fix: handle cancellation in image loading and simplify request assignment

.devcontainer/server/container-compose-overrides.yml

@@ -15,7 +15,7 @@ services:
     volumes:
       - ${UPLOAD_LOCATION:-upload-devcontainer-volume}${UPLOAD_LOCATION:+/photos}:/data
       - /etc/localtime:/etc/localtime:ro
-      - build_cache:/buildcache
+      - pnpm_store_server:/buildcache/pnpm-store
       - ../packages/plugin-core:/build/plugins/immich-plugin-core
   immich-web:
     env_file: !reset []

.devcontainer/server/container-start-frontend.sh

@@ -8,8 +8,6 @@ log "Preparing Immich Web Frontend"
 log ""
 run_cmd pnpm --filter @immich/sdk install
 run_cmd pnpm --filter @immich/sdk build
-run_cmd pnpm --filter @immich/plugin-sdk install
-run_cmd pnpm --filter @immich/plugin-sdk build
 run_cmd pnpm --filter immich-web install
 
 log "Starting Immich Web Frontend"

.github/FUNDING.yml

@@ -0,0 +1 @@
+custom: ['https://buy.immich.app', 'https://immich.store']

.github/workflows/auto-close.yml

@@ -15,7 +15,7 @@ jobs:
     outputs:
       uses_template: ${{ steps.check.outputs.uses_template }}
     steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           sparse-checkout: .github/pull_request_template.md
           sparse-checkout-cone-mode: false

.github/workflows/build-mobile.yml

@@ -51,7 +51,7 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -79,22 +79,21 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           ref: ${{ inputs.ref }}
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
-          working_directory: ./mobile
 
       - name: Create the Keystore
         if: ${{ !github.event.pull_request.head.repo.fork }}
@@ -202,7 +201,7 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -211,16 +210,15 @@ jobs:
         run: sudo xcode-select -s /Applications/Xcode_26.2.app/Contents/Developer
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           ref: ${{ inputs.ref || github.sha }}
           persist-credentials: false
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
-          working_directory: ./mobile
 
       - name: Install Flutter dependencies
         working-directory: ./mobile
@@ -232,12 +230,8 @@ jobs:
       - name: Generate platform APIs
         run: mise //mobile:codegen:pigeon
 
-      - name: Resolve iOS Swift Packages
-        working-directory: ./mobile
-        run: flutter build ios --config-only --no-codesign
-
       - name: Setup Ruby
-        uses: ruby/setup-ruby@afeafc3d1ab54a631816aba4c914a0081c12ff2f # v1.310.0
+        uses: ruby/setup-ruby@c4e5b1316158f92e3d49443a9d58b31d25ac0f8f # v1.306.0
         with:
           ruby-version: '3.3'
           bundler-cache: true
@@ -294,6 +288,7 @@ jobs:
           APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ID }}
           APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }}
           ENVIRONMENT: ${{ inputs.environment || 'development' }}
+          BUNDLE_ID_SUFFIX: ${{ inputs.environment == 'production' && '' || 'development' }}
           GITHUB_REF: ${{ github.ref }}
           FASTLANE_XCODEBUILD_SETTINGS_TIMEOUT: 120
           FASTLANE_XCODEBUILD_SETTINGS_RETRIES: 6

.github/workflows/cache-cleanup.yml

@@ -19,13 +19,13 @@ jobs:
       actions: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check out code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}

.github/workflows/check-openapi.yml

@@ -4,7 +4,6 @@ on:
   pull_request:
     paths:
       - 'open-api/**'
-      - 'mobile/lib/utils/openapi_patching.dart'
       - '.github/workflows/check-openapi.yml'
 
 concurrency:
@@ -20,46 +19,13 @@ jobs:
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
       - name: Check for breaking API changes
-        uses: oasdiff/oasdiff-action/breaking@a8c7f0e5649d20d623edb5b38446d3ab3d82d43c # v0.0.53
+        uses: oasdiff/oasdiff-action/breaking@26ccb332c67a45ca649de9faf60552ef1b8260d9 # v0.0.46
         with:
           base: https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json
           revision: open-api/immich-openapi-specs.json
           fail-on: ERR
-
-  check-mobile-patches:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-        with:
-          persist-credentials: false
-
-      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
-        with:
-          github_token: ${{ github.token }}
-          working_directory: ./mobile
-
-      - name: Get packages
-        working-directory: ./mobile
-        run: flutter pub get
-
-      - name: Fetch base spec from main
-        run: |
-          curl -fsSL \
-            "https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json" \
-            -o /tmp/base-spec.json
-
-      - name: Check newly-required fields have a backward-compat patch
-        working-directory: ./mobile
-        env:
-          OPENAPI_BASE_SPEC: /tmp/base-spec.json
-          OPENAPI_REVISION_SPEC: ../open-api/immich-openapi-specs.json
-        run: flutter test test/openapi_patches_coverage.dart

.github/workflows/cli.yml

@@ -31,27 +31,25 @@ jobs:
         working-directory: ./packages/cli
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
       - name: Publish
         if: ${{ github.event_name == 'release' }}
-        env:
-          NPM_TAG: ${{ github.event.release.prerelease && 'rc' || 'latest' }}
-        run: mise run ci-publish -- --tag "$NPM_TAG"
+        run: mise run ci-publish
 
   docker:
     name: Docker
@@ -63,25 +61,25 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3 # v4.1.0
+        uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0
+        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
         if: ${{ !github.event.pull_request.head.repo.fork }}
         with:
           registry: ghcr.io
@@ -96,7 +94,7 @@ jobs:
 
       - name: Generate docker image tags
         id: metadata
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
         with:
           flavor: |
             latest=false
@@ -104,10 +102,10 @@ jobs:
             name=ghcr.io/${{ github.repository_owner }}/immich-cli
           tags: |
             type=raw,value=${{ steps.package-version.outputs.version }},enable=${{ github.event_name == 'release' }}
-            type=raw,value=latest,enable=${{ github.event_name == 'release' && !github.event.release.prerelease }}
+            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
 
       - name: Build and push image
-        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
         with:
           file: packages/cli/Dockerfile
           platforms: linux/amd64,linux/arm64

.github/workflows/close-duplicates.yml

@@ -14,11 +14,7 @@ jobs:
       should_run: ${{ steps.should_run.outputs.run }}
     steps:
       - id: should_run
-        run: |
-          echo "run=${{
-            (github.event_name == 'issues' || github.event.discussion.category.name == 'Feature Request')
-            && !contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.issue.author_association || github.event.discussion.author_association)
-          }}" >> "$GITHUB_OUTPUT"
+        run: echo "run=${{ github.event_name == 'issues' || github.event.discussion.category.name == 'Feature Request' }}" >> $GITHUB_OUTPUT
 
   get_body:
     runs-on: ubuntu-latest
@@ -39,7 +35,7 @@ jobs:
     needs: [get_body, should_run]
     if: ${{ needs.should_run.outputs.should_run == 'true' }}
     container:
-      image: ghcr.io/immich-app/mdq:main@sha256:e73f60195b39748c4876f23e3e6cd22a68a9754acec8aef1fd6979fd52cd2c9f
+      image: ghcr.io/immich-app/mdq:main@sha256:0a8b8867773a0f8368061f47578603f438349f8f1f28b0e16105f481e5c794e0
     outputs:
       checked: ${{ steps.get_checkbox.outputs.checked }}
     steps:

.github/workflows/codeql-analysis.yml

@@ -44,20 +44,20 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -70,7 +70,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/autobuild@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -83,6 +83,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
+        uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
         with:
           category: '/language:${{matrix.language}}'

.github/workflows/docker.yml

@@ -23,7 +23,7 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -60,7 +60,7 @@ jobs:
         suffix: ['', '-cuda', '-rocm', '-openvino', '-armnn', '-rknn']
     steps:
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -90,7 +90,7 @@ jobs:
         suffix: ['']
     steps:
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -132,7 +132,7 @@ jobs:
             suffixes: '-rocm'
             platforms: linux/amd64
             runner-mapping: '{"linux/amd64": "pokedex-large"}'
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@db54dcf16fbb12c43479a23749ceea0ad1b4a704 # multi-runner-build-workflow-v3.0.0
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@5813c7c4f7016c748ae7ac5d5f684846649d4d20 # multi-runner-build-workflow-v2.4.0
     permissions:
       contents: read
       actions: read
@@ -147,7 +147,7 @@ jobs:
       platforms: ${{ matrix.platforms }}
       runner-mapping: ${{ matrix.runner-mapping }}
       suffixes: ${{ matrix.suffixes }}
-      dockerhub-push: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
+      dockerhub-push: ${{ github.event_name == 'release' }}
       build-args: |
         DEVICE=${{ matrix.device }}
 
@@ -155,7 +155,7 @@ jobs:
     name: Build and Push Server
     needs: pre-job
     if: ${{ fromJSON(needs.pre-job.outputs.should_run).server == true }}
-    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@db54dcf16fbb12c43479a23749ceea0ad1b4a704 # multi-runner-build-workflow-v3.0.0
+    uses: immich-app/devtools/.github/workflows/multi-runner-build.yml@5813c7c4f7016c748ae7ac5d5f684846649d4d20 # multi-runner-build-workflow-v2.4.0
     permissions:
       contents: read
       actions: read
@@ -167,7 +167,7 @@ jobs:
       image: immich-server
       context: .
       dockerfile: server/Dockerfile
-      dockerhub-push: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
+      dockerhub-push: ${{ github.event_name == 'release' }}
       build-args: |
         DEVICE=cpu
 

.github/workflows/docs-build.yml

@@ -21,7 +21,7 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -54,19 +54,19 @@ jobs:
 
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 

.github/workflows/docs-deploy.yml

@@ -20,7 +20,7 @@ jobs:
       artifact: ${{ steps.get-artifact.outputs.result }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -98,16 +98,9 @@ jobs:
                 shouldDeploy: true
               };
             } else if (eventType == "release") {
-              const tag = context.payload.workflow_run.head_branch;
-              const { data: release } = await github.rest.repos.getReleaseByTag({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                tag,
-              });
               parameters = {
                 event: "release",
-                name: tag,
-                prerelease: release.prerelease,
+                name: context.payload.workflow_run.head_branch,
                 shouldDeploy: !isFork
               };
             }
@@ -126,19 +119,19 @@ jobs:
     if: ${{ fromJson(needs.checks.outputs.artifact).found && fromJson(needs.checks.outputs.parameters).shouldDeploy }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -153,7 +146,6 @@ jobs:
             const parameters = JSON.parse(process.env.PARAM_JSON);
             core.setOutput("event", parameters.event);
             core.setOutput("name", parameters.name);
-            core.setOutput("prerelease", parameters.prerelease);
             core.setOutput("shouldDeploy", parameters.shouldDeploy);
 
       - name: Download artifact
@@ -211,7 +203,7 @@ jobs:
         run: mise run //docs:deploy
 
       - name: Deploy Docs Release Domain
-        if: ${{ steps.parameters.outputs.event == 'release' && steps.parameters.outputs.prerelease != 'true' }}
+        if: ${{ steps.parameters.outputs.event == 'release' }}
         env:
           TF_VAR_prefix_name: ${{ steps.parameters.outputs.name}}
           CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}

.github/workflows/docs-destroy.yml

@@ -17,19 +17,19 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 

.github/workflows/fix-format.yml

@@ -15,20 +15,20 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           ref: ${{ github.event.pull_request.head.ref }}
           persist-credentials: true
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -45,7 +45,7 @@ jobs:
         uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         if: always()
         with:
-          github-token: ${{ steps.token.outputs.token }}
+          github-token: ${{ steps.generate-token.outputs.token }}
           script: |
             github.rest.issues.removeLabel({
               issue_number: context.payload.pull_request.number,

.github/workflows/merge-translations.yml

@@ -31,7 +31,7 @@ jobs:
       - name: Generate a token
         id: generate_token
         if: ${{ inputs.skip != true }}
-        uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

.github/workflows/pr-label-validation.yml

@@ -14,7 +14,7 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

.github/workflows/pr-labeler.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

.github/workflows/prepare-release.yml

@@ -10,13 +10,9 @@ on:
         type: choice
         options:
           - 'false'
+          - major
           - minor
           - patch
-          - premajor
-          - preminor
-          - prepatch
-          - prerelease
-          - release
       mobileBump:
         description: 'Bump mobile build number'
         required: false
@@ -53,32 +49,32 @@ jobs:
     permissions: {} # No job-level permissions are needed because it uses the app-token
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           token: ${{ steps.token.outputs.token }}
           persist-credentials: true
           ref: main
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
       # TODO move to mise
       - name: Install uv
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
 
       - name: Bump version
         env:
           SERVER_BUMP: ${{ inputs.serverBump }}
           MOBILE_BUMP: ${{ inputs.mobileBump }}
-        run: pnpm --silent release -s "${SERVER_BUMP}" -m "${MOBILE_BUMP}"
+        run: misc/release/pump-version.sh -s "${SERVER_BUMP}" -m "${MOBILE_BUMP}"
 
       - id: output
         run: echo "version=$IMMICH_VERSION" >> $GITHUB_OUTPUT
@@ -97,7 +93,6 @@ jobs:
     needs: bump_version
     permissions:
       contents: read
-      pull-requests: write
     secrets:
       KEY_JKS: ${{ secrets.KEY_JKS }}
       ALIAS: ${{ secrets.ALIAS }}
@@ -124,13 +119,13 @@ jobs:
     steps:
       - name: Generate a token
         id: generate-token
-        uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           token: ${{ steps.generate-token.outputs.token }}
           persist-credentials: false
@@ -142,7 +137,7 @@ jobs:
           github-token: ${{ steps.generate-token.outputs.token }}
 
       - name: Create draft release
-        uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
+        uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2.6.2
         with:
           draft: true
           tag_name: ${{ needs.bump_version.outputs.version }}

.github/workflows/preview-label.yaml

@@ -14,7 +14,7 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -32,7 +32,7 @@ jobs:
       pull-requests: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

.github/workflows/sdk.yml

@@ -16,19 +16,19 @@ jobs:
       packages: write
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -39,6 +39,4 @@ jobs:
         run: pnpm --filter @immich/sdk build
 
       - name: Publish
-        env:
-          NPM_TAG: ${{ github.event.release.prerelease && 'rc' || 'latest' }}
-        run: pnpm --filter @immich/sdk publish --provenance --no-git-checks --tag "$NPM_TAG"
+        run: pnpm --filter @immich/sdk publish --provenance --no-git-checks

.github/workflows/static_analysis.yml

@@ -20,7 +20,7 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -49,22 +49,21 @@ jobs:
         working-directory: ./mobile
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
-          working_directory: ./mobile
 
       - name: Install dependencies
         run: flutter pub get
@@ -73,6 +72,10 @@ jobs:
         run: flutter pub get
         working-directory: ./mobile/packages/ui
 
+      - name: Install dependencies for UI Showcase
+        run: flutter pub get
+        working-directory: ./mobile/packages/ui/showcase
+
       - name: Generate translation files
         run: mise //mobile:codegen:translation
 
@@ -90,8 +93,6 @@ jobs:
             mobile/**/*.g.dart
             mobile/**/*.gr.dart
             mobile/**/*.drift.dart
-            mobile/**/*.g.swift
-            mobile/**/*.g.kt
 
       - name: Verify files have not changed
         if: steps.verify-changed-files.outputs.files_changed == 'true'

.github/workflows/test.yml

@@ -17,7 +17,7 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -28,72 +28,33 @@ jobs:
         with:
           github-token: ${{ steps.token.outputs.token }}
           filters: |
-            root:
-              - 'misc/**'
-              - 'pnpm-lock.yaml'
-              - 'mise.toml'
             i18n:
               - 'i18n/**'
-              - 'mise.toml'
             web:
               - 'web/**'
               - 'i18n/**'
               - 'packages/sdk/**'
               - 'pnpm-lock.yaml'
-              - 'mise.toml'
             server:
               - 'server/**'
               - 'pnpm-lock.yaml'
-              - 'mise.toml'
             cli:
               - 'packages/cli/**'
               - 'packages/sdk/**'
               - 'pnpm-lock.yaml'
-              - 'mise.toml'
             e2e:
               - 'e2e/**'
               - 'pnpm-lock.yaml'
-              - 'mise.toml'
             mobile:
               - 'mobile/**'
-              - 'mise.toml'
             machine-learning:
               - 'machine-learning/**'
-              - 'mise.toml'
             .github:
               - '.github/**'
           force-filters: |
             - '.github/workflows/test.yml'
           force-events: 'workflow_dispatch'
 
-  root-unit-tests:
-    name: Test the root workspace
-    needs: pre-job
-    if: ${{ fromJSON(needs.pre-job.outputs.should_run).root == true }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-      - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
-        with:
-          client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
-          private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
-
-      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-        with:
-          persist-credentials: false
-          token: ${{ steps.token.outputs.token }}
-
-      - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
-        with:
-          github_token: ${{ steps.token.outputs.token }}
-
-      - name: Run unit tests
-        run: pnpm test
-
   server-unit-tests:
     name: Test & Lint Server
     needs: pre-job
@@ -103,19 +64,19 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -134,19 +95,19 @@ jobs:
         working-directory: ./packages/cli
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -165,19 +126,19 @@ jobs:
         working-directory: ./packages/cli
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -209,19 +170,19 @@ jobs:
         working-directory: ./web
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -247,19 +208,19 @@ jobs:
         working-directory: ./web
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -275,19 +236,19 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -325,19 +286,19 @@ jobs:
         working-directory: ./e2e
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -357,20 +318,20 @@ jobs:
         working-directory: ./server
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           submodules: 'recursive'
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -393,20 +354,20 @@ jobs:
         runner: [ubuntu-latest, ubuntu-24.04-arm]
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           submodules: 'recursive'
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # v6.0.8
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
 
       - name: Setup Node
         uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
@@ -470,20 +431,20 @@ jobs:
         runner: [ubuntu-latest, ubuntu-24.04-arm]
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           submodules: 'recursive'
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup pnpm
-        uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093 # v6.0.8
+        uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0
 
       - name: Setup Node
         uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
@@ -578,21 +539,20 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
-          working_directory: ./mobile
 
       - name: Install dependencies
         run: flutter pub get
@@ -616,18 +576,18 @@ jobs:
         working-directory: ./machine-learning
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -646,19 +606,19 @@ jobs:
         working-directory: ./.github
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -676,12 +636,12 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -697,19 +657,19 @@ jobs:
       contents: read
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 
@@ -755,19 +715,19 @@ jobs:
           - 5432:5432
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@7b8610a904d57da241e4ddba17fa62b62b15aed4 # use-mise-action-v2.0.2
+        uses: immich-app/devtools/actions/use-mise@cf6e190bacde3d7bda59372a786b36ac7d01536a # use-mise-action-v2.0.1
         with:
           github_token: ${{ steps.token.outputs.token }}
 

.github/workflows/weblate-lock.yml

@@ -24,7 +24,7 @@ jobs:
       should_run: ${{ steps.check.outputs.should_run }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
@@ -47,7 +47,7 @@ jobs:
     if: ${{ fromJSON(needs.pre-job.outputs.should_run).i18n == true }}
     steps:
       - id: token
-        uses: immich-app/devtools/actions/create-workflow-token@9db058b2e6eec20e07760b0e17a0505c78ec3191 # create-workflow-token-action-v2.0.1
+        uses: immich-app/devtools/actions/create-workflow-token@caa599d954228439ea3e8ce1c3328f41ab120ee6 # create-workflow-token-action-v2.0.0
         with:
           client-id: ${{ secrets.PUSH_O_MATIC_APP_CLIENT_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}

.vscode/settings.json

@@ -60,7 +60,6 @@
   "explorer.fileNesting.patterns": {
     "*.dart": "${capture}.g.dart,${capture}.gr.dart,${capture}.drift.dart",
     "*.ts": "${capture}.spec.ts,${capture}.mock.ts",
-    "*.js": "${capture}.spec.js,${capture}.mock.js",
     "package.json": "package-lock.json, yarn.lock, pnpm-lock.yaml, bun.lockb, bun.lock, pnpm-workspace.yaml, .pnpmfile.cjs"
   },
   "search.exclude": {

CODEOWNERS

@@ -4,4 +4,4 @@
 /web/ @danieldietzler
 /machine-learning/ @mertalev
 /e2e/ @danieldietzler
-/mobile/ @shenlong-tanwen @santoshakil
+/mobile/ @shenlong-tanwen

CODE_OF_CONDUCT.md

@@ -0,0 +1,134 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation
+in our community a harassment-free experience for everyone, regardless
+of age, body size, visible or invisible disability, ethnicity, sex
+characteristics, gender identity and expression, level of experience,
+education, socio-economic status, nationality, personal appearance,
+race, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open,
+welcoming, diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for
+our community include:
+
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our
+  mistakes, and learning from the experience
+- Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+- Trolling, insulting or derogatory comments, and personal or
+  political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+- Other conduct which could reasonably be considered inappropriate in
+  a professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our
+standards of acceptable behavior and will take appropriate and fair
+corrective action in response to any behavior that they deem
+inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit,
+or reject comments, commits, code, wiki edits, issues, and other
+contributions that are not aligned to this Code of Conduct, and will
+communicate reasons for moderation decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also
+applies when an individual is officially representing the community in
+public spaces. Examples of representing our community include using an
+official e-mail address, posting via an official social media account,
+or acting as an appointed representative at an online or offline
+event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior
+may be reported to the community leaders responsible for enforcement
+at our Discord channel. All complaints
+will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and
+security of the reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in
+determining the consequences for any action they deem in violation of
+this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior
+deemed unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders,
+providing clarity around the nature of the violation and an
+explanation of why the behavior was inappropriate. A public apology
+may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued
+behavior. No interaction with the people involved, including
+unsolicited interaction with those enforcing the Code of Conduct, for
+a specified period of time. This includes avoiding interactions in
+community spaces as well as external channels like social
+media. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards,
+including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or
+public communication with the community for a specified period of
+time. No public or private interaction with the people involved,
+including unsolicited interaction with those enforcing the Code of
+Conduct, is allowed during this period. Violating these terms may lead
+to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of
+community standards, including sustained inappropriate behavior,
+harassment of an individual, or aggression toward or disparagement of
+classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction
+within the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor
+Covenant][homepage], version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of
+conduct enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the
+FAQ at https://www.contributor-covenant.org/faq. Translations are
+available at https://www.contributor-covenant.org/translations.

