feat(nixops): added postgres18 and remove pg14 and pg15

.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,8 +7,6 @@ assignees: ''
 
 ---
 
-> **Note:** Bug reports that are clearly AI-generated will not be accepted and will be closed immediately. Please write your bug report in your own words.
-
 **Describe the bug**
 A clear and concise description of what the bug is.
 

.github/ISSUE_TEMPLATE/feature_request.md

@@ -7,8 +7,6 @@ assignees: ''
 
 ---
 
-> **Note:** Feature requests that are clearly AI-generated will not be accepted and will be closed immediately. Please write your feature request in your own words.
-
 **Is your feature request related to a problem? Please describe.**
 A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -8,8 +8,6 @@
 
 --- Delete everything below this line before submitting your PR ---
 
-> **Note on AI-assisted contributions:** Contributions with the help of AI are permitted, but you are ultimately responsible for the quality of your submission and for ensuring it follows our contributing guidelines. **The PR description must be written in your own words and be clear and concise**. Please ensure you remove any superfluous code comments introduced by AI tools before submitting. PRs that clearly violate this rule will be closed without further review.
-
 ### PR title format
 
 The PR title must follow the following pattern:
@@ -24,7 +22,6 @@ Where `TYPE` is:
 
 Where `PKG` is:
 
-- `auth`: For changes to the Nhost Auth service
 - `ci`: For general changes to the build and/or CI/CD pipeline
 - `cli`: For changes to the Nhost CLI
 - `codegen`: For changes to the code generator
@@ -32,11 +29,10 @@ Where `PKG` is:
 - `deps`: For changes to dependencies
 - `docs`: For changes to the documentation
 - `examples`: For changes to the examples
-- `internal/lib`: For changes to Nhost's common libraries (internal)
 - `mintlify-openapi`: For changes to the Mintlify OpenAPI tool
 - `nhost-js`: For changes to the Nhost JavaScript SDK
 - `nixops`: For changes to the NixOps
-- `storage`: For changes to the Nhost Storage service
+- `storage`: For changes to the Nhost Storage
 
 Where `SUMMARY` is a short description of what the PR does.
 

.github/actions/validate-pr-title/action.yaml

@@ -17,7 +17,7 @@ runs:
 
         # Define valid types and packages
         VALID_TYPES="feat|fix|chore"
-        VALID_PKGS="auth|ci|cli|codegen|dashboard|deps|docs|examples|internal\/lib|mintlify-openapi|nhost-js|nixops|storage"
+        VALID_PKGS="ci|cli|codegen|dashboard|deps|docs|examples|mintlify-openapi|nhost-js|nixops|storage"
 
         # Check if title matches the pattern TYPE(PKG): SUMMARY
         if [[ ! "$PR_TITLE" =~ ^(${VALID_TYPES})\((${VALID_PKGS})\):\ .+ ]]; then
@@ -31,11 +31,11 @@ runs:
           echo "  - chore:  mark this pull request as a maintenance item"
           echo ""
           echo "Valid PKGs:"
-          echo "  - auth, ci, cli, codegen, dashboard, deps, docs, examples,"
+          echo "  - ci, cli, codegen, dashboard, deps, docs, examples,"
           echo "  - mintlify-openapi, nhost-js, nixops, storage"
           echo ""
           echo "Example: feat(cli): add new command for database migrations"
           exit 1
         fi
 
-        echo "✅ PR title is valid!"
+        echo "✅ PR title is valid!"

.github/workflows/auth_checks.yaml

@@ -1,84 +0,0 @@
----
-name: "auth: check and build"
-on:
-  pull_request_target:
-    paths:
-      - '.github/workflows/auth_checks.yaml'
-      - '.github/workflows/wf_check.yaml'
-      - '.github/workflows/wf_build_artifacts.yaml'
-
-      # common build
-      - 'flake.nix'
-      - 'flake.lock'
-      - 'nixops/**'
-      - 'build/**'
-
-      # common go
-      - '.golangci.yaml'
-      - 'go.mod'
-      - 'go.sum'
-      - 'internal/lib/**'
-      - 'vendor/**'
-
-      # auth
-      - 'services/auth/**'
-  push:
-    branches:
-      - main
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || format('push-{0}', github.sha) }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  check-permissions:
-    runs-on: ubuntu-latest
-    steps:
-      - run: |
-          echo "github.event_name: ${{ github.event_name }}"
-          echo "github.event.pull_request.author_association: ${{ github.event.pull_request.author_association }}"
-      - name: "This task will run and fail if user has no permissions and label safe_to_test isn't present"
-        if: "github.event_name == 'pull_request_target' && ! ( contains(github.event.pull_request.labels.*.name, 'safe_to_test') || contains(fromJson('[\"OWNER\", \"MEMBER\", \"COLLABORATOR\"]'), github.event.pull_request.author_association) )"
-        run: |
-          exit 1
-
-  tests:
-    uses: ./.github/workflows/wf_check.yaml
-    needs:
-      - check-permissions
-    with:
-      NAME: auth
-      PATH: services/auth
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
-
-    secrets:
-      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
-      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
-      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
-      NHOST_PAT: ${{ secrets.NHOST_PAT }}
-
-  build_artifacts:
-    uses: ./.github/workflows/wf_build_artifacts.yaml
-    needs:
-      - check-permissions
-    with:
-      NAME: auth
-      PATH: services/auth
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
-      VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
-      DOCKER: true
-    secrets:
-      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
-      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
-      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
-
-  remove_label:
-    runs-on: ubuntu-latest
-    needs:
-      - check-permissions
-    steps:
-      - uses: actions-ecosystem/action-remove-labels@v1
-        with:
-          labels: |
-            safe_to_test
-    if: contains(github.event.pull_request.labels.*.name, 'safe_to_test')

.github/workflows/auth_wf_release.yaml

@@ -1,60 +0,0 @@
----
-name: "auth: release"
-on:
-  workflow_call:
-    inputs:
-      GIT_REF:
-        required: true
-        type: string
-      VERSION:
-        required: true
-        type: string
-    secrets:
-      AWS_ACCOUNT_ID:
-        required: true
-      NIX_CACHE_PUB_KEY:
-        required: true
-      NIX_CACHE_PRIV_KEY:
-        required: true
-      DOCKER_USERNAME:
-        required: true
-      DOCKER_PASSWORD:
-        required: true
-
-jobs:
-  build_artifacts:
-    uses: ./.github/workflows/wf_build_artifacts.yaml
-    with:
-      NAME: auth
-      PATH: services/auth
-      GIT_REF: ${{ inputs.GIT_REF }}
-      VERSION: ${{ inputs.VERSION }}
-      DOCKER: true
-    secrets:
-      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
-      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
-      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
-
-  push-docker-hub:
-    uses: ./.github/workflows/wf_docker_push_image.yaml
-    needs:
-      - build_artifacts
-    with:
-      NAME: auth
-      PATH: services/auth
-      VERSION: ${{ inputs.VERSION }}
-    secrets:
-      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-
-  push-docker-ecr:
-    uses: ./.github/workflows/wf_docker_push_image_ecr.yaml
-    needs:
-      - build_artifacts
-    with:
-      NAME: auth
-      PATH: services/auth
-      VERSION: ${{ inputs.VERSION }}
-    secrets:
-      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
-      CONTAINER_REGISTRY: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com

.github/workflows/ci_release.yaml

@@ -33,20 +33,6 @@ jobs:
         echo "version=$VERSION" >> $GITHUB_OUTPUT
         echo "Extracted project: $PROJECT, version: $VERSION"
 
-  auth:
-    needs: extract-project
-    if: needs.extract-project.outputs.project == 'auth'
-    uses: ./.github/workflows/auth_wf_release.yaml
-    with:
-      GIT_REF: ${{ github.sha }}
-      VERSION: ${{ needs.extract-project.outputs.version }}
-    secrets:
-      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
-      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
-      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
-      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-
   cli:
     needs: extract-project
     if: needs.extract-project.outputs.project == 'cli'

.github/workflows/ci_update_changelog.yaml

@@ -13,7 +13,7 @@ jobs:
 
     strategy:
       matrix:
-        project: [cli, dashboard, packages/nhost-js, services/auth, services/storage]
+        project: [cli, dashboard, packages/nhost-js, services/storage]
 
     permissions:
       id-token: write
@@ -40,7 +40,7 @@ jobs:
         cd ${{ matrix.project }}
         TAG_NAME=$(make release-tag-name)
         VERSION=$(nix develop .\#cliff -c make changelog-next-version)
-        if git tag | grep -qx "$TAG_NAME@$VERSION"; then
+        if git tag | grep -q "$TAG_NAME@$VERSION"; then
           echo "Tag $TAG_NAME@$VERSION already exists, skipping release preparation"
         else
           echo "Tag $TAG_NAME@$VERSION does not exist, proceeding with release preparation"

.github/workflows/cli_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "cli: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/cli_checks.yaml'
       - '.github/workflows/wf_check.yaml'
@@ -49,7 +50,7 @@ jobs:
     with:
       NAME: cli
       PATH: cli
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -64,7 +65,7 @@ jobs:
     with:
       NAME: cli
       PATH: cli
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: true
     secrets:
@@ -80,7 +81,7 @@ jobs:
     with:
       NAME: cli
       PATH: cli
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}

.github/workflows/cli_wf_test_new_project.yaml

@@ -63,7 +63,7 @@ jobs:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - name: "Get artifacts"
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v5
       with:
         path: ~/artifacts
 

.github/workflows/codegen_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "codegen: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/codegen_checks.yaml'
@@ -47,7 +48,7 @@ jobs:
     with:
       NAME: codegen
       PATH: tools/codegen
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -61,7 +62,7 @@ jobs:
     with:
       NAME: codegen
       PATH: tools/codegen
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
     secrets:

.github/workflows/dashboard_checks.yaml

@@ -1,7 +1,7 @@
 ---
 name: "dashboard: check and build"
 on:
-  pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_build_artifacts.yaml'
       - '.github/workflows/wf_check.yaml'
@@ -54,7 +54,7 @@ jobs:
       - check-permissions
     with:
       NAME: dashboard
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       ENVIRONMENT: preview
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -73,7 +73,7 @@ jobs:
     with:
       NAME: dashboard
       PATH: dashboard
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: true
       OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'
@@ -91,7 +91,7 @@ jobs:
     with:
       NAME: dashboard
       PATH: dashboard
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
@@ -107,7 +107,7 @@ jobs:
     with:
       NAME: dashboard
       PATH: dashboard
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       NHOST_TEST_DASHBOARD_URL: ${{ needs.deploy-vercel.outputs.preview-url }}
       NHOST_TEST_PROJECT_NAME: ${{ vars.NHOST_TEST_PROJECT_NAME }}
       NHOST_TEST_ORGANIZATION_NAME: ${{ vars.NHOST_TEST_ORGANIZATION_NAME }}
@@ -126,10 +126,8 @@ jobs:
       NHOST_TEST_USER_EMAIL: ${{ secrets.NHOST_TEST_USER_EMAIL }}
       NHOST_TEST_USER_PASSWORD: ${{ secrets.NHOST_TEST_USER_PASSWORD }}
       NHOST_TEST_PROJECT_ADMIN_SECRET: ${{ secrets.NHOST_TEST_PROJECT_ADMIN_SECRET }}
-      NHOST_TEST_ONBOARDING_USER: ${{ secrets.NHOST_TEST_ONBOARDING_USER }}
+      NHOST_TEST_FREE_USER_EMAILS: ${{ secrets.NHOST_TEST_FREE_USER_EMAILS }}
       PLAYWRIGHT_REPORT_ENCRYPTION_KEY: ${{ secrets.PLAYWRIGHT_REPORT_ENCRYPTION_KEY }}
-      NHOST_TEST_STAGING_SUBDOMAIN: ${{ secrets.NHOST_TEST_STAGING_SUBDOMAIN }}
-      NHOST_TEST_STAGING_REGION: ${{ secrets.NHOST_TEST_STAGING_REGION }}
 
   remove_label:
     runs-on: ubuntu-latest

.github/workflows/dashboard_wf_e2e_staging.yaml

@@ -52,16 +52,12 @@ on:
         required: true
       NHOST_TEST_USER_PASSWORD:
         required: true
-      NHOST_TEST_ONBOARDING_USER:
-        required: true
       NHOST_TEST_PROJECT_ADMIN_SECRET:
         required: true
+      NHOST_TEST_FREE_USER_EMAILS:
+        required: true
       PLAYWRIGHT_REPORT_ENCRYPTION_KEY:
         required: true
-      NHOST_TEST_STAGING_SUBDOMAIN:
-        required: true
-      NHOST_TEST_STAGING_REGION:
-        required: true
 
 concurrency:
   group: dashboard-e2e-staging
@@ -81,10 +77,7 @@ env:
   NHOST_TEST_USER_EMAIL: ${{ secrets.NHOST_TEST_USER_EMAIL }}
   NHOST_TEST_USER_PASSWORD: ${{ secrets.NHOST_TEST_USER_PASSWORD }}
   NHOST_TEST_PROJECT_ADMIN_SECRET: ${{ secrets.NHOST_TEST_PROJECT_ADMIN_SECRET }}
-  NHOST_TEST_ONBOARDING_USER: ${{ secrets.NHOST_TEST_ONBOARDING_USER }}
-  NHOST_TEST_STAGING_SUBDOMAIN: ${{ secrets.NHOST_TEST_STAGING_SUBDOMAIN }}
-  NHOST_TEST_STAGING_REGION: ${{ secrets.NHOST_TEST_STAGING_REGION }}
-
+  NHOST_TEST_FREE_USER_EMAILS: ${{ secrets.NHOST_TEST_FREE_USER_EMAILS }}
 
 jobs:
   tests:
@@ -148,7 +141,7 @@ jobs:
         rm playwright-report.tar.gz
 
     - name: Upload encrypted Playwright report
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v4
       if: failure()
       with:
         name: encrypted-playwright-report-${{ github.run_id }}

.github/workflows/dashboard_wf_release.yaml

@@ -88,7 +88,7 @@ jobs:
       - name: Bump version in source code
         run: |
           find cli -type f -exec sed -i 's/"nhost\/dashboard:[^"]*"/"nhost\/dashboard:${{ inputs.VERSION }}"/g' {} +
-          sed -i 's/nhost\/dashboard:[^)]*/nhost\/dashboard:${{ inputs.VERSION }}/g' docs/reference/cli/commands.mdx
+          sed -i 's/"nhost\/dashboard:[^"]*"/"nhost\/dashboard:${{ inputs.VERSION }}"/g' docs/reference/cli/commands.mdx
 
       - name: "Create Pull Request"
         uses: peter-evans/create-pull-request@v7

.github/workflows/docs_checks.yaml

@@ -1,7 +1,7 @@
 ---
 name: "docs: check and build"
 on:
-  pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/dashboard_checks.yaml'
@@ -28,10 +28,6 @@ on:
       # nhost-js
       - packages/nhost-js/**
 
-      # apis
-      - 'services/auth/docs/openapi.yaml'
-      - 'services/storage/controller/openapi.yaml'
-
       # cli
       - cli/**
   push:
@@ -62,7 +58,7 @@ jobs:
     with:
       NAME: docs
       PATH: docs
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}

.github/workflows/examples_demos_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "examples/demos: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/examples_demos_checks.yaml'
@@ -63,7 +64,7 @@ jobs:
     with:
       NAME: demos
       PATH: examples/demos
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -77,7 +78,7 @@ jobs:
     with:
       NAME: demos
       PATH: examples/demos
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
       OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'

.github/workflows/examples_guides_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "examples/guides: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/examples_guides_checks.yaml'
@@ -63,7 +64,7 @@ jobs:
     with:
       NAME: guides
       PATH: examples/guides
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -77,7 +78,7 @@ jobs:
     with:
       NAME: guides
       PATH: examples/guides
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
       OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'

.github/workflows/examples_tutorials_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "examples/tutorials: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/examples_tutorials_checks.yaml'
@@ -63,7 +64,7 @@ jobs:
     with:
       NAME: tutorials
       PATH: examples/tutorials
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -77,7 +78,7 @@ jobs:
     with:
       NAME: tutorials
       PATH: examples/tutorials
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
       OS_MATRIX: '["blacksmith-2vcpu-ubuntu-2404"]'

.github/workflows/gen_ai_review.yaml

@@ -1,7 +1,7 @@
 ---
 name: "gen: AI review"
 on:
-  pull_request_target:
+  pull_request:
     types: [opened, reopened, ready_for_review]
   issue_comment:
 jobs:
@@ -16,7 +16,7 @@ jobs:
     steps:
       - name: PR Agent action step
         id: pragent
-        uses: Codium-ai/pr-agent@v0.31
+        uses: Codium-ai/pr-agent@v0.30
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           OPENAI_KEY: ${{ secrets.OPENAI_API_KEY }}
@@ -24,5 +24,4 @@ jobs:
           config.model: ${{ vars.GEN_AI_MODEL }}
           config.model_turbo: $${{ vars.GEN_AI_MODEL_TURBO }}
           config.max_model_tokens: 200000
-          config.custom_model_max_tokens: 200000
           ignore.glob: "['pnpm-lock.yaml','**/pnpm-lock.yaml', 'vendor/**','**/client_gen.go','**/models_gen.go','**/generated.go','**/*.gen.go']"

.github/workflows/nhost-js_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "nhost-js: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/nhost-js_checks.yaml'
@@ -33,10 +34,6 @@ on:
 
       # nhost-js
       - 'packages/nhost-js/**'
-
-      # apis
-      - 'services/auth/docs/openapi.yaml'
-      - 'services/storage/controller/openapi.yaml'
   push:
     branches:
       - main
@@ -64,7 +61,7 @@ jobs:
     with:
       NAME: nhost-js
       PATH: packages/nhost-js
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -78,7 +75,7 @@ jobs:
     with:
       NAME: nhost-js
       PATH: packages/nhost-js
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: false
     secrets:

.github/workflows/nixops_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "nixops: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/wf_check.yaml'
       - '.github/workflows/nixops_checks.yaml'
@@ -39,7 +40,7 @@ jobs:
     with:
       NAME: nixops
       PATH: nixops
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -53,9 +54,9 @@ jobs:
     with:
       NAME: nixops
       PATH: nixops
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
-      DOCKER: true
+      DOCKER: false
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
       NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}

.github/workflows/nixops_wf_release.yaml

@@ -1,35 +0,0 @@
----
-name: "nixops: release"
-on:
-  push:
-    branches:
-      - main
-    paths:
-      - 'flake.lock'
-      - 'nixops/project.nix'
-
-jobs:
-  build_artifacts:
-    uses: ./.github/workflows/wf_build_artifacts.yaml
-    with:
-      NAME: nixops
-      PATH: nixops
-      GIT_REF: ${{ inputs.GIT_REF }}
-      VERSION: latest
-      DOCKER: true
-    secrets:
-      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
-      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
-      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
-
-  push-docker:
-    uses: ./.github/workflows/wf_docker_push_image.yaml
-    needs:
-      - build_artifacts
-    with:
-      NAME: nixops
-      PATH: nixops
-      VERSION: latest
-    secrets:
-      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}

.github/workflows/storage_checks.yaml

@@ -1,7 +1,8 @@
 ---
 name: "storage: check and build"
 on:
-  pull_request_target:
+  # pull_request_target:
+  pull_request:
     paths:
       - '.github/workflows/storage_checks.yaml'
       - '.github/workflows/wf_check.yaml'
@@ -17,7 +18,6 @@ on:
       - '.golangci.yaml'
       - 'go.mod'
       - 'go.sum'
-      - 'internal/lib/**'
       - 'vendor/**'
 
       # storage
@@ -49,7 +49,7 @@ jobs:
     with:
       NAME: storage
       PATH: services/storage
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
 
     secrets:
       AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
@@ -64,7 +64,7 @@ jobs:
     with:
       NAME: storage
       PATH: services/storage
-      GIT_REF: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
+      GIT_REF: ${{ github.sha }}
       VERSION: 0.0.0-dev # we use a fixed version here to avoid unnecessary rebuilds
       DOCKER: true
     secrets:

.github/workflows/wf_build_artifacts.yaml

@@ -85,7 +85,7 @@ jobs:
         zip -r result.zip result
 
     - name: "Push artifact to artifact repository"
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v4
       with:
         name: ${{ inputs.NAME }}-artifact-${{ steps.vars.outputs.ARCH }}-${{ steps.vars.outputs.VERSION }}
         path: ${{ inputs.PATH }}/result.zip
@@ -100,7 +100,7 @@ jobs:
       if: ${{ ( inputs.DOCKER ) }}
 
     - name: "Push docker image to artifact repository"
-      uses: actions/upload-artifact@v5
+      uses: actions/upload-artifact@v4
       with:
         name: ${{ inputs.NAME }}-docker-image-${{ steps.vars.outputs.ARCH }}-${{ steps.vars.outputs.VERSION }}
         path: ${{ inputs.PATH }}/result

.github/workflows/wf_docker_push_image.yaml

@@ -44,7 +44,7 @@ jobs:
           echo "VERSION=$(make get-version VER=${{ inputs.VERSION }})" >> $GITHUB_OUTPUT
 
       - name: "Get artifacts"
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v5
         with:
           path: ~/artifacts
 

.github/workflows/wf_docker_push_image_ecr.yaml

@@ -55,7 +55,7 @@ jobs:
           echo "VERSION=$(make get-version VER=${{ inputs.VERSION }})" >> $GITHUB_OUTPUT
 
       - name: "Get artifacts"
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v5
         with:
           path: ~/artifacts
 

.golangci.yaml

@@ -32,7 +32,6 @@ linters:
       - linters:
           - funlen
           - ireturn
-          - goconst
         path: _test\.go
       - linters:
           - lll

CONTRIBUTING.md

@@ -16,15 +16,6 @@ Contributions are made to Nhost repos via Issues and Pull Requests (PRs). A few
 - We work hard to make sure issues are handled on time, but it could take a while to investigate the root cause depending on the impact. A friendly ping in the comment thread to the submitter or a contributor can help draw attention if your issue is blocking.
 - If you've never contributed before, see [the first-timer's guide](https://github.com/firstcontributions/first-contributions) for resources and tips on getting started.
 
-### AI-Assisted Contributions
-
-We have specific policies regarding AI-assisted contributions:
-
-- **Issues**: Bug reports and feature requests that are clearly AI-generated will not be accepted and will be closed immediately. Please write your issues in your own words to ensure they are clear, specific, and contain the necessary context.
-- **Pull Requests**: Contributions with the help of AI are permitted, but you are ultimately responsible for the quality of your submission and for ensuring it follows our contributing guidelines. The PR description must be written in your own words. Additionally, please remove any superfluous code comments introduced by AI tools before submitting. PRs that clearly violate this rule will be closed without further review.
-
-In all cases, contributors must ensure their submissions are thoughtful, well-tested, and meet the project's quality standards.
-
 ### Issues
 
 Issues should be used to report problems with Nhost, request a new feature, or discuss potential changes before a PR is created.
@@ -33,20 +24,28 @@ If you find an Issue that addresses the problem you're having, please add your r
 
 ### Pull Requests
 
+Please have a look at our [developers guide](https://github.com/nhost/nhost/blob/main/DEVELOPERS.md) to start coding!
+
 PRs to our libraries are always welcome and can be a quick way to get your fix or improvement slated for the next release. In general, PRs should:
 
-## Monorepo Structure
+- Only fix/add the functionality in question **OR** address wide-spread whitespace/style issues, not both.
+- Add unit or integration tests for fixed or changed functionality (if a test suite exists).
+- Address a single concern in the least number of changed lines as possible.
+- Include documentation in the repo or on our [docs site](https://docs.nhost.io).
+- Be accompanied by a complete Pull Request template (loaded automatically when a PR is created).
 
-This repository is a monorepo that contains multiple packages and applications. The structure is as follows:
+For changes that address core functionality or require breaking changes (e.g., a major release), it's best to open an Issue to discuss your proposal first. This is not required but can save time creating and reviewing changes.
 
-- `cli` - The Nhost CLI
-- `dashboard` - The Nhost Dashboard
-- `docs` - Documentation
-- `examples` - Various example projects
-- `packages/nhost-js` - The Nhost JavaScript/TypeScript SDK
-- `services/auth` - Nhost Authentication service
-- `services/storage` - Nhost Storage service
-- `tools/codegen` - Internal code generation tool to build the SDK
-- `tools/mintlify-openapi` - Internal tool to generate reference documentation for Mintlify from an OpenAPI spec.
+In general, we follow the ["fork-and-pull" Git workflow](https://github.com/susam/gitpr)
 
-For details about those projects and how to contribute, please refer to their respective `README.md` and `CONTRIBUTING.md` files.
+1. Fork the repository to your own Github account
+2. Clone the project to your machine
+3. Create a branch locally with a succinct but descriptive name. All changes should be part of a branch and submitted as a pull request - your branches should be prefixed with one of:
+   - `bug/` for bug fixes
+   - `feat/` for features
+   - `chore/` for configuration changes
+   - `docs/` for documentation changes
+4. Commit changes to the branch
+5. Following any formatting and testing guidelines specific to this repo
+6. Push changes to your fork
+7. Open a PR in our repository and follow the PR template to review the changes efficiently.

