always use hw filters when hwa is enabled

.devcontainer/.gitignore

@@ -1,2 +0,0 @@
-.env
-library

.devcontainer/Dockerfile

@@ -1,16 +0,0 @@
-ARG BASEIMAGE=mcr.microsoft.com/devcontainers/typescript-node:22@sha256:9791f4aa527774bc370c6bd2f6705ce5a686f1e6f204badd8dfaacce28c631ae
-FROM ${BASEIMAGE}
-
-# Flutter SDK
-# https://flutter.dev/docs/development/tools/sdk/releases?tab=linux
-ENV FLUTTER_CHANNEL="stable"
-ENV FLUTTER_VERSION="3.29.1"
-ENV FLUTTER_HOME=/flutter
-ENV PATH=${PATH}:${FLUTTER_HOME}/bin
-
-# Flutter SDK
-RUN mkdir -p ${FLUTTER_HOME} \
-  && curl -C - --output flutter.tar.xz https://storage.googleapis.com/flutter_infra_release/releases/${FLUTTER_CHANNEL}/linux/flutter_linux_${FLUTTER_VERSION}-${FLUTTER_CHANNEL}.tar.xz \
-  && tar -xf flutter.tar.xz --strip-components=1 -C ${FLUTTER_HOME} \
-  && rm flutter.tar.xz \
-  && chown -R 1000:1000 ${FLUTTER_HOME}

.devcontainer/devcontainer.json

@@ -1,26 +0,0 @@
-{
-  "name": "Immich",
-  "service": "immich-devcontainer",
-  "dockerComposeFile": [
-    "docker-compose.yml",
-    "../docker/docker-compose.dev.yml"
-  ],
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "Dart-Code.dart-code",
-        "Dart-Code.flutter",
-        "dbaeumer.vscode-eslint",
-        "dcmdev.dcm-vscode-extension",
-        "esbenp.prettier-vscode",
-        "svelte.svelte-vscode"
-      ]
-    }
-  },
-  "forwardPorts": [],
-  "initializeCommand": "bash .devcontainer/scripts/initializeCommand.sh",
-  "onCreateCommand": "bash .devcontainer/scripts/onCreateCommand.sh",
-  "overrideCommand": true,
-  "workspaceFolder": "/immich",
-  "remoteUser": "node"
-}

.devcontainer/docker-compose.yml

@@ -1,8 +0,0 @@
-services:
-  immich-devcontainer:
-    build:
-      dockerfile: Dockerfile
-    extra_hosts:
-      - 'host.docker.internal:host-gateway'
-    volumes:
-      - ..:/immich:cached

.devcontainer/scripts/initializeCommand.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-
-# If .env file does not exist, create it by copying example.env from the docker folder
-if [ ! -f ".devcontainer/.env" ]; then
-    cp docker/example.env .devcontainer/.env
-fi

.devcontainer/scripts/onCreateCommand.sh

@@ -1,25 +0,0 @@
-#!/bin/bash
-
-# Enable multiarch for arm64 if necessary
-if [ "$(dpkg --print-architecture)" = "arm64" ]; then
-    sudo dpkg --add-architecture amd64 && \
-    sudo apt-get update && \
-    sudo apt-get install -y --no-install-recommends \
-        qemu-user-static \
-        libc6:amd64 \
-        libstdc++6:amd64 \
-        libgcc1:amd64
-fi
-
-# Install DCM
-wget -qO- https://dcm.dev/pgp-key.public | sudo gpg --dearmor -o /usr/share/keyrings/dcm.gpg
-sudo echo 'deb [signed-by=/usr/share/keyrings/dcm.gpg arch=amd64] https://dcm.dev/debian stable main' | sudo tee /etc/apt/sources.list.d/dart_stable.list
-
-sudo apt-get update
-sudo apt-get install dcm
-
-dart --disable-analytics
-
-# Install immich
-cd /immich || exit
-make install-all

.github/DISCUSSION_TEMPLATE/feature-request.yaml

@@ -11,7 +11,7 @@ body:
 
   - type: checkboxes
     attributes:
-      label: I have searched the existing feature requests, both open and closed, to make sure this is not a duplicate request.
+      label: I have searched the existing feature requests to make sure this is not a duplicate request.
       options:
         - label: "Yes"
           required: true

.github/FUNDING.yml

@@ -1 +1 @@
-custom: ['https://buy.immich.app', 'https://immich.store']
+custom: ['https://buy.immich.app']

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -1,13 +1,6 @@
 name: Report an issue with Immich
 description: Report an issue with Immich
 body:
-  - type: checkboxes
-    attributes:
-      label: I have searched the existing issues, both open and closed, to make sure this is not a duplicate report.
-      options:
-        - label: "Yes"
-          required: true
-
   - type: markdown
     attributes:
       value: |

.github/PULL_REQUEST_TEMPLATE/config.yml

@@ -1 +1,2 @@
+blank_issues_enabled: false
 blank_pull_request_template_enabled: false

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

@@ -0,0 +1,22 @@
+## Description
+<!--- Describe your changes in detail -->
+<!--- Why is this change required? What problem does it solve? -->
+<!--- If it fixes an open issue, please link to the issue here. -->
+
+Fixes # (issue)
+
+
+## How Has This Been Tested?
+
+<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
+
+- [ ] Test A
+- [ ] Test B
+
+## Screenshots (if appropriate):
+
+
+## Checklist:
+
+- [ ] I have performed a self-review of my own code
+- [ ] I have made corresponding changes to the documentation if applicable

.github/pull_request_template.md

@@ -1,36 +0,0 @@
-## Description
-
-<!--- Describe your changes in detail -->
-<!--- Why is this change required? What problem does it solve? -->
-<!--- If it fixes an open issue, please link to the issue here. -->
-
-Fixes # (issue)
-
-## How Has This Been Tested?
-
-<!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration -->
-
-- [ ] Test A
-- [ ] Test B
-
-<details><summary><h2>Screenshots (if appropriate)</h2></summary>
-
-<!-- Images go below this line. -->
-
-</details>
-
-<!-- API endpoint changes (if relevant)
-## API Changes
-The `/api/something` endpoint is now `/api/something-else`
--->
-
-## Checklist:
-
-- [ ] I have performed a self-review of my own code
-- [ ] I have made corresponding changes to the documentation if applicable
-- [ ] I have no unrelated changes in the PR.
-- [ ] I have confirmed that any new dependencies are strictly necessary.
-- [ ] I have written tests for new code (if applicable)
-- [ ] I have followed naming conventions/patterns in the surrounding code
-- [ ] All code in `src/services/` uses repositories implementations for database calls, filesystem operations, etc.
-- [ ] All code in `src/repositories/` is pretty basic/simple and does not have any immich specific logic (that belongs in `src/services/`)

.github/workflows/build-mobile.yml

@@ -29,11 +29,9 @@ jobs:
           filters: |
             mobile:
               - 'mobile/**'
-            workflow:
-              - '.github/workflows/build-mobile.yml'
       - name: Check if we should force jobs to run
         id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_call' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
+        run: echo "should_force=${{ github.event_name == 'workflow_call' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
 
   build-sign-android:
     name: Build and sign Android

.github/workflows/cli.yml

@@ -56,10 +56,10 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3.6.0
+        uses: docker/setup-qemu-action@v3.2.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.10.0
+        uses: docker/setup-buildx-action@v3.7.1
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
@@ -88,7 +88,7 @@ jobs:
             type=raw,value=latest,enable=${{ github.event_name == 'release' }}
 
       - name: Build and push image
-        uses: docker/build-push-action@v6.15.0
+        uses: docker/build-push-action@v6.9.0
         with:
           file: cli/Dockerfile
           platforms: linux/amd64,linux/arm64

.github/workflows/docker-cleanup.yml

@@ -0,0 +1,73 @@
+# This workflow runs on certain conditions to check for and potentially
+# delete container images from the GHCR which no longer have an associated
+# code branch.
+# Requires a PAT with the correct scope set in the secrets.
+#
+# This workflow will not trigger runs on forked repos.
+
+name: Docker Cleanup
+
+on:
+  pull_request:
+    types:
+      - "closed"
+  push:
+    paths:
+      - ".github/workflows/docker-cleanup.yml"
+
+concurrency:
+  group: registry-tags-cleanup
+  cancel-in-progress: false
+
+jobs:
+  cleanup-images:
+    name: Cleanup Stale Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-24.04
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      - name: Clean temporary images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/ephemeral@v0.9.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          is_org: "true"
+          do_delete: "true"
+          package_name: "${{ matrix.primary-name }}"
+          scheme: "pull_request"
+          repo_name: "immich"
+          match_regex: '^pr-(\d+)$|^(\d+)$'
+
+  cleanup-untagged-images:
+    name: Cleanup Untagged Images Tags for ${{ matrix.primary-name }}
+    runs-on: ubuntu-24.04
+    needs:
+      - cleanup-images
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - primary-name: "immich-server"
+          - primary-name: "immich-machine-learning"
+          - primary-name: "immich-build-cache"
+    env:
+      # Requires a personal access token with the OAuth scope delete:packages
+      TOKEN: ${{ secrets.PACKAGE_DELETE_TOKEN }}
+    steps:
+      - name: Clean untagged images
+        if: "${{ env.TOKEN != '' }}"
+        uses: stumpylog/image-cleaner-action/untagged@v0.9.0
+        with:
+          token: "${{ env.TOKEN }}"
+          owner: "immich-app"
+          do_delete: "true"
+          is_org: "true"
+          package_name: "${{ matrix.primary-name }}"

.github/workflows/docker.yml

@@ -5,6 +5,7 @@ on:
   push:
     branches: [main]
   pull_request:
+    branches: [main]
   release:
     types: [published]
 
@@ -35,12 +36,10 @@ jobs:
               - 'i18n/**'
             machine-learning:
               - 'machine-learning/**'
-            workflow:
-              - '.github/workflows/docker.yml'
 
       - name: Check if we should force jobs to run
         id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
+        run: echo "should_force=${{ github.event_name == 'workflow_dispatch' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
 
   retag_ml:
     name: Re-Tag ML
@@ -62,10 +61,8 @@ jobs:
               REGISTRY_NAME="ghcr.io"
               REPOSITORY=${{ github.repository_owner }}/immich-machine-learning
               TAG_OLD=main${{ matrix.suffix }}
-              TAG_PR=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
-              TAG_COMMIT=commit-${{ github.event_name != 'pull_request' && github.sha || github.event.pull_request.head.sha }}${{ matrix.suffix }}
-              docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_PR $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-              docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_COMMIT $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
+              TAG_NEW=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
+              docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_NEW $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
 
   retag_server:
     name: Re-Tag Server
@@ -87,100 +84,107 @@ jobs:
           REGISTRY_NAME="ghcr.io"
           REPOSITORY=${{ github.repository_owner }}/immich-server
           TAG_OLD=main${{ matrix.suffix }}
-          TAG_PR=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
-          TAG_COMMIT=commit-${{ github.event_name != 'pull_request' && github.sha || github.event.pull_request.head.sha }}${{ matrix.suffix }}
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_PR $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
-          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_COMMIT $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
+          TAG_NEW=${{ github.event.number == 0 && github.ref_name ||  format('pr-{0}', github.event.number)  }}${{ matrix.suffix }}
+          docker buildx imagetools create -t $REGISTRY_NAME/$REPOSITORY:$TAG_NEW $REGISTRY_NAME/$REPOSITORY:$TAG_OLD
+
 
   build_and_push_ml:
     name: Build and Push ML
     needs: pre-job
     if: ${{ needs.pre-job.outputs.should_run_ml == 'true' }}
-    runs-on: ${{ matrix.runner }}
+    runs-on: ubuntu-latest
     env:
       image: immich-machine-learning
       context: machine-learning
       file: machine-learning/Dockerfile
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-machine-learning
     strategy:
       # Prevent a failure in one image from stopping the other builds
       fail-fast: false
       matrix:
         include:
-          - platform: linux/amd64
-            runner: ubuntu-latest
+          - platforms: linux/amd64,linux/arm64
             device: cpu
 
-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
-            device: cpu
-
-          - platform: linux/amd64
-            runner: ubuntu-latest
+          - platforms: linux/amd64
             device: cuda
             suffix: -cuda
 
-          - platform: linux/amd64
-            runner: ubuntu-latest
+          - platforms: linux/amd64
             device: openvino
             suffix: -openvino
 
-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
+          - platforms: linux/arm64
             device: armnn
             suffix: -armnn
 
     steps:
-      - name: Prepare
-        run: |
-          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3.2.0
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.10.0
+        uses: docker/setup-buildx-action@v3.7.1
+
+      - name: Login to Docker Hub
+        # Only push to Docker Hub when making a release
+        if: ${{ github.event_name == 'release' }}
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
+        # Skip when PR from a fork
         if: ${{ !github.event.pull_request.head.repo.fork }}
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Generate cache key suffix
-        run: |
-          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            echo "CACHE_KEY_SUFFIX=pr-${{ github.event.number }}" >> $GITHUB_ENV
-          else
-            echo "CACHE_KEY_SUFFIX=$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_ENV
-          fi
+      - name: Generate docker image tags
+        id: metadata
+        uses: docker/metadata-action@v5
+        with:
+          flavor: |
+            # Disable latest tag
+            latest=false
+          images: |
+            name=ghcr.io/${{ github.repository_owner }}/${{env.image}}
+            name=altran1502/${{env.image}},enable=${{ github.event_name == 'release' }}
+          tags: |
+            # Tag with branch name
+            type=ref,event=branch,suffix=${{ matrix.suffix }}
+            # Tag with pr-number
+            type=ref,event=pr,suffix=${{ matrix.suffix }}
+            # Tag with git tag on release
+            type=ref,event=tag,suffix=${{ matrix.suffix }}
+            type=raw,value=release,enable=${{ github.event_name == 'release' }},suffix=${{ matrix.suffix }}
 
-      - name: Generate cache target
+      - name: Determine build cache output
         id: cache-target
         run: |
-          if [[ "${{ github.event.pull_request.head.repo.fork }}" == "true" ]]; then
-            # Essentially just ignore the cache output (forks can't write to registry cache)
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            # Essentially just ignore the cache output (PR can't write to registry cache)
             echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
           else
-            echo "cache-to=type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-${{ env.CACHE_KEY_SUFFIX }},mode=max,compression=zstd" >> $GITHUB_OUTPUT
+            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ env.image }}" >> $GITHUB_OUTPUT
           fi
 
       - name: Build and push image
-        id: build
-        uses: docker/build-push-action@v6.15.0
+        uses: docker/build-push-action@v6.9.0
         with:
           context: ${{ env.context }}
           file: ${{ env.file }}
           platforms: ${{ matrix.platforms }}
-          labels: ${{ steps.metadata.outputs.labels }}
+          # Skip pushing when PR from a fork
+          push: ${{ !github.event.pull_request.head.repo.fork }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{env.image}}
           cache-to: ${{ steps.cache-target.outputs.cache-to }}
-          cache-from: |
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-${{ env.CACHE_KEY_SUFFIX }}
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-main
-          outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=${{ !github.event.pull_request.head.repo.fork }}
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
           build-args: |
             DEVICE=${{ matrix.device }}
             BUILD_ID=${{ github.run_id }}
@@ -188,251 +192,100 @@ jobs:
             BUILD_SOURCE_REF=${{ github.ref_name }}
             BUILD_SOURCE_COMMIT=${{ github.sha }}
 
