/server/api/oauth.e2e-spec.ts

@@ -1,9 +1,10 @@
-import { OAuthClient, OAuthUser } from '@immich/e2e-auth-server';
+import { OAuthClient, OAuthUser, generateLogoutToken } from '@immich/e2e-auth-server';
 import {
   LoginResponseDto,
   SystemConfigOAuthDto,
   getConfigDefaults,
   getMyUser,
+  getSessions,
   startOAuth,
   updateConfig,
 } from '@immich/sdk';
@@ -76,6 +77,7 @@ const setupOAuth = async (token: string, dto: Partial<SystemConfigOAuthDto>) =>
     ...defaults.oauth,
     buttonText: 'Login with Immich',
     issuerUrl: `${authServer.internal}/.well-known/openid-configuration`,
+    allowInsecureRequests: true,
     ...dto,
   };
   await updateConfig({ systemConfigDto: { ...defaults, oauth: merged } }, options);
@@ -87,21 +89,27 @@ describe(`/oauth`, () => {
   beforeAll(async () => {
     await utils.resetDatabase();
     admin = await utils.adminSetup();
-
-    await setupOAuth(admin.accessToken, {
-      enabled: true,
-      clientId: OAuthClient.DEFAULT,
-      clientSecret: OAuthClient.DEFAULT,
-      buttonText: 'Login with Immich',
-      storageLabelClaim: 'immich_username',
-    });
   });
 
   describe('POST /oauth/authorize', () => {
+    beforeAll(async () => {
+      await setupOAuth(admin.accessToken, {
+        enabled: true,
+        clientId: OAuthClient.DEFAULT,
+        clientSecret: OAuthClient.DEFAULT,
+        buttonText: 'Login with Immich',
+        storageLabelClaim: 'immich_username',
+      });
+    });
+
     it(`should throw an error if a redirect uri is not provided`, async () => {
       const { status, body } = await request(app).post('/oauth/authorize').send({});
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['redirectUri must be a string', 'redirectUri should not be empty']));
+      expect(body).toEqual(
+        errorDto.validationError([
+          { path: ['redirectUri'], message: 'Invalid input: expected string, received undefined' },
+        ]),
+      );
     });
 
     it('should return a redirect uri', async () => {
@@ -117,19 +125,60 @@ describe(`/oauth`, () => {
       expect(params.get('redirect_uri')).toBe('http://127.0.0.1:2285/auth/login');
       expect(params.get('state')).toBeDefined();
     });
+
+    it('should not include the prompt parameter when not configured', async () => {
+      const { status, body } = await request(app)
+        .post('/oauth/authorize')
+        .send({ redirectUri: 'http://127.0.0.1:2285/auth/login' });
+      expect(status).toBe(201);
+
+      const params = new URL(body.url).searchParams;
+      expect(params.get('prompt')).toBeNull();
+    });
+
+    it('should include the prompt parameter when configured', async () => {
+      await setupOAuth(admin.accessToken, {
+        enabled: true,
+        clientId: OAuthClient.DEFAULT,
+        clientSecret: OAuthClient.DEFAULT,
+        prompt: 'select_account',
+      });
+
+      const { status, body } = await request(app)
+        .post('/oauth/authorize')
+        .send({ redirectUri: 'http://127.0.0.1:2285/auth/login' });
+      expect(status).toBe(201);
+
+      const params = new URL(body.url).searchParams;
+      expect(params.get('prompt')).toBe('select_account');
+    });
   });
 
   describe('POST /oauth/callback', () => {
+    beforeAll(async () => {
+      await setupOAuth(admin.accessToken, {
+        enabled: true,
+        clientId: OAuthClient.DEFAULT,
+        clientSecret: OAuthClient.DEFAULT,
+        buttonText: 'Login with Immich',
+        storageLabelClaim: 'immich_username',
+      });
+    });
+
     it(`should throw an error if a url is not provided`, async () => {
       const { status, body } = await request(app).post('/oauth/callback').send({});
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['url must be a string', 'url should not be empty']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['url'], message: 'Invalid input: expected string, received undefined' }]),
+      );
     });
 
     it(`should throw an error if the url is empty`, async () => {
       const { status, body } = await request(app).post('/oauth/callback').send({ url: '' });
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['url should not be empty']));
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['url'], message: 'Too small: expected string to have >=1 characters' }]),
+      );
     });
 
     it(`should throw an error if the state is not provided`, async () => {
@@ -158,10 +207,9 @@ describe(`/oauth`, () => {
     it(`should throw an error if the codeVerifier doesn't match the challenge`, async () => {
       const callbackParams = await loginWithOAuth('oauth-auto-register');
       const { codeVerifier } = await loginWithOAuth('oauth-auto-register');
-      const { status, body } = await request(app)
+      const { status } = await request(app)
         .post('/oauth/callback')
         .send({ ...callbackParams, codeVerifier });
-      console.log(body);
       expect(status).toBeGreaterThanOrEqual(400);
     });
 
@@ -258,7 +306,7 @@ describe(`/oauth`, () => {
         accessToken: expect.any(String),
         isAdmin: false,
         name: 'OAuth User',
-        userEmail: 'oauth-RS256-token@immich.app',
+        userEmail: 'oauth-rs256-token@immich.app',
         userId: expect.any(String),
       });
     });
@@ -292,9 +340,7 @@ describe(`/oauth`, () => {
       const { status, body } = await request(app).post('/oauth/callback').send(callbackParams);
       expect(status).toBe(500);
       expect(body).toMatchObject({
-        error: 'Internal Server Error',
         message: 'Failed to finish oauth',
-        statusCode: 500,
       });
     });
 
@@ -313,7 +359,7 @@ describe(`/oauth`, () => {
         const callbackParams = await loginWithOAuth('oauth-no-auto-register');
         const { status, body } = await request(app).post('/oauth/callback').send(callbackParams);
         expect(status).toBe(400);
-        expect(body).toEqual(errorDto.badRequest('User does not exist and auto registering is disabled.'));
+        expect(body).toEqual(errorDto.badRequest('OAuth authentication failed'));
       });
 
       it('should link to an existing user by email', async () => {
@@ -333,6 +379,54 @@ describe(`/oauth`, () => {
     });
   });
 
+  describe(`POST /oauth/backchannel-logout`, () => {
+    it(`should throw an error if the logout_token is not provided`, async () => {
+      const { status, body } = await request(app).post('/oauth/backchannel-logout').send({});
+      expect(status).toBe(400);
+      expect(body).toEqual(
+        errorDto.validationError([
+          { path: ['logout_token'], message: 'Invalid input: expected string, received undefined' },
+        ]),
+      );
+    });
+
+    it(`should throw an error if an invalid logout token is provided`, async () => {
+      const { status, body } = await request(app)
+        .post('/oauth/backchannel-logout')
+        .send({ logout_token: 'invalid token' });
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Error backchannel logout: token validation failed'));
+    });
+
+    it(`should logout user if a valid logout token is provided`, async () => {
+      await setupOAuth(admin.accessToken, {
+        enabled: true,
+        clientId: OAuthClient.DEFAULT,
+        clientSecret: OAuthClient.DEFAULT,
+        autoRegister: true,
+        signingAlgorithm: 'RS256',
+        buttonText: 'Login with Immich',
+      });
+
+      const callbackParams = await loginWithOAuth('backchannel-logout-user');
+      const { status: callbackStatus, body: callbackBody } = await request(app)
+        .post('/oauth/callback')
+        .send(callbackParams);
+      expect(callbackStatus).toBe(201);
+
+      await expect(getSessions({ headers: asBearerAuth(callbackBody.accessToken) })).resolves.toHaveLength(1);
+
+      const logoutToken = await generateLogoutToken('http://0.0.0.0:2286', 'backchannel-logout-user');
+      const { status, body } = await request(app).post('/oauth/backchannel-logout').send({ logout_token: logoutToken });
+      expect(status).toBe(200);
+      expect(body).toMatchObject({});
+
+      await expect(getSessions({ headers: asBearerAuth(callbackBody.accessToken) })).rejects.toMatchObject({
+        status: 401,
+      });
+    });
+  });
+
   describe('mobile redirect override', () => {
     beforeAll(async () => {
       await setupOAuth(admin.accessToken, {
@@ -399,4 +493,22 @@ describe(`/oauth`, () => {
       });
     });
   });
+
+  describe('allowInsecureRequests: false', () => {
+    beforeAll(async () => {
+      await setupOAuth(admin.accessToken, {
+        enabled: true,
+        clientId: OAuthClient.DEFAULT,
+        clientSecret: OAuthClient.DEFAULT,
+        allowInsecureRequests: false,
+      });
+    });
+
+    it('should reject OAuth discovery over HTTP', async () => {
+      const { status } = await request(app)
+        .post('/oauth/authorize')
+        .send({ redirectUri: 'http://127.0.0.1:2285/auth/login' });
+      expect(status).toBe(500);
+    });
+  });
 });

e2e/src/specs/server/api/search.e2e-spec.ts

@@ -74,7 +74,6 @@ describe('/search', () => {
       const bytes = await readFile(join(testAssetDir, filename));
       assets.push(
         await utils.createAsset(admin.accessToken, {
-          deviceAssetId: `test-${filename}`,
           assetData: { bytes, filename },
           ...dto,
         }),
@@ -458,7 +457,7 @@ describe('/search', () => {
       expect(Array.isArray(body)).toBe(true);
       if (Array.isArray(body)) {
         expect(body.length).toBeGreaterThan(10);
-        expect(body[0].name).toEqual(name);
+        expect(body[0].name).toEqual(expect.stringContaining(name));
         expect(body[0].admin2name).toEqual(name);
       }
     });

e2e/src/specs/server/api/server.e2e-spec.ts

@@ -207,16 +207,6 @@ describe('/server', () => {
     });
   });
 
-  describe('GET /server/theme', () => {
-    it('should respond with the server theme', async () => {
-      const { status, body } = await request(app).get('/server/theme');
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        customCss: '',
-      });
-    });
-  });
-
   describe('GET /server/license', () => {
     it('should require authentication', async () => {
       const { status, body } = await request(app).get('/server/license');

e2e/src/specs/server/api/shared-link.e2e-spec.ts

@@ -243,9 +243,21 @@ describe('/shared-links', () => {
     });
 
     it('should get data for correct password protected link', async () => {
+      const response = await request(app)
+        .post('/shared-links/login')
+        .send({ password: 'foo' })
+        .query({ key: linkWithPassword.key });
+
+      expect(response.status).toBe(201);
+
+      const cookies = response.get('Set-Cookie') ?? [];
+      expect(cookies).toHaveLength(1);
+      expect(cookies[0]).toContain('immich_shared_link_token');
+
       const { status, body } = await request(app)
         .get('/shared-links/me')
-        .query({ key: linkWithPassword.key, password: 'foo' });
+        .query({ key: linkWithPassword.key })
+        .set('Cookie', cookies);
 
       expect(status).toBe(200);
       expect(body).toEqual(
@@ -329,7 +341,9 @@ describe('/shared-links', () => {
         .set('Authorization', `Bearer ${user1.accessToken}`);
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest());
+      expect(body).toEqual(
+        errorDto.validationError([{ path: [], message: 'Invalid input: expected object, received undefined' }]),
+      );
     });
 
     it('should require an asset/album id', async () => {

e2e/src/specs/server/api/stack.e2e-spec.ts

@@ -41,7 +41,9 @@ describe('/stacks', () => {
         .send({ assetIds: [asset.id] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest());
+      expect(body).toEqual(
+        errorDto.validationError([{ path: ['assetIds'], message: 'Too small: expected array to have >=2 items' }]),
+      );
     });
 
     it('should require a valid id', async () => {
@@ -51,7 +53,12 @@ describe('/stacks', () => {
         .send({ assetIds: [uuidDto.invalid, uuidDto.invalid] });
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest());
+      expect(body).toEqual(
+        errorDto.validationError([
+          { path: ['assetIds', 0], message: 'Invalid UUID' },
+          { path: ['assetIds', 1], message: 'Invalid UUID' },
+        ]),
+      );
     });
 
     it('should require access', async () => {

e2e/src/specs/server/api/tag.e2e-spec.ts

@@ -309,7 +309,7 @@ describe('/tags', () => {
         .get(`/tags/${uuidDto.invalid}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['id must be a UUID']));
+      expect(body).toEqual(errorDto.validationError([{ path: ['id'], message: 'Invalid UUID' }]));
     });
 
     it('should get tag details', async () => {
@@ -427,7 +427,7 @@ describe('/tags', () => {
         .delete(`/tags/${uuidDto.invalid}`)
         .set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['id must be a UUID']));
+      expect(body).toEqual(errorDto.validationError([{ path: ['id'], message: 'Invalid UUID' }]));
     });
 
     it('should delete a tag', async () => {

e2e/src/specs/server/api/user-admin.e2e-spec.ts

@@ -108,14 +108,20 @@ describe('/admin/users', () => {
       expect(body).toEqual(errorDto.forbidden);
     });
 
-    for (const key of ['password', 'email', 'name', 'quotaSizeInBytes', 'shouldChangePassword', 'notify']) {
+    for (const [key, message] of [
+      ['password', 'Invalid input: expected string, received null'],
+      ['email', 'Invalid input: expected email, received object'],
+      ['name', 'Invalid input: expected string, received null'],
+      ['shouldChangePassword', 'Invalid input: expected boolean, received null'],
+      ['notify', 'Invalid input: expected boolean, received null'],
+    ] as const) {
       it(`should not allow null ${key}`, async () => {
         const { status, body } = await request(app)
           .post(`/admin/users`)
           .set('Authorization', `Bearer ${admin.accessToken}`)
           .send({ ...createUserDto.user1, [key]: null });
         expect(status).toBe(400);
-        expect(body).toEqual(errorDto.badRequest());
+        expect(body).toEqual(errorDto.validationError([{ path: [key], message }]));
       });
     }
 
@@ -153,14 +159,19 @@ describe('/admin/users', () => {
       expect(body).toEqual(errorDto.forbidden);
     });
 
-    for (const key of ['password', 'email', 'name', 'shouldChangePassword']) {
+    for (const [key, message] of [
+      ['password', 'Invalid input: expected string, received null'],
+      ['email', 'Invalid input: expected email, received object'],
+      ['name', 'Invalid input: expected string, received null'],
+      ['shouldChangePassword', 'Invalid input: expected boolean, received null'],
+    ] as const) {
       it(`should not allow null ${key}`, async () => {
         const { status, body } = await request(app)
           .put(`/admin/users/${uuidDto.notFound}`)
           .set('Authorization', `Bearer ${admin.accessToken}`)
           .send({ [key]: null });
         expect(status).toBe(400);
-        expect(body).toEqual(errorDto.badRequest());
+        expect(body).toEqual(errorDto.validationError([{ path: [key], message }]));
       });
     }
 
@@ -287,7 +298,8 @@ describe('/admin/users', () => {
     it('should delete user', async () => {
       const { status, body } = await request(app)
         .delete(`/admin/users/${userToDelete.userId}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send({});
 
       expect(status).toBe(200);
       expect(body).toMatchObject({

e2e/src/specs/server/api/user.e2e-spec.ts

@@ -120,7 +120,7 @@ describe('/users', () => {
         .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
 
       expect(status).toBe(400);
-      expect(body).toMatchObject(errorDto.badRequest('Email already in use by another account'));
+      expect(body).toMatchObject(errorDto.badRequest('Email is not available'));
     });
 
     it('should update my email', async () => {
@@ -178,7 +178,11 @@ describe('/users', () => {
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['download.archiveSize must be an integer number']));
+      expect(body).toEqual(
+        errorDto.validationError([
+          { path: ['download', 'archiveSize'], message: 'Invalid input: expected int, received number' },
+        ]),
+      );
     });
 
     it('should update download archive size', async () => {
@@ -204,7 +208,11 @@ describe('/users', () => {
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest(['download.includeEmbeddedVideos must be a boolean value']));
+      expect(body).toEqual(
+        errorDto.validationError([
+          { path: ['download', 'includeEmbeddedVideos'], message: 'Invalid input: expected boolean, received number' },
+        ]),
+      );
     });
 
     it('should update download include embedded videos', async () => {

e2e/src/specs/web/asset-viewer/detail-panel.e2e-spec.ts

@@ -1,7 +1,9 @@
 import { AssetMediaResponseDto, LoginResponseDto, SharedLinkType } from '@immich/sdk';
 import { expect, test } from '@playwright/test';
+import { readFile } from 'node:fs/promises';
+import { basename, join } from 'node:path';
 import type { Socket } from 'socket.io-client';
-import { utils } from 'src/utils';
+import { testAssetDir, utils } from 'src/utils';
 
 test.describe('Detail Panel', () => {
   let admin: LoginResponseDto;
@@ -83,4 +85,42 @@ test.describe('Detail Panel', () => {
     await utils.waitForWebsocketEvent({ event: 'assetUpdate', id: asset.id });
     await expect(textarea).toHaveValue('new description');
   });
+
+  test.describe('Date editor', () => {
+    test('displays inferred asset timezone', async ({ context, page }) => {
+      const test = {
+        filepath: 'metadata/dates/datetimeoriginal-gps.jpg',
+        expected: {
+          dateTime: '2025-12-01T11:30',
+          // Test with a timezone which is NOT the first among timezones with the same offset
+          // This is to check that the editor does not simply fall back to the first available timezone with that offset
+          // America/Denver (-07:00) is not the first among timezones with offset -07:00
+          timeZoneWithOffset: 'America/Denver (-07:00)',
+        },
+      };
+
+      const asset = await utils.createAsset(admin.accessToken, {
+        assetData: {
+          bytes: await readFile(join(testAssetDir, test.filepath)),
+          filename: basename(test.filepath),
+        },
+      });
+
+      await utils.waitForWebsocketEvent({ event: 'assetUpload', id: asset.id });
+
+      // asset viewer -> detail panel -> date editor
+      await utils.setAuthCookies(context, admin.accessToken);
+      await page.goto(`/photos/${asset.id}`);
+      await page.waitForSelector('#immich-asset-viewer');
+
+      await page.getByRole('button', { name: 'Info' }).click();
+      await page.getByTestId('detail-panel-edit-date-button').click();
+      await page.waitForSelector('[role="dialog"]');
+
+      const datetime = page.locator('#datetime');
+      await expect(datetime).toHaveValue(test.expected.dateTime);
+      const timezone = page.getByRole('combobox', { name: 'Timezone' });
+      await expect(timezone).toHaveValue(test.expected.timeZoneWithOffset);
+    });
+  });
 });

e2e/src/specs/web/duplicates.e2e-spec.ts

@@ -16,8 +16,8 @@ test.describe('Duplicates Utility', () => {
 
   test.beforeEach(async ({ context }) => {
     [firstAsset, secondAsset] = await Promise.all([
-      utils.createAsset(admin.accessToken, { deviceAssetId: 'duplicate-a' }),
-      utils.createAsset(admin.accessToken, { deviceAssetId: 'duplicate-b' }),
+      utils.createAsset(admin.accessToken, {}),
+      utils.createAsset(admin.accessToken, {}),
     ]);
 
     await updateAssets(

e2e/src/specs/web/photo-viewer.e2e-spec.ts

@@ -77,18 +77,4 @@ test.describe('Photo Viewer', () => {
     });
     expect(tagAtCenter).toBe('IMG');
   });
-
-  test('reloads photo when checksum changes', async ({ page }) => {
-    await page.goto(`/photos/${asset.id}`);
-
-    const preview = page.getByTestId('preview').filter({ visible: true });
-    await expect(preview).toHaveAttribute('src', /.+/);
-    const initialSrc = await preview.getAttribute('src');
-
-    const websocketEvent = utils.waitForWebsocketEvent({ event: 'assetUpdate', id: asset.id });
-    await utils.replaceAsset(admin.accessToken, asset.id);
-    await websocketEvent;
-
-    await expect(preview).not.toHaveAttribute('src', initialSrc!);
-  });
 });

e2e/src/ui/generators/timeline/model-objects.ts

@@ -32,8 +32,12 @@ export function generateThumbhash(rng: SeededRandom): string {
   return Array.from({ length: 10 }, () => rng.nextInt(0, 256).toString(16).padStart(2, '0')).join('');
 }
 