DEVELOPERS.md

@@ -0,0 +1,100 @@
+# Developer Guide
+
+## Requirements
+
+### Node.js v20 or later
+
+### [pnpm](https://pnpm.io/) package manager
+
+The easiest way to install `pnpm` if it's not installed on your machine yet is to use `npm`:
+
+```sh
+$ npm install -g pnpm
+```
+
+### [Nhost CLI](https://docs.nhost.io/platform/cli/local-development)
+
+- The CLI is primarily used for running the E2E tests
+- Please refer to the [installation guide](https://docs.nhost.io/platform/cli/local-development) if you have not installed it yet
+
+## File Structure
+
+The repository is organized as a monorepo, with the following structure (only relevant folders are shown):
+
+```
+assets/            # Assets used in the README
+config/            # Configuration files for the monorepo
+dashboard/         # Dashboard
+docs/              # Documentation website
+examples/          # Example projects
+packages/          # Core packages
+integrations/      # These are packages that rely on the core packages
+```
+
+## Get started
+
+### Installation
+
+First, clone this repository:
+
+```sh
+git clone https://github.com/nhost/nhost
+```
+
+Then, install the dependencies with `pnpm`:
+
+```sh
+$ cd nhost
+$ pnpm install
+```
+
+### Development
+
+Although package references are correctly updated on the fly for TypeScript, example projects and the dashboard won't see the changes because they are depending on the build output. To fix this, you can run packages in development mode.
+
+Running packages in development mode from the root folder is as simple as:
+
+```sh
+$ pnpm dev
+```
+
+Our packages are linked together using [PNPM's workspace](https://pnpm.io/workspaces) feature. Next.js and Vite automatically detect changes in the dependencies and rebuild everything, so the changes will be reflected in the examples and the dashboard.
+
+**Note:** It's possible that Next.js or Vite throw an error when you run `pnpm dev`. Restarting the process should fix it.
+
+### Use Examples
+
+Examples are a great way to test your changes in practice. Make sure you've `pnpm dev` running in your terminal and then run an example.
+
+Let's follow the instructions to run [react-apollo example](https://github.com/nhost/nhost/blob/main/examples/react-apollo/README.md).
+
+## Edit Documentation
+
+The easier way to contribute to our documentation is to go to the `docs` folder and follow the [instructions to start local development](https://github.com/nhost/nhost/blob/main/docs/README.md):
+
+```sh
+$ cd docs
+# not necessary if you've already done this step somewhere in the repository
+$ pnpm install
+$ pnpm start
+```
+
+## Run Test Suites
+
+### Unit Tests
+
+You can run the unit tests with the following command from the repository root:
+
+```sh
+$ pnpm test
+```
+
+### E2E Tests
+
+Each package that defines end-to-end tests embeds their own Nhost configuration, that will be automatically when running the tests. As a result, you must make sure you are not running the Nhost CLI before running the tests.
+
+You can run the e2e tests with the following command from the repository root:
+
+```sh
+$ pnpm e2e
+```

Makefile

@@ -1,16 +0,0 @@
-.PHONY: envrc-install
-envrc-install: ## Copy envrc.sample to all project folders
-	@for f in $$(find . -name "project.nix"); do \
-		echo "Copying envrc.sample to $$(dirname $$f)/.envrc"; \
-		cp ./envrc.sample $$(dirname $$f)/.envrc; \
-	done
-
-.PHONY: nixops-container-env
-nixops-container-env: ## Enter a NixOS container environment
-	docker run \
-		-it \
-		-v /var/run/docker.sock:/var/run/docker.sock \
-		-v ./:/build \
-		-w /build \
-		nixops:0.0.0-dev \
-			bash

README.md

@@ -12,7 +12,7 @@
 <span>&nbsp;&nbsp;•&nbsp;&nbsp;</span>
 <a href="https://nhost.io/blog">Blog</a>
 <span>&nbsp;&nbsp;•&nbsp;&nbsp;</span>
-<a href="https://x.com/nhost">X</a>
+<a href="https://twitter.com/nhost">Twitter</a>
 <span>&nbsp;&nbsp;•&nbsp;&nbsp;</span>
 <a href="https://nhost.io/discord">Discord</a>
 <span>&nbsp;&nbsp;•&nbsp;&nbsp;</span>
@@ -33,10 +33,10 @@ Nhost consists of open source software:
 
 - Database: [PostgreSQL](https://www.postgresql.org/)
 - Instant GraphQL API: [Hasura](https://hasura.io/)
-- Authentication: [Auth](https://github.com/nhost/nhost/tree/main/services/auth)
-- Storage: [Storage](https://github.com/nhost/nhost/tree/main/services/storage)
+- Authentication: [Hasura Auth](https://github.com/nhost/hasura-auth/)
+- Storage: [Hasura Storage](https://github.com/nhost/hasura-storage)
 - Serverless Functions: Node.js (JavaScript and TypeScript)
-- [Nhost CLI](https://github.com/nhost/nhost/tree/main/cli) for local development
+- [Nhost CLI](https://docs.nhost.io/platform/cli/local-development) for local development
 
 ## Architecture of Nhost
 
@@ -138,7 +138,7 @@ Here are some ways of contributing to making Nhost better:
 
 - **[Try out Nhost](https://docs.nhost.io)**, and think of ways to make the service better. Let us know here on GitHub.
 - Join our [Discord](https://discord.com/invite/9V7Qb2U) and connect with other members to share and learn from.
-- Send a pull request to any of our [open source repositories](https://github.com/nhost) on Github. Check out our [contribution guide](https://github.com/nhost/nhost/blob/main/CONTRIBUTING.md) for more details about how to contribute. We're looking forward to your contribution!
+- Send a pull request to any of our [open source repositories](https://github.com/nhost) on Github. Check our [contribution guide](https://github.com/nhost/nhost/blob/main/CONTRIBUTING.md) and our [developers guide](https://github.com/nhost/nhost/blob/main/DEVELOPERS.md) for more details about how to contribute. We're looking forward to your contribution!
 
 ### Contributors
 

audit-ci.jsonc

@@ -2,7 +2,5 @@
   // $schema provides code completion hints to IDEs.
   "$schema": "https://github.com/IBM/audit-ci/raw/main/docs/schema.json",
   "moderate": true,
-  "allowlist": [
-    "GHSA-7mvr-c777-76hp" // https://github.com/advisories/GHSA-7mvr-c777-76hp Update package once Nix side is also updated
-  ]
-}
+  "allowlist": ["vue-template-compiler", { "id": "CVE-2025-48068", "path": "next" }]
+}

build/makefiles/general.makefile

@@ -54,11 +54,6 @@ get-version:  ## Return version
 	@echo $(VERSION)
 
 
-.PHONY: develop
-develop:  ## Start a nix develop shell
-	nix develop .\#$(NAME)
-
-
 .PHONY: _check-pre
 _check-pre:  ## Pre-checks before running nix flake check
 
@@ -110,11 +105,6 @@ build-docker-image:  ## Build docker container for native architecture
 		skopeo copy --insecure-policy dir:./result docker-daemon:$(NAME):$(VERSION)
 
 
-.PHONY: build-docker-image-import-bare
-build-docker-image-import-bare:
-	skopeo copy --insecure-policy dir:./result docker-daemon:$(NAME):$(VERSION)
-
-
 .PHONY: dev-env-up
 dev-env-up: _dev-env-build _dev-env-up ## Starts development environment
 

cli/CHANGELOG.md

@@ -1,71 +1,7 @@
-## [cli@1.34.8] - 2025-11-19
-
-### 🐛 Bug Fixes
-
-- *(cli)* Update traefik (#3710)
-
-## [cli@1.34.7] - 2025-11-13
-
-### ⚙️ Miscellaneous Tasks
-
-- *(cli)* Bump nhost/dashboard to 2.42.0 (#3693)
-
-## [cli@1.34.6] - 2025-11-13
-
-### 🐛 Bug Fixes
-
-- *(cli)* Mcp: specify items type for arrays in tools (#3687)
-
-
-### ⚙️ Miscellaneous Tasks
-
-- *(cli)* Update bindings (#3689)
-
-## [cli@1.34.5] - 2025-11-06
-
-### ⚙️ Miscellaneous Tasks
-
-- *(nixops)* Bump go to 1.25.3 and nixpkgs due to CVEs (#3652)
-- *(cli)* Udpate certs and schema (#3675)
-- *(cli)* Bump nhost/dashboard to 2.41.0 (#3669)
-
 # Changelog
 
 All notable changes to this project will be documented in this file.
 
-## [cli@1.34.4] - 2025-10-28
-
-### 🐛 Bug Fixes
-
-- *(cli)* Update NEXT_PUBLIC_NHOST_HASURA_MIGRATIONS_API_URL correctly (#3643)
-
-## [cli@1.34.3] - 2025-10-27
-
-### ⚙️ Miscellaneous Tasks
-
-- *(cli)* Update schema (#3622)
-- *(cli)* Bump nhost/dashboard to 2.40.0 (#3629)
-
-## [cli@1.34.2] - 2025-10-20
-
-### ⚙️ Miscellaneous Tasks
-
-- *(cli)* Minor fix to download script when specifying version (#3602)
-- *(cli)* Update schema (#3613)
-
-## [cli@1.34.1] - 2025-10-13
-
-### 🐛 Bug Fixes
-
-- *(cli)* Remove references to mcp-nhost (#3575)
-- *(cli)* Workaround os.Rename issues when src and dst are on different partitions (#3599)
-
-
-### ⚙️ Miscellaneous Tasks
-
-- *(auth)* Change some references to deprecated hasura-auth (#3584)
-- *(docs)* Udpated README.md and CONTRIBUTING.md (#3587)
-
 ## [cli@1.34.0] - 2025-10-09
 
 ### 🚀 Features

cli/CONTRIBUTING.md

@@ -1,84 +0,0 @@
-# Developer Guide
-
-## Requirements
-
-We use nix to manage the development environment, the build process and for running tests.
-
-### With Nix (Recommended)
-
-Run `nix develop \#cli` to get a complete development environment.
-
-### Without Nix
-
-Check `project.nix` (checkDeps, buildInputs, buildNativeInputs) for manual dependency installation. Alternatively, you can run `make nixops-container-env` in the root of the repository to enter a Docker container with nix and all dependencies pre-installed (note it is a large image).
-
-## Development Workflow
-
-### Running Tests
-
-**With Nix:**
-```bash
-make dev-env-up
-make check
-```
-
-**Without Nix:**
-```bash
-# Start development environment
-make dev-env-up
-
-# Lint Go code
-golangci-lint run ./...
-
-# Run tests
-go test -v ./...
-```
-
-### Formatting
-
-Format code before committing:
-```bash
-golines -w --base-formatter=gofumpt .
-```
-
-## Building
-
-### Local Build
-
-Build the project (output in `./result`):
-```bash
-make build
-```
-
-### Docker Image
-
-Build and import Docker image with skopeo:
-```bash
-make build-docker-image
-```
-
-If you run the command above inside the dockerized nixops-container-env and you get an error like:
-
-```
-FATA[0000] writing blob: io: read/write on closed pipe
-```
-
-then you need to run the following command outside of the container (needs skopeo installed on the host):
-
-```bash
-cd cli
-make build-docker-image-import-bare
-```
-
-### Multi-Platform Builds
-
-Build for multiple platforms (Darwin/Linux, ARM64/AMD64):
-```bash
-make build-multiplatform
-```
-
-This produces binaries for:
-- darwin/arm64
-- darwin/amd64
-- linux/arm64
-- linux/amd64

cli/cmd/dev/cloud.go

@@ -56,7 +56,7 @@ func CommandCloud() *cli.Command {
 			&cli.StringFlag{ //nolint:exhaustruct
 				Name:    flagDashboardVersion,
 				Usage:   "Dashboard version to use",
-				Value:   "nhost/dashboard:2.42.0",
+				Value:   "nhost/dashboard:2.38.4",
 				Sources: cli.EnvVars("NHOST_DASHBOARD_VERSION"),
 			},
 			&cli.StringFlag{ //nolint:exhaustruct

cli/cmd/dev/up.go

@@ -111,7 +111,7 @@ func CommandUp() *cli.Command { //nolint:funlen
 			&cli.StringFlag{ //nolint:exhaustruct
 				Name:    flagDashboardVersion,
 				Usage:   "Dashboard version to use",
-				Value:   "nhost/dashboard:2.42.0",
+				Value:   "nhost/dashboard:2.38.4",
 				Sources: cli.EnvVars("NHOST_DASHBOARD_VERSION"),
 			},
 			&cli.StringFlag{ //nolint:exhaustruct

cli/cmd/mcp/config/dump.go

@@ -17,7 +17,7 @@ func actionDump(_ context.Context, cmd *cli.Command) error {
 
 	cfg, err := config.Load(configPath)
 	if err != nil {
-		fmt.Println("Please, run `nhost mcp config` to configure the service.") //nolint:forbidigo
+		fmt.Println("Please, run `mcp-nhost config` to configure the service.") //nolint:forbidigo
 		return cli.Exit("failed to load config file "+err.Error(), 1)
 	}
 

cli/cmd/mcp/mcp_test.go

@@ -196,12 +196,10 @@ config validate after making changes to your nhost.toml file to ensure it is val
 							"mutations": map[string]any{
 								"description": string("list of mutations to fetch"),
 								"type":        string("array"),
-								"items":       map[string]any{"type": string("string")},
 							},
 							"queries": map[string]any{
 								"description": string("list of queries to fetch"),
 								"type":        string("array"),
-								"items":       map[string]any{"type": string("string")},
 							},
 							"summary": map[string]any{
 								"default":     bool(true),

cli/cmd/mcp/start/start.go

@@ -137,7 +137,7 @@ func getConfig(cmd *cli.Command) (*config.Config, error) {
 
 	cfg, err := config.Load(configPath)
 	if err != nil {
-		fmt.Println("Please, run `nhost mcp config` to configure the service.") //nolint:forbidigo
+		fmt.Println("Please, run `mcp-nhost config` to configure the service.") //nolint:forbidigo
 		return nil, cli.Exit("failed to load config file "+err.Error(), 1)
 	}
 

cli/cmd/project/init.go

@@ -131,7 +131,7 @@ func initInit(
 
 	getclient := &getter.Client{}                    //nolint:exhaustruct
 	if _, err := getclient.Get(ctx, &getter.Request{ //nolint:exhaustruct
-		Src:             "git::https://github.com/nhost/nhost.git//services/auth/email-templates",
+		Src:             "git::https://github.com/nhost/hasura-auth.git//email-templates",
 		Dst:             "nhost/emails",
 		DisableSymlinks: true,
 	}); err != nil {

cli/cmd/software/upgrade.go

@@ -2,13 +2,10 @@ package software
 
 import (
 	"context"
-	"errors"
 	"fmt"
-	"io"
 	"os"
 	"runtime"
 	"strings"
-	"syscall"
 
 	"github.com/nhost/nhost/cli/clienv"
 	"github.com/nhost/nhost/cli/software"
@@ -95,8 +92,8 @@ func install(cmd *cli.Command, ce *clienv.CliEnv, tmpFile string) error {
 
 	ce.Infoln("Copying to %s...", curBin)
 
-	if err := moveOrCopyFile(tmpFile, curBin); err != nil {
-		return fmt.Errorf("failed to move %s to %s: %w", tmpFile, curBin, err)
+	if err := os.Rename(tmpFile, curBin); err != nil {
+		return fmt.Errorf("failed to rename %s to %s: %w", tmpFile, curBin, err)
 	}
 
 	ce.Infoln("Setting permissions...")
@@ -107,55 +104,3 @@ func install(cmd *cli.Command, ce *clienv.CliEnv, tmpFile string) error {
 
 	return nil
 }
-
-func moveOrCopyFile(src, dst string) error {
-	if err := os.Rename(src, dst); err != nil {
-		var linkErr *os.LinkError
-		// this happens when moving across different filesystems
-		if errors.As(err, &linkErr) && errors.Is(linkErr.Err, syscall.EXDEV) {
-			if err := hardMove(src, dst); err != nil {
-				return fmt.Errorf("failed to hard move: %w", err)
-			}
-
-			return nil
-		}
-
-		return fmt.Errorf("failed to rename: %w", err)
-	}
-
-	return nil
-}
-
-func hardMove(src, dst string) error {
-	srcFile, err := os.Open(src)
-	if err != nil {
-		return fmt.Errorf("failed to open source file: %w", err)
-	}
-	defer srcFile.Close()
-
-	dstFile, err := os.Create(dst)
-	if err != nil {
-		return fmt.Errorf("failed to create destination file: %w", err)
-	}
-	defer dstFile.Close()
-
-	if _, err := io.Copy(dstFile, srcFile); err != nil {
-		return fmt.Errorf("failed to copy file contents: %w", err)
-	}
-
-	fi, err := os.Stat(src)
-	if err != nil {
-		return fmt.Errorf("failed to stat source file: %w", err)
-	}
-
-	err = os.Chmod(dst, fi.Mode())
-	if err != nil {
-		return fmt.Errorf("failed to set file permissions: %w", err)
-	}
-
-	if err := os.Remove(src); err != nil {
-		return fmt.Errorf("failed to remove source file: %w", err)
-	}
-
-	return nil
-}

cli/dockercompose/auth.go

@@ -47,7 +47,7 @@ func auth( //nolint:funlen
 		&model.ConfigSmtp{
 			User:     "user",
 			Password: "password",
-			Sender:   "auth@example.com",
+			Sender:   "hasura-auth@example.com",
 			Host:     "mailhog",
 			Port:     1025, //nolint:mnd
 			Secure:   false,
@@ -56,7 +56,6 @@ func auth( //nolint:funlen
 		false,
 		false,
 		"00000000-0000-0000-0000-000000000000",
-		"5181f67e2844e4b60d571fa346cac9c37fc00d1ff519212eae6cead138e639ba",
 	)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get hasura env vars: %w", err)

cli/dockercompose/auth_test.go

@@ -33,7 +33,6 @@ func expectedAuth() *Service {
 			"AUTH_DISABLE_SIGNUP":                       "false",
 			"AUTH_EMAIL_PASSWORDLESS_ENABLED":           "true",
 			"AUTH_EMAIL_SIGNIN_EMAIL_VERIFIED_REQUIRED": "true",
-			"AUTH_ENCRYPTION_KEY":                       "5181f67e2844e4b60d571fa346cac9c37fc00d1ff519212eae6cead138e639ba",
 			"AUTH_GRAVATAR_DEFAULT":                     "gravatarDefault",
 			"AUTH_GRAVATAR_ENABLED":                     "true",
 			"AUTH_GRAVATAR_RATING":                      "gravatarRating",
@@ -53,7 +52,6 @@ func expectedAuth() *Service {
 			"AUTH_PROVIDER_APPLE_ENABLED":               "true",
 			"AUTH_PROVIDER_APPLE_KEY_ID":                "appleKeyId",
 			"AUTH_PROVIDER_APPLE_PRIVATE_KEY":           "applePrivateKey",
-			"AUTH_PROVIDER_APPLE_SCOPE":                 "",
 			"AUTH_PROVIDER_APPLE_TEAM_ID":               "appleTeamId",
 			"AUTH_PROVIDER_AZUREAD_CLIENT_ID":           "azureadClientId",
 			"AUTH_PROVIDER_AZUREAD_CLIENT_SECRET":       "azureadClientSecret",
@@ -76,12 +74,9 @@ func expectedAuth() *Service {
 			"AUTH_PROVIDER_FACEBOOK_CLIENT_SECRET":      "facebookClientSecret",
 			"AUTH_PROVIDER_FACEBOOK_ENABLED":            "true",
 			"AUTH_PROVIDER_FACEBOOK_SCOPE":              "email",
-			"AUTH_PROVIDER_GITHUB_AUDIENCE":             "audience",
 			"AUTH_PROVIDER_GITHUB_CLIENT_ID":            "githubClientId",
 			"AUTH_PROVIDER_GITHUB_CLIENT_SECRET":        "githubClientSecret",
 			"AUTH_PROVIDER_GITHUB_ENABLED":              "true",
-			"AUTH_PROVIDER_GITHUB_SCOPE":                "user:email",
-			"AUTH_PROVIDER_GITLAB_AUDIENCE":             "audience",
 			"AUTH_PROVIDER_GITLAB_CLIENT_ID":            "gitlabClientId",
 			"AUTH_PROVIDER_GITLAB_CLIENT_SECRET":        "gitlabClientSecret",
 			"AUTH_PROVIDER_GITLAB_ENABLED":              "true",
@@ -101,7 +96,6 @@ func expectedAuth() *Service {
 			"AUTH_PROVIDER_SPOTIFY_CLIENT_SECRET":       "spotifyClientSecret",
 			"AUTH_PROVIDER_SPOTIFY_ENABLED":             "true",
 			"AUTH_PROVIDER_SPOTIFY_SCOPE":               "user-read-email",
-			"AUTH_PROVIDER_STRAVA_AUDIENCE":             "audience",
 			"AUTH_PROVIDER_STRAVA_CLIENT_ID":            "stravaClientId",
 			"AUTH_PROVIDER_STRAVA_CLIENT_SECRET":        "stravaClientSecret",
 			"AUTH_PROVIDER_STRAVA_ENABLED":              "true",
@@ -149,7 +143,7 @@ func expectedAuth() *Service {
 			"AUTH_SMTP_PASS":                            "password",
 			"AUTH_SMTP_PORT":                            "1025",
 			"AUTH_SMTP_SECURE":                          "false",
-			"AUTH_SMTP_SENDER":                          "auth@example.com",
+			"AUTH_SMTP_SENDER":                          "hasura-auth@example.com",
 			"AUTH_SMTP_USER":                            "user",
 			"AUTH_USER_DEFAULT_ALLOWED_ROLES":           "user,admin",
 			"AUTH_USER_DEFAULT_ROLE":                    "user",

cli/dockercompose/compose.go

@@ -250,7 +250,7 @@ func traefik(subdomain, projectName string, port uint, dotnhostfolder string) (*
 	}
 
 	return &Service{
-		Image:      "traefik:v3.6",
+		Image:      "traefik:v3.1",
 		DependsOn:  nil,
 		EntryPoint: nil,
 		Command: []string{
@@ -344,7 +344,7 @@ func dashboard(
 				subdomain, "hasura", httpPort, useTLS,
 			) + "/console",
 			"NEXT_PUBLIC_NHOST_HASURA_MIGRATIONS_API_URL": URL(
-				subdomain, "hasura", httpPort, useTLS) + "/apis/migrate",
+				subdomain, "hasura", httpPort, useTLS),
 			"NEXT_PUBLIC_NHOST_STORAGE_URL": URL(
 				subdomain, "storage", httpPort, useTLS) + "/v1",
 		},
@@ -459,7 +459,7 @@ func mailhog(subdomain, volumeName string, useTLS bool) *Service {
 			"SMTP_PASS":   "password",
 			"SMTP_PORT":   "1025",
 			"SMTP_SECURE": "false",
-			"SMTP_SENDER": "auth@example.com",
+			"SMTP_SENDER": "hasura-auth@example.com",
 			"SMTP_USER":   "user",
 		},
 		ExtraHosts:  extraHosts(subdomain),

cli/get.sh

@@ -44,7 +44,7 @@ if [[ "$version" == "latest" ]]; then
     release=$(curl --silent https://api.github.com/repos/nhost/nhost/releases\?per_page=100 | grep tag_name | grep \"cli\@ | head -n 1 | sed 's/.*"tag_name": "\([^"]*\)".*/\1/')
     version=$( echo $release | sed 's/.*@//')
 else
-    release="cli@$version"
+    release="cli@$release"
 fi
 
 # check version exists

cli/mcp/nhost/auth/auth.gen.go

@@ -1,6 +1,6 @@
 // Package auth provides primitives to interact with the openapi HTTP API.
 //
-// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version 2.5.0 DO NOT EDIT.
+// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version 2.4.1 DO NOT EDIT.
 package auth
 
 import (

cli/mcp/nhost/graphql/graphql.gen.go

@@ -1,6 +1,6 @@
 // Package graphql provides primitives to interact with the openapi HTTP API.
 //
-// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version 2.5.0 DO NOT EDIT.
+// Code generated by github.com/oapi-codegen/oapi-codegen/v2 version 2.4.1 DO NOT EDIT.
 package graphql
 
 import (

cli/mcp/resources/nhost_toml_schema.cue

@@ -148,7 +148,7 @@ import (
 #Hasura: {
 	// Version of hasura, you can see available versions in the URL below:
 	// https://hub.docker.com/r/hasura/graphql-engine/tags
-	version: string | *"v2.48.5-ce"
+	version: string | *"v2.46.0-ce"
 