Makefile

@@ -1,46 +1,46 @@
 dev:
-	@printf "This command has been removed. Please use:\n\n    mise dev          # or mise //:dev from another directory\n\n" >&2 && exit 1
+	@trap 'make dev-down' EXIT; COMPOSE_BAKE=true docker compose -f ./docker/docker-compose.dev.yml up --remove-orphans
 
 dev-down:
-	@printf "This command has been removed. Please use:\n\n    mise dev-down          # or mise //:dev-down from another directory\n\n" >&2 && exit 1
+	docker compose -f ./docker/docker-compose.dev.yml down --remove-orphans
 
 dev-update:
-	@printf "This command has been removed. Please use:\n\n    mise dev-update          # or mise //:dev-update from another directory\n\n" >&2 && exit 1
+	@trap 'make dev-down' EXIT; COMPOSE_BAKE=true docker compose -f ./docker/docker-compose.dev.yml up --build -V --remove-orphans
 
 dev-scale:
-	@printf "This command has been removed. Please use:\n\n    mise dev-scale          # or mise //:dev-scale from another directory\n\n" >&2 && exit 1
+	@trap 'make dev-down' EXIT; COMPOSE_BAKE=true docker compose -f ./docker/docker-compose.dev.yml up --build -V --scale immich-server=3 --remove-orphans
 
 dev-docs:
 	npm --prefix docs run start
 
 .PHONY: e2e
 e2e:
-	@printf "This command has been removed. Please use:\n\n    mise e2e          # or mise //:e2e from another directory\n\n" >&2 && exit 1
+	@trap 'make e2e-down' EXIT; COMPOSE_BAKE=true docker compose -f ./e2e/docker-compose.yml up --remove-orphans
 
 e2e-dev:
-	@printf "This command has been removed. Please use:\n\n    mise e2e-dev          # or mise //:e2e-dev from another directory\n\n" >&2 && exit 1
+	@trap 'make e2e-down' EXIT; COMPOSE_BAKE=true docker compose -f ./e2e/docker-compose.dev.yml up --remove-orphans
 
 e2e-update:
-	@printf "This command has been removed. Please use:\n\n    mise e2e-update          # or mise //:e2e-update from another directory\n\n" >&2 && exit 1
+	@trap 'make e2e-down' EXIT; COMPOSE_BAKE=true docker compose -f ./e2e/docker-compose.yml up --build -V --remove-orphans
 
 e2e-down:
-	@printf "This command has been removed. Please use:\n\n    mise e2e-down          # or mise //:e2e-down from another directory\n\n" >&2 && exit 1
+	docker compose -f ./e2e/docker-compose.yml down --remove-orphans
 
 prod:
-	@printf "This command has been removed. Please use:\n\n    mise prod          # or mise //:prod from another directory\n\n" >&2 && exit 1
+	@trap 'make prod-down' EXIT; COMPOSE_BAKE=true docker compose -f ./docker/docker-compose.prod.yml up --build -V --remove-orphans
 
 prod-down:
-	@printf "This command has been removed. Please use:\n\n    mise prod-down          # or mise //:prod-down from another directory\n\n" >&2 && exit 1
+	docker compose -f ./docker/docker-compose.prod.yml down --remove-orphans
 
 prod-scale:
-	@printf "This command has been removed. Please use:\n\n    mise prod-scale          # or mise //:prod-scale from another directory\n\n" >&2 && exit 1
+	@trap 'make prod-down' EXIT; COMPOSE_BAKE=true docker compose -f ./docker/docker-compose.prod.yml up --build -V --scale immich-server=3 --scale immich-microservices=3 --remove-orphans
 
 .PHONY: open-api
 open-api:
-	@printf "This command has been removed. Please use:\n\n    mise open-api          # or mise //:open-api from another directory\n\n" >&2 && exit 1
+	@printf "This command has been removed. Please use:\n\n    mise open-api          # or mise //:open-api from another directory\n\n"\n\n >&2 && exit 1
 
 sql:
-	@printf "This command has been removed. Please use:\n\n    mise sql               # or mise //:sql from another directory\n\n" >&2 && exit 1
+	@printf "This command has been removed. Please use:\n\n    mise sql               # or mise //:sql from another directory\n\n"\n\n >&2 && exit 1
 
 
 renovate:
@@ -52,7 +52,16 @@ renovate:
 MODULES = e2e server web cli sdk docs .github
 
 test-e2e:
-	@printf "This command has been removed. Please use:\n\n    mise //e2e:test               # or mise //e2e:test-web for web tests, respectively\n\n" >&2 && exit 1
+	docker compose -f ./e2e/docker-compose.yml build
+	pnpm --filter immich-e2e run test
+	pnpm --filter immich-e2e run test:web
 
 clean:
-	@printf "This command has been removed. Please use:\n\n    mise clean               # or mise //:clean from another directory\n\n" >&2 && exit 1
+	find . -name "node_modules" -type d -prune -exec rm -rf {} +
+	find . -name "dist" -type d -prune -exec rm -rf '{}' +
+	find . -name "build" -type d -prune -exec rm -rf '{}' +
+	find . -name ".svelte-kit" -type d -prune -exec rm -rf '{}' +
+	find . -name "coverage" -type d -prune -exec rm -rf '{}' +
+	find . -name ".pnpm-store" -type d -prune -exec rm -rf '{}' +
+	command -v docker >/dev/null 2>&1 && docker compose -f ./docker/docker-compose.dev.yml down -v --remove-orphans || true
+	command -v docker >/dev/null 2>&1 && docker compose -f ./e2e/docker-compose.yml down -v --remove-orphans || true

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security issues to `security@immich.app`

deployment/mise.lock

@@ -1,65 +0,0 @@
-# @generated - this file is auto-generated by `mise lock` https://mise.en.dev/dev-tools/mise-lock.html
-
-[[tools.opentofu]]
-version = "1.11.6"
-backend = "aqua:opentofu/opentofu"
-
-[tools.opentofu."platforms.linux-arm64"]
-checksum = "sha256:d4f2ab15776925864b049bb329d69682851de6f5204f256e9fa86d07a0308850"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_arm64.tar.gz"
-
-[tools.opentofu."platforms.linux-arm64-musl"]
-checksum = "sha256:d4f2ab15776925864b049bb329d69682851de6f5204f256e9fa86d07a0308850"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_arm64.tar.gz"
-
-[tools.opentofu."platforms.linux-x64"]
-checksum = "sha256:02800fafa2753a9f50c38483e2fdf5bc353fd62895eb9e25eec9a5145df3a69e"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_amd64.tar.gz"
-
-[tools.opentofu."platforms.linux-x64-musl"]
-checksum = "sha256:02800fafa2753a9f50c38483e2fdf5bc353fd62895eb9e25eec9a5145df3a69e"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_amd64.tar.gz"
-
-[tools.opentofu."platforms.macos-arm64"]
-checksum = "sha256:62d7fa8539e13b444827aa0a3b90c5972da5c47e8f8882d9dcf2e430e78840c1"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_darwin_arm64.tar.gz"
-
-[tools.opentofu."platforms.macos-x64"]
-checksum = "sha256:1408cdef1c380f914565e6b4bb70794c6b163f195fcb233357f3d6c5745906b6"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_darwin_amd64.tar.gz"
-
-[tools.opentofu."platforms.windows-x64"]
-checksum = "sha256:27323f70c875b8251bfd7e61a4cffc3ebff4e56ed1e611b955016f0c7077367e"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_windows_amd64.tar.gz"
-
-[[tools.terragrunt]]
-version = "1.0.3"
-backend = "aqua:gruntwork-io/terragrunt"
-
-[tools.terragrunt."platforms.linux-arm64"]
-checksum = "sha256:e5b60ab05b5214db694e6bc215d8124fb626e277cdb56b86f6147ae110d510fe"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_arm64.tar.gz"
-
-[tools.terragrunt."platforms.linux-arm64-musl"]
-checksum = "sha256:e5b60ab05b5214db694e6bc215d8124fb626e277cdb56b86f6147ae110d510fe"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_arm64.tar.gz"
-
-[tools.terragrunt."platforms.linux-x64"]
-checksum = "sha256:6d48049baf82e0bf9c804368dc85cbfeadc10955e33777e9e8de3e020b94b073"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_amd64.tar.gz"
-
-[tools.terragrunt."platforms.linux-x64-musl"]
-checksum = "sha256:6d48049baf82e0bf9c804368dc85cbfeadc10955e33777e9e8de3e020b94b073"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_amd64.tar.gz"
-
-[tools.terragrunt."platforms.macos-arm64"]
-checksum = "sha256:aacb5be2ca5475300cbce246dfbd8a45eb47510fbaa70fab8561c49ef5db03aa"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_darwin_arm64.tar.gz"
-
-[tools.terragrunt."platforms.macos-x64"]
-checksum = "sha256:3133c2251e191aede8e3dd2a5b3aee2e91c5f08f88f117aee40eed9a24c8ef6b"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_darwin_amd64.tar.gz"
-
-[tools.terragrunt."platforms.windows-x64"]
-checksum = "sha256:183b2745b4e04980a6bfa4450ff81956a12596ca22d70f7aaa793980f5b036db"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_windows_amd64.exe.tar.gz"

docker/docker-compose.dev.yml

@@ -21,7 +21,7 @@ services:
     volumes:
       - ..:/usr/src/app
       # - ../../ui:/usr/src/ui
-      - build_cache:/buildcache
+      - pnpm_cache:/buildcache/pnpm_cache
       - server_node_modules:/usr/src/app/server/node_modules
       - web_node_modules:/usr/src/app/web/node_modules
       - github_node_modules:/usr/src/app/.github/node_modules
@@ -45,11 +45,11 @@ services:
       target: dev
     command:
       - |
-        mise install
+        pnpm install
         touch /tmp/init-complete
         exec tail -f /dev/null
     volumes:
-      - build_cache:/buildcache
+      - pnpm_store_server:/buildcache/pnpm-store
     restart: 'no'
     healthcheck:
       test: ['CMD', 'test', '-f', '/tmp/init-complete']
@@ -73,6 +73,7 @@ services:
     volumes:
       - ${UPLOAD_LOCATION}/photos:/data
       - /etc/localtime:/etc/localtime:ro
+      - pnpm_store_server:/buildcache/pnpm-store
       - ../packages/plugin-core:/build/plugins/immich-plugin-core
     env_file:
       - .env
@@ -121,6 +122,8 @@ services:
     ports:
       - 3000:3000
       - 24678:24678
+    volumes:
+      - pnpm_store_web:/buildcache/pnpm-store
     restart: unless-stopped
     depends_on:
       immich-init:
@@ -154,7 +157,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:4963247afc4cd33c7d3b2d2816b9f7f8eeebab148d29056c2ca4d7cbc966f2d9
+    image: docker.io/valkey/valkey:9@sha256:8436e10bc65c94886a91d4415b6a6dfa9cb5a306fb3b996e5bb67cd2b4854193
     healthcheck:
       test: redis-cli ping || exit 1
 
@@ -200,7 +203,9 @@ volumes:
   model_cache:
   prometheus_data:
   grafana_data:
-  build_cache:
+  pnpm_cache:
+  pnpm_store_server:
+  pnpm_store_web:
   server_node_modules:
   web_node_modules:
   github_node_modules:

docker/docker-compose.prod.yml

@@ -56,7 +56,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:4963247afc4cd33c7d3b2d2816b9f7f8eeebab148d29056c2ca4d7cbc966f2d9
+    image: docker.io/valkey/valkey:9@sha256:8436e10bc65c94886a91d4415b6a6dfa9cb5a306fb3b996e5bb67cd2b4854193
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
@@ -85,7 +85,7 @@ services:
     container_name: immich_prometheus
     ports:
       - 9090:9090
-    image: prom/prometheus@sha256:69f5241418838263316593f7274a304b095c40bcf22e57272865da91bd60a8ac
+    image: prom/prometheus@sha256:e4254400b85610324913f0dc4acf92603d9984e7519414c5a12811aa6146acc3
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus-data:/prometheus
@@ -97,7 +97,7 @@ services:
     command: ['./run.sh', '-disable-reporting']
     ports:
       - 3000:3000
-    image: grafana/grafana:12.4.4-ubuntu@sha256:df2e7ef5f32f771794cf76bad5f2bceac227036460a2cc269a9045e5662abc58
+    image: grafana/grafana:12.4.3-ubuntu@sha256:ca3f764fdc48cebdf22dd206f33ecb0795a9a7210eacd1b5c02204aebd78b223
     volumes:
       - grafana-data:/var/lib/grafana
 

docker/docker-compose.rootless.yml

@@ -61,7 +61,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:4963247afc4cd33c7d3b2d2816b9f7f8eeebab148d29056c2ca4d7cbc966f2d9
+    image: docker.io/valkey/valkey:9@sha256:8436e10bc65c94886a91d4415b6a6dfa9cb5a306fb3b996e5bb67cd2b4854193
     user: '1000:1000'
     security_opt:
       - no-new-privileges:true

docker/docker-compose.yml

@@ -49,7 +49,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:4963247afc4cd33c7d3b2d2816b9f7f8eeebab148d29056c2ca4d7cbc966f2d9
+    image: docker.io/valkey/valkey:9@sha256:8436e10bc65c94886a91d4415b6a6dfa9cb5a306fb3b996e5bb67cd2b4854193
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always

docs/docs/FAQ.mdx

@@ -26,8 +26,6 @@ For organizations seeking to resell Immich, we have established the following gu
 
 When in doubt or if you have an edge case scenario, we encourage you to contact us directly via email to discuss the use of our trademark. We can provide clear guidance on what is acceptable and what is not. You can reach out at: questions@immich.app
 
----
-
 ## User
 
 ### How can I reset the admin password?
@@ -38,10 +36,6 @@ The admin password can be reset by running the [reset-admin-password](/administr
 
 You can see the list of all users by running [list-users](/administration/server-commands.md) Command on the Immich-server.
 
-### How can I change my profile picture?
-
-View a single photo, press the three dots in the top-right to show context menu, and select "Set as profile picture". In the pop-up, use your mouse scroll wheel to zoom in the picture until it completely fills the circle. Click and drag the picture to align it to your liking. Press "Save" to save your changes.
-
 ---
 
 ## Mobile App

docs/docs/administration/postgres-standalone.md

@@ -17,7 +17,7 @@ running `apt install postgresql-NN-pgvector`, where `NN` is your Postgres versio
 You must install VectorChord into your instance of Postgres using their [instructions][vchord-install]. After installation, add `shared_preload_libraries = 'vchord.so'` to your `postgresql.conf`. If you already have some `shared_preload_libraries` set, you can separate each extension with a comma. For example, `shared_preload_libraries = 'pg_stat_statements, vchord.so'`.
 
 :::note Supported versions
-Immich is known to work with Postgres versions `>= 14, < 20`.
+Immich is known to work with Postgres versions `>= 14, < 19`.
 
 VectorChord is known to work with pgvector versions `>= 0.7, < 0.9`.
 
@@ -144,7 +144,7 @@ ALTER TABLE face_search ALTER COLUMN embedding SET DATA TYPE vector(512);
 
 <details>
 <summary>Migration steps</summary>
-1. Ensure you have at least `0.7.0` of pgvector installed. If it is below that, please upgrade it and run the SQL command `ALTER EXTENSION vector UPDATE;` using psql or your choice of database client
+1. Ensure you have at least 0.7.0 of pgvector installed. If it is below that, please upgrade it and run the SQL command `ALTER EXTENSION vector UPDATE;` using psql or your choice of database client
 2. Follow the Prerequisites to install VectorChord
 3. If Immich does not have superuser permissions, run the SQL command `CREATE EXTENSION vchord CASCADE;`
 4. Remove the `DB_VECTOR_EXTENSION=pgvector` environmental variable as it will make Immich still use pgvector if set

docs/docs/administration/reverse-proxy.md

@@ -112,7 +112,7 @@ services:
       traefik.enable: true
       # increase readingTimeouts for the entrypoint used here
       traefik.http.routers.immich.entrypoints: websecure
-      traefik.http.routers.immich.rule: Host(`immich.example.com`)
+      traefik.http.routers.immich.rule: Host(`immich.your-domain.com`)
       traefik.http.services.immich.loadbalancer.server.port: 2283
 ```
 

docs/docs/administration/server-commands.md

@@ -90,7 +90,7 @@ immich-admin list-users
 [
   {
     id: 'e65e6f88-2a30-4dbe-8dd9-1885f4889b53',
-    email: 'immich@example.com',
+    email: 'immich@example.com.com',
     name: 'Immich Admin',
     storageLabel: 'admin',
     externalPath: null,

docs/docs/api.md

@@ -7,7 +7,7 @@ Immich uses the [OpenAPI](https://swagger.io/specification/) standard to generat
 OpenAPI is used to generate the client (Typescript, Dart) SDK. `openapi-generator-cli` can be installed [here](https://openapi-generator.tech/docs/installation/). The generated SDK is based on the `immich-openapi-specs.json` file, which is autogenerated by the server **when running in development mode**. The `immich-openapi-specs.json` file can be modified with `@nestjs/swagger` decorators used or referenced by controller endpoints. See the [NestJS OpenAPI docs](https://docs.nestjs.com/openapi/types-and-parameters) for more info. When you add a new endpoint or modify an existing one, you must run the server in development mode and run the command below to update the client SDK.
 
 ```bash
-mise open-api
+make open-api
 ```
 
 You can find the generated client SDK in the `packages/sdk/client` for Typescript SDK and `mobile/openapi` for Dart SDK.

docs/docs/developer/database-migrations.md

@@ -5,7 +5,7 @@ After making any changes in the `server/src/schema`, a database migration need t
 1. Run the command
 
 ```bash
-mise //server:migrations generate <migration-name>
+pnpm run migrations:generate <migration-name>
 ```
 
 2. Check if the migration file makes sense.
@@ -18,7 +18,7 @@ The server will automatically detect `*.ts` file changes and restart. Part of th
 If you need to undo the most recently applied migration—for example, when developing or testing on schema changes—run:
 
 ```bash
-mise //server:migrations revert
+pnpm run migrations:revert
 ```
 
 This command rolls back the latest migration and brings the database schema back to its previous state.

docs/docs/developer/devcontainers.md

@@ -218,7 +218,7 @@ When the Dev Container starts, it automatically:
    - Debug ports: 9230 (workers), 9231 (API)
 
 :::info
-The Dev Container setup replaces the `mise dev` command from the traditional setup. All services start automatically when you open the container.
+The Dev Container setup replaces the `make dev` command from the traditional setup. All services start automatically when you open the container.
 :::
 
 ### Accessing Services
@@ -252,33 +252,44 @@ To connect the mobile app to your Dev Container:
 
 The Dev Container supports multiple ways to run tests:
 
+#### Using Mise Commands (Recommended)
+
 ```bash
-# Server
-mise //server:test          # unit tests
-mise //server:test-medium   # medium / integration tests
-
-# Web
-mise //web:test             # unit tests
-
-# E2E
-mise //e2e:test             # API tests
-mise //e2e:test-web         # web UI tests (Playwright)
-
-# Run all checks for a component
-mise //server:checklist
-mise //web:checklist
+# Run tests for specific components
+mise run checklist      # in `server/`, `web/`, `packages/cli`
 ```
 
-### Additional Commands
+#### Using PNPM Directly
+
+```bash
+# Server tests
+cd /workspaces/immich/server
+pnpm test               # Run all tests
+pnpm run test:medium    # Medium tests (integration tests)
+pnpm run test:watch     # Watch mode
+pnpm run test:cov       # Coverage report
+
+# Web tests
+cd /workspaces/immich/web
+pnpm test               # Run all tests
+pnpm run test:watch     # Watch mode
+
+# E2E tests
+cd /workspaces/immich/e2e
+pnpm run test           # Run API tests
+pnpm run test:web       # Run web UI tests
+```
+
+### Additional Make Commands
 
 ```bash
 # API generation
-mise //:open-api             # Generate OpenAPI specs
-mise //:open-api-typescript  # Generate TypeScript SDK
-mise //:open-api-dart        # Generate Dart SDK
+make open-api           # Generate OpenAPI specs
+make open-api-typescript # Generate TypeScript SDK
+make open-api-dart      # Generate Dart SDK
 