-      - name: Export digest
-        run: |
-          mkdir -p ${{ runner.temp }}/digests
-          digest="${{ steps.build.outputs.digest }}"
-          touch "${{ runner.temp }}/digests/${digest#sha256:}"
-
-      - name: Upload digest
-        uses: actions/upload-artifact@v4
-        with:
-          name: ml-digests-${{ matrix.device }}-${{ env.PLATFORM_PAIR }}
-          path: ${{ runner.temp }}/digests/*
-          if-no-files-found: error
-          retention-days: 1
-
-  merge_ml:
-    name: Merge & Push ML
-    runs-on: ubuntu-latest
-    if: ${{ needs.pre-job.outputs.should_run_ml == 'true' && !github.event.pull_request.head.repo.fork }}
-    env:
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-machine-learning
-      DOCKER_REPO: altran1502/immich-machine-learning
-    strategy:
-      matrix:
-        include:
-          - device: cpu
-          - device: cuda
-            suffix: -cuda
-          - device: openvino
-            suffix: -openvino
-          - device: armnn
-            suffix: -armnn
-    needs:
-      - build_and_push_ml
-    steps:
-      - name: Download digests
-        uses: actions/download-artifact@v4
-        with:
-          path: ${{ runner.temp }}/digests
-          pattern: ml-digests-${{ matrix.device }}-*
-          merge-multiple: true
-
-      - name: Login to Docker Hub
-        if: ${{ github.event_name == 'release' }}
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Login to GHCR
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Generate docker image tags
-        id: meta
-        uses: docker/metadata-action@v5
-        env:
-          DOCKER_METADATA_PR_HEAD_SHA: "true"
-        with:
-          flavor: |
-            # Disable latest tag
-            latest=false
-            suffix=${{ matrix.suffix }}
-          images: |
-            name=${{ env.GHCR_REPO }}
-            name=${{ env.DOCKER_REPO }},enable=${{ github.event_name == 'release' }}
-          tags: |
-            # Tag with branch name
-            type=ref,event=branch
-            # Tag with pr-number
-            type=ref,event=pr
-            # Tag with long commit sha hash
-            type=sha,format=long,prefix=commit-
-            # Tag with git tag on release
-            type=ref,event=tag
-            type=raw,value=release,enable=${{ github.event_name == 'release' }}
-
-      - name: Create manifest list and push
-        working-directory: ${{ runner.temp }}/digests
-        run: |
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
 
   build_and_push_server:
     name: Build and Push Server
-    runs-on: ${{ matrix.runner }}
+    runs-on: ubuntu-latest
     needs: pre-job
     if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
     env:
       image: immich-server
       context: .
       file: server/Dockerfile
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-server
     strategy:
       fail-fast: false
       matrix:
         include:
-          - platform: linux/amd64
-            runner: ubuntu-latest
-          - platform: linux/arm64
-            runner: ubuntu-24.04-arm
+          - platforms: linux/amd64,linux/arm64
+            device: cpu
     steps:
-      - name: Prepare
-        run: |
-          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3.2.0
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        if: ${{ !github.event.pull_request.head.repo.fork }}
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Generate cache key suffix
-        run: |
-          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            echo "CACHE_KEY_SUFFIX=pr-${{ github.event.number }}" >> $GITHUB_ENV
-          else
-            echo "CACHE_KEY_SUFFIX=$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_ENV
-          fi
-
-      - name: Generate cache target
-        id: cache-target
-        run: |
-          if [[ "${{ github.event.pull_request.head.repo.fork }}" == "true" ]]; then
-            # Essentially just ignore the cache output (forks can't write to registry cache)
-            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
-          else
-            echo "cache-to=type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ matrix.device }}-${{ env.CACHE_KEY_SUFFIX }},mode=max,compression=zstd" >> $GITHUB_OUTPUT
-          fi
-
-      - name: Build and push image
-        id: build
-        uses: docker/build-push-action@v6.15.0
-        with:
-          context: ${{ env.context }}
-          file: ${{ env.file }}
-          platforms: ${{ matrix.platform }}
-          labels: ${{ steps.metadata.outputs.labels }}
-          cache-to: ${{ steps.cache-target.outputs.cache-to }}
-          cache-from: |
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-${{ env.CACHE_KEY_SUFFIX }}
-            type=registry,ref=${{ env.GHCR_REPO }}-build-cache:${{ env.PLATFORM_PAIR }}-main
-          outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=${{ !github.event.pull_request.head.repo.fork }}
-          build-args: |
-            DEVICE=cpu
-            BUILD_ID=${{ github.run_id }}
-            BUILD_IMAGE=${{ github.event_name == 'release' && github.ref_name || steps.metadata.outputs.tags }}
-            BUILD_SOURCE_REF=${{ github.ref_name }}
-            BUILD_SOURCE_COMMIT=${{ github.sha }}
-
-      - name: Export digest
-        run: |
-          mkdir -p ${{ runner.temp }}/digests
-          digest="${{ steps.build.outputs.digest }}"
-          touch "${{ runner.temp }}/digests/${digest#sha256:}"
-
-      - name: Upload digest
-        uses: actions/upload-artifact@v4
-        with:
-          name: server-digests-${{ env.PLATFORM_PAIR }}
-          path: ${{ runner.temp }}/digests/*
-          if-no-files-found: error
-          retention-days: 1
-
-  merge_server:
-    name: Merge & Push Server
-    runs-on: ubuntu-latest
-    if: ${{ needs.pre-job.outputs.should_run_server == 'true' && !github.event.pull_request.head.repo.fork }}
-    env:
-      GHCR_REPO: ghcr.io/${{ github.repository_owner }}/immich-server
-      DOCKER_REPO: altran1502/immich-server
-    needs:
-      - build_and_push_server
-    steps:
-      - name: Download digests
-        uses: actions/download-artifact@v4
-        with:
-          path: ${{ runner.temp }}/digests
-          pattern: server-digests-*
-          merge-multiple: true
+        uses: docker/setup-buildx-action@v3.7.1
 
       - name: Login to Docker Hub
+        # Only push to Docker Hub when making a release
         if: ${{ github.event_name == 'release' }}
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: Login to GHCR
+      - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
+        # Skip when PR from a fork
+        if: ${{ !github.event.pull_request.head.repo.fork }}
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
       - name: Generate docker image tags
-        id: meta
+        id: metadata
         uses: docker/metadata-action@v5
-        env:
-          DOCKER_METADATA_PR_HEAD_SHA: "true"
         with:
           flavor: |
             # Disable latest tag
             latest=false
-            suffix=${{ matrix.suffix }}
           images: |
-            name=${{ env.GHCR_REPO }}
-            name=${{ env.DOCKER_REPO }},enable=${{ github.event_name == 'release' }}
+            name=ghcr.io/${{ github.repository_owner }}/${{env.image}}
+            name=altran1502/${{env.image}},enable=${{ github.event_name == 'release' }}
           tags: |
             # Tag with branch name
-            type=ref,event=branch
+            type=ref,event=branch,suffix=${{ matrix.suffix }}
             # Tag with pr-number
-            type=ref,event=pr
-            # Tag with long commit sha hash
-            type=sha,format=long,prefix=commit-
+            type=ref,event=pr,suffix=${{ matrix.suffix }}
             # Tag with git tag on release
-            type=ref,event=tag
-            type=raw,value=release,enable=${{ github.event_name == 'release' }}
+            type=ref,event=tag,suffix=${{ matrix.suffix }}
+            type=raw,value=release,enable=${{ github.event_name == 'release' }},suffix=${{ matrix.suffix }}
 
-      - name: Create manifest list and push
-        working-directory: ${{ runner.temp }}/digests
+      - name: Determine build cache output
+        id: cache-target
         run: |
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+            # Essentially just ignore the cache output (PR can't write to registry cache)
+            echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
+          else
+            echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ env.image }}" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Build and push image
+        uses: docker/build-push-action@v6.9.0
+        with:
+          context: ${{ env.context }}
+          file: ${{ env.file }}
+          platforms: ${{ matrix.platforms }}
+          # Skip pushing when PR from a fork
+          push: ${{ !github.event.pull_request.head.repo.fork }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{env.image}}
+          cache-to: ${{ steps.cache-target.outputs.cache-to }}
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
+          build-args: |
+            DEVICE=${{ matrix.device }}
+            BUILD_ID=${{ github.run_id }}
+            BUILD_IMAGE=${{ github.event_name == 'release' && github.ref_name || steps.metadata.outputs.tags }}
+            BUILD_SOURCE_REF=${{ github.ref_name }}
+            BUILD_SOURCE_COMMIT=${{ github.sha }}
 
   success-check-server:
     name: Docker Build & Push Server Success
-    needs: [merge_server, retag_server]
+    needs: [build_and_push_server, retag_server]
     runs-on: ubuntu-latest
     if: always()
     steps:
@@ -445,7 +298,7 @@ jobs:
 
   success-check-ml:
     name: Docker Build & Push ML Success
-    needs: [merge_ml, retag_ml]
+    needs: [build_and_push_ml, retag_ml]
     runs-on: ubuntu-latest
     if: always()
     steps:

.github/workflows/docs-build.yml

@@ -15,7 +15,7 @@ jobs:
   pre-job:
     runs-on: ubuntu-latest
     outputs:
-      should_run: ${{ steps.found_paths.outputs.docs == 'true' ||  steps.should_force.outputs.should_force == 'true' }}
+      should_run: ${{ steps.found_paths.outputs.docs == 'true' || steps.should_force.outputs.should_force == 'true' }}
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -25,11 +25,9 @@ jobs:
           filters: |
             docs:
               - 'docs/**'
-            workflow:
-              - '.github/workflows/docs-build.yml'
       - name: Check if we should force jobs to run
         id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'release' || github.ref_name == 'main' }}" >> "$GITHUB_OUTPUT"
+        run: echo "should_force=${{ github.event_name == 'release' || github.ref_name == 'main' }}" >> "$GITHUB_OUTPUT"
 
   build:
     name: Docs Build

.github/workflows/pr-label-validation.yml

@@ -19,4 +19,3 @@ jobs:
           use_regex: true
           labels: "changelog:.*"
           add_comment: true
-          message: "Label error. Requires {{errorString}} {{count}} of: {{ provided }}. Found: {{ applied }}. A maintainer will add the required label."

.github/workflows/pr-require-conventional-commit.yml

@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: PR Conventional Commit Validation
-        uses:  ytanikin/PRConventionalCommits@1.3.0
+        uses:  ytanikin/PRConventionalCommits@1.2.0
         with:
           task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]'
           add_label: 'false'

.github/workflows/prepare-release.yml

@@ -41,8 +41,8 @@ jobs:
         with:
           token: ${{ steps.generate-token.outputs.token }}
 
-      - name: Install uv
-        uses: astral-sh/setup-uv@v5
+      - name: Install Poetry
+        run: pipx install poetry
 
       - name: Bump version
         run: misc/release/pump-version.sh -s "${{ inputs.serverBump }}" -m "${{ inputs.mobileBump }}"
@@ -68,17 +68,10 @@ jobs:
     needs: build_mobile
 
     steps:
-      - name: Generate a token
-        id: generate-token
-        uses: actions/create-github-app-token@v1
-        with:
-          app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          token: ${{ steps.generate-token.outputs.token }}
+          token: ${{ secrets.ORG_RELEASE_TOKEN }}
 
       - name: Download APK
         uses: actions/download-artifact@v4

.github/workflows/preview-label.yaml

@@ -1,33 +0,0 @@
-name: Preview label
-
-on:
-  pull_request:
-    types: [labeled, closed]
-
-jobs:
-  comment-status:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'labeled' && github.event.label.name == 'preview' }}
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: mshick/add-pr-comment@v2
-        with:
-          message-id: "preview-status"
-          message: "Deploying preview environment to https://pr-${{ github.event.pull_request.number }}.preview.internal.immich.cloud/"
-
-  remove-label:
-    runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'closed' && contains(github.event.pull_request.labels.*.name, 'preview') }}
-    permissions:
-      pull-requests: write
-    steps:
-      - uses: actions/github-script@v7
-        with:
-          script: |
-            github.rest.issues.removeLabel({
-              issue_number: context.payload.pull_request.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'preview'
-            })

.github/workflows/static_analysis.yml

@@ -23,11 +23,9 @@ jobs:
           filters: |
             mobile:
               - 'mobile/**'
-            workflow:
-              - '.github/workflows/static_analysis.yml'
       - name: Check if we should force jobs to run
         id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
+        run: echo "should_force=${{ github.event_name == 'release' }}" >> "$GITHUB_OUTPUT"
 
   mobile-dart-analyze:
     name: Run Dart Code Analysis
@@ -50,26 +48,6 @@ jobs:
         run: dart pub get
         working-directory: ./mobile
 
-      - name: Run Build Runner
-        run: make build
-        working-directory: ./mobile
-
-      - name: Find file changes
-        uses: tj-actions/verify-changed-files@v20
-        id: verify-changed-files
-        with:
-          files: |
-            mobile/**/*.g.dart
-            mobile/**/*.gr.dart
-            mobile/**/*.drift.dart
-
-      - name: Verify files have not changed
-        if: steps.verify-changed-files.outputs.files_changed == 'true'
-        run: |
-          echo "ERROR: Generated files not up to date! Run make_build inside the mobile directory"
-          echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
-          exit 1
-
       - name: Run dart analyze
         run: dart analyze --fatal-infos
         working-directory: ./mobile
@@ -81,3 +59,8 @@ jobs:
       - name: Run dart custom_lint
         run: dart run custom_lint
         working-directory: ./mobile
+
+      # Enable after riverpod generator migration is completed
+      # - name: Run dart custom lint
+      #   run: dart run custom_lint
+      #   working-directory: ./mobile

.github/workflows/test.yml

@@ -43,12 +43,10 @@ jobs:
               - 'mobile/**'
             machine-learning:
               - 'machine-learning/**'
-            workflow:
-              - '.github/workflows/test.yml'
 
       - name: Check if we should force jobs to run
         id: should_force
-        run: echo "should_force=${{ steps.found_paths.outputs.workflow == 'true' || github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
+        run: echo "should_force=${{ github.event_name == 'workflow_dispatch' }}" >> "$GITHUB_OUTPUT"
 
   server-unit-tests:
     name: Test & Lint Server
@@ -246,30 +244,25 @@ jobs:
         run: npm run check
         if: ${{ !cancelled() }}
 
-  server-medium-tests:
+  medium-tests-server:
     name: Medium Tests (Server)
     needs: pre-job
     if: ${{ needs.pre-job.outputs.should_run_server == 'true' }}
-    runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: ./server
+    runs-on: mich
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
-
-      - name: Setup Node
-        uses: actions/setup-node@v4
         with:
-          node-version-file: './server/.nvmrc'
+          submodules: 'recursive'
 
-      - name: Run npm install
-        run: npm ci
+      - name: Production build
+        if: ${{ !cancelled() }}
+        run: docker compose -f e2e/docker-compose.yml build
 
       - name: Run medium tests
-        run: npm run test:medium
         if: ${{ !cancelled() }}
+        run: make test-medium
 
   e2e-tests-server-cli:
     name: End-to-End Tests (Server & CLI)
@@ -380,28 +373,27 @@ jobs:
         working-directory: ./machine-learning
     steps:
       - uses: actions/checkout@v4
-      - name: Install uv
-        uses: astral-sh/setup-uv@v5
+      - name: Install poetry
+        run: pipx install poetry
       - uses: actions/setup-python@v5
-        # TODO: add caching when supported (https://github.com/actions/setup-python/pull/818)
-        # with:
-        #   python-version: 3.11
-        #   cache: 'uv'
+        with:
+          python-version: 3.11
+          cache: 'poetry'
       - name: Install dependencies
         run: |
-          uv sync --extra cpu
+          poetry install --with dev --with cpu
       - name: Lint with ruff
         run: |
-          uv run ruff check --output-format=github app export
+          poetry run ruff check --output-format=github app export
       - name: Check black formatting
         run: |
-          uv run black --check app export
+          poetry run black --check app export
       - name: Run mypy type checking
         run: |
-          uv run mypy --strict app/
+          poetry run mypy --install-types --non-interactive --strict app/
       - name: Run tests and coverage
         run: |
-          uv run pytest app --cov=app --cov-report term-missing
+          poetry run pytest app --cov=app --cov-report term-missing
 
   shellcheck:
     name: ShellCheck
@@ -458,7 +450,7 @@ jobs:
     runs-on: ubuntu-latest
     services:
       postgres:
-        image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+        image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
         env:
           POSTGRES_PASSWORD: postgres
           POSTGRES_USER: postgres
@@ -510,7 +502,6 @@ jobs:
         run: |
           echo "ERROR: Generated migration files not up to date!"
           echo "Changed files: ${{ steps.verify-changed-files.outputs.changed_files }}"
-          cat ./src/migrations/*-TestMigration.ts
           exit 1
 