 	// JWT Secrets configuration
 	jwtSecrets: [#JWTSecret]
@@ -223,7 +223,7 @@ import (
 	// Releases:
 	//
 	// https://github.com/nhost/hasura-storage/releases
-	version: string | *"0.9.1"
+	version: string | *"0.7.2"
 
 	// Networking (custom domains at the moment) are not allowed as we need to do further
 	// configurations in the CDN. We will enable it again in the future.
@@ -311,7 +311,7 @@ import (
 	// Releases:
 	//
 	// https://github.com/nhost/hasura-auth/releases
-	version: string | *"0.43.0"
+	version: string | *"0.38.1"
 
 	// Resources for the service
 	resources?: #Resources
@@ -651,9 +651,6 @@ import (
 			iops: uint32 | *3000
 			tput: uint32 | *125
 		}
-
-        encryptColumnKey?: string & =~"^[0-9a-fA-F]{64}$"    // 32 bytes hex-encoded key
-        oldEncryptColumnKey?: string & =~"^[0-9a-fA-F]{64}$" // for key rotation
 	}
 
 	persistentVolumesEncrypted: bool | *false

cli/mcp/tools/cloud/query.go

@@ -12,7 +12,7 @@ import (
 const (
 	ToolGraphqlQueryName = "cloud-graphql-query"
 	//nolint:lll
-	ToolGraphqlQueryInstructions = `Execute a GraphQL query against the Nhost Cloud to perform operations on projects and organizations. It also allows configuring projects hosted on Nhost Cloud. Make sure you got the schema before attempting to execute any query. If you get an error while performing a query refresh the schema in case something has changed or you did something wrong. If you get an error indicating mutations are not allowed the user may have disabled them in the server, don't retry and ask the user they need to pass --with-cloud-mutations when starting nhost's mcp to enable them. Projects are apps.`
+	ToolGraphqlQueryInstructions = `Execute a GraphQL query against the Nhost Cloud to perform operations on projects and organizations. It also allows configuring projects hosted on Nhost Cloud. Make sure you got the schema before attempting to execute any query. If you get an error while performing a query refresh the schema in case something has changed or you did something wrong. If you get an error indicating mutations are not allowed the user may have disabled them in the server, don't retry and ask the user they need to pass --with-cloud-mutations when starting mcp-nhost to enable them. Projects are apps.`
 )
 
 func ptr[T any](v T) *T {

cli/mcp/tools/project/query.go

@@ -14,7 +14,7 @@ import (
 const (
 	ToolGraphqlQueryName = "graphql-query"
 	//nolint:lll
-	ToolGraphqlQueryInstructions = `Execute a GraphQL query against a Nhost project. This tool is useful to query and mutate data. If you run into issues executing queries, retrieve the schema again in case the schema has changed. If you get an error indicating the query or mutation is not allowed the user may have disabled them in the server, don't retry and tell the user they need to enable them when starting nhost's mcp`
+	ToolGraphqlQueryInstructions = `Execute a GraphQL query against a Nhost project. This tool is useful to query and mutate data. If you run into issues executing queries, retrieve the schema again in case the schema has changed. If you get an error indicating the query or mutation is not allowed the user may have disabled them in the server, don't retry and tell the user they need to enable them when starting mcp-nhost`
 )
 
 func ptr[T any](v T) *T {

cli/mcp/tools/schemas/schemas.go

@@ -68,12 +68,10 @@ func (t *Tool) Register(mcpServer *server.MCPServer) {
 		),
 		mcp.WithArray(
 			"queries",
-			mcp.WithStringItems(),
 			mcp.Description("list of queries to fetch"),
 		),
 		mcp.WithArray(
 			"mutations",
-			mcp.WithStringItems(),
 			mcp.Description("list of mutations to fetch"),
 		),
 	)

cli/nhostclient/graphql/models_gen.go

@@ -70,28 +70,18 @@ type ConfigAIUpdateInput struct {
 	WebhookSecret  *string                            `json:"webhookSecret,omitempty"`
 }
 
-// Configuration for auth service
-// You can find more information about the configuration here:
-// https://github.com/nhost/hasura-auth/blob/main/docs/environment-variables.md
 type ConfigAuth struct {
 	ElevatedPrivileges *ConfigAuthElevatedPrivileges `json:"elevatedPrivileges,omitempty"`
 	Method             *ConfigAuthMethod             `json:"method,omitempty"`
 	Misc               *ConfigAuthMisc               `json:"misc,omitempty"`
 	RateLimit          *ConfigAuthRateLimit          `json:"rateLimit,omitempty"`
 	Redirections       *ConfigAuthRedirections       `json:"redirections,omitempty"`
-	// Resources for the service
-	Resources *ConfigResources   `json:"resources,omitempty"`
-	Session   *ConfigAuthSession `json:"session,omitempty"`
-	SignUp    *ConfigAuthSignUp  `json:"signUp,omitempty"`
-	Totp      *ConfigAuthTotp    `json:"totp,omitempty"`
-	User      *ConfigAuthUser    `json:"user,omitempty"`
-	// Version of auth, you can see available versions in the URL below:
-	// https://hub.docker.com/r/nhost/hasura-auth/tags
-	//
-	// Releases:
-	//
-	// https://github.com/nhost/hasura-auth/releases
-	Version *string `json:"version,omitempty"`
+	Resources          *ConfigResources              `json:"resources,omitempty"`
+	Session            *ConfigAuthSession            `json:"session,omitempty"`
+	SignUp             *ConfigAuthSignUp             `json:"signUp,omitempty"`
+	Totp               *ConfigAuthTotp               `json:"totp,omitempty"`
+	User               *ConfigAuthUser               `json:"user,omitempty"`
+	Version            *string                       `json:"version,omitempty"`
 }
 
 type ConfigAuthElevatedPrivileges struct {
@@ -121,11 +111,9 @@ type ConfigAuthMethodAnonymousUpdateInput struct {
 }
 
 type ConfigAuthMethodEmailPassword struct {
-	EmailVerificationRequired *bool `json:"emailVerificationRequired,omitempty"`
-	// Disabling email+password sign in is not implmented yet
-	// enabled: bool | *true
-	HibpEnabled       *bool   `json:"hibpEnabled,omitempty"`
-	PasswordMinLength *uint32 `json:"passwordMinLength,omitempty"`
+	EmailVerificationRequired *bool   `json:"emailVerificationRequired,omitempty"`
+	HibpEnabled               *bool   `json:"hibpEnabled,omitempty"`
+	PasswordMinLength         *uint32 `json:"passwordMinLength,omitempty"`
 }
 
 type ConfigAuthMethodEmailPasswordUpdateInput struct {
@@ -347,10 +335,8 @@ type ConfigAuthRateLimitUpdateInput struct {
 }
 
 type ConfigAuthRedirections struct {
-	// AUTH_ACCESS_CONTROL_ALLOWED_REDIRECT_URLS
 	AllowedUrls []string `json:"allowedUrls,omitempty"`
-	// AUTH_CLIENT_URL
-	ClientURL *string `json:"clientUrl,omitempty"`
+	ClientURL   *string  `json:"clientUrl,omitempty"`
 }
 
 type ConfigAuthRedirectionsUpdateInput struct {
@@ -364,10 +350,8 @@ type ConfigAuthSession struct {
 }
 
 type ConfigAuthSessionAccessToken struct {
-	// AUTH_JWT_CUSTOM_CLAIMS
 	CustomClaims []*ConfigAuthsessionaccessTokenCustomClaims `json:"customClaims,omitempty"`
-	// AUTH_ACCESS_TOKEN_EXPIRES_IN
-	ExpiresIn *uint32 `json:"expiresIn,omitempty"`
+	ExpiresIn    *uint32                                     `json:"expiresIn,omitempty"`
 }
 
 type ConfigAuthSessionAccessTokenUpdateInput struct {
@@ -376,7 +360,6 @@ type ConfigAuthSessionAccessTokenUpdateInput struct {
 }
 
 type ConfigAuthSessionRefreshToken struct {
-	// AUTH_REFRESH_TOKEN_EXPIRES_IN
 	ExpiresIn *uint32 `json:"expiresIn,omitempty"`
 }
 
@@ -390,11 +373,9 @@ type ConfigAuthSessionUpdateInput struct {
 }
 
 type ConfigAuthSignUp struct {
-	// AUTH_DISABLE_NEW_USERS
-	DisableNewUsers *bool `json:"disableNewUsers,omitempty"`
-	// Inverse of AUTH_DISABLE_SIGNUP
-	Enabled   *bool                      `json:"enabled,omitempty"`
-	Turnstile *ConfigAuthSignUpTurnstile `json:"turnstile,omitempty"`
+	DisableNewUsers *bool                      `json:"disableNewUsers,omitempty"`
+	Enabled         *bool                      `json:"enabled,omitempty"`
+	Turnstile       *ConfigAuthSignUpTurnstile `json:"turnstile,omitempty"`
 }
 
 type ConfigAuthSignUpTurnstile struct {
@@ -444,16 +425,12 @@ type ConfigAuthUser struct {
 }
 
 type ConfigAuthUserEmail struct {
-	// AUTH_ACCESS_CONTROL_ALLOWED_EMAILS
 	Allowed []string `json:"allowed,omitempty"`
-	// AUTH_ACCESS_CONTROL_BLOCKED_EMAILS
 	Blocked []string `json:"blocked,omitempty"`
 }
 
 type ConfigAuthUserEmailDomains struct {
-	// AUTH_ACCESS_CONTROL_ALLOWED_EMAIL_DOMAINS
 	Allowed []string `json:"allowed,omitempty"`
-	// AUTH_ACCESS_CONTROL_BLOCKED_EMAIL_DOMAINS
 	Blocked []string `json:"blocked,omitempty"`
 }
 
@@ -469,7 +446,6 @@ type ConfigAuthUserEmailUpdateInput struct {
 
 type ConfigAuthUserGravatar struct {
 	Default *string `json:"default,omitempty"`
-	// AUTH_GRAVATAR_ENABLED
 	Enabled *bool   `json:"enabled,omitempty"`
 	Rating  *string `json:"rating,omitempty"`
 }
@@ -481,10 +457,8 @@ type ConfigAuthUserGravatarUpdateInput struct {
 }
 
 type ConfigAuthUserLocale struct {
-	// AUTH_LOCALE_ALLOWED_LOCALES
 	Allowed []string `json:"allowed,omitempty"`
-	// AUTH_LOCALE_DEFAULT
-	Default *string `json:"default,omitempty"`
+	Default *string  `json:"default,omitempty"`
 }
 
 type ConfigAuthUserLocaleUpdateInput struct {
@@ -493,10 +467,8 @@ type ConfigAuthUserLocaleUpdateInput struct {
 }
 
 type ConfigAuthUserRoles struct {
-	// AUTH_USER_DEFAULT_ALLOWED_ROLES
 	Allowed []string `json:"allowed,omitempty"`
-	// AUTH_USER_DEFAULT_ROLE
-	Default *string `json:"default,omitempty"`
+	Default *string  `json:"default,omitempty"`
 }
 
 type ConfigAuthUserRolesUpdateInput struct {
@@ -512,7 +484,6 @@ type ConfigAuthUserUpdateInput struct {
 	Roles        *ConfigAuthUserRolesUpdateInput        `json:"roles,omitempty"`
 }
 
-// AUTH_JWT_CUSTOM_CLAIMS
 type ConfigAuthsessionaccessTokenCustomClaims struct {
 	Default *string `json:"default,omitempty"`
 	Key     string  `json:"key"`
@@ -551,11 +522,8 @@ type ConfigClaimMapUpdateInput struct {
 	Value   *string `json:"value,omitempty"`
 }
 
-// Resource configuration for a service
 type ConfigComputeResources struct {
-	// milicpus, 1000 milicpus = 1 cpu
-	CPU uint32 `json:"cpu"`
-	// MiB: 128MiB to 30GiB
+	CPU    uint32 `json:"cpu"`
 	Memory uint32 `json:"memory"`
 }
 
@@ -569,28 +537,17 @@ type ConfigComputeResourcesUpdateInput struct {
 	Memory *uint32 `json:"memory,omitempty"`
 }
 
-// main entrypoint to the configuration
 type ConfigConfig struct {
-	// Configuration for graphite service
-	Ai *ConfigAi `json:"ai,omitempty"`
-	// Configuration for auth service
-	Auth *ConfigAuth `json:"auth,omitempty"`
-	// Configuration for functions service
-	Functions *ConfigFunctions `json:"functions,omitempty"`
-	// Global configuration that applies to all services
-	Global *ConfigGlobal `json:"global,omitempty"`
-	// Advanced configuration for GraphQL
-	Graphql *ConfigGraphql `json:"graphql,omitempty"`
-	// Configuration for hasura
-	Hasura *ConfigHasura `json:"hasura"`
-	// Configuration for observability service
+	Ai            *ConfigAi            `json:"ai,omitempty"`
+	Auth          *ConfigAuth          `json:"auth,omitempty"`
+	Functions     *ConfigFunctions     `json:"functions,omitempty"`
+	Global        *ConfigGlobal        `json:"global,omitempty"`
+	Graphql       *ConfigGraphql       `json:"graphql,omitempty"`
+	Hasura        *ConfigHasura        `json:"hasura"`
 	Observability *ConfigObservability `json:"observability"`
-	// Configuration for postgres service
-	Postgres *ConfigPostgres `json:"postgres"`
-	// Configuration for third party providers like SMTP, SMS, etc.
-	Provider *ConfigProvider `json:"provider,omitempty"`
-	// Configuration for storage service
-	Storage *ConfigStorage `json:"storage,omitempty"`
+	Postgres      *ConfigPostgres      `json:"postgres"`
+	Provider      *ConfigProvider      `json:"provider,omitempty"`
+	Storage       *ConfigStorage       `json:"storage,omitempty"`
 }
 
 type ConfigConfigUpdateInput struct {
@@ -607,8 +564,7 @@ type ConfigConfigUpdateInput struct {
 }
 
 type ConfigEnvironmentVariable struct {
-	Name string `json:"name"`
-	// Value of the environment variable
+	Name  string `json:"name"`
 	Value string `json:"value"`
 }
 
@@ -622,7 +578,6 @@ type ConfigEnvironmentVariableUpdateInput struct {
 	Value *string `json:"value,omitempty"`
 }
 
-// Configuration for functions service
 type ConfigFunctions struct {
 	Node      *ConfigFunctionsNode      `json:"node,omitempty"`
 	RateLimit *ConfigRateLimit          `json:"rateLimit,omitempty"`
@@ -651,15 +606,12 @@ type ConfigFunctionsUpdateInput struct {
 	Resources *ConfigFunctionsResourcesUpdateInput `json:"resources,omitempty"`
 }
 
-// Global configuration that applies to all services
 type ConfigGlobal struct {
-	// User-defined environment variables that are spread over all services
 	Environment []*ConfigGlobalEnvironmentVariable `json:"environment,omitempty"`
 }
 
 type ConfigGlobalEnvironmentVariable struct {
-	Name string `json:"name"`
-	// Value of the environment variable
+	Name  string `json:"name"`
 	Value string `json:"value"`
 }
 
@@ -816,34 +768,23 @@ type ConfigGraphqlUpdateInput struct {
 	Security *ConfigGraphqlSecurityUpdateInput `json:"security,omitempty"`
 }
 
-// Configuration for hasura service
 type ConfigHasura struct {
-	// Admin secret
-	AdminSecret string                `json:"adminSecret"`
-	AuthHook    *ConfigHasuraAuthHook `json:"authHook,omitempty"`
-	Events      *ConfigHasuraEvents   `json:"events,omitempty"`
-	// JWT Secrets configuration
-	JwtSecrets []*ConfigJWTSecret `json:"jwtSecrets,omitempty"`
-	Logs       *ConfigHasuraLogs  `json:"logs,omitempty"`
-	RateLimit  *ConfigRateLimit   `json:"rateLimit,omitempty"`
-	// Resources for the service
-	Resources *ConfigResources `json:"resources,omitempty"`
-	// Configuration for hasura services
-	// Reference: https://hasura.io/docs/latest/deployment/graphql-engine-flags/reference/
-	Settings *ConfigHasuraSettings `json:"settings,omitempty"`
-	// Version of hasura, you can see available versions in the URL below:
-	// https://hub.docker.com/r/hasura/graphql-engine/tags
-	Version *string `json:"version,omitempty"`
-	// Webhook secret
-	WebhookSecret string `json:"webhookSecret"`
+	AdminSecret   string                `json:"adminSecret"`
+	AuthHook      *ConfigHasuraAuthHook `json:"authHook,omitempty"`
+	Events        *ConfigHasuraEvents   `json:"events,omitempty"`
+	JwtSecrets    []*ConfigJWTSecret    `json:"jwtSecrets,omitempty"`
+	Logs          *ConfigHasuraLogs     `json:"logs,omitempty"`
+	RateLimit     *ConfigRateLimit      `json:"rateLimit,omitempty"`
+	Resources     *ConfigResources      `json:"resources,omitempty"`
+	Settings      *ConfigHasuraSettings `json:"settings,omitempty"`
+	Version       *string               `json:"version,omitempty"`
+	WebhookSecret string                `json:"webhookSecret"`
 }
 
 type ConfigHasuraAuthHook struct {
-	Mode *string `json:"mode,omitempty"`
-	// HASURA_GRAPHQL_AUTH_HOOK_SEND_REQUEST_BODY
-	SendRequestBody *bool `json:"sendRequestBody,omitempty"`
-	// HASURA_GRAPHQL_AUTH_HOOK
-	URL string `json:"url"`
+	Mode            *string `json:"mode,omitempty"`
+	SendRequestBody *bool   `json:"sendRequestBody,omitempty"`
+	URL             string  `json:"url"`
 }
 
 type ConfigHasuraAuthHookUpdateInput struct {
@@ -853,7 +794,6 @@ type ConfigHasuraAuthHookUpdateInput struct {
 }
 
 type ConfigHasuraEvents struct {
-	// HASURA_GRAPHQL_EVENTS_HTTP_POOL_SIZE
 	HTTPPoolSize *uint32 `json:"httpPoolSize,omitempty"`
 }
 
@@ -869,27 +809,16 @@ type ConfigHasuraLogsUpdateInput struct {
 	Level *string `json:"level,omitempty"`
 }
 
-// Configuration for hasura services
-// Reference: https://hasura.io/docs/latest/deployment/graphql-engine-flags/reference/
 type ConfigHasuraSettings struct {
-	// HASURA_GRAPHQL_CORS_DOMAIN
-	CorsDomain []string `json:"corsDomain,omitempty"`
-	// HASURA_GRAPHQL_DEV_MODE
-	DevMode *bool `json:"devMode,omitempty"`
-	// HASURA_GRAPHQL_ENABLE_ALLOWLIST
-	EnableAllowList *bool `json:"enableAllowList,omitempty"`
-	// HASURA_GRAPHQL_ENABLE_CONSOLE
-	EnableConsole *bool `json:"enableConsole,omitempty"`
-	// HASURA_GRAPHQL_ENABLE_REMOTE_SCHEMA_PERMISSIONS
-	EnableRemoteSchemaPermissions *bool `json:"enableRemoteSchemaPermissions,omitempty"`
-	// HASURA_GRAPHQL_ENABLED_APIS
-	EnabledAPIs []string `json:"enabledAPIs,omitempty"`
-	// HASURA_GRAPHQL_INFER_FUNCTION_PERMISSIONS
-	InferFunctionPermissions *bool `json:"inferFunctionPermissions,omitempty"`
-	// HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_REFETCH_INTERVAL
-	LiveQueriesMultiplexedRefetchInterval *uint32 `json:"liveQueriesMultiplexedRefetchInterval,omitempty"`
-	// HASURA_GRAPHQL_STRINGIFY_NUMERIC_TYPES
-	StringifyNumericTypes *bool `json:"stringifyNumericTypes,omitempty"`
+	CorsDomain                            []string `json:"corsDomain,omitempty"`
+	DevMode                               *bool    `json:"devMode,omitempty"`
+	EnableAllowList                       *bool    `json:"enableAllowList,omitempty"`
+	EnableConsole                         *bool    `json:"enableConsole,omitempty"`
+	EnableRemoteSchemaPermissions         *bool    `json:"enableRemoteSchemaPermissions,omitempty"`
+	EnabledAPIs                           []string `json:"enabledAPIs,omitempty"`
+	InferFunctionPermissions              *bool    `json:"inferFunctionPermissions,omitempty"`
+	LiveQueriesMultiplexedRefetchInterval *uint32  `json:"liveQueriesMultiplexedRefetchInterval,omitempty"`
+	StringifyNumericTypes                 *bool    `json:"stringifyNumericTypes,omitempty"`
 }
 
 type ConfigHasuraSettingsUpdateInput struct {
@@ -962,7 +891,6 @@ type ConfigIngressUpdateInput struct {
 	TLS  *ConfigIngressTLSUpdateInput `json:"tls,omitempty"`
 }
 
-// See https://hasura.io/docs/latest/auth/authentication/jwt/
 type ConfigJWTSecret struct {
 	AllowedSkew         *uint32           `json:"allowed_skew,omitempty"`
 	Audience            *string           `json:"audience,omitempty"`
@@ -1011,15 +939,11 @@ type ConfigObservabilityUpdateInput struct {
 	Grafana *ConfigGrafanaUpdateInput `json:"grafana,omitempty"`
 }
 
-// Configuration for postgres service
 type ConfigPostgres struct {
-	Pitr *ConfigPostgresPitr `json:"pitr,omitempty"`
-	// Resources for the service
+	Pitr      *ConfigPostgresPitr      `json:"pitr,omitempty"`
 	Resources *ConfigPostgresResources `json:"resources"`
 	Settings  *ConfigPostgresSettings  `json:"settings,omitempty"`
-	// Version of postgres, you can see available versions in the URL below:
-	// https://hub.docker.com/r/nhost/postgres/tags
-	Version *string `json:"version,omitempty"`
+	Version   *string                  `json:"version,omitempty"`
 }
 
 type ConfigPostgresPitr struct {
@@ -1030,7 +954,6 @@ type ConfigPostgresPitrUpdateInput struct {
 	Retention *uint32 `json:"retention,omitempty"`
 }
 
-// Resources for the service
 type ConfigPostgresResources struct {
 	Compute            *ConfigResourcesCompute         `json:"compute,omitempty"`
 	EnablePublicAccess *bool                           `json:"enablePublicAccess,omitempty"`
@@ -1137,19 +1060,15 @@ type ConfigRateLimitUpdateInput struct {
 	Limit    *uint32 `json:"limit,omitempty"`
 }
 
-// Resource configuration for a service
 type ConfigResources struct {
 	Autoscaler *ConfigAutoscaler       `json:"autoscaler,omitempty"`
 	Compute    *ConfigResourcesCompute `json:"compute,omitempty"`
 	Networking *ConfigNetworking       `json:"networking,omitempty"`
-	// Number of replicas for a service
-	Replicas *uint32 `json:"replicas,omitempty"`
+	Replicas   *uint32                 `json:"replicas,omitempty"`
 }
 
 type ConfigResourcesCompute struct {
-	// milicpus, 1000 milicpus = 1 cpu
-	CPU uint32 `json:"cpu"`
-	// MiB: 128MiB to 30GiB
+	CPU    uint32 `json:"cpu"`
 	Memory uint32 `json:"memory"`
 }
 
@@ -1201,8 +1120,7 @@ type ConfigRunServiceConfigWithID struct {
 }
 
 type ConfigRunServiceImage struct {
-	Image string `json:"image"`
-	// content of "auths", i.e., { "auths": $THIS }
+	Image           string  `json:"image"`
 	PullCredentials *string `json:"pullCredentials,omitempty"`
 }
 
@@ -1240,13 +1158,11 @@ type ConfigRunServicePortUpdateInput struct {
 	Type      *string                     `json:"type,omitempty"`
 }
 
-// Resource configuration for a service
 type ConfigRunServiceResources struct {
-	Autoscaler *ConfigAutoscaler       `json:"autoscaler,omitempty"`
-	Compute    *ConfigComputeResources `json:"compute"`
-	// Number of replicas for a service
-	Replicas uint32                              `json:"replicas"`
-	Storage  []*ConfigRunServiceResourcesStorage `json:"storage,omitempty"`
+	Autoscaler *ConfigAutoscaler                   `json:"autoscaler,omitempty"`
+	Compute    *ConfigComputeResources             `json:"compute"`
+	Replicas   uint32                              `json:"replicas"`
+	Storage    []*ConfigRunServiceResourcesStorage `json:"storage,omitempty"`
 }
 
 type ConfigRunServiceResourcesInsertInput struct {
@@ -1257,11 +1173,9 @@ type ConfigRunServiceResourcesInsertInput struct {
 }
 
 type ConfigRunServiceResourcesStorage struct {
-	// GiB
 	Capacity uint32 `json:"capacity"`
-	// name of the volume, changing it will cause data loss
-	Name string `json:"name"`
-	Path string `json:"path"`
+	Name     string `json:"name"`
+	Path     string `json:"path"`
 }
 
 type ConfigRunServiceResourcesStorageInsertInput struct {
@@ -1345,20 +1259,11 @@ type ConfigStandardOauthProviderWithScopeUpdateInput struct {
 	Scope        []string `json:"scope,omitempty"`
 }
 
