New translations en.json (German)

Co-authored-by: stonith404 <58886915+stonith404@users.noreply.github.com>

.version

@@ -1 +1 @@
-1.15.0
+1.16.0

CHANGELOG.md

@@ -1,3 +1,44 @@
+## v1.16.0
+
+### Bug Fixes
+
+- use `quoted-printable` encoding for mails to prevent line limitation ([5cf73e9](https://github.com/pocket-id/pocket-id/commit/5cf73e9309640d097ba94d97851cf502b7b2e063) by @stonith404)
+- automatically create parent directory of Sqlite db ([cfc9e46](https://github.com/pocket-id/pocket-id/commit/cfc9e464d983b051e7ed4da1620fae61dc73cff2) by @stonith404)
+- global audit log user filter not working ([d98c0a3](https://github.com/pocket-id/pocket-id/commit/d98c0a391a747f9eea70ea01c3f984264a4a7a19) by @stonith404)
+- theme mode not correctly applied if selected manually ([a1cd325](https://github.com/pocket-id/pocket-id/commit/a1cd3251cd2b7d7aca610696ef338c5d01fdce2e) by @stonith404)
+- hide theme switcher on auth pages because of dynamic background ([5d6a7fd](https://github.com/pocket-id/pocket-id/commit/5d6a7fdb58b6b82894dcb9be3b9fe6ca3e53f5fa) by @stonith404)
+
+### Documentation
+
+- add `ENCRYPTION_KEY` to `.env.example` for breaking change preparation ([4eeb06f](https://github.com/pocket-id/pocket-id/commit/4eeb06f29d984164939bf66299075efead87ee19) by @stonith404)
+
+### Features
+
+- light/dark/system mode switcher ([#1081](https://github.com/pocket-id/pocket-id/pull/1081) by @kmendell)
+- add support for S3 storage backend ([#1080](https://github.com/pocket-id/pocket-id/pull/1080) by @stonith404)
+- add support for WEBP profile pictures ([#1090](https://github.com/pocket-id/pocket-id/pull/1090) by @stonith404)
+- add database storage backend ([#1091](https://github.com/pocket-id/pocket-id/pull/1091) by @ItalyPaleAle)
+- adding/removing passkeys creates an entry in audit logs ([#1099](https://github.com/pocket-id/pocket-id/pull/1099) by @ItalyPaleAle)
+- add option to disable S3 integrity check ([a3c9687](https://github.com/pocket-id/pocket-id/commit/a3c968758a17e95b2e55ae179d6601d8ec2cf052) by @stonith404)
+- add `Cache-Control: private, no-store` to all API routes per default ([#1126](https://github.com/pocket-id/pocket-id/pull/1126) by @stonith404)
+
+### Other
+
+- update pnpm to 10.20 ([#1082](https://github.com/pocket-id/pocket-id/pull/1082) by @kmendell)
+- run checks on PR to `breaking/**` branches ([ab9c0f9](https://github.com/pocket-id/pocket-id/commit/ab9c0f9ac092725c70ec3a963f57bc739f425d4f) by @stonith404)
+- use constants for AppEnv values ([#1098](https://github.com/pocket-id/pocket-id/pull/1098) by @ItalyPaleAle)
+- bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /backend in the go_modules group across 1 directory ([#1107](https://github.com/pocket-id/pocket-id/pull/1107) by @dependabot[bot])
+- add Finish files ([ca888b3](https://github.com/pocket-id/pocket-id/commit/ca888b3dd221a209df5e7beb749156f7ea21e1c0) by @stonith404)
+- upgrade dependencies ([4bde271](https://github.com/pocket-id/pocket-id/commit/4bde271b4715f59bd2ed1f7c18a867daf0f26b8b) by @stonith404)
+- fix Dutch validation message ([f523f39](https://github.com/pocket-id/pocket-id/commit/f523f39483a06256892d17dc02528ea009c87a9f) by @stonith404)
+- fix package vulnerabilities ([3d46bad](https://github.com/pocket-id/pocket-id/commit/3d46badb3cecc1ee8eb8bfc9b377108be32d4ffc) by @stonith404)
+- update vscode launch.json ([#1117](https://github.com/pocket-id/pocket-id/pull/1117) by @mnestor)
+- rename file backend value `fs` to `filesystem` ([8d30346](https://github.com/pocket-id/pocket-id/commit/8d30346f642b483653f7a3dec006cb0273927afb) by @stonith404)
+- fix wrong storage value ([b2c718d](https://github.com/pocket-id/pocket-id/commit/b2c718d13d12b6c152e19974d3490c2ed7f5d51d) by @stonith404)
+- run formatter ([14c7471](https://github.com/pocket-id/pocket-id/commit/14c7471b5272cdaf42751701d842348d0d60cd0e) by @stonith404)
+
+**Full Changelog**: https://github.com/pocket-id/pocket-id/compare/v1.15.0...v1.16.0
+
 ## v1.15.0
 
