feat: modal routes

.github/.nvmrc

@@ -1 +1 @@
-24.13.0
+24.11.1

.github/workflows/build-mobile.yml

@@ -30,6 +30,18 @@ on:
         required: true
       IOS_CERTIFICATE_PASSWORD:
         required: true
+      IOS_PROVISIONING_PROFILE:
+        required: true
+      IOS_PROVISIONING_PROFILE_SHARE_EXTENSION:
+        required: true
+      IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION:
+        required: true
+      IOS_DEVELOPMENT_PROVISIONING_PROFILE:
+        required: true
+      IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION:
+        required: true
+      IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION:
+        required: true
       FASTLANE_TEAM_ID:
         required: true
   pull_request:
@@ -84,7 +96,7 @@ jobs:
           app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           ref: ${{ inputs.ref || github.sha }}
           persist-credentials: false
@@ -103,7 +115,7 @@ jobs:
 
       - name: Restore Gradle Cache
         id: cache-gradle-restore
-        uses: actions/cache/restore@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         with:
           path: |
             ~/.gradle/caches
@@ -153,14 +165,14 @@ jobs:
           fi
 
       - name: Publish Android Artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: release-apk-signed
           path: mobile/build/app/outputs/flutter-apk/*.apk
 
       - name: Save Gradle Cache
         id: cache-gradle-save
-        uses: actions/cache/save@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         if: github.ref == 'refs/heads/main'
         with:
           path: |
@@ -182,7 +194,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
         with:
           ref: ${{ inputs.ref || github.sha }}
           persist-credentials: false
@@ -228,14 +240,35 @@ jobs:
           mkdir -p ~/.appstoreconnect/private_keys
           echo "$API_KEY_CONTENT" | base64 --decode > ~/.appstoreconnect/private_keys/AuthKey_${API_KEY_ID}.p8
 
-      - name: Import Certificate
+      - name: Import Certificate and Provisioning Profiles
         env:
           IOS_CERTIFICATE_P12: ${{ secrets.IOS_CERTIFICATE_P12 }}
+          IOS_CERTIFICATE_PASSWORD: ${{ secrets.IOS_CERTIFICATE_PASSWORD }}
+          IOS_PROVISIONING_PROFILE: ${{ secrets.IOS_PROVISIONING_PROFILE }}
+          IOS_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_SHARE_EXTENSION }}
+          IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION }}
+          IOS_DEVELOPMENT_PROVISIONING_PROFILE: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE }}
+          IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION }}
+          IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION: ${{ secrets.IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION }}
+          ENVIRONMENT: ${{ inputs.environment || 'development' }}
         working-directory: ./mobile/ios
         run: |
           # Decode certificate
           echo "$IOS_CERTIFICATE_P12" | base64 --decode > certificate.p12
 
+          # Decode provisioning profiles based on environment
+          if [[ "$ENVIRONMENT" == "development" ]]; then
+            echo "$IOS_DEVELOPMENT_PROVISIONING_PROFILE" | base64 --decode > profile_dev.mobileprovision
+            echo "$IOS_DEVELOPMENT_PROVISIONING_PROFILE_SHARE_EXTENSION" | base64 --decode > profile_dev_share.mobileprovision
+            echo "$IOS_DEVELOPMENT_PROVISIONING_PROFILE_WIDGET_EXTENSION" | base64 --decode > profile_dev_widget.mobileprovision
+            ls -lh profile_dev*.mobileprovision
+          else
+            echo "$IOS_PROVISIONING_PROFILE" | base64 --decode > profile.mobileprovision
+            echo "$IOS_PROVISIONING_PROFILE_SHARE_EXTENSION" | base64 --decode > profile_share.mobileprovision
+            echo "$IOS_PROVISIONING_PROFILE_WIDGET_EXTENSION" | base64 --decode > profile_widget.mobileprovision
+            ls -lh profile*.mobileprovision
+          fi
+
       - name: Create keychain and import certificate
         env:
           KEYCHAIN_PASSWORD: ${{ secrets.IOS_CERTIFICATE_PASSWORD }}
@@ -286,7 +319,7 @@ jobs:
           security delete-keychain build.keychain || true
 
       - name: Upload IPA artifact
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: ios-release-ipa
           path: mobile/ios/Runner.ipa

.github/workflows/cache-cleanup.yml

@@ -25,7 +25,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Check out code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}

.github/workflows/cli.yml

@@ -35,7 +35,7 @@ jobs:
           app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -78,7 +78,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -87,7 +87,7 @@ jobs:
         uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0

.github/workflows/close-duplicates.yml

@@ -35,7 +35,7 @@ jobs:
     needs: [get_body, should_run]
     if: ${{ needs.should_run.outputs.should_run == 'true' }}
     container:
-      image: ghcr.io/immich-app/mdq:main@sha256:ab9f163cd5d5cec42704a26ca2769ecf3f10aa8e7bae847f1d527cdf075946e6
+      image: ghcr.io/immich-app/mdq:main@sha256:237cdae7783609c96f18037a513d38088713cf4a2e493a3aa136d0c45490749a
     outputs:
       checked: ${{ steps.get_checkbox.outputs.checked }}
     steps:

.github/workflows/codeql-analysis.yml

@@ -50,14 +50,14 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -70,7 +70,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -83,6 +83,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           category: '/language:${{matrix.language}}'

.github/workflows/docs-build.yml

@@ -60,11 +60,10 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
-          fetch-depth: 0
 
       - name: Setup pnpm
         uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
@@ -86,7 +85,7 @@ jobs:
         run: pnpm build
 
       - name: Upload build output
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: docs-build-output
           path: docs/build/

.github/workflows/docs-deploy.yml

@@ -125,13 +125,13 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@b868e6e7c8cc212beec876330b4059e661ee44bb # use-mise-action-v1.1.1
+        uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
 
       - name: Load parameters
         id: parameters

.github/workflows/docs-destroy.yml

@@ -23,13 +23,13 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
 
       - name: Setup Mise
-        uses: immich-app/devtools/actions/use-mise@b868e6e7c8cc212beec876330b4059e661ee44bb # use-mise-action-v1.1.1
+        uses: immich-app/devtools/actions/use-mise@cd24790a7f5f6439ac32cc94f5523cb2de8bfa8c # use-mise-action-v1.1.0
 
       - name: Destroy Docs Subdomain
         env:

.github/workflows/fix-format.yml

@@ -22,7 +22,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: 'Checkout'
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           ref: ${{ github.event.pull_request.head.ref }}
           token: ${{ steps.generate-token.outputs.token }}

.github/workflows/prepare-release.yml

@@ -56,14 +56,14 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           token: ${{ steps.generate-token.outputs.token }}
           persist-credentials: true
           ref: main
 
       - name: Install uv
-        uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
+        uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4
 
       - name: Setup pnpm
         uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
@@ -136,13 +136,13 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           token: ${{ steps.generate-token.outputs.token }}
           persist-credentials: false
 
       - name: Download APK
-        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: release-apk-signed
           github-token: ${{ steps.generate-token.outputs.token }}

.github/workflows/release-pr.yml

@@ -23,14 +23,14 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           token: ${{ steps.generate-token.outputs.token }}
           persist-credentials: true
           ref: main
 
       - name: Install uv
-        uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
+        uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4
 
       - name: Setup pnpm
         uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
@@ -159,7 +159,7 @@ jobs:
 
       - name: Create PR
         id: create-pr
-        uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
+        uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7.0.11
         with:
           token: ${{ steps.generate-token.outputs.token }}
           commit-message: 'chore: release ${{ steps.bump-type.outputs.next }}'

.github/workflows/release.yml

@@ -58,7 +58,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           token: ${{ steps.generate-token.outputs.token }}
           persist-credentials: false
@@ -74,7 +74,7 @@ jobs:
           echo "version=$VERSION" >> $GITHUB_OUTPUT
 
       - name: Download APK
-        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: release-apk-signed
           github-token: ${{ steps.generate-token.outputs.token }}

.github/workflows/sdk.yml

@@ -22,7 +22,7 @@ jobs:
           app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}

.github/workflows/static_analysis.yml

@@ -55,7 +55,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}

.github/workflows/test.yml

@@ -69,7 +69,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -114,7 +114,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -161,7 +161,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -203,7 +203,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -247,7 +247,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -285,7 +285,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -298,9 +298,9 @@ jobs:
           cache: 'pnpm'
           cache-dependency-path: '**/pnpm-lock.yaml'
       - name: Install dependencies
-        run: pnpm --filter=immich-i18n install --frozen-lockfile
+        run: pnpm --filter=immich-web install --frozen-lockfile
       - name: Format
-        run: pnpm --filter=immich-i18n format:fix
+        run: pnpm --filter=immich-web format:i18n
       - name: Find file changes
         uses: tj-actions/verify-changed-files@a1c6acee9df209257a246f2cc6ae8cb6581c1edf # v20.0.4
         id: verify-changed-files
@@ -333,7 +333,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -379,7 +379,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           submodules: 'recursive'
@@ -418,7 +418,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           submodules: 'recursive'
@@ -473,7 +473,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           submodules: 'recursive'
@@ -505,7 +505,7 @@ jobs:
         run: npx playwright test
         if: ${{ !cancelled() }}
       - name: Archive test results
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         if: success() || failure()
         with:
           name: e2e-web-test-results-${{ matrix.runner }}
@@ -534,7 +534,7 @@ jobs:
           app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -566,14 +566,17 @@ jobs:
           app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
       - name: Install uv
-        uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
-        with:
-          python-version: 3.11
+        uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4
+      - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
+        # TODO: add caching when supported (https://github.com/actions/setup-python/pull/818)
+        # with:
+        #   python-version: 3.11
+        #   cache: 'uv'
       - name: Install dependencies
         run: |
           uv sync --extra cpu
@@ -607,7 +610,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -636,7 +639,7 @@ jobs:
           app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }}
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -658,7 +661,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}
@@ -720,7 +723,7 @@ jobs:
           private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }}
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
           token: ${{ steps.token.outputs.token }}