 # Database
-mise //server:sql            # Sync database schema
+mise sql                # Sync database schema
 ```
 
 ### Debugging

docs/docs/developer/pr-checklist.md

@@ -2,48 +2,40 @@
 
 A minimal devcontainer is supplied with this repository. All commands can be executed directly inside this container to avoid tedious installation of the environment.
 :::warning
-The provided devcontainer isn't complete at the moment. At least all dockerized steps in the Makefile won't work (`mise dev`, ....). Feel free to contribute!
+The provided devcontainer isn't complete at the moment. At least all dockerized steps in the Makefile won't work (`make dev`, ....). Feel free to contribute!
 :::
 When contributing code through a pull request, please check the following:
 
 ## Web Checks
 
-- [ ] `mise //web:lint` (linting via ESLint)
-- [ ] `mise //web:format` (formatting via Prettier)
-- [ ] `mise //web:check-svelte` (type checking via SvelteKit)
-- [ ] `mise //web:check-typescript` (type checking via `tsc`)
-- [ ] `mise //web:test` (unit tests)
+- [ ] `pnpm run lint` (linting via ESLint)
+- [ ] `pnpm run format` (formatting via Prettier)
+- [ ] `pnpm run check:svelte` (Type checking via SvelteKit)
+- [ ] `pnpm run check:typescript` (check typescript)
+- [ ] `pnpm test` (unit tests)
 
 :::tip AIO
-Run all web checks with `mise //web:checklist`
-:::
-
-:::tip Auto Fix
-Use `mise //web:lint-fix` and `mise //web:format-fix` to automatically correct some issues.
+Run all web checks with `pnpm run check:all`
 :::
 
 ## Documentation
 
-- [ ] `mise //docs:format` (formatting via Prettier)
+- [ ] `pnpm run format` (formatting via Prettier)
 - [ ] Update the `_redirects` file if you have renamed a page or removed it from the documentation.
 
-:::tip Auto Fix
-Use `mise //docs:format-fix` to automatically fix formatting.
-:::
-
 ## Server Checks
 
-- [ ] `mise //server:lint` (linting via ESLint)
-- [ ] `mise //server:format` (formatting via Prettier)
-- [ ] `mise //server:check` (type checking via `tsc`)
-- [ ] `mise //server:test` (unit tests)
+- [ ] `pnpm run lint` (linting via ESLint)
+- [ ] `pnpm run format` (formatting via Prettier)
+- [ ] `pnpm run check` (Type checking via `tsc`)
+- [ ] `pnpm test` (unit tests)
 
 :::tip AIO
-Run all server checks with `mise //server:checklist`
+Run all server checks with `pnpm run check:all`
 :::
 
 :::tip Auto Fix
-Use `mise //server:lint-fix` and `mise //server:format-fix` to automatically correct some issues.
+You can use `pnpm run __:fix` to potentially correct some issues automatically for `pnpm run format` and `lint`.
 :::
 
 ## Mobile Checklist
@@ -61,17 +53,6 @@ Run all these commands at once with `mise //mobile:checklist`
 You can use `mise //mobile:lint-fix` to potentially correct some issues automatically for `mise //mobile:lint`.
 :::
 
-## Machine Learning Checklist
-
-- [ ] `mise //machine-learning:lint` (linting via ruff)
-- [ ] `mise //machine-learning:format` (formatting via ruff)
-- [ ] `mise //machine-learning:check` (type checking via mypy)
-- [ ] `mise //machine-learning:test` (unit tests via pytest)
-
-:::tip AIO
-Run all machine learning checks with `mise //machine-learning:checklist`
-:::
-
 ## OpenAPI
 
 The OpenAPI client libraries need to be regenerated whenever there are changes to the `immich-openapi-specs.json` file. Note that you should not modify this file directly as it is auto-generated. See [OpenAPI](/api.md) for more details.

docs/docs/developer/setup.md

@@ -32,10 +32,6 @@ This environment includes the services below. Additional details are available i
 
 All the services are packaged to run as with single Docker Compose command.
 
-:::tip mise
-[mise](https://mise.jdx.dev) is used throughout the project to manage tool versions and run tasks. [Install mise](https://mise.jdx.dev/installing-mise.html), then from the repo root run `mise trust` and `mise install` to get all required tools. Tasks for each service can be run from the repo root using `mise //namespace:task` (e.g. `mise //server:lint`). To list all available tasks, run `mise tasks ls --all`.
-:::
-
 ### Server and web apps
 
 1. Clone the project repo.
@@ -45,7 +41,7 @@ All the services are packaged to run as with single Docker Compose command.
 5. From the root directory, run:
 
 ```bash title="Start development server"
-mise dev
+make dev # required Makefile installed on the system.
 ```
 
 5. Access the dev instance in your browser at http://localhost:3000, or connect via the mobile app.
@@ -60,23 +56,22 @@ You can access the web from `http://your-machine-ip:3000` or `http://localhost:3
 
 #### Connect web to a remote backend
 
-If you only want to do web development connected to an existing, remote backend, run from the repo root:
+If you only want to do web development connected to an existing, remote backend, follow these steps:
+
+1. Build the Immich SDK - `pnpm --filter @immich/sdk install && pnpm --filter @immich/sdk build`
+2. Enter the web directory - `cd web/`
+3. Install web dependencies - `pnpm i`
+4. Start the web development server
 
 ```bash
-IMMICH_SERVER_URL=https://demo.immich.app/ mise //web:start
-```
-
-This will install all dependencies (including the SDK) and start the dev server in one step. To connect to the hosted demo server specifically, use the shorthand:
-
-```bash
-mise //web:start-demo
+IMMICH_SERVER_URL=https://demo.immich.app/ pnpm run dev
 ```
 
 If you're using PowerShell on Windows you may need to set the env var separately like so:
 
 ```powershell
 $env:IMMICH_SERVER_URL = "https://demo.immich.app/"
-mise //web:start
+pnpm run dev
 ```
 
 #### `@immich/ui`
@@ -88,45 +83,31 @@ To see local changes to `@immich/ui` in Immich, do the following:
 3. Uncomment the corresponding volume in web service of the `docker/docker-compose.dev.yml` file (`../../ui:/usr/src/ui`)
 4. Uncomment the corresponding alias in the `web/vite.config.ts` file (`'@immich/ui': path.resolve(\_\_dirname, '../../ui/packages/ui')`)
 5. Uncomment the import statement in `web/src/app.css` file `@import '../../../ui/packages/ui/dist/theme/default.css';` and comment out `@import '@immich/ui/theme/default.css';`
-6. Start up the stack via `mise dev`
+6. Start up the stack via `make dev`
 7. After making changes in `@immich/ui`, rebuild it (`pnpm run build`)
 
 ### Mobile app
 
 #### Setup
 
-1. Run `mise //mobile:install` to install Flutter dependencies.
-2. Run `mise //mobile:translation` to generate the translation file.
-3. Change to the `mobile/` directory and run `flutter run` to start the app.
+1. [Install mise](https://mise.jdx.dev/installing-mise.html).
+2. Change to the immich (root) directory and trust the mise config with `mise trust`.
+3. Install tools with mise: `mise install`.
+4. Change to the `mobile/` directory.
+5. Run `flutter pub get` to install the dependencies.
+6. Run `make translation` to generate the translation file.
+7. Run `flutter run` to start the app.
 
 #### Translation
 
-To add a new translation text, enter the key-value pair in the `i18n/en.json` in the root of the immich project. Then run:
+To add a new translation text, enter the key-value pair in the `i18n/en.json` in the root of the immich project. Then, from the `mobile/` directory, run
 
 ```bash
-mise //mobile:translation
+make translation
 ```
 
 The mobile app asks you what backend to connect to. You can utilize the demo backend (https://demo.immich.app/) if you don't need to change server code or upload photos. Alternatively, you can run the server yourself per the instructions above.
 
-#### UI components and widget previews
-
-Shared design-system widgets (buttons, inputs, forms) live in the
-[`immich_ui` package](https://github.com/immich-app/immich/tree/main/mobile/packages/ui/)
-under `mobile/packages/ui/`. Components are defined in `lib/src/components/`
-and have matching previews in `lib/src/previews/`.
-
-To inspect a component in isolation with a light/dark toggle and hot reload,
-launch [Flutter's Widget Previewer](https://docs.flutter.dev/tools/widget-previewer):
-
-```bash
-cd mobile/packages/ui
-flutter widget-preview start
-```
-
-In VS Code or Android Studio with the Flutter plugin, the previewer
-auto-starts when you open the **Flutter Widget Preview** tab in the sidebar.
-
 ## IDE setup
 
 ### Lint / format extensions

docs/docs/developer/testing.md

@@ -4,20 +4,21 @@
 
 ### Unit tests
 
-Unit tests are run with `mise //server:test`.
-You need to run `mise //server:install` before _once_.
+Unit are run by calling `pnpm run test` from the `server/` directory.
+You need to run `pnpm install` (in `server/`) before _once_.
 
 ### End to end tests
 
 The e2e tests can be run by first starting up a test production environment via:
 