 ### Bug Fixes

backend/internal/bootstrap/router_bootstrap.go

@@ -63,6 +63,7 @@ func initRouterInternal(db *gorm.DB, svc *services) (utils.Service, error) {
 	rateLimitMiddleware := middleware.NewRateLimitMiddleware().Add(rate.Every(time.Second), 60)
 
 	// Setup global middleware
+	r.Use(middleware.NewCacheControlMiddleware().Add())
 	r.Use(middleware.NewCorsMiddleware().Add())
 	r.Use(middleware.NewCspMiddleware().Add())
 	r.Use(middleware.NewErrorHandlerMiddleware().Add())

backend/internal/middleware/cache_control.go

@@ -0,0 +1,26 @@
+package middleware
+
+import "github.com/gin-gonic/gin"
+
+// CacheControlMiddleware sets a safe default Cache-Control header on responses
+// that do not already specify one. This prevents proxies from caching
+// authenticated responses that might contain private data.
+type CacheControlMiddleware struct {
+	headerValue string
+}
+
+func NewCacheControlMiddleware() *CacheControlMiddleware {
+	return &CacheControlMiddleware{
+		headerValue: "private, no-store",
+	}
+}
+
+func (m *CacheControlMiddleware) Add() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if c.Writer.Header().Get("Cache-Control") == "" {
+			c.Header("Cache-Control", m.headerValue)
+		}
+
+		c.Next()
+	}
+}

backend/internal/middleware/cache_control_test.go

@@ -0,0 +1,45 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/require"
+)
+
+func TestCacheControlMiddlewareSetsDefault(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	router := gin.New()
+	router.Use(NewCacheControlMiddleware().Add())
+
+	router.GET("/test", func(c *gin.Context) {
+		c.Status(http.StatusOK)
+	})
+
+	req := httptest.NewRequest(http.MethodGet, "/test", http.NoBody)
+	w := httptest.NewRecorder()
+
+	router.ServeHTTP(w, req)
+
+	require.Equal(t, "private, no-store", w.Header().Get("Cache-Control"))
+}
+
+func TestCacheControlMiddlewarePreservesExistingHeader(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	router := gin.New()
+	router.Use(NewCacheControlMiddleware().Add())
+
+	router.GET("/custom", func(c *gin.Context) {
+		c.Header("Cache-Control", "public, max-age=60")
+		c.Status(http.StatusOK)
+	})
+
+	req := httptest.NewRequest(http.MethodGet, "/custom", http.NoBody)
+	w := httptest.NewRecorder()
+
+	router.ServeHTTP(w, req)
+
+	require.Equal(t, "public, max-age=60", w.Header().Get("Cache-Control"))
+}

frontend/.prettierrc

@@ -3,6 +3,6 @@
 	"singleQuote": true,
 	"trailingComma": "none",
 	"printWidth": 100,
-	"plugins": ["prettier-plugin-svelte", "prettier-plugin-tailwindcss"],
+	"plugins": ["prettier-plugin-tailwindcss", "prettier-plugin-svelte"],
 	"overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }]
 }

frontend/messages/cs.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilový obrázek",
 	"profile_picture_is_managed_by_ldap_server": "Profilový obrázek je spravován LDAP serverem a nelze jej zde změnit.",
 	"click_profile_picture_to_upload_custom": "Klikněte na profilový obrázek pro nahrání vlastního ze souborů.",
-	"image_should_be_in_format": "Obrázek by měl být ve formátu PNG nebo JPEG.",
+	"image_should_be_in_format": "Obrázek by měl být ve formátu PNG, JPEG nebo WEBP.",
 	"items_per_page": "Položek na stránku",
 	"no_items_found": "Nenalezeny žádné položky",
 	"select_items": "Vyberte položky...",

frontend/messages/da.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilbillede",
 	"profile_picture_is_managed_by_ldap_server": "Profilbilledet administreres af LDAP-serveren og kan ikke ændres her.",
 	"click_profile_picture_to_upload_custom": "Klik på profilbilledet for at uploade et brugerdefineret billede fra dine filer.",
-	"image_should_be_in_format": "Billedet skal være i PNG eller JPEG-format.",
+	"image_should_be_in_format": "Billedet skal være i PNG, JPEG eller WEBP-format.",
 	"items_per_page": "Emner pr. side",
 	"no_items_found": "Ingen emner fundet",
 	"select_items": "Vælg emner...",