-export function generateDuration(rng: SeededRandom): string {
-  return `${rng.nextInt(GENERATION_CONSTANTS.MIN_VIDEO_DURATION_SECONDS, GENERATION_CONSTANTS.MAX_VIDEO_DURATION_SECONDS)}.${rng.nextInt(0, 1000).toString().padStart(3, '0')}`;
+export function generateDuration(rng: SeededRandom): number {
+  return (
+    rng.nextInt(GENERATION_CONSTANTS.MIN_VIDEO_DURATION_SECONDS, GENERATION_CONSTANTS.MAX_VIDEO_DURATION_SECONDS) *
+      1000 +
+    rng.nextInt(0, 1000)
+  );
 }
 
 export function generateUUID(): string {

e2e/src/ui/generators/timeline/rest-response.ts

@@ -3,6 +3,7 @@
  */
 
 import {
+  AlbumUserRole,
   AssetTypeEnum,
   AssetVisibility,
   UserAvatarColor,
@@ -315,11 +316,9 @@ export function toAssetResponseDto(asset: MockTimelineAsset, owner?: UserRespons
 
   return {
     id: asset.id,
-    deviceAssetId: `device-${asset.id}`,
     ownerId: asset.ownerId,
     owner: owner || defaultOwner,
     libraryId: `library-${asset.ownerId}`,
-    deviceId: `device-${asset.ownerId}`,
     type: asset.isVideo ? AssetTypeEnum.Video : AssetTypeEnum.Image,
     originalPath: `/original/${asset.id}.${asset.isVideo ? 'mp4' : 'jpg'}`,
     originalFileName: `${asset.id}.${asset.isVideo ? 'mp4' : 'jpg'}`,
@@ -334,7 +333,7 @@ export function toAssetResponseDto(asset: MockTimelineAsset, owner?: UserRespons
     isArchived: false,
     isTrashed: asset.isTrashed,
     visibility: asset.visibility,
-    duration: asset.duration || '0:00:00.00000',
+    duration: asset.duration,
     exifInfo,
     livePhotoVideoId: asset.livePhotoVideoId,
     tags: [],
@@ -422,14 +421,11 @@ export function getAlbum(
     albumThumbnailAssetId: album.thumbnailAssetId,
     createdAt: album.createdAt,
     updatedAt: album.updatedAt,
-    ownerId: albumOwner.id,
-    owner: albumOwner,
-    albumUsers: [], // Empty array for non-shared album
+    albumUsers: [{ user: albumOwner, role: AlbumUserRole.Owner }],
     shared: false,
     hasSharedLink: false,
     isActivityEnabled: true,
     assetCount: albumAssets.length,
-    assets: albumAssets,
     startDate: albumAssets.length > 0 ? albumAssets.at(-1)?.fileCreatedAt : undefined,
     endDate: albumAssets.length > 0 ? albumAssets[0].fileCreatedAt : undefined,
     lastModifiedAssetTimestamp: albumAssets.length > 0 ? albumAssets[0].fileCreatedAt : undefined,

e2e/src/ui/generators/timeline/timeline-config.ts

@@ -43,7 +43,7 @@ export type MockTimelineAsset = {
   isTrashed: boolean;
   isVideo: boolean;
   isImage: boolean;
-  duration: string | null;
+  duration: number | null;
   projectionType: string | null;
   livePhotoVideoId: string | null;
   city: string | null;

e2e/src/ui/mock-network/base-network.ts

@@ -223,6 +223,7 @@ export const setupBaseMockApiRoutes = async (context: BrowserContext, adminUserI
           '.jp2',
           '.jpe',
           '.jxl',
+          '.mpo',
           '.svg',
           '.tif',
           '.tiff',
@@ -239,7 +240,8 @@ export const setupBaseMockApiRoutes = async (context: BrowserContext, adminUserI
     });
   });
   await context.route('**/api/albums*', async (route, request) => {
-    if (request.url().endsWith('albums?shared=true') || request.url().endsWith('albums')) {
+    const url = request.url();
+    if (url.endsWith('albums?isShared=true') || url.endsWith('albums?isOwned=true') || url.endsWith('albums')) {
       return route.fulfill({
         status: 200,
         contentType: 'application/json',

e2e/src/ui/mock-network/broken-asset-network.ts

@@ -16,7 +16,6 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
   const now = new Date().toISOString();
   return {
     id: assetId,
-    deviceAssetId: `device-${assetId}`,
     ownerId,
     owner: {
       id: ownerId,
@@ -27,7 +26,6 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
       avatarColor: 'blue' as never,
     },
     libraryId: `library-${ownerId}`,
-    deviceId: `device-${ownerId}`,
     type: AssetTypeEnum.Image,
     originalPath: `/original/${assetId}.jpg`,
     originalFileName: `${assetId}.jpg`,
@@ -42,7 +40,7 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
     isArchived: false,
     isTrashed: false,
     visibility: AssetVisibility.Timeline,
-    duration: '0:00:00.00000',
+    duration: null,
     exifInfo: {
       make: null,
       model: null,
@@ -69,7 +67,7 @@ export const createMockStackAsset = (ownerId: string): AssetResponseDto => {
     tags: [],
     people: [],
     unassignedFaces: [],
-    stack: null,
+    stack: undefined,
     isOffline: false,
     hasMetadata: true,
     duplicateId: null,

e2e/src/ui/specs/timeline/timeline.e2e-spec.ts

@@ -304,7 +304,7 @@ test.describe('Timeline', () => {
       await page.keyboard.down('Shift');
       await thumbnailUtils.withAssetId(page, assets[2].id).hover();
       await expect(
-        thumbnailUtils.locator(page).locator('.absolute.top-0.h-full.w-full.bg-immich-primary.opacity-40'),
+        thumbnailUtils.locator(page).locator('.absolute.top-0.size-full.bg-immich-primary.opacity-40'),
       ).toHaveCount(3);
       await thumbnailUtils.selectButton(page, assets[2].id).click();
       await page.keyboard.up('Shift');
@@ -349,7 +349,7 @@ test.describe('Timeline', () => {
         expect(visibleMockAssetsYearMonths).toContain(month);
       }
     });
-    test('Deep link to last photo, scroll up', async ({ page }) => {
+    test.skip('Deep link to last photo, scroll up', async ({ page }) => {
       const lastAsset = assets.at(-1)!;
       await pageUtils.deepLinkPhotosPage(page, lastAsset.id);
 
@@ -361,7 +361,7 @@ test.describe('Timeline', () => {
 
       await thumbnailUtils.expectInViewport(page, '14e5901f-fd7f-40c0-b186-4d7e7fc67968');
     });
-    test('Deep link to first bucket, scroll down', async ({ page }) => {
+    test.skip('Deep link to first bucket, scroll down', async ({ page }) => {
       const lastAsset = assets.at(0)!;
       await pageUtils.deepLinkPhotosPage(page, lastAsset.id);
       await timelineUtils.locator(page).hover();
@@ -440,7 +440,7 @@ test.describe('Timeline', () => {
       await thumbnailUtils.expectInViewport(page, asset.id);
       await thumbnailUtils.expectSelectedDisabled(page, asset.id);
     });
-    test('Add photos to album', async ({ page }) => {
+    test.skip('Add photos to album', async ({ page }) => {
       const album = timelineRestData.album;
       await pageUtils.openAlbumPage(page, album.id);
       await page.locator('nav button[aria-label="Add photos"]').click();
@@ -752,7 +752,7 @@ test.describe('Timeline', () => {
       await page.getByText('Photos', { exact: true }).click();
       await thumbnailUtils.expectInViewport(page, assetToFavorite.id);
     });
-    test('open /favorites, archive photo, unarchive photo', async ({ page }) => {
+    test.skip('open /favorites, archive photo, unarchive photo', async ({ page }) => {
       await pageUtils.openFavorites(page);
       const assetToArchive = getAsset(timelineRestData, 'ad31e29f-2069-4574-b9a9-ad86523c92cb')!;
       await thumbnailUtils.withAssetId(page, assetToArchive.id).hover();

e2e/src/utils.ts

@@ -3,7 +3,6 @@ import {
   AssetMediaResponseDto,
   AssetResponseDto,
   AssetVisibility,
-  CheckExistingAssetsDto,
   CreateAlbumDto,
   CreateLibraryDto,
   JobCreateDto,
@@ -20,7 +19,6 @@ import {
   UserAdminCreateDto,
   UserPreferencesUpdateDto,
   ValidateLibraryDto,
-  checkExistingAssets,
   createAlbum,
   createApiKey,
   createJob,
@@ -32,6 +30,7 @@ import {
   createUserAdmin,
   deleteAssets,
   deleteDatabaseBackup,
+  deleteLibrary,
   getAssetInfo,
   getConfig,
   getConfigDefaults,
@@ -343,8 +342,6 @@ export const utils = {
     },
   ) => {
     const _dto = {
-      deviceAssetId: 'test-1',
-      deviceId: 'test',
       fileCreatedAt: new Date().toISOString(),
       fileModifiedAt: new Date().toISOString(),
       ...dto,
@@ -375,40 +372,6 @@ export const utils = {
     return body as AssetMediaResponseDto;
   },
 
-  replaceAsset: async (
-    accessToken: string,
-    assetId: string,
-    dto?: Partial<Omit<AssetMediaCreateDto, 'assetData'>> & { assetData?: FileData },
-  ) => {
-    const _dto = {
-      deviceAssetId: 'test-1',
-      deviceId: 'test',
-      fileCreatedAt: new Date().toISOString(),
-      fileModifiedAt: new Date().toISOString(),
-      ...dto,
-    };
-
-    const assetData = dto?.assetData?.bytes || makeRandomImage();
-    const filename = dto?.assetData?.filename || 'example.png';
-
-    if (dto?.assetData?.bytes) {
-      console.log(`Uploading ${filename}`);
-    }
-
-    const builder = request(app)
-      .put(`/assets/${assetId}/original`)
-      .attach('assetData', assetData, filename)
-      .set('Authorization', `Bearer ${accessToken}`);
-
-    for (const [key, value] of Object.entries(_dto)) {
-      void builder.field(key, String(value));
-    }
-
-    const { body } = await builder;
-
-    return body as AssetMediaResponseDto;
-  },
-
   createImageFile: (path: string) => {
     if (!existsSync(dirname(path))) {
       mkdirSync(dirname(path), { recursive: true });
@@ -450,9 +413,6 @@ export const utils = {
 
   getAssetInfo: (accessToken: string, id: string) => getAssetInfo({ id }, { headers: asBearerAuth(accessToken) }),
 
-  checkExistingAssets: (accessToken: string, checkExistingAssetsDto: CheckExistingAssetsDto) =>
-    checkExistingAssets({ checkExistingAssetsDto }, { headers: asBearerAuth(accessToken) }),
-
   searchAssets: async (accessToken: string, dto: MetadataSearchDto) => {
     return searchAssets({ metadataSearchDto: dto }, { headers: asBearerAuth(accessToken) });
   },
@@ -501,6 +461,8 @@ export const utils = {
   updateLibrary: (accessToken: string, id: string, dto: UpdateLibraryDto) =>
     updateLibrary({ id, updateLibraryDto: dto }, { headers: asBearerAuth(accessToken) }),
 
+  deleteLibrary: (accessToken: string, id: string) => deleteLibrary({ id }, { headers: asBearerAuth(accessToken) }),
+
   createPartner: (accessToken: string, id: string) =>
     createPartner({ partnerCreateDto: { sharedWithId: id } }, { headers: asBearerAuth(accessToken) }),
 
@@ -604,6 +566,10 @@ export const utils = {
     return executeCommand('docker', ['exec', 'immich-e2e-server', 'mv', source, dest]).promise;
   },
 
+  async mkdir(path: string) {
+    return executeCommand('docker', ['exec', 'immich-e2e-server', 'mkdir', '-p', path]).promise;
+  },
+
   createBackup: async (accessToken: string) => {
     await utils.createJob(accessToken, {
       name: ManualJobName.BackupDatabase,

i18n/ar.json

@@ -3,7 +3,7 @@
   "account": "حساب",
   "account_settings": "إعدادات الحساب",
   "acknowledge": "أُدرك ذلك",
-  "action": "عملية",
+  "action": "إجراء",
   "action_common_update": "تحديث",
   "action_description": "مجموعة من الفعاليات التي ستنفذ على الأصول التي تم تصفيتها",
   "actions": "عمليات",
@@ -61,8 +61,8 @@
     "backup_onboarding_1_description": "نسخة خارج الموقع في موقع آخر.",
     "backup_onboarding_2_description": "نسخ محلية على أجهزة مختلفة. يشمل ذلك الملفات الرئيسية ونسخة احتياطية محلية منها.",
     "backup_onboarding_3_description": "إجمالي نُسخ بياناتك، بما في ذلك الملفات الأصلية. يشمل ذلك نسخةً واحدةً خارج الموقع ونسختين محليتين.",
-    "backup_onboarding_description": "يُنصح باتباع <backblaze-link>استراتيجية النسخ الاحتياطي 3-2-1</backblaze-link> لحماية بياناتك. احتفظ بنسخ احتياطية من صورك/فيديوهاتك المحمّلة، بالإضافة إلى قاعدة بيانات Immich، لضمان حل نسخ احتياطي شامل.",
-    "backup_onboarding_footer": "لمزيد من المعلومات حول النسخ الاحتياطي لـ Immich، يرجى الرجوع إلى <link> التعليمات </link>.",
+    "backup_onboarding_description": "يُنصح باتباع <backblaze-link>استراتيجية النسخ الاحتياطي 3-2- 1</backblaze-link> لحماية بياناتك. احتفظ بنسخ احتياطية من صورك/فيديوهاتك المحمّلة، بالإضافة إلى قاعدة بيانات Immich، لضمان حل نسخ احتياطي شامل.",
+    "backup_onboarding_footer": "لمزيد من المعلومات حول النسخ الاحتياطي لـ <link>Immich</link>، يرجى الرجوع إلى <link>الوثائق</link>.",
     "backup_onboarding_parts_title": "يتضمن النسخ الاحتياطي 3-2-1 ما يلي:",
     "backup_onboarding_title": "النسخ الاحتياطية",
     "backup_settings": "إعدادات تفريغ قاعدة البيانات",
@@ -333,7 +333,7 @@
     "storage_template_migration_description": "قم بتطبيق القالب الحالي <link>{template}</link> على المحتويات التي تم رفعها سابقًا",
     "storage_template_migration_info": "تغييرات النموذج الخزني ستغير جميع الصيغ الى احرف صغيرة. تغييرات النموذج ستنطبق فقط على المحتويات الجديدة. لتطبيق النموذج على المحتويات التي تم رفعها سابقًا، قم بتشغيل <link>{job}</link>.",
     "storage_template_migration_job": "وظيفة تهجير قالب التخزين",
-    "storage_template_more_details": "لمزيد من التفاصيل حول هذه الميزة، يرجى الرجوع إلى <template-link>Storage Template</template-link> و<implications-link>implications</implications-link>",
+    "storage_template_more_details": "لمزيد من التفاصيل حول هذه الميزة، يرجى الرجوع إلى <template-link>Storage Template</template-link> و <implications-link>implications</implications-link>.",
     "storage_template_onboarding_description_v2": "عند التفعيل. هذه الخاصية ستقوم بالترتيب التلقائي للملفات بناء على نموذج معرف من قبل المستخدم. رجاء اطلع على <link>التوثيق</link>.",
     "storage_template_path_length": "الحد التقريبي لطول المسار: <b>{length, number}</b>/{limit, number}",
     "storage_template_settings": "قالب التخزين",
@@ -372,7 +372,7 @@
     "transcoding_audio_codec": "كود الصوت",
     "transcoding_audio_codec_description": "Opus هو الخيار ذو أعلى جودة، ولكنه يتمتع بتوافق أقل مع الأجهزة أو البرمجيات القديمة.",
     "transcoding_bitrate_description": "مقاطع الفيديو التي يتجاوز معدل البت أقصى قيمة أو التي لا تكون في تنسيق مقبول",
-    "transcoding_codecs_learn_more": "لمعرفة المزيد حول المصطلحات المستخدمة هنا، يرجى الرجوع إلى وثائق FFmpeg لل<h264-link>H.264 codec</h264-link>, <hevc-link>HEVC codec</hevc-link> and <vp9-link>VP9 codec</vp9-link>.",
+    "transcoding_codecs_learn_more": "لمعرفة المزيد حول المصطلحات المستخدمة هنا، يرجى الرجوع إلى وثائق FFmpeg لـ <h264-link>H.264 codec</h264-link>، و <hevc-link>HEVC codec</hevc-link> و <vp9-link>VP9 codec</vp9-link>.",
     "transcoding_constant_quality_mode": "وضع الجودة الثابتة",
     "transcoding_constant_quality_mode_description": "ICQ أفضل من CQP، ولكن بعض أجهزة عتاد التسريع لا تدعم هذا الوضع. تعيين هذا الخيار يسجعل الأفضلية للوضع المحدد عند استخدام الترميز بناءً على الجودة. يتم تجاهله بواسطة NVENC لأنه لا يدعم ICQ.",
     "transcoding_constant_rate_factor": "عامل معدل الجودة الثابت (-crf)",
@@ -2392,7 +2392,7 @@
   "view_name": "عرض",
   "view_next_asset": "عرض المحتوى التالي",
   "view_previous_asset": "عرض المحتوى السابق",
-  "view_qr_code": "­عرض رمز الاستجابة السريعة",
+  "view_qr_code": "عرض رمز الاستجابة السريعة",
   "view_similar_photos": "عرض صور مشابهة",
   "view_stack": "عرض التكديس",
   "view_user": "عرض المستخدم",
@@ -2411,14 +2411,14 @@
   "welcome_to_immich": "مرحباً بك في Immich",
   "width": "عُرض",
   "wifi_name": "اسم شبكة Wi-Fi",
-  "workflow_delete_prompt": "هل أنت متأكد من حذف سير العمل هذا؟",
+  "workflow_delete_prompt": "متأكد من حذف سير العمل هذا؟",
   "workflow_deleted": "تم حذف سير العمل",
   "workflow_description": "وصف سير العمل",
   "workflow_info": "معلومات سير العمل",
   "workflow_json": "ملف JSON لسير العمل",
   "workflow_json_help": "قم بتعديل إعدادات سير العمل بصيغة JSON. ستتم مزامنة التغييرات مع أداة الإنشاء المرئية.",
   "workflow_name": "اسم سير العمل",
-  "workflow_navigation_prompt": "هل انت متاكد من المغادرة بدون حفظ التغييرات؟",
+  "workflow_navigation_prompt": "متاكد من المغادرة بدون حفظ التغييرات؟",
   "workflow_summary": "ملخص سير العمل",
   "workflow_update_success": "تم تحديث سير العمل بنجاح",
   "workflow_updated": "تم تحديث سير العمل",