       - name: Run SQL generation

.github/workflows/weblate-lock.yml

@@ -1,57 +0,0 @@
-name: Weblate checks
-
-on:
-  pull_request:
-    branches: [main]
-
-jobs:
-  pre-job:
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.found_paths.outputs.i18n == 'true' && github.head_ref != 'chore/translations'}}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - id: found_paths
-        uses: dorny/paths-filter@v3
-        with:
-          filters: |
-            i18n:
-              - 'i18n/!(en)**\.json'
-      - name: Debug
-        run: |
-            echo "Should run: ${{ steps.found_paths.outputs.i18n == 'true' && github.head_ref != 'chore/translations'}}"
-            echo "Found i18n paths: ${{ steps.found_paths.outputs.i18n }}"
-            echo "Head ref: ${{ github.head_ref }}"
-
-  enforce-lock:
-    name: Check Weblate Lock
-    needs: [ pre-job ]
-    runs-on: ubuntu-latest
-    if: ${{ needs.pre-job.outputs.should_run == 'true' }}
-    steps:
-      - name: Check weblate lock
-        run: |
-          if [[ "false" = $(curl https://hosted.weblate.org/api/components/immich/immich/lock/ | jq .locked) ]]; then
-            exit 1
-          fi
-      - name: Find Pull Request
-        uses: juliangruber/find-pull-request-action@v1
-        id: find-pr
-        with:
-          branch: chore/translations
-      - name: Fail if existing weblate PR
-        if: ${{ steps.find-pr.outputs.number }}
-        run: exit 1
-  success-check-lock:
-    name: Weblate Lock Check Success
-    needs: [ enforce-lock ]
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: Any jobs failed?
-        if: ${{ contains(needs.*.result, 'failure') }}
-        run: exit 1
-      - name: All jobs passed or skipped
-        if: ${{ !(contains(needs.*.result, 'failure')) }}
-        run: echo "All jobs passed or skipped" && echo "${{ toJSON(needs.*.result) }}"

.vscode/settings.json

@@ -41,4 +41,4 @@
   "explorer.fileNesting.patterns": {
     "*.ts": "${capture}.spec.ts,${capture}.mock.ts"
   }
-}
+}

Makefile

@@ -39,7 +39,7 @@ attach-server:
 renovate:
   LOG_LEVEL=debug npx renovate --platform=local --repository-cache=reset
 
-MODULES = e2e server web cli sdk docs
+MODULES = e2e server web cli sdk
 
 audit-%:
 	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) audit fix
@@ -48,9 +48,11 @@ install-%:
 build-cli: build-sdk
 build-web: build-sdk
 build-%: install-%
-	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run build
+	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run | grep 'build' >/dev/null \
+		&& npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run build || true
 format-%:
-	npm --prefix $* run format:fix
+	npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run | grep 'format:fix' >/dev/null \
+		&& npm --prefix $(subst sdk,open-api/typescript-sdk,$*) run format:fix || true
 lint-%:
 	npm --prefix $* run lint:fix
 check-%:
@@ -77,14 +79,14 @@ test-medium:
 test-medium-dev:
 	docker exec -it immich_server /bin/sh -c "npm run test:medium"
 
-build-all: $(foreach M,$(filter-out e2e,$(MODULES)),build-$M) ;
+build-all: $(foreach M,$(MODULES),build-$M) ;
 install-all: $(foreach M,$(MODULES),install-$M) ;
-check-all: $(foreach M,$(filter-out sdk cli docs,$(MODULES)),check-$M) ;
-lint-all: $(foreach M,$(filter-out sdk docs,$(MODULES)),lint-$M) ;
-format-all: $(foreach M,$(filter-out sdk,$(MODULES)),format-$M) ;
+check-all: $(foreach M,$(MODULES),check-$M) ;
+lint-all: $(foreach M,$(MODULES),lint-$M) ;
+format-all: $(foreach M,$(MODULES),format-$M) ;
 audit-all:  $(foreach M,$(MODULES),audit-$M) ;
 hygiene-all: lint-all format-all check-all sql audit-all;
-test-all: $(foreach M,$(filter-out sdk docs,$(MODULES)),test-$M) ;
+test-all: $(foreach M,$(MODULES),test-$M) ;
 
 clean:
 	find . -name "node_modules" -type d -prune -exec rm -rf '{}' +

README.md

@@ -1,11 +1,11 @@
 <p align="center"> 
-  <br/>
+  <br/>  
   <a href="https://opensource.org/license/agpl-v3"><img src="https://img.shields.io/badge/License-AGPL_v3-blue.svg?color=3F51B5&style=for-the-badge&label=License&logoColor=000000&labelColor=ececec" alt="License: AGPLv3"></a>
   <a href="https://discord.immich.app">
     <img src="https://img.shields.io/discord/979116623879368755.svg?label=Discord&logo=Discord&style=for-the-badge&logoColor=000000&labelColor=ececec" alt="Discord"/>
   </a>
-  <br/>
-  <br/>
+  <br/>  
+  <br/>   
 </p>
 
 <p align="center">
@@ -29,7 +29,6 @@
   <a href="readme_i18n/README_nl_NL.md">Nederlands</a>
   <a href="readme_i18n/README_tr_TR.md">Türkçe</a>
   <a href="readme_i18n/README_zh_CN.md">中文</a>
-  <a href="readme_i18n/README_uk_UA.md">Українська</a>
   <a href="readme_i18n/README_ru_RU.md">Русский</a>
   <a href="readme_i18n/README_pt_BR.md">Português Brasileiro</a>
   <a href="readme_i18n/README_sv_SE.md">Svenska</a>
@@ -63,7 +62,7 @@
 
 Access the demo [here](https://demo.immich.app). The demo is running on a Free-tier Oracle VM in Amsterdam with a 2.4Ghz quad-core ARM64 CPU and 24GB RAM.
 
-For the mobile app, you can use `https://demo.immich.app` for the `Server Endpoint URL`
+For the mobile app, you can use `https://demo.immich.app/api` for the `Server Endpoint URL`
 
 ### Login credentials
 

cli/.nvmrc

@@ -1 +1 @@
-22.14.0
+22.11.0

cli/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:22.14.0-alpine3.20@sha256:40be979442621049f40b1d51a26b55e281246b5de4e5f51a18da7beb6e17e3f9 AS core
+FROM node:22.11.0-alpine3.20@sha256:f265794478aa0b1a23d85a492c8311ed795bc527c3fe7e43453b3c872dcd71a3 AS core
 
 WORKDIR /usr/src/open-api/typescript-sdk
 COPY open-api/typescript-sdk/package*.json open-api/typescript-sdk/tsconfig*.json ./

cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@immich/cli",
-  "version": "2.2.53",
+  "version": "2.2.28",
   "description": "Command Line Interface (CLI) for Immich",
   "type": "module",
   "exports": "./dist/index.js",
@@ -19,27 +19,26 @@
     "@types/byte-size": "^8.1.0",
     "@types/cli-progress": "^3.11.0",
     "@types/lodash-es": "^4.17.12",
-    "@types/micromatch": "^4.0.9",
     "@types/mock-fs": "^4.13.1",
-    "@types/node": "^22.13.9",
-    "@typescript-eslint/eslint-plugin": "^8.15.0",
-    "@typescript-eslint/parser": "^8.15.0",
-    "@vitest/coverage-v8": "^3.0.0",
+    "@types/node": "^22.8.5",
+    "@typescript-eslint/eslint-plugin": "^8.0.0",
+    "@typescript-eslint/parser": "^8.0.0",
+    "@vitest/coverage-v8": "^2.0.5",
     "byte-size": "^9.0.0",
     "cli-progress": "^3.12.0",
     "commander": "^12.0.0",
-    "eslint": "^9.14.0",
-    "eslint-config-prettier": "^10.0.0",
+    "eslint": "^9.0.0",
+    "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-unicorn": "^56.0.1",
-    "globals": "^16.0.0",
+    "eslint-plugin-unicorn": "^55.0.0",
+    "globals": "^15.9.0",
     "mock-fs": "^5.2.0",
     "prettier": "^3.2.5",
     "prettier-plugin-organize-imports": "^4.0.0",
     "typescript": "^5.3.3",
-    "vite": "^6.0.0",
+    "vite": "^5.0.12",
     "vite-tsconfig-paths": "^5.0.0",
-    "vitest": "^3.0.0",
+    "vitest": "^2.0.5",
     "vitest-fetch-mock": "^0.4.0",
     "yaml": "^2.3.1"
   },
@@ -63,13 +62,11 @@
     "node": ">=20.0.0"
   },
   "dependencies": {
-    "chokidar": "^4.0.3",
     "fast-glob": "^3.3.2",
     "fastq": "^1.17.1",
-    "lodash-es": "^4.17.21",
-    "micromatch": "^4.0.8"
+    "lodash-es": "^4.17.21"
   },
   "volta": {
-    "node": "22.14.0"
+    "node": "22.11.0"
   }
 }

cli/src/commands/asset.spec.ts

@@ -1,13 +1,12 @@
 import * as fs from 'node:fs';
 import * as os from 'node:os';
 import * as path from 'node:path';
-import { setTimeout as sleep } from 'node:timers/promises';
-import { describe, expect, it, MockedFunction, vi } from 'vitest';
+import { describe, expect, it, vi } from 'vitest';
 
-import { Action, checkBulkUpload, defaults, getSupportedMediaTypes, Reason } from '@immich/sdk';
+import { Action, checkBulkUpload, defaults, Reason } from '@immich/sdk';
 import createFetchMock from 'vitest-fetch-mock';
 
-import { checkForDuplicates, getAlbumName, startWatch, uploadFiles, UploadOptionsDto } from 'src/commands/asset';
+import { checkForDuplicates, getAlbumName, uploadFiles, UploadOptionsDto } from './asset';
 
 vi.mock('@immich/sdk');
 
@@ -200,112 +199,3 @@ describe('checkForDuplicates', () => {
     });
   });
 });
-
-describe('startWatch', () => {
-  let testFolder: string;
-  let checkBulkUploadMocked: MockedFunction<typeof checkBulkUpload>;
-
-  beforeEach(async () => {
-    vi.restoreAllMocks();
-
-    vi.mocked(getSupportedMediaTypes).mockResolvedValue({
-      image: ['.jpg'],
-      sidecar: ['.xmp'],
-      video: ['.mp4'],
-    });
-
-    testFolder = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'test-startWatch-'));
-    checkBulkUploadMocked = vi.mocked(checkBulkUpload);
-    checkBulkUploadMocked.mockResolvedValue({
-      results: [],
-    });
-  });
-
-  it('should start watching a directory and upload new files', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-
-    await startWatch([testFolder], { concurrency: 1 }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: [
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ],
-      },
-    });
-  });
-
-  it('should filter out unsupported files', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-    const unsupportedFilePath = path.join(testFolder, 'test.txt');
-
-    await startWatch([testFolder], { concurrency: 1 }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-    await fs.promises.writeFile(unsupportedFilePath, 'testtxt');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ]),
-      },
-    });
-
-    expect(checkBulkUpload).not.toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: unsupportedFilePath,
-          }),
-        ]),
-      },
-    });
-  });
-
-  it('should filger out ignored patterns', async () => {
-    const testFilePath = path.join(testFolder, 'test.jpg');
-    const ignoredPattern = 'ignored';
-    const ignoredFolder = path.join(testFolder, ignoredPattern);
-    await fs.promises.mkdir(ignoredFolder, { recursive: true });
-    const ignoredFilePath = path.join(ignoredFolder, 'ignored.jpg');
-
-    await startWatch([testFolder], { concurrency: 1, ignore: ignoredPattern }, { batchSize: 1, debounceTimeMs: 10 });
-    await sleep(100); // to debounce the watcher from considering the test file as a existing file
-    await fs.promises.writeFile(testFilePath, 'testjpg');
-    await fs.promises.writeFile(ignoredFilePath, 'ignoredjpg');
-
-    await vi.waitUntil(() => checkBulkUploadMocked.mock.calls.length > 0, 3000);
-    expect(checkBulkUpload).toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: testFilePath,
-          }),
-        ]),
-      },
-    });
-
-    expect(checkBulkUpload).not.toHaveBeenCalledWith({
-      assetBulkUploadCheckDto: {
-        assets: expect.arrayContaining([
-          expect.objectContaining({
-            id: ignoredFilePath,
-          }),
-        ]),
-      },
-    });
-  });
-
-  afterEach(async () => {
-    await fs.promises.rm(testFolder, { recursive: true, force: true });
-  });
-});

cli/src/commands/asset.ts

@@ -1,6 +1,5 @@
 import {
   Action,
-  AssetBulkUploadCheckItem,
   AssetBulkUploadCheckResult,
   AssetMediaResponseDto,
   AssetMediaStatus,
@@ -12,18 +11,13 @@ import {
   getSupportedMediaTypes,
 } from '@immich/sdk';
 import byteSize from 'byte-size';
-import { Matcher, watch as watchFs } from 'chokidar';
-import { MultiBar, Presets, SingleBar } from 'cli-progress';
+import { Presets, SingleBar } from 'cli-progress';
 import { chunk } from 'lodash-es';
-import micromatch from 'micromatch';
 import { Stats, createReadStream } from 'node:fs';
 import { stat, unlink } from 'node:fs/promises';
 import path, { basename } from 'node:path';
 import { Queue } from 'src/queue';
-import { BaseOptions, Batcher, authenticate, crawl, sha1 } from 'src/utils';
-
-const UPLOAD_WATCH_BATCH_SIZE = 100;
-const UPLOAD_WATCH_DEBOUNCE_TIME_MS = 10_000;
+import { BaseOptions, authenticate, crawl, sha1 } from 'src/utils';
 
 const s = (count: number) => (count === 1 ? '' : 's');
 
@@ -41,8 +35,6 @@ export interface UploadOptionsDto {
   albumName?: string;
   includeHidden?: boolean;
   concurrency: number;
-  progress?: boolean;
-  watch?: boolean;
 }
 
 class UploadFile extends File {
@@ -62,94 +54,19 @@ class UploadFile extends File {
   }
 }
 
-const uploadBatch = async (files: string[], options: UploadOptionsDto) => {
-  const { newFiles, duplicates } = await checkForDuplicates(files, options);
-  const newAssets = await uploadFiles(newFiles, options);
-  await updateAlbums([...newAssets, ...duplicates], options);
-  await deleteFiles(newFiles, options);
-};
-
-export const startWatch = async (
-  paths: string[],
-  options: UploadOptionsDto,
-  {
-    batchSize = UPLOAD_WATCH_BATCH_SIZE,
-    debounceTimeMs = UPLOAD_WATCH_DEBOUNCE_TIME_MS,
-  }: { batchSize?: number; debounceTimeMs?: number } = {},
-) => {
-  const watcherIgnored: Matcher[] = [];
-  const { image, video } = await getSupportedMediaTypes();
-  const extensions = new Set([...image, ...video]);
-
-  if (options.ignore) {
-    watcherIgnored.push((path) => micromatch.contains(path, `**/${options.ignore}`));
-  }
-
-  const pathsBatcher = new Batcher<string>({
-    batchSize,
-    debounceTimeMs,
-    onBatch: async (paths: string[]) => {
-      const uniquePaths = [...new Set(paths)];
-      await uploadBatch(uniquePaths, options);
-    },
-  });
-
-  const onFile = async (path: string, stats?: Stats) => {
-    if (stats?.isDirectory()) {
-      return;
-    }
-    const ext = '.' + path.split('.').pop()?.toLowerCase();
-    if (!ext || !extensions.has(ext)) {
-      return;
-    }
-
-    if (!options.progress) {
-      // logging when progress is disabled as it can cause issues with the progress bar rendering
-      console.log(`Change detected: ${path}`);
-    }
-    pathsBatcher.add(path);
-  };
-  const fsWatcher = watchFs(paths, {
-    ignoreInitial: true,
-    ignored: watcherIgnored,
-    alwaysStat: true,
-    awaitWriteFinish: true,
-    depth: options.recursive ? undefined : 1,
-    persistent: true,
-  })
-    .on('add', onFile)
-    .on('change', onFile)
-    .on('error', (error) => console.error(`Watcher error: ${error}`));
-
-  process.on('SIGINT', async () => {
-    console.log('Exiting...');
-    await fsWatcher.close();
-    process.exit();
-  });
-};
-
 export const upload = async (paths: string[], baseOptions: BaseOptions, options: UploadOptionsDto) => {
   await authenticate(baseOptions);
 
   const scanFiles = await scan(paths, options);
-
   if (scanFiles.length === 0) {
-    if (options.watch) {
-      console.log('No files found initially.');
-    } else {
-      console.log('No files found, exiting');
-      return;
-    }
+    console.log('No files found, exiting');
+    return;
   }
 