-// Configuration for storage service
 type ConfigStorage struct {
 	Antivirus *ConfigStorageAntivirus `json:"antivirus,omitempty"`
 	RateLimit *ConfigRateLimit        `json:"rateLimit,omitempty"`
-	// Networking (custom domains at the moment) are not allowed as we need to do further
-	// configurations in the CDN. We will enable it again in the future.
-	Resources *ConfigResources `json:"resources,omitempty"`
-	// Version of storage service, you can see available versions in the URL below:
-	// https://hub.docker.com/r/nhost/hasura-storage/tags
-	//
-	// Releases:
-	//
-	// https://github.com/nhost/hasura-storage/releases
-	Version *string `json:"version,omitempty"`
+	Resources *ConfigResources        `json:"resources,omitempty"`
+	Version   *string                 `json:"version,omitempty"`
 }
 
 type ConfigStorageAntivirus struct {
@@ -1396,8 +1301,6 @@ type ConfigSystemConfigAuthEmailTemplates struct {
 }
 
 type ConfigSystemConfigGraphql struct {
-	// manually enable graphi on a per-service basis
-	// by default it follows the plan
 	FeatureAdvancedGraphql *bool `json:"featureAdvancedGraphql,omitempty"`
 }
 
@@ -1815,8 +1718,7 @@ type Apps struct {
 	AppStates        []*AppStateHistory `json:"appStates"`
 	AutomaticDeploys bool               `json:"automaticDeploys"`
 	// An array relationship
-	Backups []*Backups `json:"backups"`
-	// main entrypoint to the configuration
+	Backups   []*Backups    `json:"backups"`
 	Config    *ConfigConfig `json:"config,omitempty"`
 	CreatedAt time.Time     `json:"createdAt"`
 	// An object relationship
@@ -2247,14 +2149,6 @@ type AuthUserProvidersMinOrderBy struct {
 	ProviderID *OrderBy `json:"providerId,omitempty"`
 }
 
-// response of any mutation on the table "auth.user_providers"
-type AuthUserProvidersMutationResponse struct {
-	// number of rows affected by the mutation
-	AffectedRows int64 `json:"affected_rows"`
-	// data from the rows affected by the mutation
-	Returning []*AuthUserProviders `json:"returning"`
-}
-
 // Ordering options when selecting data from "auth.user_providers".
 type AuthUserProvidersOrderBy struct {
 	ID         *OrderBy      `json:"id,omitempty"`
@@ -2831,7 +2725,6 @@ type Deployments struct {
 	CommitSha           string     `json:"commitSHA"`
 	CommitUserAvatarURL *string    `json:"commitUserAvatarUrl,omitempty"`
 	CommitUserName      *string    `json:"commitUserName,omitempty"`
-	CreatedAt           time.Time  `json:"createdAt"`
 	DeploymentEndedAt   *time.Time `json:"deploymentEndedAt,omitempty"`
 	// An array relationship
 	DeploymentLogs      []*DeploymentLogs `json:"deploymentLogs"`
@@ -2874,7 +2767,6 @@ type DeploymentsBoolExp struct {
 	CommitSha           *StringComparisonExp      `json:"commitSHA,omitempty"`
 	CommitUserAvatarURL *StringComparisonExp      `json:"commitUserAvatarUrl,omitempty"`
 	CommitUserName      *StringComparisonExp      `json:"commitUserName,omitempty"`
-	CreatedAt           *TimestamptzComparisonExp `json:"createdAt,omitempty"`
 	DeploymentEndedAt   *TimestamptzComparisonExp `json:"deploymentEndedAt,omitempty"`
 	DeploymentLogs      *DeploymentLogsBoolExp    `json:"deploymentLogs,omitempty"`
 	DeploymentStartedAt *TimestamptzComparisonExp `json:"deploymentStartedAt,omitempty"`
@@ -2909,7 +2801,6 @@ type DeploymentsMaxOrderBy struct {
 	CommitSha           *OrderBy `json:"commitSHA,omitempty"`
 	CommitUserAvatarURL *OrderBy `json:"commitUserAvatarUrl,omitempty"`
 	CommitUserName      *OrderBy `json:"commitUserName,omitempty"`
-	CreatedAt           *OrderBy `json:"createdAt,omitempty"`
 	DeploymentEndedAt   *OrderBy `json:"deploymentEndedAt,omitempty"`
 	DeploymentStartedAt *OrderBy `json:"deploymentStartedAt,omitempty"`
 	DeploymentStatus    *OrderBy `json:"deploymentStatus,omitempty"`
@@ -2932,7 +2823,6 @@ type DeploymentsMinOrderBy struct {
 	CommitSha           *OrderBy `json:"commitSHA,omitempty"`
 	CommitUserAvatarURL *OrderBy `json:"commitUserAvatarUrl,omitempty"`
 	CommitUserName      *OrderBy `json:"commitUserName,omitempty"`
-	CreatedAt           *OrderBy `json:"createdAt,omitempty"`
 	DeploymentEndedAt   *OrderBy `json:"deploymentEndedAt,omitempty"`
 	DeploymentStartedAt *OrderBy `json:"deploymentStartedAt,omitempty"`
 	DeploymentStatus    *OrderBy `json:"deploymentStatus,omitempty"`
@@ -2971,7 +2861,6 @@ type DeploymentsOrderBy struct {
 	CommitSha               *OrderBy                        `json:"commitSHA,omitempty"`
 	CommitUserAvatarURL     *OrderBy                        `json:"commitUserAvatarUrl,omitempty"`
 	CommitUserName          *OrderBy                        `json:"commitUserName,omitempty"`
-	CreatedAt               *OrderBy                        `json:"createdAt,omitempty"`
 	DeploymentEndedAt       *OrderBy                        `json:"deploymentEndedAt,omitempty"`
 	DeploymentLogsAggregate *DeploymentLogsAggregateOrderBy `json:"deploymentLogs_aggregate,omitempty"`
 	DeploymentStartedAt     *OrderBy                        `json:"deploymentStartedAt,omitempty"`
@@ -3003,7 +2892,6 @@ type DeploymentsStreamCursorValueInput struct {
 	CommitSha           *string    `json:"commitSHA,omitempty"`
 	CommitUserAvatarURL *string    `json:"commitUserAvatarUrl,omitempty"`
 	CommitUserName      *string    `json:"commitUserName,omitempty"`
-	CreatedAt           *time.Time `json:"createdAt,omitempty"`
 	DeploymentEndedAt   *time.Time `json:"deploymentEndedAt,omitempty"`
 	DeploymentStartedAt *time.Time `json:"deploymentStartedAt,omitempty"`
 	DeploymentStatus    *string    `json:"deploymentStatus,omitempty"`
@@ -4191,34 +4079,32 @@ type Plans struct {
 	// An array relationship
 	Organizations []*Organizations `json:"organizations"`
 	Price         int64            `json:"price"`
-	SLALevel      SLALevelEnum     `json:"slaLevel"`
 	Sort          int64            `json:"sort"`
 	UpatedAt      time.Time        `json:"upatedAt"`
 }
 
 // Boolean expression to filter rows from the table "plans". All fields are combined with a logical 'AND'.
 type PlansBoolExp struct {
-	And                                []*PlansBoolExp            `json:"_and,omitempty"`
-	Not                                *PlansBoolExp              `json:"_not,omitempty"`
-	Or                                 []*PlansBoolExp            `json:"_or,omitempty"`
-	Apps                               *AppsBoolExp               `json:"apps,omitempty"`
-	CreatedAt                          *TimestamptzComparisonExp  `json:"createdAt,omitempty"`
-	Deprecated                         *BooleanComparisonExp      `json:"deprecated,omitempty"`
-	FeatureBackupEnabled               *BooleanComparisonExp      `json:"featureBackupEnabled,omitempty"`
-	FeatureCustomDomainsEnabled        *BooleanComparisonExp      `json:"featureCustomDomainsEnabled,omitempty"`
-	FeatureCustomEmailTemplatesEnabled *BooleanComparisonExp      `json:"featureCustomEmailTemplatesEnabled,omitempty"`
-	FeatureMaxDbSize                   *IntComparisonExp          `json:"featureMaxDbSize,omitempty"`
-	ID                                 *UUIDComparisonExp         `json:"id,omitempty"`
-	Individual                         *BooleanComparisonExp      `json:"individual,omitempty"`
-	IsDefault                          *BooleanComparisonExp      `json:"isDefault,omitempty"`
-	IsFree                             *BooleanComparisonExp      `json:"isFree,omitempty"`
-	IsPublic                           *BooleanComparisonExp      `json:"isPublic,omitempty"`
-	Name                               *StringComparisonExp       `json:"name,omitempty"`
-	Organizations                      *OrganizationsBoolExp      `json:"organizations,omitempty"`
-	Price                              *IntComparisonExp          `json:"price,omitempty"`
-	SLALevel                           *SLALevelEnumComparisonExp `json:"slaLevel,omitempty"`
-	Sort                               *IntComparisonExp          `json:"sort,omitempty"`
-	UpatedAt                           *TimestamptzComparisonExp  `json:"upatedAt,omitempty"`
+	And                                []*PlansBoolExp           `json:"_and,omitempty"`
+	Not                                *PlansBoolExp             `json:"_not,omitempty"`
+	Or                                 []*PlansBoolExp           `json:"_or,omitempty"`
+	Apps                               *AppsBoolExp              `json:"apps,omitempty"`
+	CreatedAt                          *TimestamptzComparisonExp `json:"createdAt,omitempty"`
+	Deprecated                         *BooleanComparisonExp     `json:"deprecated,omitempty"`
+	FeatureBackupEnabled               *BooleanComparisonExp     `json:"featureBackupEnabled,omitempty"`
+	FeatureCustomDomainsEnabled        *BooleanComparisonExp     `json:"featureCustomDomainsEnabled,omitempty"`
+	FeatureCustomEmailTemplatesEnabled *BooleanComparisonExp     `json:"featureCustomEmailTemplatesEnabled,omitempty"`
+	FeatureMaxDbSize                   *IntComparisonExp         `json:"featureMaxDbSize,omitempty"`
+	ID                                 *UUIDComparisonExp        `json:"id,omitempty"`
+	Individual                         *BooleanComparisonExp     `json:"individual,omitempty"`
+	IsDefault                          *BooleanComparisonExp     `json:"isDefault,omitempty"`
+	IsFree                             *BooleanComparisonExp     `json:"isFree,omitempty"`
+	IsPublic                           *BooleanComparisonExp     `json:"isPublic,omitempty"`
+	Name                               *StringComparisonExp      `json:"name,omitempty"`
+	Organizations                      *OrganizationsBoolExp     `json:"organizations,omitempty"`
+	Price                              *IntComparisonExp         `json:"price,omitempty"`
+	Sort                               *IntComparisonExp         `json:"sort,omitempty"`
+	UpatedAt                           *TimestamptzComparisonExp `json:"upatedAt,omitempty"`
 }
 
 // Ordering options when selecting data from "plans".
@@ -4238,7 +4124,6 @@ type PlansOrderBy struct {
 	Name                               *OrderBy                       `json:"name,omitempty"`
 	OrganizationsAggregate             *OrganizationsAggregateOrderBy `json:"organizations_aggregate,omitempty"`
 	Price                              *OrderBy                       `json:"price,omitempty"`
-	SLALevel                           *OrderBy                       `json:"slaLevel,omitempty"`
 	Sort                               *OrderBy                       `json:"sort,omitempty"`
 	UpatedAt                           *OrderBy                       `json:"upatedAt,omitempty"`
 }
@@ -4253,22 +4138,21 @@ type PlansStreamCursorInput struct {
 
 // Initial value of the column from where the streaming should start
 type PlansStreamCursorValueInput struct {
-	CreatedAt                          *time.Time    `json:"createdAt,omitempty"`
-	Deprecated                         *bool         `json:"deprecated,omitempty"`
-	FeatureBackupEnabled               *bool         `json:"featureBackupEnabled,omitempty"`
-	FeatureCustomDomainsEnabled        *bool         `json:"featureCustomDomainsEnabled,omitempty"`
-	FeatureCustomEmailTemplatesEnabled *bool         `json:"featureCustomEmailTemplatesEnabled,omitempty"`
-	FeatureMaxDbSize                   *int64        `json:"featureMaxDbSize,omitempty"`
-	ID                                 *string       `json:"id,omitempty"`
-	Individual                         *bool         `json:"individual,omitempty"`
-	IsDefault                          *bool         `json:"isDefault,omitempty"`
-	IsFree                             *bool         `json:"isFree,omitempty"`
-	IsPublic                           *bool         `json:"isPublic,omitempty"`
-	Name                               *string       `json:"name,omitempty"`
-	Price                              *int64        `json:"price,omitempty"`
-	SLALevel                           *SLALevelEnum `json:"slaLevel,omitempty"`
-	Sort                               *int64        `json:"sort,omitempty"`
-	UpatedAt                           *time.Time    `json:"upatedAt,omitempty"`
+	CreatedAt                          *time.Time `json:"createdAt,omitempty"`
+	Deprecated                         *bool      `json:"deprecated,omitempty"`
+	FeatureBackupEnabled               *bool      `json:"featureBackupEnabled,omitempty"`
+	FeatureCustomDomainsEnabled        *bool      `json:"featureCustomDomainsEnabled,omitempty"`
+	FeatureCustomEmailTemplatesEnabled *bool      `json:"featureCustomEmailTemplatesEnabled,omitempty"`
+	FeatureMaxDbSize                   *int64     `json:"featureMaxDbSize,omitempty"`
+	ID                                 *string    `json:"id,omitempty"`
+	Individual                         *bool      `json:"individual,omitempty"`
+	IsDefault                          *bool      `json:"isDefault,omitempty"`
+	IsFree                             *bool      `json:"isFree,omitempty"`
+	IsPublic                           *bool      `json:"isPublic,omitempty"`
+	Name                               *string    `json:"name,omitempty"`
+	Price                              *int64     `json:"price,omitempty"`
+	Sort                               *int64     `json:"sort,omitempty"`
+	UpatedAt                           *time.Time `json:"upatedAt,omitempty"`
 }
 
 type QueryRoot struct {
@@ -4698,15 +4582,6 @@ type RunServiceStreamCursorValueInput struct {
 	UpdatedAt *time.Time `json:"updatedAt,omitempty"`
 }
 
-// Boolean expression to compare columns of type "sla_level_enum". All fields are combined with logical 'AND'.
-type SLALevelEnumComparisonExp struct {
-	Eq     *SLALevelEnum  `json:"_eq,omitempty"`
-	In     []SLALevelEnum `json:"_in,omitempty"`
-	IsNull *bool          `json:"_is_null,omitempty"`
-	Neq    *SLALevelEnum  `json:"_neq,omitempty"`
-	Nin    []SLALevelEnum `json:"_nin,omitempty"`
-}
-
 // Boolean expression to compare columns of type "software_type_enum". All fields are combined with logical 'AND'.
 type SoftwareTypeEnumComparisonExp struct {
 	Eq     *SoftwareTypeEnum  `json:"_eq,omitempty"`
@@ -7010,8 +6885,6 @@ const (
 	// column name
 	DeploymentsSelectColumnCommitUserName DeploymentsSelectColumn = "commitUserName"
 	// column name
-	DeploymentsSelectColumnCreatedAt DeploymentsSelectColumn = "createdAt"
-	// column name
 	DeploymentsSelectColumnDeploymentEndedAt DeploymentsSelectColumn = "deploymentEndedAt"
 	// column name
 	DeploymentsSelectColumnDeploymentStartedAt DeploymentsSelectColumn = "deploymentStartedAt"
@@ -7045,7 +6918,6 @@ var AllDeploymentsSelectColumn = []DeploymentsSelectColumn{
 	DeploymentsSelectColumnCommitSha,
 	DeploymentsSelectColumnCommitUserAvatarURL,
 	DeploymentsSelectColumnCommitUserName,
-	DeploymentsSelectColumnCreatedAt,
 	DeploymentsSelectColumnDeploymentEndedAt,
 	DeploymentsSelectColumnDeploymentStartedAt,
 	DeploymentsSelectColumnDeploymentStatus,
@@ -7063,7 +6935,7 @@ var AllDeploymentsSelectColumn = []DeploymentsSelectColumn{
 
 func (e DeploymentsSelectColumn) IsValid() bool {
 	switch e {
-	case DeploymentsSelectColumnAppID, DeploymentsSelectColumnCommitMessage, DeploymentsSelectColumnCommitSha, DeploymentsSelectColumnCommitUserAvatarURL, DeploymentsSelectColumnCommitUserName, DeploymentsSelectColumnCreatedAt, DeploymentsSelectColumnDeploymentEndedAt, DeploymentsSelectColumnDeploymentStartedAt, DeploymentsSelectColumnDeploymentStatus, DeploymentsSelectColumnFunctionsEndedAt, DeploymentsSelectColumnFunctionsStartedAt, DeploymentsSelectColumnFunctionsStatus, DeploymentsSelectColumnID, DeploymentsSelectColumnMetadataEndedAt, DeploymentsSelectColumnMetadataStartedAt, DeploymentsSelectColumnMetadataStatus, DeploymentsSelectColumnMigrationsEndedAt, DeploymentsSelectColumnMigrationsStartedAt, DeploymentsSelectColumnMigrationsStatus:
+	case DeploymentsSelectColumnAppID, DeploymentsSelectColumnCommitMessage, DeploymentsSelectColumnCommitSha, DeploymentsSelectColumnCommitUserAvatarURL, DeploymentsSelectColumnCommitUserName, DeploymentsSelectColumnDeploymentEndedAt, DeploymentsSelectColumnDeploymentStartedAt, DeploymentsSelectColumnDeploymentStatus, DeploymentsSelectColumnFunctionsEndedAt, DeploymentsSelectColumnFunctionsStartedAt, DeploymentsSelectColumnFunctionsStatus, DeploymentsSelectColumnID, DeploymentsSelectColumnMetadataEndedAt, DeploymentsSelectColumnMetadataStartedAt, DeploymentsSelectColumnMetadataStatus, DeploymentsSelectColumnMigrationsEndedAt, DeploymentsSelectColumnMigrationsStartedAt, DeploymentsSelectColumnMigrationsStatus:
 		return true
 	}
 	return false
@@ -8555,8 +8427,6 @@ const (
 	// column name
 	PlansSelectColumnPrice PlansSelectColumn = "price"
 	// column name
-	PlansSelectColumnSLALevel PlansSelectColumn = "slaLevel"
-	// column name
 	PlansSelectColumnSort PlansSelectColumn = "sort"
 	// column name
 	PlansSelectColumnUpatedAt PlansSelectColumn = "upatedAt"
@@ -8576,14 +8446,13 @@ var AllPlansSelectColumn = []PlansSelectColumn{
 	PlansSelectColumnIsPublic,
 	PlansSelectColumnName,
 	PlansSelectColumnPrice,
-	PlansSelectColumnSLALevel,
 	PlansSelectColumnSort,
 	PlansSelectColumnUpatedAt,
 }
 
 func (e PlansSelectColumn) IsValid() bool {
 	switch e {
-	case PlansSelectColumnCreatedAt, PlansSelectColumnDeprecated, PlansSelectColumnFeatureBackupEnabled, PlansSelectColumnFeatureCustomDomainsEnabled, PlansSelectColumnFeatureCustomEmailTemplatesEnabled, PlansSelectColumnFeatureMaxDbSize, PlansSelectColumnID, PlansSelectColumnIndividual, PlansSelectColumnIsDefault, PlansSelectColumnIsFree, PlansSelectColumnIsPublic, PlansSelectColumnName, PlansSelectColumnPrice, PlansSelectColumnSLALevel, PlansSelectColumnSort, PlansSelectColumnUpatedAt:
+	case PlansSelectColumnCreatedAt, PlansSelectColumnDeprecated, PlansSelectColumnFeatureBackupEnabled, PlansSelectColumnFeatureCustomDomainsEnabled, PlansSelectColumnFeatureCustomEmailTemplatesEnabled, PlansSelectColumnFeatureMaxDbSize, PlansSelectColumnID, PlansSelectColumnIndividual, PlansSelectColumnIsDefault, PlansSelectColumnIsFree, PlansSelectColumnIsPublic, PlansSelectColumnName, PlansSelectColumnPrice, PlansSelectColumnSort, PlansSelectColumnUpatedAt:
 		return true
 	}
 	return false
@@ -8970,66 +8839,6 @@ func (e RunServiceSelectColumn) MarshalJSON() ([]byte, error) {
 	return buf.Bytes(), nil
 }
 