i18n/da.json

@@ -849,9 +849,12 @@
   "create_link_to_share": "Opret link for at dele",
   "create_link_to_share_description": "Tillad alle med linket at se de(t) valgte billede(r)",
   "create_new": "OPRET NY",
+  "create_new_face": "Opret nyt ansigt",
   "create_new_person": "Opret ny person",
   "create_new_person_hint": "Tildel valgte aktiver til en ny person",
   "create_new_user": "Opret ny bruger",
+  "create_person": "Opret person",
+  "create_person_subtitle": "Tilføj et navn til det valgte ansigt for at oprette og tagge den nye person",
   "create_shared_album_page_share_add_assets": "TILFØJ ELEMENT",
   "create_shared_album_page_share_select_photos": "Vælg Billeder",
   "create_shared_link": "Opret delt link",
@@ -892,6 +895,7 @@
   "day": "Dag",
   "days": "Dage",
   "deduplicate_all": "Dedubliker alle",
+  "default_locale": "Standard sprog",
   "default_locale_description": "Formatér datoer og tal baseret på din browsers landestandard",
   "delete": "Slet",
   "delete_action_confirmation_message": "Er du sikker på, at du vil slette dette objekt? Denne handling vil flytte objektet til serverens papirkurv, og vil spørge dig, om du vil slette den lokalt",
@@ -2213,6 +2217,7 @@
   "tag": "Tag",
   "tag_assets": "Tag mediefiler",
   "tag_created": "Oprettet tag: {tag}",
+  "tag_face": "Tag ansigt",
   "tag_feature_description": "Gennemse billeder og videoer grupperet efter logiske tag-emner",
   "tag_not_found_question": "Kan du ikke finde et tag? <link>Opret et nyt tag.</link>",
   "tag_people": "Tag personer",

i18n/de_CH.json

@@ -1,132 +1,132 @@
 {
   "about": "Über",
   "account": "Konto",
-  "account_settings": "Konto Istelligä",
-  "acknowledge": "Bestätige",
+  "account_settings": "Konto Einstellungen",
+  "acknowledge": "Bestätigä",
   "action": "Aktion",
   "action_common_update": "Update",
-  "action_description": "Es paar Aktione, wo a de gfilterete Assets usgführt wärde sölled",
-  "actions": "Aktione",
+  "action_description": "Aktionä, wo uf de gefilterti Mediä ausgführt werdä solled",
+  "actions": "Aktionen",
   "active": "Aktiv",
-  "active_count": "Aktivi: {count}",
+  "active_count": "Aktiv: {count}",
   "activity": "Aktivität",
-  "activity_changed": "Aktivität isch {enabled, select, true {aktiviert} other {deaktiviert}}",
-  "add": "Hinzuefüegä",
-  "add_a_description": "Beschriibig hinzuefüege",
-  "add_a_location": "Standort hinzuefüege",
-  "add_a_name": "Name hinzuefüege",
-  "add_a_title": "Titel hinzuefüege",
-  "add_action": "Aktion hinzuefüege",
-  "add_action_description": "Aklicke um en Aktion dure zfüehre",
-  "add_assets": "Assets hinzufüege",
-  "add_birthday": "Geburtstag hinzuefüege",
+  "activity_changed": "Aktivität ist {enabled, select, true {aktiviert} other {deaktiviert}}",
+  "add": "Hinzuefüge",
+  "add_a_description": "Beschreibung hinzufügen",
+  "add_a_location": "Standort hinzuefügä",
+  "add_a_name": "Namä hinzefügä",
+  "add_a_title": "Titel hinzufeügä",
+  "add_action": "Aktion hinzuefügä",
+  "add_action_description": "Klick do zum e Aktion hinzuefüge",
+  "add_assets": "Mediä hinzuefüge",
+  "add_birthday": "Geburtstag hinzuefüge",
   "add_endpoint": "Endpunkt hinzuefüge",
-  "add_exclusion_pattern": "Uuschlussmuster hinzuefüege",
-  "add_filter": "Filter hinzuefüge",
-  "add_filter_description": "Klicke, um e Filterbedingig hinzuezfüege",
-  "add_location": "Standort hinzuefüege",
-  "add_more_users": "Meh Benutzer hinzuefüege",
-  "add_partner": "Partner hinzuefüege",
-  "add_path": "Pfad hinzuefüege",
-  "add_photos": "Föteli hinzuefüege",
-  "add_tag": "Tag hinzuefüege",
-  "add_to": "Hinzuefüege zu …",
-  "add_to_album": "Zum Album hinzuefüege",
-  "add_to_album_bottom_sheet_added": "Zu {album} hinzuegfüegt",
-  "add_to_album_bottom_sheet_already_exists": "Scho in {album}",
-  "add_to_album_bottom_sheet_some_local_assets": "Es hend es paar lokali Dateie nöd chöne im Album hinzuegfüegt werde",
-  "add_to_album_toggle": "Uuswahl umschalte für {album}",
-  "add_to_albums": "Zu Albe hinzuefüege",
-  "add_to_albums_count": "Zu Albe hinzuefüege ({count})",
-  "add_to_bottom_bar": "Hinzuefüege zu",
-  "add_to_shared_album": "Zum teilte Album hinzuefüege",
-  "add_upload_to_stack": "Upload zum Stack hinzuefüege",
-  "add_url": "URL hinzuefüege",
-  "add_workflow_step": "Workflow-Schritt hinzuefüege",
-  "added_to_archive": "Is Archiv verschobe",
-  "added_to_favorites": "Zu dine Favoritä hinzuegfüegt",
-  "added_to_favorites_count": "{count, number} zu Favorite hinzuegfüegt",
+  "add_exclusion_pattern": "Ausschlussmuster hinzufügen",
+  "add_filter": "Filter hinzufügen",
+  "add_filter_description": "Klicke hier um eine Filterbedingung hinzuzufügen",
+  "add_location": "Standort hinzufügen",
+  "add_more_users": "Mehr Benutzer hinzufügen",
+  "add_partner": "Partner hinzufügen",
+  "add_path": "Pfad hinzufügen",
+  "add_photos": "Fotos hinzufügen",
+  "add_tag": "Tag hinzufügen",
+  "add_to": "Hinzufügen zu…",
+  "add_to_album": "Zu Album hinzufügen",
+  "add_to_album_bottom_sheet_added": "Zu {album} hinzugefügt",
+  "add_to_album_bottom_sheet_already_exists": "Bereits in {album}",
+  "add_to_album_bottom_sheet_some_local_assets": "Einige lokale Dateien konnten nicht zum Album hinzugefügt werden",
+  "add_to_album_toggle": "Auswahl umschalten für {album}",
+  "add_to_albums": "Zu Alben hinzufügen",
+  "add_to_albums_count": "Zu Alben hinzufügen ({count})",
+  "add_to_bottom_bar": "Hinzufügen zu",
+  "add_to_shared_album": "Zu geteiltem Album hinzufügen",
+  "add_upload_to_stack": "Upload zum Stapel hinzufügen",
+  "add_url": "URL hinzufügen",
+  "add_workflow_step": "Workflow-Schritt hinzufügen",
+  "added_to_archive": "Zum Archiv hinzugefügt",
+  "added_to_favorites": "Zu Favoriten hinzugefügt",
+  "added_to_favorites_count": "{count, number} zu Favoriten hinzugefügt",
   "admin": {
-    "add_exclusion_pattern_description": "Uusschlussmuster hinzuefüge. Platzhalter, wie *, **, und ? wärded understützt. Zum all Dateie i eim Verzeichnis namens „Raw\" ignoriere, „**/Raw/**“ verwände. Zum all Dateien ignorieren, wo uf „.tif“ änded, „**/*.tif“ verwände. Zum en absolute Pfad ignoriere, „/pfad/zum/ignoriere/**“ verwände.",
-    "admin_user": "Admin Benutzer",
-    "asset_offline_description": "Die Datei vonere externe Bibliothek isch nümme uf de Festplatte und isch in Papierchorb verschobe worde. Falls die Datei innerhalb vo de Bibliothek verschoben worde isch, überprüf dini Ziitleiste uf die neui entsprechendi Datei. Zum die Datei wiederherstelle, stell bitte sicher, dass Immich uf de unde stehendi Dateipfad chan zuegriife und scann d'Bibliothek.",
-    "authentication_settings": "Authentifizierigs Iistellige",
-    "authentication_settings_description": "Passwort, OAuth und anderi Authentifizierigseinstellige verwalte",
-    "authentication_settings_disable_all": "Bisch sicher, dass du alli Login-Methodä wotsch deaktivierä? S Login isch denn komplett deaktiviert.",
-    "authentication_settings_reenable": "Bruuch ein <link>Server-Befehl</link> zum reaktiviere.",
-    "background_task_job": "Hintergrund Ufgabä",
-    "backup_database": "Datenbank-Dump aalege",
-    "backup_database_enable_description": "Datenbank-Dumps aktiviere",
-    "backup_keep_last_amount": "Aazahl vo de vorherige Dumps, wo bhalte werde sölle",
-    "backup_onboarding_1_description": "Offsite-Kopie i dä Cloud oder amene andere physische Standort.",
-    "backup_onboarding_2_description": "Lokali Kopie uf verschiedene Grät. Das beinhaltet d Hauptdateie und e lokali Sicherig vo dene Dateie.",
-    "backup_onboarding_3_description": "Total aazahl vo dine Dateikopie, inklusiv d Originaldateie. Das beinhaltet 1 Offsite-Kopie und 2 lokali Kopie.",
-    "backup_onboarding_description": "E <backblaze-link>3-2-1-Backup-Strategie</backblaze-link> wird empfohle, zum dini Dateie z schütze. Du söttsch sowohl Kopie vo dine ufgeladene Fotos/Videos wie au d Immich-Datenbank bhalte, für e rundum sauberi Backup-Lösig.",
-    "backup_onboarding_footer": "Für meh Infos zum Backup vo Immich lueg bitte i d <link>Dokumentation</link>.",
-    "backup_onboarding_parts_title": "Es 3-2-1-Backup beinhaltet:",
+    "add_exclusion_pattern_description": "Ausschlussmuster hinzufügen. Platzhalter, wie *, **, und ? werden unterstützt. Um alle Dateien in einem Verzeichnis namens „Raw“ zu ignorieren, „**/Raw/**“ verwenden. Um alle Dateien zu ignorieren, die auf „.tif“ enden, „**/*.tif“ verwenden. Um einen absoluten Pfad zu ignorieren, „/pfad/zum/ignorieren/**“ verwenden.",
+    "admin_user": "Administrator",
+    "asset_offline_description": "Diese Datei einer externen Bibliothek befindet sich nicht mehr auf der Festplatte und wurde in den Papierkorb verschoben. Falls die Datei innerhalb der Bibliothek verschoben wurde, überprüfe deine Zeitleiste auf die neue entsprechende Datei. Um diese Datei wiederherzustellen, stelle bitte sicher, dass Immich auf den unten stehenden Dateipfad zugreifen kann und scanne die Bibliothek.",
+    "authentication_settings": "Authentifizierungseinstellungen",
+    "authentication_settings_description": "Passwort-, OAuth- und andere Authentifizierungseinstellungen verwalten",
+    "authentication_settings_disable_all": "Bist du sicher, dass du alle Loginmethoden deaktivieren willst? Die Anmeldung wird vollständig deaktiviert.",
+    "authentication_settings_reenable": "Nutze einen <link>Server-Befehl</link> zur Reaktivierung.",
+    "background_task_job": "Hintergrundaufgaben",
+    "backup_database": "Datenbanksicherung erstellen",
+    "backup_database_enable_description": "Datenbank regelmässig sichern",
+    "backup_keep_last_amount": "Anzahl der aufzubewahrenden früheren Sicherungen",
+    "backup_onboarding_1_description": "Offsite-Kopie in der Cloud oder an einem anderen physischen Ort.",
+    "backup_onboarding_2_description": "lokale Kopien auf verschiedenen Geräten. Dazu gehören die Hauptdateien und eine lokale Sicherung dieser Dateien.",
+    "backup_onboarding_3_description": "Kopien deiner Daten inklusive Originaldateien. Dies umfasst 1 Kopie an einem anderen Ort und 2 lokale Kopien.",
+    "backup_onboarding_description": "Eine <backblaze-link>3-2-1 Sicherungsstrategie</backblaze-link> wird empfohlen, um deine Daten zu schützen. Du solltest sowohl Kopien deiner hochgeladenen Fotos/Videos als auch der Immich-Datenbank aufbewahren, um eine umfassende Sicherungslösung zu haben.",
+    "backup_onboarding_footer": "Weitere Informationen zum Sichern von Immich findest du in der <link>Dokumentation</link>.",
+    "backup_onboarding_parts_title": "Eine 3-2-1-Sicherung umfasst:",
     "backup_onboarding_title": "Backups",
-    "backup_settings": "Iistellige für Datenbank-Dumps",
-    "backup_settings_description": "Datenbank-Dump-Iistellige verwalte.",
-    "cleared_jobs": "Jobs glöscht für: {job}",
-    "config_set_by_file": "D Konfiguration isch aktuell dur e Konfigurationsdatei gsetzt",
-    "confirm_delete_library": "Bisch sicher, dass du d Bibliothek {library} wotsch lösche?",
-    "confirm_delete_library_assets": "Bisch sicher, dass du die Bibliothek wotsch lösche? Das löscht {count, plural, one {# enthaltenes Asset} other {alli # enthaltene Assets}} us Immich und chan nöd rückgängig gmacht werde. D Dateie bliibed uf em Dateträger.",
-    "confirm_email_below": "Zum bestätige bitte \"{email}\" une iitippe",
-    "confirm_reprocess_all_faces": "Bisch sicher, dass du alli Gsichter neu verarbeite wotsch? Däbii werde au benannti Persone glöscht.",
-    "confirm_user_password_reset": "Bisch sicher, dass du s Passwort für {user} möchtisch zruggsetze?",
-    "confirm_user_pin_code_reset": "Bisch sicher, dass du de PIN-Code vo {user} möchtisch zruggsetze?",
-    "copy_config_to_clipboard_description": "Kopier die aktuelli Systemkonfiguration als JSON-Objekt i d'Zwüschenablage",
-    "create_job": "Uufgabe erstelle",
-    "cron_expression": "Cron-Ziitagabe",
-    "cron_expression_description": "Setz s Scanintervall im Cron-Format. Hilf mit däm Format bütet z. B. der <link>Crontab Guru</link>",
-    "cron_expression_presets": "Vorlage für Cron-Uusdruck",
-    "disable_login": "Login deaktiviere",
-    "duplicate_detection_job_description": "Die Uufgab füehrt s maschinelle Lärne für jedi Datei us, zum Duplikat finde. Die Uufgabe berueht uf de intelligente Suechi",
-    "exclusion_pattern_description": "Mit Uusschlussmuster chönnd Dateie und Ordner bim Scanne vo dinere Bibliothek ignoriert wärde. Das isch nützlich, wenn du Ordner häsch, wo Dateien drin händ, wo d nöd wotsch importiere, wie z. B. RAW-Dateie.",
-    "export_config_as_json_description": "Lad die aktuelli Systemkonfiguration als JSON-Datei abe",
-    "external_libraries_page_description": "Externi Bibliothekssiite für Administratore",
-    "face_detection": "Gsichtserkennig",
-    "face_detection_description": "Die Uufgab erfasst Gsichter in Dateien dur maschinells Lerne. Bi Video wird nur d'Miniaturasicht brucht. „Aktualisiere“ verarbeitet all Dateie neu. „Zruggsetze“ setzt au no all Gsichter zrugg. „Fehlendi“ stellt nur nöd verarbeiteti Dateie in d'Warteschlange. Erfassti Gsichter wärdet zur Gsichtsidentifizierig in diWarteschlange gstellt, damit sie i bestehendi oder neui Persone z'gruppiere.",
-    "facial_recognition_job_description": "Die Uufgabe gruppiert im Anschluss an d'Gsichtserfassig die erfasste Gsichter zu Persone. „Zruggsetze“ gruppiert alli Gsichter neu und mit „Fehlendi“ werdet Gsichter ohni Zuordnig i d'Warteschlange gstellt.",
-    "failed_job_command": "Befehl {command} hät für d'Uufgabe {job} nöd funktioniert",
-    "force_delete_user_warning": "WARNIG: Die Aktion löscht dä Benutzer und all sini Dateie. Das chann nöd rückgängig gmacht wärde und d'Dateie chönnd nöd wiederhergstellt wärde.",
+    "backup_settings": "Einstellungen für Datenbanksicherung",
+    "backup_settings_description": "Einstellungen zur regelmässigen Sicherung der Datenbank.",
+    "cleared_jobs": "Folgende Aufgaben zurückgesetzt: {job}",
+    "config_set_by_file": "Die Konfiguration ist aktuell durch eine Konfigurationsdatei gsetzt",
+    "confirm_delete_library": "Bist du sicher, dass du die Bibliothek {library} löschen willst?",
+    "confirm_delete_library_assets": "Bist du sicher, dass du diese Bibliothek löschen willst? Dies löscht {count, plural, one {# enthaltene Datei} other {alle # enthaltenen Dateien}} aus Immich und kann nicht rückgängig gemacht werden. Die Dateien bleiben auf der Festplatte erhalten.",
+    "confirm_email_below": "Zum Bestätigen, tippe unten \"{email}\" ein",
+    "confirm_reprocess_all_faces": "Bist du sicher, dass du alle Gesichter erneut verarbeiten möchtest? Dies löscht auch alle bereits benannten Personen.",
+    "confirm_user_password_reset": "Bist du sicher, dass du das Passwort für {user} zurücksetzen möchtest?",
+    "confirm_user_pin_code_reset": "Bist du sicher, dass du den PIN-Code von {user} zurücksetzen möchtest?",
+    "copy_config_to_clipboard_description": "Aktuelle Systemkonfiguration als JSON-Objekt in die Zwischenablage kopieren",
+    "create_job": "Aufgabe erstellen",
+    "cron_expression": "Cron-Ausdruck",
+    "cron_expression_description": "Setze das Scanintervall im Cron-Format. Für mehr Informationen, siehe z. B. <link>Crontab Guru</link>",
+    "cron_expression_presets": "Vorlagen für Cron-Ausdrücke",
+    "disable_login": "Login deaktivieren",
+    "duplicate_detection_job_description": "Verwendet maschinelles Lernen auf den Dateien, um Duplikate zu finden. Baut auf der intelligenten Suche auf",
+    "exclusion_pattern_description": "Mit Ausschlussmustern können Dateien und Ordner beim Scannen deiner Bibliothek ignoriert werden. Dies ist nützlich, wenn du Ordner hast, die Dateien enthalten, die du nicht importieren möchtest, wie z. B. RAW-Dateien.",
+    "export_config_as_json_description": "Aktuelle Systemkonfiguration als JSON-Datei herunterladen",
+    "external_libraries_page_description": "Externe Bibliotheksseite für Administratoren",
+    "face_detection": "Gesichtserkennung",
+    "face_detection_description": "Diese Aufgabe erkennt mit maschinellem Lernen Gesichter in Dateien. Bei Videos wird nur das Vorschaubild verwendet. „Aktualisieren“ verarbeitet alle Dateien neu. „Zurücksetzen“ setzt zusätzlich alle Gesichter zurück. „Fehlende“ fügt nur nicht verarbeitete Dateien in die Warteschlange ein. Erfasste Gesichter werden zur Gesichtsidentifizierung in die Warteschlange eingefügt, um sie in bestehende oder neue Personen zu gruppieren.",
+    "facial_recognition_job_description": "Diese Aufgabe gruppiert im Anschluss an die Gesichtserkennung die erkannten Gesichter zu Personen. „Zurücksetzen“ gruppiert alle Gesichter neu, während „Fehlende“ Gesichter ohne Zuordnung in die Warteschlange stellt.",
+    "failed_job_command": "Befehl {command} ist für Aufgabe {job} fehlgeschlagen",
+    "force_delete_user_warning": "WARNUNG: Diese Aktion löscht sofort den Benutzer und all seine Dateien. Dies kann nicht rückgängig gemacht werden und die Dateien können nicht wiederhergestellt werden.",
     "image_format": "Format",
-    "image_format_description": "WebP erzeugt chlineri Dateie we JPEG, isch aber es bitz langsamer i de Erstellig.",
-    "image_fullsize_description": "Hochuflösends Bild mit glöschte Metadate, wo bim Zoome brucht wird",
-    "image_fullsize_enabled": "Hochuflösendi Vorschaubilder aktiviere",
-    "image_fullsize_enabled_description": "Generiere hochauflösende Vorschaubilder in Originalauflösung für nicht web-kompatibel Formate. Wenn \"Eingebettete Vorschau bevorzugen\" aktiviert ist, werden eingebettete Vorschaubilder direkt verwendet. Hat keinen Einfluss auf web-kompatible Formate wie JPEG.",
+    "image_format_description": "WebP erzeugt kleinere Dateien als JPEG, ist aber etwas langsamer in der Erstellung.",
+    "image_fullsize_description": "Hochauflösendes Bild mit entfernten Metadaten, das beim Zoomen verwendet wird",
+    "image_fullsize_enabled": "Hochauflösende Vorschaubilder aktivieren",
+    "image_fullsize_enabled_description": "Generiere Vorschaubilder in Originalauflösung für nicht web-kompatible Formate. Wenn \"Eingebettete Vorschau bevorzugen\" aktiviert ist, werden eingebettete Vorschaubilder direkt verwendet. Hat keinen Einfluss auf web-kompatible Formate wie JPEG.",
     "image_fullsize_quality_description": "Qualität der hochauflösenden Vorschaubilder von 1-100. Höher ist besser, erzeugt aber grössere Dateien.",
     "image_fullsize_title": "Hochauflösende Vorschaueinstellungen",
     "image_prefer_embedded_preview": "Eingebettete Vorschau bevorzugen",
     "image_prefer_embedded_preview_setting_description": "Verwende eingebettete Vorschaubilder in RAW-Fotos als Grundlage für die Bildverarbeitung, sofern diese zur Verfügung stehen. Dies kann bei einigen Bildern genauere Farben erzeugen, allerdings ist die Qualität der Vorschau kameraabhängig und das Bild kann mehr Kompressionsartefakte aufweisen.",
     "image_prefer_wide_gamut": "Breites Spektrum bevorzugen",
-    "image_prefer_wide_gamut_setting_description": "Bruuch Display P3 für Vorschaubildli. Das erhaltet d'Vitalität von Bildli mit grossem Farbruum besser. Uf alte Grät mit alte Browser chann das aber andersch uusgseh. sRGB-Bildli wärdet als sRGB bhalte zum Farbänderige vermiide.",
-    "image_preview_description": "Mittelgrossi Bildli ohni Metadate, bruuchts für Einzelaasichte und fürs maschinelle Lärne",
-    "image_preview_quality_description": "Vorschauqualität vo 1-100. Höcher isch besser, git aber grösseri Dateie und chan d'App Schwuppdizität reduziere. Z tüffi Wert chönnd s maschinelle Lärne beiträchtige.",
-    "image_preview_title": "Vorschauiistellige",
+    "image_prefer_wide_gamut_setting_description": "Display P3 (DCI-P3) für Vorschaubilder verwenden. Dadurch bleibt die Lebendigkeit von Bildern mit breiten Farbräumen besser erhalten, aber die Bilder können auf älteren Geräten mit einer älteren Browserversion etwas anders aussehen. sRGB-Bilder werden im sRGB-Format belassen, um Farbverschiebungen zu vermeiden.",
+    "image_preview_description": "Mittelgrosses Bild mit entfernten Metadaten, das bei der Betrachtung einer einzelnen Datei und für maschinelles Lernen verwendet wird",
+    "image_preview_quality_description": "Vorschauqualität von 1-100. Ein höherer Wert ist besser, erzeugt dadurch aber grössere Dateien und kann die Reaktionsfähigkeit der App beeinträchtigen. Ein niedriger Wert kann dafür aber die Qualität des maschinellen Lernens beeinträchtigen.",
+    "image_preview_title": "Vorschaueinstellungen",
     "image_progressive": "Fortlaufend",
-    "image_progressive_description": "Codier fortlaufendi JPEG-Bildi: Sie wärdet bim Lade aufbauend aazeiget. Das hät kei Würkig uf WebP-Bildi.",
+    "image_progressive_description": "JPEG-Bilder schrittweise kodieren, um ein stufenweises Laden zu ermöglichen. Dies hat keine Auswirkungen auf WebP-Bilder.",
     "image_quality": "Qualität",
-    "image_resolution": "Uuflösig",
-    "image_resolution_description": "Höcheri Uuflösig erhaltet meh Detail, gaht aber länger zum codiere, macht grösseri Dateie und chan d'App Schuppdizität reduziere.",
-    "image_settings": "Bild-Iistellige",
-    "image_settings_description": "Qualität und Uuflösig von erstellte Bildli verwalte",
-    "image_thumbnail_description": "Chlini Vorschaubildli ohni Metadate, bruuchts für Aasichte mit Gruppe vo Föteli wie i de Hauptziitachse",
-    "image_thumbnail_quality_description": "Vorschauqualität vo 1-100. Höcher isch besser, git aber grösseri Dateie und chan d'App Schwuppdizität reduziere.",
-    "image_thumbnail_title": "Iistellige für Vorschaubildli",
-    "import_config_from_json_description": "Systemkonfiguration importiere durs Ufelade vonere JSON-Datei",
-    "job_concurrency": "{job} Näbeläufigkeit",
-    "job_created": "Uufgab erstellt",
-    "job_not_concurrency_safe": "Die Uufgabe ist nöd für Paralleluusführig gmacht.",
-    "job_settings": "Uufgabe-Iistellige",
-    "job_settings_description": "Uufgabe-Näbeläufigkeit verwalte",
-    "jobs_over_time": "Uufgabe in ziitliche Verlauf",
+    "image_resolution": "Auflösung",
+    "image_resolution_description": "Höhere Auflösungen können mehr Details erhalten, benötigen aber mehr Zeit für die Kodierung, haben grössere Dateigrössen und können die Reaktionsfähigkeit der App beeinträchtigen.",
+    "image_settings": "Bildeinstellungen",
+    "image_settings_description": "Qualität und Auflösung der generierten Bilder verwalten",
+    "image_thumbnail_description": "Kleines Vorschaubild mit entfernten Metadaten, die bei der Anzeige von Sammlungen von Fotos wie der Zeitleiste verwendet wird",
+    "image_thumbnail_quality_description": "Qualität der Vorschaubilder von 1-100. Höher ist besser, erzeugt aber grössere Dateien und kann die Reaktionsfähigkeit der App beeinträchtigen.",
+    "image_thumbnail_title": "Einstellungen für Vorschaubilder",
+    "import_config_from_json_description": "Systemkonfiguration von hochgeladener JSON-Konfigurationsdatei importieren",
+    "job_concurrency": "{job} (Anzahl gleichzeitig laufende Prozesse)",
+    "job_created": "Aufgabe erstellt",
+    "job_not_concurrency_safe": "Diese Aufgabe kann nicht mehrmals parallel laufen gelassen werden.",
+    "job_settings": "Aufgabeneinstellungen",
+    "job_settings_description": "Gleichzeitige Ausführung von Aufgaben verwalten",
+    "jobs_over_time": "Jobs im Laufe der Zeit",
     "library_created": "Bibliothek erstellt: {library}",
-    "library_deleted": "Bibliothek glöscht",
-    "library_details": "Bibliotheks-Details",
-    "library_folder_description": "Gib en Order zum Importiere a. Dä Order mit sine Underordner wird nach Bildli und Videos durchsucht.",
-    "library_remove_exclusion_pattern_prompt": "Bisch sicher, dass das Uuschluss-Muster wotsch lösche?",
-    "library_remove_folder_prompt": "Bisch sicher, dass dä Import-Ordner wotsch lösche?",
-    "library_scanning": "Regelmässigi Überprüefig"
+    "library_deleted": "Bibliothek gelöscht",
+    "library_details": "Bibliotheksdetails",
+    "library_folder_description": "Wähle einen Ordner zum Importieren. Dieser Ordner wird inklusive Unterordnern nach Bildern und Videos durchsucht.",
+    "library_remove_exclusion_pattern_prompt": "Bilst du sicher, dass du dieses Ausschlussmuster entfernen möchtest?",
+    "library_remove_folder_prompt": "Bist du sicher, dass du diesen Import-Ordner entfernen möchtest?",
+    "library_scanning": "Regelmässiges Scannen"
   }
 }