CONTRIBUTING.md

@@ -1,31 +0,0 @@
-# Contributing to Immich
-
-We appreciate every contribution, and we're happy about every new contributor. So please feel invited to help make Immich a better product!
-
-## Getting started
-
-To get you started quickly we have detailed guides for the dev setup on our [website](https://docs.immich.app/developer/setup). If you prefer, you can also use [Devcontainers](https://docs.immich.app/developer/devcontainers).
-There are also additional resources about Immich's architecture, database migrations, the use of OpenAPI, and more in our [developer documentation](https://docs.immich.app/developer/architecture).
-
-## General
-
-Please try to keep pull requests as focused as possible. A PR should do exactly one thing and not bleed into other, unrelated areas. The smaller a PR, the fewer changes are likely needed, and the quicker it will likely be merged. For larger/more impactful PRs, please reach out to us first to discuss your plans. The best way to do this is through our [Discord](https://discord.immich.app). We have a dedicated `#contributing` channel there. Additionally, please fill out the entire template when opening a PR.
-
-## Finding work
-
-If you are looking for something to work on, there are discussions and issues with a `good-first-issue` label on them. These are always a good starting point. If none of them sound interesting or fit your skill set, feel free to reach out on our Discord. We're happy to help you find something to work on!
-
-## Use of generative AI
-
-We generally discourage PRs entirely generated by an LLM. For any part generated by an LLM, please put extra effort into your self-review. By using generative AI without proper self-review, the time you save ends up being more work we need to put in for proper reviews and code cleanup. Please keep that in mind when submitting code by an LLM. Clearly state the use of LLMs/(generative) AI in your pull request as requested by the template.
-
-## Feature freezes
-
-From time to time, we put a feature freeze on parts of the codebase. For us, this means we won't accept most PRs that make changes in that area. Exempted from this are simple bug fixes that require only minor changes. We will close feature PRs that target a feature-frozen area, even if that feature is highly requested and you put a lot of work into it. Please keep that in mind, and if you're ever uncertain if a PR would be accepted, reach out to us first (e.g., in the aforementioned `#contributing` channel). We hate to throw away work. Currently, we have feature freezes on:
-
-* Sharing/Asset ownership
-* (External) libraries
-
-## Non-code contributions
-
-If you want to contribute to Immich but you don't feel comfortable programming in our tech stack, there are other ways you can help the team. All our translations are done through [Weblate](https://hosted.weblate.org/projects/immich). These rely entirely on the community; if you speak a language that isn't fully translated yet, submitting translations there is greatly appreciated! If you like helping others, answering Q&A discussions here on GitHub and replying to people on our Discord is also always appreciated.

cli/.nvmrc

@@ -1 +1 @@
-24.13.0
+24.11.1

cli/package.json

@@ -20,7 +20,7 @@
     "@types/lodash-es": "^4.17.12",
     "@types/micromatch": "^4.0.9",
     "@types/mock-fs": "^4.13.1",
-    "@types/node": "^24.10.8",
+    "@types/node": "^24.10.3",
     "@vitest/coverage-v8": "^3.0.0",
     "byte-size": "^9.0.0",
     "cli-progress": "^3.12.0",
@@ -36,7 +36,7 @@
     "typescript": "^5.3.3",
     "typescript-eslint": "^8.28.0",
     "vite": "^7.0.0",
-    "vite-tsconfig-paths": "^6.0.0",
+    "vite-tsconfig-paths": "^5.0.0",
     "vitest": "^3.0.0",
     "vitest-fetch-mock": "^0.4.0",
     "yaml": "^2.3.1"
@@ -69,6 +69,6 @@
     "micromatch": "^4.0.8"
   },
   "volta": {
-    "node": "24.13.0"
+    "node": "24.11.1"
   }
 }

docker/docker-compose.dev.yml

@@ -127,7 +127,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:546304417feac0874c3dd576e0952c6bb8f06bb4093ea0c9ca303c73cf458f63
+    image: docker.io/valkey/valkey:9@sha256:fb8d272e529ea567b9bf1302245796f21a2672b8368ca3fcb938ac334e613c8f
     healthcheck:
       test: redis-cli ping || exit 1
 
@@ -146,8 +146,6 @@ services:
     ports:
       - 5432:5432
     shm_size: 128mb
-    healthcheck:
-      disable: false
   # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
   # immich-prometheus:
   #   container_name: immich_prometheus

docker/docker-compose.prod.yml

@@ -56,7 +56,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:546304417feac0874c3dd576e0952c6bb8f06bb4093ea0c9ca303c73cf458f63
+    image: docker.io/valkey/valkey:9@sha256:fb8d272e529ea567b9bf1302245796f21a2672b8368ca3fcb938ac334e613c8f
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
@@ -77,15 +77,13 @@ services:
       - 5432:5432
     shm_size: 128mb
     restart: always
-    healthcheck:
-      disable: false
 
   # set IMMICH_TELEMETRY_INCLUDE=all in .env to enable metrics
   immich-prometheus:
     container_name: immich_prometheus
     ports:
       - 9090:9090
-    image: prom/prometheus@sha256:1f0f50f06acaceb0f5670d2c8a658a599affe7b0d8e78b898c1035653849a702
+    image: prom/prometheus@sha256:d936808bdea528155c0154a922cd42fd75716b8bb7ba302641350f9f3eaeba09
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml
       - prometheus-data:/prometheus
@@ -97,7 +95,7 @@ services:
     command: ['./run.sh', '-disable-reporting']
     ports:
       - 3000:3000
-    image: grafana/grafana:12.3.1-ubuntu@sha256:d57f1365197aec34c4d80869d8ca45bb7787c7663904950dab214dfb40c1c2fd
+    image: grafana/grafana:12.3.0-ubuntu@sha256:cee936306135e1925ab21dffa16f8a411535d16ab086bef2309339a8e74d62df
     volumes:
       - grafana-data:/var/lib/grafana
 

docker/docker-compose.yml

@@ -49,7 +49,7 @@ services:
 
   redis:
     container_name: immich_redis
-    image: docker.io/valkey/valkey:9@sha256:546304417feac0874c3dd576e0952c6bb8f06bb4093ea0c9ca303c73cf458f63
+    image: docker.io/valkey/valkey:9@sha256:fb8d272e529ea567b9bf1302245796f21a2672b8368ca3fcb938ac334e613c8f
     healthcheck:
       test: redis-cli ping || exit 1
     restart: always
@@ -69,8 +69,6 @@ services:
       - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
     shm_size: 128mb
     restart: always
-    healthcheck:
-      disable: false
 
 volumes:
   model-cache:

docs/.nvmrc

@@ -1 +1 @@
-24.13.0
+24.11.1

docs/docs/FAQ.mdx

@@ -22,7 +22,7 @@ For organizations seeking to resell Immich, we have established the following gu
 
 - Do not misrepresent your reseller site or services as being officially affiliated with or endorsed by Immich or our development team.
 
-- For small resellers who wish to contribute financially to Immich's development, we recommend directing your customers to purchase product keys directly from us rather than attempting to broker revenue-sharing arrangements. We ask that you refrain from misrepresenting reseller activities as directly supporting our development work.
+- For small resellers who wish to contribute financially to Immich's development, we recommend directing your customers to purchase licenses directly from us rather than attempting to broker revenue-sharing arrangements. We ask that you refrain from misrepresenting reseller activities as directly supporting our development work.
 
 When in doubt or if you have an edge case scenario, we encourage you to contact us directly via email to discuss the use of our trademark. We can provide clear guidance on what is acceptable and what is not. You can reach out at: questions@immich.app
 

docs/docs/administration/backup-and-restore.md

@@ -5,98 +5,53 @@ import TabItem from '@theme/TabItem';
 
 A [3-2-1 backup strategy](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) is recommended to protect your data. You should keep copies of your uploaded photos/videos as well as the Immich database for a comprehensive backup solution. This page provides an overview on how to backup the database and the location of user-uploaded pictures and videos. A template bash script that can be run as a cron job is provided [here](/guides/template-backup-script.md)
 
+:::danger
+The instructions on this page show you how to prepare your Immich instance to be backed up, and which files to take a backup of. You still need to take care of using an actual backup tool to make a backup yourself.
+:::
+
 ## Database
 
-Immich stores [file paths in the database](https://github.com/immich-app/immich/discussions/3299), users metadata in the database, it does not scan the library folder, so database backups are essential
+:::caution
+Immich saves [file paths in the database](https://github.com/immich-app/immich/discussions/3299), it does not scan the library folder to update the database so backups are crucial.
+:::
 
-### Automatic Database Backups
-
-Immich automatically creates database backups for disaster-recovery purposes. These backups are stored in `UPLOAD_LOCATION/backups` and can be managed through the web interface.
-
-You can adjust the backup schedule and retention settings in **Administration > Settings > Backup** (default: keep last 14 backups, create daily at 2:00 AM).
+:::info
+Refer to the official [postgres documentation](https://www.postgresql.org/docs/current/backup.html) for details about backing up and restoring a postgres database.
+:::
 