frontend/messages/de.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilbild",
 	"profile_picture_is_managed_by_ldap_server": "Das Profilbild wird vom LDAP-Server verwaltet und kann hier nicht geändert werden.",
 	"click_profile_picture_to_upload_custom": "Klicke auf das Profilbild, um ein benutzerdefiniertes Bild aus deinen Dateien hochzuladen.",
-	"image_should_be_in_format": "Das Bild sollte im PNG- oder JPEG-Format vorliegen.",
+	"image_should_be_in_format": "Das Bild sollte im PNG-, JPEG- oder WEBP-Format sein.",
 	"items_per_page": "Einträge pro Seite",
 	"no_items_found": "Keine Einträge gefunden",
 	"select_items": "Elemente auswählen...",
@@ -443,7 +443,7 @@
 	"client_launch_url_description": "Die URL, die geöffnet wird, wenn jemand die App von der Seite „Meine Apps“ startet.",
 	"client_name_description": "Der Name des Clients, der in der Pocket ID-Benutzeroberfläche angezeigt wird.",
 	"revoke_access": "Zugriff widerrufen",
-	"revoke_access_description": "Zugriff widerrufen <b>{clientName}</b>. <b>{clientName}</b> kann nicht mehr auf deine Kontoinfos zugreifen.",
+	"revoke_access_description": "Zugriff auf <b>{clientName}</b> widerrufen. <b>{clientName}</b> kann nicht mehr auf deine Kontoinformationen zugreifen.",
 	"revoke_access_successful": "Der Zugriff auf „ {clientName} “ wurde erfolgreich gesperrt.",
 	"last_signed_in_ago": "Zuletzt angemeldet vor {time} Stunden",
 	"invalid_client_id": "Die Kunden-ID darf nur Buchstaben, Zahlen, Unterstriche und Bindestriche haben.",

frontend/messages/en.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profile Picture",
 	"profile_picture_is_managed_by_ldap_server": "The profile picture is managed by the LDAP server and cannot be changed here.",
 	"click_profile_picture_to_upload_custom": "Click on the profile picture to upload a custom one from your files.",
-	"image_should_be_in_format": "The image should be in PNG or JPEG format.",
+	"image_should_be_in_format": "The image should be in PNG, JPEG or WEBP format.",
 	"items_per_page": "Items per page",
 	"no_items_found": "No items found",
 	"select_items": "Select items...",

frontend/messages/es.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Foto de perfil",
 	"profile_picture_is_managed_by_ldap_server": "La imagen de perfil es administrada por el servidor LDAP y no puede ser cambiada aquí.",
 	"click_profile_picture_to_upload_custom": "Haga clic en la imagen de perfil para subir una personalizada desde sus archivos.",
-	"image_should_be_in_format": "La imagen debe ser en formato PNG o JPEG.",
+	"image_should_be_in_format": "La imagen debe ser en formato PNG, JPEG o WEBP.",
 	"items_per_page": "Elementos por página",
 	"no_items_found": "No se encontraron elementos",
 	"select_items": "Seleccionar elementos...",

frontend/messages/fi.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profiilikuva",
 	"profile_picture_is_managed_by_ldap_server": "Profiilikuva hallitaan LDAP-palvelimella, eikä sitä voi muuttaa tässä.",
 	"click_profile_picture_to_upload_custom": "Napsauta profiilikuvaa ladataksesi kuvan tiedostoistasi.",
-	"image_should_be_in_format": "Kuvan tulee olla PNG- tai JPEG-muodossa.",
+	"image_should_be_in_format": "Kuvan tulee olla PNG-, JPEG- tai WEBP-muodossa.",
 	"items_per_page": "Kohteita per sivu",
 	"no_items_found": "Kohteita ei löytynyt",
 	"select_items": "Valitse kohteet...",

frontend/messages/fr.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Photo de profil",
 	"profile_picture_is_managed_by_ldap_server": "La photo de profil est gérée par le serveur LDAP et ne peut pas être modifiée ici.",
 	"click_profile_picture_to_upload_custom": "Cliquez sur la photo de profil pour télécharger une photo depuis votre ordinateur.",
-	"image_should_be_in_format": "L'image doit être au format PNG ou JPEG.",
+	"image_should_be_in_format": "L'image doit être au format PNG, JPEG ou WEBP.",
 	"items_per_page": "Éléments par page",
 	"no_items_found": "Aucune donnée trouvée",
 	"select_items": "Sélectionner des éléments...",

frontend/messages/it.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Immagine del profilo",
 	"profile_picture_is_managed_by_ldap_server": "L'immagine del profilo è gestita dal server LDAP e non può essere modificata qui.",
 	"click_profile_picture_to_upload_custom": "Clicca sull'immagine del profilo per caricarne una personalizzata dai tuoi file.",
-	"image_should_be_in_format": "L'immagine deve essere in formato PNG o JPEG.",
+	"image_should_be_in_format": "L'immagine deve essere in formato PNG, JPEG o WEBP.",
 	"items_per_page": "Elementi per pagina",
 	"no_items_found": "Nessun elemento trovato",
 	"select_items": "Scegli gli articoli...",