-type SLALevelEnum string
-
-const (
-	// No SLA
-	SLALevelEnumNone SLALevelEnum = "none"
-	// Premium SLA
-	SLALevelEnumPremium SLALevelEnum = "premium"
-	// Standard SLA
-	SLALevelEnumStandard SLALevelEnum = "standard"
-)
-
-var AllSLALevelEnum = []SLALevelEnum{
-	SLALevelEnumNone,
-	SLALevelEnumPremium,
-	SLALevelEnumStandard,
-}
-
-func (e SLALevelEnum) IsValid() bool {
-	switch e {
-	case SLALevelEnumNone, SLALevelEnumPremium, SLALevelEnumStandard:
-		return true
-	}
-	return false
-}
-
-func (e SLALevelEnum) String() string {
-	return string(e)
-}
-
-func (e *SLALevelEnum) UnmarshalGQL(v any) error {
-	str, ok := v.(string)
-	if !ok {
-		return fmt.Errorf("enums must be strings")
-	}
-
-	*e = SLALevelEnum(str)
-	if !e.IsValid() {
-		return fmt.Errorf("%s is not a valid sla_level_enum", str)
-	}
-	return nil
-}
-
-func (e SLALevelEnum) MarshalGQL(w io.Writer) {
-	fmt.Fprint(w, strconv.Quote(e.String()))
-}
-
-func (e *SLALevelEnum) UnmarshalJSON(b []byte) error {
-	s, err := strconv.Unquote(string(b))
-	if err != nil {
-		return err
-	}
-	return e.UnmarshalGQL(s)
-}
-
-func (e SLALevelEnum) MarshalJSON() ([]byte, error) {
-	var buf bytes.Buffer
-	e.MarshalGQL(&buf)
-	return buf.Bytes(), nil
-}
-
 type SoftwareTypeEnum string
 
 const (

cli/ssl/.ssl/local-fullchain.pem

@@ -1,27 +1,27 @@
 -----BEGIN CERTIFICATE-----
-MIIERTCCA8ugAwIBAgISBWD/E+b14mP5jv4DGWRVYv8fMAoGCCqGSM49BAMDMDIx
+MIIERDCCA8mgAwIBAgISBmRex3kpZ4Mz1/1kq05iqja/MAoGCCqGSM49BAMDMDIx
 CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
-ODAeFw0yNTExMDYxMDUxMTBaFw0yNjAyMDQxMDUxMDlaMB8xHTAbBgNVBAMTFGxv
-Y2FsLmF1dGgubmhvc3QucnVuMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOah5
-ZLuUQp3pdMBxBWnT6E6/amW9LerKKEEdy3Nc8iAwG9LlnPH0z3m7a9wgEhpFEdlL
-Rr+qO+NhSRnv6+UF5KOCAtIwggLOMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
-BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUGyb1
-TVK/0vf3uHO4x3R094aG2rEwHwYDVR0jBBgwFoAUjw0TovYuftFQbDMYOF1ZjiNy
+ODAeFw0yNTEwMDIxMDUxNDBaFw0yNTEyMzExMDUxMzlaMB8xHTAbBgNVBAMTFGxv
+Y2FsLmF1dGgubmhvc3QucnVuMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2cVM
+ojf8iXZGLneNfnke5LMJIxyTEeGbNOfCv4SOR4K/N4OkpvkUVbH2bRvX99uE9jaK
+515Y48PzPA/4+W1zTKOCAtAwggLMMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUQqan
+raZoU5klAxsgkEVEMIkxmMQwHwYDVR0jBBgwFoAUjw0TovYuftFQbDMYOF1ZjiNy
 kcowMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZodHRwOi8vZTguaS5sZW5j
 ci5vcmcvMIHOBgNVHREEgcYwgcOCFGxvY2FsLmF1dGgubmhvc3QucnVughlsb2Nh
 bC5kYXNoYm9hcmQubmhvc3QucnVughJsb2NhbC5kYi5uaG9zdC5ydW6CGWxvY2Fs
 LmZ1bmN0aW9ucy5uaG9zdC5ydW6CF2xvY2FsLmdyYXBocWwubmhvc3QucnVughZs
 b2NhbC5oYXN1cmEubmhvc3QucnVughdsb2NhbC5tYWlsaG9nLm5ob3N0LnJ1boIX
 bG9jYWwuc3RvcmFnZS5uaG9zdC5ydW4wEwYDVR0gBAwwCjAIBgZngQwBAgEwLQYD
-VR0fBCYwJDAioCCgHoYcaHR0cDovL2U4LmMubGVuY3Iub3JnLzMyLmNybDCCAQQG
-CisGAQQB1nkCBAIEgfUEgfIA8AB2ABmG1Mcoqm/+ugNveCpNAZGqzi1yMQ+uzl1w
-QS0lTMfUAAABmlkAQokAAAQDAEcwRQIgWDtSxJfM2xcjvScVHOkn8bipzBhNhTnm
-B89TDh1/4XUCIQDe08W33PCx2D+akCdW9U9mZKQpIW6deLZSI3ZWpSNKMAB2AA5X
-lLzzrqk+MxssmQez95Dfm8I9cTIl3SGpJaxhxU4hAAABmlkAQn8AAAQDAEcwRQIg
-KnojmNTpNk1OFTQI0EnlPa2bpwqmUgmUCLeqE6SWfgoCIQCrhZbxYPHbGLF/HpRq
-vCTcOh24SRCuxlkqtaowbbfmKjAKBggqhkjOPQQDAwNoADBlAjEArstFIC+KAsfQ
-nLhtqsaNzkhftN5adDyr2CoE0WUPF1sLDi+xDnDO+JgIPL0YKAFNAjATJ4omhpc+
-I6/kWcef2RyO9YCGQQE9pdez5CYKb9o8YAntDSHM3b5nXXj3AX/USdQ=
+VR0fBCYwJDAioCCgHoYcaHR0cDovL2U4LmMubGVuY3Iub3JnLzY0LmNybDCCAQIG
+CisGAQQB1nkCBAIEgfMEgfAA7gB1AO08S9boBsKkogBX28sk4jgB31Ev7cSGxXAP
+IN23Pj/gAAABmaTCI4YAAAQDAEYwRAIgXLRFL1EAXfvN6kd5m6udqlxfz4+5B6rq
+Cdhp/ZwDAZ8CIFYvalTkl5NEBEMD3vpPvrj8s1Yy2xsropEh/AvpavvLAHUAGYbU
+xyiqb/66A294Kk0BkarOLXIxD67OXXBBLSVMx9QAAAGZpMIjhwAABAMARjBEAiBk
+H1vqU9HNuBcf4UYL/xZ42BeUAARHStiFaIZtnR1kEgIgbIJ0CGqIpxmWuwCunl9p
+ar+rGLdQrCk9BZXq/VjPPAAwCgYIKoZIzj0EAwMDaQAwZgIxAKvk5a2zQsv7JLNj
+NO1ly+DI8qiy5nf4HQrOrHOjtmx5RUu0HSO9P0J0u069qAqXMgIxAMLdME9JUo2c
+TJo3pwWv5MRyg/MkOJ4ImKdDJXfIZNkEIUyP3vwTqImvZe07gJDsYg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEVjCCAj6gAwIBAgIQY5WTY8JOcIJxWRi/w9ftVjANBgkqhkiG9w0BAQsFADBP

cli/ssl/.ssl/local-privkey.pem

@@ -1,5 +1,5 @@
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgInXN4JRnXNTjx7rM
-avurZrN1EV1iebQeNUlMlFp7VJ+hRANCAAQ5qHlku5RCnel0wHEFadPoTr9qZb0t
-6sooQR3Lc1zyIDAb0uWc8fTPebtr3CASGkUR2UtGv6o742FJGe/r5QXk
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfJZOkvawA0vBMw9W
+ph8i1Z+SJQrFscPbqSYpxngzEDahRANCAATZxUyiN/yJdkYud41+eR7kswkjHJMR
+4Zs058K/hI5Hgr83g6Sm+RRVsfZtG9f324T2NornXljjw/M8D/j5bXNM
 -----END PRIVATE KEY-----

cli/ssl/.ssl/sub-fullchain.pem

@@ -1,52 +1,52 @@
 -----BEGIN CERTIFICATE-----
-MIIEVzCCA92gAwIBAgISBm54VdkoqD8s8efq7ceHaTihMAoGCCqGSM49BAMDMDIx
+MIIEWDCCA96gAwIBAgISBbvrSsjDQm4zevwwjxFGmeTMMAoGCCqGSM49BAMDMDIx
 CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
-ODAeFw0yNTExMDYxMDUyMjBaFw0yNjAyMDQxMDUyMTlaMCExHzAdBgNVBAMMFiou
-YXV0aC5sb2NhbC5uaG9zdC5ydW4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASI
-rTkZOM4ip42DCyDADXGc7oV3+OkimyTM3st2RIZWG28rFRwH0LebJV2cduq1Hdtl
-VxIEr+RhvyIL7gllueXUo4IC4jCCAt4wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTw
-bM86O381+aljU3oTUvwhZ90PCDAfBgNVHSMEGDAWgBSPDROi9i5+0VBsMxg4XVmO
-I3KRyjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lOC5pLmxl
+NzAeFw0yNTEwMDIxMDUyNTdaFw0yNTEyMzExMDUyNTZaMCExHzAdBgNVBAMMFiou
+YXV0aC5sb2NhbC5uaG9zdC5ydW4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATG
+x0o7t0pSrOoFc+pljtqJVxgaSW+w9D9C2WdysMeSKKOU+0MzaM4ynLUhETOpBs8E
+612mdcoeak+G1Emj6UVwo4IC4zCCAt8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ+
+lVsLiXSRLAECs9OgkCEBS7jMmzAfBgNVHSMEGDAWgBSuSJ7chx1EoG/aouVgdAR4
+wpwAgDAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNy5pLmxl
 bmNyLm9yZy8wgd4GA1UdEQSB1jCB04IWKi5hdXRoLmxvY2FsLm5ob3N0LnJ1boIb
 Ki5kYXNoYm9hcmQubG9jYWwubmhvc3QucnVughQqLmRiLmxvY2FsLm5ob3N0LnJ1
 boIbKi5mdW5jdGlvbnMubG9jYWwubmhvc3QucnVughkqLmdyYXBocWwubG9jYWwu
 bmhvc3QucnVughgqLmhhc3VyYS5sb2NhbC5uaG9zdC5ydW6CGSoubWFpbGhvZy5s
 b2NhbC5uaG9zdC5ydW6CGSouc3RvcmFnZS5sb2NhbC5uaG9zdC5ydW4wEwYDVR0g
-BAwwCjAIBgZngQwBAgEwLQYDVR0fBCYwJDAioCCgHoYcaHR0cDovL2U4LmMubGVu
-Y3Iub3JnLzM0LmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEmcm2neHXzs
-/DbezYdkprhbrwqHgBnRVVL76esp3fjDAAABmlkBVgkAAAQDAEcwRQIhANH6Ml3u
-IM4nAzwAIjIjBjn8EWbn1ZHfgwO+rlSo5rzpAiATPKE8Mx5LK1IayG5VCK1eCDyc
-rzt1HNbP9WSrpuHx+gB2ABmG1Mcoqm/+ugNveCpNAZGqzi1yMQ+uzl1wQS0lTMfU
-AAABmlkBVgcAAAQDAEcwRQIgIT/DhsIj9Aw7qf/2lknJCr907dEqC3/+QN3zlcOj
-iKoCIQCTguinYjJPZwU2dblaRQ2q7MTCMT2ZENExltxwYG3GzjAKBggqhkjOPQQD
-AwNoADBlAjEA5nFoNrLyeC079YpRvdah/HZIA/lUBh+LOo/NcEBD3aTGs2z8hU8z
-H4vMy3OnfQ9TAjBxigm7zE5/3CAcGoSOr/P0TL52nh+lO4SUVxcbKgYB8A2yo6o/
-kUkG7PiRB0uUpNw=
+BAwwCjAIBgZngQwBAgEwLQYDVR0fBCYwJDAioCCgHoYcaHR0cDovL2U3LmMubGVu
+Y3Iub3JnLzc3LmNybDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AN3cyjSV1+EW
+BeeVMvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABmaTDUHkAAAQDAEcwRQIgWudJ8XKA
+BT5jq5Tl0xQLNb953pBi22Tb0TIWk+RSqHgCIQDsTrLVMFaQTV7EFCY1tFhi5qae
+SCpEwwdFcnom/nz6EAB3AO08S9boBsKkogBX28sk4jgB31Ev7cSGxXAPIN23Pj/g
+AAABmaTDWAsAAAQDAEgwRgIhALxIgIiutEwgNcGw7/cAdjFqUugct4HlZezIOLLP
+rg69AiEA8YCaK41rJDYztEKUIJEq2J2ktSqGYcl9gNKC+SiR4acwCgYIKoZIzj0E
+AwMDaAAwZQIwVG9yOiMRfKFFyFj1R8X/5U67QD84OhZ0oM0SZsVhezLedG5b8eFf
+/cWraREi8xbFAjEA/6RXweGzl08F7EtqBDoiqitScI2rbwGtP6s/evL0zXTABZD2
+ih7AGxjtg80IqIRe
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEVjCCAj6gAwIBAgIQY5WTY8JOcIJxWRi/w9ftVjANBgkqhkiG9w0BAQsFADBP
-MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
-Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa
-Fw0yNzAzMTIyMzU5NTlaMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF
-bmNyeXB0MQswCQYDVQQDEwJFODB2MBAGByqGSM49AgEGBSuBBAAiA2IABNFl8l7c
-S7QMApzSsvru6WyrOq44ofTUOTIzxULUzDMMNMchIJBwXOhiLxxxs0LXeb5GDcHb
-R6EToMffgSZjO9SNHfY9gjMy9vQr5/WWOrQTZxh7az6NSNnq3u2ubT6HTKOB+DCB
-9TAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
-MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFI8NE6L2Ln7RUGwzGDhdWY4j
-cpHKMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEB
-BCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzATBgNVHSAE
-DDAKMAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5j
-ci5vcmcvMA0GCSqGSIb3DQEBCwUAA4ICAQBnE0hGINKsCYWi0Xx1ygxD5qihEjZ0
-RI3tTZz1wuATH3ZwYPIp97kWEayanD1j0cDhIYzy4CkDo2jB8D5t0a6zZWzlr98d
-AQFNh8uKJkIHdLShy+nUyeZxc5bNeMp1Lu0gSzE4McqfmNMvIpeiwWSYO9w82Ob8
-otvXcO2JUYi3svHIWRm3+707DUbL51XMcY2iZdlCq4Wa9nbuk3WTU4gr6LY8MzVA
-aDQG2+4U3eJ6qUF10bBnR1uuVyDYs9RhrwucRVnfuDj29CMLTsplM5f5wSV5hUpm
-Uwp/vV7M4w4aGunt74koX71n4EdagCsL/Yk5+mAQU0+tue0JOfAV/R6t1k+Xk9s2
-HMQFeoxppfzAVC04FdG9M+AC2JWxmFSt6BCuh3CEey3fE52Qrj9YM75rtvIjsm/1
-Hl+u//Wqxnu1ZQ4jpa+VpuZiGOlWrqSP9eogdOhCGisnyewWJwRQOqK16wiGyZeR
-xs/Bekw65vwSIaVkBruPiTfMOo0Zh4gVa8/qJgMbJbyrwwG97z/PRgmLKCDl8z3d
-tA0Z7qq7fta0Gl24uyuB05dqI5J1LvAzKuWdIjT1tP8qCoxSE/xpix8hX2dt3h+/
-jujUgFPFZ0EVZ0xSyBNRF3MboGZnYXFUxpNjTWPKpagDHJQmqrAcDmWJnMsFY3jS
-u1igv3OefnWjSQ==
+MIIEVzCCAj+gAwIBAgIRAKp18eYrjwoiCWbTi7/UuqEwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARB6AST
+CFh/vjcwDMCgQer+VtqEkz7JANurZxLP+U9TCeioL6sp5Z8VRvRbYk4P1INBmbef
+QHJFHCxcSjKmwtvGBWpl/9ra8HW0QDsUaJW2qOJqceJ0ZVFT3hbUHifBM/2jgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSuSJ7chx1EoG/aouVgdAR4
+wpwAgDAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAjx66fDdLk5ywFn3CzA1w1qfylHUD
+aEf0QZpXcJseddJGSfbUUOvbNR9N/QQ16K1lXl4VFyhmGXDT5Kdfcr0RvIIVrNxF
+h4lqHtRRCP6RBRstqbZ2zURgqakn/Xip0iaQL0IdfHBZr396FgknniRYFckKORPG
+yM3QKnd66gtMst8I5nkRQlAg/Jb+Gc3egIvuGKWboE1G89NTsN9LTDD3PLj0dUMr
+OIuqVjLB8pEC6yk9enrlrqjXQgkLEYhXzq7dLafv5Vkig6Gl0nuuqjqfp0Q1bi1o
+yVNAlXe6aUXw92CcghC9bNsKEO1+M52YY5+ofIXlS/SEQbvVYYBLZ5yeiglV6t3S
+M6H+vTG0aP9YHzLn/KVOHzGQfXDP7qM5tkf+7diZe7o2fw6O7IvN6fsQXEQQj8TJ
+UXJxv2/uJhcuy/tSDgXwHM8Uk34WNbRT7zGTGkQRX0gsbjAea/jYAoWv0ZvQRwpq
+Pe79D/i7Cep8qWnA+7AE/3B3S/3dEEYmc0lpe1366A/6GEgk3ktr9PEoQrLChs6I
+tu3wnNLB2euC8IKGLQFpGtOO/2/hiAKjyajaBP25w1jF0Wl8Bbqne3uZ2q1GyPFJ
+YRmT7/OXpmOH/FVLtwS+8ng1cAmpCujPwteJZNcDG0sF2n/sc0+SQf49fdyUK0ty
++VUwFj9tmWxyR/M=
 -----END CERTIFICATE-----

cli/ssl/.ssl/sub-privkey.pem

@@ -1,5 +1,5 @@
 -----BEGIN PRIVATE KEY-----
-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgcrhROXQT85e+S8h8
-RE3Z7TPo3+WA2RmzJsXJbXkbi5qhRANCAASIrTkZOM4ip42DCyDADXGc7oV3+Oki
-myTM3st2RIZWG28rFRwH0LebJV2cduq1HdtlVxIEr+RhvyIL7gllueXU
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgrfNUSjLV/7j7LSBf
+zL/hvGEuv+uvf3/aimqjecO7vcShRANCAATGx0o7t0pSrOoFc+pljtqJVxgaSW+w
+9D9C2WdysMeSKKOU+0MzaM4ynLUhETOpBs8E612mdcoeak+G1Emj6UVw
 -----END PRIVATE KEY-----

dashboard/.env.example

@@ -3,13 +3,12 @@ NEXT_PUBLIC_ENV=dev
 NEXT_PUBLIC_NHOST_PLATFORM=false
 
 # Environment Variables for Self Hosting and Local Development
-NEXT_PUBLIC_NHOST_AUTH_URL=https://local.auth.local.nhost.run/v1
-NEXT_PUBLIC_NHOST_CONFIGSERVER_URL=https://local.dashboard.local.nhost.run/v1/configserver/graphql
+NEXT_PUBLIC_NHOST_AUTH_URL=https://local.auth.nhost.local.run/v1
 NEXT_PUBLIC_NHOST_FUNCTIONS_URL=https://local.functions.local.nhost.run/v1
 NEXT_PUBLIC_NHOST_GRAPHQL_URL=https://local.graphql.local.nhost.run/v1
 NEXT_PUBLIC_NHOST_STORAGE_URL=https://local.storage.local.nhost.run/v1
-NEXT_PUBLIC_NHOST_HASURA_CONSOLE_URL=https://local.hasura.local.nhost.run/console
-NEXT_PUBLIC_NHOST_HASURA_MIGRATIONS_API_URL=https://local.hasura.local.nhost.run/apis/migrate
+NEXT_PUBLIC_NHOST_HASURA_CONSOLE_URL=https://local.hasura.local.nhost.run
+NEXT_PUBLIC_NHOST_HASURA_MIGRATIONS_API_URL=https://local.hasura.local.nhost.run/v1/migrations
 NEXT_PUBLIC_NHOST_HASURA_API_URL=https://local.hasura.local.nhost.run
 
 # Environment Variables when running the Nhost Dashboard against the Nhost Backend
@@ -19,13 +18,13 @@ NEXT_PUBLIC_ANALYTICS_WRITE_KEY=<analytics_write_key>
 NEXT_PUBLIC_SEGMENT_CDN_URL=<segment_cdn_url>
 NEXT_PUBLIC_NHOST_BRAGI_WEBSOCKET=<nhost_bragi_websocket>
 
-NEXT_ZENDESK_URL=
-NEXT_ZENDESK_API_KEY=
-NEXT_ZENDESK_USER_EMAIL=
+NEXT_PUBLIC_ZENDESK_URL=
+NEXT_PUBLIC_ZENDESK_API_KEY=
+NEXT_PUBLIC_ZENDESK_USER_EMAIL=
 
 
 CODEGEN_GRAPHQL_URL=https://local.graphql.local.nhost.run/v1
 CODEGEN_HASURA_ADMIN_SECRET=nhost-admin-secret
 NEXT_PUBLIC_TURNSTILE_SITE_KEY=FIXME
 
-NEXT_PUBLIC_SOC2_REPORT_FILE_ID=
+NEXT_PUBLIC_SOC2_REPORT_FILE_ID=

dashboard/.storybook/main.js

@@ -0,0 +1,47 @@
+const TsconfigPathsPlugin = require('tsconfig-paths-webpack-plugin');
+
+module.exports = {
+  stories: ['../src/**/*.stories.mdx', '../src/**/*.stories.@(js|jsx|ts|tsx)'],
+  addons: [
+    '@storybook/addon-links',
+    '@storybook/addon-essentials',
+    '@storybook/addon-interactions',
+    'storybook-addon-next-router',
+    {
+      /**
+       * Fix Storybook issue with PostCSS@8
+       * @see https://github.com/storybookjs/storybook/issues/12668#issuecomment-773958085
+       */
+      name: '@storybook/addon-postcss',
+      options: {
+        postcssLoaderOptions: {
+          implementation: require('postcss'),
+        },
+      },
+    },
+  ],
+  framework: '@storybook/react',
+  core: {
+    builder: '@storybook/builder-webpack5',
+  },
+  features: {
+    emotionAlias: true,
+  },
+  webpackFinal: async (config) => {
+    return {
+      ...config,
+      resolve: {
+        ...config?.resolve,
+        plugins: [
+          ...(config?.resolve?.plugins || []),
+          new TsconfigPathsPlugin(),
+        ],
+      },
+    };
+  },
+  env: (config) => ({
+    ...config,
+    NEXT_PUBLIC_ENV: 'dev',
+    NEXT_PUBLIC_NHOST_PLATFORM: 'false',
+  }),
+};

dashboard/.storybook/preview.js

@@ -0,0 +1,69 @@
+import { NhostProvider } from '@/providers/nhost';
+import '@fontsource/inter';
+import '@fontsource/inter/500.css';
+import '@fontsource/inter/700.css';
+import { CssBaseline, ThemeProvider } from '@mui/material';
+import { createClient } from '@nhost/nhost-js-beta';
+import { NhostApolloProvider } from '@nhost/react-apollo';
+import { QueryClient, QueryClientProvider } from '@tanstack/react-query';
+import { Buffer } from 'buffer';
+import { initialize, mswDecorator } from 'msw-storybook-addon';
+import { RouterContext } from 'next/dist/shared/lib/router-context';
+import { createTheme } from '../src/components/ui/v2/createTheme';
+import '../src/styles/globals.css';
+
+global.Buffer = Buffer;
+
+initialize({ onUnhandledRequest: 'bypass' });
+
+const queryClient = new QueryClient();
+
+export const parameters = {
+  nextRouter: {
+    Provider: RouterContext.Provider,
+    isReady: true,
+  },
+  actions: { argTypesRegex: '^on[A-Z].*' },
+  controls: {
+    matchers: {
+      color: /(background|color)$/i,
+      date: /Date$/,
+    },
+  },
+};
+
+export const decorators = [
+  (Story, context) => {
+    const isDarkMode = !context.globals?.backgrounds?.value
+      ?.toLowerCase()
+      ?.startsWith('#f');
+
+    return (
+      <ThemeProvider theme={createTheme(isDarkMode ? 'dark' : 'light')}>
+        <CssBaseline />
+        <Story />
+      </ThemeProvider>
+    );
+  },
+  (Story) => (
+    <QueryClientProvider client={queryClient}>
+      <Story />
+    </QueryClientProvider>
+  ),
+  (Story) => (
+    <NhostApolloProvider
+      fetchPolicy="cache-first"
+      graphqlUrl="https://local.graphql.nhost.run/v1"
+    >
+      <Story />
+    </NhostApolloProvider>
+  ),
+  (Story) => (
+    <NhostProvider
+      nhost={createClient({ subdomain: 'local', region: 'local' })}
+    >
+      <Story />
+    </NhostProvider>
+  ),
+  mswDecorator,
+];

dashboard/CHANGELOG.md

@@ -1,58 +1,7 @@
-## [@nhost/dashboard@2.42.0] - 2025-11-12
-
-### 🚀 Features
-
-- *(dashboard)* Datatable design improvements (#3657)
-
-
-### ⚙️ Miscellaneous Tasks
-
-- *(dashboard)* Remove v2 ui components from datatable (#3568)
-
-## [@nhost/dashboard@2.41.0] - 2025-11-04
-
-### 🚀 Features
-
-- *(auth)* Added endpoints to retrieve and refresh oauth2 providers' tokens (#3614)
-- *(dashboard)* Get github repositories from github itself (#3640)
-
-
-### 🐛 Bug Fixes
-
-- *(dashboard)* Update SQL editor to use correct hasura migrations API URL (#3645)
-
 # Changelog
 
 All notable changes to this project will be documented in this file.
 
-## [@nhost/dashboard@2.40.0] - 2025-10-27
-
-### 🚀 Features
-
-- *(dashboard)* Allow configuring CSP header (#3627)
-
-
-### ⚙️ Miscellaneous Tasks
-
-- *(dashboard)* Various improvements to support ticket page (#3630)
-
-## [@nhost/dashboard@2.39.0] - 2025-10-22
-
-### 🚀 Features
-
-- *(dashboard)* Move zendesk request to API route (#3628)
-
-
-### 🐛 Bug Fixes
-
-- *(dashboard)* Fix flaky e2e tests (#3536)
-- *(dashboard)* Run audit and lint in dashboard (#3578)
-
-
-### ⚙️ Miscellaneous Tasks
-
-- *(dashboard)* Cleanup e2e remote schemas test before run (#3581)
-
 ## [@nhost/dashboard@2.38.4] - 2025-10-09
 
 ### 🐛 Bug Fixes

dashboard/README.md

@@ -62,6 +62,20 @@ NEXT_PUBLIC_NHOST_HASURA_API_URL=https://local.hasura.local.nhost.run
 
 This will connect the Nhost Dashboard to your locally running Nhost backend.
 