 :::caution
-Database backups do **NOT** contain photos or videos — only metadata. They must be used together with a copy of the files in `UPLOAD_LOCATION` as outlined below.
+It is not recommended to directly backup the `DB_DATA_LOCATION` folder. Doing so while the database is running can lead to a corrupted backup that cannot be restored.
 :::
 
-#### Creating a Backup
-
-You can trigger a database backup manually:
-
-1. Go to **Administration > Queues**
-2. Click **Create job** in the top right
-3. Select **Create Database Backup** and click **Confirm**
-
-The backup will appear in `UPLOAD_LOCATION/backups` and counts toward your retention limit.
-
-### Restoring a Database Backup
-
-Immich provides two ways to restore a database backup: through the web interface or via the command line. The web interface is the recommended method for most users.
-
-### Restore from Settings {#restore-from-settings}
-
-If you have an existing Immich installation:
-
-1. Go to **Administration > Maintenance**
-2. Expand the **Restore database backup** section
-3. You'll see a list of available backups with their version and creation date
-4. Click **Restore** next to the backup you want to restore
-5. Confirm the restore operation
+### Automatic Database Dumps
 
 :::warning
-Restoring a backup will wipe the current database and replace it with the backup. A restore point is automatically created before the operation begins, allowing rollback if the restore fails.
+The automatic database dumps can be used to restore the database in the event of damage to the Postgres database files.
+There is no monitoring for these dumps and you will not be notified if they are unsuccessful.
 :::
 
-### Restore from Onboarding {#restore-from-onboarding}
-
-If you're setting up Immich on a fresh installation and want to restore from an existing backup:
-
-1. On the welcome screen, click **Restore from backup**
-2. Immich will enter maintenance mode and display integrity checks for your storage folders
-3. Review the folder status to ensure your library files are accessible
-4. Click **Next** to proceed to backup selection
-5. Select a backup from the list or upload a backup file (`.sql.gz`)
-6. Click **Restore** to begin the restoration process
-
-:::tip
-Before restoring, ensure your `UPLOAD_LOCATION` folders contain the same files that existed when the backup was created. The integrity check will show you which folders are readable/writable and how many files they contain.
+:::caution
+The database dumps do **NOT** contain any pictures or videos, only metadata. They are only usable with a copy of the other files in `UPLOAD_LOCATION` as outlined below.
 :::
 
-### Uploading a Backup File {#uploading-backup}
+For disaster-recovery purposes, Immich will automatically create database dumps. The dumps are stored in `UPLOAD_LOCATION/backups`.
+Please be sure to make your own, independent backup of the database together with the asset folders as noted below.
+You can adjust the schedule and amount of kept database dumps in the [admin settings](http://my.immich.app/admin/system-settings?isOpen=backup).
+By default, Immich will keep the last 14 database dumps and create a new dump every day at 2:00 AM.
 
-You can upload a database backup file directly:
+#### Trigger Dump
 
-1. In the **Restore database backup** section, click **Select from computer**
-2. Choose a `.sql.gz` file
-3. The uploaded backup will appear in the list with an "uploaded-" prefix
-4. Click **Restore** to restore from the uploaded file
+You are able to trigger a database dump in the [admin job status page](http://my.immich.app/admin/queues).
+Visit the page, open the "Create job" modal from the top right, select "Create Database Dump" and click "Confirm".
+A job will run and trigger a dump, you can verify this worked correctly by checking the logs or the `backups/` folder.
+This dumps will count towards the last `X` dumps that will be kept based on your settings.
 
-### Backup Version Compatibility {#backup-compatibility}
+#### Restoring
 
-When viewing backups, Immich displays compatibility indicators:
+We hope to make restoring simpler in future versions, for now you can find the database dumps in the `UPLOAD_LOCATION/backups` folder on your host.
+Then please follow the steps in the following section for restoring the database.
 
-- ✅ **Green checkmark**: Backup version matches current Immich version
-- ⚠️ **Warning**: Backup was created with a different Immich version
-- ❌ **Error**: Could not determine backup version
-
-:::warning
-Restoring a backup from a different Immich version may require database migrations. The restore process will attempt to run migrations automatically, but you should ensure you're restoring to a compatible version when possible.
-:::
-
-### Restore Process {#restore-process}
-
-During restoration, Immich will:
-
-1. Create a backup of the current database (restore point)
-2. Restore the selected backup
-3. Run database migrations if needed
-4. Perform a health check to verify the restore succeeded
-
-If the restore fails (e.g., corrupted backup or missing admin user), Immich will automatically roll back to the restore point.
-
-### Restore via Command Line {#restore-cli}
-
-For advanced users or automated recovery scenarios, you can restore a database backup using the command line.
+### Manual Backup and Restore
 
 <Tabs>
   <TabItem value="Linux system" label="Linux system" default>
@@ -151,12 +106,10 @@ docker compose up -d                              # Start remainder of Immich ap
   </TabItem>
 </Tabs>
 
-:::note
-For the database restore to proceed properly, it requires a completely fresh install (i.e., the Immich server has never run since creating the Docker containers). If the Immich app has run, you may encounter Postgres conflicts (relation already exists, violated foreign key constraints, etc.). In this case, delete the `DB_DATA_LOCATION` folder to reset the database.
-:::
+Note that for the database restore to proceed properly, it requires a completely fresh install (i.e. the Immich server has never run since creating the Docker containers). If the Immich app has run, Postgres conflicts may be encountered upon database restoration (relation already exists, violated foreign key constraints, multiple primary keys, etc.), in which case you need to delete the `DB_DATA_LOCATION` folder to reset the database.
 
 :::tip
-Some deployment methods make it difficult to start the database without also starting the server. In these cases, set the environment variable `DB_SKIP_MIGRATIONS=true` before starting the services. This prevents the server from running migrations that interfere with the restore process. Remove this variable and restart services after the database is restored.
+Some deployment methods make it difficult to start the database without also starting the server. In these cases, you may set the environment variable `DB_SKIP_MIGRATIONS=true` before starting the services. This will prevent the server from running migrations that interfere with the restore process. Be sure to remove this variable and restart the services after the database is restored.
 :::
 
 ## Filesystem

docs/docs/administration/postgres-standalone.md

@@ -22,7 +22,7 @@ Immich is known to work with Postgres versions `>= 14, < 19`.
 VectorChord is known to work with pgvector versions `>= 0.7, < 0.9`.
 
 The Immich server will check the VectorChord version on startup to ensure compatibility, and refuse to start if a compatible version is not found.
-The current accepted range for VectorChord is `>= 0.3, < 2.0`.
+The current accepted range for VectorChord is `>= 0.3, < 0.6`.
 :::
 
 ## Specifying the connection URL

docs/docs/developer/setup.md

@@ -4,10 +4,6 @@ sidebar_position: 2
 
 # Setup
 
-:::warning
-Make sure to read the [`CONTRIBUTING.md`](https://github.com/immich-app/immich/blob/main/CONTRIBUTING.md) before you dive into the code.
-:::
-
 :::note
 If there's a feature you're planning to work on, just give us a heads up in [#contributing](https://discord.com/channels/979116623879368755/1071165397228855327) on [our Discord](https://discord.immich.app) so we can:
 

docs/docs/features/automatic-backup.md

@@ -1,42 +1,37 @@
 # Automatic Backup
 
-## Overview
-
 Immich supports uploading photos and videos from your mobile device to the server automatically.
 
-By enable the backup button, Immich will upload new photos and videos from selected albums when you open or resume the app, as well as periodically in the background (iOS), or when the a new photos or videos are taken (Android).
+---
 
-<img
-src={require('./img/enable-backup-button.webp').default}
-width="300px"
-title="Upload button"
-/>
+You can enable the settings by accessing the upload options from the upload page
 
-## Platform Specific Features
+<img src={require('./img/backup-settings-access.webp').default} width="50%" title="Backup option selection" />
 
-### General
+<img src={require('./img/background-foreground-backup.webp').default} width="50%" title="Foreground&Background Backup" />
 
-By default, Immich will only upload photos and videos when connected to Wi-Fi. You can change this behavior in the backup settings page.
+## Foreground backup
 
-<img
-src={require('./img/backup-options.webp').default}
-width="500px"
-title="Upload button"
-/>
+If foreground backup is enabled: whenever the app is opened or resumed, it will check if any photos or videos in the selected album(s) have yet to be uploaded to the cloud (the remainder count). If there are any, they will be uploaded.
 
-### Android
+## Background backup
 
-<img
-src={require('./img/android-backup-options.webp').default}
-width="500px"
-title="Upload button"
-/>
+This feature is intended for everyday use. For initial bulk uploading, please use the foreground upload feature. For more information on why background upload is not working as expected, please refer to the [FAQ](/FAQ#why-does-foreground-backup-stop-when-i-navigate-away-from-the-app-shouldnt-it-transfer-the-job-to-background-backup).
+
+If background backup is enabled. The app will periodically check if there are any new photos or videos in the selected album(s) to be uploaded to the server. If there are, it will upload them to the cloud in the background.
+
+:::info Note
+
+#### General
+
+- The app must be in the background for the backup worker to start running.
+- If you reopen the app and the first page you see is the backup page, the counts will not reflect the background uploaded result. You have to navigate out of the page and come back to see the updated counts.
+
+#### Android
 
 - It is a well-known problem that some Android models are very strict with battery optimization settings, which can cause a problem with the background worker. Please visit [Don't kill my app](https://dontkillmyapp.com/) for a guide on disabling this setting on your phone.
-- You can allow the background task to run when the device is charging.
-- You can set the minimum delay from the time a photo is taken to when the background upload task will run.
 