-  if (options.watch) {
-    console.log('Watching for changes...');
-    await startWatch(paths, options);
-    // watcher does not handle the initial scan
-    // as the scan() is a more efficient quick start with batched results
-  }
-
-  await uploadBatch(scanFiles, options);
+  const { newFiles, duplicates } = await checkForDuplicates(scanFiles, options);
+  const newAssets = await uploadFiles(newFiles, options);
+  await updateAlbums([...newAssets, ...duplicates], options);
+  await deleteFiles(newFiles, options);
 };
 
 const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
@@ -167,35 +84,29 @@ const scan = async (pathsToCrawl: string[], options: UploadOptionsDto) => {
   return files;
 };
 
-export const checkForDuplicates = async (files: string[], { concurrency, skipHash, progress }: UploadOptionsDto) => {
+export const checkForDuplicates = async (files: string[], { concurrency, skipHash }: UploadOptionsDto) => {
   if (skipHash) {
     console.log('Skipping hash check, assuming all files are new');
     return { newFiles: files, duplicates: [] };
   }
 
-  let multiBar: MultiBar | undefined;
+  const progressBar = new SingleBar(
+    { format: 'Checking files | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
+    Presets.shades_classic,
+  );
 
-  if (progress) {
-    multiBar = new MultiBar(
-      { format: '{message} | {bar} | {percentage}% | ETA: {eta}s | {value}/{total} assets' },
-      Presets.shades_classic,
-    );
-  } else {
-    console.log(`Received ${files.length} files, hashing...`);
-  }
-
-  const hashProgressBar = multiBar?.create(files.length, 0, { message: 'Hashing files          ' });
-  const checkProgressBar = multiBar?.create(files.length, 0, { message: 'Checking for duplicates' });
+  progressBar.start(files.length, 0);
 
   const newFiles: string[] = [];
   const duplicates: Asset[] = [];
 
-  const checkBulkUploadQueue = new Queue<AssetBulkUploadCheckItem[], void>(
-    async (assets: AssetBulkUploadCheckItem[]) => {
-      const response = await checkBulkUpload({ assetBulkUploadCheckDto: { assets } });
-
+  const queue = new Queue<string[], AssetBulkUploadCheckResults>(
+    async (filepaths: string[]) => {
+      const dto = await Promise.all(
+        filepaths.map(async (filepath) => ({ id: filepath, checksum: await sha1(filepath) })),
+      );
+      const response = await checkBulkUpload({ assetBulkUploadCheckDto: { assets: dto } });
       const results = response.results as AssetBulkUploadCheckResults;
-
       for (const { id: filepath, assetId, action } of results) {
         if (action === Action.Accept) {
           newFiles.push(filepath);
@@ -204,46 +115,19 @@ export const checkForDuplicates = async (files: string[], { concurrency, skipHas
           duplicates.push({ id: assetId as string, filepath });
         }
       }
-
-      checkProgressBar?.increment(assets.length);
-    },
-    { concurrency, retry: 3 },
-  );
-
-  const results: { id: string; checksum: string }[] = [];
-  let checkBulkUploadRequests: AssetBulkUploadCheckItem[] = [];
-
-  const queue = new Queue<string, AssetBulkUploadCheckItem[]>(
-    async (filepath: string): Promise<AssetBulkUploadCheckItem[]> => {
-      const dto = { id: filepath, checksum: await sha1(filepath) };
-
-      results.push(dto);
-      checkBulkUploadRequests.push(dto);
-      if (checkBulkUploadRequests.length === 5000) {
-        const batch = checkBulkUploadRequests;
-        checkBulkUploadRequests = [];
-        void checkBulkUploadQueue.push(batch);
-      }
-
-      hashProgressBar?.increment();
+      progressBar.increment(filepaths.length);
       return results;
     },
     { concurrency, retry: 3 },
   );
 
-  for (const item of files) {
-    void queue.push(item);
+  for (const items of chunk(files, concurrency)) {
+    await queue.push(items);
   }
 
   await queue.drained();
 
-  if (checkBulkUploadRequests.length > 0) {
-    void checkBulkUploadQueue.push(checkBulkUploadRequests);
-  }
-
-  await checkBulkUploadQueue.drained();
-
-  multiBar?.stop();
+  progressBar.stop();
 
   console.log(`Found ${newFiles.length} new files and ${duplicates.length} duplicate${s(duplicates.length)}`);
 
@@ -259,10 +143,7 @@ export const checkForDuplicates = async (files: string[], { concurrency, skipHas
   return { newFiles, duplicates };
 };
 
-export const uploadFiles = async (
-  files: string[],
-  { dryRun, concurrency, progress }: UploadOptionsDto,
-): Promise<Asset[]> => {
+export const uploadFiles = async (files: string[], { dryRun, concurrency }: UploadOptionsDto): Promise<Asset[]> => {
   if (files.length === 0) {
     console.log('All assets were already uploaded, nothing to do.');
     return [];
@@ -282,20 +163,12 @@ export const uploadFiles = async (
     return files.map((filepath) => ({ id: '', filepath }));
   }
 
-  let uploadProgress: SingleBar | undefined;
-
-  if (progress) {
-    uploadProgress = new SingleBar(
-      {
-        format: 'Uploading assets | {bar} | {percentage}% | ETA: {eta_formatted} | {value_formatted}/{total_formatted}',
-      },
-      Presets.shades_classic,
-    );
-  } else {
-    console.log(`Uploading ${files.length} asset${s(files.length)} (${byteSize(totalSize)})`);
-  }
-  uploadProgress?.start(totalSize, 0);
-  uploadProgress?.update({ value_formatted: 0, total_formatted: byteSize(totalSize) });
+  const uploadProgress = new SingleBar(
+    { format: 'Uploading assets | {bar} | {percentage}% | ETA: {eta_formatted} | {value_formatted}/{total_formatted}' },
+    Presets.shades_classic,
+  );
+  uploadProgress.start(totalSize, 0);
+  uploadProgress.update({ value_formatted: 0, total_formatted: byteSize(totalSize) });
 
   let duplicateCount = 0;
   let duplicateSize = 0;
@@ -321,20 +194,20 @@ export const uploadFiles = async (
         successSize += stats.size ?? 0;
       }
 
-      uploadProgress?.update(successSize, { value_formatted: byteSize(successSize + duplicateSize) });
+      uploadProgress.update(successSize, { value_formatted: byteSize(successSize + duplicateSize) });
 
       return response;
     },
     { concurrency, retry: 3 },
   );
 
-  for (const item of files) {
-    void queue.push(item);
+  for (const filepath of files) {
+    await queue.push(filepath);
   }
 
   await queue.drained();
 
-  uploadProgress?.stop();
+  uploadProgress.stop();
 
   console.log(`Successfully uploaded ${successCount} new asset${s(successCount)} (${byteSize(successSize)})`);
   if (duplicateCount > 0) {

cli/src/index.ts

@@ -69,13 +69,6 @@ program
       .default(4),
   )
   .addOption(new Option('--delete', 'Delete local assets after upload').env('IMMICH_DELETE_ASSETS'))
-  .addOption(new Option('--no-progress', 'Hide progress bars').env('IMMICH_PROGRESS_BAR').default(true))
-  .addOption(
-    new Option('--watch', 'Watch for changes and upload automatically')
-      .env('IMMICH_WATCH_CHANGES')
-      .default(false)
-      .implies({ progress: false }),
-  )
   .argument('[paths...]', 'One or more paths to assets to be uploaded')
   .action((paths, options) => upload(paths, program.opts(), options));
 

cli/src/queue.ts

@@ -72,8 +72,8 @@ export class Queue<T, R> {
    * @returns Promise<void> - The returned Promise will be resolved when all tasks in the queue have been processed by a worker.
    * This promise could be ignored as it will not lead to a `unhandledRejection`.
    */
-  drained(): Promise<void> {
-    return this.queue.drained();
+  async drained(): Promise<void> {
+    await this.queue.drain();
   }
 
   /**

cli/src/utils.spec.ts

@@ -1,13 +1,11 @@
 import mockfs from 'mock-fs';
 import { readFileSync } from 'node:fs';
-import { Batcher, CrawlOptions, crawl } from 'src/utils';
-import { Mock } from 'vitest';
+import { CrawlOptions, crawl } from 'src/utils';
 
 interface Test {
   test: string;
   options: Omit<CrawlOptions, 'extensions'>;
   files: Record<string, boolean>;
-  skipOnWin32?: boolean;
 }
 
 const cwd = process.cwd();
@@ -50,18 +48,6 @@ const tests: Test[] = [
       '/photos/image.jpg': true,
     },
   },
-  {
-    test: 'should crawl folders with quotes',
-    options: {
-      pathsToCrawl: ["/photo's/", '/photo"s/', '/photo`s/'],
-    },
-    files: {
-      "/photo's/image1.jpg": true,
-      '/photo"s/image2.jpg': true,
-      '/photo`s/image3.jpg': true,
-    },
-    skipOnWin32: true, // single quote interferes with mockfs root on Windows
-  },
   {
     test: 'should crawl a single file',
     options: {
@@ -284,12 +270,8 @@ describe('crawl', () => {
   });
 
   describe('crawl', () => {
-    for (const { test: name, options, files, skipOnWin32 } of tests) {
-      if (process.platform === 'win32' && skipOnWin32) {
-        test.skip(name);
-        continue;
-      }
-      it(name, async () => {
+    for (const { test, options, files } of tests) {
+      it(test, async () => {
         // The file contents is the same as the path.
         mockfs(Object.fromEntries(Object.keys(files).map((file) => [file, file])));
 
@@ -304,38 +286,3 @@ describe('crawl', () => {
     }
   });
 });
-
-describe('Batcher', () => {
-  let batcher: Batcher;
-  let onBatch: Mock;
-  beforeEach(() => {
-    onBatch = vi.fn();
-    batcher = new Batcher({ batchSize: 2, onBatch });
-  });
-
-  it('should trigger onBatch() when a batch limit is reached', async () => {
-    batcher.add('a');
-    batcher.add('b');
-    batcher.add('c');
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a', 'b']);
-  });
-
-  it('should trigger onBatch() when flush() is called', async () => {
-    batcher.add('a');
-    batcher.flush();
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a']);
-  });
-
-  it('should trigger onBatch() when debounce time reached', async () => {
-    vi.useFakeTimers();
-    batcher = new Batcher({ batchSize: 2, debounceTimeMs: 100, onBatch });
-    batcher.add('a');
-    expect(onBatch).not.toHaveBeenCalled();
-    vi.advanceTimersByTime(200);
-    expect(onBatch).toHaveBeenCalledOnce();
-    expect(onBatch).toHaveBeenCalledWith(['a']);
-    vi.useRealTimers();
-  });
-});

cli/src/utils.ts

@@ -146,7 +146,7 @@ export const crawl = async (options: CrawlOptions): Promise<string[]> => {
   }
 
   const searchPatterns = patterns.map((pattern) => {
-    let escapedPattern = pattern.replaceAll("'", "[']").replaceAll('"', '["]').replaceAll('`', '[`]');
+    let escapedPattern = pattern;
     if (recursive) {
       escapedPattern = escapedPattern + '/**';
     }
@@ -172,64 +172,3 @@ export const sha1 = (filepath: string) => {
     rs.on('end', () => resolve(hash.digest('hex')));
   });
 };
-
-/**
- * Batches items and calls onBatch to process them
- * when the batch size is reached or the debounce time has passed.
- */
-export class Batcher<T = unknown> {
-  private items: T[] = [];
-  private readonly batchSize: number;
-  private readonly debounceTimeMs?: number;
-  private readonly onBatch: (items: T[]) => void;
-  private debounceTimer?: NodeJS.Timeout;
-
-  constructor({
-    batchSize,
-    debounceTimeMs,
-    onBatch,
-  }: {
-    batchSize: number;
-    debounceTimeMs?: number;
-    onBatch: (items: T[]) => Promise<void>;
-  }) {
-    this.batchSize = batchSize;
-    this.debounceTimeMs = debounceTimeMs;
-    this.onBatch = onBatch;
-  }
-
-  private setDebounceTimer() {
-    if (this.debounceTimer) {
-      clearTimeout(this.debounceTimer);
-    }
-    if (this.debounceTimeMs) {
-      this.debounceTimer = setTimeout(() => this.flush(), this.debounceTimeMs);
-    }
-  }
-
-  private clearDebounceTimer() {
-    if (this.debounceTimer) {
-      clearTimeout(this.debounceTimer);
-      this.debounceTimer = undefined;
-    }
-  }
-
-  add(item: T) {
-    this.items.push(item);
-    this.setDebounceTimer();
-    if (this.items.length >= this.batchSize) {
-      this.flush();
-    }
-  }
-
-  flush() {
-    this.clearDebounceTimer();
-    if (this.items.length === 0) {
-      return;
-    }
-
-    this.onBatch(this.items);
-
-    this.items = [];
-  }
-}