 ```bash
-mise e2e
+make e2e
 ```
 
 Before you can run the tests, you need to run the following commands _once_:
 
-- `mise //e2e:ci-setup` (installs e2e, SDK, and CLI dependencies)
+- `pnpm install`
+- `pnpm --filter @immich/sdk --filter @immich/cli build`
 - `mise //:open-api`
 
 Once the test environment is running, the e2e tests can be run via:

docs/docs/guides/database-gui.md

@@ -17,7 +17,7 @@ services:
     ports:
       - "8888:80"
     environment:
-      PGADMIN_DEFAULT_EMAIL: admin@example.com
+      PGADMIN_DEFAULT_EMAIL: user-name@domain-name.com
       PGADMIN_DEFAULT_PASSWORD: strong-password
     volumes:
       - pgadmin-data:/var/lib/pgadmin

docs/docs/install/environment-variables.md

@@ -154,33 +154,33 @@ Redis (Sentinel) URL example JSON before encoding:
 
 ## Machine Learning
 
-| Variable                                                    | Description                                                                                                                                                  |           Default            | Containers       |
-| :---------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------- | :--------------------------: | :--------------- |
-| `MACHINE_LEARNING_MODEL_TTL`                                | Inactivity time (s) before a model is unloaded (disabled if \<= 0)                                                                                           |            `300`             | machine learning |
-| `MACHINE_LEARNING_MODEL_TTL_POLL_S`                         | Interval (s) between checks for the model TTL (disabled if \<= 0)                                                                                            |             `10`             | machine learning |
-| `MACHINE_LEARNING_CACHE_FOLDER`                             | Directory where models are downloaded                                                                                                                        |           `/cache`           | machine learning |
-| `MACHINE_LEARNING_REQUEST_THREADS`<sup>\*1</sup>            | Thread count of the request thread pool (disabled if \<= 0)                                                                                                  |     number of CPU cores      | machine learning |
-| `MACHINE_LEARNING_MODEL_INTER_OP_THREADS`                   | Number of parallel model operations                                                                                                                          |             `1`              | machine learning |
-| `MACHINE_LEARNING_MODEL_INTRA_OP_THREADS`                   | Number of threads for each model operation                                                                                                                   |             `2`              | machine learning |
-| `MACHINE_LEARNING_WORKERS`<sup>\*2</sup>                    | Number of worker processes to spawn                                                                                                                          |             `1`              | machine learning |
-| `MACHINE_LEARNING_HTTP_KEEPALIVE_TIMEOUT_S`<sup>\*3</sup>   | HTTP Keep-alive time in seconds                                                                                                                              |             `2`              | machine learning |
-| `MACHINE_LEARNING_WORKER_TIMEOUT`                           | Maximum time (s) of unresponsiveness before a worker is killed                                                                                               | `300` (`900` if using ROCm)  | machine learning |
-| `MACHINE_LEARNING_PRELOAD__CLIP__TEXTUAL`                   | Comma-separated list of (textual) CLIP model(s) to preload and cache                                                                                         |                              | machine learning |
-| `MACHINE_LEARNING_PRELOAD__CLIP__VISUAL`                    | Comma-separated list of (visual) CLIP model(s) to preload and cache                                                                                          |                              | machine learning |
-| `MACHINE_LEARNING_PRELOAD__FACIAL_RECOGNITION__RECOGNITION` | Comma-separated list of (recognition) facial recognition model(s) to preload and cache                                                                       |                              | machine learning |
-| `MACHINE_LEARNING_PRELOAD__FACIAL_RECOGNITION__DETECTION`   | Comma-separated list of (detection) facial recognition model(s) to preload and cache                                                                         |                              | machine learning |
-| `MACHINE_LEARNING_PRELOAD__OCR__RECOGNITION`                | Comma-separated list of (recognition) OCR model(s) to preload and cache                                                                                      |                              | machine learning |
-| `MACHINE_LEARNING_PRELOAD__OCR__DETECTION`                  | Comma-separated list of (detection) OCR model(s) to preload and cache                                                                                        |                              | machine learning |
-| `MACHINE_LEARNING_ANN`                                      | Enable ARM-NN hardware acceleration if supported                                                                                                             |            `True`            | machine learning |
-| `MACHINE_LEARNING_ANN_FP16_TURBO`                           | Execute operations in FP16 precision: increasing speed, reducing precision (applies only to ARM-NN)                                                          |           `False`            | machine learning |
-| `MACHINE_LEARNING_ANN_TUNING_LEVEL`                         | ARM-NN GPU tuning level (1: rapid, 2: normal, 3: exhaustive)                                                                                                 |             `2`              | machine learning |
-| `MACHINE_LEARNING_DEVICE_IDS`<sup>\*4</sup>                 | Device IDs to use in multi-GPU environments                                                                                                                  |             `0`              | machine learning |
-| `MACHINE_LEARNING_MAX_BATCH_SIZE__FACIAL_RECOGNITION`       | Set the maximum number of faces that will be processed at once by the facial recognition model                                                               | None (`1` if using OpenVINO) | machine learning |
-| `MACHINE_LEARNING_MAX_BATCH_SIZE__OCR`                      | Set the maximum number of boxes that will be processed at once by the OCR model                                                                              |             `6`              | machine learning |
-| `MACHINE_LEARNING_RKNN`                                     | Enable RKNN hardware acceleration if supported                                                                                                               |            `True`            | machine learning |
-| `MACHINE_LEARNING_RKNN_THREADS`                             | How many threads of RKNN runtime should be spun up while inferencing.                                                                                        |             `1`              | machine learning |
-| `MACHINE_LEARNING_MODEL_ARENA`                              | Pre-allocates CPU memory to avoid memory fragmentation                                                                                                       |             true             | machine learning |
-| `MACHINE_LEARNING_OPENVINO_PRECISION`                       | If set to FP16, uses half-precision floating-point operations for faster inference with reduced accuracy (one of [`FP16`, `FP32`], applies only to OpenVINO) |            `FP32`            | machine learning |
+| Variable                                                    | Description                                                                                                                                                  |             Default             | Containers       |
+| :---------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------- | :-----------------------------: | :--------------- |
+| `MACHINE_LEARNING_MODEL_TTL`                                | Inactivity time (s) before a model is unloaded (disabled if \<= 0)                                                                                           |              `300`              | machine learning |
+| `MACHINE_LEARNING_MODEL_TTL_POLL_S`                         | Interval (s) between checks for the model TTL (disabled if \<= 0)                                                                                            |              `10`               | machine learning |
+| `MACHINE_LEARNING_CACHE_FOLDER`                             | Directory where models are downloaded                                                                                                                        |            `/cache`             | machine learning |
+| `MACHINE_LEARNING_REQUEST_THREADS`<sup>\*1</sup>            | Thread count of the request thread pool (disabled if \<= 0)                                                                                                  |       number of CPU cores       | machine learning |
+| `MACHINE_LEARNING_MODEL_INTER_OP_THREADS`                   | Number of parallel model operations                                                                                                                          |               `1`               | machine learning |
+| `MACHINE_LEARNING_MODEL_INTRA_OP_THREADS`                   | Number of threads for each model operation                                                                                                                   |               `2`               | machine learning |
+| `MACHINE_LEARNING_WORKERS`<sup>\*2</sup>                    | Number of worker processes to spawn                                                                                                                          |               `1`               | machine learning |
+| `MACHINE_LEARNING_HTTP_KEEPALIVE_TIMEOUT_S`<sup>\*3</sup>   | HTTP Keep-alive time in seconds                                                                                                                              |               `2`               | machine learning |
+| `MACHINE_LEARNING_WORKER_TIMEOUT`                           | Maximum time (s) of unresponsiveness before a worker is killed                                                                                               | `120` (`300` if using OpenVINO) | machine learning |
+| `MACHINE_LEARNING_PRELOAD__CLIP__TEXTUAL`                   | Comma-separated list of (textual) CLIP model(s) to preload and cache                                                                                         |                                 | machine learning |
+| `MACHINE_LEARNING_PRELOAD__CLIP__VISUAL`                    | Comma-separated list of (visual) CLIP model(s) to preload and cache                                                                                          |                                 | machine learning |
+| `MACHINE_LEARNING_PRELOAD__FACIAL_RECOGNITION__RECOGNITION` | Comma-separated list of (recognition) facial recognition model(s) to preload and cache                                                                       |                                 | machine learning |
+| `MACHINE_LEARNING_PRELOAD__FACIAL_RECOGNITION__DETECTION`   | Comma-separated list of (detection) facial recognition model(s) to preload and cache                                                                         |                                 | machine learning |
+| `MACHINE_LEARNING_PRELOAD__OCR__RECOGNITION`                | Comma-separated list of (recognition) OCR model(s) to preload and cache                                                                                      |                                 | machine learning |
+| `MACHINE_LEARNING_PRELOAD__OCR__DETECTION`                  | Comma-separated list of (detection) OCR model(s) to preload and cache                                                                                        |                                 | machine learning |
+| `MACHINE_LEARNING_ANN`                                      | Enable ARM-NN hardware acceleration if supported                                                                                                             |             `True`              | machine learning |
+| `MACHINE_LEARNING_ANN_FP16_TURBO`                           | Execute operations in FP16 precision: increasing speed, reducing precision (applies only to ARM-NN)                                                          |             `False`             | machine learning |
+| `MACHINE_LEARNING_ANN_TUNING_LEVEL`                         | ARM-NN GPU tuning level (1: rapid, 2: normal, 3: exhaustive)                                                                                                 |               `2`               | machine learning |
+| `MACHINE_LEARNING_DEVICE_IDS`<sup>\*4</sup>                 | Device IDs to use in multi-GPU environments                                                                                                                  |               `0`               | machine learning |
+| `MACHINE_LEARNING_MAX_BATCH_SIZE__FACIAL_RECOGNITION`       | Set the maximum number of faces that will be processed at once by the facial recognition model                                                               |  None (`1` if using OpenVINO)   | machine learning |
+| `MACHINE_LEARNING_MAX_BATCH_SIZE__OCR`                      | Set the maximum number of boxes that will be processed at once by the OCR model                                                                              |               `6`               | machine learning |
+| `MACHINE_LEARNING_RKNN`                                     | Enable RKNN hardware acceleration if supported                                                                                                               |             `True`              | machine learning |
+| `MACHINE_LEARNING_RKNN_THREADS`                             | How many threads of RKNN runtime should be spun up while inferencing.                                                                                        |               `1`               | machine learning |
+| `MACHINE_LEARNING_MODEL_ARENA`                              | Pre-allocates CPU memory to avoid memory fragmentation                                                                                                       |              true               | machine learning |
+| `MACHINE_LEARNING_OPENVINO_PRECISION`                       | If set to FP16, uses half-precision floating-point operations for faster inference with reduced accuracy (one of [`FP16`, `FP32`], applies only to OpenVINO) |             `FP32`              | machine learning |
 
 \*1: It is recommended to begin with this parameter when changing the concurrency levels of the machine learning service and then tune the other ones.
 

docs/docs/install/requirements.md

@@ -20,11 +20,9 @@ Hardware and software requirements for Immich:
 - **RAM**: Minimum 6GB, recommended 8GB.
 - **CPU**: Minimum 2 cores, recommended 4 cores.
   - Immich runs on the `amd64` and `arm64` platforms.
-    Since `v3`, the machine learning container on `amd64` requires the `>= x86-64-v2` [microarchitecture level](https://en.wikipedia.org/wiki/X86-64#Microarchitecture_levels).
+    Since `v2.6`, the machine learning container on `amd64` requires the `>= x86-64-v2` [microarchitecture level](https://en.wikipedia.org/wiki/X86-64#Microarchitecture_levels).
     Most CPUs released since ~2012 support this microarchitecture.
     If you are using a virtual machine, ensure you have selected a [supported microarchitecture](https://pve.proxmox.com/pve-docs/chapter-qm.html#_qemu_cpu_types).
-    If you are unable to support this instruction set, the last version to support `x86-64-v1` is `v2.7.5`.
-    Note that this release is no longer supported, and you must run a matching `immich-server` version.
 - **Storage**: Recommended Unix-compatible filesystem (EXT4, ZFS, APFS, etc.) with support for user/group ownership and permissions.
   - The generation of thumbnails and transcoded video can increase the size of the photo library by 10-20% on average.
 

docs/docusaurus.config.js

@@ -10,6 +10,7 @@ const config = {
   url: 'https://docs.immich.app',
   baseUrl: '/',
   onBrokenLinks: 'throw',
+  onBrokenMarkdownLinks: 'warn',
   favicon: 'img/favicon.png',
 
   // GitHub pages deployment config.
@@ -28,9 +29,6 @@ const config = {
   // Mermaid diagrams
   markdown: {
     mermaid: true,
-    hooks: {
-      onBrokenMarkdownLinks: 'warn',
-    },
   },
   themes: ['@docusaurus/theme-mermaid'],
 

docs/mise.lock

@@ -1,5 +0,0 @@
-# @generated - this file is auto-generated by `mise lock` https://mise.en.dev/dev-tools/mise-lock.html
-
-[[tools.wrangler]]
-version = "4.66.0"
-backend = "npm:wrangler"

docs/mise.toml

@@ -3,7 +3,7 @@ run = "pnpm install --filter documentation --frozen-lockfile"
 
 [tasks.start]
 env._.path = "./node_modules/.bin"
-run = "docusaurus start --port 3005"
+run = "docusaurus --port 3005"
 
 [tasks.build]
 env._.path = "./node_modules/.bin"
@@ -28,4 +28,4 @@ run = "prettier --write ."
 run = "wrangler pages deploy build --project-name=${PROJECT_NAME} --branch=${BRANCH_NAME}"
 
 [tools]
-wrangler = "4.98.0"
+wrangler = "4.66.0"

e2e/docker-compose.dev.yml

@@ -83,7 +83,9 @@ volumes:
   model_cache:
   prometheus_data:
   grafana_data:
-  build_cache:
+  pnpm_cache:
+  pnpm_store_server:
+  pnpm_store_web:
   server_node_modules:
   web_node_modules:
   github_node_modules:

e2e/docker-compose.yml

@@ -4,8 +4,7 @@ services:
   e2e-auth-server:
     container_name: immich-e2e-auth-server
     build:
-      context: ../
-      dockerfile: packages/e2e-auth-server/Dockerfile
+      context: ../packages/e2e-auth-server
     ports:
       - 2286:2286
 
@@ -45,7 +44,7 @@ services:
 
   redis:
     container_name: immich-e2e-redis
-    image: docker.io/valkey/valkey:9@sha256:4963247afc4cd33c7d3b2d2816b9f7f8eeebab148d29056c2ca4d7cbc966f2d9
+    image: docker.io/valkey/valkey:9@sha256:8436e10bc65c94886a91d4415b6a6dfa9cb5a306fb3b996e5bb67cd2b4854193
     healthcheck:
       test: redis-cli ping || exit 1
 

e2e/mise.toml

@@ -1,21 +1,11 @@
 [tasks.install]
 run = "pnpm install --filter immich-e2e --frozen-lockfile"
 
-[tasks.build]
-dir = "{{ config_root }}"
-run = "docker compose build"
-
 [tasks.test]
-depends = ["//e2e:build", "//e2e:ci-setup"]
 env._.path = "./node_modules/.bin"
 run = "vitest --run"
 
-[tasks.playwright-install]
-env._.path = "./node_modules/.bin"
-run = "playwright install"
-
 [tasks."test-web"]
-depends = ["//e2e:build", "//e2e:ci-setup", "//e2e:playwright-install"]
 env._.path = "./node_modules/.bin"
 run = "playwright test"
 
@@ -40,12 +30,7 @@ run = "tsc --noEmit"
 
 
 [tasks.ci-setup]
-depends = [
-  "//:sdk:install",
-  "//:sdk:build",
-  "//packages/cli:install",
-  "//packages/cli:build",
-]
+depends = ["//:sdk:install", "//:sdk:build", "//cli:install", "//cli:build"]
 run = { task = ":install" }
 
 

e2e/package.json

@@ -32,7 +32,7 @@
     "@playwright/test": "^1.44.1",
     "@socket.io/component-emitter": "^3.1.2",
     "@types/luxon": "^3.4.2",
-    "@types/node": "^24.12.4",
+    "@types/node": "^24.12.2",
     "@types/pg": "^8.15.1",
     "@types/pngjs": "^6.0.4",
     "@types/supertest": "^7.0.0",

e2e/src/specs/maintenance/server/maintenance.e2e-spec.ts

@@ -99,7 +99,7 @@ describe('/admin/maintenance', () => {
           },
           {
             interval: 500,
-            timeout: 60_000,
+            timeout: 10_000,
           },
         )
         .toBeTruthy();
@@ -190,7 +190,7 @@ describe('/admin/maintenance', () => {
           },
           {
             interval: 500,
-            timeout: 60_000,
+            timeout: 10_000,
           },
         )
         .toBeFalsy();

e2e/src/specs/server/api/album.e2e-spec.ts

@@ -504,14 +504,13 @@ describe('/albums', () => {
       });
     });
 
-    it('should deduplicate owner from albumUsers on create', async () => {
+    it('should not be able to share album with owner', async () => {
       const { status, body } = await request(app)
         .post('/albums')
         .send({ albumName: 'New album', albumUsers: [{ role: AlbumUserRole.Editor, userId: user1.userId }] })
         .set('Authorization', `Bearer ${user1.accessToken}`);
-      expect(status).toBe(201);
-      expect(body.albumUsers).toHaveLength(1);
-      expect(body.albumUsers[0]).toMatchObject({ role: AlbumUserRole.Owner, user: { id: user1.userId } });
+      expect(status).toBe(400);
+      expect(body).toEqual(errorDto.badRequest('Cannot share album with owner'));
     });
   });
 

e2e/src/specs/server/api/integrity.e2e-spec.ts

@@ -1,669 +0,0 @@
-import {
-  AssetMediaResponseDto,
-  IntegrityReportResponseDto,
-  LoginResponseDto,
-  ManualJobName,
-  QueueCommand,
-  QueueName,
-} from '@immich/sdk';
-import { readFile } from 'node:fs/promises';
-import { app, testAssetDir, utils } from 'src/utils';
-import request from 'supertest';
-import { afterEach, beforeAll, describe, expect, it } from 'vitest';
-
-const assetFilepath = `${testAssetDir}/metadata/gps-position/thompson-springs.jpg`;
-const asset1Filepath = `${testAssetDir}/albums/nature/el_torcal_rocks.jpg`;
-const asset2Filepath = `${testAssetDir}/albums/nature/wood_anemones.jpg`;
-
-describe('/admin/integrity', () => {
-  let admin: LoginResponseDto;
-  let asset: AssetMediaResponseDto;
-
-  let user1: LoginResponseDto;
-  let asset1: AssetMediaResponseDto;
-
-  let user2: LoginResponseDto;
-  let asset2: AssetMediaResponseDto;
-
-  beforeAll(async () => {
-    await utils.resetDatabase();
-    admin = await utils.adminSetup();
-
-    user1 = await utils.userSetup(admin.accessToken, {
-      email: '1@example.com',
-      name: '1',
-      password: '1',
-    });
-
-    user2 = await utils.userSetup(admin.accessToken, {
-      email: '2@example.com',
-      name: '2',
-      password: '2',
-    });
-
-    for (const queue of Object.values(QueueName)) {
-      if (queue === QueueName.IntegrityCheck) {
-        continue;
-      }
-
-      await utils.queueCommand(admin.accessToken, queue, {
-        command: QueueCommand.Pause,
-      });
-    }
-
-    asset = await utils.createAsset(admin.accessToken, {
-      assetData: {
-        filename: 'asset.jpg',
-        bytes: await readFile(assetFilepath),
-      },
-    });
-
-    asset1 = await utils.createAsset(user1.accessToken, {
-      assetData: {
-        filename: 'asset.jpg',
-        bytes: await readFile(asset1Filepath),
-      },
-    });
-
-    asset2 = await utils.createAsset(user2.accessToken, {
-      assetData: {
-        filename: 'asset.jpg',
-        bytes: await readFile(asset2Filepath),
-      },
-    });
-
-    await utils.mkFolder('/data/bak');
-    await utils.copyFolder(`/data/upload/${admin.userId}`, `/data/bak/${admin.userId}`);
-
-    for (const queue of Object.values(QueueName)) {
-      if (queue === QueueName.IntegrityCheck) {
-        continue;
-      }
-
-      await utils.queueCommand(admin.accessToken, queue, {
-        command: QueueCommand.Empty,