-### iOS
+#### iOS
 
 - You must enable **Background App Refresh** for the app to work in the background. You can enable it in the Settings app under General > Background App Refresh.
 
@@ -44,4 +39,4 @@ title="Upload button"
 <img src={require('./img/background-app-refresh.webp').default} width="30%" title="background-app-refresh" />
 </div>
 
-- iOS automatically manages background tasks, the app cannot control when the background upload task will run. It is known that the more frequently you open the app, the more often the background task will run.
+:::

docs/docs/features/command-line-interface.md

@@ -188,8 +188,6 @@ immich upload --dry-run . | tail -n +6 | jq .newFiles[]
 
 ### Obtain the API Key
 
-The API key can be obtained in the user setting panel on the web interface. You can also specify permissions for the key to limit its access.
+The API key can be obtained in the user setting panel on the web interface.
 
 ![Obtain Api Key](./img/obtain-api-key.webp)
-
-![Specify permission for the key](./img/obtain-api-key-2.webp)

docs/docs/features/facial-recognition.md

@@ -21,14 +21,14 @@ The asset detail view will also show the faces that are recognized in the asset.
 Additional actions you can do include:
 
 - Changing the feature photo of the person
-- Hiding the faces of a person from the Explore page and detail view
-- Setting a person's date of birth, so that the age of the person can be shown at the time the photo was taken
+- Setting a person's date of birth
 - Merging two or more detected faces into one person
-- Favoriting a person to pin them to the top of the list
+- Hiding the faces of a person from the Explore page and detail view
+- Assigning an unrecognized face to a person
 
 It can be found from the app bar when you access the detail view of a person.
 
-<img src={require('./img/facial-recognition-4.webp').default} title='Facial Recognition 4' />
+<img src={require('./img/facial-recognition-4.webp').default} title='Facial Recognition 4' width="70%"/>
 
 ## How Face Detection Works
 

docs/docs/features/hardware-transcoding.md

@@ -71,22 +71,6 @@ For RKMPP to work:
 
 5. (Optional) Enable hardware decoding for optimal performance.
 
-<details>
-<summary>immich.json</summary>
-
-If you use a [configuration file](/install/config-file.md), use the `accel` option to select the hardware (e.g. `qsv` for Intel or `nvenc` for Nvidia). Set `accelDecode` to `true` if you want hardware decoding.
-
-```json
-{
-  "ffmpeg": {
-    "accel": "qsv",
-    "accelDecode": true
-  }
-}
-```
-
-</details>
-
 #### Single Compose File
 
 Some platforms, including Unraid and Portainer, do not support multiple Compose files as of writing. As an alternative, you can "inline" the relevant contents of the [`hwaccel.transcoding.yml`][hw-file] file into the `immich-server` service directly.

docs/docs/features/mobile-app.mdx

@@ -20,6 +20,14 @@ Below are the SHA-256 fingerprints for the certificates signing the android appl
 
 :::
 
+:::info Beta Program
+The beta release channel allows users to test upcoming changes before they are officially released. To join the channel use the links below.
+
+- Android: Invitation link from [web](https://play.google.com/store/apps/details?id=app.alextran.immich) or from [mobile](https://play.google.com/store/apps/details?id=app.alextran.immich)
+- iOS: [TestFlight invitation link](https://testflight.apple.com/join/1vYsAa8P)
+
+:::
+
 ## Login
 
 <MobileAppLogin />
@@ -28,6 +36,10 @@ Below are the SHA-256 fingerprints for the certificates signing the android appl
 
 <MobileAppBackup />
 
+:::info
+You can enable automatic backup on supported devices. For more information see [Automatic Backup](/features/automatic-backup.md).
+:::
+
 ## Sync only selected photos
 
 If you have a large number of photos on the device, and you would prefer not to backup all the photos, then it might be prudent to only backup selected photos from device to the Immich server.
@@ -45,45 +57,17 @@ This will enable a small cloud icon on the bottom right corner of the asset tile
 
 Now make sure that the local album is selected in the backup screen (steps 1-2 above). You can find these albums listed in **<ins>Library -> On this device</ins>**. To selectively upload photos from these albums, simply select the local-only photos and tap on "Upload" button in the dynamic bottom menu.
 
+<img
+  src={require('./img/mobile-upload-open-photo.webp').default}
+  width="50%"
+  title="Upload button on local asset preview"
+/>
 <img
   src={require('./img/mobile-upload-selected-photos.webp').default}
   width="40%"
   title="Upload button after photos selection"
 />
 
-## Free Up Space
-
-The **Free Up Space** tool allows you to remove local media files from your device that have already been successfully backed up to your Immich server (and are not in the Immich trash). This helps reclaim storage on your mobile device without losing your memories.
-
-### How it works
-
-<img src={require('./img/free-up-space.webp').default} title="Free up space" />
-
-1.  **Configuration:**
-    - **Cutoff Date:** You can select a cutoff date. The tool will only look for photos and videos **on or before** this date.
-    - **Filter Options:** You can choose to remove **All** assets, or restrict removal to **Photos only** or **Videos only**.
-    - **Keep Favorites:** By default, local assets marked as favorites are preserved on your device, even if they match the cutoff date.
-2.  **Scan & Review:** Before any files are removed, you are presented with a review screen to verify which items will be deleted.
-3.  **Deletion:** Confirmed items are moved to your device's native Trash/Recycle Bin.
-
-:::info reclaim storage
-To permanently free up space, you must manually empty the system/gallery trash.
-:::
-
-### iCloud Photos
-
-If you use **iCloud Photos** alongside Immich, it is vital to understand how deletion affects your data. iCloud utilizes a two-way sync; this means deleting a photo from your iPhone to free up space will **also delete it from iCloud**.
-
-Assets that are part of an **iCloud Shared Album** are automatically excluded from the cleanup scan because iCloud does not allow removing the items from the device.
-
-### External App Dependencies (WhatsApp, etc.)
-
-Android applications like **WhatsApp** rely on local files to display media in chat history.
-
-If Immich backs up your WhatsApp folder and you run **Free Up Space**, the local copies of these images will be deleted. Consequently, **media in your WhatsApp chats will appear blurry or missing.** You will only be able to view these photos inside the Immich app; they will no longer be visible within the WhatsApp interface.
-
-**Recommendation:** If keeping chat history intact is important, please ensure you review the deletion list carefully or consider excluding WhatsApp folders from the backup if you intend to use this feature frequently.
-
 ## Album Sync
 
 You can sync or mirror an album from your phone to the Immich server on your account. For example, if you select Recents, Camera and Videos album for backup, the corresponding album with the same name will be created on the server. Once the assets from those albums are uploaded, they will be put into the target albums automatically.
@@ -111,3 +95,11 @@ Enter the cloud on the top right -> cog wheel on the top right -> select the syn
 If you delete/move photos in the local album on your device, it will not be reflected in the album on the server **even if** you click Sync albums
 It will only reflect files you add.
 :::
+
+If the same asset is in more than one album it will only sync to the first album it's in, after that it won't sync again even if the user clicks sync albums manually.
+To overcome this limitation, the files must be removed from the ignore list by
+App settings -> Advanced -> Duplicate Assets -> Clear
+
+:::info
+Cleaning duplicate assets from the list will cause all the previously uploaded duplicate files to be re-uploaded, the files will not actually be uploaded and will be rejected on the server side (due to duplication) but will be synchronized to the album and at the end will be added to the ignore list again at the end of the synchronization.
+:::

docs/docs/features/monitoring.md

@@ -112,40 +112,4 @@ You can then make a new panel, specifying Prometheus as the data source for it.
 
 -- TODO: add images and more details here
 
-## Structured Logging
-
-In addition to Prometheus metrics, Immich supports structured JSON logging which is ideal for log aggregation systems like Grafana Loki, ELK Stack, Datadog, Splunk, and others.
-
-### Configuration
-
-By default, Immich outputs human-readable console logs. To enable JSON logging, set the `IMMICH_LOG_FORMAT` environment variable:
-
-```bash
-IMMICH_LOG_FORMAT=json
-```
-
-:::tip
-The default is `IMMICH_LOG_FORMAT=console` for human-readable logs with colors during development. For production deployments using log aggregation, use `IMMICH_LOG_FORMAT=json`.
-:::
-
-### JSON Log Format
-
-When enabled, logs are output in structured JSON format:
-
-```json
-{"level":"log","pid":36,"timestamp":1766533331507,"message":"Initialized websocket server","context":"WebsocketRepository"}
-{"level":"warn","pid":48,"timestamp":1766533331629,"message":"Unable to open /build/www/index.html, skipping SSR.","context":"ApiService"}
-{"level":"error","pid":36,"timestamp":1766533331690,"message":"Failed to load plugin immich-core:","context":"Error"}
-```
-
-This format includes:
-
-- `level`: Log level (log, warn, error, etc.)
-- `pid`: Process ID
-- `timestamp`: Unix timestamp in milliseconds
-- `message`: Log message
-- `context`: Service or component that generated the log
-
-For more information on log formats, see [`IMMICH_LOG_FORMAT`](/install/environment-variables.md#general).
-
 [prom-file]: https://github.com/immich-app/immich/releases/latest/download/prometheus.yml

docs/docs/features/sharing.md

@@ -33,7 +33,7 @@ You can create a public link to share a group of photos or videos, or an album,
 The public shared link is generated with a random URL, which acts as as a secret to avoid the link being guessed by unwanted parties, for instance.
 
 ```
-https://my.immich.app/share/JUckRMxlgpo7F9BpyqGk_cZEwDzaU_U5LU5_oNZp1ETIBa9dpQ0b5ghNm_22QVJfn3k
+https://immich.yourdomain.com/share/JUckRMxlgpo7F9BpyqGk_cZEwDzaU_U5LU5_oNZp1ETIBa9dpQ0b5ghNm_22QVJfn3k
 ```
 
 ### Creating a public share link

docs/docs/install/environment-variables.md

@@ -17,11 +17,11 @@ If this does not work, try running `docker compose up -d --force-recreate`.
 