frontend/messages/ja.json

@@ -14,7 +14,7 @@
 	"profile_picture": "プロフィール画像",
 	"profile_picture_is_managed_by_ldap_server": "プロフィール画像はLDAPサーバーによって管理されており、ここでは変更できません。",
 	"click_profile_picture_to_upload_custom": "プロフィール画像をクリックして、ファイルからカスタム画像をアップロードします。",
-	"image_should_be_in_format": "画像はPNGまたはJPEG形式である必要があります。",
+	"image_should_be_in_format": "画像はPNG、JPEG、またはWEBP形式である必要があります。",
 	"items_per_page": "ページあたりの表示件数",
 	"no_items_found": "項目が見つかりません",
 	"select_items": "項目を選択…",

frontend/messages/ko.json

@@ -14,7 +14,7 @@
 	"profile_picture": "프로필 사진",
 	"profile_picture_is_managed_by_ldap_server": "프로필 사진이 LDAP 서버에서 관리되어 여기에서 변경할 수 없습니다.",
 	"click_profile_picture_to_upload_custom": "프로필 사진을 클릭하여 파일에서 사용자 정의 사진을 업로드하세요.",
-	"image_should_be_in_format": "이미지는 PNG 또는 JPEG 형식이어야 합니다.",
+	"image_should_be_in_format": "이미지는 PNG, JPEG 또는 WEBP 형식이어야 합니다.",
 	"items_per_page": "페이지당 항목",
 	"no_items_found": "항목 없음",
 	"select_items": "항목을 선택하세요...",

frontend/messages/nl.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profielfoto",
 	"profile_picture_is_managed_by_ldap_server": "De profielfoto wordt beheerd door de LDAP-server en kan hier niet worden gewijzigd.",
 	"click_profile_picture_to_upload_custom": "Klik op de profielfoto om een aangepaste foto uit je bestanden te uploaden.",
-	"image_should_be_in_format": "De afbeelding moet in PNG- of JPEG-formaat zijn.",
+	"image_should_be_in_format": "De afbeelding moet in PNG-, JPEG- of WEBP-formaat zijn.",
 	"items_per_page": "Aantal per pagina",
 	"no_items_found": "Geen items gevonden",
 	"select_items": "Kies items...",

frontend/messages/pl.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Zdjęcie profilowe",
 	"profile_picture_is_managed_by_ldap_server": "Zdjęcie profilowe jest zarządzane przez serwer LDAP i nie można go tutaj zmienić.",
 	"click_profile_picture_to_upload_custom": "Kliknij zdjęcie profilowe, aby przesłać własne z plików.",
-	"image_should_be_in_format": "Obraz powinien być w formacie PNG lub JPEG.",
+	"image_should_be_in_format": "Obraz powinien być w formacie PNG, JPEG lub WEBP.",
 	"items_per_page": "Elementów na stronę",
 	"no_items_found": "Nie znaleziono żadnych elementów",
 	"select_items": "Wybierz elementy...",

frontend/messages/pt-BR.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Foto de Perfil",
 	"profile_picture_is_managed_by_ldap_server": "A foto de perfil é gerenciada pelo servidor LDAP e não pode ser alterada aqui.",
 	"click_profile_picture_to_upload_custom": "Clique na foto de perfil para enviar uma imagem personalizada dos seus arquivos.",
-	"image_should_be_in_format": "A imagem deve estar no formato PNG ou JPEG.",
+	"image_should_be_in_format": "A imagem deve estar no formato PNG, JPEG ou WEBP.",
 	"items_per_page": "Itens por página",
 	"no_items_found": "Nada foi encontrado",
 	"select_items": "Selecione os itens...",