-      });
-
-      await utils.queueCommand(admin.accessToken, queue, {
-        command: QueueCommand.Resume,
-      });
-    }
-  });
-
-  afterEach(async () => {
-    await utils.deleteFolder(`/data/upload/${admin.userId}`);
-    await utils.copyFolder(`/data/bak/${admin.userId}`, `/data/upload/${admin.userId}`);
-  });
-
-  describe('POST /summary (& jobs)', async () => {
-    it.sequential('reports no issues', async () => {
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFiles,
-      });
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityChecksumMismatch,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFilesDeleteAll,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        missing_file: 0,
-        untracked_file: 0,
-        checksum_mismatch: 0,
-      });
-    });
-
-    it.sequential('should detect an untracked file (job: check untracked files)', async () => {
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked1.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          untracked_file: 1,
-        }),
-      );
-    });
-
-    it.sequential('should detect outdated untracked file reports (job: refresh untracked files)', async () => {
-      // these should not be detected:
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked2.png`);
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked3.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFilesRefresh,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          untracked_file: 0,
-        }),
-      );
-    });
-
-    it.sequential('should delete untracked files (job: delete all untracked file reports)', async () => {
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked1.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFilesDeleteAll,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          untracked_file: 0,
-        }),
-      );
-    });
-
-    it.sequential('should detect a missing file and not a checksum mismatch (job: check missing files)', async () => {
-      await utils.deleteFolder(`/data/upload/${admin.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          missing_file: 1,
-          checksum_mismatch: 0,
-        }),
-      );
-    });
-
-    it.sequential('should detect outdated missing file reports (job: refresh missing files)', async () => {
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFilesRefresh,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          missing_file: 0,
-          checksum_mismatch: 0,
-        }),
-      );
-    });
-
-    it.sequential('should delete assets with missing files (job: delete all missing file reports)', async () => {
-      await utils.deleteFolder(`/data/upload/${user1.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus, body: listBody } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus).toBe(200);
-      expect(listBody).toEqual(
-        expect.objectContaining({
-          missing_file: 1,
-        }),
-      );
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFilesDeleteAll,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          missing_file: 0,
-        }),
-      );
-
-      await expect(utils.getAssetInfo(user1.accessToken, asset1.id)).resolves.toEqual(
-        expect.objectContaining({
-          isTrashed: true,
-        }),
-      );
-    });
-
-    it.sequential('should detect a checksum mismatch (job: check file checksums)', async () => {
-      await utils.truncateFolder(`/data/upload/${admin.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityChecksumMismatch,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          checksum_mismatch: 1,
-        }),
-      );
-    });
-
-    it.sequential('should detect outdated checksum mismatch reports (job: refresh file checksums)', async () => {
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityChecksumMismatchRefresh,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/summary')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          checksum_mismatch: 0,
-        }),
-      );
-    });
-
-    it.sequential(
-      'should delete assets with mismatched checksum (job: delete all checksum mismatch reports)',
-      async () => {
-        await utils.truncateFolder(`/data/upload/${user2.userId}`);
-
-        await utils.createJob(admin.accessToken, {
-          name: ManualJobName.IntegrityChecksumMismatch,
-        });
-
-        await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-        const { status: listStatus, body: listBody } = await request(app)
-          .get('/admin/integrity/summary')
-          .set('Authorization', `Bearer ${admin.accessToken}`)
-          .send();
-
-        expect(listStatus).toBe(200);
-        expect(listBody).toEqual(
-          expect.objectContaining({
-            checksum_mismatch: 1,
-          }),
-        );
-
-        await utils.createJob(admin.accessToken, {
-          name: ManualJobName.IntegrityChecksumMismatchDeleteAll,
-        });
-
-        await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-        const { status, body } = await request(app)
-          .get('/admin/integrity/summary')
-          .set('Authorization', `Bearer ${admin.accessToken}`)
-          .send();
-
-        expect(status).toBe(200);
-        expect(body).toEqual(
-          expect.objectContaining({
-            checksum_mismatch: 0,
-          }),
-        );
-
-        await expect(utils.getAssetInfo(user2.accessToken, asset2.id)).resolves.toEqual(
-          expect.objectContaining({
-            isTrashed: true,
-          }),
-        );
-      },
-    );
-  });
-
-  describe('POST /report', async () => {
-    it.sequential('reports untracked files', async () => {
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked1.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/report?type=untracked_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        nextCursor: undefined,
-        items: expect.arrayContaining([
-          {
-            id: expect.any(String),
-            type: 'untracked_file',
-            path: `/data/upload/${admin.userId}/untracked1.png`,
-            assetId: null,
-            fileAssetId: null,
-            createdAt: expect.any(String),
-          },
-        ]),
-      });
-    });
-
-    it.sequential('reports missing files', async () => {
-      await utils.deleteFolder(`/data/upload/${admin.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/report?type=missing_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        nextCursor: undefined,
-        items: expect.arrayContaining([
-          {
-            id: expect.any(String),
-            type: 'missing_file',
-            path: expect.any(String),
-            assetId: asset.id,
-            fileAssetId: null,
-            createdAt: expect.any(String),
-          },
-        ]),
-      });
-    });
-
-    it.sequential('reports checksum mismatched files', async () => {
-      await utils.truncateFolder(`/data/upload/${admin.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityChecksumMismatch,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, body } = await request(app)
-        .get('/admin/integrity/report?type=checksum_mismatch')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        nextCursor: undefined,
-        items: expect.arrayContaining([
-          {
-            id: expect.any(String),
-            type: 'checksum_mismatch',
-            path: expect.any(String),
-            assetId: asset.id,
-            fileAssetId: null,
-            createdAt: expect.any(String),
-          },
-        ]),
-      });
-    });
-  });
-
-  describe('DELETE /report/:id', async () => {
-    it.sequential('delete untracked files', async () => {
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked1.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus, body: listBody } = await request(app)
-        .get('/admin/integrity/report?type=untracked_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus).toBe(200);
-
-      const report = (listBody as IntegrityReportResponseDto).items.find(
-        (item) => item.path === `/data/upload/${admin.userId}/untracked1.png`,
-      )!;
-
-      const { status } = await request(app)
-        .delete(`/admin/integrity/report/${report.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus2, body: listBody2 } = await request(app)
-        .get('/admin/integrity/report?type=untracked_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus2).toBe(200);
-      expect(listBody2).not.toBe(
-        expect.objectContaining({
-          items: expect.arrayContaining([
-            expect.objectContaining({
-              id: report.id,
-            }),
-          ]),
-        }),
-      );
-    });
-
-    it.sequential('delete assets missing files', async () => {
-      await utils.deleteFolder(`/data/upload/${admin.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus, body: listBody } = await request(app)
-        .get('/admin/integrity/report?type=missing_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus).toBe(200);
-      expect(listBody.items.length).toBe(1);
-
-      const report = (listBody as IntegrityReportResponseDto).items[0];
-
-      const { status } = await request(app)
-        .delete(`/admin/integrity/report/${report.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityMissingFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus2, body: listBody2 } = await request(app)
-        .get('/admin/integrity/report?type=missing_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus2).toBe(200);
-      expect(listBody2.items.length).toBe(0);
-    });
-
-    it.sequential('delete assets with failing checksum', async () => {
-      await utils.truncateFolder(`/data/upload/${admin.userId}`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityChecksumMismatch,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus, body: listBody } = await request(app)
-        .get('/admin/integrity/report?type=checksum_mismatch')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus).toBe(200);
-      expect(listBody.items.length).toBe(1);
-
-      const report = (listBody as IntegrityReportResponseDto).items[0];
-
-      const { status } = await request(app)
-        .delete(`/admin/integrity/report/${report.id}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityChecksumMismatch,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status: listStatus2, body: listBody2 } = await request(app)
-        .get('/admin/integrity/report?type=checksum_mismatch')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(listStatus2).toBe(200);
-      expect(listBody2.items.length).toBe(0);
-    });
-  });
-
-  describe('GET /report/:type/csv', () => {
-    it.sequential('exports untracked files as csv', async () => {
-      await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked1.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { status, headers, text } = await request(app)
-        .get('/admin/integrity/report/untracked_file/csv')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      expect(status).toBe(200);
-      expect(headers['content-type']).toContain('text/csv');
-      expect(headers['content-disposition']).toContain('.csv');
-      expect(text).toContain('id,type,assetId,fileAssetId,path');
-      expect(text).toContain(`untracked_file`);
-      expect(text).toContain(`/data/upload/${admin.userId}/untracked1.png`);
-    });
-  });
-
-  describe('GET /report/:id/file', () => {
-    it.sequential('downloads untracked file', async () => {
-      await utils.putTextFile('untracked-content', `/data/upload/${admin.userId}/untracked1.png`);
-
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.IntegrityUntrackedFiles,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-      const { body: listBody } = await request(app)
-        .get('/admin/integrity/report?type=untracked_file')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send();
-
-      const report = (listBody as IntegrityReportResponseDto).items.find(
-        (item) => item.path === `/data/upload/${admin.userId}/untracked1.png`,
-      )!;
-
-      const { status, headers, body } = await request(app)
-        .get(`/admin/integrity/report/${report.id}/file`)
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .buffer(true)
-        .send();
-
-      expect(status).toBe(200);
-      expect(headers['content-type']).toContain('application/octet-stream');
-      expect(body.toString()).toBe('untracked-content');
-    });
-  });
-});

e2e/src/specs/server/api/search.e2e-spec.ts

@@ -259,6 +259,17 @@ describe('/search', () => {
           assets: [assetHeic],
         }),
       },
+      {
+        should: "should search city ('')",
+        deferred: () => ({
+          dto: {
+            city: '',
+            visibility: AssetVisibility.Timeline,
+            includeNull: true,
+          },
+          assets: [assetLast],
+        }),
+      },
       {
         should: 'should search city (null)',
         deferred: () => ({
@@ -280,6 +291,18 @@ describe('/search', () => {
           assets: [assetDensity],
         }),
       },
+      {
+        should: "should search state ('')",
+        deferred: () => ({
+          dto: {
+            state: '',
+            visibility: AssetVisibility.Timeline,
+            withExif: true,
+            includeNull: true,
+          },
+          assets: [assetLast, assetNotocactus],
+        }),
+      },
       {
         should: 'should search state (null)',
         deferred: () => ({
@@ -301,6 +324,17 @@ describe('/search', () => {
           assets: [assetFalcon],
         }),
       },
+      {
+        should: "should search country ('')",
+        deferred: () => ({
+          dto: {
+            country: '',
+            visibility: AssetVisibility.Timeline,
+            includeNull: true,
+          },
+          assets: [assetLast],
+        }),
+      },
       {
         should: 'should search country (null)',
         deferred: () => ({

e2e/src/specs/server/api/server.e2e-spec.ts

@@ -95,7 +95,6 @@ describe('/server', () => {
         major: expect.any(Number),
         minor: expect.any(Number),
         patch: expect.any(Number),
-        prerelease: null,
       });
     });
   });
@@ -116,7 +115,6 @@ describe('/server', () => {
         oauthAutoLaunch: false,
         ocr: false,
         passwordLogin: true,
-        realtimeTranscoding: false,
         search: true,
         sidecar: true,
         trash: true,
@@ -141,7 +139,6 @@ describe('/server', () => {
         maintenanceMode: false,
         mapDarkStyleUrl: 'https://tiles.immich.cloud/v1/style/dark.json',
         mapLightStyleUrl: 'https://tiles.immich.cloud/v1/style/light.json',
-        minFaces: 3,
       });
     });
   });

e2e/src/specs/server/api/system-config.e2e-spec.ts

@@ -21,18 +21,18 @@ describe('/system-config', () => {
       const response1 = await request(app)
         .put('/system-config')
         .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ...config, newVersionCheck: { enabled: false, channel: 'stable' } });
+        .send({ ...config, newVersionCheck: { enabled: false } });
 
       expect(response1.status).toBe(200);
-      expect(response1.body).toEqual({ ...config, newVersionCheck: { enabled: false, channel: 'stable' } });
+      expect(response1.body).toEqual({ ...config, newVersionCheck: { enabled: false } });
 
       const response2 = await request(app)
         .put('/system-config')
         .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ ...config, newVersionCheck: { enabled: true, channel: 'stable' } });
+        .send({ ...config, newVersionCheck: { enabled: true } });
 
       expect(response2.status).toBe(200);
-      expect(response2.body).toEqual({ ...config, newVersionCheck: { enabled: true, channel: 'stable' } });
+      expect(response2.body).toEqual({ ...config, newVersionCheck: { enabled: true } });
     });
 
     it('should reject an invalid config entry', async () => {

e2e/src/specs/server/api/user.e2e-spec.ts

@@ -230,21 +230,6 @@ describe('/users', () => {
       const after = await getMyPreferences({ headers: asBearerAuth(admin.accessToken) });
       expect(after).toMatchObject({ download: { includeEmbeddedVideos: true } });
     });
-
-    it('should update minimum face count to display people', async () => {
-      const before = await getMyPreferences({ headers: asBearerAuth(admin.accessToken) });
-      expect(before).toMatchObject({ people: { minimumFaces: 3 } });
-
-      const { status, body } = await request(app)
-        .put('/users/me/preferences')
-        .send({ people: { minimumFaces: 2 } })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(200);
-      expect(body).toMatchObject({ people: { minimumFaces: 2 } });
-
-      const after = await getMyPreferences({ headers: asBearerAuth(admin.accessToken) });
-      expect(after).toMatchObject({ people: { minimumFaces: 2 } });
-    });
   });
 
   describe('GET /users/:id', () => {

e2e/src/specs/web/integrity.e2e-spec.ts

@@ -1,41 +0,0 @@
-import { LoginResponseDto, ManualJobName, QueueName } from '@immich/sdk';
-import { expect, test } from '@playwright/test';
-import { utils } from 'src/utils';
-
-test.describe.configure({ mode: 'serial' });
-
-test.describe.skip('Integrity', () => {
-  let admin: LoginResponseDto;
-
-  test.beforeAll(async () => {
-    utils.initSdk();
-    await utils.resetDatabase();
-    admin = await utils.adminSetup();
-  });
-
-  test('run integrity jobs to update stats', async ({ context, page }) => {
-    await utils.setAuthCookies(context, admin.accessToken);
-
-    await utils.createJob(admin.accessToken, {
-      name: ManualJobName.IntegrityUntrackedFiles,
-    });
-
-    await utils.waitForQueueFinish(admin.accessToken, QueueName.IntegrityCheck);
-
-    await page.goto('/admin/maintenance');
-
-    const count = page.getByText('Untracked Files').locator('..').locator('..').locator('div').nth(1);
-
-    const previousCount = Number.parseInt((await count.textContent()) ?? '');
-
-    await utils.mkFolder(`/data/upload/${admin.userId}`);
-    await utils.putTextFile('untracked', `/data/upload/${admin.userId}/untracked1.png`);
-
-    const checkButton = page.getByText('Integrity Report').locator('..').getByRole('button', { name: 'Check All' });
-
-    await checkButton.click();
-    await expect(checkButton).toBeEnabled();
-
-    await expect(count).toContainText((previousCount + 1).toString());
-  });
-});

e2e/src/ui/generators/timeline/rest-response.ts

@@ -55,8 +55,8 @@ export function toColumnarFormat(assets: MockTimelineAsset[]): TimeBucketAssetRe
     result.duration.push(asset.duration);
     result.projectionType.push(asset.projectionType);
     result.livePhotoVideoId.push(asset.livePhotoVideoId);
-    result.city?.push(asset.city);
-    result.country?.push(asset.country);
+    result.city.push(asset.city);
+    result.country.push(asset.country);
     result.visibility.push(asset.visibility);
   }
 

e2e/src/ui/specs/timeline/timeline.e2e-spec.ts

@@ -536,7 +536,7 @@ test.describe('Timeline', () => {
         force: false,
         ids: [assetToTrash.id],
       });
-      await page.locator('#control-bar').getByLabel('Close').click();
+      await page.locator('#asset-selection-app-bar').getByLabel('Close').click();
       await page.getByText('Trash', { exact: true }).click();
       await timelineUtils.waitForTimelineLoad(page);
       await thumbnailUtils.expectInViewport(page, assetToTrash.id);
@@ -676,7 +676,7 @@ test.describe('Timeline', () => {
         ids: [assetToArchive.id],
       });
       await thumbnailUtils.expectThumbnailIsArchive(page, assetToArchive.id);
-      await page.locator('#control-bar').getByLabel('Close').click();
+      await page.locator('#asset-selection-app-bar').getByLabel('Close').click();
       await page.getByRole('link').getByText('Archive').click();
       await timelineUtils.waitForTimelineLoad(page);
       await thumbnailUtils.expectInViewport(page, assetToArchive.id);
@@ -823,7 +823,7 @@ test.describe('Timeline', () => {
       });
       // ensure thumbnail still exists and has favorite icon
       await thumbnailUtils.expectThumbnailIsFavorite(page, assetToFavorite.id);
-      await page.locator('#control-bar').getByLabel('Close').click();
+      await page.locator('#asset-selection-app-bar').getByLabel('Close').click();
       await page.getByRole('link').getByText('Favorites').click();
       await timelineUtils.waitForTimelineLoad(page);
       await pageUtils.goToAsset(page, assetToFavorite.fileCreatedAt);

e2e/src/utils.ts

@@ -192,7 +192,6 @@ export const utils = {
       'user',
       'system_metadata',
       'tag',
-      'integrity_report',
     ];
 
     const truncateTables = tables.filter((table) => table !== 'system_metadata');
@@ -560,54 +559,10 @@ export const utils = {
     mkdirSync(`${testAssetDir}/temp`, { recursive: true });
   },
 
-  putFile(source: string, dest: string) {
-    return executeCommand('docker', ['cp', source, `immich-e2e-server:${dest}`]).promise;
-  },
-
-  async putTextFile(contents: string, dest: string) {
-    const dir = await mkdtemp(join(tmpdir(), 'test-'));
-    const fn = join(dir, 'file');
-    await pipeline(Readable.from(contents), createWriteStream(fn));
-    return executeCommand('docker', ['cp', fn, `immich-e2e-server:${dest}`]).promise;
-  },
-
   async move(source: string, dest: string) {
     return executeCommand('docker', ['exec', 'immich-e2e-server', 'mv', source, dest]).promise;
   },
 
-  async copyFolder(source: string, dest: string) {
-    return executeCommand('docker', ['exec', 'immich-e2e-server', 'cp', '-r', source, dest]).promise;
-  },
-
-  async deleteFile(path: string) {
-    return executeCommand('docker', ['exec', 'immich-e2e-server', 'rm', path]).promise;
-  },
-
-  async deleteFolder(path: string) {
-    return executeCommand('docker', ['exec', 'immich-e2e-server', 'rm', '-r', path]).promise;
-  },
-
-  async truncateFolder(path: string) {
-    return executeCommand('docker', [
-      'exec',
-      'immich-e2e-server',
-      'find',
-      path,
-      '-type',
-      'f',
-      '-exec',
-      'truncate',
-      '-s',
-      '1',
-      '{}',
-      ';',
-    ]).promise;
-  },
-
-  async mkFolder(path: string) {
-    return executeCommand('docker', ['exec', 'immich-e2e-server', 'mkdir', '-p', path]).promise;
-  },
-
   createBackup: async (accessToken: string) => {
     await utils.createJob(accessToken, {
       name: ManualJobName.BackupDatabase,
@@ -624,8 +579,10 @@ export const utils = {
 
   resetBackups: async (accessToken: string) => {
     const { backups } = await listDatabaseBackups({ headers: asBearerAuth(accessToken) });
+
+    const backupFiles = backups.map((b) => b.filename);
     await deleteDatabaseBackup(
-      { databaseBackupDeleteDto: { backups: backups.map((dto) => dto.filename) } },
+      { databaseBackupDeleteDto: { backups: backupFiles } },
       { headers: asBearerAuth(accessToken) },
     );
   },

i18n/bs.json

@@ -1 +0,0 @@
-{}

i18n/en.json

@@ -79,7 +79,6 @@
     "cron_expression_description": "Set the scanning interval using the cron format. For more information please refer to e.g. <link>Crontab Guru</link>",
     "cron_expression_presets": "Cron expression presets",
     "disable_login": "Disable login",
-    "download_csv": "Download CSV",
     "duplicate_detection_job_description": "Run machine learning on assets to detect similar images. Relies on Smart Search",
     "exclusion_pattern_description": "Exclusion patterns lets you ignore files and folders when scanning your library. This is useful if you have folders that contain files you don't want to import, such as RAW files.",