i18n/en.json

@@ -267,6 +267,8 @@
     "notification_enable_email_notifications": "Enable email notifications",
     "notification_settings": "Notification Settings",
     "notification_settings_description": "Manage notification settings, including email",
+    "oauth_allow_insecure_requests": "Allow insecure requests",
+    "oauth_allow_insecure_requests_description": "WARNING: This disables TLS certificate validation for OAuth requests and may expose you to MITM attacks.",
     "oauth_auto_launch": "Auto launch",
     "oauth_auto_launch_description": "Start the OAuth login flow automatically upon navigating to the login page",
     "oauth_auto_register": "Auto register",
@@ -274,9 +276,11 @@
     "oauth_button_text": "Button text",
     "oauth_client_secret_description": "Required for confidential client, or if PKCE (Proof Key for Code Exchange) is not supported for public client.",
     "oauth_enable_description": "Login with OAuth",
+    "oauth_end_session_url_description": "Redirect the user to this URI when they log out.",
     "oauth_mobile_redirect_uri": "Mobile redirect URI",
     "oauth_mobile_redirect_uri_override": "Mobile redirect URI override",
     "oauth_mobile_redirect_uri_override_description": "Enable when OAuth provider does not allow a mobile URI, like ''{callback}''",
+    "oauth_prompt_description": "Prompt parameter (e.g. select_account, login, consent)",
     "oauth_role_claim": "Role Claim",
     "oauth_role_claim_description": "Automatically grant admin access based on the presence of this claim. The claim may have either 'user' or 'admin'.",
     "oauth_settings": "OAuth",
@@ -1236,6 +1240,7 @@
   "free_up_space_description": "Move backed-up photos and videos to your device's trash to free up space. Your copies on the server remain safe.",
   "free_up_space_settings_subtitle": "Free up device storage",
   "full_path": "Full path: {path}",
+  "full_path_or_folder": "Full path or folder",
   "gcast_enabled": "Google Cast",
   "gcast_enabled_description": "This feature loads external resources from Google in order to work.",
   "general": "General",
@@ -1392,6 +1397,7 @@
   "light_theme": "Switch to light theme",
   "like": "Like",
   "like_deleted": "Like deleted",
+  "link": "Link",
   "link_motion_video": "Link motion video",
   "link_to_docs": "For more information, refer to the <link>documentation</link>.",
   "link_to_oauth": "Link to OAuth",
@@ -1518,6 +1524,38 @@
   "marked_all_as_read": "Marked all as read",
   "matches": "Matches",
   "matching_assets": "Matching Assets",
+  "media_chrome": {
+    "auto": "Auto",
+    "captions": "Captions",
+    "captions_off": "Off",
+    "closed_captions": "closed captions",
+    "decode_error": "Decode error",
+    "disable_captions": "Disable captions",
+    "enable_captions": "Enable captions",
+    "enter_fullscreen_mode": "Enter fullscreen mode",
+    "exit_fullscreen_mode": "Exit fullscreen mode",
+    "loop": "Loop",
+    "media_error_description": "A media error caused playback to be aborted. The media could be corrupt or your browser does not support this format.",
+    "media_loading": "media loading",
+    "mute": "Mute",
+    "network_error": "Network error",
+    "network_error_description": "A network error caused the media download to fail.",
+    "not_supported_error": "Source Not Supported",
+    "playback_rate": "Playback rate",
+    "playback_rate_current": "current playback rate",
+    "playback_rate_value": "Playback rate {playbackRate}",
+    "playback_time": "playback time",
+    "quality": "Quality",
+    "second": "second",
+    "seconds": "seconds",
+    "time_value_of_total_time": "{currentTime} of {totalTime}",
+    "time_value_remaining": "{time} remaining",
+    "unmute": "Unmute",
+    "unsupported_error_description": "An unsupported error occurred. The server or network failed, or your browser does not support this format.",
+    "video_not_loaded_unknown_time": "video not loaded, unknown time.",
+    "video_player": "video player",
+    "volume": "volume"
+  },
   "media_type": "Media type",
   "memories": "Memories",
   "memories_all_caught_up": "All caught up",
@@ -1562,6 +1600,8 @@
   "multiselect_grid_edit_gps_err_read_only": "Cannot edit location of read only asset(s), skipping",
   "mute_memories": "Mute Memories",
   "my_albums": "My albums",
+  "my_immich_description": "Copy current page as a My Immich link",
+  "my_immich_title": "My Immich link",
   "name": "Name",
   "name_or_nickname": "Name or nickname",
   "name_required": "Name is required",
@@ -1926,6 +1966,8 @@
   "scan_settings": "Scan Settings",
   "scanning": "Scanning",
   "scanning_for_album": "Scanning for album...",
+  "screencast_mode_description": "Show keyboard and mouse event indicators on the screen",
+  "screencast_mode_title": "Toggle screencast mode",
   "search": "Search",
   "search_albums": "Search albums",
   "search_by_context": "Search by context",
@@ -1933,6 +1975,8 @@
   "search_by_description_example": "Hiking day in Sapa",
   "search_by_filename": "Search by file name or extension",
   "search_by_filename_example": "i.e. IMG_1234.JPG or PNG",
+  "search_by_full_path": "Search by full path or folder",
+  "search_by_full_path_example": "/John/Projects/3D_Printing/2026-07-01 - you can search for Projects, 3D, Printing, 2026 etc.",
   "search_by_ocr": "Search by OCR",
   "search_by_ocr_example": "Latte",
   "search_camera_lens_model": "Search lens model...",
@@ -2214,6 +2258,8 @@
   "sync_status": "Sync Status",
   "sync_status_subtitle": "View and manage the sync system",
   "sync_upload_album_setting_subtitle": "Create and upload your photos and videos to the selected albums on Immich",
+  "system_theme": "System theme",
+  "system_theme_command_description": "Use the system theme ({value})",
   "tag": "Tag",
   "tag_assets": "Tag assets",
   "tag_created": "Created tag: {tag}",
@@ -2425,6 +2471,7 @@
   "workflows": "Workflows",
   "workflows_help_text": "Workflows automate actions on your assets based on triggers and filters",
   "wrong_pin_code": "Wrong PIN code",
+  "x_of_total": "{x}/{total}",
   "year": "Year",
   "years_ago": "{years, plural, one {# year} other {# years}} ago",
   "yes": "Yes",