 ## Docker Compose
 
-| Variable           | Description                     | Default | Containers               |
-| :----------------- | :------------------------------ | :-----: | :----------------------- |
-| `IMMICH_VERSION`   | Image tags                      |  `v2`   | server, machine learning |
-| `UPLOAD_LOCATION`  | Host path for uploads           |         | server                   |
-| `DB_DATA_LOCATION` | Host path for Postgres database |         | database                 |
+| Variable           | Description                     |  Default  | Containers               |
+| :----------------- | :------------------------------ | :-------: | :----------------------- |
+| `IMMICH_VERSION`   | Image tags                      | `release` | server, machine learning |
+| `UPLOAD_LOCATION`  | Host path for uploads           |           | server                   |
+| `DB_DATA_LOCATION` | Host path for Postgres database |           | database                 |
 
 :::tip
 These environment variables are used by the `docker-compose.yml` file and do **NOT** affect the containers directly.
@@ -34,7 +34,6 @@ These environment variables are used by the `docker-compose.yml` file and do **N
 | `TZ`                                | Timezone                                                                                  |        <sup>\*1</sup>        | server                   | microservices      |
 | `IMMICH_ENV`                        | Environment (production, development)                                                     |         `production`         | server, machine learning | api, microservices |
 | `IMMICH_LOG_LEVEL`                  | Log level (verbose, debug, log, warn, error)                                              |            `log`             | server, machine learning | api, microservices |
-| `IMMICH_LOG_FORMAT`                 | Log output format (`console`, `json`)                                                     |          `console`           | server                   | api, microservices |
 | `IMMICH_MEDIA_LOCATION`             | Media location inside the container ⚠️**You probably shouldn't set this**<sup>\*2</sup>⚠️ |           `/data`            | server                   | api, microservices |
 | `IMMICH_CONFIG_FILE`                | Path to config file                                                                       |                              | server                   | api, microservices |
 | `NO_COLOR`                          | Set to `true` to disable color-coded log output                                           |           `false`            | server, machine learning |                    |
@@ -44,7 +43,6 @@ These environment variables are used by the `docker-compose.yml` file and do **N
 | `IMMICH_PROCESS_INVALID_IMAGES`     | When `true`, generate thumbnails for invalid images                                       |                              | server                   | microservices      |
 | `IMMICH_TRUSTED_PROXIES`            | List of comma-separated IPs set as trusted proxies                                        |                              | server                   | api                |
 | `IMMICH_IGNORE_MOUNT_CHECK_ERRORS`  | See [System Integrity](/administration/system-integrity)                                  |                              | server                   | api, microservices |
-| `IMMICH_ALLOW_SETUP`                | When `false` disables the `/auth/admin-sign-up` endpoint                                  |            `true`            | server                   | api                |
 
 \*1: `TZ` should be set to a `TZ identifier` from [this list][tz-list]. For example, `TZ="Etc/UTC"`.
 `TZ` is used by `exiftool` as a fallback in case the timezone cannot be determined from the image metadata. It is also used for logfile timestamps and cron job execution.

docs/docs/install/requirements.md

@@ -17,17 +17,12 @@ Hardware and software requirements for Immich:
   - Immich runs well in a virtualized environment when running in a full virtual machine.
     The use of Docker in LXC containers is [not recommended](https://pve.proxmox.com/wiki/Linux_Container), but may be possible for advanced users.
     If you have issues, we recommend that you switch to a supported VM deployment.
-- **RAM**: Minimum 6GB, recommended 8GB.
+- **RAM**: Minimum 4GB, recommended 6GB.
 - **CPU**: Minimum 2 cores, recommended 4 cores.
 - **Storage**: Recommended Unix-compatible filesystem (EXT4, ZFS, APFS, etc.) with support for user/group ownership and permissions.
   - The generation of thumbnails and transcoded video can increase the size of the photo library by 10-20% on average.
 
-:::note RAM requirements
-For a smooth experience, especially during asset upload, Immich requires at least 6GB of RAM.
-For systems with only 4GB of RAM, Immich can be run with machine learning features disabled.
-:::
-
-:::tip Postgres setup
+:::tip
 Good performance and a stable connection to the Postgres database is critical to a smooth Immich experience.
 The Postgres database files are typically between 1-3 GB in size.
 For this reason, the Postgres database (`DB_DATA_LOCATION`) should ideally use local SSD storage, and never a network share of any kind.

docs/docs/overview/quick-start.mdx

@@ -10,7 +10,7 @@ to install and use it.
 
 ## Requirements
 
-- A system with at least 6GB of RAM and 2 CPU cores.
+- A system with at least 4GB of RAM and 2 CPU cores.
 - [Docker](https://docs.docker.com/engine/install/)
 
 > For a more detailed list of requirements, see the [requirements page](/install/requirements).
@@ -63,9 +63,9 @@ The backup time differs depending on how many photos are on your mobile device.
 take quite a while.
 To quickly get going, you can selectively upload few photos first, by following this [guide](/features/mobile-app#sync-only-selected-photos).
 
-You can select the **Job Queues** tab to see Immich processing your photos.
+You can select the **Jobs** tab to see Immich processing your photos.
 
-<img src={require('/docs/guides/img/jobs-tab.webp').default} title="Job Queues Tah" width={300} />
+<img src={require('/docs/guides/img/jobs-tab.webp').default} title="Jobs tab" width={300} />
 
 ---
 

docs/docs/partials/_mobile-app-backup.md

@@ -6,4 +6,4 @@
 
 <img src={require('./img/album-selection.webp').default} width='50%' title='Backup button' />
 
-3. Scroll down to the bottom and press "**Enable Backup**" to start the backup process. This will upload all the assets in the selected albums.
+3. Scroll down to the bottom and press "**Start Backup**" to start the backup process. This will upload all the assets in the selected albums.

docs/docs/partials/_user-create.md

@@ -2,6 +2,6 @@ If you have friends or family members who want to use the application as well, y
 
 <img src={require('./img/create-new-user.webp').default} width="90%" title='New User Registration' />
 
-In the **Administration > Users** page, you can click on the **Create user** button, and you'll be presented with the following dialog:
+In the Administration panel, you can click on the **Create user** button, and you'll be presented with the following dialog:
 
-<img src={require('./img/create-new-user-dialog.webp').default} width="40%" title='New User Registration Dialog' />
+<img src={require('./img/create-new-user-dialog.webp').default} width="90%" title='New User Registration Dialog' />

docs/docusaurus.config.js

@@ -26,12 +26,6 @@ const config = {
     locales: ['en'],
   },
 
-  // Mermaid diagrams
-  markdown: {
-    mermaid: true,
-  },
-  themes: ['@docusaurus/theme-mermaid'],
-
   plugins: [
     async function myPlugin(context, options) {
       return {
@@ -76,10 +70,6 @@ const config = {
           autoCollapseCategories: false,
         },
       },
-      tableOfContents: {
-        minHeadingLevel: 2,
-        maxHeadingLevel: 4,
-      },
       navbar: {
         logo: {
           alt: 'Immich Logo',

docs/package.json

@@ -20,7 +20,6 @@
     "@docusaurus/core": "~3.9.0",
     "@docusaurus/preset-classic": "~3.9.0",
     "@docusaurus/theme-common": "~3.9.0",
-    "@docusaurus/theme-mermaid": "~3.9.0",
     "@mdi/js": "^7.3.67",
     "@mdi/react": "^1.6.1",
     "@mdx-js/react": "^3.0.0",
@@ -58,6 +57,6 @@
     "node": ">=20"
   },
   "volta": {
-    "node": "24.13.0"
+    "node": "24.11.1"
   }
 }

docs/src/css/custom.css

@@ -8,19 +8,19 @@
 @tailwind utilities;
 
 @font-face {
-  font-family: 'GoogleSans';
-  src: url('/fonts/GoogleSans/GoogleSans.ttf') format('truetype-variations');
-  font-weight: 410 900;
+  font-family: 'Overpass';
+  src: url('/fonts/overpass/Overpass.ttf') format('truetype-variations');
+  font-weight: 1 999;
   font-style: normal;
   ascent-override: 106.25%;
   size-adjust: 106.25%;
 }
 
 @font-face {
-  font-family: 'GoogleSansCode';
-  src: url('/fonts/GoogleSansCode/GoogleSansCode.ttf') format('truetype-variations');
-  font-weight: 1 900;
-  font-style: monospace;
+  font-family: 'Overpass Mono';
+  src: url('/fonts/overpass/OverpassMono.ttf') format('truetype-variations');
+  font-weight: 1 999;
+  font-style: normal;
   ascent-override: 106.25%;
   size-adjust: 106.25%;
 }
@@ -37,8 +37,7 @@ img {
 