deployment/modules/cloudflare/docs-release/.terraform.lock.hcl

@@ -2,37 +2,37 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "4.52.0"
+  version     = "4.45.0"
+  constraints = "4.45.0"
   hashes = [
-    "h1:2BEJyXJtYC4B4nda/WCYUmuJYDaYk88F8t1pwPzr0iQ=",
-    "h1:4IASk5SESeWKQ7JU0+M7KApuF5mZyklvwMXPBabim3c=",
-    "h1:5ImZxxALSnWfH/4EXw/wFirSmk5Tr0ACmcysy51AafE=",
-    "h1:6TJ3dxLSin4ZKBJLsZDn95H2ZYnGm8S7GGHvvXuuMQU=",
-    "h1:IzTUjg9kQ4N3qizP9CjYLeHwjsuGgtxwXvfUQWyOLcA=",
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "h1:PXH48LuJn329sCfMXprdMDk51EZaWFyajVvS03qhQLs=",
-    "h1:Pi5M+GeoMSN2eJ6QnIeXjBf19O+rby/74CfB2ocpv20=",
-    "h1:ShXZ2ZjBvm3thfoPPzPT8+OhyismnydQVkUAfI8X12w=",
-    "h1:WQ9hu0Wge2msBbODfottCSKgu8oKUrw4Opz+fDPVVHk=",
-    "h1:Z5yXML2DE0uH9UU+M0ut9JMQAORcwVZz1CxBHzeBmao=",
-    "h1:jqI2qKknpleS3JDSplyGYHMu0u9K/tor1ZOjFwDgEMk=",
-    "h1:kgfutDh14Q5nw4eg6qGFamFxIiY8Ae0FPKRBLDOzpcI=",
-    "h1:zCAO7GZmfYhWb+i6TfqlqhMeDyPZWGio2IzEzAh3YTs=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
+    "h1:/CGpnYMkLRDmqn4iAsh/jg7ELZ6QExUw03VdjKZyK5M=",
+    "h1:82C/ryqwQvxhBINYOOyF5ZzPW/k4zJ/RYT13eCdPgEc=",
+    "h1:8Wu1D7ZwbLGdHakLRAzoAJ5VqZ8I14qzkPv1OGNfIlg=",
+    "h1:CVq0CAibeueOuiNk0UQtwZvMLMof33n1BgskFPOymrk=",
+    "h1:FSS5Kq+L+CX1zARy8PhaF8edBFNgsLtds4Uo8MwJiK8=",
+    "h1:L4qsorLII7f8xSFmv6JOoWfLWDunWQEpK964Bxk7mtM=",
+    "h1:StO3PV5PDskSCnhoHhWHOPxu6hbzJUQggfLgOSkvhwg=",
+    "h1:Tjo+Er9ets5YrTRIdP9LBmi4p89nL/W+A7r8a1MM9nI=",
+    "h1:XIwT+AWvks1LTytePM9zls+O8ItxoqCfPOgHwuH9ivQ=",
+    "h1:aOXn/zuM1+5GGy/SSRx8q4EYCSTFE9Tr0twHPIf5/KE=",
+    "h1:lb+YcuZ4guYd8zE51vgSnDsRAD9IV00Z15l1i1X52s8=",
+    "h1:pYwNXGjfXA2rUEmotGMLWgmavT9D2rdHnV3TpuIK3ko=",
+    "h1:q1qrnPq6KkljwBrugCwzb7f0SVP4Lzkfh+EOLARY9V8=",
+    "h1:v9sL4cZLTV5Gu2004DDyy7209gT0JmudBCAD0WCr/JE=",
+    "zh:00be2a6adc76615a368491c7a026098103b6286deb31e3cfb037365dd39f095f",
+    "zh:05bd072e6119f7a5abff05c6064001f745473119a956586cf77ae843cf55d666",
+    "zh:228bbe61345c4e8e0bc6b698b4b9652abff65662ee72ede2aecb4c3efb91b243",
+    "zh:2948aeefe71ba041c94082cf931ecc95510d93af0a61d0a287880f5b9d24b11a",
+    "zh:5dfc2c5e95843ca54957212ee3ecb7ff06f2cf60bfd6ca278b5249fd70ac18f5",
+    "zh:69922cb45559b0b0544b9c2d31ed2d0fac9121faa75bc2f523484785b45d8e2b",
     "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
+    "zh:9d83a0cbf72327286f7dbd63cd4af89059c648163fe6ed21b1df768e0518d445",
+    "zh:a8e1982945822c7d7aaa6ba8602c7247d1a3fad15d612f30eb323491a637bf8d",
+    "zh:c6d41ebd69ddb23e3dad49a0ebf1da5a9c7d8706a4f55d953115d371f407928b",
+    "zh:d03e5442b12846c2737f099d30cd23d9f85a0c6d65437ccb44819f9a6c4e1d7f",
+    "zh:d446f2e1186b35037aea03b0e27d8b032d2f069f194f84b3f0e2907b3a79a955",
+    "zh:e4d7549a4c856524e01f3dd4d69f57119ea205f7a0fa38dcfe154475b4ae9258",
+    "zh:e64b8915cb9686f85e77115bd674f2faf4f29880688067d7d0f1376566fdb3b0",
+    "zh:f046efdc55e6385cdd69baaa06a929bef9fe6809d373b0d2d6c7df8f8c23eddc",
   ]
 }

deployment/modules/cloudflare/docs-release/config.tf

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     cloudflare = {
       source = "cloudflare/cloudflare"
-      version = "4.52.0"
+      version = "4.45.0"
     }
   }
 }

deployment/modules/cloudflare/docs/.terraform.lock.hcl

@@ -2,37 +2,37 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "4.52.0"
+  version     = "4.45.0"
+  constraints = "4.45.0"
   hashes = [
-    "h1:2BEJyXJtYC4B4nda/WCYUmuJYDaYk88F8t1pwPzr0iQ=",
-    "h1:4IASk5SESeWKQ7JU0+M7KApuF5mZyklvwMXPBabim3c=",
-    "h1:5ImZxxALSnWfH/4EXw/wFirSmk5Tr0ACmcysy51AafE=",
-    "h1:6TJ3dxLSin4ZKBJLsZDn95H2ZYnGm8S7GGHvvXuuMQU=",
-    "h1:IzTUjg9kQ4N3qizP9CjYLeHwjsuGgtxwXvfUQWyOLcA=",
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "h1:PXH48LuJn329sCfMXprdMDk51EZaWFyajVvS03qhQLs=",
-    "h1:Pi5M+GeoMSN2eJ6QnIeXjBf19O+rby/74CfB2ocpv20=",
-    "h1:ShXZ2ZjBvm3thfoPPzPT8+OhyismnydQVkUAfI8X12w=",
-    "h1:WQ9hu0Wge2msBbODfottCSKgu8oKUrw4Opz+fDPVVHk=",
-    "h1:Z5yXML2DE0uH9UU+M0ut9JMQAORcwVZz1CxBHzeBmao=",
-    "h1:jqI2qKknpleS3JDSplyGYHMu0u9K/tor1ZOjFwDgEMk=",
-    "h1:kgfutDh14Q5nw4eg6qGFamFxIiY8Ae0FPKRBLDOzpcI=",
-    "h1:zCAO7GZmfYhWb+i6TfqlqhMeDyPZWGio2IzEzAh3YTs=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
+    "h1:/CGpnYMkLRDmqn4iAsh/jg7ELZ6QExUw03VdjKZyK5M=",
+    "h1:82C/ryqwQvxhBINYOOyF5ZzPW/k4zJ/RYT13eCdPgEc=",
+    "h1:8Wu1D7ZwbLGdHakLRAzoAJ5VqZ8I14qzkPv1OGNfIlg=",
+    "h1:CVq0CAibeueOuiNk0UQtwZvMLMof33n1BgskFPOymrk=",
+    "h1:FSS5Kq+L+CX1zARy8PhaF8edBFNgsLtds4Uo8MwJiK8=",
+    "h1:L4qsorLII7f8xSFmv6JOoWfLWDunWQEpK964Bxk7mtM=",
+    "h1:StO3PV5PDskSCnhoHhWHOPxu6hbzJUQggfLgOSkvhwg=",
+    "h1:Tjo+Er9ets5YrTRIdP9LBmi4p89nL/W+A7r8a1MM9nI=",
+    "h1:XIwT+AWvks1LTytePM9zls+O8ItxoqCfPOgHwuH9ivQ=",
+    "h1:aOXn/zuM1+5GGy/SSRx8q4EYCSTFE9Tr0twHPIf5/KE=",
+    "h1:lb+YcuZ4guYd8zE51vgSnDsRAD9IV00Z15l1i1X52s8=",
+    "h1:pYwNXGjfXA2rUEmotGMLWgmavT9D2rdHnV3TpuIK3ko=",
+    "h1:q1qrnPq6KkljwBrugCwzb7f0SVP4Lzkfh+EOLARY9V8=",
+    "h1:v9sL4cZLTV5Gu2004DDyy7209gT0JmudBCAD0WCr/JE=",
+    "zh:00be2a6adc76615a368491c7a026098103b6286deb31e3cfb037365dd39f095f",
+    "zh:05bd072e6119f7a5abff05c6064001f745473119a956586cf77ae843cf55d666",
+    "zh:228bbe61345c4e8e0bc6b698b4b9652abff65662ee72ede2aecb4c3efb91b243",
+    "zh:2948aeefe71ba041c94082cf931ecc95510d93af0a61d0a287880f5b9d24b11a",
+    "zh:5dfc2c5e95843ca54957212ee3ecb7ff06f2cf60bfd6ca278b5249fd70ac18f5",
+    "zh:69922cb45559b0b0544b9c2d31ed2d0fac9121faa75bc2f523484785b45d8e2b",
     "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
+    "zh:9d83a0cbf72327286f7dbd63cd4af89059c648163fe6ed21b1df768e0518d445",
+    "zh:a8e1982945822c7d7aaa6ba8602c7247d1a3fad15d612f30eb323491a637bf8d",
+    "zh:c6d41ebd69ddb23e3dad49a0ebf1da5a9c7d8706a4f55d953115d371f407928b",
+    "zh:d03e5442b12846c2737f099d30cd23d9f85a0c6d65437ccb44819f9a6c4e1d7f",
+    "zh:d446f2e1186b35037aea03b0e27d8b032d2f069f194f84b3f0e2907b3a79a955",
+    "zh:e4d7549a4c856524e01f3dd4d69f57119ea205f7a0fa38dcfe154475b4ae9258",
+    "zh:e64b8915cb9686f85e77115bd674f2faf4f29880688067d7d0f1376566fdb3b0",
+    "zh:f046efdc55e6385cdd69baaa06a929bef9fe6809d373b0d2d6c7df8f8c23eddc",
   ]
 }

deployment/modules/cloudflare/docs/config.tf

@@ -5,7 +5,7 @@ terraform {
   required_providers {
     cloudflare = {
       source = "cloudflare/cloudflare"
-      version = "4.52.0"
+      version = "4.45.0"
     }
   }
 }

docker/docker-compose.dev.yml

@@ -1,13 +1,4 @@
-#
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
-#
-# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
-#
-# The compose file on main may not be compatible with the latest release.
-
-# For development see:
+# See:
 # - https://immich.app/docs/developer/setup
 # - https://immich.app/docs/developer/troubleshooting
 
@@ -25,7 +16,7 @@ services:
       context: ../
       dockerfile: server/Dockerfile
       target: dev
-    restart: unless-stopped
+    restart: always
     volumes:
       - ../server:/usr/src/app
       - ../open-api:/usr/src/open-api
@@ -56,7 +47,6 @@ services:
     ports:
       - 9230:9230
       - 9231:9231
-      - 2283:2283
     depends_on:
       - redis
       - database
@@ -66,21 +56,18 @@ services:
   immich-web:
     container_name: immich_web
     image: immich-web-dev:latest
-    # Needed for rootless docker setup, see https://github.com/moby/moby/issues/45919
-    # user: 0:0
     build:
       context: ../web
     command: ['/usr/src/app/bin/immich-web']
     env_file:
       - .env
     ports:
-      - 3000:3000
+      - 2283:3000
       - 24678:24678
     volumes:
       - ../web:/usr/src/app
       - ../i18n:/usr/src/i18n
       - ../open-api/:/usr/src/open-api/
-      # - ../../ui:/usr/ui
       - /usr/src/app/node_modules
     ulimits:
       nofile:
@@ -116,13 +103,13 @@ services:
 
   redis:
     container_name: immich_redis
-    image: redis:6.2-alpine@sha256:148bb5411c184abd288d9aaed139c98123eeb8824c5d3fce03cf721db58066d8
+    image: redis:6.2-alpine@sha256:2ba50e1ac3a0ea17b736ce9db2b0a9f6f8b85d4c27d5f5accc6a416d8f42c6d5
     healthcheck:
       test: redis-cli ping || exit 1
 
   database:
     container_name: immich_postgres
-    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
     env_file:
       - .env
     environment:
@@ -135,23 +122,26 @@ services:
     ports:
       - 5432:5432
     healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
       interval: 5m
       start_interval: 30s
       start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command:
+      [
+        'postgres',
+        '-c',
+        'shared_preload_libraries=vectors.so',
+        '-c',
+        'search_path="$$user", public, vectors',
+        '-c',
+        'logging_collector=on',
+        '-c',
+        'max_wal_size=2GB',
+        '-c',
+        'shared_buffers=512MB',
+        '-c',
+        'wal_compression=on',
+      ]
 
   # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
   # immich-prometheus:

docker/docker-compose.prod.yml

@@ -1,12 +1,3 @@
-#
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
-#
-# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
-#
-# The compose file on main may not be compatible with the latest release.
-
 name: immich-prod
 
 services:
@@ -56,14 +47,14 @@ services:
 
   redis:
     container_name: immich_redis
-    image: redis:6.2-alpine@sha256:148bb5411c184abd288d9aaed139c98123eeb8824c5d3fce03cf721db58066d8
+    image: redis:6.2-alpine@sha256:2ba50e1ac3a0ea17b736ce9db2b0a9f6f8b85d4c27d5f5accc6a416d8f42c6d5
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
 
   database:
     container_name: immich_postgres
-    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
     env_file:
       - .env
     environment:
@@ -76,23 +67,26 @@ services:
     ports:
       - 5432:5432
     healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
       interval: 5m
       start_interval: 30s
       start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command:
+      [
+        'postgres',
+        '-c',
+        'shared_preload_libraries=vectors.so',
+        '-c',
+        'search_path="$$user", public, vectors',
+        '-c',
+        'logging_collector=on',
+        '-c',
+        'max_wal_size=2GB',
+        '-c',
+        'shared_buffers=512MB',
+        '-c',
+        'wal_compression=on',
+      ]
     restart: always
 
   # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
@@ -100,7 +94,7 @@ services:
     container_name: immich_prometheus
     ports:
       - 9090:9090
-    image: prom/prometheus@sha256:6927e0919a144aa7616fd0137d4816816d42f6b816de3af269ab065250859a62
+    image: prom/prometheus@sha256:378f4e03703557d1c6419e6caccf922f96e6d88a530f7431d66a4c4f4b1000fe
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus-data:/prometheus
@@ -112,7 +106,7 @@ services:
     command: ['./run.sh', '-disable-reporting']
     ports:
       - 3000:3000
-    image: grafana/grafana:11.5.2-ubuntu@sha256:8b5858c447e06fd7a89006b562ba7bba7c4d5813600c7982374c41852adefaeb
+    image: grafana/grafana:11.3.0-ubuntu@sha256:51587e148ac0214d7938e7f3fe8512182e4eb6141892a3ffb88bba1901b49285
     volumes:
       - grafana-data:/var/lib/grafana
 

docker/docker-compose.yml

@@ -1,11 +1,10 @@
 #
-# WARNING: To install Immich, follow our guide: https://immich.app/docs/install/docker-compose
-#
-# Make sure to use the docker-compose.yml of the current release:
+# WARNING: Make sure to use the docker-compose.yml of the current release:
 #
 # https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
 #
 # The compose file on main may not be compatible with the latest release.
+#
 
 name: immich
 
@@ -49,14 +48,14 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/redis:6.2-alpine@sha256:148bb5411c184abd288d9aaed139c98123eeb8824c5d3fce03cf721db58066d8
+    image: docker.io/redis:6.2-alpine@sha256:2ba50e1ac3a0ea17b736ce9db2b0a9f6f8b85d4c27d5f5accc6a416d8f42c6d5
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
 
   database:
     container_name: immich_postgres
-    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52
+    image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
     environment:
       POSTGRES_PASSWORD: ${DB_PASSWORD}
       POSTGRES_USER: ${DB_USERNAME}
@@ -66,23 +65,26 @@ services:
       # Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
       - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
     healthcheck:
-      test: >-
-        pg_isready --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" || exit 1;
-        Chksum="$$(psql --dbname="$${POSTGRES_DB}" --username="$${POSTGRES_USER}" --tuples-only --no-align
-        --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')";
-        echo "checksum failure count is $$Chksum";
-        [ "$$Chksum" = '0' ] || exit 1
+      test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
       interval: 5m
       start_interval: 30s
       start_period: 5m
-    command: >-
-      postgres
-      -c shared_preload_libraries=vectors.so
-      -c 'search_path="$$user", public, vectors'
-      -c logging_collector=on
-      -c max_wal_size=2GB
-      -c shared_buffers=512MB
-      -c wal_compression=on
+    command:
+      [
+        'postgres',
+        '-c',
+        'shared_preload_libraries=vectors.so',
+        '-c',
+        'search_path="$$user", public, vectors',
+        '-c',
+        'logging_collector=on',
+        '-c',
+        'max_wal_size=2GB',
+        '-c',
+        'shared_buffers=512MB',
+        '-c',
+        'wal_compression=on',
+      ]
     restart: always
 
 volumes:

docker/hwaccel.transcoding.yml

@@ -48,7 +48,6 @@ services:
   vaapi-wsl: # use this for VAAPI if you're running Immich in WSL2
     devices:
       - /dev/dri:/dev/dri
-      - /dev/dxg:/dev/dxg
     volumes:
       - /usr/lib/wsl:/usr/lib/wsl
     environment:

docs/.nvmrc

@@ -1 +1 @@
-22.14.0
+22.11.0

docs/docs/FAQ.mdx

@@ -49,22 +49,13 @@ The behaviors differ based on your device manufacturer and operating system, but
 On iOS (iPhone and iPad), the operating system determines if a particular app can invoke background tasks based on multiple factors, most of which the Immich app has no control over. To increase the likelihood that the background backup task is run, follow the steps below:
 
 - Enable Background App Refresh for Immich in the iOS settings at `Settings > General > Background App Refresh`.
-- Disable **Low Power Mode** when not needed, as this can prevent apps from running in the background.
 - Disable Background App Refresh for apps that don't need background tasks to run. This will reduce the competition for background task invocation for Immich.
 - Use the Immich app more often.
 