i18n/eo.json

@@ -849,9 +849,12 @@
   "create_link_to_share": "Krei ligilon por dividi",
   "create_link_to_share_description": "Permesi, ke iu ajn kun la ligilo povu vidi la elektita(j)n foto(j)n",
   "create_new": "KREI NOVAN",
+  "create_new_face": "Krei novan vizaĝon",
   "create_new_person": "Krei novan homon",
   "create_new_person_hint": "Atribui elektitajn elementojn al nova homo",
   "create_new_user": "Krei novan uzanton",
+  "create_person": "Krei homon",
+  "create_person_subtitle": "Aldoni nomon al la elektita vizaĝo por krei kaj etikedi novan homon",
   "create_shared_album_page_share_add_assets": "ALDONI ELEMENTOJN",
   "create_shared_album_page_share_select_photos": "Elekti fotojn",
   "create_shared_link": "Krei dividitan ligilon",
@@ -1043,7 +1046,7 @@
     "cannot_navigate_previous_asset": "Ne eblas navigi al antaŭa elemento",
     "cant_apply_changes": "Ne eblas apliki ŝanĝojn",
     "cant_change_activity": "Ne eblas {enabled, select, true {malŝalti} other {ŝalti}} tiun agon",
-    "cant_change_asset_favorite": "Ne eblas ŝanĝi preferaton por tiu elemento",
+    "cant_change_asset_favorite": "Ne eblas ŝanĝi preferon por tiu elemento",
     "cant_change_metadata_assets_count": "Ne eblas ŝanĝi metadatumojn de {count, plural, one {# elemento} other {# elementoj}}",
     "cant_get_faces": "Ne eblas trovi vizaĝojn",
     "cant_get_number_of_comments": "Ne eblas trovi nombron da komentoj",
@@ -1074,7 +1077,18 @@
     "incorrect_email_or_password": "Neĝusta retadreso aŭ pasvorto",
     "library_folder_already_exists": "Tiu ĉi import-vojo jam ekzistas.",
     "page_not_found": "Paĝo ne trovita",
+    "paths_validation_failed": "Evidentiĝis, ke {paths, plural, one {# vojo estas nevalida} other {# vojoj estas nevalidaj}}",
+    "profile_picture_transparent_pixels": "Ne eblas havi travideblaj bilderoj en profilbildo. Bonvolu zomi kaj/aŭ ŝovi la bildon al loko sen tiaj bilderoj.",
+    "quota_higher_than_disk_size": "Vi donis kvoton pli grandan ol la disko mem",
+    "something_went_wrong": "Io misis",
+    "unable_to_add_album_users": "Ne eblas aldoni uzantojn al la albumo",
+    "unable_to_add_assets_to_shared_link": "Ne eblas aldoni elementojn al la dividita ligilo",
+    "unable_to_add_comment": "Ne eblas aldoni komenton",
     "unable_to_add_exclusion_pattern": "Ne eblas aldoni skemon de ekskludo",
+    "unable_to_add_partners": "Ne eblas aldoni partnerojn",
+    "unable_to_add_remove_archive": "Ne eblas {archived, select, true {forigi elementon de} other {aldoni elementon al}} la arĥivo",
+    "unable_to_add_remove_favorites": "Ne eblas {favorite, select, true {aldoni elementon al} other {forigi elementon de}} preferataĵoj",
+    "unable_to_change_favorite": "Ne eblas ŝanĝi preferon por tiu elemento",
     "unable_to_create": "Ne eblis krei laborfluon",
     "unable_to_delete_exclusion_pattern": "Ne eblas forigi skemon de ekskludo",
     "unable_to_delete_workflow": "Ne eblis forigi laborfluon",
@@ -1088,15 +1102,25 @@
   "expand_all": "Etendi ĉiujn",
   "explore": "Esplori",
   "explorer": "Foliumilo",
+  "favorite": "Preferataĵo",
+  "favorite_action_prompt": "{count} aldonita(j) al Preferataĵoj",
+  "favorite_or_unfavorite_photo": "Aldoni/forigi foton al/de preferataĵoj",
+  "favorites": "Preferataĵoj",
+  "favorites_page_no_favorites": "Neniuj preferataj elementoj trovitaj",
   "free_up_space": "Liberigi spacon",
   "free_up_space_description": "Vi forigos fotojn kaj/aŭ videojn, kiuj havas savkopiojn en la servilo, por liberigi spacon en via aparato. La kopioj en la servilo restos.",
   "general": "Ĝeneralaj",
+  "home_page_favorite_err_local": "Ankoraŭ ne eblas aldoni lokajn elementojn al Preferataĵoj; ignorita(j)",
+  "home_page_favorite_err_partner": "Ankoraŭ ne eblas aldoni elementojn de partnero al Preferataĵoj; ignorita(j)",
+  "keep_favorites": "Konservi preferataĵojn",
   "manage_media_access_settings": "Malfermi agordaĵaron",
   "manage_the_app_settings": "Agordi la apon",
+  "map_settings_only_show_favorites": "Montri nur preferataĵojn",
   "missing": "Netraktitaj",
   "networking_subtitle": "Administri agordojn pri finpunktoj de la servilo",
   "no_devices": "Neniuj aprobitaj aparatoj",
   "no_explore_results_message": "Alŝutu pli da fotoj por esplori vian kolekton.",
+  "no_favorites_message": "Aldoni al Preferataĵoj por rapide retrovi viajn plej bonajn bildojn kaj videojn",
   "no_notifications": "Neniuj sciigoj",
   "no_results_description": "Provu sinonimon aŭ pli ĝeneralan ŝlosilvorton",
   "notification_permission_dialog_content": "Por ŝalti sciigojn, iru al Agordoj kaj elektu 'permesi'.",
@@ -1106,10 +1130,14 @@
   "notification_toggle_setting_description": "Ŝalti sciigojn per retmesaĝo",
   "notifications": "Sciigoj",
   "notifications_setting_description": "Administri sciigojn",
+  "only_favorites": "Nur preferataĵoj",
   "preferences_settings_subtitle": "Administri agordojn pri la apo",
   "purchase_settings_server_activated": "La administranto respondecas pri la ŝlosilo de aŭtentikeco por la servilo",
   "rating_clear": "Forviŝi pritakson",
   "refresh": "Denove",
+  "remove_from_favorites": "Forigi el preferataĵoj",
+  "removed_from_favorites": "Forigita(j) el preferataĵoj",
+  "removed_from_favorites_count": "{count, plural, other {Forigis #}} el Preferataĵoj",
   "rescan": "Reanalizi",
   "reset": "Restartigi",
   "reset_sqlite_clear_app_data": "Forviŝi datumojn",
@@ -1127,7 +1155,10 @@
   "setting_notifications_subtitle": "Redakti viajn preferojn pri sciigoj",
   "start_date": "Komenca dato",
   "start_date_before_end_date": "Komenca dato devas esti antaŭ fina dato",
+  "to_favorite": "Aldoni al preferataĵoj",
   "trigger_description": "Evento, kiu ekfunkciigas la laborfluon",
+  "unfavorite": "Forigi el preferataĵoj",
+  "unfavorite_action_prompt": "{count} forigita(j) el Preferataĵoj",
   "untitled_workflow": "Sentitola laborfluo",
   "upload_concurrency": "Nombro da samtempaj alŝutoj",
   "user_pin_code_settings_description": "Administri vian PIN-kodon",

i18n/hr.json

@@ -845,9 +845,12 @@
   "create_link_to_share": "Izradite vezu za dijeljenje",
   "create_link_to_share_description": "Dopusti svakome s vezom da vidi odabrane fotografije",
   "create_new": "KREIRAJ NOVO",
+  "create_new_face": "Stvori novo lice",
   "create_new_person": "Stvorite novu osobu",
   "create_new_person_hint": "Dodijelite odabrane stavke novoj osobi",
   "create_new_user": "Kreiraj novog korisnika",
+  "create_person": "Stvori novu osobu",
+  "create_person_subtitle": "Dodaj ime odabranom licu kako bi stvorio i tagirao novu osobu",
   "create_shared_album_page_share_add_assets": "DODAJ STAVKE",
   "create_shared_album_page_share_select_photos": "Odaberi fotografije",
   "create_shared_link": "Kreiraj dijeljeni link",
@@ -922,6 +925,7 @@
   "deselect_all": "Poništi odabir svih",
   "details": "Detalji",
   "direction": "Smjer",
+  "disable": "Onesposobi",
   "disabled": "Onemogućeno",
   "disallow_edits": "Zabrani izmjene",
   "discord": "Discord",
@@ -947,6 +951,7 @@
   "download_include_embedded_motion_videos": "Ugrađeni videozapisi",
   "download_include_embedded_motion_videos_description": "Uključite videozapise ugrađene u fotografije s pokretom kao zasebnu datoteku",
   "download_notfound": "Preuzimanje nije pronađeno",
+  "download_original": "Preuzmi original",
   "download_paused": "Preuzimanje pauzirano",
   "download_settings": "Preuzmi",
   "download_settings_description": "Upravljajte postavkama vezanim uz preuzimanje stavki",
@@ -956,10 +961,11 @@
   "download_waiting_to_retry": "Čeka se ponovni pokušaj",
   "downloading": "Preuzimanje",
   "downloading_asset_filename": "Preuzimanje stavke {filename}",
+  "downloading_from_icloud": "Preuzmi s iCloud",
   "downloading_media": "Preuzimanje medija",
   "drop_files_to_upload": "Ispustite datoteke bilo gdje za prijenos",
   "duplicates": "Duplikati",
-  "duplicates_description": "Razriješite svaku grupu tako da naznačite koji su duplikati, ako ih ima",
+  "duplicates_description": "Razriješite svaku grupu tako da naznačite koji su duplikati, ako ih ima.",
   "duration": "Trajanje",
   "edit": "Izmjena",
   "edit_album": "Uredi album",
@@ -987,6 +993,12 @@
   "editor": "Urednik",
   "editor_close_without_save_prompt": "Promjene neće biti spremljene",
   "editor_close_without_save_title": "Zatvoriti uređivač?",
+  "editor_confirm_reset_all_changes": "Jeste li sigurni da želite resetirati sve opcije?",
+  "editor_discard_edits_confirm": "Odbaci izmjene",
+  "editor_discard_edits_prompt": "Imate nesačuvane izmjene. Jeste li sigurni da ih želite odbaciti?",
+  "editor_discard_edits_title": "Odbaci izmjene?",
+  "editor_rotate_left": "Rotiraj 90° u suprotnom smjeru kazaljke na satu",
+  "editor_rotate_right": "Rotiraj 90° u smjeru kazaljke na satu",
   "email": "E-pošta",
   "email_notifications": "Obavijesti putem e-maila",
   "empty_folder": "Ova mapa je prazna",

i18n/id.json

@@ -849,9 +849,12 @@
   "create_link_to_share": "Buat tautan untuk dibagikan",
   "create_link_to_share_description": "Biarkan siapa pun dengan tautan melihat foto yang dipilih",
   "create_new": "BUAT BARU",
+  "create_new_face": "Buat wajah baru",
   "create_new_person": "Buat orang baru",
   "create_new_person_hint": "Tetapkan aset yang dipilih ke orang yang baru",
   "create_new_user": "Buat pengguna baru",
+  "create_person": "Buat orang",
+  "create_person_subtitle": "Tambahkan nama pada wajah yang dipilih untuk membuat dan menandai orang baru",
   "create_shared_album_page_share_add_assets": "TAMBAHKAN ASET",
   "create_shared_album_page_share_select_photos": "Pilih Foto",
   "create_shared_link": "Buat tautan bersama",
@@ -2214,6 +2217,7 @@
   "tag": "Tag",
   "tag_assets": "Tag aset",
   "tag_created": "Tag yang dibuat: {tag}",
+  "tag_face": "Tandai wajah",
   "tag_feature_description": "Menjelajahi foto dan video yang dikelompokkan berdasarkan topik tag yang logis",
   "tag_not_found_question": "Tidak dapat menemukan tag? <link>Buat tag baru.</link>",
   "tag_people": "Beri Tag Orang",

i18n/ko.json

@@ -1934,6 +1934,7 @@
   "search_by_filename": "파일명 또는 확장자로 검색",
   "search_by_filename_example": "예: IMG_1234.JPG 또는 PNG",
   "search_by_ocr": "OCR로 검색",
+  "search_by_ocr_example": "라떼",
   "search_camera_lens_model": "렌즈 모델 검색...",
   "search_camera_make": "카메라 제조사 검색...",
   "search_camera_model": "카메라 모델명 검색...",
@@ -1997,6 +1998,7 @@
   "select_all_in": "{group}의 모든 항목 선택",
   "select_avatar_color": "아바타 색상 선택",
   "select_count": "{count, plural, one {# 선택중} other {# 선택중}}",
+  "select_cutoff_date": "유지 기간 설정",
   "select_face": "얼굴 선택",
   "select_featured_photo": "대표 사진 선택",
   "select_from_computer": "컴퓨터에서 선택",

i18n/lt.json

@@ -1215,7 +1215,7 @@
   "file_name_text": "Failo pavadinimas",
   "file_name_with_value": "Failo pavadinimas: {file_name}",
   "file_size": "Failo dydis",
-  "filename": "Failopavadinimas",
+  "filename": "Failo pavadinimas",
   "filetype": "Failo tipas",
   "filter": "Filtras",
   "filter_description": "Tikslinių elementų filtravimo sąlygos",
@@ -1390,8 +1390,8 @@
   "licenses": "Licencijos",
   "light": "Šviesi",
   "light_theme": "Perjungti į šviesią temą",
-  "like": "Kaip",
-  "like_deleted": "Kaip ištrintas",
+  "like": "Patinka",
+  "like_deleted": "Patinka panaikintas",
   "link_motion_video": "Susieti judesio vaizdo įrašą",
   "link_to_docs": "Daugiau informacijos rasite <link>dokumentacijoje</link>.",
   "link_to_oauth": "Susieti su OAuth",

i18n/lv.json

@@ -713,9 +713,11 @@
   "create_link": "Izveidot saiti",
   "create_link_to_share": "Izveidot kopīgošanas saiti",
   "create_new": "IZVEIDOT JAUNU",
+  "create_new_face": "Izveidot jaunu seju",
   "create_new_person": "Izveidot jaunu personu",
   "create_new_person_hint": "Piesaistīt izvēlētos failus jaunai personai",
   "create_new_user": "Izveidot jaunu lietotāju",
+  "create_person": "Izveidot personu",
   "create_shared_album_page_share_add_assets": "PIEVIENOT AKTĪVUS",
   "create_shared_album_page_share_select_photos": "Fotoattēlu Izvēle",
   "create_user": "Izveidot lietotāju",
@@ -879,6 +881,7 @@
     "failed_to_update_notification_status": "Neizdevās mainīt paziņojuma statusu",
     "incorrect_email_or_password": "Nepareizs e-pasts vai parole",
     "library_folder_already_exists": "Šis importa ceļš jau pastāv.",
+    "page_not_found": "Lapa nav atrasta",
     "profile_picture_transparent_pixels": "Profila attēlos nevar būt caurspīdīgi pikseļi. Lūdzu, palielini un/vai pārvieto attēlu.",
     "quota_higher_than_disk_size": "Tu esi iestatījis kvotu, kas pārsniedz diska izmēru",
     "something_went_wrong": "Kaut kas nogāja greizi",
@@ -1295,6 +1298,7 @@
   "only_favorites": "Tikai izlase",
   "open": "Atvērt",
   "open_calendar": "Atvērt kalendāru",
+  "open_in_browser": "Atvērt pārlūkprogrammā",
   "open_in_map_view": "Atvērt kartes skatā",
   "open_in_openstreetmap": "Atvērt OpenStreetMap",
   "open_the_search_filters": "Atvērt meklēšanas filtrus",
@@ -1455,6 +1459,7 @@
   "reset_people_visibility": "Atiestatīt personu redzamību",
   "reset_pin_code": "Atiestatīt PIN kodu",
   "reset_sqlite": "Atiestatīt SQLite datubāzi",
+  "reset_sqlite_clear_app_data": "Notīrīt datus",
   "reset_to_default": "Atiestatīt noklusējuma iestatījumus",
   "resolve_duplicates": "Atrisināt dublēšanās gadījumus",
   "resolved_all_duplicates": "Visi dublikāti ir atrisināti",
@@ -1705,6 +1710,7 @@
   "sync_local": "Sinhronizēt lokāli",
   "sync_status": "Sinhronizācijas statuss",
   "sync_status_subtitle": "Skatīt un pārvaldīt sinhronizācijas sistēmu",
+  "tag_face": "Atzīmēt seju",
   "text_recognition": "Teksta atpazīšana",
   "theme": "Dizains",
   "theme_setting_asset_list_storage_indicator_title": "Rādīt krātuves indikatoru uz attēliem režga skatā",
@@ -1833,6 +1839,7 @@
   "viewer_remove_from_stack": "Noņemt no Steka",
   "viewer_stack_use_as_main_asset": "Izmantot kā Galveno Aktīvu",
   "viewer_unstack": "At-Stekot",
+  "visibility": "Redzamība",
   "visual": "Vizuāli",
   "visual_builder": "Vizuālais veidotājs",
   "waiting": "Gaida",