+### Storybook
+
+Components are documented using [Storybook](https://storybook.js.org/). To run Storybook, run the following command:
+
+```bash
+pnpm storybook
+```
+
+By default, Storybook will run on port `6006`. You can change this by passing the `--port` flag:
+
+```bash
+pnpm storybook --port 6007
+```
+
 ### General Environment Variables
 
 | Name                             | Description                                                                                                                                                                                                          |
@@ -82,15 +96,6 @@ This will connect the Nhost Dashboard to your locally running Nhost backend.
 | `NEXT_PUBLIC_NHOST_HASURA_MIGRATIONS_API_URL` | The URL of Hasura's Migrations service. When working locally, point it to the Migrations service started by the CLI.                                                                                   |
 | `NEXT_PUBLIC_NHOST_HASURA_API_URL`            | The URL of Hasura's Schema and Metadata API. When working locally, point it to the Schema and Metadata API started by the CLI. When self-hosting, point it to the self-hosted Schema and Metadata API. |
 
-### Content Security Policy (CSP) Configuration
-
-The dashboard supports build-time CSP configuration to enable self-hosted deployments on custom domains.
-
-| Name         | Description                                                                                                                                                                                                                              |
-| ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `CSP_MODE`   | Controls CSP behavior. Options: `nhost` (default, uses Nhost Cloud CSP), `disabled` (no CSP headers), `custom` (use custom CSP via `CSP_HEADER`). For self-hosted deployments on custom domains, set to `disabled` or `custom`.          |
-| `CSP_HEADER` | Custom Content Security Policy header value. Only used when `CSP_MODE=custom`. Should be a complete CSP string (e.g., `default-src 'self'; script-src 'self' 'unsafe-eval'; ...`).                                                       |
-
 ### Other Environment Variables
 
 | Name                                    | Description                                                                                 |

dashboard/e2e/database/create-table.test.ts

@@ -102,11 +102,11 @@ test('should create a table with nullable columns', async ({
     page.getByRole('link', { name: tableName, exact: true }),
   ).toBeVisible();
   await page
-    .locator(`li:has-text("${tableName}") #table-management-menu-${tableName}`)
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
     .click();
   await page.getByText('Edit Table').click();
-  await expect(page.locator('h2:has-text("Edit Table")')).toBeVisible();
-  await expect(page.locator('div[data-testid="id"]')).toBeVisible();
+  expect(page.locator('h2:has-text("Edit Table")')).toBeVisible();
+  expect(page.locator('div[data-testid="id"]')).toBeVisible();
 });
 
 test('should create a table with an identity column', async ({
@@ -143,16 +143,16 @@ test('should create a table with an identity column', async ({
     page.getByRole('link', { name: tableName, exact: true }),
   ).toBeVisible();
   await page
-    .locator(`li:has-text("${tableName}") #table-management-menu-${tableName}`)
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
     .click();
   await page.getByText('Edit Table').click();
-  await expect(page.locator('h2:has-text("Edit Table")')).toBeVisible();
-  await expect(
+  expect(page.locator('h2:has-text("Edit Table")')).toBeVisible();
+  expect(
     page.locator('button#identityColumnIndex :has-text("identity_column")'),
   ).toBeVisible();
-  await expect(page.locator('[id="columns.3.defaultValue"]')).toBeDisabled();
-  await expect(page.locator('[name="columns.3.isNullable"]')).toBeDisabled();
-  await expect(page.locator('[name="columns.3.isUnique"]')).toBeDisabled();
+  expect(page.locator('[id="columns.3.defaultValue"]')).toBeDisabled();
+  expect(page.locator('[name="columns.3.isNullable"]')).toBeDisabled();
+  expect(page.locator('[name="columns.3.isUnique"]')).toBeDisabled();
 });
 
 test('should create table with foreign key constraint', async ({
@@ -234,46 +234,6 @@ test('should create table with foreign key constraint', async ({
   ).toBeVisible();
 });
 
-test('should be able to create a table with a composite key', async ({
-  authenticatedNhostPage: page,
-}) => {
-  await page.getByRole('button', { name: /new table/i }).click();
-  await expect(page.getByText(/create a new table/i)).toBeVisible();
-
-  const tableName = snakeCase(faker.lorem.words(3));
-
-  await prepareTable({
-    page,
-    name: tableName,
-    primaryKeys: ['id', 'second_id'],
-    columns: [
-      { name: 'id', type: 'uuid', defaultValue: 'gen_random_uuid()' },
-      { name: 'second_id', type: 'uuid', defaultValue: 'gen_random_uuid()' },
-      { name: 'name', type: 'text' },
-    ],
-  });
-
-  await expect(page.locator('div[data-testid="id"]')).toBeVisible();
-  await expect(page.locator('div[data-testid="second_id"]')).toBeVisible();
-
-  await page.getByRole('button', { name: /create/i }).click();
-
-  await page.waitForURL(
-    `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/database/browser/default/public/${tableName}`,
-  );
-
-  await expect(
-    page.getByRole('link', { name: tableName, exact: true }),
-  ).toBeVisible();
-
-  await page
-    .locator(`li:has-text("${tableName}") #table-management-menu-${tableName}`)
-    .click();
-  await page.getByText('Edit Table').click();
-  await expect(page.locator('div[data-testid="id"]')).toBeVisible();
-  await expect(page.locator('div[data-testid="second_id"]')).toBeVisible();
-});
-
 test('should not be able to create a table with a name that already exists', async ({
   authenticatedNhostPage: page,
 }) => {
@@ -320,3 +280,40 @@ test('should not be able to create a table with a name that already exists', asy
     page.getByText(/error: a table with this name already exists/i),
   ).toBeVisible();
 });
+
+test('should be able to create a table with a composite key', async ({
+  authenticatedNhostPage: page,
+}) => {
+  await page.getByRole('button', { name: /new table/i }).click();
+  await expect(page.getByText(/create a new table/i)).toBeVisible();
+
+  const tableName = snakeCase(faker.lorem.words(3));
+
+  await prepareTable({
+    page,
+    name: tableName,
+    primaryKeys: ['id', 'second_id'],
+    columns: [
+      { name: 'id', type: 'uuid', defaultValue: 'gen_random_uuid()' },
+      { name: 'second_id', type: 'uuid', defaultValue: 'gen_random_uuid()' },
+      { name: 'name', type: 'text' },
+    ],
+  });
+
+  await page.getByRole('button', { name: /create/i }).click();
+
+  await page.waitForURL(
+    `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/database/browser/default/public/${tableName}`,
+  );
+
+  await expect(
+    page.getByRole('link', { name: tableName, exact: true }),
+  ).toBeVisible();
+
+  await page
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
+    .click();
+  await page.getByText('Edit Table').click();
+  expect(page.locator('div[data-testid="id"]')).toBeVisible();
+  expect(page.locator('div[data-testid="second_id"]')).toBeVisible();
+});

dashboard/e2e/database/permissions-table.test.ts

@@ -41,7 +41,7 @@ test('should create a table with role permissions to select row', async ({
 
   // Press three horizontal dots more options button next to the table name
   await page
-    .locator(`li:has-text("${tableName}") #table-management-menu-${tableName}`)
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
     .click();
 
   await page.getByRole('menuitem', { name: /edit permissions/i }).click();
@@ -89,7 +89,7 @@ test('should create a table with role permissions and a custom check to select r
 
   // Press three horizontal dots more options button next to the table name
   await page
-    .locator(`li:has-text("${tableName}") #table-management-menu-${tableName}`)
+    .locator(`li:has-text("${tableName}") #table-management-menu button`)
     .click();
 
   await page.getByRole('menuitem', { name: /edit permissions/i }).click();
@@ -114,7 +114,7 @@ test('should create a table with role permissions and a custom check to select r
 
   await page.getByText('Select variable...', { exact: true }).click();
 
-  const variableSelector = page.locator('input[role="combobox"]');
+  const variableSelector = await page.locator('input[role="combobox"]');
 
   await variableSelector.fill('X-Hasura-User-Id');
 

dashboard/e2e/env.ts

@@ -41,13 +41,12 @@ export const TEST_USER_PASSWORD = process.env.NHOST_TEST_USER_PASSWORD!;
 
 export const TEST_PERSONAL_ORG_SLUG = process.env.NHOST_TEST_PERSONAL_ORG_SLUG!;
 
-export const TEST_ONBOARDING_USER = process.env.NHOST_TEST_ONBOARDING_USER!;
+const freeUserEmails = process.env.NHOST_TEST_FREE_USER_EMAILS!;
+
+export const TEST_FREE_USER_EMAILS: string[] = JSON.parse(freeUserEmails);
 
 /**
  * Name of the remote schema serverless function to test against.
  */
 export const TEST_PROJECT_REMOTE_SCHEMA_NAME =
   process.env.NHOST_TEST_PROJECT_REMOTE_SCHEMA_NAME!;
-
-export const TEST_STAGING_SUBDOMAIN = process.env.NHOST_TEST_STAGING_SUBDOMAIN!;
-export const TEST_STAGING_REGION = process.env.NHOST_TEST_STAGING_REGION!;

dashboard/e2e/onboarding/onboarding.test.ts

@@ -1,10 +1,13 @@
 import { expect, test } from '@/e2e/fixtures/auth-hook';
 import {
-  cleanupOnboardingTestIfNeeded,
   getCardExpiration,
   getOrgSlugFromUrl,
+  getProjectSlugFromUrl,
   gotoUrl,
   loginWithFreeUser,
+  setFreeUserStarterOrgSlug,
+  setNewProjectName,
+  setNewProjectSlug,
 } from '@/e2e/utils';
 import { faker } from '@faker-js/faker';
 import type { Page } from '@playwright/test';
@@ -12,15 +15,13 @@ import type { Page } from '@playwright/test';
 let page: Page;
 
 test.beforeAll(async ({ browser }) => {
-  await cleanupOnboardingTestIfNeeded();
-
   page = await browser.newPage();
   await loginWithFreeUser(page);
 });
 
 test('user should be able to finish onboarding', async () => {
   await gotoUrl(page, `/onboarding`);
-  await expect(page.getByText('Welcome to Nhost!')).toBeVisible();
+  expect(page.getByText('Welcome to Nhost!')).toBeVisible();
   const organizationName = faker.lorem.words(3).slice(0, 32);
 
   await page.getByLabel('Organization Name').fill(organizationName);
@@ -67,28 +68,34 @@ test('user should be able to finish onboarding', async () => {
     .getByTestId('hosted-payment-submit-button')
     .click({ force: true });
 
-  await expect(
+  expect(
     page.getByText('Processing new organization request').first(),
   ).toBeVisible();
   await page.waitForSelector(
     'div:has-text("Organization created successfully. Redirecting...")',
   );
 
-  await expect(page.getByText('Create Your First Project')).toBeVisible();
+  expect(page.getByText('Create Your First Project')).toBeVisible();
 
   const projectName = faker.lorem.words(3).slice(0, 32);
   await page.getByLabel('Project Name').fill(projectName);
 
   await page.getByText('Create Project', { exact: true }).click();
 
-  await expect(page.getByText('Creating your project...')).toBeVisible();
-  await expect(page.getByText('Project created successfully!')).toBeVisible();
+  expect(page.getByText('Creating your project...')).toBeVisible();
+  expect(page.getByText('Project created successfully!')).toBeVisible();
 
-  await expect(page.getByText('Internal info')).toBeVisible();
+  expect(page.getByText('Internal info')).toBeVisible();
 
   await page.waitForSelector('h3:has-text("Project Health")', {
     timeout: 180000,
   });
+
+  const newProjectSlug = getProjectSlugFromUrl(page.url());
+  setNewProjectSlug(newProjectSlug);
+  setNewProjectName(organizationName);
+  const newOrgSlug = getOrgSlugFromUrl(page.url());
+  setFreeUserStarterOrgSlug(newOrgSlug);
 });
 
 test('should delete the new organization', async () => {
@@ -100,12 +107,12 @@ test('should delete the new organization', async () => {
   await page.getByRole('button', { name: 'Delete' }).click();
 
   await page.waitForSelector('h2:has-text("Delete Organization")');
-  await expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
+  expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
 
   await page.getByLabel("I'm sure I want to delete this Organization").click();
-  await expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
+  expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
   await page.getByLabel('I understand this action cannot be undone').click();
-  await expect(page.getByTestId('deleteOrgButton')).not.toBeDisabled();
+  expect(page.getByTestId('deleteOrgButton')).not.toBeDisabled();
 
   await page.getByTestId('deleteOrgButton').click();
 
@@ -138,7 +145,7 @@ test('should be able to upgrade an organization', async () => {
   await page.getByRole('link', { name: 'Billing' }).click();
 
   await page.waitForSelector('h4:has-text("Subscription plan")');
-  await expect(page.getByText('Upgrade')).toBeEnabled();
+  expect(page.getByText('Upgrade')).toBeEnabled();
   await page.getByText('Upgrade').click();
   await page.waitForSelector('h2:has-text("Upgrade Organization")');
 
@@ -198,12 +205,12 @@ test('should be able to upgrade an organization', async () => {
   await page.getByRole('button', { name: 'Delete' }).click();
 
   await page.waitForSelector('h2:has-text("Delete Organization")');
-  await expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
+  expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
 
   await page.getByLabel("I'm sure I want to delete this Organization").click();
-  await expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
+  expect(page.getByTestId('deleteOrgButton')).toBeDisabled();
   await page.getByLabel('I understand this action cannot be undone').click();
-  await expect(page.getByTestId('deleteOrgButton')).not.toBeDisabled();
+  expect(page.getByTestId('deleteOrgButton')).not.toBeDisabled();
 
   await page.getByTestId('deleteOrgButton').click();
 

dashboard/e2e/remote-schemas/create-remote-schema.test.ts

@@ -4,64 +4,61 @@ import {
   TEST_PROJECT_SUBDOMAIN,
 } from '@/e2e/env';
 import { expect, test } from '@/e2e/fixtures/auth-hook';
-import { cleanupRemoteSchemaTestIfNeeded } from '@/e2e/utils';
 import { faker } from '@faker-js/faker';
 import { snakeCase } from 'snake-case';
 
 const REMOTE_SCHEMA_TEST_URL = `https://${TEST_PROJECT_SUBDOMAIN}.functions.eu-central-1.staging.nhost.run/v1/${TEST_PROJECT_REMOTE_SCHEMA_NAME}`;
 
-test.beforeAll(async () => {
-  await cleanupRemoteSchemaTestIfNeeded();
-});
-
-test.beforeEach(async ({ authenticatedNhostPage: page }) => {
-  const remoteSchemasRoute = `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/graphql/remote-schemas`;
-  await page.goto(remoteSchemasRoute);
-  await page.waitForURL(remoteSchemasRoute);
-});
-
-test('should create and delete a remote schema from URL', async ({
-  authenticatedNhostPage: page,
-}) => {
-  await page.getByRole('button', { name: /add remote schema/i }).click();
-  await expect(page.getByText(/create a new remote schema/i)).toBeVisible();
-
-  const schemaName = snakeCase(`e2e ${faker.lorem.words(2)}`);
-
-  await page.getByPlaceholder(/remote schema name/i).fill(schemaName);
-  await page
-    .getByPlaceholder(/graphql-service\.example\.com/i)
-    .fill(REMOTE_SCHEMA_TEST_URL);
-
-  await page.getByRole('button', { name: /create/i }).click();
-
-  await page.waitForSelector(
-    'div:has-text("The remote schema has been created successfully.")',
-  );
-
-  const detailsUrl = `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/graphql/remote-schemas/${schemaName}`;
-  await page.waitForURL(detailsUrl);
-
-  await expect(
-    page.getByRole('link', { name: schemaName, exact: true }),
-  ).toBeVisible();
-
-  const schemaLink = page.getByRole('link', {
-    name: schemaName,
-    exact: true,
+test.describe('Remote Schemas', () => {
+  test.beforeEach(async ({ authenticatedNhostPage: page }) => {
+    const remoteSchemasRoute = `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/graphql/remote-schemas`;
+    await page.goto(remoteSchemasRoute);
+    await page.waitForURL(remoteSchemasRoute);
   });
 
-  await schemaLink.hover();
-  await page
-    .getByRole('listitem')
-    .filter({ hasText: schemaName })
-    .getByRole('button')
-    .click();
+  test('should create and delete a remote schema from URL', async ({
+    authenticatedNhostPage: page,
+  }) => {
+    await page.getByRole('button', { name: /add remote schema/i }).click();
+    await expect(page.getByText(/create a new remote schema/i)).toBeVisible();
 
-  await page.getByRole('menuitem', { name: /delete remote schema/i }).click();
-  await page.getByRole('button', { name: /^delete$/i }).click();
+    const schemaName = snakeCase(`e2e ${faker.lorem.words(2)}`);
 
-  await expect(
-    page.getByRole('link', { name: schemaName, exact: true }),
-  ).toHaveCount(0);
+    await page.getByPlaceholder(/remote schema name/i).fill(schemaName);
+    await page
+      .getByPlaceholder(/graphql-service\.example\.com/i)
+      .fill(REMOTE_SCHEMA_TEST_URL);
+
+    await page.getByRole('button', { name: /create/i }).click();
+
+    await page.waitForSelector(
+      'div:has-text("The remote schema has been created successfully.")',
+    );
+
+    const detailsUrl = `/orgs/${TEST_ORGANIZATION_SLUG}/projects/${TEST_PROJECT_SUBDOMAIN}/graphql/remote-schemas/${schemaName}`;
+    await page.waitForURL(detailsUrl);
+
+    await expect(
+      page.getByRole('link', { name: schemaName, exact: true }),
+    ).toBeVisible();
+
+    const schemaLink = page.getByRole('link', {
+      name: schemaName,
+      exact: true,
+    });
+
+    await schemaLink.hover();
+    await page
+      .getByRole('listitem')
+      .filter({ hasText: schemaName })
+      .getByRole('button')
+      .click();
+
+    await page.getByRole('menuitem', { name: /delete remote schema/i }).click();
+    await page.getByRole('button', { name: /^delete$/i }).click();
+
+    await expect(
+      page.getByRole('link', { name: schemaName, exact: true }),
+    ).toHaveCount(0);
+  });
 });

dashboard/e2e/utils.ts

@@ -1,16 +1,9 @@
-/* eslint-disable no-await-in-loop */
 import {
-  TEST_ONBOARDING_USER,
+  TEST_FREE_USER_EMAILS,
   TEST_ORGANIZATION_SLUG,
-  TEST_PROJECT_ADMIN_SECRET,
   TEST_PROJECT_SUBDOMAIN,
-  TEST_STAGING_REGION,
-  TEST_STAGING_SUBDOMAIN,
   TEST_USER_PASSWORD,
 } from '@/e2e/env';
-import { expect } from '@/e2e/fixtures/auth-hook';
-import { isEmptyValue } from '@/lib/utils';
-import type { ExportMetadataResponse } from '@/utils/hasura-api/generated/schemas';
 import { faker } from '@faker-js/faker';
 import { type Page } from '@playwright/test';
 import { add, format } from 'date-fns-v4';
@@ -132,26 +125,12 @@ export async function prepareTable({
     ),
   );
   await page.getByLabel('Primary Key').click();
-
-  await page
-    .getByRole('option', { name: columns[0].name, exact: true })
-    .waitFor({ timeout: 1000 });
-  await expect(
-    page.getByRole('option', { name: columns[0].name, exact: true }),
-  ).toBeVisible();
-  // eslint-disable-next-line no-restricted-syntax
-  for (const primaryKey of primaryKeys) {
-    await page.waitForTimeout(1000);
-    await page.getByRole('option', { name: primaryKey, exact: true }).click();
-    await page
-      .locator(`div[data-testid="${primaryKey}"]`)
-      .waitFor({ timeout: 1000 });
-  }
+  await Promise.all(
+    primaryKeys.map(async (primaryKey) => {
+      await page.getByRole('option', { name: primaryKey, exact: true }).click();
+    }),
+  );
   await page.getByText('Create a New Table').click();
-  await page.waitForTimeout(1000);
-  await expect(
-    page.getByRole('option', { name: columns[0].name, exact: true }),
-  ).not.toBeVisible();
 }
 
 /**
@@ -253,6 +232,42 @@ export async function gotoUrl(page: Page, url: string) {
   await page.waitForURL(url, { waitUntil: 'load' });
 }
 
+let newOrgSlug: string;
+
+export function getNewOrgSlug() {
+  return newOrgSlug;
+}
+
+export function setNewOrgSlug(slug: string) {
+  newOrgSlug = slug;
+}
+
+let freeUserStarterOrgSlug: string;
+
+export function getFreeUserStarterOrgSlug() {
+  return freeUserStarterOrgSlug;
+}
+
+export function setFreeUserStarterOrgSlug(slug: string) {
+  freeUserStarterOrgSlug = slug;
+}
+
+let newProjectSlug: string;
+
+export function getNewProjectSlug() {
+  return newProjectSlug;
+}
+
+export function setNewProjectSlug(slug: string) {
+  newProjectSlug = slug;
+}
+
+export function getProjectSlugFromUrl(url: string) {
+  const [, projectSlug] = url.split('/projects/');
+
+  return projectSlug;
+}
+
 export function getOrgSlugFromUrl(url: string) {
   const orgSlug = url.split('/orgs/')[1].split('/projects/')[0];
   return orgSlug;
@@ -263,13 +278,33 @@ export function getCardExpiration() {
   return format(now, 'MMyy');
 }
 
+let newProjectName: string;
+
+export function getNewProjectName() {
+  return newProjectName;
+}
+
+export function setNewProjectName(name: string) {
+  newProjectName = name;
+}
+
+function getRandomUserIndex(): number {
+  return Math.floor(Math.random() * TEST_FREE_USER_EMAILS.length);
+}
+
 export async function loginWithFreeUser(page: Page) {
+  const userIndex = getRandomUserIndex();
+
+  const freeUserEmail = TEST_FREE_USER_EMAILS[userIndex];
+
+  // eslint-disable-next-line no-console
+  console.log(`Selected userIndex: ${userIndex}`);
   await page.goto('/');
   await page.waitForURL('/signin');
   await page.getByRole('link', { name: /continue with email/i }).click();
 
   await page.waitForURL('/signin/email');
-  await page.getByLabel('Email').fill(TEST_ONBOARDING_USER);
+  await page.getByLabel('Email').fill(freeUserEmail);
   await page.getByLabel('Password').fill(TEST_USER_PASSWORD);
   await page.getByRole('button', { name: /sign in/i }).click();
 
@@ -284,132 +319,3 @@ export function toPascalCase(str: string, divider = ' ') {
     .map((word) => word.charAt(0).toUpperCase() + word.slice(1).toLowerCase())
     .join('');
 }
-
-export async function cleanupOnboardingTestIfNeeded() {
-  const signinUrl = `https://${TEST_STAGING_SUBDOMAIN}.auth.${TEST_STAGING_REGION}.nhost.run/v1/signin/email-password`;
-  const graphqlUrl = `https://${TEST_STAGING_SUBDOMAIN}.graphql.${TEST_STAGING_REGION}.nhost.run/v1`;
-
-  try {
-    const response = await fetch(signinUrl, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        email: TEST_ONBOARDING_USER,
-        password: TEST_USER_PASSWORD,
-      }),
-    });
-    const data = await response.json();
-
-    const userId = data.session?.user?.id;
-    const accessToken = data.session?.accessToken;
-    const organizationPayload = {
-      query: `
-      query {
-        organizations(where: { members: {userID: {_eq: "${userId}"}} }) {
-          id
-        }
-      }`,
-    };
-
-    const authHeader = `Bearer ${accessToken}`;
-
-    const orgResponse = await fetch(graphqlUrl, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: authHeader,
-      },
-      body: JSON.stringify(organizationPayload),
-    });
-
-    const orgData = await orgResponse.json();
-
-    const organizations = orgData.data?.organizations;
-
-    if (organizations && organizations.length > 0) {
-      // eslint-disable-next-line no-console
-      console.log('Cleaning up organization');
-      await Promise.all(
-        organizations.map(({ id }) =>
-          fetch(graphqlUrl, {
-            method: 'POST',
-            headers: {
-              'Content-Type': 'application/json',
-              Authorization: authHeader,
-            },
-            body: JSON.stringify({
-              query: `
-            mutation {
-              billingDeleteOrganization(organizationID: "${id}")
-            }
-          `,
-            }),
-          }),
-        ),
-      );
-    }
-  } catch (error) {
-    // eslint-disable-next-line no-console
-    console.log(error);
-    throw error;
-  }
-}
-
-export async function cleanupRemoteSchemaTestIfNeeded() {
-  try {
-    const response = await fetch(
-      `https://${TEST_PROJECT_SUBDOMAIN}.hasura.eu-central-1.staging.nhost.run/v1/metadata`,
-      {
-        method: 'POST',
-        headers: {
-          'x-hasura-admin-secret': TEST_PROJECT_ADMIN_SECRET,
-        },
-        body: JSON.stringify({
-          type: 'export_metadata',
-          version: 2,
-          args: {},
-        }),
-      },
-    );
-    const data = (await response.json()) as ExportMetadataResponse;
-
-    const remoteSchemas = data.metadata?.remote_schemas;
-
-    if (isEmptyValue(remoteSchemas)) {
-      return;
-    }
-
-    const schemasToDelete = remoteSchemas!.filter((remoteSchema) =>
-      /^e2e_\w+_\w+$/.test(remoteSchema.name),
-    );
-
-    await Promise.all(
-      schemasToDelete.map((remoteSchema) =>
-        fetch(
-          `https://${TEST_PROJECT_SUBDOMAIN}.hasura.eu-central-1.staging.nhost.run/v1/metadata`,
-          {
-            method: 'POST',
-            headers: {
-              'x-hasura-admin-secret': TEST_PROJECT_ADMIN_SECRET,
-            },
-            body: JSON.stringify({
-              args: [
-                {
-                  type: 'remove_remote_schema',
-                  args: {
-                    name: remoteSchema.name,
-                  },
-                },
-              ],
-              source: 'default',
-              type: 'bulk',
-            }),
-          },
-        ),
-      ),
-    );
-  } catch (error) {
-    console.error(error);
-    throw error;
-  }
-}

dashboard/next.config.js

@@ -4,31 +4,21 @@ const withBundleAnalyzer = require('@next/bundle-analyzer')({
 });
 const { version } = require('./package.json');
 