-### Why are features in the mobile app not working with a self-signed certificate, Basic Auth, custom headers, or mutual TLS?
+### Why are features not working with a self-signed cert or mTLS?
 
-These network features are experimental. They often do not work with video playback, asset upload or download, and other features.
-Many of these limitations are tracked in [#15230](https://github.com/immich-app/immich/issues/15230).
-Instead of these experimental features, we recommend using the URL switching feature, a VPN, or a [free trusted SSL certificate](https://letsencrypt.org/) for your domain.
-
-We are not actively developing these features and will not be able to provide support, but welcome contributions to improve them.
-Please discuss any large PRs with our dev team to ensure your time is not wasted.
-
-### Why isn't the mobile app updated yet?
-
-The app stores can take a few days to approve new builds of the app. If you're impatient, android APKs can be downloaded from the GitHub releases.
+Due to limitations in the upstream app/video library, using a self-signed TLS certificate or mutual TLS may break video playback or asset upload (both foreground and/or background).
+We recommend using a real SSL certificate from a free provider, for example [Let's Encrypt](https://letsencrypt.org/).
 
 ---
 
@@ -78,8 +69,7 @@ However, Immich will delete original files that have been trashed when the trash
 
 ### Why do my file names appear as a random string in the file manager?
 
-When Storage Template is off (default) Immich saves the file names in a random string (also known as random UUIDs) to prevent duplicate file names.
-To retrieve the original file names, you must enable the Storage Template and then run the STORAGE TEMPLATE MIGRATION job.
+When Storage Template is off (default) Immich saves the file names in a random string (also known as random UUIDs) to prevent duplicate file names. To retrieve the original file names, you must enable the Storage Template and then run the STORAGE TEMPLATE MIGRATION job.
 It is recommended to read about [Storage Template](https://immich.app/docs/administration/storage-template) before activation.
 
 ### Can I add my existing photo library?
@@ -92,20 +82,11 @@ Template changes will only apply to _new_ assets. To retroactively apply the tem
 
 ### Why are only photos and not videos being uploaded to Immich?
 
-This often happens when using a reverse proxy in front of Immich.
-Make sure to [set your reverse proxy](/docs/administration/reverse-proxy/) to allow large requests.
-Also, check the disk space of your reverse proxy.
-In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.
-
-If you are using Cloudflare Tunnel, please know that they set a maximum filesize of 100 MB that cannot be changed.
-At times, files larger than this may work, potentially up to 1 GB. However, the official limit is 100 MB.
-If you are having issues, we recommend switching to a different network deployment.
+This often happens when using a reverse proxy (such as Nginx or Cloudflare tunnel) in front of Immich. Make sure to set your reverse proxy to allow large `POST` requests. In `nginx`, set `client_max_body_size 50000M;` or similar. Also, check the disk space of your reverse proxy. In some cases, proxies cache requests to disk before passing them on, and if disk space runs out, the request fails.
 
 ### Why are some photos stored in the file system with the wrong date?
 
-There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job.
-The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc.,
-the job may not have run automatically the first time.
+There are a few different scenarios that can lead to this situation. The solution is to rerun the storage migration job. The job is only automatically run once per asset after upload. If metadata extraction originally failed, the jobs were cleared/canceled, etc., the job may not have run automatically the first time.
 
 ### How can I hide photos from the timeline?
 
@@ -117,7 +98,7 @@ See [Backup and Restore](/docs/administration/backup-and-restore.md).
 
 ### Does Immich support reading existing face tag metadata?
 
-Yes, it creates new faces and persons from the imported asset metadata. For details see the [feature request #4348](https://github.com/immich-app/immich/discussions/4348) and [PR #6455](https://github.com/immich-app/immich/pull/6455).
+No, it currently does not. There is an [open feature request on GitHub](https://github.com/immich-app/immich/discussions/4348).
 
 ### Does Immich support the filtering of NSFW images?
 
@@ -135,8 +116,7 @@ Also, there are additional jobs for person (face) thumbnails.
 
 ### Why do files from WhatsApp not appear with the correct date?
 
-Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp,
-not the order of arrival on the device. [See #9116](https://github.com/immich-app/immich/discussions/9116).
+Files sent on WhatsApp are saved without metadata on the file. Therefore, Immich has no way of knowing the original date of the file when files are uploaded from WhatsApp, not the order of arrival on the device. [See #3527](https://github.com/immich-app/immich/issues/3527).
 
 ### What happens if an asset exists in more than one account?
 
@@ -164,35 +144,6 @@ For example, say you have existing transcodes with the policy "Videos higher tha
 
 No. Our design principle is that the original assets should always be untouched.
 
-### How can I mount a CIFS/Samba volume within Docker?
-
-If you aren't able to or prefer not to mount Samba on the host (such as Windows environment), you can mount the volume within Docker.
-Below is an example in the `docker-compose.yml`.
-
-Change your username, password, local IP, and share name, and see below where the line `- originals:/usr/src/app/originals`,
-correlates to the section where the volume `originals` was created. You can call this whatever you like, and map it to the docker container as you like.
-For example you could change `originals:` to `Photos:`, and change `- originals:/usr/src/app/originals` to `Photos:/usr/src/app/photos`.
-
-```diff
-...
-services:
-  immich-server:
-...
-    volumes:
-      # Do not edit the next line. If you want to change the media storage location on your system, edit the value of UPLOAD_LOCATION in the .env file
-      - ${UPLOAD_LOCATION}:/usr/src/app/upload
-      - /etc/localtime:/etc/localtime:ro
-+     - originals:/usr/src/app/originals
-...
-volumes:
-  model-cache:
-+ originals:
-+   driver_opts:
-+     type: cifs
-+     o: 'iocharset=utf8,username=USERNAMEHERE,password=PASSWORDHERE,rw' # change to `ro` if read only desired
-+     device: '//localipaddress/sharename'
-```
-
 ---
 
 ## Albums
@@ -240,7 +191,7 @@ Immich uses CLIP models. An ML model converts each image to an "embedding", whic
 
 ### How does facial recognition work?
 
-See [How Facial Recognition Works](/docs/features/facial-recognition#how-facial-recognition-works) for details.
+See [How Facial Recognition Works](/docs/features/facial-recognition#How-Facial-Recognition-Works) for details.
 
 ### How can I disable machine learning?
 
@@ -262,7 +213,7 @@ No, this is not supported. Only models listed in the [Hugging Face][huggingface]
 
 ### I want to be able to search in other languages besides English. How can I do that?
 
-You can change to a multilingual CLIP model. See [here](/docs/features/searching#clip-model) for instructions.
+You can change to a multilingual CLIP model. See [here](/docs/features/smart-search#CLIP-model) for instructions.
 
 ### Does Immich support Facial Recognition for videos?
 
@@ -273,7 +224,7 @@ Scanning the entire video for faces may be implemented in the future.
 
 No.
 :::tip
-You can use [Smart Search](/docs/features/searching.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
+You can use [Smart Search](/docs/features/smart-search.md) for this to some extent. For example, if you have a Golden Retriever and a Chihuahua, type these words in the smart search and watch the results.
 :::
 
 ### I'm getting a lot of "faces" that aren't faces, what can I do?
@@ -315,7 +266,7 @@ The initial backup is the most intensive due to the number of jobs running. The
   - For facial recognition on new images to work properly, You must re-run the Face Detection job for all images after this.
 - At the container level, you can [set resource constraints](/docs/FAQ#can-i-limit-cpu-and-ram-usage) to lower usage further.
   - It's recommended to only apply these constraints _after_ taking some of the measures here for best performance.
-- If these changes are not enough, see [above](/docs/FAQ#how-can-i-disable-machine-learning) for instructions on how to disable machine learning.
+- If these changes are not enough, see [below](/docs/FAQ#how-can-i-disable-machine-learning) for instructions on how to disable machine learning.
 
 ### Can I limit CPU and RAM usage?
 
@@ -357,7 +308,7 @@ Do not exaggerate with the job concurrency because you're probably thoroughly ov
 
 ### My server shows Server Status Offline | Version Unknown. What can I do?
 
-You need to [enable WebSockets](/docs/administration/reverse-proxy/) on your reverse proxy.
+You need to enable WebSockets on your reverse proxy.
 
 ---
 
@@ -388,7 +339,7 @@ The non-root user/group needs read/write access to the volume mounts, including
 The Docker Compose top level volume element does not support non-root access, all of the above volumes must be local volume mounts.
 :::
 
-For a further hardened system, you can add the following block to every container.
+For a further hardened system, you can add the following block to every container except for `immich_postgres`.
 
 <details>
 <summary>docker-compose.yml</summary>
@@ -437,28 +388,29 @@ If the error says the worker is exiting, then this is normal. This is a feature
 
 There are a few reasons why this can happen.
 
-If the error mentions SIGKILL or error code 137, it most likely means the service is running out of memory.
-Consider either increasing the server's RAM or moving the service to a server with more RAM.
+If the error mentions SIGKILL or error code 137, it most likely means the service is running out of memory. Consider either increasing the server's RAM or moving the service to a server with more RAM.
 
-If it mentions SIGILL (note the lack of a K) or error code 132, it most likely means your server's CPU is incompatible with Immich.
+If it mentions SIGILL (note the lack of a K) or error code 132, it most likely means your server's CPU is incompatible. This is unlikely to occur on version 1.92.0 or later. Consider upgrading if your version of Immich is below that.
+
+If your version of Immich is below 1.92.0 and the crash occurs after logs about tracing or exporting a model, consider either upgrading or disabling the Tag Objects job.
 
 ## Database
 
 ### Why am I getting database ownership errors?
 
 If you get database errors such as `FATAL:  data directory "/var/lib/postgresql/data" has wrong ownership` upon database startup, this is likely due to an issue with your filesystem.
-NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/requirements#special-requirements-for-windows-users) for more details.
+NTFS and ex/FAT/32 filesystems are not supported. See [here](/docs/install/environment-variables#supported-filesystems) for more details.
 
 ### How can I verify the integrity of my database?
 
-Database checksums are enabled by default for new installations since v1.104.0. You can check if they are enabled by running the following command.
+If you installed Immich using v1.104.0 or later, you likely have database checksums enabled by default. You can check this by running the following command.
 A result of `on` means that checksums are enabled.
 
 <details>
 <summary>Check if checksums are enabled</summary>
 
 ```bash
-docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME> --command="show data_checksums"
+docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --command="show data_checksums"
  data_checksums
 ----------------
  on
@@ -467,13 +419,13 @@ docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME>
 
 </details>
 
-If checksums are enabled, you can check the status of the database with the following command. A normal result is all `0`s.
+If checksums are enabled, you can check the status of the database with the following command. A normal result is all zeroes.
 
 <details>
 <summary>Check for database corruption</summary>
 
 ```bash
-docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME> --command="SELECT datname, checksum_failures, checksum_last_failure FROM pg_stat_database WHERE datname IS NOT NULL"
+docker exec -it immich_postgres psql --dbname=immich --username=<DB_USERNAME> --command="SELECT datname, checksum_failures, checksum_last_failure FROM pg_stat_database WHERE datname IS NOT NULL"
   datname  | checksum_failures | checksum_last_failure
 -----------+-------------------+-----------------------
  postgres  |                 0 |
@@ -485,24 +437,6 @@ docker exec -it immich_postgres psql --dbname=postgres --username=<DB_USERNAME>
 
 </details>
 
-You can also scan the Postgres database file structure for errors:
-
-<details>
-<summary>Scan for file structure errors</summary>
-```bash
-docker exec -it immich_postgres pg_amcheck --username=postgres --heapallindexed --parent-check --rootdescend --progress --all --install-missing
-```
-
-A normal result will end something like this and return with an exit code of `0`:
-
-```bash
-7470/8832 relations (84%), 730829/734735 pages (99%)
-8425/8832 relations (95%), 734367/734735 pages (99%)
-8832/8832 relations (100%), 734735/734735 pages (100%)
-```
-
-</details>
-
 If corruption is detected, you should immediately make a backup before performing any other work in the database.
 To do so, you may need to set the `zero_damaged_pages=on` flag for the database server to allow `pg_dumpall` to succeed.
 After taking a backup, the recommended next step is to restore the database from a healthy backup before corruption was detected.

docs/docs/administration/backup-and-restore.md

@@ -5,10 +5,6 @@ import TabItem from '@theme/TabItem';
 
 A [3-2-1 backup strategy](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) is recommended to protect your data. You should keep copies of your uploaded photos/videos as well as the Immich database for a comprehensive backup solution. This page provides an overview on how to backup the database and the location of user-uploaded pictures and videos. A template bash script that can be run as a cron job is provided [here](/docs/guides/template-backup-script.md)
 
-:::danger
-The instructions on this page show you how to prepare your Immich instance to be backed up, and which files to take a backup of. You still need to take care of using an actual backup tool to make a backup yourself.
-:::
-
 ## Database
 
 :::caution
@@ -19,24 +15,18 @@ Immich saves [file paths in the database](https://github.com/immich-app/immich/d
 Refer to the official [postgres documentation](https://www.postgresql.org/docs/current/backup.html) for details about backing up and restoring a postgres database.
 :::
 
+The recommended way to backup and restore the Immich database is to use the `pg_dumpall` command. When restoring, you need to delete the `DB_DATA_LOCATION` folder (if it exists) to reset the database.
+
 :::caution
 It is not recommended to directly backup the `DB_DATA_LOCATION` folder. Doing so while the database is running can lead to a corrupted backup that cannot be restored.
 :::
 
 ### Automatic Database Backups
 
-For convenience, Immich will automatically create database backups by default. The backups are stored in `UPLOAD_LOCATION/backups`.  
-As mentioned above, you should make your own backup of these together with the asset folders as noted below.  
+Immich will automatically create database backups by default. The backups are stored in `UPLOAD_LOCATION/backups`.  
 You can adjust the schedule and amount of kept backups in the [admin settings](http://my.immich.app/admin/system-settings?isOpen=backup).  
 By default, Immich will keep the last 14 backups and create a new backup every day at 2:00 AM.
 