frontend/messages/ru.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Изображение профиля",
 	"profile_picture_is_managed_by_ldap_server": "Изображение профиля управляется сервером LDAP и не может быть изменено здесь.",
 	"click_profile_picture_to_upload_custom": "Нажмите на изображение профиля, чтобы загрузить его из ваших файлов.",
-	"image_should_be_in_format": "Изображение должно быть в формате PNG или JPEG.",
+	"image_should_be_in_format": "Изображение должно быть в формате PNG, JPEG или WEBP.",
 	"items_per_page": "Элементов на странице",
 	"no_items_found": "Элементы не найдены",
 	"select_items": "Выбрать элементы...",
@@ -155,7 +155,7 @@
 	"are_you_sure_you_want_to_revoke_the_api_key_apikeyname": "Вы уверены, что хотите отозвать ключ API \"{apiKeyName}\"? Любые интеграции, использующие этот ключ, перестанут работать.",
 	"last_used": "Последнее использование",
 	"actions": "Действия",
-	"images_updated_successfully": "Изображения обновились, но может занять пару минут.",
+	"images_updated_successfully": "Изображения успешно обновлены. Это может занять пару минут для обновления.",
 	"general": "Общее",
 	"configure_smtp_to_send_emails": "Включить уведомления пользователей по электронной почте при обнаружении логина с нового устройства или локации.",
 	"ldap": "LDAP",
@@ -331,10 +331,10 @@
 	"token_sign_in": "Вход с помощью токена",
 	"client_authorization": "Авторизация клиента",
 	"new_client_authorization": "Авторизация нового клиента",
-	"device_code_authorization": "Авторизация кода устройства",
-	"new_device_code_authorization": "Авторизация нового кода устройства",
-	"passkey_added": "Добавлен пароль",
-	"passkey_removed": "Удален ключ доступа",
+	"device_code_authorization": "Авторизация через код устройства",
+	"new_device_code_authorization": "Новая авторизация через код устройства",
+	"passkey_added": "Пасскей добавлен",
+	"passkey_removed": "Пасскей удален",
 	"disable_animations": "Отключить анимации",
 	"turn_off_ui_animations": "Отключить все анимации в интерфейсе.",
 	"user_disabled": "Учетная запись отключена",
@@ -467,7 +467,7 @@
 	"reauthentication": "Повторная аутентификация",
 	"clear_filters": "Сбросить фильтры",
 	"default_profile_picture": "Изображение профиля по умолчанию",
-	"light": "Свет",
-	"dark": "Темный",
-	"system": "Система"
+	"light": "Светлая",
+	"dark": "Темная",
+	"system": "Системная"
 }

frontend/messages/sv.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilbild",
 	"profile_picture_is_managed_by_ldap_server": "Profilbilden hanteras av LDAP-servern och kan inte ändras här.",
 	"click_profile_picture_to_upload_custom": "Klicka på profilbilden för att ladda upp en anpassad bild från dina filer.",
-	"image_should_be_in_format": "Bilden ska vara i PNG- eller JPEG-format.",
+	"image_should_be_in_format": "Bilden ska vara i PNG-, JPEG- eller WEBP-format.",
 	"items_per_page": "Objekt per sida",
 	"no_items_found": "Inga objekt hittades",
 	"select_items": "Välj objekt...",

frontend/messages/tr.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profil resmi",
 	"profile_picture_is_managed_by_ldap_server": "Profil resmi LDAP sunucusu tarafından yönetilmektedir ve burada değiştirilemez.",
 	"click_profile_picture_to_upload_custom": "Özel bir resim yüklemek için profil resmine tıklayın.",
-	"image_should_be_in_format": "Resim PNG veya JPEG formatın’da olmalıdır.",
+	"image_should_be_in_format": "Resim PNG, JPEG veya WEBP formatın’da olmalıdır.",
 	"items_per_page": "Sayfa başına öğe sayısı",
 	"no_items_found": "Hiçbir öğe bulunamadı",
 	"select_items": "Öğeleri seçin...",

frontend/messages/uk.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Фотографія профілю",
 	"profile_picture_is_managed_by_ldap_server": "Фотографія профілю управляється сервером LDAP і не може бути змінена тут.",
 	"click_profile_picture_to_upload_custom": "Натисніть на зображення профілю, щоб завантажити власне зображення.",
-	"image_should_be_in_format": "Зображення повинно бути у форматі PNG або JPEG.",
+	"image_should_be_in_format": "Зображення повинно бути у форматі PNG, JPEG або WEBP.",
 	"items_per_page": "Елементів на сторінці",
 	"no_items_found": "Нічого не знайдено",
 	"select_items": "Виберіть елементи...",

frontend/messages/vi.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Ảnh đại diện",
 	"profile_picture_is_managed_by_ldap_server": "Hình đại diện được quản lý bởi máy chủ LDAP và không thể thay đổi tại đây.",
 	"click_profile_picture_to_upload_custom": "Nhấp vào hình ảnh hồ sơ để tải lên hình ảnh tùy chỉnh.",
-	"image_should_be_in_format": "Hình ảnh phải ở định dạng PNG hoặc JPEG.",
+	"image_should_be_in_format": "Hình ảnh phải ở định dạng PNG, JPEG hoặc WEBP.",
 	"items_per_page": "Số kết quả mỗi trang",
 	"no_items_found": "Không tìm thấy kết quả nào",
 	"select_items": "Chọn các mục...",