     "export_config_as_json_description": "Download the current system config as a JSON file",
@@ -192,17 +191,6 @@
     "maintenance_delete_backup": "Delete Backup",
     "maintenance_delete_backup_description": "This file will be irrevocably deleted.",
     "maintenance_delete_error": "Failed to delete backup.",
-    "maintenance_integrity_check_all": "Check All",
-    "maintenance_integrity_checksum_mismatch": "Checksum Mismatch",
-    "maintenance_integrity_checksum_mismatch_job": "Check for checksum mismatches",
-    "maintenance_integrity_checksum_mismatch_refresh_job": "Refresh checksum mismatch reports",
-    "maintenance_integrity_missing_file": "Missing Files",
-    "maintenance_integrity_missing_file_job": "Check for missing files",
-    "maintenance_integrity_missing_file_refresh_job": "Refresh missing file reports",
-    "maintenance_integrity_report": "Integrity Report",
-    "maintenance_integrity_untracked_file": "Untracked Files",
-    "maintenance_integrity_untracked_file_job": "Check for untracked files",
-    "maintenance_integrity_untracked_file_refresh_job": "Refresh untracked file reports",
     "maintenance_restore_backup": "Restore Backup",
     "maintenance_restore_backup_description": "Immich will be wiped and restored from the chosen backup. A backup will be created before continuing.",
     "maintenance_restore_backup_different_version": "This backup was created with a different version of Immich!",
@@ -317,8 +305,6 @@
     "refreshing_all_libraries": "Refreshing all libraries",
     "registration": "Admin Registration",
     "registration_description": "Since you are the first user on the system, you will be assigned as the Admin and are responsible for administrative tasks, and additional users will be created by you.",
-    "release_channel_release_candidate": "Release candidate",
-    "release_channel_stable": "Stable",
     "remove_failed_jobs": "Remove failed jobs",
     "require_password_change_on_login": "Require user to change password on first login",
     "reset_settings_to_default": "Reset settings to default",
@@ -413,10 +399,6 @@
     "transcoding_preferred_hardware_device_description": "Applies only to VAAPI and QSV. Sets the dri node used for hardware transcoding.",
     "transcoding_preset_preset": "Preset (-preset)",
     "transcoding_preset_preset_description": "Compression speed. Slower presets produce smaller files, and increase quality when targeting a certain bitrate. VP9 ignores speeds above 'faster'.",
-    "transcoding_realtime": "Real-time Transcoding [EXPERIMENTAL]",
-    "transcoding_realtime_description": "Allows transcoding to be performed in real-time as the video is being streamed. Enables quality switching, but may cause higher playback latency and stuttering depending on server capabilities.",
-    "transcoding_realtime_enabled": "Enable real-time transcoding",
-    "transcoding_realtime_enabled_description": "If disabled, the server will refuse to start new real-time transcoding sessions.",
     "transcoding_reference_frames": "Reference frames",
     "transcoding_reference_frames_description": "The number of frames to reference when compressing a given frame. Higher values improve compression efficiency, but slow down encoding. 0 sets this value automatically.",
     "transcoding_required_description": "Only videos not in an accepted format",
@@ -460,8 +442,6 @@
     "user_settings_description": "Manage user settings",
     "user_successfully_removed": "User {email} has been successfully removed.",
     "users_page_description": "Admin users page",
-    "version_check_channel": "Release channel",
-    "version_check_channel_description": "Pick the release channel you want to get version announcements for",
     "version_check_enabled_description": "Enable version check",
     "version_check_implications": "The version check feature relies on periodic communication with {server}",
     "version_check_settings": "Version Check",
@@ -582,7 +562,6 @@
   "asset_added_to_album": "Added to album",
   "asset_adding_to_album": "Adding to album…",
   "asset_created": "Asset created",
-  "asset_day_count": "{date}: {count, plural, one {# asset} other {# assets}}",
   "asset_description_updated": "Asset description has been updated",
   "asset_filename_is_offline": "Asset {filename} is offline",
   "asset_has_unassigned_faces": "Asset has unassigned faces",
@@ -712,7 +691,6 @@
   "backup_settings_subtitle": "Manage upload settings",
   "backup_upload_details_page_more_details": "Tap for more details",
   "backward": "Backward",
-  "battery_optimization_backup_reliability": "Disabling battery optimizations can improve the reliability of background backup",
   "biometric_auth_enabled": "Biometric authentication enabled",
   "biometric_locked_out": "You are locked out of biometric authentication",
   "biometric_no_options": "No biometric options available",
@@ -720,7 +698,6 @@
   "birthdate_saved": "Date of birth saved successfully",
   "birthdate_set_description": "Date of birth is used to calculate the age of this person at the time of a photo.",
   "blurred_background": "Blurred background",
-  "browse_templates": "Browse templates",
   "bugs_and_feature_requests": "Bugs & Feature Requests",
   "build": "Build",
   "build_image": "Build Image",
@@ -862,7 +839,6 @@
   "copy_error": "Copy error",
   "copy_file_path": "Copy file path",
   "copy_image": "Copy Image",
-  "copy_json": "Copy JSON",
   "copy_link": "Copy link",
   "copy_link_to_clipboard": "Copy link to clipboard",
   "copy_password": "Copy password",
@@ -927,8 +903,6 @@
   "deduplicate_all": "Deduplicate All",
   "default_locale": "Default Locale",
   "default_locale_description": "Format dates and numbers based on your browser locale",
-  "default_quality_subtitle": "Quality used when tapping share. Long press the share button to choose each time.",
-  "default_share_quality": "Default share quality",
   "delete": "Delete",
   "delete_action_confirmation_message": "Are you sure you want to delete this asset? This action will move the asset to the server's trash and will prompt if you want to delete it locally",
   "delete_action_prompt": "{count} deleted",
@@ -1002,10 +976,7 @@
   "downloading_asset_filename": "Downloading asset {filename}",
   "downloading_from_icloud": "Downloading from iCloud",
   "downloading_media": "Downloading media",
-  "drag_to_reorder": "Drag to reorder",
   "drop_files_to_upload": "Drop files anywhere to upload",
-  "duplicate": "Duplicate",
-  "duplicate_workflow": "Duplicate workflow",
   "duplicates": "Duplicates",
   "duplicates_description": "Resolve each group by indicating which, if any, are duplicates.",
   "duration": "Duration",
@@ -1238,7 +1209,6 @@
   "failed": "Failed",
   "failed_count": "Failed: {count}",
   "failed_to_authenticate": "Failed to authenticate",
-  "failed_to_delete_file": "Failed to delete file",
   "failed_to_load_assets": "Failed to load assets",
   "failed_to_load_folder": "Failed to load folder",
   "favorite": "Favorite",
@@ -1369,7 +1339,6 @@
   "individual_share": "Individual share",
   "individual_shares": "Individual shares",
   "info": "Info",
-  "integrity_checks": "Integrity Checks",
   "interval": {
     "day_at_onepm": "Every day at 1pm",
     "hours": "Every {hours, plural, one {hour} other {{hours, number} hours}}",
@@ -1417,7 +1386,6 @@
   "leave": "Leave",
   "leave_album": "Leave album",
   "lens_model": "Lens model",
-  "less": "Less",
   "let_others_respond": "Let others respond",
   "level": "Level",
   "library": "Library",
@@ -1442,7 +1410,6 @@
   "linked_oauth_account": "Linked OAuth account",
   "list": "List",
   "live": "Live",
-  "load_more": "Load More",
   "loading": "Loading",
   "loading_search_results_failed": "Loading search results failed",
   "local": "Local",
@@ -1612,8 +1579,6 @@
   "merge_people_prompt": "Do you want to merge these people? This action is irreversible.",
   "merge_people_successfully": "Merge people successfully",
   "merged_people_count": "Merged {count, plural, one {# person} other {# people}}",
-  "minFaces": "Minimum faces",
-  "minFaces_description": "The minimum number of recognized faces for a person to be displayed",
   "minimize": "Minimize",
   "minute": "Minute",
   "minutes": "Minutes",
@@ -1709,7 +1674,6 @@
   "not_selected": "Not selected",
   "notes": "Notes",
   "nothing_here_yet": "Nothing here yet",
-  "notification_backup_reliability": "Enable notifications to improve background backup reliability",
   "notification_permission_dialog_content": "To enable notifications, go to Settings and select allow.",
   "notification_permission_list_tile_content": "Grant permission to enable notifications.",
   "notification_permission_list_tile_enable_button": "Enable Notifications",
@@ -2101,7 +2065,6 @@
   "select_person": "Select person",
   "select_person_to_tag": "Select a person to tag",
   "select_photos": "Select photos",
-  "select_quality": "Select quality",
   "select_trash_all": "Select trash all",
   "select_user_for_sharing_page_err_album": "Failed to create album",
   "selected": "Selected",
@@ -2165,8 +2128,6 @@
   "share_assets_selected": "{count} selected",
   "share_dialog_preparing": "Preparing...",
   "share_link": "Share Link",
-  "share_original": "Use original (large)",
-  "share_preview": "Use thumbnail (small)",
   "shared": "Shared",
   "shared_album_activities_input_disable": "Comment is disabled",
   "shared_album_activity_remove_content": "Do you want to delete this activity?",
@@ -2267,8 +2228,6 @@
   "slideshow_repeat": "Repeat slideshow",
   "slideshow_repeat_description": "Loop back to beginning when slideshow ends",
   "slideshow_settings": "Slideshow settings",
-  "smart_album": "Smart album",
-  "some_assets_already_have_a_location_warning": "Some of the selected assets already have a location",
   "sort_albums_by": "Sort albums by...",
   "sort_created": "Date created",
   "sort_items": "Number of items",
@@ -2295,7 +2254,6 @@
   "step_delete_confirm": "Are you sure you want to delete this step?",
   "step_details": "Step details",
   "steps": "Steps",
-  "steps_count": "{count, plural, one {# step} other {# steps}}",
   "stop_casting": "Stop casting",
   "stop_motion_photo": "Stop Motion Photo",
   "stop_photo_sharing": "Stop sharing your photos?",
@@ -2389,13 +2347,11 @@
   "trash_page_title": "Trash ({count})",
   "trashed_items_will_be_permanently_deleted_after": "Trashed items will be permanently deleted after {days, plural, one {# day} other {# days}}.",
   "trigger": "Trigger",
-  "trigger_asset_metadata_extraction": "Asset Metadata Extraction",
-  "trigger_asset_metadata_extraction_description": "Triggered when the EXIF metadata of an asset is extracted",
   "trigger_asset_uploaded": "Asset Upload",
   "trigger_asset_uploaded_description": "Triggered when a new asset is uploaded",
   "trigger_description": "An event that kicks off the workflow",
   "trigger_person_recognized": "Person Recognized",
-  "trigger_person_recognized_description": "Triggered when a person is recognized",
+  "trigger_person_recognized_description": "Triggered when a person is detected",
   "trigger_type": "Trigger type",
   "troubleshoot": "Troubleshoot",
   "type": "Type",
@@ -2437,7 +2393,6 @@
   "updated_password": "Updated password",
   "upload": "Upload",
   "upload_concurrency": "Upload concurrency",
-  "upload_day_count": "{date}: {count, plural, one {# upload} other {# uploads}}",
   "upload_details": "Upload Details",
   "upload_dialog_info": "Do you want to backup the selected Asset(s) to the server?",
   "upload_dialog_title": "Upload Asset",
@@ -2453,8 +2408,6 @@
   "upload_to_immich": "Upload to Immich ({count})",
   "uploading": "Uploading",
   "uploading_media": "Uploading media",
-  "uploads": "Uploads",
-  "uploads_count": "{count, plural, one {# upload} other {# uploads}}",
   "url": "URL",
   "usage": "Usage",
   "use_biometric": "Use biometric",
@@ -2462,7 +2415,6 @@
   "use_browser_locale_description": "Format dates, times, and numbers based on your browser locale",
   "use_current_connection": "Use current connection",
   "use_custom_date_range": "Use custom date range instead",
-  "use_template": "Use template",
   "user": "User",
   "user_has_been_deleted": "This user has been deleted.",
   "user_id": "User ID",
@@ -2492,7 +2444,6 @@
   "video": "Video",
   "video_hover_setting": "Play video thumbnail on hover",
   "video_hover_setting_description": "Play video thumbnail when mouse is hovering over item. Even when disabled, playback can be started by hovering over the play icon.",
-  "video_quality": "Video quality",
   "videos": "Videos",
   "videos_count": "{count, plural, one {# Video} other {# Videos}}",
   "videos_only": "Videos only",
@@ -2525,7 +2476,6 @@
   "week": "Week",
   "welcome": "Welcome",
   "welcome_to_immich": "Welcome to Immich",
-  "when": "When",
   "width": "Width",
   "wifi_name": "Wi-Fi Name",
   "workflow": "Workflow",
@@ -2538,7 +2488,6 @@
   "workflow_name": "Workflow name",
   "workflow_navigation_prompt": "Are you sure you want to leave without saving your changes?",
   "workflow_summary": "Workflow summary",
-  "workflow_templates": "Workflow templates",
   "workflow_update_success": "Workflow updated successfully",
   "workflow_updated": "Workflow updated",
   "workflows": "Workflows",

i18n/kab.json

@@ -1 +0,0 @@
-{}

i18n/kxm.json

@@ -1 +0,0 @@
-{}

i18n/lmo.json

@@ -1 +0,0 @@
-{}

i18n/mi.json

@@ -1 +0,0 @@
-{}

i18n/ne.json

@@ -1 +0,0 @@
-{}

i18n/sw.json

@@ -1 +0,0 @@
-{}

i18n/swg.json

@@ -1 +0,0 @@
-{}

i18n/tl.json

@@ -1 +0,0 @@
-{}

machine-learning/Dockerfile

@@ -1,8 +1,8 @@
 ARG DEVICE=cpu
 
-FROM python:3.11-bookworm@sha256:20ec607c68642c64c73269ce245aa0f060913f4129d15d9687850aa158e6269c AS builder-cpu
+FROM python:3.11-bookworm@sha256:970c99f886b839fc8829289040c1845dadaf2cae46b37acc7710333158ec29b4 AS builder-cpu
 
-FROM python:3.13-slim-trixie@sha256:f82c96458eedc847b233e582eb31336f4954b39cae020b6dcf5b3ed0e5cbcd74 AS builder-openvino
+FROM python:3.13-slim-trixie@sha256:d168b8d9eb761f4d3fe305ebd04aeb7e7f2de0297cec5fb2f8f6403244621664 AS builder-openvino
 
 FROM builder-cpu AS builder-cuda
 
@@ -39,23 +39,23 @@ RUN --mount=type=cache,target=/root/.cache/uv \
     --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
     uv sync --frozen --extra ${DEVICE} --no-dev --no-editable --no-install-project --compile-bytecode --no-progress --active --link-mode copy
 
-FROM python:3.11-slim-bookworm@sha256:e2d3af735aff6eeee600b1933bedd99da6645fedf572cc12ef4cc1331f2ceebe AS prod-cpu
+FROM python:3.11-slim-bookworm@sha256:9c6f90801e6b68e772b7c0ca74260cbf7af9f320acec894e26fccdaccfbe3b47 AS prod-cpu
 
 ENV LD_PRELOAD=/usr/lib/libmimalloc.so.2 \
     MACHINE_LEARNING_MODEL_ARENA=false
 
-FROM python:3.13-slim-trixie@sha256:f82c96458eedc847b233e582eb31336f4954b39cae020b6dcf5b3ed0e5cbcd74 AS prod-openvino
+FROM python:3.13-slim-trixie@sha256:d168b8d9eb761f4d3fe305ebd04aeb7e7f2de0297cec5fb2f8f6403244621664 AS prod-openvino
 
 RUN apt-get update && \
     apt-get install --no-install-recommends -yqq ocl-icd-libopencl1 wget && \
-    wget -nv https://github.com/intel/intel-graphics-compiler/releases/download/v2.34.4/intel-igc-core-2_2.34.4+21428_amd64.deb && \
-    wget -nv https://github.com/intel/intel-graphics-compiler/releases/download/v2.34.4/intel-igc-opencl-2_2.34.4+21428_amd64.deb && \
-    wget -nv https://github.com/intel/compute-runtime/releases/download/26.18.38308.1/intel-opencl-icd_26.18.38308.1-0_amd64.deb &&  \
+    wget -nv https://github.com/intel/intel-graphics-compiler/releases/download/v2.32.7/intel-igc-core-2_2.32.7+21184_amd64.deb && \
+    wget -nv https://github.com/intel/intel-graphics-compiler/releases/download/v2.32.7/intel-igc-opencl-2_2.32.7+21184_amd64.deb && \
+    wget -nv https://github.com/intel/compute-runtime/releases/download/26.14.37833.4/intel-opencl-icd_26.14.37833.4-0_amd64.deb &&  \
     wget -nv https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.24/intel-igc-core_1.0.17537.24_amd64.deb && \
     wget -nv https://github.com/intel/intel-graphics-compiler/releases/download/igc-1.0.17537.24/intel-igc-opencl_1.0.17537.24_amd64.deb && \
     wget -nv https://github.com/intel/compute-runtime/releases/download/24.35.30872.36/intel-opencl-icd-legacy1_24.35.30872.36_amd64.deb && \
     # TODO: Figure out how to get renovate to manage this differently versioned libigdgmm file
-    wget -nv https://github.com/intel/compute-runtime/releases/download/26.18.38308.1/libigdgmm12_22.10.0_amd64.deb && \
+    wget -nv https://github.com/intel/compute-runtime/releases/download/26.14.37833.4/libigdgmm12_22.9.0_amd64.deb && \
     dpkg -i *.deb && \
     rm *.deb && \
     apt-get remove wget -yqq && \

machine-learning/immich_ml/__main__.py

@@ -49,7 +49,6 @@ try:
             str(settings.http_keepalive_timeout_s),
             "--graceful-timeout",
             "10",
-            "--no-control-socket",
         ],
     ) as cmd:
         cmd.wait()

machine-learning/immich_ml/config.py

@@ -6,7 +6,7 @@ from pathlib import Path
 from socket import socket
 
 from gunicorn.arbiter import Arbiter
-from pydantic import BaseModel, Field
+from pydantic import BaseModel
 from pydantic_settings import BaseSettings, SettingsConfigDict
 from rich.console import Console
 from rich.logging import RichHandler
@@ -42,10 +42,6 @@ class MaxBatchSize(BaseModel):
     ocr: int | None = None
 
 
-def default_worker_timeout() -> int:
-    return 900 if os.environ.get("DEVICE") == "rocm" else 300
-
-
 class Settings(BaseSettings):
     model_config = SettingsConfigDict(
         env_prefix="MACHINE_LEARNING_",
@@ -58,7 +54,7 @@ class Settings(BaseSettings):
     model_ttl: int = 300
     model_ttl_poll_s: int = 10
     workers: int = 1
-    worker_timeout: int = Field(default_factory=default_worker_timeout)
+    worker_timeout: int = 300
     http_keepalive_timeout_s: int = 2
     test_full: bool = False
     request_threads: int = os.cpu_count() or 4

machine-learning/immich_ml/main.py

@@ -12,7 +12,7 @@ from zipfile import BadZipFile
 
 import orjson
 from fastapi import Depends, FastAPI, File, Form, HTTPException
-from fastapi.responses import PlainTextResponse
+from fastapi.responses import ORJSONResponse, PlainTextResponse
 from onnxruntime.capi.onnxruntime_pybind11_state import InvalidProtobuf, NoSuchFile
 from PIL.Image import Image
 from pydantic import ValidationError
@@ -32,7 +32,6 @@ from .schemas import (
     ModelIdentity,
     ModelTask,
     ModelType,
-    ORJSONResponse,
     PipelineRequest,
     T,
 )

machine-learning/immich_ml/models/clip/textual.py

@@ -89,9 +89,7 @@ class OpenClipTextualEncoder(BaseCLIPTextualEncoder):
 
         tokenizer: Tokenizer = Tokenizer.from_file(self.tokenizer_file_path.as_posix())
 
-        pad_id = tokenizer.token_to_id(pad_token)
-        if pad_id is None:
-            raise ValueError(f"Pad token '{pad_token}' not found in tokenizer vocab")
+        pad_id: int = tokenizer.token_to_id(pad_token)
         tokenizer.enable_padding(length=context_length, pad_token=pad_token, pad_id=pad_id)
         tokenizer.enable_truncation(max_length=context_length)
 

machine-learning/immich_ml/models/facial_recognition/recognition.py

@@ -89,10 +89,4 @@ class FaceRecognizer(InferenceModel):
     @property
     def _batch_size_default(self) -> int | None:
         providers = ort.get_available_providers()
-        if (
-            self.model_format == ModelFormat.ONNX
-            and "MIGraphXExecutionProvider" not in providers
-            and "OpenVINOExecutionProvider" not in providers
-        ):
-            return None
-        return 1
+        return None if self.model_format == ModelFormat.ONNX and "OpenVINOExecutionProvider" not in providers else 1

machine-learning/immich_ml/models/ocr/recognition.py

@@ -64,7 +64,6 @@ class TextRecognizer(InferenceModel):
                 rec_batch_num=max_batch_size if max_batch_size else 6,
                 rec_img_shape=(3, 48, 320),
                 lang_type=self.language,
-                model_root_dir=self.cache_dir,
             )
         )
         return session

machine-learning/immich_ml/schemas.py

@@ -3,16 +3,9 @@ from typing import Any, Literal, Protocol, TypeGuard, TypeVar
 
 import numpy as np
 import numpy.typing as npt
-import orjson
-from fastapi.responses import JSONResponse
 from typing_extensions import TypedDict
 
 
-class ORJSONResponse(JSONResponse):
-    def render(self, content: Any) -> bytes:
-        return orjson.dumps(content, option=orjson.OPT_SERIALIZE_NUMPY)
-
-
 class StrEnum(str, Enum):
     value: str
 

machine-learning/immich_ml/sessions/ort.py

@@ -1,7 +1,6 @@
 from __future__ import annotations
 
 from pathlib import Path
-from threading import Lock
 from typing import Any
 
 import numpy as np
@@ -13,37 +12,6 @@ from immich_ml.schemas import ModelPrecision, SessionNode
 
 from ..config import log, settings
 
-MigraphxInputSignature = tuple[tuple[str, str, tuple[int, ...]], ...]
-
-_migraphx_registry_lock = Lock()
-_migraphx_model_locks: dict[str, Lock] = {}
-_migraphx_compiled_inputs: set[tuple[str, MigraphxInputSignature]] = set()
-
-
-def _migraphx_get_model_lock(model_key: str) -> Lock:
-    with _migraphx_registry_lock:
-        lock = _migraphx_model_locks.get(model_key)
-        if lock is None:
-            lock = Lock()
-            _migraphx_model_locks[model_key] = lock
-        return lock
-
-
-def _migraphx_has_compiled_input(key: tuple[str, MigraphxInputSignature]) -> bool:
-    with _migraphx_registry_lock:
-        return key in _migraphx_compiled_inputs
-
-
-def _migraphx_mark_compiled_input(key: tuple[str, MigraphxInputSignature]) -> None:
-    with _migraphx_registry_lock:
-        _migraphx_compiled_inputs.add(key)
-
-
-def _migraphx_input_signature(
-    input_feed: dict[str, NDArray[np.float32]] | dict[str, NDArray[np.int32]],
-) -> MigraphxInputSignature:
-    return tuple((name, str(value.dtype), tuple(value.shape)) for name, value in sorted(input_feed.items()))
-
 
 class OrtSession:
     session: ort.InferenceSession
@@ -80,21 +48,7 @@ class OrtSession:
         input_feed: dict[str, NDArray[np.float32]] | dict[str, NDArray[np.int32]],
         run_options: Any = None,
     ) -> list[NDArray[np.float32]]:
-        if "MIGraphXExecutionProvider" in self.providers:
-            model_key = self.model_path.resolve().as_posix()
-            input_key = (model_key, _migraphx_input_signature(input_feed))
-            if not _migraphx_has_compiled_input(input_key):
-                model_lock = _migraphx_get_model_lock(model_key)
-                with model_lock:
-                    if not _migraphx_has_compiled_input(input_key):
-                        outputs: list[NDArray[np.float32]] = self.session.run(output_names, input_feed, run_options)
-                        _migraphx_mark_compiled_input(input_key)
-                        return outputs
-
-            outputs = self.session.run(output_names, input_feed, run_options)
-            return outputs
-
-        outputs = self.session.run(output_names, input_feed, run_options)
+        outputs: list[NDArray[np.float32]] = self.session.run(output_names, input_feed, run_options)
         return outputs
 
     @property

machine-learning/mise.lock

@@ -1,72 +0,0 @@
-# @generated - this file is auto-generated by `mise lock` https://mise.en.dev/dev-tools/mise-lock.html
-
-[[tools.python]]
-version = "3.11.15"
-backend = "core:python"
-
-[tools.python."platforms.linux-arm64"]
-checksum = "sha256:243f794278eff6adba96ed3677ec6877175df84c25f140e17f09f9be82d0f12a"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-aarch64-unknown-linux-gnu-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[tools.python."platforms.linux-arm64-musl"]