-#### Trigger Backup
-
-You are able to trigger a backup in the [admin job status page](http://my.immich.app/admin/jobs-status).
-Visit the page, open the "Create job" modal from the top right, select "Backup Database" and click "Confirm".
-A job will run and trigger a backup, you can verify this worked correctly by checking the logs or the backup folder.
-This backup will count towards the last X backups that will be kept based on your settings.
-
 #### Restoring
 
 We hope to make restoring simpler in future versions, for now you can find the backups in the `UPLOAD_LOCATION/backups` folder on your host.  
@@ -60,9 +50,9 @@ docker compose create           # Create Docker containers for Immich apps witho
 docker start immich_postgres    # Start Postgres server
 sleep 10                        # Wait for Postgres server to start up
 # Check the database user if you deviated from the default
-gunzip --stdout "/path/to/backup/dump.sql.gz" \
+gunzip < "/path/to/backup/dump.sql.gz" \
 | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
-| docker exec -i immich_postgres psql --dbname=postgres --username=<DB_USERNAME>  # Restore Backup
+| docker exec -i immich_postgres psql --username=postgres  # Restore Backup
 docker compose up -d            # Start remainder of Immich apps
 ```
 
@@ -70,44 +60,82 @@ docker compose up -d            # Start remainder of Immich apps
   <TabItem value="Windows system (PowerShell)" label="Windows system (PowerShell)">
 
 ```powershell title='Backup'
-[System.IO.File]::WriteAllLines("C:\absolute\path\to\backup\dump.sql", (docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres))
+docker exec -t immich_postgres pg_dumpall --clean --if-exists --username=postgres | Set-Content -Encoding utf8 "C:\path\to\backup\dump.sql"
 ```
 
 ```powershell title='Restore'
 docker compose down -v  # CAUTION! Deletes all Immich data to start from scratch
 ## Uncomment the next line and replace DB_DATA_LOCATION with your Postgres path to permanently reset the Postgres database
 # Remove-Item -Recurse -Force DB_DATA_LOCATION # CAUTION! Deletes all Immich data to start from scratch
-## You should mount the backup (as a volume, example: `- 'C:\path\to\backup\dump.sql:/dump.sql'`) into the immich_postgres container using the docker-compose.yml
-docker compose pull                               # Update to latest version of Immich (if desired)
-docker compose create                             # Create Docker containers for Immich apps without running them
-docker start immich_postgres                      # Start Postgres server
-sleep 10                                          # Wait for Postgres server to start up
-docker exec -it immich_postgres bash              # Enter the Docker shell and run the following command
-# Check the database user if you deviated from the default. If your backup ends in `.gz`, replace `cat` with `gunzip --stdout`
-cat "/dump.sql" | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" | psql --dbname=postgres --username=<DB_USERNAME>
-exit                                              # Exit the Docker shell
-docker compose up -d                              # Start remainder of Immich apps
+docker compose pull             # Update to latest version of Immich (if desired)
+docker compose create           # Create Docker containers for Immich apps without running them
+docker start immich_postgres    # Start Postgres server
+sleep 10                        # Wait for Postgres server to start up
+# Check the database user if you deviated from the default
+gc "C:\path\to\backup\dump.sql" | docker exec -i immich_postgres psql --username=postgres  # Restore Backup
+docker compose up -d            # Start remainder of Immich apps
 ```
 
 </TabItem>
 </Tabs>
 
-Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.), in which case you need to delete the `DB_DATA_LOCATION` folder to reset the database.
+Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.).
 
 :::tip
-Some deployment methods make it difficult to start the database without also starting the server. In these cases, you may set the environment variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Be sure to remove this variable and restart the services after the database is restored.
+Some deployment methods make it difficult to start the database without also starting the server or microservices. In these cases, you may set the environmental variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Note that both the server and microservices must have this variable set to prevent the migrations from running. Be sure to remove this variable and restart the services after the database is restored.
+:::
+
+### Automatic Database Backups
+
+The database dumps can also be automated (using [this image](https://github.com/prodrigestivill/docker-postgres-backup-local)) by editing the docker compose file to match the following:
+
+```yaml
+services:
+  ...
+  backup:
+    container_name: immich_db_dumper
+    image: prodrigestivill/postgres-backup-local:14
+    restart: always
+    env_file:
+      - .env
+    environment:
+      POSTGRES_HOST: database
+      POSTGRES_CLUSTER: 'TRUE'
+      POSTGRES_USER: ${DB_USERNAME}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+      POSTGRES_DB: ${DB_DATABASE_NAME}
+      SCHEDULE: "@daily"
+      POSTGRES_EXTRA_OPTS: '--clean --if-exists'
+      BACKUP_DIR: /db_dumps
+    volumes:
+      - ./db_dumps:/db_dumps
+    depends_on:
+      - database
+```
+
+Then you can restore with the same command but pointed at the latest dump.
+
+```bash title='Automated Restore'
+# Be sure to check the username if you changed it from default
+gunzip < db_dumps/last/immich-latest.sql.gz \
+| sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" \
+| docker exec -i immich_postgres psql --username=postgres
+```
+
+:::note
+If you see the error `ERROR:  type "earth" does not exist`, or you have problems with Reverse Geocoding after a restore, add the following `sed` fragment to your restore command.
+
+Example: `gunzip < "/path/to/backup/dump.sql.gz" | sed "s/SELECT pg_catalog.set_config('search_path', '', false);/SELECT pg_catalog.set_config('search_path', 'public, pg_catalog', true);/g" | docker exec -i immich_postgres psql --username=postgres`
 :::
 
 ## Filesystem
 
-Immich stores two types of content in the filesystem: (a) original, unmodified assets (photos and videos), and (b) generated content. We recommend backing up the entire contents of `UPLOAD_LOCATION`, but only the original content is critical, which is stored in the following folders:
+Immich stores two types of content in the filesystem: (1) original, unmodified assets (photos and videos), and (2) generated content. Only the original content needs to be backed-up, which is stored in the following folders:
 
 1. `UPLOAD_LOCATION/library`
 2. `UPLOAD_LOCATION/upload`
 3. `UPLOAD_LOCATION/profile`
 
-If you choose to back up only those folders, you will need to rerun the transcoding and thumbnail generation jobs for all assets after you restore from a backup.
-
 :::caution
 If you moved some of these folders onto a different storage device, such as `profile/`, make sure to adjust the backup path to match your setup
 :::

docs/docs/administration/email-notification.mdx

@@ -18,10 +18,4 @@ You can use [this guide](/docs/guides/smtp-gmail) to use Gmail's SMTP server.
 
 Users can manage their email notification settings from their account settings page on the web. They can choose to turn email notifications on or off for the following events:
 
-<img src={require('./img/user-notifications-settings.webp').default} width="80%" title="User notification settings" />
-
-## Notification templates
-
-You can override the default notification text with custom templates in HTML format. You can use tags to show dynamic tags in your templates.
-
-<img src={require('./img/user-notifications-templates.webp').default} width="80%" title="User notification templates" />
+<img src={require('./img/user-notifications-settings.png').default} width="80%" title="User notification settings" />

docs/docs/administration/jobs-workers.md

@@ -48,4 +48,8 @@ When a new asset is uploaded it kicks off a series of jobs, which include metada
 
 Additionally, some jobs run on a schedule, which is every night at midnight. This schedule, with the exception of [External Libraries](/docs/features/libraries) scanning, cannot be changed.
 
+:::info
+Storage Migration job can be run after changing the [Storage Template](/docs/administration/storage-template.mdx), in order to apply the change to the existing library.
+:::
+
 <img src={require('./img/admin-jobs.webp').default} width="60%" title="Admin jobs" />

docs/docs/administration/postgres-standalone.md

@@ -42,10 +42,6 @@ Typically Immich expects superuser permission in the database, which you can gra
 This method is recommended for **advanced users only** and often requires manual intervention when updating Immich.
 :::
 
-:::danger
-Currently, automated backups require superuser permission due to the usage of `pg_dumpall`.
-:::
-
 Immich can run without superuser permissions by following the below instructions at the `psql` prompt to prepare the database.
 
 ```sql title="Set up Postgres for Immich"
@@ -70,4 +66,4 @@ When installing a new version of pgvecto.rs, you will need to manually update th
 
 If you get the error `driverError: error: permission denied for view pg_vector_index_stat`, you can fix this by connecting to the Immich database and running `GRANT SELECT ON TABLE pg_vector_index_stat TO <immichdbusername>;`.
 
-[vectors-install]: https://docs.vectorchord.ai/getting-started/installation.html
+[vectors-install]: https://docs.pgvecto.rs/getting-started/installation.html

docs/docs/administration/repair-page.md

@@ -0,0 +1,31 @@
+# Repair Page
+
+:::warning
+This feature is currently disabled and will be reworked in the near future.
+:::
+
+The repair page is designed to give information to the system administrator about files that are not tracked, or offline paths.
+
+## Natural State
+
+In this situation, everything is in its place and there is no problem that the system administrator should be aware of.
+
+<img src={require('./img/repair-page.png').default} title="server statistic" />
+
+## Any Other Situation
+
+:::note RAM Usage
+Several users report a situation where the page fails to load. In order to solve this problem you should try to allocate more RAM to Immich, if the problem continues, you should stop using the reverse proxy while loading the page.
+:::
+
+In any other situation, there are 3 different options that can appear:
+
+- MATCHES - These files are matched by their checksums.
+
+- OFFLINE PATHS - These files are the result of manually deleting files from immich or a failed file move in the past (losing track of a file).
+
+- UNTRACKED FILES - These files are not tracked by the application. They can be the result of failed moves, interrupted uploads, or left behind due to a bug.
+
+In addition, you can download the information from a page, mark everything (in order to check hashing) and correct the problem if a match is found in the hashing.
+
+<img src={require('./img/repair-page-1.png').default} title="server statistic" />

docs/docs/administration/reverse-proxy.md

@@ -6,10 +6,6 @@ Users can deploy a custom reverse proxy that forwards requests to Immich. This w
 The Repair page can take a long time to load. To avoid server timeouts or errors, we recommend specifying a timeout of at least 10 minutes on your proxy server.
 :::
 
-:::caution
-Immich does not support being served on a sub-path such as `location /immich {`. It has to be served on the root path of a (sub)domain.
-:::
-
 ### Nginx example config
 
 Below is an example config for nginx. Make sure to set `public_url` to the front-facing URL of your instance, and `backend_url` to the path of the Immich server.

docs/docs/administration/server-stats.md

@@ -1,9 +1,13 @@
 # Server Stats
 
-Server statistics to show the total number of videos, photos, usage and quota per user.
+Server statistics to show the total number of videos, photos, and usage per user.
 
-:::info External library
-External libraries are not included in the storage quota due to custom mount points.
+:::info
+If a storage quota has been defined for the user, the usage number will be displayed as a percentage of the total storage quota allocated to them.
 :::
 
-<img src={require('./img/server-stats.webp').default} title="server statistic" />
+:::info External library
+External libraries are not included in the storage quota.
+:::
+
+<img src={require('./img/server-stats.png').default} title="server statistic" />

docs/docs/administration/system-integrity.md

@@ -3,7 +3,7 @@
 ## Folder checks
 
 :::info
-The folders considered for these checks include: `upload/`, `library/`, `thumbs/`, `encoded-video/`, `profile/`, `backups/`
+The folders considered for these checks include: `upload/`, `library/`, `thumbs/`, `encoded-video/`, `profile/`
 :::
 
 When Immich starts, it performs a series of checks in order to validate that it can read and write files to the volume mounts used by the storage system. If it cannot perform all the required operations, it will fail to start. The checks include:
@@ -40,9 +40,7 @@ The above error messages show that the server has previously (successfully) writ
 