frontend/messages/zh-CN.json

@@ -14,7 +14,7 @@
 	"profile_picture": "头像",
 	"profile_picture_is_managed_by_ldap_server": "头像由 LDAP 服务器管理，无法在此处更改。",
 	"click_profile_picture_to_upload_custom": "点击头像来从文件中上传您的自定义头像。",
-	"image_should_be_in_format": "图片应为 PNG 或 JPEG 格式。",
+	"image_should_be_in_format": "图片应为 PNG、JPEG 或 WEBP 格式。",
 	"items_per_page": "每页条数",
 	"no_items_found": "这里暂时空空如也",
 	"select_items": "选择项目……",

frontend/messages/zh-TW.json

@@ -14,7 +14,7 @@
 	"profile_picture": "個人資料圖片",
 	"profile_picture_is_managed_by_ldap_server": "這張個人資料圖片是由 LDAP 伺服器管理，無法在此變更。",
 	"click_profile_picture_to_upload_custom": "點擊個人資料圖片，從您的檔案中上傳自訂圖片。",
-	"image_should_be_in_format": "圖片應為 PNG 或 JPEG 格式。",
+	"image_should_be_in_format": "圖片應為 PNG、JPEG 或 WEBP 格式。",
 	"items_per_page": "每頁項目數",
 	"no_items_found": "找不到任何項目",
 	"select_items": "選擇項目...",

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pocket-id-frontend",
-  "version": "1.15.0",
+  "version": "1.16.0",
   "private": true,
   "type": "module",
   "scripts": {
@@ -45,7 +45,7 @@
     "formsnap": "^2.0.1",
     "globals": "^16.5.0",
     "mode-watcher": "^1.1.0",
-    "prettier": "^3.7.0",
+    "prettier": "^3.7.3",
     "prettier-plugin-svelte": "^3.4.0",
     "prettier-plugin-tailwindcss": "^0.7.1",
     "rollup": "^4.53.3",

frontend/src/app.css

@@ -1,6 +1,8 @@
 @import 'tailwindcss';
 @import 'tw-animate-css';
 
+@variant dark (&:where(.dark, .dark *));
+
 /*
   The default border color has changed to `currentcolor` in Tailwind CSS v4,
   so we've added these compatibility styles to make sure everything still

frontend/src/lib/components/form/searchable-multi-select.svelte

@@ -4,7 +4,7 @@
 	import * as Command from '$lib/components/ui/command';
 	import * as Popover from '$lib/components/ui/popover';
 	import { cn } from '$lib/utils/style';
-    import { m } from '$lib/paraglide/messages';
+	import { m } from '$lib/paraglide/messages';
 	import { LoaderCircle, LucideCheck, LucideChevronDown } from '@lucide/svelte';
 	import type { FormEventHandler } from 'svelte/elements';
 

frontend/src/lib/components/header/header.svelte

@@ -39,7 +39,9 @@
 			{/if}
 		</div>
 		<div class="flex items-center justify-between gap-4">
-			<ModeSwitcher />
+			{#if !isAuthPage}
+				<ModeSwitcher />
+			{/if}
 			{#if $userStore?.id}
 				<HeaderAvatar />
 			{/if}

frontend/src/lib/components/header/mode-switcher.svelte

@@ -1,11 +1,11 @@
 <script lang="ts">
-	import SunIcon from '@lucide/svelte/icons/sun';
 	import MoonIcon from '@lucide/svelte/icons/moon';
+	import SunIcon from '@lucide/svelte/icons/sun';
 
-	import { mode, resetMode, setMode } from 'mode-watcher';
-	import * as DropdownMenu from '$lib/components/ui/dropdown-menu/index.js';
 	import { buttonVariants } from '$lib/components/ui/button/index.js';
+	import * as DropdownMenu from '$lib/components/ui/dropdown-menu/index.js';
 	import { m } from '$lib/paraglide/messages';
+	import { mode, resetMode, setMode } from 'mode-watcher';
 
 	const isDark = $derived(mode.current === 'dark');
 </script>

frontend/src/lib/components/one-time-link-modal.svelte

@@ -36,7 +36,10 @@
 
 	async function createLoginCode() {
 		try {
-			code = await userService.createOneTimeAccessToken(userId!, availableExpirations[selectedExpiration]);
+			code = await userService.createOneTimeAccessToken(
+				userId!,
+				availableExpirations[selectedExpiration]
+			);
 			oneTimeLink = `${page.url.origin}/lc/${code}`;
 		} catch (e) {
 			axiosErrorToast(e);
@@ -45,7 +48,10 @@
 
 	async function sendLoginCodeEmail() {
 		try {
-			await userService.requestOneTimeAccessEmailAsAdmin(userId!, availableExpirations[selectedExpiration]);
+			await userService.requestOneTimeAccessEmailAsAdmin(
+				userId!,
+				availableExpirations[selectedExpiration]
+			);
 			toast.success(m.login_code_email_success());
 			onOpenChange(false);
 		} catch (e) {