-function getCspHeader() {
-  switch (process.env.CSP_MODE) {
-    case 'disabled':
-      return null;
-    case 'custom':
-      return process.env.CSP_HEADER || null;
-    case 'nhost':
-    default:
-      return [
-        "default-src 'self' *.nhost.run wss://*.nhost.run nhost.run wss://nhost.run",
-        "script-src 'self' 'unsafe-eval' cdn.segment.com js.stripe.com challenges.cloudflare.com googletagmanager.com",
-        "connect-src 'self' *.nhost.run wss://*.nhost.run nhost.run wss://nhost.run discord.com api.segment.io api.segment.com cdn.segment.com nhost.zendesk.com api.github.com",
-        "style-src 'self' 'unsafe-inline'",
-        "img-src 'self' blob: data: github.com avatars.githubusercontent.com s.gravatar.com *.nhost.run nhost.run",
-        "font-src 'self' data:",
-        "object-src 'none'",
-        "base-uri 'self'",
-        "form-action 'self'",
-        "frame-ancestors 'none'",
-        "frame-src 'self' js.stripe.com challenges.cloudflare.com",
-        "block-all-mixed-content",
-        "upgrade-insecure-requests",
-      ].join('; ') + ';';
-  }
-}
+const cspHeader = `
+    default-src 'self' *.nhost.run wss://*.nhost.run nhost.run wss://nhost.run;
+    script-src 'self' 'unsafe-eval' cdn.segment.com js.stripe.com challenges.cloudflare.com googletagmanager.com;
+    connect-src 'self' *.nhost.run wss://*.nhost.run nhost.run wss://nhost.run discord.com api.segment.io api.segment.com cdn.segment.com nhost.zendesk.com;
+    style-src 'self' 'unsafe-inline';
+    img-src 'self' blob: data: github.com avatars.githubusercontent.com s.gravatar.com *.nhost.run nhost.run;
+    font-src 'self' data:;
+    object-src 'none';
+    base-uri 'self';
+    form-action 'self';
+    frame-ancestors 'none';
+    frame-src 'self' js.stripe.com challenges.cloudflare.com;
+    block-all-mixed-content;
+    upgrade-insecure-requests;
+`;
 
 module.exports = withBundleAnalyzer({
   reactStrictMode: false,
@@ -44,19 +34,13 @@ module.exports = withBundleAnalyzer({
     dirs: ['src'],
   },
   async headers() {
-    const cspHeader = getCspHeader();
-
-    if (!cspHeader) {
-      return []; // No CSP headers
-    }
-
     return [
       {
-        source: '/:path*',
+        source: '/(.*)',
         headers: [
           {
             key: 'Content-Security-Policy',
-            value: cspHeader,
+            value: cspHeader.replace(/\s+/g, ' ').trim(),
           },
           {
             key: 'X-Frame-Options',
@@ -126,4 +110,4 @@ module.exports = withBundleAnalyzer({
       },
     ];
   },
-});
+});

dashboard/package.json

@@ -9,15 +9,15 @@
     "analyze": "ANALYZE=true pnpm build --no-lint",
     "start": "next start",
     "lint": "next lint --max-warnings 0",
-    "test": "pnpm lint && pnpm test:vitest",
-    "test:vitest": "vitest --run",
+    "test": "vitest --run",
     "test:watch": "vitest",
     "generate": "echo 'This needs to be fixed.'",
     "codegen": "DOTENV_CONFIG_PATH=./.env.local graphql-codegen -r dotenv/config --config graphql.config.yaml --errors-only",
     "codegen-graphite": "graphql-codegen --config graphite.graphql.config.yaml --errors-only",
     "codegen-hasura-api": "orval --config src/utils/hasura-api/orval.config.ts",
     "format": "prettier --write \"src/**/*.{js,ts,tsx,jsx,json,md}\" --plugin-search-dir=.",
-    "install-browsers": "pnpm playwright install && pnpm playwright install-deps",
+    "storybook": "start-storybook -p 6006 -s public",
+    "build-storybook": "build-storybook",
     "e2e:tests": "pnpm playwright test --config=playwright.config.ts -x",
     "e2e": "pnpm e2e:tests --project=main",
     "e2e:local": "pnpm e2e:tests --project=local",
@@ -38,7 +38,6 @@
     "@graphiql/react": "^0.22.3",
     "@graphiql/toolkit": "^0.9.1",
     "@headlessui/react": "^1.7.18",
-    "@hello-pangea/dnd": "^18.0.1",
     "@heroicons/react": "^1.0.6",
     "@hookform/resolvers": "^3.9.0",
     "@iarna/toml": "^2.2.5",
@@ -61,7 +60,7 @@
     "@radix-ui/react-radio-group": "^1.2.0",
     "@radix-ui/react-select": "^2.1.2",
     "@radix-ui/react-separator": "^1.1.0",
-    "@radix-ui/react-slot": "^1.1.2",
+    "@radix-ui/react-slot": "^1.1.1",
     "@radix-ui/react-switch": "^1.2.6",
     "@radix-ui/react-tabs": "^1.1.3",
     "@radix-ui/react-tooltip": "^1.1.2",
@@ -94,7 +93,7 @@
     "just-kebab-case": "^4.2.0",
     "jwt-decode": "^4.0.0",
     "lodash.debounce": "^4.0.8",
-    "lucide-react": "^0.552.0",
+    "lucide-react": "^0.416.0",
     "next": "^14.2.31",
     "next-nprogress-bar": "^2.3.13",
     "next-seo": "^6.5.0",
@@ -111,6 +110,7 @@
     "react-hot-toast": "^2.4.1",
     "react-intersection-observer": "^9.8.1",
     "react-is": "18.2.0",
+    "react-loading-skeleton": "^2.2.0",
     "react-markdown": "^9.0.1",
     "react-merge-refs": "^3.0.2",
     "react-resizable-layout": "^0.7.2",
@@ -126,7 +126,7 @@
     "timezones-list": "^3.1.0",
     "utility-types": "^3.11.0",
     "uuid": "^9.0.1",
-    "validator": "^13.15.20",
+    "validator": "^13.11.0",
     "yup": "^1.4.0",
     "yup-password": "^0.2.2",
     "zod": "^3.23.8"
@@ -135,12 +135,21 @@
     "@babel/core": "^7.24.3",
     "@eslint/js": "9.26.0",
     "@faker-js/faker": "^7.6.0",
-    "@graphql-codegen/cli": "^6.0.0",
+    "@graphql-codegen/cli": "^5.0.2",
     "@graphql-codegen/typescript": "^3.0.4",
     "@graphql-codegen/typescript-operations": "^3.0.4",
     "@graphql-codegen/typescript-react-apollo": "^3.3.7",
     "@next/bundle-analyzer": "^12.3.4",
     "@playwright/test": "1.54.1",
+    "@storybook/addon-actions": "^6.5.16",
+    "@storybook/addon-essentials": "^6.5.16",
+    "@storybook/addon-interactions": "^6.5.16",
+    "@storybook/addon-links": "^6.5.16",
+    "@storybook/addon-postcss": "^2.0.0",
+    "@storybook/builder-webpack5": "^6.5.16",
+    "@storybook/manager-webpack5": "^6.5.16",
+    "@storybook/react": "^7.6.17",
+    "@storybook/testing-library": "^0.2.2",
     "@tailwindcss/typography": "^0.5.12",
     "@testing-library/dom": "^9.3.4",
     "@testing-library/jest-dom": "^5.17.0",
@@ -150,7 +159,7 @@
     "@types/bcryptjs": "^2.4.6",
     "@types/jest": "^29.5.12",
     "@types/lodash.debounce": "^4.0.9",
-    "@types/node": "^20.14.8",
+    "@types/node": "^16.18.93",
     "@types/pluralize": "^0.0.30",
     "@types/react": "18.2.73",
     "@types/react-dom": "^18.2.23",
@@ -160,8 +169,8 @@
     "@types/validator": "^13.11.9",
     "@typescript-eslint/eslint-plugin": "^6.21.0",
     "@typescript-eslint/parser": "^6.21.0",
-    "@vitejs/plugin-react": "^4.7.0",
-    "@vitest/coverage-v8": "^3.2.4",
+    "@vitejs/plugin-react": "^4.2.1",
+    "@vitest/coverage-v8": "^0.32.4",
     "audit-ci": "^6.6.1",
     "autoprefixer": "^10.4.19",
     "babel-loader": "^8.3.0",
@@ -185,21 +194,24 @@
     "eslint-plugin-vue": "^9.26.0",
     "jsdom": "^22.1.0",
     "lint-staged": "^15.2.2",
-    "msw": "^2.11.4",
+    "msw": "^1.3.5",
+    "msw-storybook-addon": "^1.10.0",
     "node-fetch": "^3.3.2",
     "orval": "^7.11.2",
     "postcss": "^8.4.38",
     "prettier": "^3.4.2",
     "prettier-plugin-organize-imports": "^4.1.0",
     "prettier-plugin-tailwindcss": "^0.6.11",
+    "react-date-fns-hooks": "^0.9.4",
     "require-from-string": "^2.0.2",
     "snake-case": "^3.0.4",
+    "storybook-addon-next-router": "^4.0.2",
     "tailwindcss": "^3.4.12",
     "ts-node": "^10.9.2",
     "tsconfig-paths-webpack-plugin": "^4.1.0",
-    "vite": "^5.4.21",
+    "vite": "^5.4.20",
     "vite-tsconfig-paths": "^4.3.2",
-    "vitest": "^3.2.4"
+    "vitest": "^0.32.4"
   },
   "browserslist": {
     "production": [
@@ -230,11 +242,6 @@
           "@lezer/highlight": "^1.0.0"
         }
       }
-    },
-    "overrides": {
-      "esbuild@<=0.24.2": ">=0.25.0",
-      "js-yaml@<=4.1.0": ">=4.1.1",
-      "glob@>=10.3.7 <=11.0.3": ">=11.1.0"
     }
   }
 }

dashboard/playwright.config.ts

@@ -6,14 +6,14 @@ dotenv.config({ path: path.resolve(__dirname, '.env.test') });
 
 export default defineConfig({
   testDir: './e2e',
-  maxFailures: process.env.CI ? 3 : 1,
+  maxFailures: 1,
   timeout: 120 * 1000,
   expect: {
     timeout: 10000,
   },
   fullyParallel: false,
   forbidOnly: !!process.env.CI,
-  retries: process.env.CI ? 2 : 0,
+  retries: 2,
   workers: 1,
   reporter: 'html',
   use: {

dashboard/project.nix

@@ -66,6 +66,7 @@ let
       "${submodule}/tsconfig.test.json"
       "${submodule}/vitest.config.ts"
       "${submodule}/vitest.global-setup.ts"
+      (inDirectory "${submodule}/.storybook")
       (inDirectory "${submodule}/e2e")
       (inDirectory "${submodule}/public")
       (inDirectory "${submodule}/src")
@@ -166,12 +167,6 @@ rec {
     '';
   };
 
-  packageWithDisabledCSP = package.overrideAttrs (oldAttrs: {
-    configurePhase = oldAttrs.configurePhase + ''
-      export CSP_MODE=disabled
-    '';
-  });
-
   dockerImage = pkgs.runCommand "image-as-dir" { } ''
     ${(nix2containerPkgs.nix2container.buildImage {
       inherit name created;
@@ -181,7 +176,7 @@ rec {
       copyToRoot = pkgs.buildEnv {
         name = "image";
         paths = [
-          packageWithDisabledCSP
+          package
           (pkgs.writeTextFile {
             name = "tmp-file";
             text = ''
@@ -218,3 +213,5 @@ rec {
     }).copyTo}/bin/copy-to dir:$out
   '';
 }
+
+

dashboard/react-table-config.d.ts

@@ -64,6 +64,7 @@ declare module 'react-table' {
 
   export interface Cell<
     D extends Record<string, unknown> = Record<string, unknown>,
+    V = any,
   > extends UseGroupByCellProps<D>,
       UseRowStateCellProps<D> {}
 

dashboard/src/components/common/DragAndDropList/DragAndDropList.tsx

@@ -1,41 +0,0 @@
-import { cn } from '@/lib/utils';
-import {
-  DragDropContext,
-  Droppable,
-  type DragDropContextProps,
-  type DroppableProps,
-} from '@hello-pangea/dnd';
-import type { PropsWithChildren } from 'react';
-
-type DragAndDropListProps = Omit<
-  DroppableProps & DragDropContextProps,
-  'children'
-> & {
-  wrapperClassName?: string;
-};
-
-function DragAndDropList({
-  droppableId,
-  onDragEnd,
-  children,
-  wrapperClassName,
-}: PropsWithChildren<DragAndDropListProps>) {
-  return (
-    <DragDropContext onDragEnd={onDragEnd}>
-      <Droppable droppableId={droppableId}>
-        {(provided) => (
-          <div
-            {...provided.droppableProps}
-            ref={provided.innerRef}
-            className={cn(wrapperClassName)}
-          >
-            {children}
-            {provided.placeholder}
-          </div>
-        )}
-      </Droppable>
-    </DragDropContext>
-  );
-}
-
-export default DragAndDropList;

dashboard/src/components/common/DragAndDropList/DraggableItem.tsx

@@ -1,30 +0,0 @@
-import { cn } from '@/lib/utils';
-import { Draggable, type DraggableProps } from '@hello-pangea/dnd';
-import type { PropsWithChildren } from 'react';
-
-export type DraggableItemProps = PropsWithChildren<
-  Omit<DraggableProps, 'children'> & { className?: string }
->;
-
-function DraggableItem({
-  children,
-  className,
-  ...draggableProps
-}: DraggableItemProps) {
-  return (
-    <Draggable {...draggableProps}>
-      {(provided) => (
-        <div
-          ref={provided.innerRef}
-          {...provided.draggableProps}
-          {...provided.dragHandleProps}
-          className={cn(className)}
-        >
-          {children}
-        </div>
-      )}
-    </Draggable>
-  );
-}
-
-export default DraggableItem;

dashboard/src/components/common/DragAndDropList/index.ts

@@ -1,3 +0,0 @@
-export { default as DragAndDropList } from './DragAndDropList';
-export * from './DraggableItem';
-export { default as DraggableItem } from './DraggableItem';

dashboard/src/components/common/TimePicker/TimePickerInput.tsx

@@ -123,7 +123,7 @@ const TimePickerInput = React.forwardRef<
         id={id || picker}
         name={name || picker}
         className={cn(
-          'w-[48px] text-center font-mono text-base tabular-nums focus:bg-accent-background focus:text-accent-foreground [&::-webkit-inner-spin-button]:appearance-none',
+          'w-[48px] text-center font-mono text-base tabular-nums focus:bg-accent focus:text-accent-foreground [&::-webkit-inner-spin-button]:appearance-none',
           className,
         )}
         value={value || calculatedValue}

dashboard/src/components/form/FormActivityIndicator/FormActivityIndicator.tsx

@@ -1,25 +1,26 @@
-import { Spinner } from '@/components/ui/v3/spinner';
-import { cn } from '@/lib/utils';
+import { ActivityIndicator } from '@/components/ui/v2/ActivityIndicator';
+import type { BoxProps } from '@/components/ui/v2/Box';
+import { Box } from '@/components/ui/v2/Box';
+import { twMerge } from 'tailwind-merge';
 
-export interface FormActivityIndicatorProps {
-  className?: string;
-}
+export interface FormActivityIndicatorProps extends BoxProps {}
 
 export default function FormActivityIndicator({
   className,
   ...props
 }: FormActivityIndicatorProps) {
   return (
-    <div
+    <Box
       {...props}
-      className={cn(
-        'box grid h-full items-center justify-center px-6 py-4',
+      className={twMerge(
+        'grid items-center justify-center px-6 py-4',
         className,
       )}
     >
-      <Spinner className="h-5 w-5" wrapperClassName="flex-row gap-1">
-        Loading form...
-      </Spinner>
-    </div>
+      <ActivityIndicator
+        circularProgressProps={{ className: 'w-5 h-5' }}
+        label="Loading form..."
+      />
+    </Box>
   );
 }

dashboard/src/components/form/FormInput/FormInput.tsx

@@ -1,27 +1,12 @@
 import {
   FormControl,
-  FormDescription,
   FormField,
   FormItem,
   FormLabel,
   FormMessage,
 } from '@/components/ui/v3/form';
 import { Input } from '@/components/ui/v3/input';
-import { cn, isNotEmptyValue } from '@/lib/utils';
-import {
-  type ChangeEvent,
-  type ForwardedRef,
-  forwardRef,
-  type ReactNode,
-} from 'react';
-import type {
-  Control,
-  ControllerRenderProps,
-  FieldPath,
-  FieldValues,
-  PathValue,
-} from 'react-hook-form';
-import { mergeRefs } from 'react-merge-refs';
+import type { Control, FieldPath, FieldValues } from 'react-hook-form';
 
 const inputClasses =
   '!bg-transparent aria-[invalid=true]:border-red-500 aria-[invalid=true]:focus:border-red-500 aria-[invalid=true]:focus:ring-red-500';
@@ -32,116 +17,43 @@ interface FormInputProps<
 > {
   control: Control<TFieldValues>;
   name: TName;
-  label: ReactNode;
+  label: string;
   placeholder?: string;
   className?: string;
   type?: string;
-  inline?: boolean;
-  helperText?: string | null;
-  transformValue?: (
-    value: PathValue<TFieldValues, TName>,
-  ) => PathValue<TFieldValues, TName>;
 }
 
-function InnerFormInput<
+function FormInput<
   TFieldValues extends FieldValues = FieldValues,
   TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
->(
-  {
-    control,
-    name,
-    label,
-    placeholder,
-    className = '',
-    type = 'text',
-    inline,
-    helperText,
-    transformValue,
-  }: FormInputProps<TFieldValues, TName>,
-  ref: ForwardedRef<HTMLInputElement>,
-) {
-  function getOnChangeHandlerAndValue(
-    field: ControllerRenderProps<TFieldValues, TName>,
-  ): [
-    PathValue<TFieldValues, TName>,
-    (e: ChangeEvent<HTMLInputElement>) => void,
-  ] {
-    const { onChange, value } = field;
-
-    function handleOnChange(event: ChangeEvent<HTMLInputElement>) {
-      let transformedValue = event.target.value;
-      if (isNotEmptyValue(transformValue)) {
-        transformedValue = transformValue(
-          event.target.value as PathValue<TFieldValues, TName>,
-        );
-      }
-      onChange(transformedValue);
-    }
-
-    const transformedValue = isNotEmptyValue(transformValue)
-      ? transformValue(value)
-      : value;
-
-    return [transformedValue, handleOnChange];
-  }
+>({
+  control,
+  name,
+  label,
+  placeholder,
+  className = '',
+  type = 'text',
+}: FormInputProps<TFieldValues, TName>) {
   return (
     <FormField
       control={control}
       name={name}
-      render={({ field }) => {
-        const { onChange, value, ...fieldProps } = field;
-
-        const [tValue, handleOnChange] = getOnChangeHandlerAndValue(field);
-        return (
-          <FormItem
-            className={cn({ 'flex w-full items-center gap-4 py-3': inline })}
-          >
-            <FormLabel
-              className={cn({
-                'mt-2 w-52 max-w-52 flex-shrink-0 self-start': inline,
-              })}
-            >
-              {label}
-            </FormLabel>
-            <div
-              className={cn({
-                'flex w-[calc(100%-13.5rem)] max-w-[calc(100%-13.5rem)] flex-col gap-2':
-                  inline,
-              })}
-            >
-              <FormControl>
-                <Input
-                  type={type}
-                  placeholder={placeholder}
-                  onChange={handleOnChange}
-                  value={tValue}
-                  {...fieldProps}
-                  ref={mergeRefs([field.ref, ref])}
-                  className={cn(inputClasses, className)}
-                  wrapperClassName={cn({ 'w-full': !inline })}
-                />
-              </FormControl>
-              {!!helperText && (
-                <FormDescription className="break-all px-[1px]">
-                  {helperText}
-                </FormDescription>
-              )}
-              <FormMessage />
-            </div>
-          </FormItem>
-        );
-      }}
+      render={({ field }) => (
+        <FormItem>
+          <FormLabel>{label}</FormLabel>
+          <FormControl>
+            <Input
+              type={type}
+              placeholder={placeholder || label}
+              {...field}
+              className={`${inputClasses} ${className}`}
+            />
+          </FormControl>
+          <FormMessage />
+        </FormItem>
+      )}
     />
   );
 }
 
-const FormInput = forwardRef(InnerFormInput) as <
-  TFieldValues extends FieldValues = FieldValues,
-  TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
->(
-  props: FormInputProps<TFieldValues, TName> & {
-    ref?: ForwardedRef<HTMLInputElement>;
-  },
-) => ReturnType<typeof InnerFormInput>;
-
 export default FormInput;

dashboard/src/components/form/FormSelect/FormSelect.tsx

@@ -1,125 +0,0 @@
-import {
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@/components/ui/v3/form';
-import {
-  Select,
-  SelectContent,
-  SelectTrigger,
-  SelectValue,
-} from '@/components/ui/v3/select';
-import { cn, isNotEmptyValue } from '@/lib/utils';
-import type { PropsWithChildren, ReactNode } from 'react';
-import type {
-  Control,
-  ControllerRenderProps,
-  FieldPath,
-  FieldValues,
-  PathValue,
-} from 'react-hook-form';
-
-interface FormSelectProps<
-  TFieldValues extends FieldValues = FieldValues,
-  TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
-> {
-  control: Control<TFieldValues>;
-  name: TName;
-  label: ReactNode;
-  placeholder?: string;
-  className?: string;
-  inline?: boolean;
-  helperText?: string | null;
-  transformValue?: (
-    value: PathValue<TFieldValues, TName>,
-  ) => PathValue<TFieldValues, TName>;
-}
-
-function FormSelect<
-  TFieldValues extends FieldValues = FieldValues,
-  TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
->({
-  control,
-  name,
-  label,
-  placeholder,
-  className = '',
-  inline,
-  helperText,
-  children,
-  transformValue,
-}: PropsWithChildren<FormSelectProps<TFieldValues, TName>>) {
-  function getOnChangeHandlerAndValue(
-    field: ControllerRenderProps<TFieldValues, TName>,
-  ): [string, (v: string) => void] {
-    const { onChange, value } = field;
-
-    function handleOnChange(newValue: string) {
-      const transformedNewValue = isNotEmptyValue(transformValue)
-        ? transformValue(newValue as PathValue<TFieldValues, TName>)
-        : newValue;
-
-      onChange(transformedNewValue);
-    }
-
-    const transformedValue: string = isNotEmptyValue(transformValue)
-      ? transformValue(value as PathValue<TFieldValues, TName>)
-      : value;
-
-    return [transformedValue, handleOnChange];
-  }
-  return (
-    <FormField
-      control={control}
-      name={name}
-      render={({ field }) => {
-        const { onChange, value, ...selectProps } = field;
-        const [tValue, handleOnChange] = getOnChangeHandlerAndValue(field);
-        return (
-          <FormItem
-            className={cn({ 'flex w-full items-center gap-4 py-3': inline })}
-          >
-            <FormLabel
-              className={cn({
-                'w-52 max-w-52 flex-shrink-0': inline,
-                'mt-2 self-start': inline && !!helperText,
-              })}
-            >
-              {label}
-            </FormLabel>
-            <div
-              className={cn({
-                'flex w-[calc(100%-13.5rem)] max-w-[calc(100%-13.5rem)] flex-col gap-2':
-                  inline,
-              })}
-            >
-              <Select
-                onValueChange={handleOnChange}
-                value={tValue}
-                {...selectProps}
-              >
-                <FormControl>
-                  <SelectTrigger className={className}>
-                    <SelectValue placeholder={placeholder} />
-                  </SelectTrigger>
-                </FormControl>
-                <SelectContent>{children}</SelectContent>
-              </Select>
-              {!!helperText && (
-                <FormDescription className="break-all px-[1px]">
-                  {helperText}
-                </FormDescription>
-              )}
-              <FormMessage />
-            </div>
-          </FormItem>
-        );
-      }}
-    />
-  );
-}
-
-export default FormSelect;

dashboard/src/components/form/FormSelect/index.ts

@@ -1 +0,0 @@
-export { default as FormSelect } from './FormSelect';

dashboard/src/components/form/FormTextarea/FormTextarea.tsx

@@ -1,97 +0,0 @@
-import {
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@/components/ui/v3/form';
-import { Textarea } from '@/components/ui/v3/textarea';
-import { cn } from '@/lib/utils';
-import { forwardRef, type ForwardedRef, type ReactNode } from 'react';
-import type { Control, FieldPath, FieldValues } from 'react-hook-form';
-import { mergeRefs } from 'react-merge-refs';
-
-const inputClasses =
-  '!bg-transparent aria-[invalid=true]:border-red-500 aria-[invalid=true]:focus:border-red-500 aria-[invalid=true]:focus:ring-red-500';
-
-interface FormTextareaProps<
-  TFieldValues extends FieldValues = FieldValues,
-  TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
-> {
-  control: Control<TFieldValues>;
-  name: TName;
-  label: ReactNode;
-  placeholder?: string;
-  className?: string;
-  inline?: boolean;
-  helperText?: string | null;
-}
-
-function InnerFormTextarea<
-  TFieldValues extends FieldValues = FieldValues,
-  TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
->(
-  {
-    control,
-    name,
-    label,
-    placeholder,
-    className = '',
-    inline,
-    helperText,
-  }: FormTextareaProps<TFieldValues, TName>,
-  ref: ForwardedRef<HTMLTextAreaElement>,
-) {
-  return (
-    <FormField
-      control={control}
-      name={name}
-      render={({ field }) => (
-        <FormItem
-          className={cn({ 'flex w-full items-center gap-4 py-3': inline })}
-        >
-          <FormLabel
-            className={cn({
-              'mt-2 w-52 max-w-52 flex-shrink-0 self-start': inline,
-            })}
-          >
-            {label}
-          </FormLabel>
-          <div
-            className={cn({
-              'flex w-[calc(100%-13.5rem)] max-w-[calc(100%-13.5rem)] flex-col gap-2':
-                inline,
-            })}
-          >
-            <FormControl>
-              <Textarea
-                placeholder={placeholder}
-                {...field}
-                ref={mergeRefs([field.ref, ref])}
-                className={cn(inputClasses, className)}
-              />
-            </FormControl>
-            {!!helperText && (
-              <FormDescription className="break-all px-[1px]">
-                {helperText}
-              </FormDescription>
-            )}
-            <FormMessage />
-          </div>
-        </FormItem>
-      )}
-    />
-  );
-}
-
-const FormTextarea = forwardRef(InnerFormTextarea) as <
-  TFieldValues extends FieldValues = FieldValues,
-  TName extends FieldPath<TFieldValues> = FieldPath<TFieldValues>,
->(
-  props: FormTextareaProps<TFieldValues, TName> & {
-    ref: ForwardedRef<HTMLTextAreaElement>;
-  },
-) => ReturnType<typeof InnerFormTextarea>;
-
-export default FormTextarea;

dashboard/src/components/form/FormTextarea/index.ts

@@ -1 +0,0 @@
-export { default as FormTextarea } from './FormTextarea';

dashboard/src/components/layout/AuthenticatedLayout/AuthenticatedLayout.tsx

@@ -127,17 +127,14 @@ export default function AuthenticatedLayout({
         className="relative flex h-full flex-row overflow-hidden"
         ref={setMainNavContainer}
       >
-        {withMainNav && mainNavPinned && isMdOrLarger && <PinnedMainNav />}
+        {mainNavPinned && isMdOrLarger && <PinnedMainNav />}
 