 /* You can override the default Infima variables here. */
 :root {
-  font-family: 'GoogleSans', sans-serif;
-  letter-spacing: 0.1px;
+  font-family: 'Overpass', sans-serif;
   --ifm-color-primary: #4250af;
   --ifm-color-primary-dark: #4250af;
   --ifm-color-primary-darker: #4250af;
@@ -49,16 +48,6 @@ img {
   --docusaurus-highlighted-code-line-bg: rgba(0, 0, 0, 0.1);
 }
 
-h1,
-h2,
-h3,
-h4,
-h5,
-h6 {
-  font-family: 'GoogleSans', sans-serif;
-  letter-spacing: 0.1px;
-}
-
 /* For readability concerns, you should choose a lighter palette in dark mode. */
 [data-theme='dark'] {
   --ifm-color-primary: #adcbfa;
@@ -69,13 +58,7 @@ h6 {
   --ifm-color-primary-lighter: #e9f1fe;
   --ifm-color-primary-lightest: #ffffff;
   --docusaurus-highlighted-code-line-bg: rgba(0, 0, 0, 0.3);
-  --ifm-navbar-background-color: #0c0c0c;
-  --ifm-footer-background-color: #0c0c0c;
-}
-
-[data-theme='dark'] body,
-[data-theme='dark'] .main-wrapper {
-  background-color: #070707;
+  --ifm-background-color: #000000;
 }
 
 div[class^='announcementBar_'] {
@@ -88,22 +71,15 @@ div[class^='announcementBar_'] {
   padding: 10px 10px 10px 16px;
   border-radius: 24px;
   margin-right: 16px;
-  font-weight: 500;
 }
 
 .menu__list-item-collapsible {
   margin-right: 16px;
   border-radius: 24px;
-  font-weight: 500;
 }
 
 .menu__link--active {
-  font-weight: 600;
-}
-
-.table-of-contents__link {
-  font-size: 14px;
-  font-weight: 450;
+  font-weight: 500;
 }
 
 /* workaround for version switcher PR 15894 */
@@ -112,14 +88,13 @@ div[class*='navbar__items'] > li:has(a[class*='version-switcher-34ab39']) {
 }
 
 code {
-  font-weight: 500;
-  font-family: 'GoogleSansCode';
+  font-weight: 600;
 }
 
 .buy-button {
   padding: 8px 14px;
   border: 1px solid transparent;
-  font-family: 'GoogleSans', sans-serif;
+  font-family: 'Overpass', sans-serif;
   font-weight: 500;
   cursor: pointer;
   box-shadow: 0 0 5px 2px rgba(181, 206, 254, 0.4);

docs/tailwind.config.js

@@ -17,9 +17,9 @@ module.exports = {
 
         // Dark Theme
         'immich-dark-primary': '#adcbfa',
-        'immich-dark-bg': '#000000',
+        'immich-dark-bg': '#070a14',
         'immich-dark-fg': '#e5e7eb',
-        'immich-dark-gray': '#111111',
+        'immich-dark-gray': '#212121',
       },
     },
   },

e2e-auth-server/Dockerfile

@@ -1,6 +0,0 @@
-FROM node:24.1.0-alpine3.20@sha256:8fe019e0d57dbdce5f5c27c0b63d2775cf34b00e3755a7dea969802d7e0c2b25
-RUN corepack enable
-ADD package.json *.ts ./
-RUN pnpm install
-EXPOSE 2286
-CMD ["pnpm", "run", "start"]

e2e-auth-server/package.json

@@ -1,15 +0,0 @@
-{
-  "name": "@immich/e2e-auth-server",
-  "version": "0.1.0",
-  "type": "module",
-  "main": "auth-server.ts",
-  "scripts": {
-    "start": "tsx startup.ts"
-  },
-  "devDependencies": {
-    "jose": "^5.6.3",
-    "@types/oidc-provider": "^9.0.0",
-    "oidc-provider": "^9.0.0",
-    "tsx": "^4.20.6"
-  }
-}

e2e-auth-server/startup.ts

@@ -1,8 +0,0 @@
-import setup from './auth-server'
-
-const teardown = await setup()
-process.on('exit', () => {
-  teardown()
-  console.log('[e2e-auth-server] stopped')
-  process.exit(0)
-})

e2e/.nvmrc

@@ -1 +1 @@
-24.13.0
+24.11.1

e2e/docker-compose.yml

@@ -1,12 +1,6 @@
 name: immich-e2e
 
 services:
-  e2e-auth-server:
-    build:
-      context: ../e2e-auth-server
-    ports:
-      - 2286:2286
-
   immich-server:
     container_name: immich-e2e-server
     image: immich-server:latest
@@ -33,6 +27,8 @@ services:
       - IMMICH_IGNORE_MOUNT_CHECK_ERRORS=true
     volumes:
       - ./test-assets:/test-assets
+    extra_hosts:
+      - 'auth-server:host-gateway'
     depends_on:
       redis:
         condition: service_started

e2e/package.json

@@ -22,12 +22,12 @@
     "@eslint/js": "^9.8.0",
     "@faker-js/faker": "^10.1.0",
     "@immich/cli": "file:../cli",
-    "@immich/e2e-auth-server": "file:../e2e-auth-server",
     "@immich/sdk": "file:../open-api/typescript-sdk",
     "@playwright/test": "^1.44.1",
     "@socket.io/component-emitter": "^3.1.2",
     "@types/luxon": "^3.4.2",
-    "@types/node": "^24.10.8",
+    "@types/node": "^24.10.3",
+    "@types/oidc-provider": "^9.0.0",
     "@types/pg": "^8.15.1",
     "@types/pngjs": "^6.0.4",
     "@types/supertest": "^6.0.2",
@@ -36,9 +36,11 @@
     "eslint-config-prettier": "^10.1.8",
     "eslint-plugin-prettier": "^5.1.3",
     "eslint-plugin-unicorn": "^62.0.0",
-    "exiftool-vendored": "^34.3.0",
+    "exiftool-vendored": "^34.0.0",
     "globals": "^16.0.0",
+    "jose": "^5.6.3",
     "luxon": "^3.4.4",
+    "oidc-provider": "^9.0.0",
     "pg": "^8.11.3",
     "pngjs": "^7.0.0",
     "prettier": "^3.7.4",
@@ -52,6 +54,6 @@
     "vitest": "^3.0.0"
   },
   "volta": {
-    "node": "24.13.0"
+    "node": "24.11.1"
   }
 }

e2e/playwright.config.ts

@@ -8,7 +8,7 @@ dotenv.config({ path: resolve(import.meta.dirname, '.env') });
 export const playwrightHost = process.env.PLAYWRIGHT_HOST ?? '127.0.0.1';
 export const playwrightDbHost = process.env.PLAYWRIGHT_DB_HOST ?? '127.0.0.1';
 export const playwriteBaseUrl = process.env.PLAYWRIGHT_BASE_URL ?? `http://${playwrightHost}:2285`;
-export const playwriteSlowMo = Number.parseInt(process.env.PLAYWRIGHT_SLOW_MO ?? '0');
+export const playwriteSlowMo = parseInt(process.env.PLAYWRIGHT_SLOW_MO ?? '0');
 export const playwrightDisableWebserver = process.env.PLAYWRIGHT_DISABLE_WEBSERVER;
 
 process.env.PW_EXPERIMENTAL_SERVICE_WORKER_NETWORK_EVENTS = '1';
@@ -39,13 +39,13 @@ const config: PlaywrightTestConfig = {
       testMatch: /.*\.e2e-spec\.ts/,
       workers: 1,
     },
-    // {
-    //   name: 'parallel tests',
-    //   use: { ...devices['Desktop Chrome'] },
-    //   testMatch: /.*\.parallel-e2e-spec\.ts/,
-    //   fullyParallel: true,
-    //   workers: process.env.CI ? 3 : Math.max(1, Math.round(cpus().length * 0.75) - 1),
-    // },
+    {
+      name: 'parallel tests',
+      use: { ...devices['Desktop Chrome'] },
+      testMatch: /.*\.parallel-e2e-spec\.ts/,
+      fullyParallel: true,
+      workers: process.env.CI ? 3 : Math.max(1, Math.round(cpus().length * 0.75) - 1),
+    },
 