frontend/src/lib/components/ui/skeleton/index.ts

@@ -1,7 +1,7 @@
-import Root from "./skeleton.svelte";
+import Root from './skeleton.svelte';
 
 export {
 	Root,
 	//
-	Root as Skeleton,
+	Root as Skeleton
 };

frontend/src/lib/components/ui/skeleton/skeleton.svelte

@@ -1,6 +1,6 @@
 <script lang="ts">
-	import { cn, type WithElementRef, type WithoutChildren } from "$lib/utils/style.js";
-	import type { HTMLAttributes } from "svelte/elements";
+	import { cn, type WithElementRef, type WithoutChildren } from '$lib/utils/style.js';
+	import type { HTMLAttributes } from 'svelte/elements';
 
 	let {
 		ref = $bindable(null),
@@ -12,6 +12,6 @@
 <div
 	bind:this={ref}
 	data-slot="skeleton"
-	class={cn("bg-accent animate-pulse rounded-md", className)}
+	class={cn('bg-accent animate-pulse rounded-md', className)}
 	{...restProps}
 ></div>

frontend/src/lib/services/api-service.ts

@@ -1,13 +1,13 @@
 import axios from 'axios';
 
 abstract class APIService {
-  protected api = axios.create({ baseURL: '/api' });
+	protected api = axios.create({ baseURL: '/api' });
 
-  constructor() {
-    if (typeof process !== 'undefined' && process?.env?.DEVELOPMENT_BACKEND_URL) {
-      this.api.defaults.baseURL = process.env.DEVELOPMENT_BACKEND_URL;
-    }
-  }
+	constructor() {
+		if (typeof process !== 'undefined' && process?.env?.DEVELOPMENT_BACKEND_URL) {
+			this.api.defaults.baseURL = process.env.DEVELOPMENT_BACKEND_URL;
+		}
+	}
 }
 
 export default APIService;

frontend/src/lib/services/webauthn-service.ts

@@ -4,35 +4,35 @@ import APIService from './api-service';
 import userStore from '$lib/stores/user-store';
 import type { AuthenticationResponseJSON, RegistrationResponseJSON } from '@simplewebauthn/browser';
 class WebAuthnService extends APIService {
-  getRegistrationOptions = async () => (await this.api.get(`/webauthn/register/start`)).data;
+	getRegistrationOptions = async () => (await this.api.get(`/webauthn/register/start`)).data;
 
-  finishRegistration = async (body: RegistrationResponseJSON) =>
-    (await this.api.post(`/webauthn/register/finish`, body)).data as Passkey;
+	finishRegistration = async (body: RegistrationResponseJSON) =>
+		(await this.api.post(`/webauthn/register/finish`, body)).data as Passkey;
 
-  getLoginOptions = async () => (await this.api.get(`/webauthn/login/start`)).data;
+	getLoginOptions = async () => (await this.api.get(`/webauthn/login/start`)).data;
 
-  finishLogin = async (body: AuthenticationResponseJSON) =>
-    (await this.api.post(`/webauthn/login/finish`, body)).data as User;
+	finishLogin = async (body: AuthenticationResponseJSON) =>
+		(await this.api.post(`/webauthn/login/finish`, body)).data as User;
 
-  logout = async () => {
-    await this.api.post(`/webauthn/logout`);
-    userStore.clearUser();
-  };
+	logout = async () => {
+		await this.api.post(`/webauthn/logout`);
+		userStore.clearUser();
+	};
 
-  listCredentials = async () => (await this.api.get(`/webauthn/credentials`)).data as Passkey[];
+	listCredentials = async () => (await this.api.get(`/webauthn/credentials`)).data as Passkey[];
 
-  removeCredential = async (id: string) => {
-    await this.api.delete(`/webauthn/credentials/${id}`);
-  };
+	removeCredential = async (id: string) => {
+		await this.api.delete(`/webauthn/credentials/${id}`);
+	};
 
-  updateCredentialName = async (id: string, name: string) => {
-    await this.api.patch(`/webauthn/credentials/${id}`, { name });
-  };
+	updateCredentialName = async (id: string, name: string) => {
+		await this.api.patch(`/webauthn/credentials/${id}`, { name });
+	};
 