i18n/nl.json

@@ -544,7 +544,7 @@
   "appears_in": "Komt voor in",
   "apply_count": "Toepassen ({count, number})",
   "archive": "Archief",
-  "archive_action_prompt": "{count} item(s) toegevoegd aan het archief",
+  "archive_action_prompt": "{count, plural, one {# item} other {# items}} toegevoegd aan het archief",
   "archive_or_unarchive_photo": "Foto archiveren of uit het archief halen",
   "archive_page_no_archived_assets": "Geen gearchiveerde items gevonden",
   "archive_page_title": "Archief ({count})",
@@ -593,20 +593,20 @@
   "assets_cannot_be_added_to_album_count": "{count, plural, one {# item} other {# items}} konden niet aan album toegevoegd worden",
   "assets_cannot_be_added_to_albums": "{count, plural, one {Item kan} other {Items kunnen}} niet toegevoegd worden aan de albums",
   "assets_count": "{count, plural, one {# item} other {# items}}",
-  "assets_deleted_permanently": "{count} item(s) permanent verwijderd",
-  "assets_deleted_permanently_from_server": "{count} item(s) permanent verwijderd van de Immich server",
+  "assets_deleted_permanently": "{count, plural, one {# item} other {# items}} permanent verwijderd",
+  "assets_deleted_permanently_from_server": "{count, plural, one {# item} other {# items}} permanent verwijderd van de Immich server",
   "assets_downloaded_failed": "{count, plural, one {# bestand gedownload - {error} bestand mislukt} other {# bestanden gedownload - {error} bestanden mislukt}}",
   "assets_downloaded_successfully": "{count, plural, one {# bestand succesvol gedownload} other {# bestanden succesvol gedownload}}",
   "assets_moved_to_trash_count": "{count, plural, one {# item} other {# items}} verplaatst naar prullenbak",
   "assets_permanently_deleted_count": "{count, plural, one {# item} other {# items}} permanent verwijderd",
   "assets_removed_count": "{count, plural, one {# item} other {# items}} verwijderd",
-  "assets_removed_permanently_from_device": "{count} item(s) permanent verwijderd van je apparaat",
+  "assets_removed_permanently_from_device": "{count, plural, one {# item} other {# items}} permanent verwijderd van je apparaat",
   "assets_restore_confirmation": "Weet je zeker dat je alle verwijderde items wilt herstellen? Je kunt deze actie niet ongedaan maken! Offline items kunnen op deze manier niet worden hersteld.",
   "assets_restored_count": "{count, plural, one {# item} other {# items}} hersteld",
-  "assets_restored_successfully": "{count} item(s) succesvol hersteld",
-  "assets_trashed": "{count} item(s) naar de prullenbak verplaatst",
+  "assets_restored_successfully": "{count, plural, one {# item} other {# items}} succesvol hersteld",
+  "assets_trashed": "{count, plural, one {# item} other {# items}} naar de prullenbak verplaatst",
   "assets_trashed_count": "{count, plural, one {# item} other {# items}} naar prullenbak verplaatst",
-  "assets_trashed_from_server": "{count} item(s) naar de prullenbak verplaatst op de Immich server",
+  "assets_trashed_from_server": "{count, plural, one {# item} other {# items}} naar de prullenbak verplaatst op de Immich server",
   "assets_were_part_of_album_count": "{count, plural, one {Item was} other {Items waren}} al onderdeel van het album",
   "assets_were_part_of_albums_count": "{count, plural, one {Item is} other {Items zijn}} al onderdeel van de albums",
   "authorized_devices": "Geautoriseerde apparaten",
@@ -876,7 +876,7 @@
   "current_server_address": "Huidig serveradres",
   "custom_date": "Aangepaste datum",
   "custom_locale": "Aangepaste landinstelling",
-  "custom_locale_description": "Formatteer datums, tijden en getallen op basis van de geselecteerde taal en de regio",
+  "custom_locale_description": "Formatteer datums, tijden, en getallen op basis van de geselecteerde taal en regio",
   "custom_url": "Aangepaste URL",
   "cutoff_date_description": "Bewaar foto's van de laatste…",
   "cutoff_day": "{count, plural, one {dag} other {dagen}}",
@@ -896,10 +896,10 @@
   "days": "Dagen",
   "deduplicate_all": "Alles dedupliceren",
   "default_locale": "Standaard landinstelling",
-  "default_locale_description": "Formatteer datums en getallen op basis van de taalinstellingen van uw browser",
+  "default_locale_description": "Formatteer datums en getallen op basis van de taalinstellingen van je browser",
   "delete": "Verwijderen",
   "delete_action_confirmation_message": "Weet je zeker dat je dit item wilt verwijderen? Deze actie zorgt ervoor dat het item naar de prullenbak van de server wordt verplaatst en je wordt gevraagd of je deze ook lokaal wilt verwijderen",
-  "delete_action_prompt": "{count} item(s) verwijderd",
+  "delete_action_prompt": "{count} verwijderd",
   "delete_album": "Album verwijderen",
   "delete_api_key_prompt": "Weet je zeker dat je deze API-sleutel wilt verwijderen?",
   "delete_dialog_alert": "Deze items zullen permanent verwijderd worden van Immich en je apparaat",
@@ -913,12 +913,12 @@
   "delete_key": "Verwijder key",
   "delete_library": "Verwijder bibliotheek",
   "delete_link": "Verwijder link",
-  "delete_local_action_prompt": "{count} item(s) lokaal verwijderd",
+  "delete_local_action_prompt": "{count} lokaal verwijderd",
   "delete_local_dialog_ok_backed_up_only": "Verwijder alleen met back-up",
   "delete_local_dialog_ok_force": "Toch verwijderen",
   "delete_others": "Andere verwijderen",
   "delete_permanently": "Permanent verwijderen",
-  "delete_permanently_action_prompt": "{count} item(s) permanent verwijderd",
+  "delete_permanently_action_prompt": "{count} permanent verwijderd",
   "delete_shared_link": "Verwijder gedeelde link",
   "delete_shared_link_dialog_title": "Verwijder gedeelde link",
   "delete_tag": "Tag verwijderen",
@@ -948,7 +948,7 @@
   "documentation": "Documentatie",
   "done": "Klaar",
   "download": "Downloaden",
-  "download_action_prompt": "{count} item(s) aan het downloaden",
+  "download_action_prompt": "{count, plural, one {# item} other {# items}} aan het downloaden",
   "download_canceled": "Download geannuleerd",
   "download_complete": "Download voltooid",
   "download_enqueue": "Download in wachtrij",
@@ -980,7 +980,7 @@
   "edit_birthday": "Wijzig verjaardag",
   "edit_date": "Datum bewerken",
   "edit_date_and_time": "Datum en tijd bewerken",
-  "edit_date_and_time_action_prompt": "Datum en tijd bijgewerkt van {count} item(s)",
+  "edit_date_and_time_action_prompt": "Datum en tijd bijgewerkt van {count, plural, one {# item} other {# items}}",
   "edit_date_and_time_by_offset": "Wijzigen datum door verschuiving",
   "edit_date_and_time_by_offset_interval": "Nieuw datuminterval: {from}-{to}",
   "edit_description": "Beschrijving bewerken",
@@ -990,7 +990,7 @@
   "edit_key": "Key bewerken",
   "edit_link": "Link bewerken",
   "edit_location": "Locatie bewerken",
-  "edit_location_action_prompt": "Locatie bijgewerkt van {count} item(s)",
+  "edit_location_action_prompt": "Locatie bijgewerkt van {count, plural, one {# item} other {# items}}",
   "edit_location_dialog_title": "Locatie",
   "edit_name": "Naam bewerken",
   "edit_people": "Mensen bewerken",
@@ -1203,7 +1203,7 @@
   "failed_to_load_assets": "Kan items niet laden",
   "failed_to_load_folder": "Laden van map mislukt",
   "favorite": "Favoriet",
-  "favorite_action_prompt": "{count} item(s) toegevoegd aan je favorieten",
+  "favorite_action_prompt": "{count, plural, one {# item} other {# items}} toegevoegd aan je favorieten",
   "favorite_or_unfavorite_photo": "Foto markeren als of verwijderen uit favorieten",
   "favorites": "Favorieten",
   "favorites_page_no_favorites": "Geen favoriete items gevonden",
@@ -1389,7 +1389,7 @@
   "library_page_sort_title": "Albumtitel",
   "licenses": "Licenties",
   "light": "Licht",
-  "light_theme": "Wissel naar lichte thema",
+  "light_theme": "Wissel naar licht thema",
   "like": "Vind ik leuk",
   "like_deleted": "Like verwijderd",
   "link_motion_video": "Koppel bewegende video",
@@ -1551,7 +1551,7 @@
   "move_off_locked_folder": "Verplaats uit vergrendelde map",
   "move_to": "Verplaatsen naar",
   "move_to_device_trash": "Naar prullenbak van apparaat",
-  "move_to_lock_folder_action_prompt": "{count} item(s) toegevoegd aan de vergrendelde map",
+  "move_to_lock_folder_action_prompt": "{count, plural, one {# item} other {# items}} toegevoegd aan de vergrendelde map",
   "move_to_locked_folder": "Verplaats naar vergrendelde map",
   "move_to_locked_folder_confirmation": "Deze foto’s en video’s worden uit alle albums verwijderd en zijn alleen te bekijken in de vergrendelde map",
   "move_up": "Naar boven verplaatsen",
@@ -1854,9 +1854,9 @@
   "remove_custom_date_range": "Aangepast datumbereik verwijderen",
   "remove_deleted_assets": "Verwijder offline bestanden",
   "remove_from_album": "Verwijderen uit album",
-  "remove_from_album_action_prompt": "{count} item(s) verwijderd uit het album",
+  "remove_from_album_action_prompt": "{count, plural, one {# item} other {# items}} verwijderd uit het album",
   "remove_from_favorites": "Verwijderen uit favorieten",
-  "remove_from_lock_folder_action_prompt": "{count} item(s) verwijderd uit de vergrendelde map",
+  "remove_from_lock_folder_action_prompt": "{count, plural, one {# item} other {# items}} verwijderd uit de vergrendelde map",
   "remove_from_locked_folder": "Verwijder uit de vergrendelde map",
   "remove_from_locked_folder_confirmation": "Weet je zeker dat je deze foto's en video's uit de vergrendelde map wilt verplaatsen? Ze zijn dan weer zichtbaar in je bibliotheek.",
   "remove_from_shared_link": "Verwijderen uit gedeelde link",
@@ -1899,7 +1899,7 @@
   "resolved_all_duplicates": "Alle duplicaten opgelost",
   "restore": "Herstellen",
   "restore_all": "Herstel alle",
-  "restore_trash_action_prompt": "{count} item(s) teruggehaald uit de prullenbak",
+  "restore_trash_action_prompt": "{count, plural, one {# item} other {# items}} teruggehaald uit de prullenbak",
   "restore_user": "Gebruiker herstellen",
   "restored_asset": "Item hersteld",
   "resume": "Hervatten",
@@ -2067,9 +2067,9 @@
   "settings_saved": "Instellingen opgeslagen",
   "setup_pin_code": "Stel een pincode in",
   "share": "Delen",
-  "share_action_prompt": "{count} item(s) gedeeld",
+  "share_action_prompt": "{count, plural, one {# item} other {# items}} gedeeld",
   "share_add_photos": "Foto's toevoegen",
-  "share_assets_selected": "{count} item(s) geselecteerd",
+  "share_assets_selected": "{count, plural, one {# item} other {# items}} geselecteerd",
   "share_dialog_preparing": "Voorbereiden...",
   "share_link": "Link delen",
   "shared": "Gedeeld",
@@ -2177,7 +2177,7 @@
   "sort_title": "Titel",
   "source": "Bron",
   "stack": "Stapel",
-  "stack_action_prompt": "{count} item(s) gestapeld",
+  "stack_action_prompt": "{count} items gestapeld",
   "stack_duplicates": "Stapel duplicaten",
   "stack_select_one_photo": "Selecteer één primaire foto voor de stapel",
   "stack_selected_photos": "Geselecteerde foto's stapelen",
@@ -2264,7 +2264,7 @@
   "total": "Totaal",
   "total_usage": "Totaal gebruik",
   "trash": "Prullenbak",
-  "trash_action_prompt": "{count} item(s) verplaatst naar de prullenbak",
+  "trash_action_prompt": "{count, plural, one {# item} other {# items}} verplaatst naar de prullenbak",
   "trash_all": "Verplaats alle naar prullenbak",
   "trash_count": "{count, number} naar prullenbak",
   "trash_delete_asset": "Items naar prullenbak verplaatsen of verwijderen",
@@ -2314,7 +2314,7 @@
   "unselect_all_duplicates": "Deselecteer alle duplicaten",
   "unselect_all_in": "Deselecteer alles in {group}",
   "unstack": "Ontstapelen",
-  "unstack_action_prompt": "{count} item(s) ontstapeld",
+  "unstack_action_prompt": "{count} items ontstapeld",
   "unstacked_assets_count": "{count, plural, one {# item} other {# items}} ontstapeld",
   "unsupported_field_type": "Veldtype niet ondersteund",
   "unsupported_file_type": "Bestand {file} kan niet worden geüpload omdat het bestandstype {type} niet wordt ondersteund.",

i18n/package.json

@@ -1,6 +1,6 @@
 {
   "name": "immich-i18n",
-  "version": "2.7.4",
+  "version": "2.7.5",
   "private": true,
   "scripts": {
     "format": "prettier --cache --check .",

i18n/pl.json

@@ -1009,8 +1009,8 @@
   "editor_edits_applied_success": "Zmiany zostały pomyślnie zastosowane",
   "editor_flip_horizontal": "Odwróć poziomo",
   "editor_flip_vertical": "Odwróć pionowo",
-  "editor_handle_corner": "{corner, select, top_left {Top-left} top_right {Top-right} bottom_left {Bottom-left} bottom_right {Bottom-right} other {A}} uchwyt narożny",
-  "editor_handle_edge": "{edge, select, top {Top} bottom {Bottom} left {Left} right {Right} other {An}} uchwyt krawędziowy",
+  "editor_handle_corner": "{corner, select, top_left {Górny lewy} top_right {Górny prawy} bottom_left {Dolny lewy} bottom_right {Dolny prawy} other {Jakiś}} uchwyt narożny",
+  "editor_handle_edge": "{edge, select, top {Górny} bottom {Dolny} left {Lewy} right {Prawy} other {Jakiś}} uchwyt krawędziowy",
   "editor_orientation": "Orientacja",
   "editor_reset_all_changes": "Zresetuj zmiany",
   "editor_rotate_left": "Obróć o 90° przeciwnie do ruchu wskazówek zegara",