     // {
     //   name: 'firefox',

e2e/src/api/specs/database-backups.e2e-spec.ts

@@ -1,350 +0,0 @@
-import { LoginResponseDto, ManualJobName } from '@immich/sdk';
-import { errorDto } from 'src/responses';
-import { app, utils } from 'src/utils';
-import request from 'supertest';
-import { afterAll, beforeAll, describe, expect, it } from 'vitest';
-
-describe('/admin/database-backups', () => {
-  let cookie: string | undefined;
-  let admin: LoginResponseDto;
-
-  beforeAll(async () => {
-    await utils.resetDatabase();
-    admin = await utils.adminSetup();
-    await utils.resetBackups(admin.accessToken);
-  });
-
-  describe('GET /', async () => {
-    it('should succeed and be empty', async () => {
-      const { status, body } = await request(app)
-        .get('/admin/database-backups')
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        backups: [],
-      });
-    });
-
-    it('should contain a created backup', async () => {
-      await utils.createJob(admin.accessToken, {
-        name: ManualJobName.BackupDatabase,
-      });
-
-      await utils.waitForQueueFinish(admin.accessToken, 'backupDatabase');
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app)
-              .get('/admin/database-backups')
-              .set('Authorization', `Bearer ${admin.accessToken}`);
-
-            expect(status).toBe(200);
-            return body;
-          },
-          {
-            interval: 500,
-            timeout: 10_000,
-          },
-        )
-        .toEqual(
-          expect.objectContaining({
-            backups: [
-              expect.objectContaining({
-                filename: expect.stringMatching(/immich-db-backup-\d{8}T\d{6}-v.*-pg.*\.sql\.gz$/),
-                filesize: expect.any(Number),
-              }),
-            ],
-          }),
-        );
-    });
-  });
-
-  describe('DELETE /', async () => {
-    it('should delete backup', async () => {
-      const filename = await utils.createBackup(admin.accessToken);
-
-      const { status } = await request(app)
-        .delete(`/admin/database-backups`)
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({ backups: [filename] });
-
-      expect(status).toBe(200);
-
-      const { status: listStatus, body } = await request(app)
-        .get('/admin/database-backups')
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(listStatus).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          backups: [],
-        }),
-      );
-    });
-  });
-
-  // => action: restore database flow
-
-  describe.sequential('POST /start-restore', () => {
-    afterAll(async () => {
-      await request(app).post('/admin/maintenance').set('cookie', cookie!).send({ action: 'end' });
-      await utils.poll(
-        () => request(app).get('/server/config'),
-        ({ status, body }) => status === 200 && !body.maintenanceMode,
-      );
-
-      admin = await utils.adminSetup();
-    });
-
-    it.sequential('should not work when the server is configured', async () => {
-      const { status, body } = await request(app).post('/admin/database-backups/start-restore').send();
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.badRequest('The server already has an admin'));
-    });
-
-    it.sequential('should enter maintenance mode in "database restore mode"', async () => {
-      await utils.resetDatabase(); // reset database before running this test
-
-      const { status, headers } = await request(app).post('/admin/database-backups/start-restore').send();
-
-      expect(status).toBe(201);
-
-      cookie = headers['set-cookie'][0].split(';')[0];
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
-            return body.maintenanceMode;
-          },
-          {
-            interval: 500,
-            timeout: 10_000,
-          },
-        )
-        .toBeTruthy();
-
-      const { status: status2, body } = await request(app).get('/admin/maintenance/status').send({ token: 'token' });
-      expect(status2).toBe(200);
-      expect(body).toEqual({
-        active: true,
-        action: 'select_database_restore',
-      });
-    });
-  });
-
-  // => action: restore database
-
-  describe.sequential('POST /backups/restore', () => {
-    beforeAll(async () => {
-      await utils.disconnectDatabase();
-    });
-
-    afterAll(async () => {
-      await utils.connectDatabase();
-    });
-
-    it.sequential('should restore a backup', { timeout: 60_000 }, async () => {
-      let filename = await utils.createBackup(admin.accessToken);
-
-      // work-around until test is running on released version
-      await utils.move(
-        `/data/backups/${filename}`,
-        '/data/backups/immich-db-backup-20260114T184016-v2.5.0-pg14.19.sql.gz',
-      );
-      filename = 'immich-db-backup-20260114T184016-v2.5.0-pg14.19.sql.gz';
-
-      const { status } = await request(app)
-        .post('/admin/maintenance')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({
-          action: 'restore_database',
-          restoreBackupFilename: filename,
-        });
-
-      expect(status).toBe(201);
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
-            return body.maintenanceMode;
-          },
-          {
-            interval: 500,
-            timeout: 10_000,
-          },
-        )
-        .toBeTruthy();
-
-      const { status: status2, body } = await request(app).get('/admin/maintenance/status').send({ token: 'token' });
-      expect(status2).toBe(200);
-      expect(body).toEqual(
-        expect.objectContaining({
-          active: true,
-          action: 'restore_database',
-        }),
-      );
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
-            return body.maintenanceMode;
-          },
-          {
-            interval: 500,
-            timeout: 60_000,
-          },
-        )
-        .toBeFalsy();
-    });
-
-    it.sequential('fail to restore a corrupted backup', { timeout: 60_000 }, async () => {
-      await utils.prepareTestBackup('corrupted');
-
-      const { status, headers } = await request(app)
-        .post('/admin/maintenance')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({
-          action: 'restore_database',
-          restoreBackupFilename: 'development-corrupted.sql.gz',
-        });
-
-      expect(status).toBe(201);
-      cookie = headers['set-cookie'][0].split(';')[0];
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
-            return body.maintenanceMode;
-          },
-          {
-            interval: 500,
-            timeout: 10_000,
-          },
-        )
-        .toBeTruthy();
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/admin/maintenance/status').send({ token: 'token' });
-            expect(status).toBe(200);
-            return body;
-          },
-          {
-            interval: 500,
-            timeout: 10_000,
-          },
-        )
-        .toEqual(
-          expect.objectContaining({
-            active: true,
-            action: 'restore_database',
-            error: 'Something went wrong, see logs!',
-          }),
-        );
-
-      const { status: status2, body: body2 } = await request(app)
-        .get('/admin/maintenance/status')
-        .set('cookie', cookie!)
-        .send({ token: 'token' });
-      expect(status2).toBe(200);
-      expect(body2).toEqual(
-        expect.objectContaining({
-          active: true,
-          action: 'restore_database',
-          error: expect.stringContaining('IM CORRUPTED'),
-        }),
-      );
-
-      await request(app).post('/admin/maintenance').set('cookie', cookie!).send({
-        action: 'end',
-      });
-
-      await utils.poll(
-        () => request(app).get('/server/config'),
-        ({ status, body }) => status === 200 && !body.maintenanceMode,
-      );
-    });
-
-    it.sequential('rollback to restore point if backup is missing admin', { timeout: 60_000 }, async () => {
-      await utils.prepareTestBackup('empty');
-
-      const { status, headers } = await request(app)
-        .post('/admin/maintenance')
-        .set('Authorization', `Bearer ${admin.accessToken}`)
-        .send({
-          action: 'restore_database',
-          restoreBackupFilename: 'development-empty.sql.gz',
-        });
-
-      expect(status).toBe(201);
-      cookie = headers['set-cookie'][0].split(';')[0];
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
-            return body.maintenanceMode;
-          },
-          {
-            interval: 500,
-            timeout: 10_000,
-          },
-        )
-        .toBeTruthy();
-
-      await expect
-        .poll(
-          async () => {
-            const { status, body } = await request(app).get('/admin/maintenance/status').send({ token: 'token' });
-            expect(status).toBe(200);
-            return body;
-          },
-          {
-            interval: 500,
-            timeout: 30_000,
-          },
-        )
-        .toEqual(
-          expect.objectContaining({
-            active: true,
-            action: 'restore_database',
-            error: 'Something went wrong, see logs!',
-          }),
-        );
-
-      const { status: status2, body: body2 } = await request(app)
-        .get('/admin/maintenance/status')
-        .set('cookie', cookie!)
-        .send({ token: 'token' });
-      expect(status2).toBe(200);
-      expect(body2).toEqual(
-        expect.objectContaining({
-          active: true,
-          action: 'restore_database',
-          error: expect.stringContaining('Server health check failed, no admin exists.'),
-        }),
-      );
-
-      await request(app).post('/admin/maintenance').set('cookie', cookie!).send({
-        action: 'end',
-      });
-
-      await utils.poll(
-        () => request(app).get('/server/config'),
-        ({ status, body }) => status === 200 && !body.maintenanceMode,
-      );
-    });
-  });
-});

e2e/src/api/specs/maintenance.e2e-spec.ts

@@ -14,7 +14,6 @@ describe('/admin/maintenance', () => {
     await utils.resetDatabase();
     admin = await utils.adminSetup();
     nonAdmin = await utils.userSetup(admin.accessToken, createUserDto.user1);
-    await utils.resetBackups(admin.accessToken);
   });
 
   // => outside of maintenance mode
@@ -27,17 +26,6 @@ describe('/admin/maintenance', () => {
     });
   });
 
-  describe('GET /status', async () => {
-    it('to always indicate we are not in maintenance mode', async () => {
-      const { status, body } = await request(app).get('/admin/maintenance/status').send({ token: 'token' });
-      expect(status).toBe(200);
-      expect(body).toEqual({
-        active: false,
-        action: 'end',
-      });
-    });
-  });
-
   describe('POST /login', async () => {
     it('should not work out of maintenance mode', async () => {
       const { status, body } = await request(app).post('/admin/maintenance/login').send({ token: 'token' });
@@ -51,7 +39,6 @@ describe('/admin/maintenance', () => {
   describe.sequential('POST /', () => {
     it('should require authentication', async () => {
       const { status, body } = await request(app).post('/admin/maintenance').send({
-        active: false,
         action: 'end',
       });
       expect(status).toBe(401);
@@ -82,7 +69,6 @@ describe('/admin/maintenance', () => {
         .send({
           action: 'start',
         });
-
       expect(status).toBe(201);
 
       cookie = headers['set-cookie'][0].split(';')[0];
@@ -93,13 +79,12 @@ describe('/admin/maintenance', () => {
       await expect
         .poll(
           async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
+            const { body } = await request(app).get('/server/config');
             return body.maintenanceMode;
           },
           {
-            interval: 500,
-            timeout: 10_000,
+            interval: 5e2,
+            timeout: 1e4,
           },
         )
         .toBeTruthy();
@@ -117,17 +102,6 @@ describe('/admin/maintenance', () => {
       });
     });
 