-checksum = "sha256:52b4c52094ff8b383a45c694acf4c5c0e883152be6d5229a35a8186ce907c6eb"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-aarch64-unknown-linux-musl-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[tools.python."platforms.linux-x64"]
-checksum = "sha256:171dffd8c0f66e8a0725364a7428015b22fc18dd298b24f541392e17dd0e561f"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-x86_64-unknown-linux-gnu-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[tools.python."platforms.linux-x64-musl"]
-checksum = "sha256:2ac90fef8917ebd14826a6d667593a06cf0ae5f745ba9b1147dc086dd35f5284"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-x86_64-unknown-linux-musl-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[tools.python."platforms.macos-arm64"]
-checksum = "sha256:fdfc363b538662eb7441a14e06f72c4a992c56af7f401f5730ea5081f8f8ad6e"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-aarch64-apple-darwin-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[tools.python."platforms.macos-x64"]
-checksum = "sha256:5f1eb247cbca2c0ad5ccbf6d299a4f54b31b5c63b492d74c3531dc4344a42f88"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-x86_64-apple-darwin-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[tools.python."platforms.windows-x64"]
-checksum = "sha256:756d7f148498b8822f6aedf44a020613576f09983161f346ad36dcef6238cdc3"
-url = "https://github.com/astral-sh/python-build-standalone/releases/download/20260510/cpython-3.11.15+20260510-x86_64-pc-windows-msvc-install_only_stripped.tar.gz"
-provenance = "github-attestations"
-
-[[tools.uv]]
-version = "0.8.15"
-backend = "aqua:astral-sh/uv"
-
-[tools.uv."platforms.linux-arm64"]
-checksum = "sha256:23ea21a05c62c4c307ce691f29bff2f15c94c4f07f2b83d9b356f0664bc8b3a2"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-aarch64-unknown-linux-musl.tar.gz"
-
-[tools.uv."platforms.linux-arm64-musl"]
-checksum = "sha256:23ea21a05c62c4c307ce691f29bff2f15c94c4f07f2b83d9b356f0664bc8b3a2"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-aarch64-unknown-linux-musl.tar.gz"
-
-[tools.uv."platforms.linux-x64"]
-checksum = "sha256:d0fec58f3124e05e0a1af0f6541abfce4333253cdaf23c7b6bb2e6128bf138ea"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-x86_64-unknown-linux-musl.tar.gz"
-
-[tools.uv."platforms.linux-x64-musl"]
-checksum = "sha256:d0fec58f3124e05e0a1af0f6541abfce4333253cdaf23c7b6bb2e6128bf138ea"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-x86_64-unknown-linux-musl.tar.gz"
-
-[tools.uv."platforms.macos-arm64"]
-checksum = "sha256:103367962c5cb00bf7370d84cbaa3fec5a9807be9cc833ea9d8eea400c119fa2"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-aarch64-apple-darwin.tar.gz"
-
-[tools.uv."platforms.macos-x64"]
-checksum = "sha256:2bbef70982e97dfc36454de173f35ec1a5e83ae11e3885df6a50db3fd76171cb"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-x86_64-apple-darwin.tar.gz"
-
-[tools.uv."platforms.windows-x64"]
-checksum = "sha256:459d95892a5cc5c21779532f4f41b9238594b79e312a5142da2148ecfa10e705"
-url = "https://github.com/astral-sh/uv/releases/download/0.8.15/uv-x86_64-pc-windows-msvc.zip"

machine-learning/pyproject.toml

@@ -10,7 +10,7 @@ dependencies = [
     "fastapi>=0.95.2,<1.0",
     "gunicorn>=21.1.0",
     "huggingface-hub>=1.0,<2.0",
-    "insightface>=0.7.3,<2.0",
+    "insightface>=0.7.3,<1.0",
     "numpy>=2.4.0,<3.0",
     "opencv-python-headless>=4.7.0.72,<5.0",
     "orjson>=3.9.5",

machine-learning/test_main.py

@@ -35,37 +35,7 @@ from immich_ml.sessions.ort import OrtSession
 from immich_ml.sessions.rknn import RknnSession, run_inference
 
 
-class FakeLock:
-    def __init__(self) -> None:
-        self.enter = mock.Mock()
-        self.exit = mock.Mock()
-
-    def __enter__(self) -> None:
-        self.enter()
-
-    def __exit__(self, *args: object) -> None:
-        self.exit(*args)
-
-
 class TestBase:
-    def test_sets_default_worker_timeout(self, monkeypatch: MonkeyPatch) -> None:
-        monkeypatch.delenv("DEVICE", raising=False)
-        monkeypatch.delenv("MACHINE_LEARNING_WORKER_TIMEOUT", raising=False)
-
-        assert Settings().worker_timeout == 300
-
-    def test_sets_rocm_default_worker_timeout(self, monkeypatch: MonkeyPatch) -> None:
-        monkeypatch.setenv("DEVICE", "rocm")
-        monkeypatch.delenv("MACHINE_LEARNING_WORKER_TIMEOUT", raising=False)
-
-        assert Settings().worker_timeout == 900
-
-    def test_worker_timeout_env_override(self, monkeypatch: MonkeyPatch) -> None:
-        monkeypatch.setenv("DEVICE", "rocm")
-        monkeypatch.setenv("MACHINE_LEARNING_WORKER_TIMEOUT", "1200")
-
-        assert Settings().worker_timeout == 1200
-
     def test_sets_default_cache_dir(self) -> None:
         encoder = OpenClipTextualEncoder("ViT-B-32__openai")
 
@@ -443,52 +413,6 @@ class TestOrtSession:
 
         assert sess_options is session.sess_options
 
-    def test_serializes_rocm_first_run_for_new_input_signature(self, mocker: MockerFixture) -> None:
-        lock = FakeLock()
-        get_model_lock = mocker.patch("immich_ml.sessions.ort._migraphx_get_model_lock", return_value=lock)
-        mocker.patch("immich_ml.sessions.ort._migraphx_compiled_inputs", set())
-        mocker.patch("immich_ml.sessions.ort.Path.mkdir")
-        session = OrtSession("/cache/ViT-B-32__openai/model.onnx", providers=["MIGraphXExecutionProvider"])
-        input_feed = {"input": np.random.rand(1, 3, 224, 224).astype(np.float32)}
-
-        session.run(None, input_feed)
-        session.run(None, input_feed)
-
-        lock.enter.assert_called_once()
-        lock.exit.assert_called_once()
-        get_model_lock.assert_called_once()
-        session.session.run.assert_has_calls([mock.call(None, input_feed, None), mock.call(None, input_feed, None)])
-
-    def test_serializes_rocm_run_for_each_new_input_signature(self, mocker: MockerFixture) -> None:
-        lock = FakeLock()
-        mocker.patch("immich_ml.sessions.ort._migraphx_get_model_lock", return_value=lock)
-        mocker.patch("immich_ml.sessions.ort._migraphx_compiled_inputs", set())
-        mocker.patch("immich_ml.sessions.ort.Path.mkdir")
-        session = OrtSession("/cache/ViT-B-32__openai/model.onnx", providers=["MIGraphXExecutionProvider"])
-        input_feed = {"input": np.random.rand(1, 3, 224, 224).astype(np.float32)}
-        new_shape_input_feed = {"input": np.random.rand(2, 3, 224, 224).astype(np.float32)}
-
-        session.run(None, input_feed)
-        session.run(None, new_shape_input_feed)
-
-        assert lock.enter.call_count == 2
-        assert lock.exit.call_count == 2
-        session.session.run.assert_has_calls(
-            [mock.call(None, input_feed, None), mock.call(None, new_shape_input_feed, None)]
-        )
-
-    def test_does_not_serialize_non_rocm_run(self, mocker: MockerFixture) -> None:
-        lock = FakeLock()
-        get_model_lock = mocker.patch("immich_ml.sessions.ort._migraphx_get_model_lock", return_value=lock)
-        session = OrtSession("/cache/ViT-B-32__openai/model.onnx", providers=["CPUExecutionProvider"])
-        input_feed = {"input": np.random.rand(1, 3, 224, 224).astype(np.float32)}
-
-        session.run(None, input_feed)
-
-        get_model_lock.assert_not_called()
-        lock.enter.assert_not_called()
-        session.session.run.assert_called_once_with(None, input_feed, None)
-
 
 class TestAnnSession:
     def test_creates_ann_session(self, ann_session: mock.Mock, info: mock.Mock) -> None:
@@ -816,10 +740,6 @@ class TestFaceRecognition:
 
     def test_recognition(self, cv_image: cv2.Mat, mocker: MockerFixture) -> None:
         mocker.patch.object(FaceRecognizer, "load")
-        mocker.patch(
-            "immich_ml.models.facial_recognition.recognition.ort.get_available_providers",
-            return_value=["CPUExecutionProvider"],
-        )
         face_recognizer = FaceRecognizer("buffalo_s", min_score=0.0, cache_dir="test_cache")
 
         num_faces = 2
@@ -864,10 +784,6 @@ class TestFaceRecognition:
         )
         mocker.patch("immich_ml.models.base.InferenceModel.download")
         mocker.patch("immich_ml.models.facial_recognition.recognition.ArcFaceONNX")
-        mocker.patch(
-            "immich_ml.models.facial_recognition.recognition.ort.get_available_providers",
-            return_value=["CPUExecutionProvider"],
-        )
         ort_session.return_value.get_inputs.return_value = [SimpleNamespace(name="input.1", shape=(1, 3, 224, 224))]
         ort_session.return_value.get_outputs.return_value = [SimpleNamespace(name="output.1", shape=(1, 800))]
         path.return_value.__truediv__.return_value.__truediv__.return_value.suffix = ".onnx"
@@ -902,10 +818,6 @@ class TestFaceRecognition:
         )
         mocker.patch("immich_ml.models.base.InferenceModel.download")
         mocker.patch("immich_ml.models.facial_recognition.recognition.ArcFaceONNX")
-        mocker.patch(
-            "immich_ml.models.facial_recognition.recognition.ort.get_available_providers",
-            return_value=["CPUExecutionProvider"],
-        )
         path.return_value.__truediv__.return_value.__truediv__.return_value.suffix = ".onnx"
 
         inputs = [SimpleNamespace(name="input.1", shape=("batch", 3, 224, 224))]
@@ -971,34 +883,6 @@ class TestFaceRecognition:
         onnx.load.assert_not_called()
         onnx.save.assert_not_called()
 
-    def test_recognition_does_not_add_batch_axis_for_migraphx(
-        self, ort_session: mock.Mock, path: mock.Mock, mocker: MockerFixture
-    ) -> None:
-        onnx = mocker.patch("immich_ml.models.facial_recognition.recognition.onnx", autospec=True)
-        update_dims = mocker.patch(
-            "immich_ml.models.facial_recognition.recognition.update_inputs_outputs_dims", autospec=True
-        )
-        mocker.patch("immich_ml.models.base.InferenceModel.download")
-        mocker.patch("immich_ml.models.facial_recognition.recognition.ArcFaceONNX")
-        mocker.patch(
-            "immich_ml.models.facial_recognition.recognition.ort.get_available_providers",
-            return_value=["MIGraphXExecutionProvider", "CPUExecutionProvider"],
-        )
-        path.return_value.__truediv__.return_value.__truediv__.return_value.suffix = ".onnx"
-
-        inputs = [SimpleNamespace(name="input.1", shape=(1, 3, 224, 224))]
-        outputs = [SimpleNamespace(name="output.1", shape=(1, 800))]
-        ort_session.return_value.get_inputs.return_value = inputs
-        ort_session.return_value.get_outputs.return_value = outputs
-
-        face_recognizer = FaceRecognizer("buffalo_s", cache_dir=path)
-        face_recognizer.load()
-
-        assert face_recognizer.batch_size == 1
-        update_dims.assert_not_called()
-        onnx.load.assert_not_called()
-        onnx.save.assert_not_called()
-
     def test_set_custom_max_batch_size(self, mocker: MockerFixture) -> None:
         mocker.patch.object(settings, "max_batch_size", MaxBatchSize(facial_recognition=2))
 
@@ -1008,10 +892,6 @@ class TestFaceRecognition:
 
     def test_ignore_other_custom_max_batch_size(self, mocker: MockerFixture) -> None:
         mocker.patch.object(settings, "max_batch_size", MaxBatchSize(ocr=2))
-        mocker.patch(
-            "immich_ml.models.facial_recognition.recognition.ort.get_available_providers",
-            return_value=["CPUExecutionProvider"],
-        )
 
         recognizer = FaceRecognizer("buffalo_l", cache_dir="test_cache")
 
@@ -1044,12 +924,7 @@ class TestOcr:
         text_recognizer.load()
 
         rapid_recognizer.assert_called_once_with(
-            OcrOptions(
-              session=ort_session.return_value,
-              rec_batch_num=6,
-              rec_img_shape=(3, 48, 320),
-              model_root_dir=text_recognizer.cache_dir,
-            )
+            OcrOptions(session=ort_session.return_value, rec_batch_num=6, rec_img_shape=(3, 48, 320))
         )
 
     def test_set_custom_max_batch_size(self, ort_session: mock.Mock, path: mock.Mock, mocker: MockerFixture) -> None:
@@ -1062,12 +937,7 @@ class TestOcr:
         text_recognizer.load()
 
         rapid_recognizer.assert_called_once_with(
-            OcrOptions(
-              session=ort_session.return_value,
-              rec_batch_num=4,
-              rec_img_shape=(3, 48, 320),
-              model_root_dir=text_recognizer.cache_dir,
-            )
+            OcrOptions(session=ort_session.return_value, rec_batch_num=4, rec_img_shape=(3, 48, 320))
         )
 
     def test_ignore_other_custom_max_batch_size(
@@ -1082,12 +952,7 @@ class TestOcr:
         text_recognizer.load()
 
         rapid_recognizer.assert_called_once_with(
-            OcrOptions(
-              session=ort_session.return_value,
-              rec_batch_num=6,
-              rec_img_shape=(3, 48, 320),
-              model_root_dir=text_recognizer.cache_dir,
-            )
+            OcrOptions(session=ort_session.return_value, rec_batch_num=6, rec_img_shape=(3, 48, 320))
         )
 
 

misc/release/archive-version.js

@@ -1,10 +1,9 @@
 #! /usr/bin/env node
-import { readFileSync, writeFileSync } from 'node:fs';
+const { readFileSync, writeFileSync } = require('node:fs');
 
 const asVersion = (item) => {
   const { label, url } = item;
-  const [version] = label.substring(1).split('-');
-  const [major, minor, patch] = version.split('.').map(Number);
+  const [major, minor, patch] = label.substring(1).split('.').map(Number);
   return { major, minor, patch, label, url };
 };
 
@@ -32,7 +31,7 @@ for (const item of versions) {
   ) {
     versions = versions.filter((item) => item.label !== version.label);
     console.log(
-      `Removed ${version.label} (replaced with ${lastVersion.label})`,
+      `Removed ${version.label} (replaced with ${lastVersion.label})`
     );
     continue;
   }
@@ -42,5 +41,5 @@ for (const item of versions) {
 
 writeFileSync(
   filename,
-  JSON.stringify([newVersion, ...versions], null, 2) + '\n',
+  JSON.stringify([newVersion, ...versions], null, 2) + '\n'
 );

misc/release/pump-version.sh

@@ -3,14 +3,12 @@
 #
 # Pump one or both of the server/mobile versions in appropriate files
 #
-# usage: './scripts/pump-version.sh -s <minor|patch|premajor|preminor|prepatch|prerelease> <-m> <true|false>
+# usage: './scripts/pump-version.sh -s <major|minor|patch> <-m> <true|false>
 #
 # examples:
-#    ./scripts/pump-version.sh -s major            # 1.0.0+50 => 2.0.0+50
-#    ./scripts/pump-version.sh -s minor -m true    # 1.0.0+50 => 1.1.0+51
-#    ./scripts/pump-version.sh -s premajor         # 1.0.0+50 => 2.0.0-rc.0+50
-#    ./scripts/pump-version.sh -s prerelease       # 2.0.0-rc.0+50 => 2.0.0-rc.1+50
-#    ./scripts/pump-version.sh -m true             # 1.0.0+50 => 1.0.0+51
+#    ./scripts/pump-version.sh -s major         # 1.0.0+50 => 2.0.0+50
+#    ./scripts/pump-version.sh -s minor -m true # 1.0.0+50 => 1.1.0+51
+#    ./scripts/pump-version.sh -m true          # 1.0.0+50 => 1.0.0+51
 #
 
 SERVER_PUMP="false"
@@ -27,15 +25,31 @@ while getopts 's:m:' flag; do
   esac
 done
 
-CURRENT_SERVER=$(jq -r '.version' package.json)
-if ! NEXT_SERVER=$(pnpm --silent pump "$CURRENT_SERVER" "$SERVER_PUMP"); then
-  echo "Fatal: failed to pump server version: $NEXT_SERVER" >&2
+CURRENT_SERVER=$(jq -r '.version' server/package.json)
+MAJOR=$(echo "$CURRENT_SERVER" | cut -d '.' -f1)
+MINOR=$(echo "$CURRENT_SERVER" | cut -d '.' -f2)
+PATCH=$(echo "$CURRENT_SERVER" | cut -d '.' -f3)
+
+if [[ $SERVER_PUMP == "major" ]]; then
+  MAJOR=$((MAJOR + 1))
+  MINOR=0
+  PATCH=0
+elif [[ $SERVER_PUMP == "minor" ]]; then
+  MINOR=$((MINOR + 1))
+  PATCH=0
+elif [[ $SERVER_PUMP == "patch" ]]; then
+  PATCH=$((PATCH + 1))
+elif [[ $SERVER_PUMP == "false" ]]; then
+  echo 'Skipping Server Pump'
+else
+  echo 'Expected <major|minor|patch|false> for the server argument'
   exit 1
 fi
 
+NEXT_SERVER=$MAJOR.$MINOR.$PATCH
+
 CURRENT_MOBILE=$(grep "^version: .*+[0-9]\+$" mobile/pubspec.yaml | cut -d "+" -f2)
 NEXT_MOBILE=$CURRENT_MOBILE
-
 if [[ $MOBILE_PUMP == "true" ]]; then
   set $((NEXT_MOBILE++))
 elif [[ $MOBILE_PUMP == "false" ]]; then
@@ -45,17 +59,15 @@ else
   exit 1
 fi
 
-
-
 if [ "$CURRENT_SERVER" != "$NEXT_SERVER" ]; then
   echo "Pumping Server: $CURRENT_SERVER => $NEXT_SERVER"
 
-  pnpm version "$NEXT_SERVER" --no-git-tag-version --no-git-checks
-  pnpm version "$NEXT_SERVER" --no-git-tag-version --no-git-checks --prefix server
-  pnpm version "$NEXT_SERVER" --no-git-tag-version --no-git-checks --prefix packages/cli
-  pnpm version "$NEXT_SERVER" --no-git-tag-version --no-git-checks --prefix web
-  pnpm version "$NEXT_SERVER" --no-git-tag-version --no-git-checks --prefix e2e
-  pnpm version "$NEXT_SERVER" --no-git-tag-version --no-git-checks --prefix packages/sdk
+  pnpm version "$NEXT_SERVER" --no-git-tag-version
+  pnpm version "$NEXT_SERVER" --no-git-tag-version --prefix server
+  pnpm version "$NEXT_SERVER" --no-git-tag-version --prefix packages/cli
+  pnpm version "$NEXT_SERVER" --no-git-tag-version --prefix web
+  pnpm version "$NEXT_SERVER" --no-git-tag-version --prefix e2e
+  pnpm version "$NEXT_SERVER" --no-git-tag-version --prefix packages/sdk
 
   # copy version to open-api spec
   mise run //:open-api
@@ -69,12 +81,10 @@ if [ "$CURRENT_MOBILE" != "$NEXT_MOBILE" ]; then
   echo "Pumping Mobile: $CURRENT_MOBILE => $NEXT_MOBILE"
 fi
 
-sed -i "s/\"android\.injected\.version\.name\" => \".*\",/\"android\.injected\.version\.name\" => \"$NEXT_SERVER\",/" mobile/android/fastlane/Fastfile
-sed -i "s/\"android\.injected\.version\.code\" => [0-9]\+,/\"android\.injected\.version\.code\" => $NEXT_MOBILE,/" mobile/android/fastlane/Fastfile
-sed -i "s/^version: .*+[0-9]\+$/version: $NEXT_SERVER+$NEXT_MOBILE/" mobile/pubspec.yaml
-# strip prerelease from CFBundleShortVersionString (deploying to testflight _is_ the prerelease)
-NEXT_SERVER_SHORT="${NEXT_SERVER%%-*}"
-perl -i -p0e "s/(<key>CFBundleShortVersionString<\/key>\s*<string>).*?(<\/string>)/\${1}$NEXT_SERVER_SHORT\${2}/s" mobile/ios/Runner/Info.plist
+sed -i "s/\"android\.injected\.version\.name\" => \"$CURRENT_SERVER\",/\"android\.injected\.version\.name\" => \"$NEXT_SERVER\",/" mobile/android/fastlane/Fastfile
+sed -i "s/\"android\.injected\.version\.code\" => $CURRENT_MOBILE,/\"android\.injected\.version\.code\" => $NEXT_MOBILE,/" mobile/android/fastlane/Fastfile
+sed -i "s/^version: $CURRENT_SERVER+$CURRENT_MOBILE$/version: $NEXT_SERVER+$NEXT_MOBILE/" mobile/pubspec.yaml
+perl -i -p0e "s/(<key>CFBundleShortVersionString<\/key>\s*<string>)$CURRENT_SERVER(<\/string>)/\${1}$NEXT_SERVER\${2}/s" mobile/ios/Runner/Info.plist
 
 
 echo "IMMICH_VERSION=v$NEXT_SERVER" >>"$GITHUB_ENV"

misc/release/pump-wrapper.js

@@ -1,7 +0,0 @@
-import { pump } from './pump.js';
-
-const [versionRaw, type] = process.argv.slice(2);
-const { message, exitCode } = pump(versionRaw, type);
-
-console.log(message);
-process.exit(exitCode);

misc/release/pump.js

@@ -1,105 +0,0 @@
-import semver, { SemVer } from 'semver';
-
-const printUsage = () => {
-  return {
-    message:
-      'Usage: ./pump_cli.js <semver> <minor|patch|premajor|preminor|prepatch|prerelease|release>',
-    exitCode: 1,
-  };
-};
-
-const isPrerelease = (version) => version.prerelease.length > 0;
-
-/**
- * @param {SemVer} version
- * @returns {boolean}
- */
-const inc = (version, type) => `v${semver.inc(version, type, {}, 'rc')}`;
-
-/** @param {string} version */
-const normalize = (version) => {
-  if (version.startsWith('v')) {
-    version = version.slice(1);
-  }
-
-  return version;
-};
-
-/**
- * @param {string} versionRaw
- * @param {string} type
- */
-export const pump = (versionRaw, type) => {
-  if (!versionRaw) {
-    return printUsage();
-  }
-
-  versionRaw = normalize(versionRaw);
-
-  const version = semver.parse(versionRaw);
-  if (!version) {
-    return printUsage();
-  }
-
-  let newVersionRaw;
-  let valid = true;
-
-  switch (type) {
-    case 'patch':
-    case 'prepatch':
-    case 'minor':
-    case 'preminor':
-    case 'premajor': {
-      newVersionRaw = inc(version, type);
-      // can only use while not in a prerelease
-      valid = !isPrerelease(version);
-      break;
-    }
-
-    case 'prerelease': {
-      newVersionRaw = inc(version, type);
-      // can only use while in a prerelease
-      valid = isPrerelease(version);
-      break;
-    }
-
-    case 'release': {
-      // drop prerelease part
-      newVersionRaw = `${version.major}.${version.minor}.${version.patch}`;
-      // can only use to promote a prerelease to a release (no version change)
-      valid = isPrerelease(version);
-      break;
-    }
-
-    default: {
-      return printUsage();
-    }
-  }
-
-  if (!newVersionRaw) {
-    return printUsage();
-  }
-
-  newVersionRaw = normalize(newVersionRaw);
-
-  const newVersion = semver.parse(newVersionRaw);
-  if (!newVersion) {
-    return printUsage();
-  }
-
-  const invalidUpgrade =
-    isPrerelease(version) &&
-    !isPrerelease(newVersion) &&
-    (version.major !== newVersion.major ||
-      version.minor !== newVersion.minor ||
-      version.patch !== newVersion.patch);
-
-  if (!valid || invalidUpgrade) {
-    return {
-      message: `Invalid pump: ${type}. Pumping from ${versionRaw} to ${newVersionRaw} is not allowed.`,
-      exitCode: 1,
-    };
-  }
-
-  return { message: newVersionRaw, exitCode: 0 };
-};

misc/release/pump.spec.js

@@ -1,87 +0,0 @@
-import { describe, expect, it } from 'vitest';
-import { pump } from './pump';
-
-describe(pump.name, () => {
-  describe('usage', () => {
-    it.each([
-      [],
-      ['2.7.5'],
-      ['2.7.5', 'invalid'],
-      ['invalid', 'patch'],
-      ['2.7.5', 'major'],
-    ])('should not accept $0, $1 as inputs', (version, type) => {
-      expect(pump(version, type)).toEqual({
-        message: expect.stringContaining('Usage: '),
-        exitCode: 1,
-      });
-    });
-  });
-
-  describe('transitions', () => {
-    const valid = [
-      {
-        name: 'patch',
-        items: [['patch', '2.7.5', '2.7.6']],
-      },
-      {
-        name: 'prepatch',
-        items: [
-          ['prepatch', '2.7.5', '2.7.6-rc.0'],
-          ['prerelease', '2.7.6-rc.0', '2.7.6-rc.1'],
-          ['release', '2.7.6-rc.1', '2.7.6'],
-        ],
-      },
-      {
-        name: 'minor',
-        items: [['minor', '2.7.5', '2.8.0']],
-      },
-      {
-        name: 'preminor',
-        items: [
-          ['preminor', '2.7.5', '2.8.0-rc.0'],
-          ['prerelease', '2.8.0-rc.0', '2.8.0-rc.1'],
-          ['release', '2.8.0-rc.1', '2.8.0'],
-        ],
-      },
-      {
-        name: 'premajor',
-        items: [
-          ['premajor', '2.7.5', '3.0.0-rc.0'],
-          ['prerelease', '3.0.0-rc.0', '3.0.0-rc.1'],
-          ['release', '3.0.0-rc.1', '3.0.0'],
-        ],
-      },
-    ];
-
-    for (const group of valid) {
-      describe(group.name, () => {
-        it.each(group.items)(
-          'should allow a $0 from $1 to $2',
-          (type, version, next) => {
-            expect(pump(version, type)).toEqual({
-              message: next,
-              exitCode: 0,
-            });
-          },
-        );
-      });
-    }
-
-    describe('invalid', () => {
-      it.each([
-        ['patch', 'v3.0.0-rc.0'],
-        ['prepatch', 'v3.0.0-rc.0'],
-        ['minor', 'v3.0.0-rc.0'],
-        ['preminor', 'v3.0.0-rc.0'],
-        ['premajor', 'v3.0.0-rc.0'],
-        ['prerelease', 'v3.0.0'],
-        ['release', 'v3.0.0'],
-      ])('should not allow a $0 on $1', (type, version) => {
-        expect(pump(version, type)).toEqual({
-          message: expect.stringContaining('Invalid pump'),
-          exitCode: 1,
-        });
-      });
-    });
-  });
-});

mise.lock

@@ -1,283 +0,0 @@
-# @generated - this file is auto-generated by `mise lock` https://mise.en.dev/dev-tools/mise-lock.html