i18n/th.json

@@ -5,6 +5,7 @@
   "acknowledge": "รับทราบ",
   "action": "ดำเนินการ",
   "action_common_update": "อัปเดต",
+  "action_description": "ชุดการดำเนินการที่จะปฏิบัติกับรายการที่ผ่านการกรอง",
   "actions": "การดำเนินการ",
   "active": "กำลังทำงาน",
   "active_count": "กำลังทำงาน: {count}",
@@ -16,11 +17,13 @@
   "add_a_name": "เพิ่มชื่อ",
   "add_a_title": "เพิ่มหัวข้อ",
   "add_action": "เพิ่มการดำเนินการ",
+  "add_action_description": "คลิกเพื่อเพิ่มการดำเนินการ",
   "add_assets": "เพิ่มสื่อ",
   "add_birthday": "เพิ่มวันเกิด",
   "add_endpoint": "เพิ่มปลายทาง",
   "add_exclusion_pattern": "เพิ่มข้อยกเว้น",
   "add_filter": "เพิ่มตัวกรอง",
+  "add_filter_description": "คลิกเพื่อเพิ่มการกรอง",
   "add_location": "เพิ่มตำแหน่ง",
   "add_more_users": "เพิ่มผู้ใช้งาน",
   "add_partner": "เพิ่มคู่หู",
@@ -32,12 +35,14 @@
   "add_to_album_bottom_sheet_added": "เพิ่มไปยัง {album} แล้ว",
   "add_to_album_bottom_sheet_already_exists": "อยู่ใน {album} อยู่แล้ว",
   "add_to_album_bottom_sheet_some_local_assets": "ไฟล์บางส่วนไม่สามารถเพิ่มไปยังอัลบั้มได้",
+  "add_to_album_toggle": "สลับการเลือกสำหรับ {album}",
   "add_to_albums": "เพิ่มเข้าในอัลบั้ม",
   "add_to_albums_count": "เพิ่มไปยังอัลบั้ม ({count})",
   "add_to_bottom_bar": "เพิ่มไปยัง",
   "add_to_shared_album": "เพิ่มไปยังอัลบั้มที่แชร์",
   "add_upload_to_stack": "เพิ่มที่อัปโหลดเข้า stack",
   "add_url": "เพิ่ม URL",
+  "add_workflow_step": "เพิ่มขั้นตอนการทำงาน",
   "added_to_archive": "เพิ่มไปยังที่จัดเก็บถาวร",
   "added_to_favorites": "เพิ่มเข้ารายการโปรดแล้ว",
   "added_to_favorites_count": "เพิ่ม {count, number} รูปเข้ารายการโปรดแล้ว",
@@ -70,6 +75,7 @@
     "confirm_reprocess_all_faces": "คุณแน่ใจว่าคุณต้องการประมวลผลใบหน้าทั้งหมดใหม่? ชื่อคนจะถูกลบไปด้วย",
     "confirm_user_password_reset": "คุณแน่ใจว่าต้องการรีเซ็ตรหัสผ่านของ {user} หรือไม่?",
     "confirm_user_pin_code_reset": "คุณแน่ใจหรือไม่ว่าต้องการรีเซ็ตรหัส PIN ของ {user}",
+    "copy_config_to_clipboard_description": "คัดลอกการตั้งค่าระบบปัจจุบันในรูปแบบ JSON ไปยังคลิปบอร์ด",
     "create_job": "สร้างงาน",
     "cron_expression": "รูปแบบ cron",
     "cron_expression_description": "ตั้งช่วงเวลาในการสแกนโดยใช้รูปแบบ cron สำหรับข้อมูลเพิ่มเติมกรุณาอิง <link>Crontab Guru</link>",
@@ -77,6 +83,7 @@
     "disable_login": "ปิดการล็อกอิน",
     "duplicate_detection_job_description": "ใช้ machine learning กับสี่อเพื่อตรวจจับรูปภาพที่คล้ายกัน โดยใช้การค้นหาอัจฉริยะ",
     "exclusion_pattern_description": "ข้อยกเว้นสามารถละเว้นไฟล์และโฟลเดอร์ขณะสแกนคลังภาพของคุณ มีประโยชน์เมื่อโฟลเดอร์มีไฟล์ที่ไม่อยากนำเข้า เช่นไฟล์ RAW",
+    "export_config_as_json_description": "ดาวน์โหลดการตั้งค่าระบบปัจจุบันไปยังไฟล์ในรูปแบบ JSON",
     "external_libraries_page_description": "หน้าต่างคลังแอดมินภายนอก",
     "face_detection": "การตรวจจับใบหน้า",
     "face_detection_description": "ตรวจจับใบหน้าในสี่อโดยใช้ machine learning วิดีโอจะใช้ภาพตัวอย่างจากวิดีโอเท่านั้น \"ทั้งหมด\" จะประมวลผลสี่อทั้งหมด \"ขาดหาย\" จะประมวลผลสี่อที่ยังไม่ได้ประมวลผล ใบหน้าที่ถูกตรวจจับแล้วจะถูกเข้าคิวประมวลผลการจดจำใบหน้า เพิ่มเข้าไปในกลุ่มที่มีอยู่แล้วหรือคนใหม่",
@@ -97,6 +104,8 @@
     "image_preview_description": "ภาพขนาดปานกลางที่ถูกลบข้อมูลเมตา ใช้สำหรับการดูแอสเซ็ตเดี่ยวและสำหรับการเรียนรู้ของเครื่อง (Machine Learning)",
     "image_preview_quality_description": "คุณภาพการแสดงตัวอย่างตั้งแต่ 1-100 ยิ่งสูงยิ่งดี แต่จะทำให้ไฟล์มีขนาดใหญ่ขึ้นและอาจทำให้แอปตอบสนองช้าลง การตั้งค่าต่ำอาจส่งผลต่อคุณภาพ Machine Learning",
     "image_preview_title": "ตั้งค่าพรีวิว",
+    "image_progressive": "รูปภาพแบบโปรเกรสซีฟ",
+    "image_progressive_description": "เข้ารหัสรูปภาพ JPEG แบบโปรเกรสซีฟเพื่อให้แสดงผลแบบค่อยๆ ชัดขึ้นขณะโหลด ทั้งนี้จะไม่มีผลกับรูปภาพ WebP",
     "image_quality": "คุณภาพ",
     "image_resolution": "ความละเอียด",
     "image_resolution_description": "ความละเอียดสูกว่าสามารถเก็บรายละเอียดได้มากกว่าแต่ใช้เวลา encode นานกว่า ไฟล์ใหญ่กว่า และลดความตอบสนองของแอป",
@@ -105,6 +114,7 @@
     "image_thumbnail_description": "รูปขนาดย่อที่มีการลบข้อมูลเมตาด้าต้า ใช้เมื่อดูภาพถ่ายในกลุ่ม เช่น ในไทม์ไลน์หลัก",
     "image_thumbnail_quality_description": "คุณภาพของภาพขนาดย่อตั้งแต่ 1-100 ยิ่งสูงยิ่งดี แต่จะทำให้ไฟล์มีขนาดใหญ่ขึ้นและอาจทำให้แอปตอบสนองช้าลง",
     "image_thumbnail_title": "ตั้งค่า Thumbnail",
+    "import_config_from_json_description": "นำเข้าการตั้งค่าระบบโดยการอัปโหลดไฟล์คอนฟิก JSON",
     "job_concurrency": "{job} งานพร้อมกัน",
     "job_created": "สร้างงานเรียบร้อย",
     "job_not_concurrency_safe": "งานนี้ทำงานพร้อมกันแบบปลอดภัยไม่ได้",
@@ -510,10 +520,10 @@
   "always_keep_photos_hint": "\"เพิ่มพื้นที่ว่าง\" จะเก็บรูปภาพทั้งหมดบนอุปกรณ์นี้",
   "always_keep_videos_hint": "\"เพิ่มพื้นที่ว่าง\" จะเก็บวิดีโอทั้งหมดบนอุปกรณ์นี้",
   "anti_clockwise": "ทวนเข็มนาฬิกา",
-  "api_key": "API key",
+  "api_key": "คีย์ API",
   "api_key_description": "ค่านี้จะแสดงเพียงครั้งเดียว โปรดคัดลอกก่อนปิดหน้าต่าง",
-  "api_key_empty": "ชื่อ API Key ของคุณไม่ควรว่างเปล่า",
-  "api_keys": "API Key",
+  "api_key_empty": "ชื่อคีย์ API ของคุณไม่ควรว่างเปล่า",
+  "api_keys": "คีย์ API",
   "app_architecture_variant": "รูปแบบ (สถาปัตยกรรม)",
   "app_bar_signout_dialog_content": "คุณแน่ใจว่าอยากออกจากระบบ",
   "app_bar_signout_dialog_ok": "ใช่",
@@ -867,7 +877,7 @@
   "delete": "ลบออก",
   "delete_action_prompt": "ลบ {count} รายการแล้ว",
   "delete_album": "ลบอัลบั้ม",
-  "delete_api_key_prompt": "คุณต้องการลบ API คีย์ นี้ใช่ไหม ?",
+  "delete_api_key_prompt": "คุณต้องการลบคีย์ API นี้หรือไม่?",
   "delete_dialog_alert": "รายการดังกล่าวจะถูกลบจาก Immich และเครื่องอย่างถาวร",
   "delete_dialog_alert_local": "รายการดังกล่าวจะถูกลบจากเครื่องคุณอย่างถาวร แต่จะยังคงอยู่บนเซิร์ฟเวอร์ Immich",
   "delete_dialog_alert_local_non_backed_up": "รายการบางตัวไม่ได้ถูกสำรองบน Immich และจะถูกลบจากเครื่องคุณอย่างถาวร",
@@ -1062,7 +1072,7 @@
     "unable_to_connect": "ไม่สามารถเชื่อมต่อได้",
     "unable_to_copy_to_clipboard": "ไม่สามารถคัดลอกไปยังคลิปบอร์ดได้ ตรวจสอบให้แน่ใจว่าคุณเข้าถึงหน้าผ่านทาง https",
     "unable_to_create_admin_account": "ไม่สามารถสร้างบัญชีผู้ดูแลระบบได้",
-    "unable_to_create_api_key": "ไม่สามารถสร้าง API คีย์ ได้",
+    "unable_to_create_api_key": "ไม่สามารถสร้างคีย์ API",
     "unable_to_create_library": "ไม่สามารถสร้างคลังภาพได้",
     "unable_to_create_user": "ไม่สามารถสร้างผู้ใช้ได้",
     "unable_to_delete_album": "ไม่สามารถลบอัลบั้มได้",
@@ -1089,7 +1099,7 @@
     "unable_to_reassign_assets_new_person": "ไม่สามารถมอบหมาย ให้กับบุคคลใหม่ได้",
     "unable_to_refresh_user": "ไม่สามารถรีเฟรชผู้ใช้ได้",
     "unable_to_remove_album_users": "ไม่สามารถลบผู้ใช้ออกจากอัลบั้มได้",
-    "unable_to_remove_api_key": "ไม่สามารถลบ API Key ได้",
+    "unable_to_remove_api_key": "ไม่สามารถลบคีย์ API",
     "unable_to_remove_assets_from_shared_link": "ไม่สามารถลบออกจากลิงก์ที่แชร์ได้",
     "unable_to_remove_library": "ไม่สามารถลบคลังภาพได้",
     "unable_to_remove_partner": "ไม่สามารถลบคู่หูได้",
@@ -1101,7 +1111,7 @@
     "unable_to_restore_trash": "ไม่สามารถเรียกคืนถังขยะได้",
     "unable_to_restore_user": "ไม่สามารถเรียกคืนผู้ใช้ได้",
     "unable_to_save_album": "ไม่สามารถบันทึกอัลบั้มได้",
-    "unable_to_save_api_key": "ไม่สามารถบันทึก API คีย์ ได้",
+    "unable_to_save_api_key": "ไม่สามารถบันทึกคีย์ API",
     "unable_to_save_date_of_birth": "ไม่สามารถบันทึกวันเกิดได้",
     "unable_to_save_name": "ไม่สามารถบันทึกชื่อได้",
     "unable_to_save_profile": "ไม่สามารถบันทึกโปรไฟล์ได้",
@@ -1195,7 +1205,7 @@
   "geolocation_instruction_location": "คลิกบนสื่อที่มีพิกัด GPS เพื่อใช้ตำแหน่งนั้น หรือเลือกตำแหน่งจากแผนที่โดยตรง",
   "get_help": "ขอความช่วยเหลือ",
   "get_people_error": "ข้อผิดพลาดขณะดึงข้อมูลผู้คน",
-  "get_wifiname_error": "ไม่สามารถรับชื่อ Wi-Fi กรุณายืนยันการให้อนุญาตแอพ และยืนยันว่า Wi-Fi เชื่อมต่ออยู่",
+  "get_wifiname_error": "ไม่สามารถรับชื่อ Wi-Fi กรุณายืนยันการให้อนุญาตแอป และยืนยันว่าเชื่อมต่อกับเครือข่าย Wi-Fi อยู่",
   "getting_started": "เริ่มต้นใช้งาน",
   "go_back": "กลับ",
   "go_to_folder": "ไปที่โฟล์เดอร์",
@@ -1430,7 +1440,7 @@
   "manage_sharing_with_partners": "จัดการการแชร์กับคู่หู",
   "manage_the_app_settings": "จัดการการตั้งค่าแอป",
   "manage_your_account": "จัดการบัญชีของคุณ",
-  "manage_your_api_keys": "จัดการกุญแจ API ของคุณ",
+  "manage_your_api_keys": "จัดการคีย์ API ของคุณ",
   "manage_your_devices": "จัดการอุปกรณ์ของคุณ",
   "manage_your_oauth_connection": "จัดการการเชื่อมต่อ OAuth ของคุณ",
   "map": "แผนที่",
@@ -1516,7 +1526,7 @@
   "networking_subtitle": "ตั้งค่าปลายทางเซิร์ฟเวอร์",
   "never": "ไม่เคย",
   "new_album": "อัลบั้มใหม่",
-  "new_api_key": "สร้าง API คีย์ใหม่",
+  "new_api_key": "สร้างคีย์ API ใหม่",
   "new_date_range": "ช่วงวันที่ใหม่",
   "new_password": "รหัสผ่านใหม่",
   "new_person": "คนใหม่",
@@ -1581,7 +1591,7 @@
   "on_this_device": "บนอุปกรณ์นี้",
   "onboarding": "การเริ่มต้นใช้งาน",
   "onboarding_locale_description": "เลือกภาษาที่คุณต้องการ คุณสามารถเปลี่ยนได้ภายหลังในการตั้งค่า",
-  "onboarding_privacy_description": "ฟีเจอร์ (ตัวเลือก) ต่อไปนี้ต้องอาศัยบริการภายนอก และสามารถปิดใช้งานได้ตลอดเวลาในการตั้งค่าการ",
+  "onboarding_privacy_description": "คุณสมบัติ (ตัวเลือก) ต่อไปนี้ต้องอาศัยบริการภายนอก และสามารถปิดใช้งานได้ตลอดเวลาในการตั้งค่า",
   "onboarding_server_welcome_description": "มาตั้งค่าเซิร์ฟเวอร์ของคุณด้วยการตั้งค่าที่ใช้บ่อยกันเถอะ",
   "onboarding_theme_description": "เลือกธีมสี คุณสามารถเปลี่ยนแปลงได้ในภายหลังในการตั้งค่าของคุณ",
   "onboarding_user_welcome_description": "มาเริ่มต้นกันเถอะ!",
@@ -1631,7 +1641,7 @@
   "pattern": "รูปแบบ",
   "pause": "หยุด",
   "pause_memories": "หยุดดูความทรงจํา",
-  "paused": "หยุด",
+  "paused": "หยุดชั่วคราว",
   "pending": "กำลังรอ",
   "people": "ผู้คน",
   "people_edits_count": "{count, plural, one {# person} other {# people}} ถูกแก้ไข",
@@ -1644,11 +1654,13 @@
   "permanently_delete_assets_prompt": "คุณแน่ใจหรือไม่ว่าต้องการลบ {count, plural, one {this asset?} other {these <b>#</b> asset?}}อย่างถาวร การดำเนินการนี้จะลบ {count, plural, one {it from its} other {them from their}} อัลบั้มด้วย",
   "permanently_deleted_asset": "ลบสื่อถาวรแล้ว",
   "permanently_deleted_assets_count": "ลบ {count, plural, one {# asset} other {# assets}} เรียบร้อยแล้ว",
+  "permission": "สิทธิ์",
+  "permission_empty": "สิทธิ์ของคุณต้องไม่เว้นว่าง",
   "permission_onboarding_back": "กลับ",
   "permission_onboarding_continue_anyway": "ดำเนินการต่อ",
   "permission_onboarding_get_started": "เริ่มต้น",
   "permission_onboarding_go_to_settings": "ไปยังการตั้งค่า",
-  "permission_onboarding_permission_denied": "ไม่อนุญาต ตั้งค่าสิทธิ์เข้าถึงรูปภาพและวิดีโอเพื่อใช้งาน Immich",
+  "permission_onboarding_permission_denied": "สิทธิ์ถูกปฏิเสธ กรุณาให้สิทธิ์เข้าถึงรูปภาพและวิดีโอเพื่อใช้งาน Immich",
   "permission_onboarding_permission_granted": "ให้สิทธิ์สำเร็จ คุณพร้อมใช้งานแล้ว",
   "permission_onboarding_permission_limited": "สิทธ์จำกัด เพื่อให้ Immich สำรองข้อมูลและจัดการคลังภาพได้ ตั้งค่าสิทธิเข้าถึงรูปภาพและวิดีโอ",
   "permission_onboarding_request": "Immich จำเป็นจะต้องได้รับสิทธิ์ดูรูปภาพและวิดีโอ",
@@ -1783,7 +1795,7 @@
   "remove_photo_from_memory": "ลบรูปออกจากความทรงจำนี้",
   "remove_url": "ลบ URL",
   "remove_user": "ลบผู้ใช้",
-  "removed_api_key": "API คีย์ของ: {name} ถูกลบแล้ว",
+  "removed_api_key": "ลบคีย์ API แล้ว: {name}",
   "removed_from_archive": "ลบจากเก็บถาวรแล้ว",
   "removed_from_favorites": "ลบจากรายการโปรดแล้ว",
   "removed_from_favorites_count": "{count, plural, other {ถูกลบ#}} จากรายการโปรดแล้ว",
@@ -1831,7 +1843,7 @@
   "save": "บันทึก",
   "save_to_gallery": "บันทึกไปยังแกลเลอรี",
   "saved": "บันทึกแล้ว",
-  "saved_api_key": "บันทึก API คีย์ แล้ว",
+  "saved_api_key": "บันทึกคีย์ API แล้ว",
   "saved_profile": "แก้ไขโปรไฟล์สำเร็จ",
   "saved_settings": "บันทึกการตั้งค่าสำเร็จ",
   "say_something": "พูดอะไรสักอย่าง",
@@ -2226,7 +2238,7 @@
   "upload_status_duplicates": "รายการซ้ำ",
   "upload_status_errors": "ข้อผิดพลาด",
   "upload_status_uploaded": "อัปโหลดแล้ว",
-  "upload_success": "อัปโหลดสำเร็จ รีเฟรชหน้าเพื่อดูสื่อใหม่ที่อัปโหลดล่าสุด",
+  "upload_success": "อัปโหลดสำเร็จ รีเฟรชหน้าเพื่อดูสื่อที่อัปโหลดใหม่",
   "upload_to_immich": "อัปโหลดไปยัง Immich ({count})",
   "uploading": "กำลังอัปโหลด",
   "uploading_media": "กำลังอัปโหลดสื่อ",

i18n/uk.json

@@ -849,9 +849,12 @@
   "create_link_to_share": "Створити посилання спільного доступу",
   "create_link_to_share_description": "Дати змогу будь-кому переглядати вибрані фото за посиланням",
   "create_new": "СТВОРИТИ НОВИЙ",
+  "create_new_face": "Створити нове обличчя",
   "create_new_person": "Створити нову людину",
   "create_new_person_hint": "Призначити вибрані елементи новій людині",
   "create_new_user": "Створити нового користувача",
+  "create_person": "Створити людину",
+  "create_person_subtitle": "Додайте ім'я до вибраного обличчя, щоб створити та позначити нову особу",
   "create_shared_album_page_share_add_assets": "ДОДАТИ ЕЛЕМЕНТИ",
   "create_shared_album_page_share_select_photos": "Вибрати фото",
   "create_shared_link": "Створити спільне посилання",
@@ -2214,6 +2217,7 @@
   "tag": "Тег",
   "tag_assets": "Додати теги",
   "tag_created": "Створено тег: {tag}",
+  "tag_face": "Тег обличчя",
   "tag_feature_description": "Перегляд фото та відео, згрупованих за логічними темами тегів",
   "tag_not_found_question": "Не вдається знайти тег? <link>Створіть новий тег.</link>",
   "tag_people": "Позначити людей",