 ### Ignoring the checks
 
-:::warning
-The checks are designed to catch common problems that we have seen users have in the past, and often indicate there's something wrong that you should solve. If you know what you're doing and you want to disable them you can set the following environment variable:
-:::
+The checks are designed to catch common problems that we have seen users have in the past, but if you want to disable them you can set the following environment variable:
 
 ```
 IMMICH_IGNORE_MOUNT_CHECK_ERRORS=true

docs/docs/administration/system-settings.md

@@ -1,6 +1,10 @@
 # System Settings
 
-The admin user can manage settings for the Immich instance here.
+On the system settings page, the administrator can manage global settings for the Immich instance.
+
+:::note
+Viewing and modifying the system settings is restricted to the Administrator.
+:::
 
 :::tip
 You can always return to the default settings by clicking the `Reset to default` button.
@@ -98,17 +102,10 @@ The default Immich log level is `Log` (commonly known as `Info`). The Immich adm
 Through this setting, you can manage all the settings related to machine learning in Immich, from the setting of remote machine learning to the model and its parameters
 You can choose to disable a certain type of machine learning, for example smart search or facial recognition.
 
-### URL
-
-The built in (`http://immich-machine-learning:3003`) machine learning server will be configured by default, but you can change this or add additional servers.
-
-Hosting the `immich-machine-learning` container on a machine with a more powerful GPU can be helpful to for processing a large number of photos (such as during batch import) or for faster search.
-
-If more than one URL is provided, each server will be attempted one-at-a-time until one responds successfully, in order from first to last. Servers that don't respond will be temporarily ignored until they come back online.
-
 ### Smart Search
 
-The [smart search](/docs/features/searching) settings allow you to change the [CLIP model](https://openai.com/research/clip). Larger models will typically provide [more accurate search results](https://github.com/immich-app/immich/discussions/11862) but consume more processing power and RAM. When [changing the CLIP model](/docs/FAQ#can-i-use-a-custom-clip-model) it is mandatory to re-run the Smart Search job on all images to fully apply the change.
+The [smart search](/docs/features/smart-search) settings are designed to allow the search tool to be used using [CLIP](https://openai.com/research/clip) models that [can be changed](/docs/FAQ#can-i-use-a-custom-clip-model), different models will necessarily give better results but may consume more processing power, when changing a model it is mandatory to re-run the
+Smart Search job on all images to fully apply the change.
 
 :::info Internet connection
 Changing models requires a connection to the Internet to download the model.
@@ -160,10 +157,6 @@ Immich supports [Reverse Geocoding](/docs/features/reverse-geocoding) using data
 
 SMTP server setup, for user creation notifications, new albums, etc. More information can be found [here](/docs/administration/email-notification)
 
-## Notification Templates
-
-Override the default notifications text with notification templates. More information can be found [here](/docs/administration/email-notification)
-
 ## Server Settings
 
 ### External Domain
@@ -212,68 +205,4 @@ When this option is enabled the `immich-server` will periodically make requests
 
 ## Video Transcoding Settings
 
-The system administrator can configure which video files will be converted to different formats. The settings can be changed in depth, to learn more about the terminology used here, refer to FFmpeg documentation for [H.264](https://trac.ffmpeg.org/wiki/Encode/H.264) codec, [HEVC](https://trac.ffmpeg.org/wiki/Encode/H.265) codec and [VP9](https://trac.ffmpeg.org/wiki/Encode/VP9) codec.
-
-Which streams of a video file will be transcoded is determined by the [Transcode Policy](#ffmpeg.transcode). Streams that are transcoded use the following settings (config file name in brackets). Streams that are not transcoded are untouched and preserve their original settings.
-
-### Accepted containers (`ffmpeg.acceptedContainers`) {#ffmpeg.acceptedContainers}
-
-If the video asset's container format is not in this list, it will be remuxed to MP4 even if no streams need to be transcoded.
-
-The default set of accepted container formats is `mov`, `ogg` and `webm`.
-
-### Preset (`ffmpeg.preset`) {#ffmpeg.preset}
-
-The amount of "compute effort" to put into transcoding. These use [the preset names from h264](https://trac.ffmpeg.org/wiki/Encode/H.264#Preset) and will be converted to appropriate values for encoders that configure effort in different ways.
-
-The default value is `ultrafast`.
-
-### Audio codec (`ffmpeg.targetAudioCodec`) {#ffmpeg.targetAudioCodec}
-
-Which audio codec to use when the audio stream is being transcoded. Can be one of `mp3`, `aac`, `libopus`.
-
-The default value is `aac`.
-
-### Video Codec (`ffmpeg.targetVideoCodec`) {#ffmpeg.targetVideoCodec}
-
-Which video codec to use when the video stream is being transcoded. Can be one of `h264`, `hevc`, `vp9` or `av1`.
-
-The default value is `h264`.
-
-### Target resolution (`ffmpeg.targetResolution`) {#ffmpeg.targetResolution}
-
-When transcoding a video stream, downscale the largest dimension to this value while preserving aspect ratio. Videos are never upscaled.
-
-The default value is `720`.
-
-### Transcode policy (`ffmpeg.transcode`) {#ffmpeg.transcode}
-
-The transcoding policy configures which streams of a video asset will be transcoded. The transcoding decision is made independently for video streams and audio streams. This means that if a video stream needs to be transcoded, but an audio stream does not, then the video stream will be transcoded while the audio stream will be copied. If the transcoding policy does not require any stream to be transcoded and does not require the video to be remuxed, then no separate video file will be created.
-
-The default policy is `required`.
-
-#### All videos (`all`) {#ffmpeg.transcode-all}
-
-Videos are always transcoded. This ensures consistency during video playback.
-
-#### Don't transcode any videos (`disabled`) {#ffmpeg.transcode-disabled}
-
-Videos are never transcoded. This saves space and resources on the server, but may prevent playback on devices that don't support the source format (especially web browsers) or result in high bandwidth usage when playing high-bitrate files.
-
-#### Only videos not in an accepted format (`required`) {#ffmpeg.transcode-required}
-
-Video streams are transcoded when any of the following conditions are met:
-
-- The video is HDR.
-- The video is not in the yuv420p pixel format.
-- The video codec is not in `acceptedVideoCodecs`.
-
-Audio is transcoded if the audio codec is not in `acceptedAudioCodecs`.
-
-#### Videos higher than max bitrate or not in an accepted format (`bitrate`) {#ffmpeg.transcode-bitrate}
-
-In addition to the conditions in `required`, video streams are also transcoded if their bitrate is over `maxBitrate`.
-
-#### Videos higher than target resolution or not in an accepted format (`optimal`) {#ffmpeg.transcode-optimal}
-
-In addition to the conditions in `required`, video streams are also transcoded if the horizontal **and** vertical dimensions are higher than [`targetResolution`](#ffmpeg.targetResolution).
+The system administrator can define parameters according to which video files will be converted to different formats (depending on the settings). The settings can be changed in depth, to learn more about the terminology used here, refer to FFmpeg documentation for [H.264](https://trac.ffmpeg.org/wiki/Encode/H.264) codec, [HEVC](https://trac.ffmpeg.org/wiki/Encode/H.265) codec and [VP9](https://trac.ffmpeg.org/wiki/Encode/VP9) codec.

docs/docs/administration/user-management.mdx

@@ -41,7 +41,7 @@ The system administrator can see the usage quota percentage of all users in Serv
 External libraries don't take up space from the storage quota.
 :::
 
-<img src={require('./img/user-quota-size.webp').default} width="40%" title="Set Quota Size" />
+<img src={require('./img/user-quota-size.png').default} width="40%" title="Set Quota Size" />
 
 ## Set Storage Label For User
 
@@ -51,13 +51,13 @@ To apply a storage template, go to the Administration page -> click on the penci
 To apply the Storage Label to previously uploaded assets, run the Storage Migration Job.
 :::
 
-<img src={require('./img/user-storage-label.webp').default} width="40%" title="Delete User" />
+<img src={require('./img/user-storage-label.png').default} width="40%" title="Delete User" />
 
 ## Password Reset
 
 To reset a user's password, click the pencil icon to edit a user, then click "Reset Password". The user's password will be reset to random password and they have to change it next time the sign in.
 
-<img src={require('./img/user-management-update.webp').default} width="40%" title="Reset Password" />
+<img src={require('./img/user-management-update.png').default} width="40%" title="Reset Password" />
 
 ## Delete a User
 
@@ -72,7 +72,7 @@ You can customize the time of the deletion of the users from the Administration
 The user deletion job runs at midnight to check for users that are ready for deletion. Changes to this setting will be evaluated at the next execution.
 :::
 
-<img src={require('./img/customize-delete-user.webp').default} width="80%" title="Customize Delete User" />
+<img src={require('./img/customize-delete-user.png').default} width="80%" title="Customize Delete User" />
 
 ### Immediately Remove User
 
@@ -80,4 +80,4 @@ You can choose to delete a user immediately by checking the box
 `Queue user and assets for immediate deletion` in the deletion process, this will immediately remove the user and all assets.
 This cannot be undone and the files cannot be recovered.
 
-<img src={require('./img/immediately-remove-user.webp').default} width="40%" title="Customize Delete User" />
+<img src={require('./img/immediately-remove-user.png').default} width="40%" title="Customize Delete User" />

docs/docs/developer/architecture.mdx

@@ -2,7 +2,7 @@
 sidebar_position: 1
 ---
 
-import AppArchitecture from './img/app-architecture.webp';
+import AppArchitecture from './img/app-architecture.png';
 import MobileArchitecture from './img/immich_mobile_architecture.svg';
 
 # Architecture
@@ -50,18 +50,19 @@ The Immich CLI is an [npm](https://www.npmjs.com/) package that lets users contr
 
 The Immich backend is divided into several services, which are run as individual docker containers.
 
-1. `immich-server` - Handle and respond to REST API requests, execute background jobs (thumbnail generation, metadata extraction, transcoding, etc.)
+1. `immich-server` - Handle and respond to REST API requests
+1. `immich-microservices` - Execute background jobs (thumbnail generation, metadata extraction, transcoding, etc.)
 1. `immich-machine-learning` - Execute machine learning models
 1. `postgres` - Persistent data storage
-1. `redis`- Queue management for background jobs
+1. `redis`- Queue management for `immich-microservices`
 
 ### Immich Server
 
-The Immich Server is a [TypeScript](https://www.typescriptlang.org/) project written for [Node.js](https://nodejs.org/). It uses the [Nest.js](https://nestjs.com) framework, [Express](https://expressjs.com/) server, and the query builder [Kysely](https://kysely.dev/). The server codebase also loosely follows the [Hexagonal Architecture](<https://en.wikipedia.org/wiki/Hexagonal_architecture_(software)>). Specifically, we aim to separate technology specific implementations (`src/repositories`) from core business logic (`src/services`).
+The Immich Server is a [TypeScript](https://www.typescriptlang.org/) project written for [Node.js](https://nodejs.org/). It uses the [Nest.js](https://nestjs.com) framework, with [TypeORM](https://typeorm.io/) for database management. The server codebase also loosely follows the [Hexagonal Architecture](<https://en.wikipedia.org/wiki/Hexagonal_architecture_(software)>). Specifically, we aim to separate technology specific implementations (`infra/`) from core business logic (`domain/`).
 
-### API Endpoints
+#### REST Endpoints
 
-An incoming HTTP request is mapped to a controller (`src/controllers`). Controllers are collections of HTTP endpoints. Each controller usually implements the following CRUD operations for its respective resource type:
+The server is a list of HTTP endpoints and associated handlers (controllers). Each controller usually implements the following CRUD operations:
 
 - `POST` `/<type>` - **Create**
 - `GET` `/<type>` - **Read** (all)
@@ -69,13 +70,13 @@ An incoming HTTP request is mapped to a controller (`src/controllers`). Controll
 - `PUT` `/<type>/:id` - **Updated** (by id)
 - `DELETE` `/<type>/:id` - **Delete** (by id)
 
-### Domain Transfer Objects (DTOs)
+#### DTOs
 
 The server uses [Domain Transfer Objects](https://en.wikipedia.org/wiki/Data_transfer_object) as public interfaces for the inputs (query, params, and body) and outputs (response) for each endpoint. DTOs translate to [OpenAPI](./open-api.md) schemas and control the generated code used by each client.
 
-### Background Jobs
+### Microservices
 
-Immich uses a [worker](https://github.com/immich-app/immich/blob/main/server/src/utils/misc.ts#L266) to run background jobs. These jobs include:
+The Immich Microservices image uses the same `Dockerfile` as the Immich Server, but with a different entrypoint. The Immich Microservices service mainly handles executing jobs, which include the following:
 
 - Thumbnail Generation
 - Metadata Extraction

docs/docs/developer/pr-checklist.md

@@ -1,9 +1,5 @@
 # PR Checklist
 
-A minimal devcontainer is supplied with this repository. All commands can be executed directly inside this container to avoid tedious installation of the environment.
-:::warning
-The provided devcontainer isn't complete at the moment. At least all dockerized steps in the Makefile won't work (`make dev`, ....). Feel free to contribute!
-:::
 When contributing code through a pull request, please check the following:
 
 ## Web Checks
@@ -11,7 +7,6 @@ When contributing code through a pull request, please check the following:
 - [ ] `npm run lint` (linting via ESLint)
 - [ ] `npm run format` (formatting via Prettier)
 - [ ] `npm run check:svelte` (Type checking via SvelteKit)
-- [ ] `npm run check:typescript` (check typescript)
 - [ ] `npm test` (unit tests)
 
 ## Documentation

docs/docs/developer/setup.md

@@ -39,16 +39,13 @@ All the services are packaged to run as with single Docker Compose command.
 make dev # required Makefile installed on the system.
 ```
 
-5. Access the dev instance in your browser at http://localhost:3000, or connect via the mobile app.
+5. Access the dev instance in your browser at http://localhost:2283, or connect via the mobile app.
 
 All the services will be started with hot-reloading enabled for a quick feedback loop.
 
-You can access the web from `http://your-machine-ip:3000` or `http://localhost:3000` and access the server from the mobile app at `http://your-machine-ip:3000/api`
+You can access the web from `http://your-machine-ip:2283` or `http://localhost:2283` and access the server from the mobile app at `http://your-machine-ip:2283/api`
 
-**Notes:**
-
-- The "web" development container runs with uid 1000. If that uid does not have read/write permissions on the mounted volumes, you may encounter errors
-- In case of rootless docker setup, you need to use root within the container, otherwise you will encounter read/write permission related errors, see comments in `docker/docker-compose.dev.yml`.
+**Note:** the "web" development container runs with uid 1000. If that uid does not have read/write permissions on the mounted volumes, you may encounter errors
 
 #### Connect web to a remote backend
 
@@ -63,20 +60,9 @@ If you only want to do web development connected to an existing, remote backend,
 IMMICH_SERVER_URL=https://demo.immich.app/ npm run dev
 ```
 
-#### `@immich/ui`
-
-To see local changes to `@immich/ui` in Immich, do the following:
-
-1. Install `@immich/ui` as a sibling to `immich/`, for example `/home/user/immich` and `/home/user/ui`
-1. Build the `@immich/ui` project via `npm run build`
-1. Uncomment the corresponding volume in web service of the `docker/docker-compose.dev.yaml` file (`../../ui:/usr/ui`)
-1. Uncomment the corresponding alias in the `web/vite.config.js` file (`'@immich/ui': path.resolve(\_\_dirname, '../../ui')`)
-1. Start up the stack via `make dev`
-1. After making changes in `@immich/ui`, rebuild it (`npm run build`)
-
 ### Mobile app
 
-The mobile app `(/mobile)` will required Flutter toolchain 3.13.x and FVM to be installed on your system.
+The mobile app `(/mobile)` will required Flutter toolchain 3.13.x to be installed on your system.
 
 Please refer to the [Flutter's official documentation](https://flutter.dev/docs/get-started/install) for more information on setting up the toolchain on your machine.
 
@@ -90,7 +76,7 @@ Setting these in the IDE give a better developer experience, auto-formatting cod
 
 ### Dart Code Metrics
 
-The mobile app uses DCM (Dart Code Metrics) for linting and metrics calculation. Please refer to the [Getting Started](https://dcm.dev/docs/) page for more information on setting up DCM
+The mobile app uses DCM (Dart Code Metrics) for linting and metrics calculation. Please refer to the [Getting Started](https://dcm.dev/docs/getting-started/#installation) page for more information on setting up DCM
 
 Note: Activating the license is not required.
 

docs/docs/features/automatic-backup.md

@@ -1,14 +1,8 @@
 # Automatic Backup
 
-Immich supports uploading photos and videos from your mobile device to the server automatically.
+A guide on how the foreground and background automatic backup works.
 
----
-
-You can enable the settings by accessing the upload options from the upload page
-
-<img src={require('./img/backup-settings-access.webp').default} width="50%" title="Backup option selection" />
-
-<img src={require('./img/background-foreground-backup.webp').default} width="50%" title="Foreground&Background Backup" />
+<img src={require('./img/background-foreground-backup.png').default} width="50%" title="Foreground&Background Backup" />
 
 ## Foreground backup
 
@@ -16,9 +10,9 @@ If foreground backup is enabled: whenever the app is opened or resumed, it will
 
 ## Background backup
 
-This feature is intended for everyday use. For initial bulk uploading, please use the foreground upload feature. For more information on why background upload is not working as expected, please refer to the [FAQ](/docs/FAQ#why-does-foreground-backup-stop-when-i-navigate-away-from-the-app-shouldnt-it-transfer-the-job-to-background-backup).
+Background backup is available thanks to the contribution effort of [@fyfrey](https://github.com/fyfrey) and [@martyfuhry](https://github.com/martyfuhry).
 
-If background backup is enabled. The app will periodically check if there are any new photos or videos in the selected album(s) to be uploaded to the server. If there are, it will upload them to the cloud in the background.
+If background backup is enabled. The app will periodically check if there are any new photos or videos in the selected album(s) to be uploaded to the cloud. If there are, it will upload them to the cloud in the background.
 
 :::info Note
 
@@ -36,7 +30,7 @@ If background backup is enabled. The app will periodically check if there are an
 - You must enable **Background App Refresh** for the app to work in the background. You can enable it in the Settings app under General > Background App Refresh.
 
 <div style={{textAlign: 'center'}}>
-<img src={require('./img/background-app-refresh.webp').default} width="30%" title="background-app-refresh" />
+<img src={require('./img/background-app-refresh.png').default} width="30%" title="background-app-refresh" />
 </div>
 
 :::

docs/docs/features/command-line-interface.md

@@ -170,4 +170,4 @@ immich upload --include-hidden --recursive directory/
 
 The API key can be obtained in the user setting panel on the web interface.
 
-![Obtain Api Key](./img/obtain-api-key.webp)
+![Obtain Api Key](./img/obtain-api-key.png)

docs/docs/features/facial-recognition.md

@@ -6,15 +6,15 @@ Immich recognizes faces in your photos and videos and groups them together into
 
 The list of people is shown in the Explore page.
 
-<img src={require('./img/facial-recognition-1.webp').default} title='Facial Recognition 1' />
+<img src={require('./img/facial-recognition-1.png').default} title='Facial Recognition 1' />
 
 Upon clicking on a person, a list of assets that contain their face will be shown.
 
-<img src={require('./img/facial-recognition-2.webp').default} title='Facial Recognition 2' />
+<img src={require('./img/facial-recognition-2.png').default} title='Facial Recognition 2' />
 
 The asset detail view will also show the faces that are recognized in the asset.
 
-<img src={require('./img/facial-recognition-3.webp').default} title='Facial Recognition 3' />
+<img src={require('./img/facial-recognition-3.png').default} title='Facial Recognition 3' />
 
 ## Actions
 
@@ -28,7 +28,7 @@ Additional actions you can do include:
 
 It can be found from the app bar when you access the detail view of a person.
 
-<img src={require('./img/facial-recognition-4.webp').default} title='Facial Recognition 4' width="70%"/>
+<img src={require('./img/facial-recognition-4.png').default} title='Facial Recognition 4' width="70%"/>
 
 ## How Face Detection Works
 
@@ -69,8 +69,6 @@ Navigating to Administration > Settings > Machine Learning Settings > Facial Rec
 
 :::tip
 It's better to only tweak the parameters here than to set them to something very different unless you're ready to test a variety of options. If you do need to set a parameter to a strict setting, relaxing other settings can be a good option to compensate, and vice versa.
-
-You can learn how the tune the result in this [Guide](/docs/guides/better-facial-clusters)
 :::
 
 ### Facial recognition model
@@ -79,7 +77,7 @@ There are a few different models available; the default is typically considered
 
 ### Minimum detection score
 
-This setting affects whether a result from the face detection model is filtered out as a false positive. It may seem tempting to set this low to detect more faces, but it can lead to false positives that are difficult to deal with and can harm facial recognition. It is strongly recommended not to go below 0.5 for this setting. Setting it to a very high number like 0.9 is also not recommended: the default is already biased toward precision, so a threshold that high leads to many undetected faces.
+This setting affects whether a result from the face detecton model is filtered out as a false positive. It may seem tempting to set this low to detect more faces, but it can lead to false positives that are difficult to deal with and can harm facial recognition. It is strongly recommended not to go below 0.5 for this setting. Setting it to a very high number like 0.9 is also not recommended: the default is already biased toward precision, so a threshold that high leads to many undetected faces.
 
 After changing this setting, it will only apply to new face detection jobs. To apply the new setting to all assets, you need to re-run face detection for all assets.