-
-[[tools."github:extism/cli"]]
-version = "1.6.3"
-backend = "github:extism/cli"
-
-[tools."github:extism/cli"."platforms.linux-arm64"]
-checksum = "sha256:d92f830c9be39637569feacb04e9750c28848df6d9a219db94152a9b4eb9452b"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-linux-arm64.tar.gz"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694030"
-
-[tools."github:extism/cli"."platforms.linux-arm64-musl"]
-checksum = "sha256:d92f830c9be39637569feacb04e9750c28848df6d9a219db94152a9b4eb9452b"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-linux-arm64.tar.gz"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694030"
-
-[tools."github:extism/cli"."platforms.linux-x64"]
-checksum = "sha256:34e7ae9bfded6e2c32dee83f70a4e50d34f9d3e80d1762b09625fe82e214d02d"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-linux-amd64.tar.gz"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694025"
-
-[tools."github:extism/cli"."platforms.linux-x64-musl"]
-checksum = "sha256:34e7ae9bfded6e2c32dee83f70a4e50d34f9d3e80d1762b09625fe82e214d02d"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-linux-amd64.tar.gz"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694025"
-
-[tools."github:extism/cli"."platforms.macos-arm64"]
-checksum = "sha256:b4ddbc575b5ac000115247f781723f9b9f284ed87b29c600539d72161b5b29fc"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-darwin-arm64.tar.gz"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694029"
-
-[tools."github:extism/cli"."platforms.macos-x64"]
-checksum = "sha256:9a2f71b6e6009685a622cc3084e52d2a1a8e23c98d29ffa72e666e9dc699855f"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-darwin-amd64.tar.gz"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694026"
-
-[tools."github:extism/cli"."platforms.windows-x64"]
-checksum = "sha256:47e4ed2782445b2b08a4d1ac127211588f8b4d1fc25fd6481d4cb65151b5213c"
-url = "https://github.com/extism/cli/releases/download/v1.6.3/extism-v1.6.3-windows-amd64.zip"
-url_api = "https://api.github.com/repos/extism/cli/releases/assets/275694035"
-
-[[tools."github:extism/js-pdk"]]
-version = "1.6.0"
-backend = "github:extism/js-pdk"
-
-[tools."github:extism/js-pdk"."platforms.linux-arm64"]
-checksum = "sha256:15a186250e68d6bff4ec839fff275d45a90e383a69209dcc1239eb9e3aee6e1b"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-aarch64-linux-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353223214"
-
-[tools."github:extism/js-pdk"."platforms.linux-arm64-musl"]
-checksum = "sha256:15a186250e68d6bff4ec839fff275d45a90e383a69209dcc1239eb9e3aee6e1b"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-aarch64-linux-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353223214"
-
-[tools."github:extism/js-pdk"."platforms.linux-x64"]
-checksum = "sha256:4ded271ccf465031ccd0dc35e7a140e134d7f30721671cc4a8e1ff805d4aad68"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-x86_64-linux-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353223119"
-
-[tools."github:extism/js-pdk"."platforms.linux-x64-musl"]
-checksum = "sha256:4ded271ccf465031ccd0dc35e7a140e134d7f30721671cc4a8e1ff805d4aad68"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-x86_64-linux-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353223119"
-
-[tools."github:extism/js-pdk"."platforms.macos-arm64"]
-checksum = "sha256:548e25bda3971a07c32d78a249135cf8cb7b3eede101e878e06e53e01ac2e0ce"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-aarch64-macos-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353223215"
-
-[tools."github:extism/js-pdk"."platforms.macos-x64"]
-checksum = "sha256:d85a875c2a071f0c29fe572764c52c3a499f157ab7f9efac8939a4364390e29b"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-x86_64-macos-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353223239"
-
-[tools."github:extism/js-pdk"."platforms.windows-x64"]
-checksum = "sha256:97b7b746141e4777e1ca2b76febdeb16dc9d314ff6a4257df05a476b67228acc"
-url = "https://github.com/extism/js-pdk/releases/download/v1.6.0/extism-js-x86_64-windows-v1.6.0.gz"
-url_api = "https://api.github.com/repos/extism/js-pdk/releases/assets/353224133"
-
-[[tools."github:jellyfin/jellyfin-ffmpeg"]]
-version = "7.1.3-6"
-backend = "github:jellyfin/jellyfin-ffmpeg"
-
-[tools."github:jellyfin/jellyfin-ffmpeg".options]
-asset_pattern = "jellyfin-ffmpeg_*_portable_linuxarm64-gpl.tar.xz"
-
-[[tools."github:webassembly/binaryen"]]
-version = "version_124"
-backend = "github:webassembly/binaryen"
-
-[tools."github:webassembly/binaryen"."platforms.linux-arm64"]
-checksum = "sha256:6291bd9a57d8e046f3bc099a4db386c147433a87f71c783a901c5b1792e38de3"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-aarch64-linux.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288927659"
-
-[tools."github:webassembly/binaryen"."platforms.linux-arm64-musl"]
-checksum = "sha256:6291bd9a57d8e046f3bc099a4db386c147433a87f71c783a901c5b1792e38de3"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-aarch64-linux.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288927659"
-
-[tools."github:webassembly/binaryen"."platforms.linux-x64"]
-checksum = "sha256:0290c3779fedf592b8da0ded3032ff55c41a2b7bfa2d6bf7b7bac6f0e6e28963"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-x86_64-linux.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288926769"
-
-[tools."github:webassembly/binaryen"."platforms.linux-x64-musl"]
-checksum = "sha256:0290c3779fedf592b8da0ded3032ff55c41a2b7bfa2d6bf7b7bac6f0e6e28963"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-x86_64-linux.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288926769"
-
-[tools."github:webassembly/binaryen"."platforms.macos-arm64"]
-checksum = "sha256:86a2c960ff62c6d2ea6009d1f89745c22c70100d394a095eab45eb941bdaa24c"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-arm64-macos.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288926134"
-
-[tools."github:webassembly/binaryen"."platforms.macos-x64"]
-checksum = "sha256:b389bb0731758d86c3cb266d01d28a12725c23bd3cabc3df34faa162af0887e9"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-x86_64-macos.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288926135"
-
-[tools."github:webassembly/binaryen"."platforms.windows-x64"]
-checksum = "sha256:b5e1d2a1ad3c03229ddc89823848f4a1c11f9c6402a51fa26f0aaa5f1d7a2203"
-url = "https://github.com/WebAssembly/binaryen/releases/download/version_124/binaryen-version_124-x86_64-windows.tar.gz"
-url_api = "https://api.github.com/repos/WebAssembly/binaryen/releases/assets/288925833"
-
-[[tools.java]]
-version = "21.0.2"
-backend = "core:java"
-
-[tools.java."platforms.linux-arm64"]
-checksum = "sha256:08db1392a48d4eb5ea5315cf8f18b89dbaf36cda663ba882cf03c704c9257ec2"
-url = "https://download.java.net/java/GA/jdk21.0.2/f2283984656d49d69e91c558476027ac/13/GPL/openjdk-21.0.2_linux-aarch64_bin.tar.gz"
-
-[tools.java."platforms.linux-x64"]
-checksum = "sha256:a2def047a73941e01a73739f92755f86b895811afb1f91243db214cff5bdac3f"
-url = "https://download.java.net/java/GA/jdk21.0.2/f2283984656d49d69e91c558476027ac/13/GPL/openjdk-21.0.2_linux-x64_bin.tar.gz"
-
-[tools.java."platforms.macos-arm64"]
-checksum = "sha256:b3d588e16ec1e0ef9805d8a696591bd518a5cea62567da8f53b5ce32d11d22e4"
-url = "https://download.java.net/java/GA/jdk21.0.2/f2283984656d49d69e91c558476027ac/13/GPL/openjdk-21.0.2_macos-aarch64_bin.tar.gz"
-
-[tools.java."platforms.macos-x64"]
-checksum = "sha256:8fd09e15dc406387a0aba70bf5d99692874e999bf9cd9208b452b5d76ac922d3"
-url = "https://download.java.net/java/GA/jdk21.0.2/f2283984656d49d69e91c558476027ac/13/GPL/openjdk-21.0.2_macos-x64_bin.tar.gz"
-
-[tools.java."platforms.windows-x64"]
-checksum = "sha256:b6c17e747ae78cdd6de4d7532b3164b277daee97c007d3eaa2b39cca99882664"
-url = "https://download.java.net/java/GA/jdk21.0.2/f2283984656d49d69e91c558476027ac/13/GPL/openjdk-21.0.2_windows-x64_bin.zip"
-
-[[tools.node]]
-version = "24.15.0"
-backend = "core:node"
-
-[tools.node."platforms.linux-arm64"]
-checksum = "sha256:73afc234d558c24919875f51c2d1ea002a2ada4ea6f83601a383869fefa64eed"
-url = "https://nodejs.org/dist/v24.15.0/node-v24.15.0-linux-arm64.tar.gz"
-
-[tools.node."platforms.linux-arm64-musl"]
-checksum = "sha256:31e98aa960a067da91edffd5d93bc46657b5d2a8029612c359f5f2ac0060152a"
-url = "https://unofficial-builds.nodejs.org/download/release/v24.15.0/node-v24.15.0-linux-arm64-musl.tar.gz"
-
-[tools.node."platforms.linux-x64"]
-checksum = "sha256:44836872d9aec49f1e6b52a9a922872db9a2b02d235a616a5681b6a85fec8d89"
-url = "https://nodejs.org/dist/v24.15.0/node-v24.15.0-linux-x64.tar.gz"
-
-[tools.node."platforms.linux-x64-musl"]
-checksum = "sha256:f55af5bd489c5347b113ca6594cae00a54b30ba57ac5875324311bfc6f4762e3"
-url = "https://unofficial-builds.nodejs.org/download/release/v24.15.0/node-v24.15.0-linux-x64-musl.tar.gz"
-
-[tools.node."platforms.macos-arm64"]
-checksum = "sha256:372331b969779ab5d15b949884fc6eaf88d5afe87bde8ba881d6400b9100ffc4"
-url = "https://nodejs.org/dist/v24.15.0/node-v24.15.0-darwin-arm64.tar.gz"
-
-[tools.node."platforms.macos-x64"]
-checksum = "sha256:ffd5ee293467927f3ee731a553eb88fd1f48cf74eebc2d74a6babe4af228673b"
-url = "https://nodejs.org/dist/v24.15.0/node-v24.15.0-darwin-x64.tar.gz"
-
-[tools.node."platforms.windows-x64"]
-checksum = "sha256:cc5149eabd53779ce1e7bdc5401643622d0c7e6800ade18928a767e940bb0e62"
-url = "https://nodejs.org/dist/v24.15.0/node-v24.15.0-win-x64.zip"
-
-[[tools."npm:oazapfts"]]
-version = "7.5.0"
-backend = "npm:oazapfts"
-
-[[tools.opentofu]]
-version = "1.11.6"
-backend = "aqua:opentofu/opentofu"
-
-[tools.opentofu."platforms.linux-arm64"]
-checksum = "sha256:d4f2ab15776925864b049bb329d69682851de6f5204f256e9fa86d07a0308850"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_arm64.tar.gz"
-
-[tools.opentofu."platforms.linux-arm64-musl"]
-checksum = "sha256:d4f2ab15776925864b049bb329d69682851de6f5204f256e9fa86d07a0308850"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_arm64.tar.gz"
-
-[tools.opentofu."platforms.linux-x64"]
-checksum = "sha256:02800fafa2753a9f50c38483e2fdf5bc353fd62895eb9e25eec9a5145df3a69e"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_amd64.tar.gz"
-
-[tools.opentofu."platforms.linux-x64-musl"]
-checksum = "sha256:02800fafa2753a9f50c38483e2fdf5bc353fd62895eb9e25eec9a5145df3a69e"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_linux_amd64.tar.gz"
-
-[tools.opentofu."platforms.macos-arm64"]
-checksum = "sha256:62d7fa8539e13b444827aa0a3b90c5972da5c47e8f8882d9dcf2e430e78840c1"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_darwin_arm64.tar.gz"
-
-[tools.opentofu."platforms.macos-x64"]
-checksum = "sha256:1408cdef1c380f914565e6b4bb70794c6b163f195fcb233357f3d6c5745906b6"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_darwin_amd64.tar.gz"
-
-[tools.opentofu."platforms.windows-x64"]
-checksum = "sha256:27323f70c875b8251bfd7e61a4cffc3ebff4e56ed1e611b955016f0c7077367e"
-url = "https://github.com/opentofu/opentofu/releases/download/v1.11.6/tofu_1.11.6_windows_amd64.tar.gz"
-
-[[tools.pnpm]]
-version = "11.5.2"
-backend = "aqua:pnpm/pnpm"
-
-[tools.pnpm."platforms.linux-arm64"]
-checksum = "sha256:7fef0c74081135d777754fccf25272f698e504b26ba0568504846c0cea402f8f"
-url = "https://github.com/pnpm/pnpm/releases/download/v11.5.2/pnpm-linux-arm64.tar.gz"
-provenance = "github-attestations"
-
-[tools.pnpm."platforms.linux-arm64-musl"]
-checksum = "sha256:843beed7bca760276d29f8950ca219600995d345dbc93fad8150b3e5f83b74d4"
-url = "https://github.com/pnpm/pnpm/releases/download/v11.5.2/pnpm-linux-arm64-musl.tar.gz"
-provenance = "github-attestations"
-
-[tools.pnpm."platforms.linux-x64"]
-checksum = "sha256:2033a702618c8576dc6bb0f6adb3a67ab506031351ddd59ca50d1bcaf5d13dc5"
-url = "https://github.com/pnpm/pnpm/releases/download/v11.5.2/pnpm-linux-x64.tar.gz"
-provenance = "github-attestations"
-
-[tools.pnpm."platforms.linux-x64-musl"]
-checksum = "sha256:0b794b23461c7475f7ffc29c4945692838b51ddadd857a2ace8edf0018798305"
-url = "https://github.com/pnpm/pnpm/releases/download/v11.5.2/pnpm-linux-x64-musl.tar.gz"
-provenance = "github-attestations"
-
-[tools.pnpm."platforms.macos-arm64"]
-checksum = "sha256:54993dae26bea0f3c1b0e15f9427f6f6a86827d56f32d1d1554d8cda59a62399"
-url = "https://github.com/pnpm/pnpm/releases/download/v11.5.2/pnpm-darwin-arm64.tar.gz"
-provenance = "github-attestations"
-
-[tools.pnpm."platforms.windows-x64"]
-checksum = "sha256:b3ddff2c2bf87d3996fadf074bac58cd2259f718a17912a04ae930e3775b30e9"
-url = "https://github.com/pnpm/pnpm/releases/download/v11.5.2/pnpm-win32-x64.zip"
-provenance = "github-attestations"
-
-[[tools.terragrunt]]
-version = "1.0.3"
-backend = "aqua:gruntwork-io/terragrunt"
-
-[tools.terragrunt."platforms.linux-arm64"]
-checksum = "sha256:e5b60ab05b5214db694e6bc215d8124fb626e277cdb56b86f6147ae110d510fe"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_arm64.tar.gz"
-
-[tools.terragrunt."platforms.linux-arm64-musl"]
-checksum = "sha256:e5b60ab05b5214db694e6bc215d8124fb626e277cdb56b86f6147ae110d510fe"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_arm64.tar.gz"
-
-[tools.terragrunt."platforms.linux-x64"]
-checksum = "sha256:6d48049baf82e0bf9c804368dc85cbfeadc10955e33777e9e8de3e020b94b073"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_amd64.tar.gz"
-
-[tools.terragrunt."platforms.linux-x64-musl"]
-checksum = "sha256:6d48049baf82e0bf9c804368dc85cbfeadc10955e33777e9e8de3e020b94b073"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_linux_amd64.tar.gz"
-
-[tools.terragrunt."platforms.macos-arm64"]
-checksum = "sha256:aacb5be2ca5475300cbce246dfbd8a45eb47510fbaa70fab8561c49ef5db03aa"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_darwin_arm64.tar.gz"
-
-[tools.terragrunt."platforms.macos-x64"]
-checksum = "sha256:3133c2251e191aede8e3dd2a5b3aee2e91c5f08f88f117aee40eed9a24c8ef6b"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_darwin_amd64.tar.gz"
-
-[tools.terragrunt."platforms.windows-x64"]
-checksum = "sha256:183b2745b4e04980a6bfa4450ff81956a12596ca22d70f7aaa793980f5b036db"
-url = "https://github.com/gruntwork-io/terragrunt/releases/download/v1.0.3/terragrunt_windows_amd64.exe.tar.gz"

mise.toml

@@ -16,14 +16,27 @@ config_roots = [
 
 [tools]
 node = "24.15.0"
-pnpm = "11.5.2"
+flutter = "3.41.9"
+pnpm = "10.33.1"
 terragrunt = "1.0.3"
 opentofu = "1.11.6"
+java = "21.0.2"
 "npm:oazapfts" = "7.5.0"
 "github:extism/cli" = "1.6.3"
 "github:webassembly/binaryen" = "version_124"
 "github:extism/js-pdk" = "1.6.0"
-java = "21.0.2"
+
+[tools."github:CQLabs/homebrew-dcm"]
+version = "1.37.0"
+bin = "dcm"
+postinstall = "chmod +x \"$MISE_TOOL_INSTALL_PATH/dcm\" || true"
+
+[tools."github:CQLabs/homebrew-dcm".platforms]
+linux-x64 = { asset_pattern = "dcm-linux-x64-release.zip" }
+linux-arm64 = { asset_pattern = "dcm-linux-arm-release.zip" }
+macos-x64 = { asset_pattern = "dcm-macos-x64-release.zip" }
+macos-arm64 = { asset_pattern = "dcm-macos-arm-release.zip" }
+windows-x64 = { asset_pattern = "dcm-windows-release.zip" }
 
 [tools."github:jellyfin/jellyfin-ffmpeg"]
 version = "7.1.3-6"
@@ -37,12 +50,11 @@ macos-arm64 = { asset_pattern = "jellyfin-ffmpeg_*_portable_macarm64-gpl.tar.xz"
 [settings]
 experimental = true
 pin = true
-lockfile = true
 
 [tasks.plugins]
 run = [
-  "pnpm --filter @immich/sdk --filter @immich/plugin-sdk --filter @immich/plugin-core install --frozen-lockfile",
-  "pnpm --filter @immich/sdk --filter @immich/plugin-sdk --filter @immich/plugin-core build",
+  "pnpm --filter @immich/plugin-sdk --filter @immich/plugin-core install --frozen-lockfile",
+  "pnpm --filter @immich/plugin-sdk --filter @immich/plugin-core build"
 ]
 
 [tasks.open-api-typescript]
@@ -60,83 +72,18 @@ run = "bash ./bin/generate-dart-sdk.sh"
 env = { SHARP_IGNORE_GLOBAL_LIBVIPS = true }
 run = [
   { task = "//:plugins" },
+  { task = "//server:build" },
   { task = "//server:install" },
   { task = "//server:build" },
   { task = "//server:sync-open-api" },
-  { task = ":open-api-typescript" },
-  { task = ":open-api-dart" },
+  { task = ":open-api-typescript"},
+  { task = ":open-api-dart"},
 ]
 
 [tasks.sql]
 dir = "server"
 run = "node ./dist/bin/sync-sql.js"
 
-# TODO dev, prod, and e2e should be de-duplicated by using env but for some reason I ran into issues
-[tasks.dev]
-depends = "//:plugins"
-dir = "docker"
-interactive = true
-env = { COMPOSE_BAKE = true }
-run = "docker compose -f ./docker-compose.dev.yml up --remove-orphans"
-depends_post = "//:dev-down"
-
-[tasks.dev-update]
-run = { task = "//:dev", args = ["--build", "-V"] }
-
-[tasks.dev-scale]
-run = { task = "//:dev", args = ["--build", "-V", "--scale immich-server=3"] }
-
-[tasks.dev-down]
-dir = "docker"
-run = "docker compose -f ./docker-compose.dev.yml down --remove-orphans"
-
-[tasks.prod]
-depends = "//:plugins"
-dir = "docker"
-interactive = true
-env = { COMPOSE_BAKE = true }
-run = "docker compose -f ./docker-compose.prod.yml up --build --remove-orphans"
-depends_post = "//:prod-down"
-
-[tasks.prod-scale]
-run = { task = "//:prod", args = [
-  "--build",
-  "-V",
-  "--scale immich-server=3",
-  "--scale immich-microservices",
-] }
-
-[tasks.prod-down]
-dir = "docker"
-run = "docker compose -f ./docker-compose.prod.yml down --remove-orphans"
-
-[tasks.e2e]
-depends = "//:plugins"
-dir = "e2e"
-interactive = true
-env = { COMPOSE_BAKE = true }
-run = "docker compose -f ./docker-compose.yml up --remove-orphans"
-depends_post = "//:e2e-down"
-
-[tasks.e2e-dev]
-depends = "//:plugins"
-dir = "e2e"
-interactive = true
-env = { COMPOSE_BAKE = true }
-run = "docker compose -f ./docker-compose.dev.yml up --remove-orphans"
-depends_post = "//:e2e-dev-down"
-
-[tasks.e2e-update]
-run = { task = "//:e2e", args = ["--build", '-V'] }
-
-[tasks.e2e-down]
-dir = "e2e"
-run = "docker compose -f ./docker-compose.yml down --remove-orphans"
-
-[tasks.e2e-dev-down]
-dir = "e2e"
-run = "docker compose -f ./docker-compose.dev.yml down --remove-orphans"
-
 # SDK tasks
 [tasks."sdk:install"]
 dir = "packages/sdk"
@@ -152,14 +99,3 @@ run = "pnpm format"
 
 [tasks."i18n:format-fix"]
 run = "pnpm format:fix"
-
-[tasks.clean]
-run = [
-  "find . -name 'node_modules' -type d -prune -exec rm -rf '{}' +",
-  "find . -name 'dist' -type d -prune -exec rm -rf '{}' +",
-  "find . -name 'build' -type d -prune -exec rm -rf '{}' +",
-  "find . -name '.svelte-kit' -type d -prune -exec rm -rf '{}' +",
-  "find . -name 'coverage' -type d -prune -exec rm -rf '{}' +",
-  "find . -name '.pnpm-store' -type d -prune -exec rm -rf '{}' +",
-  { task = "//:*-down" },
-]

mobile/.vscode/settings.json

@@ -1,4 +1,5 @@
 {
+  "dart.flutterSdkPath": ".fvm/versions/3.41.9",
   "dart.lineLength": 120,
   "[dart]": {
     "editor.rulers": [

mobile/android/app/src/main/AndroidManifest.xml

@@ -89,20 +89,6 @@
         <data android:mimeType="video/*" />
       </intent-filter>
 
-      <!-- Allow Immich to act as an image viewer -->
-      <intent-filter android:label="View in Immich">
-        <action android:name="android.intent.action.VIEW" />
-        <category android:name="android.intent.category.DEFAULT" />
-        <data android:scheme="content" android:mimeType="image/*" />
-      </intent-filter>
-
-      <!-- Allow Immich to act as a video viewer -->
-      <intent-filter android:label="View in Immich">
-        <action android:name="android.intent.action.VIEW" />
-        <category android:name="android.intent.category.DEFAULT" />
-        <data android:scheme="content" android:mimeType="video/*" />
-      </intent-filter>
-
       <!-- immich:// URL scheme handling -->
       <intent-filter>
         <action android:name="android.intent.action.VIEW" />

mobile/android/app/src/main/kotlin/app/alextran/immich/MainActivity.kt

@@ -1,7 +1,6 @@
 package app.alextran.immich
 
 import android.content.Context
-import android.content.Intent
 import android.os.Build
 import android.os.ext.SdkExtensions
 import app.alextran.immich.background.BackgroundEngineLock
@@ -18,12 +17,9 @@ import app.alextran.immich.images.LocalImageApi
 import app.alextran.immich.images.LocalImagesImpl
 import app.alextran.immich.images.RemoteImageApi
 import app.alextran.immich.images.RemoteImagesImpl
-import app.alextran.immich.permission.PermissionApi
-import app.alextran.immich.permission.PermissionApiImpl
 import app.alextran.immich.sync.NativeSyncApi
 import app.alextran.immich.sync.NativeSyncApiImpl26
 import app.alextran.immich.sync.NativeSyncApiImpl30
-import app.alextran.immich.viewintent.ViewIntentPlugin
 import io.flutter.embedding.android.FlutterFragmentActivity
 import io.flutter.embedding.engine.FlutterEngine
 
@@ -33,11 +29,6 @@ class MainActivity : FlutterFragmentActivity() {
     registerPlugins(this, flutterEngine)
   }
 
-  override fun onNewIntent(intent: Intent) {
-    super.onNewIntent(intent)
-    setIntent(intent)
-  }
-
   companion object {
     fun registerPlugins(ctx: Context, flutterEngine: FlutterEngine) {
       HttpClientManager.initialize(ctx)
@@ -53,19 +44,15 @@ class MainActivity : FlutterFragmentActivity() {
         } else {
           NativeSyncApiImpl30(ctx)
         }
-      val permissionApiImpl = PermissionApiImpl(ctx)
       NativeSyncApi.setUp(messenger, nativeSyncApiImpl)
-      PermissionApi.setUp(messenger, permissionApiImpl)
       LocalImageApi.setUp(messenger, LocalImagesImpl(ctx))
       RemoteImageApi.setUp(messenger, RemoteImagesImpl(ctx))
 
       BackgroundWorkerFgHostApi.setUp(messenger, BackgroundWorkerApiImpl(ctx))
       ConnectivityApi.setUp(messenger, ConnectivityApiImpl(ctx))
 
-      flutterEngine.plugins.add(ViewIntentPlugin())
       flutterEngine.plugins.add(backgroundEngineLockImpl)
       flutterEngine.plugins.add(nativeSyncApiImpl)
-      flutterEngine.plugins.add(permissionApiImpl)
     }
 
     fun cancelPlugins(flutterEngine: FlutterEngine) {
@@ -73,8 +60,6 @@ class MainActivity : FlutterFragmentActivity() {
         flutterEngine.plugins.get(NativeSyncApiImpl26::class.java) as ImmichPlugin?
           ?: flutterEngine.plugins.get(NativeSyncApiImpl30::class.java) as ImmichPlugin?
       nativeApi?.detachFromEngine()
-      val permissionApi = flutterEngine.plugins.get(PermissionApiImpl::class.java) as ImmichPlugin?
-      permissionApi?.detachFromEngine()
     }
   }
 }

mobile/android/app/src/main/kotlin/app/alextran/immich/background/BackgroundWorker.kt

@@ -69,7 +69,7 @@ class BackgroundWorker(context: Context, params: WorkerParameters) :
 
     val notificationChannel = NotificationChannel(
       NOTIFICATION_CHANNEL_ID,
-      ctx.getString(R.string.background_worker_notification_channel_name),
+      NOTIFICATION_CHANNEL_ID,
       NotificationManager.IMPORTANCE_LOW
     )
     notificationManager.createNotificationChannel(notificationChannel)

mobile/android/app/src/main/kotlin/app/alextran/immich/core/Network.g.kt

@@ -315,7 +315,6 @@ interface NetworkApi {
   fun hasCertificate(): Boolean
   fun getClientPointer(): Long
   fun setRequestHeaders(headers: Map<String, String>, serverUrls: List<String>, token: String?)
-  fun getAppGroupId(): String
 
   companion object {
     /** The codec used by NetworkApi. */
@@ -431,21 +430,6 @@ interface NetworkApi {
           channel.setMessageHandler(null)
         }
       }
-      run {
-        val channel = BasicMessageChannel<Any?>(binaryMessenger, "dev.flutter.pigeon.immich_mobile.NetworkApi.getAppGroupId$separatedMessageChannelSuffix", codec)
-        if (api != null) {
-          channel.setMessageHandler { _, reply ->
-            val wrapped: List<Any?> = try {
-              listOf(api.getAppGroupId())
-            } catch (exception: Throwable) {
-              NetworkPigeonUtils.wrapError(exception)
-            }
-            reply.reply(wrapped)
-          }
-        } else {
-          channel.setMessageHandler(null)
-        }
-      }
     }
   }
 }