i18n/vi.json

@@ -537,10 +537,10 @@
   "app_bar_signout_dialog_content": "Bạn có muốn đăng xuất?",
   "app_bar_signout_dialog_ok": "Có",
   "app_bar_signout_dialog_title": "Đăng xuất",
-  "app_download_links": "Liên kết tải app",
-  "app_settings": "App",
-  "app_stores": "Cửa hàng app",
-  "app_update_available": "Đã có bản cập nhật app",
+  "app_download_links": "Liên kết tải ứng dụng",
+  "app_settings": "Ứng dụng",
+  "app_stores": "Cửa hàng ứng dụng",
+  "app_update_available": "Đã có bản cập nhật ứng dụng",
   "appears_in": "Xuất hiện trong",
   "apply_count": "Áp dụng ({count, number})",
   "archive": "Lưu trữ",
@@ -617,7 +617,7 @@
   "back_close_deselect": "Quay lại, đóng, hoặc bỏ chọn",
   "background_backup_running_error": "Sao lưu nền hiện đang chạy, không thể bắt đầu sao lưu thủ công",
   "background_location_permission": "Quyền truy cập vị trí khi chạy nền",
-  "background_location_permission_content": "Để chuyển đổi mạng khi chạy ở chế độ nền, Immich *luôn* phải có quyền truy cập vị trí chính xác để có thể đọc tên mạng Wi-Fi",
+  "background_location_permission_content": "Để chuyển đổi mạng khi chạy ở chế độ nền, Immich phải *luôn* có quyền truy cập vị trí chính xác để có thể đọc tên mạng Wi-Fi",
   "background_options": "Tùy chọn nền",
   "backup": "Sao lưu",
   "backup_album_selection_page_albums_device": "Album trên thiết bị ({count})",
@@ -637,8 +637,8 @@
   "backup_background_service_in_progress_notification": "Đang sao lưu tệp của bạn…",
   "backup_background_service_upload_failure_notification": "Tải lên {filename} thất bại",
   "backup_controller_page_albums": "Album sao lưu",
-  "backup_controller_page_background_app_refresh_disabled_content": "Bật làm mới app trong nền tại Cài đặt > Cài đặt chung > Làm mới app trong nền để dùng sao lưu nền.",
-  "backup_controller_page_background_app_refresh_disabled_title": "Làm mới app trong nền bị vô hiệu hoá",
+  "backup_controller_page_background_app_refresh_disabled_content": "Bật làm mới ứng dụng trong nền tại Cài đặt > Cài đặt chung > Làm mới ứng dụng trong nền để dùng sao lưu nền.",
+  "backup_controller_page_background_app_refresh_disabled_title": "Làm mới ứng dụng trong nền bị vô hiệu hoá",
   "backup_controller_page_background_app_refresh_enable_button_text": "Đi tới cài đặt",
   "backup_controller_page_background_battery_info_link": "Hướng dẫn tôi",
   "backup_controller_page_background_battery_info_message": "Để có trải nghiệm sao lưu nền tốt nhất, vui lòng vô hiệu hóa bất kỳ tối ưu hóa pin nào đang hạn chế hoạt động nền của Immich.\n\nVì điều này phụ thuộc vào thiết bị, vui lòng tham khảo thông tin cần thiết của nhà sản xuất thiết bị của bạn.",
@@ -647,7 +647,7 @@
   "backup_controller_page_background_charging": "Chỉ khi đang sạc",
   "backup_controller_page_background_configure_error": "Cấu hình dịch vụ nền thất bại",
   "backup_controller_page_background_delay": "Trì hoãn sao lưu tệp mới: {duration}",
-  "backup_controller_page_background_description": "Bật dịch vụ nền để tự động sao lưu tệp mới mà không cần mở app",
+  "backup_controller_page_background_description": "Bật dịch vụ nền để tự động sao lưu tệp mới mà không cần mở ứng dụng",
   "backup_controller_page_background_is_off": "Sao lưu tự động trong nền đang tắt",
   "backup_controller_page_background_is_on": "Sao lưu tự động trong nền đang bật",
   "backup_controller_page_background_turn_off": "Tắt dịch vụ nền",
@@ -657,7 +657,7 @@
   "backup_controller_page_backup_selected": "Đã chọn: ",
   "backup_controller_page_backup_sub": "Ảnh và video đã sao lưu",
   "backup_controller_page_created": "Tạo vào: {date}",
-  "backup_controller_page_desc_backup": "Bật sao lưu khi app hoạt động để tự động sao lưu tệp mới lên máy chủ khi mở app.",
+  "backup_controller_page_desc_backup": "Bật sao lưu khi ứng dụng hoạt động để tự động sao lưu tệp mới lên máy chủ khi mở ứng dụng.",
   "backup_controller_page_excluded": "Đã bỏ qua: ",
   "backup_controller_page_failed": "Thất bại ({count})",
   "backup_controller_page_filename": "Tên tệp: {filename} [{size}]",
@@ -668,12 +668,12 @@
   "backup_controller_page_remainder_sub": "Số lượng ảnh và video đã chọn chưa được sao lưu",
   "backup_controller_page_server_storage": "Dung lượng máy chủ",
   "backup_controller_page_start_backup": "Bắt đầu sao lưu",
-  "backup_controller_page_status_off": "Sao lưu tự động khi app hoạt động đang tắt",
-  "backup_controller_page_status_on": "Sao lưu tự động khi app hoạt động đang bật",
+  "backup_controller_page_status_off": "Sao lưu tự động khi ứng dụng hoạt động đang tắt",
+  "backup_controller_page_status_on": "Sao lưu tự động khi ứng dụng hoạt động đang bật",
   "backup_controller_page_storage_format": "Đã dùng {used} của {total}",
   "backup_controller_page_to_backup": "Các album cần được sao lưu",
   "backup_controller_page_total_sub": "Tất cả ảnh và video không trùng lập từ các album được chọn",
-  "backup_controller_page_turn_off": "Tắt sao lưu khi app hoạt động",
+  "backup_controller_page_turn_off": "Tắt sao lưu khi ứng dụng hoạt động",
   "backup_controller_page_turn_on": "Bật sao lưu khi mở app",
   "backup_controller_page_uploading_file_info": "Thông tin tệp đang tải lên",
   "backup_err_only_album": "Không thể xóa album duy nhất",
@@ -704,16 +704,16 @@
   "bulk_trash_duplicates_confirmation": "Bạn có chắc muốn đưa {count, plural, one {# tệp trùng lặp} other {# tệp trùng lặp}} vào thùng rác? Điều này sẽ giữ lại ảnh chất lượng nhất của mỗi nhóm và đưa tất cả các bản trùng lặp khác vào thùng rác.",
   "buy": "Mua Immich",
   "cache_settings_clear_cache_button": "Xóa bộ nhớ đệm",
-  "cache_settings_clear_cache_button_title": "Xóa bộ nhớ đệm của app. Điều này sẽ ảnh hưởng đến hiệu suất của app đến khi bộ nhớ đệm được tạo lại.",
+  "cache_settings_clear_cache_button_title": "Xóa bộ nhớ đệm của ứng dụng. Điều này sẽ ảnh hưởng đến hiệu suất của ứng dụng đến khi bộ nhớ đệm được tạo lại.",
   "cache_settings_duplicated_assets_clear_button": "XÓA",
-  "cache_settings_duplicated_assets_subtitle": "Ảnh và video không được phép hiển thị trên app",
+  "cache_settings_duplicated_assets_subtitle": "Ảnh và video không được phép hiển thị trên ứng dụng",
   "cache_settings_duplicated_assets_title": "Tệp bị trùng ({count})",
   "cache_settings_statistics_album": "Ảnh thu nhỏ thư viện",
   "cache_settings_statistics_full": "Ảnh đầy đủ",
   "cache_settings_statistics_shared": "Ảnh thu nhỏ album chia sẻ",
   "cache_settings_statistics_thumbnail": "Ảnh thu nhỏ",
   "cache_settings_statistics_title": "Mức sử dụng bộ nhớ đệm",
-  "cache_settings_subtitle": "Kiểm soát hành vi bộ nhớ đệm của app Immich",
+  "cache_settings_subtitle": "Kiểm soát hành vi bộ nhớ đệm của Immich",
   "cache_settings_tile_subtitle": "Kiểm soát cách xử lý lưu trữ cục bộ",
   "cache_settings_tile_title": "Lưu trữ cục bộ",
   "cache_settings_title": "Cài đặt bộ nhớ đệm",
@@ -999,8 +999,8 @@
   "editor_discard_edits_confirm": "Bỏ thay đổi",
   "editor_discard_edits_prompt": "Bạn có những thay đổi chưa được lưu. Bạn có chắc chắn muốn hủy bỏ chúng không?",
   "editor_discard_edits_title": "Hủy thay đổi?",
-  "editor_edits_applied_error": "Lỗi khi áp dụng thay đổi",
-  "editor_edits_applied_success": "Thay đổi được áp dụng thành công",
+  "editor_edits_applied_error": "Không thể áp dụng chỉnh sửa",
+  "editor_edits_applied_success": "Chỉnh sửa được áp dụng thành công",
   "editor_flip_horizontal": "Lật ngang",
   "editor_flip_vertical": "Lật dọc",
   "editor_orientation": "Định hướng",
@@ -1202,7 +1202,7 @@
   "feature_photo_updated": "Đã cập nhật ảnh nổi bật",
   "features": "Tính năng",
   "features_in_development": "Tính năng đang được phát triển",
-  "features_setting_description": "Quản lý các tính năng app",
+  "features_setting_description": "Quản lý các tính năng ứng dụng",
   "file_name_or_extension": "Tên hoặc phần mở rộng tập tin",
   "file_name_text": "Tên tệp",
   "file_name_with_value": "Tên tệp: {file_name}",
@@ -1280,7 +1280,7 @@
   "home_page_delete_remote_err_local": "Tệp trên thiết bị trong lựa chọn xóa từ xa, bỏ qua",
   "home_page_favorite_err_local": "Không thể thích tệp trên thiết bị, bỏ qua",
   "home_page_favorite_err_partner": "Không thể thích tệp của người thân, bỏ qua",
-  "home_page_first_time_notice": "Nếu đây là lần đầu bạn dùng app, hãy chọn một album sao lưu để dòng thời gian có thể hiển thị ảnh và video của bạn",
+  "home_page_first_time_notice": "Nếu đây là lần đầu bạn dùng ứng dụng, hãy chọn một album sao lưu để dòng thời gian có thể hiển thị ảnh và video của bạn",
   "home_page_locked_error_local": "Không thể di chuyển tệp trên thiết bị đến thư mục Khóa, bỏ qua",
   "home_page_locked_error_partner": "Không thể di chuyển tệp của người thân đến thư mục Khóa, bỏ qua",
   "home_page_share_err_local": "Không thể chia sẻ tệp trên thiết bị qua liên kết, bỏ qua",
@@ -1395,7 +1395,7 @@
   "local_id": "ID cục bộ",
   "local_media_summary": "Mô tả phương tiện trên thiết bị",
   "local_network": "Mạng nội bộ",
-  "local_network_sheet_info": "App sẽ kết nối với máy chủ qua URL này khi sử dụng mạng Wi-Fi được chỉ định",
+  "local_network_sheet_info": "Ứng dụng sẽ kết nối với máy chủ qua URL này khi sử dụng mạng Wi-Fi được chỉ định",
   "location": "Địa điểm",
   "location_permission": "Quyền truy cập vị trí",
   "location_permission_content": "Để sử dụng tính năng tự động chuyển đổi, Immich cần có quyền vị trí chính xác để có thể đọc tên của mạng Wi-Fi hiện tại",
@@ -1471,11 +1471,11 @@
   "manage_geolocation": "Quản lý địa điểm",
   "manage_media_access_rationale": "Để có thể di chuyển tệp vào thùng rác và khôi phục chúng từ đó.",
   "manage_media_access_settings": "Mở cài đặt",
-  "manage_media_access_subtitle": "Cho phép app [Immich] quản lý và di chuyển tệp.",
+  "manage_media_access_subtitle": "Cho phép ứng dụng [Immich] quản lý và di chuyển tệp.",
   "manage_media_access_title": "Quản lý phương tiện",
   "manage_shared_links": "Quản lý liên kết chia sẻ",
   "manage_sharing_with_partners": "Quản lý chia sẻ với người thân",
-  "manage_the_app_settings": "Quản lý cài đặt app",
+  "manage_the_app_settings": "Quản lý cài đặt ứng dụng",
   "manage_your_account": "Quản lý tài khoản của bạn",
   "manage_your_api_keys": "Quản lý các khóa API của bạn",
   "manage_your_devices": "Quản lý các thiết bị đã đăng nhập của bạn",
@@ -1490,7 +1490,7 @@
   "map_marker_for_images": "Đánh dấu bản đồ cho ảnh chụp tại {city}, {country}",
   "map_marker_with_image": "Đánh dấu bản đồ với ảnh",
   "map_no_location_permission_content": "Cần quyền truy cập vị trí để hiển thị tệp từ vị trí hiện tại của bạn. Bạn có muốn cho phép ngay bây giờ không?",
-  "map_no_location_permission_title": "App không được phép truy cập vị trí",
+  "map_no_location_permission_title": "Ứng dụng không được phép truy cập vị trí",
   "map_settings": "Cài đặt bản đồ",
   "map_settings_dark_mode": "Chế độ tối",
   "map_settings_date_range_option_day": "Trong vòng 24 giờ qua",
@@ -1746,7 +1746,7 @@
   "play_transcoded_video": "Phát video đã chuyển mã",
   "please_auth_to_access": "Vui lòng xác thực để truy cập",
   "port": "Cổng",
-  "preferences_settings_subtitle": "Tùy chỉnh trải nghiệm app",
+  "preferences_settings_subtitle": "Tùy chỉnh trải nghiệm ứng dụng",
   "preferences_settings_title": "Cá nhân hóa",
   "preparing": "Đang chuẩn bị",
   "preset": "Mẫu có sẵn",
@@ -1760,7 +1760,7 @@
   "primary": "Chính",
   "privacy": "Bảo mật",
   "profile": "Hồ sơ",
-  "profile_drawer_app_logs": "Log",
+  "profile_drawer_app_logs": "Nhật ký",
   "profile_drawer_client_server_up_to_date": "Máy khách và máy chủ đã cập nhật",
   "profile_drawer_github": "GitHub",
   "profile_drawer_readonly_mode": "Đã bật chế độ chỉ-xem. Nhấn giữ ảnh đại diện người dùng để tắt.",
@@ -2006,7 +2006,7 @@
   "send_message": "Gửi tin nhắn",
   "send_welcome_email": "Gửi email chào mừng",
   "server_endpoint": "Địa chỉ máy chủ",
-  "server_info_box_app_version": "Phiên bản app",
+  "server_info_box_app_version": "Phiên bản ứng dụng",
   "server_info_box_server_url": "URL máy chủ",
   "server_offline": "Máy chủ ngoại tuyến",
   "server_online": "Phiên bản",
@@ -2228,7 +2228,7 @@
   "theme_setting_primary_color_title": "Màu chủ đạo",
   "theme_setting_system_primary_color_title": "Dùng màu hệ thống",
   "theme_setting_system_theme_switch": "Tự động (Giống thiết bị)",
-  "theme_setting_theme_subtitle": "Chọn cài đặt giao diện app",
+  "theme_setting_theme_subtitle": "Chọn cài đặt giao diện ứng dụng",
   "theme_setting_three_stage_loading_subtitle": "Tải ba giai đoạn có thể tăng tốc độ tải ảnh nhưng sẽ tốn dữ liệu mạng đáng kể",
   "theme_setting_three_stage_loading_title": "Bật tải ba giai đoạn",
   "then": "Tiếp theo",
@@ -2276,7 +2276,7 @@
   "troubleshoot": "Khắc phục sự cố",
   "type": "Loại",
   "unable_to_change_pin_code": "Thay đổi mã PIN thất bại",
-  "unable_to_check_version": "Không thể kiểm tra phiên bản app hoặc máy chủ",
+  "unable_to_check_version": "Không thể kiểm tra phiên bản ứng dụng hoặc máy chủ",
   "unable_to_setup_pin_code": "Thiết lập mã PIN thất bại",
   "unarchive": "Bỏ lưu trữ",
   "unarchive_action_prompt": "{count} đã bỏ khỏi Lưu trữ",

i18n/yue_Hant.json

@@ -87,6 +87,7 @@
     "external_libraries_page_description": "管理外部媒體庫嘅頁面",
     "face_detection": "人面偵測",
     "face_detection_description": "使用機器學習偵測項目中嘅臉孔。對於影片，只係會分析縮圖。「重新整理」會重新處理所有嘅項目；「重設」就會額外清除目前嘅臉孔資料；「加入排程」會將尚未處理嘅項目加入序列。完成「臉孔偵測」後，偵測到嘅臉孔將會加入「臉孔辨識」排程，並歸類到而家或者新嘅人物群組。",
+    "facial_recognition_job_description": "將偵測到嘅臉孔歸類為人物。此步驟會在臉孔偵測完成後執行。「重設」會重新對所有嘅臉孔進行分群；「加入排程」就會將未指派人物嘅臉孔加入序列。",
     "failed_job_command": "執行{job}任務嘅{command}指令失敗",
     "force_delete_user_warning": "警告：呢個會立即刪除用戶同埋佢所有嘅檔案。呢個係無法撤銷嘅動作，而且刪除嘅檔案將冇辦法復原。",
     "image_format": "格式",
@@ -99,6 +100,7 @@
     "image_prefer_embedded_preview": "偏向嵌入預覽",
     "image_prefer_embedded_preview_setting_description": "喺可用嘅時候將 RAW 相片中的內嵌預覽作為影像處理嘅輸入來源。雖然呢個設定可以令到部分相片嘅色彩更加準確，但預覽品質取決於相機，且影像可能會出現較多壓縮瑕疵。",
     "image_prefer_wide_gamut": "傾向廣色域",
+    "image_prefer_wide_gamut_setting_description": "使用 Display P3 製作縮圖：可以更好地保留廣色域影像嘅鮮豔度，但係喺舊裝置同舊版瀏覽器上，影像呈現嘅效果可能會有所唔同。sRGB 影像會保留為 sRGB，以避免色彩偏移。",
     "image_preview_description": "中等尺寸嘅圖片，用嚟檢視單一影像同埋機器學習",
     "image_preview_title": "預覽設定",
     "image_progressive": "逐步",

i18n/zh_Hans.json

@@ -1635,7 +1635,7 @@
   "notifications": "通知",
   "notifications_setting_description": "管理通知",
   "oauth": "OAuth",
-  "obtainium_configurator": "Obtainium配置器",
+  "obtainium_configurator": "Obtainium 配置器",
   "obtainium_configurator_instructions": "使用 Obtainium 直接从 Immich 的 GitHub 发布页安装和更新 Android 应用。请创建一个 API 密钥并选择一个版本，以生成你的 Obtainium 配置链接",
   "ocr": "OCR",
   "official_immich_resources": "Immich官方资源",
@@ -1710,7 +1710,7 @@
   "permanent_deletion_warning_setting_description": "永久删除照片/视频时显示警告",
   "permanently_delete": "永久删除",
   "permanently_delete_assets_count": "永久删除{count, plural, one {个项目} other {个项目}}",
-  "permanently_delete_assets_prompt": "确定要永久删除 {count, plural, one {此项目吗？} other {这<b>#</b>个项目吗？}}这也会将{count, plural, one {其} other {它们}}从所属相簿中移除。",
+  "permanently_delete_assets_prompt": "确定要永久删除 {count, plural, one {此项目吗？} other {这 <b>#</b> 个项目吗？}}这也会将{count, plural, one {其} other {它们}}从所属相簿中移除。",
   "permanently_deleted_asset": "永久删除的项目",
   "permanently_deleted_assets_count": "已永久删除{count, plural, one {#个项目} other {#个项目}}",
   "permission": "权限",