-    describe('GET /status', async () => {
-      it('to indicate we are in maintenance mode', async () => {
-        const { status, body } = await request(app).get('/admin/maintenance/status').send({ token: 'token' });
-        expect(status).toBe(200);
-        expect(body).toEqual({
-          active: true,
-          action: 'start',
-        });
-      });
-    });
-
     describe('POST /login', async () => {
       it('should fail without cookie or token in body', async () => {
         const { status, body } = await request(app).post('/admin/maintenance/login').send({});
@@ -184,13 +158,12 @@ describe('/admin/maintenance', () => {
       await expect
         .poll(
           async () => {
-            const { status, body } = await request(app).get('/server/config');
-            expect(status).toBe(200);
+            const { body } = await request(app).get('/server/config');
             return body.maintenanceMode;
           },
           {
-            interval: 500,
-            timeout: 10_000,
+            interval: 5e2,
+            timeout: 1e4,
           },
         )
         .toBeFalsy();

e2e/src/api/specs/oauth.e2e-spec.ts

@@ -1,4 +1,3 @@
-import { OAuthClient, OAuthUser } from '@immich/e2e-auth-server';
 import {
   LoginResponseDto,
   SystemConfigOAuthDto,
@@ -9,12 +8,13 @@ import {
 } from '@immich/sdk';
 import { createHash, randomBytes } from 'node:crypto';
 import { errorDto } from 'src/responses';
+import { OAuthClient, OAuthUser } from 'src/setup/auth-server';
 import { app, asBearerAuth, baseUrl, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeAll, describe, expect, it } from 'vitest';
 
 const authServer = {
-  internal: 'http://e2e-auth-server:2286',
+  internal: 'http://auth-server:2286',
   external: 'http://127.0.0.1:2286',
 };
 

e2e/src/api/specs/shared-link.e2e-spec.ts

@@ -20,6 +20,7 @@ describe('/shared-links', () => {
   let user1: LoginResponseDto;
   let user2: LoginResponseDto;
   let album: AlbumResponseDto;
+  let metadataAlbum: AlbumResponseDto;
   let deletedAlbum: AlbumResponseDto;
   let linkWithDeletedAlbum: SharedLinkResponseDto;
   let linkWithPassword: SharedLinkResponseDto;
@@ -40,9 +41,18 @@ describe('/shared-links', () => {
 
     [asset1, asset2] = await Promise.all([utils.createAsset(user1.accessToken), utils.createAsset(user1.accessToken)]);
 
-    [album, deletedAlbum] = await Promise.all([
+    [album, deletedAlbum, metadataAlbum] = await Promise.all([
       createAlbum({ createAlbumDto: { albumName: 'album' } }, { headers: asBearerAuth(user1.accessToken) }),
       createAlbum({ createAlbumDto: { albumName: 'deleted album' } }, { headers: asBearerAuth(user2.accessToken) }),
+      createAlbum(
+        {
+          createAlbumDto: {
+            albumName: 'metadata album',
+            assetIds: [asset1.id],
+          },
+        },
+        { headers: asBearerAuth(user1.accessToken) },
+      ),
     ]);
 
     [linkWithDeletedAlbum, linkWithAlbum, linkWithAssets, linkWithPassword, linkWithMetadata, linkWithoutMetadata] =
@@ -65,14 +75,14 @@ describe('/shared-links', () => {
           password: 'foo',
         }),
         utils.createSharedLink(user1.accessToken, {
-          type: SharedLinkType.Individual,
-          assetIds: [asset1.id],
+          type: SharedLinkType.Album,
+          albumId: metadataAlbum.id,
           showMetadata: true,
-          slug: 'metadata-slug',
+          slug: 'metadata-album',
         }),
         utils.createSharedLink(user1.accessToken, {
-          type: SharedLinkType.Individual,
-          assetIds: [asset1.id],
+          type: SharedLinkType.Album,
+          albumId: metadataAlbum.id,
           showMetadata: false,
         }),
       ]);
@@ -85,7 +95,9 @@ describe('/shared-links', () => {
       const resp = await request(shareUrl).get(`/${linkWithMetadata.key}`);
       expect(resp.status).toBe(200);
       expect(resp.header['content-type']).toContain('text/html');
-      expect(resp.text).toContain(`<meta name="description" content="1 shared photos &amp; videos" />`);
+      expect(resp.text).toContain(
+        `<meta name="description" content="${metadataAlbum.assets.length} shared photos &amp; videos" />`,
+      );
     });
 
     it('should have correct asset count in meta tag for empty album', async () => {
@@ -132,7 +144,9 @@ describe('/shared-links', () => {
       const resp = await request(baseUrl).get(`/s/${linkWithMetadata.slug}`);
       expect(resp.status).toBe(200);
       expect(resp.header['content-type']).toContain('text/html');
-      expect(resp.text).toContain(`<meta name="description" content="1 shared photos &amp; videos" />`);
+      expect(resp.text).toContain(
+        `<meta name="description" content="${metadataAlbum.assets.length} shared photos &amp; videos" />`,
+      );
     });
   });
 
@@ -257,12 +271,12 @@ describe('/shared-links', () => {
       );
     });
 
-    it('should return metadata for individual shared link', async () => {
+    it('should return metadata for album shared link', async () => {
       const { status, body } = await request(app).get('/shared-links/me').query({ key: linkWithMetadata.key });
 
       expect(status).toBe(200);
-      expect(body.assets).toHaveLength(1);
-      expect(body.album).not.toBeDefined();
+      expect(body.assets).toHaveLength(0);
+      expect(body.album).toBeDefined();
     });
 
     it('should not return metadata for album shared link without metadata', async () => {
@@ -270,7 +284,7 @@ describe('/shared-links', () => {
 
       expect(status).toBe(200);
       expect(body.assets).toHaveLength(1);
-      expect(body.album).not.toBeDefined();
+      expect(body.album).toBeDefined();
 
       const asset = body.assets[0];
       expect(asset).not.toHaveProperty('exifInfo');

e2e/src/generators.ts

@@ -26,5 +26,6 @@ export const makeRandomImage = () => {
   if (!value) {
     throw new Error('Ran out of random asset data');
   }
+
   return value;
 };

e2e/src/generators/timeline/rest-response.ts

@@ -346,9 +346,6 @@ export function toAssetResponseDto(asset: MockTimelineAsset, owner?: UserRespons
     duplicateId: null,
     resized: true,
     checksum: asset.checksum,
-    width: exifInfo.exifImageWidth ?? 1,
-    height: exifInfo.exifImageHeight ?? 1,
-    isEdited: false,
   };
 }
 

e2e/src/mock-network/timeline-network.ts

@@ -1,4 +1,3 @@
-import { AssetResponseDto } from '@immich/sdk';
 import { BrowserContext, Page, Request, Route } from '@playwright/test';
 import { basename } from 'node:path';
 import {
@@ -64,33 +63,15 @@ export const setupTimelineMockApiRoutes = async (
   });
 
   await context.route('**/api/assets/*', async (route, request) => {
-    if (request.method() === 'GET') {
-      const url = new URL(request.url());
-      const pathname = url.pathname;
-      const assetId = basename(pathname);
-      let asset = getAsset(timelineRestData, assetId);
-      if (changes.assetDeletions.includes(asset!.id)) {
-        asset = {
-          ...asset,
-          isTrashed: true,
-        } as AssetResponseDto;
-      }
-      return route.fulfill({
-        status: 200,
-        contentType: 'application/json',
-        json: asset,
-      });
-    }
-    await route.fallback();
-  });
-
-  await context.route('**/api/assets', async (route, request) => {
-    if (request.method() === 'DELETE') {
-      return route.fulfill({
-        status: 204,
-      });
-    }
-    await route.fallback();
+    const url = new URL(request.url());
+    const pathname = url.pathname;
+    const assetId = basename(pathname);
+    const asset = getAsset(timelineRestData, assetId);
+    return route.fulfill({
+      status: 200,
+      contentType: 'application/json',
+      json: asset,
+    });
   });
 
   await context.route('**/api/assets/*/ocr', async (route) => {
@@ -136,28 +117,17 @@ export const setupTimelineMockApiRoutes = async (
   });
 
   await context.route('**/api/albums/**', async (route, request) => {
-    const albumsMatch = request.url().match(/\/api\/albums\/(?<albumId>[^/?]+)/);
-    if (albumsMatch) {
-      const album = getAlbum(timelineRestData, testContext.adminId, albumsMatch.groups?.albumId, changes);
-      return route.fulfill({
-        status: 200,
-        contentType: 'application/json',
-        json: album,
-      });
+    const pattern = /\/api\/albums\/(?<albumId>[^/?]+)/;
+    const match = request.url().match(pattern);
+    if (!match) {
+      return route.continue();
     }
-    return route.fallback();
-  });
-
-  await context.route('**/api/albums**', async (route, request) => {
-    const allAlbums = request.url().match(/\/api\/albums\?assetId=(?<assetId>[^&]+)/);
-    if (allAlbums) {
-      return route.fulfill({
-        status: 200,
-        contentType: 'application/json',
-        json: [],
-      });
-    }
-    return route.fallback();
+    const album = getAlbum(timelineRestData, testContext.adminId, match.groups?.albumId, changes);
+    return route.fulfill({
+      status: 200,
+      contentType: 'application/json',
+      json: album,
+    });
   });
 };