         <div
-          className={cn(
-            'bg-accent-background relative flex h-full w-full flex-row',
-            {
-              'overflow-x-auto': mainNavPinned && isMdOrLarger && withMainNav,
-            },
-          )}
+          className={cn('relative flex h-full w-full flex-row bg-accent', {
+            'overflow-x-auto': mainNavPinned && isMdOrLarger && withMainNav,
+          })}
         >
-          {withMainNav && (!mainNavPinned || !isMdOrLarger) && (
+          {(!mainNavPinned || !isMdOrLarger) && (
             <div className="flex h-full w-6 justify-center">
               <MainNav container={mainNavContainer} />
             </div>

dashboard/src/components/layout/MainNav/NavTree.tsx

@@ -482,9 +482,9 @@ export default function NavTree() {
                 }
               }}
               className={cn(
-                'flex h-8 w-full flex-row justify-start gap-1 bg-background px-1 text-foreground hover:bg-accent',
+                'flex h-8 w-full flex-row justify-start gap-1 bg-background px-1 text-foreground hover:bg-accent dark:hover:bg-muted',
                 {
-                  'bg-[#ebf3ff] hover:bg-accent dark:bg-muted':
+                  'bg-[#ebf3ff] hover:bg-[#ebf3ff] dark:bg-muted':
                     context.isFocused,
                 },
                 item.data.disabled && 'pointer-events-none opacity-50',

dashboard/src/components/presentational/ReadOnlyToggle/ReadOnlyToggle.stories.tsx

@@ -0,0 +1,48 @@
+import type { ComponentMeta, ComponentStory } from '@storybook/react';
+import type { PropsWithoutRef } from 'react';
+
+import type { ReadOnlyToggleProps } from './ReadOnlyToggle';
+import ReadOnlyToggle from './ReadOnlyToggle';
+
+export default {
+  title: 'Common Components / ReadOnlyToggle',
+  component: ReadOnlyToggle,
+  argTypes: {
+    checked: {
+      options: [null, true, false],
+      control: { type: 'radio' },
+    },
+  },
+} as ComponentMeta<typeof ReadOnlyToggle>;
+
+const Template: ComponentStory<typeof ReadOnlyToggle> = function Template(
+  args: PropsWithoutRef<ReadOnlyToggleProps>,
+) {
+  return <ReadOnlyToggle {...args} />;
+};
+
+export const Null = Template.bind({});
+Null.args = {
+  checked: null,
+};
+
+export const True = Template.bind({});
+True.args = {
+  checked: true,
+};
+
+export const False = Template.bind({});
+False.args = {
+  checked: false,
+};
+
+export const CustomClasses = Template.bind({});
+CustomClasses.args = {
+  checked: true,
+  className: '!bg-red-500',
+  slotProps: {
+    label: {
+      className: '!text-sm !text-white',
+    },
+  },
+};

dashboard/src/components/presentational/ReadOnlyToggle/ReadOnlyToggle.tsx

@@ -1,11 +1,9 @@
-import { cn } from '@/lib/utils';
-import type {
-  DetailedHTMLProps,
-  ForwardedRef,
-  HTMLAttributes,
-  HTMLProps,
-} from 'react';
+import { Box } from '@/components/ui/v2/Box';
+import type { TextProps } from '@/components/ui/v2/Text';
+import { Text } from '@/components/ui/v2/Text';
+import type { DetailedHTMLProps, ForwardedRef, HTMLProps } from 'react';
 import { forwardRef } from 'react';
+import { twMerge } from 'tailwind-merge';
 
 export type ReadOnlyToggleProps = Omit<
   DetailedHTMLProps<HTMLProps<HTMLSpanElement>, HTMLSpanElement>,
@@ -26,7 +24,7 @@ export type ReadOnlyToggleProps = Omit<
     /**
      * Props passed to the label.
      */
-    label?: HTMLAttributes<HTMLSpanElement>;
+    label?: TextProps;
   };
 };
 
@@ -38,44 +36,58 @@ function ReadOnlyToggle(
     <span
       {...props}
       {...(slotProps?.root || {})}
-      className={cn(
+      className={twMerge(
         'inline-grid h-full w-full grid-flow-col items-center justify-start gap-1.5',
         slotProps?.root?.className,
         className,
       )}
       ref={ref}
     >
-      <span
-        className={cn(
-          'box-border inline-grid h-3 w-5 items-center rounded-full border-1 border-primary-text bg-transparent px-0.5',
-          checked && 'justify-end',
-          {
-            'border-transparent bg-primary-text px-0.5 dark:bg-[#363a43]':
-              checked,
+      <Box
+        component="span"
+        sx={{
+          backgroundColor: (theme) => {
+            if (checked) {
+              return theme.palette.mode === 'dark' ? 'grey.400' : 'grey.700';
+            }
+
+            return 'transparent';
           },
+          borderColor: checked ? 'transparent' : 'grey.700',
+        }}
+        className={twMerge(
+          'box-border inline-grid h-3 w-5 items-center rounded-full border-1 px-0.5',
+          checked === true && 'justify-end',
         )}
       >
-        <span
-          className={cn(
-            'inline-block h-2 w-2 rounded-full border-primary-text bg-primary-text',
-            {
-              'border-transparent bg-data-cell-bg px-0.5 dark:bg-[#f4f7f9]':
-                checked,
-              'my-px h-px justify-self-center': checked === null,
+        <Box
+          component="span"
+          sx={{
+            backgroundColor: (theme) => {
+              if (checked) {
+                return theme.palette.mode === 'dark' ? 'grey.700' : 'grey.200';
+              }
+
+              return 'grey.700';
             },
+          }}
+          className={twMerge(
+            'inline-block h-2 w-2 rounded-full',
+            checked === null && 'my-px h-px justify-self-center',
           )}
         />
-      </span>
+      </Box>
 
-      <span
+      <Text
         {...(slotProps?.label || {})}
-        className={cn(
+        component="span"
+        className={twMerge(
           'truncate !text-xs font-normal',
           slotProps?.label?.className,
         )}
       >
         {String(checked)}
-      </span>
+      </Text>
     </span>
   );
 }

dashboard/src/components/ui/v2/Button/Button.stories.tsx

@@ -0,0 +1,125 @@
+import { PlusCircleIcon } from '@/components/ui/v2/icons/PlusCircleIcon';
+import { PlusIcon } from '@/components/ui/v2/icons/PlusIcon';
+import type { Meta, StoryFn } from '@storybook/react';
+import type { ButtonProps } from './Button';
+import Button from './Button';
+
+export default {
+  title: 'UI Library / Button',
+  component: Button,
+  argTypes: {
+    variant: {
+      options: ['contained', 'outlined', 'borderless'],
+      control: { type: 'radio' },
+    },
+    color: {
+      options: ['primary', 'secondary', 'error'],
+      control: { type: 'radio' },
+    },
+    disabled: {
+      control: { type: 'boolean' },
+    },
+    size: {
+      options: ['small', 'medium', 'large'],
+      control: { type: 'radio' },
+    },
+  },
+} as Meta<typeof Button>;
+
+const Template: StoryFn<ButtonProps> = function TemplateFunction(
+  args: ButtonProps,
+) {
+  return <Button {...args} />;
+};
+
+export const Primary = Template.bind({});
+Primary.args = {
+  children: 'Button',
+  color: 'primary',
+};
+
+export const PrimaryOutlined = Template.bind({});
+PrimaryOutlined.args = {
+  children: 'Button',
+  variant: 'outlined',
+  color: 'primary',
+};
+
+export const PrimaryBorderless = Template.bind({});
+PrimaryBorderless.args = {
+  children: 'Button',
+  variant: 'borderless',
+  color: 'primary',
+};
+
+export const Secondary = Template.bind({});
+Secondary.args = {
+  children: 'Button',
+  color: 'secondary',
+};
+
+export const SecondaryOutlined = Template.bind({});
+SecondaryOutlined.args = {
+  children: 'Button',
+  variant: 'outlined',
+  color: 'secondary',
+};
+
+export const SecondaryBorderless = Template.bind({});
+SecondaryBorderless.args = {
+  children: 'Button',
+  variant: 'borderless',
+  color: 'secondary',
+};
+
+export const Danger = Template.bind({});
+Danger.args = {
+  children: 'Button',
+  color: 'error',
+};
+
+export const DangerOutlined = Template.bind({});
+DangerOutlined.args = {
+  children: 'Button',
+  variant: 'outlined',
+  color: 'error',
+};
+
+export const DangerBorderless = Template.bind({});
+DangerBorderless.args = {
+  children: 'Button',
+  variant: 'borderless',
+  color: 'error',
+};
+
+export const Small = Template.bind({});
+Small.args = {
+  children: 'Button',
+  variant: 'contained',
+  color: 'primary',
+  size: 'small',
+};
+
+export const Large = Template.bind({});
+Large.args = {
+  children: 'Button',
+  variant: 'contained',
+  color: 'primary',
+  size: 'large',
+};
+
+export const WithStartIcon = Template.bind({});
+WithStartIcon.args = {
+  children: 'Button',
+  variant: 'contained',
+  color: 'primary',
+  startIcon: <PlusIcon />,
+};
+
+export const WithEndIcon = Template.bind({});
+WithEndIcon.args = {
+  children: 'Button',
+  variant: 'contained',
+  color: 'primary',
+  endIcon: <PlusCircleIcon />,
+};

dashboard/src/components/ui/v2/Chip/Chip.stories.tsx

@@ -0,0 +1,86 @@
+import { XIcon } from '@/components/ui/v2/icons/XIcon';
+import type { ComponentMeta, ComponentStory } from '@storybook/react';
+import type { ChipProps } from './Chip';
+import Chip from './Chip';
+
+export default {
+  title: 'UI Library / Chip',
+  component: Chip,
+  argTypes: {
+    variant: {
+      options: ['contained', 'outlined'],
+      control: { type: 'radio' },
+    },
+    color: {
+      options: ['primary', 'secondary', 'error', 'info'],
+      control: { type: 'radio' },
+    },
+    disabled: {
+      control: { type: 'boolean' },
+    },
+    size: {
+      options: ['small', 'medium'],
+      control: { type: 'radio' },
+    },
+  },
+} as ComponentMeta<typeof Chip>;
+
+const Template: ComponentStory<typeof Chip> = function Template(
+  args: ChipProps,
+) {
+  return <Chip {...args} />;
+};
+
+export const Primary = Template.bind({});
+Primary.args = {
+  label: 'Chip',
+  color: 'primary',
+};
+
+export const PrimaryOutlined = Template.bind({});
+PrimaryOutlined.args = {
+  label: 'Chip',
+  variant: 'outlined',
+  color: 'primary',
+};
+
+export const Secondary = Template.bind({});
+Secondary.args = {
+  label: 'Chip',
+  color: 'secondary',
+};
+
+export const SecondaryOutlined = Template.bind({});
+SecondaryOutlined.args = {
+  label: 'Chip',
+  variant: 'outlined',
+  color: 'secondary',
+};
+
+export const Danger = Template.bind({});
+Danger.args = {
+  label: 'Chip',
+  color: 'error',
+};
+
+export const DangerOutlined = Template.bind({});
+DangerOutlined.args = {
+  label: 'Chip',
+  variant: 'outlined',
+  color: 'error',
+};
+
+export const Small = Template.bind({});
+Small.args = {
+  label: 'Chip',
+  color: 'primary',
+  size: 'small',
+};
+
+export const WithDeleteIcon = Template.bind({});
+WithDeleteIcon.args = {
+  label: 'Chip',
+  color: 'primary',
+  deleteIcon: <XIcon />,
+  onDelete: () => {},
+};

dashboard/src/components/ui/v2/Select/Select.stories.tsx

@@ -0,0 +1,38 @@
+import { Option } from '@/components/ui/v2/Option';
+import type { Meta, StoryFn } from '@storybook/react';
+import type { SelectProps } from './Select';
+import Select from './Select';
+
+export default {
+  title: 'UI Library / Select',
+  component: Select,
+  argTypes: {},
+} as Meta<typeof Select>;
+
+const Template: StoryFn<SelectProps<any>> = function TemplateFunction(args) {
+  return (
+    <Select className="w-64" {...args}>
+      <Option value="value1">Value 1</Option>
+      <Option value="value2">Value 2</Option>
+      <Option value="value3">Value 3</Option>
+      <Option value="value4">Value 4</Option>
+    </Select>
+  );
+};
+
+export const Default = Template.bind({});
+Default.args = {
+  defaultValue: 'value1',
+};
+
+export const WithLabel = Template.bind({});
+WithLabel.args = {
+  label: 'Label',
+};
+
+export const Disabled = Template.bind({});
+Disabled.args = {
+  label: 'Label',
+  disabled: true,
+  defaultValue: 'value1',
+};

dashboard/src/components/ui/v2/Switch/Switch.stories.tsx

@@ -0,0 +1,28 @@
+import type { Meta, StoryFn } from '@storybook/react';
+import type { SwitchProps } from './Switch';
+import Switch from './Switch';
+
+export default {
+  title: 'UI Library / Switch',
+  component: Switch,
+  argTypes: {},
+} as Meta<typeof Switch>;
+
+const Template: StoryFn<SwitchProps> = function TemplateFunction(
+  args: SwitchProps,
+) {
+  return <Switch label="Accept Rules" {...args} />;
+};
+
+export const Default = Template.bind({});
+Default.args = {};
+
+export const Checked = Template.bind({});
+Checked.args = {
+  checked: true,
+};
+
+export const Disabled = Template.bind({});
+Disabled.args = {
+  disabled: true,
+};

dashboard/src/components/ui/v2/icons/KeyIcon/KeyIcon.tsx

@@ -0,0 +1,32 @@
+import type { IconProps } from '@/components/ui/v2/icons';
+import { SvgIcon } from '@/components/ui/v2/icons/SvgIcon';
+
+function KeyIcon(props: IconProps) {
+  return (
+    <SvgIcon
+      width="16"
+      height="16"
+      xmlns="http://www.w3.org/2000/svg"
+      viewBox="0 0 16 16"
+      aria-label="Key"
+      {...props}
+    >
+      <path
+        d="M5.823 7.677a4.496 4.496 0 1 1 2.5 2.5L7.5 11H6v1.5H4.5V14H2v-2.5l3.823-3.823Z"
+        stroke="currentColor"
+        fill="none"
+        strokeWidth="1.5"
+        strokeLinejoin="round"
+      />
+
+      <path
+        d="M10.5 7a1.5 1.5 0 1 0 0-3 1.5 1.5 0 0 0 0 3Z"
+        fill="currentColor"
+      />
+    </SvgIcon>
+  );
+}
+
+KeyIcon.displayName = 'NhostKeyIcon';
+
+export default KeyIcon;

dashboard/src/components/ui/v2/icons/KeyIcon/index.ts

@@ -0,0 +1 @@
+export { default as KeyIcon } from './KeyIcon';

dashboard/src/components/ui/v3/badge.tsx

@@ -11,7 +11,7 @@ const badgeVariants = cva(
         default:
           'border-transparent bg-primary text-primary-foreground hover:bg-primary/80 dark:text-white',
         secondary:
-          'border-transparent bg-card text-secondary-foreground hover:bg-secondary/80',
+          'border-transparent bg-secondary text-secondary-foreground hover:bg-secondary/80',
         destructive:
           'border-transparent bg-destructive text-destructive-foreground hover:bg-destructive/80',
         outline: 'text-foreground',

dashboard/src/components/ui/v3/button-group.tsx

@@ -1,83 +0,0 @@
-import { Slot } from "@radix-ui/react-slot"
-import { cva, type VariantProps } from "class-variance-authority"
-
-import { cn } from "@/lib/utils"
-import { Separator } from "@/components/ui/v3/separator"
-
-const buttonGroupVariants = cva(
-  "flex w-fit items-stretch has-[>[data-slot=button-group]]:gap-2 [&>*]:focus-visible:relative [&>*]:focus-visible:z-10 has-[select[aria-hidden=true]:last-child]:[&>[data-slot=select-trigger]:last-of-type]:rounded-r-md [&>[data-slot=select-trigger]:not([class*='w-'])]:w-fit [&>input]:flex-1",
-  {
-    variants: {
-      orientation: {
-        horizontal:
-          "[&>*:not(:first-child)]:rounded-l-none [&>*:not(:first-child)]:border-l-0 [&>*:not(:last-child)]:rounded-r-none",
-        vertical:
-          "flex-col [&>*:not(:first-child)]:rounded-t-none [&>*:not(:first-child)]:border-t-0 [&>*:not(:last-child)]:rounded-b-none",
-      },
-    },
-    defaultVariants: {
-      orientation: "horizontal",
-    },
-  }
-)
-
-function ButtonGroup({
-  className,
-  orientation,
-  ...props
-}: React.ComponentProps<"div"> & VariantProps<typeof buttonGroupVariants>) {
-  return (
-    <div
-      role="group"
-      data-slot="button-group"
-      data-orientation={orientation}
-      className={cn(buttonGroupVariants({ orientation }), className)}
-      {...props}
-    />
-  )
-}
-
-function ButtonGroupText({
-  className,
-  asChild = false,
-  ...props
-}: React.ComponentProps<"div"> & {
-  asChild?: boolean
-}) {
-  const Comp = asChild ? Slot : "div"
-
-  return (
-    <Comp
-      className={cn(
-        "bg-muted shadow-xs flex items-center gap-2 rounded-md border px-4 text-sm font-medium [&_svg:not([class*='size-'])]:size-4 [&_svg]:pointer-events-none",
-        className
-      )}
-      {...props}
-    />
-  )
-}
-
-function ButtonGroupSeparator({
-  className,
-  orientation = "vertical",
-  ...props
-}: React.ComponentProps<typeof Separator>) {
-  return (
-    <Separator
-      data-slot="button-group-separator"
-      orientation={orientation}
-      className={cn(
-        "bg-input relative !m-0 self-stretch data-[orientation=vertical]:h-auto",
-        className
-      )}
-      {...props}
-    />
-  )
-}
-
-export {
-  ButtonGroup,
-  ButtonGroupSeparator,
-  ButtonGroupText,
-  buttonGroupVariants,
-}

dashboard/src/components/ui/v3/button.tsx

@@ -16,8 +16,8 @@ const buttonVariants = cva(
         outline:
           'border bg-background hover:bg-accent hover:text-accent-foreground',
         secondary:
-          'bg-secondary text-secondary-foreground hover:bg-secondary-hover',
-        ghost: 'hover:bg-accent text-accent-foreground',
+          'bg-secondary text-secondary-foreground hover:bg-secondary/80',
+        ghost: 'hover:bg-accent hover:text-accent-foreground',
         link: 'text-primary underline-offset-4 hover:underline',
       },
       size: {

dashboard/src/components/ui/v3/checkbox.tsx

@@ -11,15 +11,15 @@ const Checkbox = React.forwardRef<
   <CheckboxPrimitive.Root
     ref={ref}
     className={cn(
-      'peer h-4 w-4 shrink-0 rounded-sm border border-primary ring-offset-background focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:border-disabled disabled:bg-disabled disabled:opacity-50 data-[state=checked]:bg-primary data-[state=checked]:text-primary-foreground',
+      'peer h-4 w-4 shrink-0 rounded-sm border border-primary ring-offset-background focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 data-[state=checked]:bg-primary data-[state=checked]:text-primary-foreground',
       className,
     )}
     {...props}
   >
     <CheckboxPrimitive.Indicator
-      className={cn('flex items-center justify-center text-white')}
+      className={cn('flex items-center justify-center text-current')}
     >
-      <Check width={16} height={16} strokeWidth={3} />
+      <Check className="h-4 w-4" />
     </CheckboxPrimitive.Indicator>
   </CheckboxPrimitive.Root>
 ));

dashboard/src/components/ui/v3/dialog.tsx

@@ -31,7 +31,6 @@ interface DialogContentProps
   extends React.ComponentPropsWithoutRef<typeof DialogPrimitive.Content> {
   disableOutsideClick?: boolean;
   hideCloseButton?: boolean;
-  closeButtonClassName?: string;
 }
 
 const DialogContent = React.forwardRef<
@@ -39,14 +38,7 @@ const DialogContent = React.forwardRef<
   DialogContentProps
 >(
   (
-    {
-      className,
-      children,
-      disableOutsideClick,
-      hideCloseButton,
-      closeButtonClassName,
-      ...props
-    },
+    { className, children, disableOutsideClick, hideCloseButton, ...props },
     ref,
   ) => (
     <DialogPortal>
@@ -66,12 +58,7 @@ const DialogContent = React.forwardRef<
         >
           {children}
           {!hideCloseButton && (
-            <DialogPrimitive.Close
-              className={cn(
-                'absolute right-4 top-4 rounded-sm opacity-70 ring-offset-background transition-opacity hover:opacity-100 focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2 disabled:pointer-events-none data-[state=open]:bg-accent-background data-[state=open]:text-muted-foreground',
-                closeButtonClassName,
-              )}
-            >
+            <DialogPrimitive.Close className="absolute right-4 top-4 rounded-sm opacity-70 ring-offset-background transition-opacity hover:opacity-100 focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2 disabled:pointer-events-none data-[state=open]:bg-accent data-[state=open]:text-muted-foreground">
               <X className="h-4 w-4" />
               <span className="sr-only">Close</span>
             </DialogPrimitive.Close>

dashboard/src/components/ui/v3/inline-code.tsx

@@ -5,11 +5,11 @@ export function InlineCode({
   children,
   className,
   ...props
-}: PropsWithChildren<React.HTMLAttributes<HTMLElement>>) {
+}: PropsWithChildren<{ className?: string }>) {
   return (
     <code
       className={cn(
-        'relative max-w-xs truncate rounded bg-[#eaedf0] px-1 font-mono text-[11px] dark:bg-[#2f363d]',
+        'relative rounded bg-[#eaedf0] px-1 font-mono text-[11px] dark:bg-[#2f363d]',
         className,
       )}
       {...props}