-  reauthenticate = async (body?: AuthenticationResponseJSON) => {
-    const res = await this.api.post('/webauthn/reauthenticate', body);
-    return res.data.reauthenticationToken as string;
-  };
+	reauthenticate = async (body?: AuthenticationResponseJSON) => {
+		const res = await this.api.post('/webauthn/reauthenticate', body);
+		return res.data.reauthenticationToken as string;
+	};
 }
 
 export default WebAuthnService;

frontend/src/lib/types/advanced-table.type.ts

@@ -3,7 +3,7 @@ import type { Component, Snippet } from 'svelte';
 export type AdvancedTableColumn<T extends Record<string, any>> = {
 	label: string;
 	column?: keyof T & string;
-    key?: string;
+	key?: string;
 	value?: (item: T) => string | number | boolean | undefined;
 	cell?: Snippet<[{ item: T }]>;
 	sortable?: boolean;
@@ -12,9 +12,11 @@ export type AdvancedTableColumn<T extends Record<string, any>> = {
 		value: string | boolean;
 		icon?: Component;
 	}[];
-    hidden?: boolean;
+	hidden?: boolean;
 };
-export type CreateAdvancedTableActions<T extends Record<string, any>> = (item: T) => AdvancedTableAction<T>[];
+export type CreateAdvancedTableActions<T extends Record<string, any>> = (
+	item: T
+) => AdvancedTableAction<T>[];
 
 export type AdvancedTableAction<T> = {
 	label: string;

frontend/src/lib/utils/audit-log-translator.ts

@@ -9,8 +9,8 @@ export const eventTypes: Record<string, string> = {
 	DEVICE_CODE_AUTHORIZATION: m.device_code_authorization(),
 	NEW_DEVICE_CODE_AUTHORIZATION: m.new_device_code_authorization(),
 	PASSKEY_ADDED: m.passkey_added(),
-	PASSKEY_REMOVED: m.passkey_removed(),
-}
+	PASSKEY_REMOVED: m.passkey_removed()
+};
 
 /**
  * Translates an audit log event type using paraglide messages.

frontend/src/lib/utils/cached-image-util.ts

@@ -22,9 +22,13 @@ export const cachedApplicationLogo: CachableImage = {
 
 export const cachedDefaultProfilePicture: CachableImage = {
 	getUrl: () =>
-		getCachedImageUrl(new URL('/api/application-images/default-profile-picture', window.location.origin)),
+		getCachedImageUrl(
+			new URL('/api/application-images/default-profile-picture', window.location.origin)
+		),
 	bustCache: () =>
-		bustImageCache(new URL('/api/application-images/default-profile-picture', window.location.origin))
+		bustImageCache(
+			new URL('/api/application-images/default-profile-picture', window.location.origin)
+		)
 };
 
 export const cachedBackgroundImage: CachableImage = {

frontend/src/routes/settings/audit-log/global/+page.svelte

@@ -72,7 +72,7 @@
 							value,
 							label
 						}))
-					]}					
+					]}
 					bind:value={filters.event}
 				/>
 			</div>

pnpm-lock.yaml

@@ -141,14 +141,14 @@ importers:
         specifier: ^1.1.0
         version: 1.1.0(svelte@5.45.2)
       prettier:
-        specifier: ^3.7.0
-        version: 3.7.0
+        specifier: ^3.7.3
+        version: 3.7.3
       prettier-plugin-svelte:
         specifier: ^3.4.0
-        version: 3.4.0(prettier@3.7.0)(svelte@5.45.2)
+        version: 3.4.0(prettier@3.7.3)(svelte@5.45.2)
       prettier-plugin-tailwindcss:
         specifier: ^0.7.1
-        version: 0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.7.0)(svelte@5.45.2))(prettier@3.7.0)
+        version: 0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.7.3)(svelte@5.45.2))(prettier@3.7.3)
       rollup:
         specifier: ^4.53.3
         version: 4.53.3
@@ -2422,6 +2422,11 @@ packages:
     engines: {node: '>=14'}
     hasBin: true
 
+  prettier@3.7.3:
+    resolution: {integrity: sha512-QgODejq9K3OzoBbuyobZlUhznP5SKwPqp+6Q6xw6o8gnhr4O85L2U915iM2IDcfF2NPXVaM9zlo9tdwipnYwzg==}
+    engines: {node: '>=14'}
+    hasBin: true
+
   prismjs@1.30.0:
     resolution: {integrity: sha512-DEvV2ZF2r2/63V+tK8hQvrR2ZGn10srHbXviTlcv7Kpzw8jWiNTqbVgjO3IY8RxrrOUF8VPMQQFysYYYv0YZxw==}
     engines: {node: '>=6'}
@@ -3534,7 +3539,7 @@ snapshots:
   '@react-email/render@2.0.0(react-dom@19.2.0(react@19.2.0))(react@19.2.0)':
     dependencies:
       html-to-text: 9.0.5
-      prettier: 3.7.0
+      prettier: 3.7.3
       react: 19.2.0
       react-dom: 19.2.0(react@19.2.0)
 
@@ -4938,19 +4943,21 @@ snapshots:
 
   prelude-ls@1.2.1: {}
 
-  prettier-plugin-svelte@3.4.0(prettier@3.7.0)(svelte@5.45.2):
+  prettier-plugin-svelte@3.4.0(prettier@3.7.3)(svelte@5.45.2):
     dependencies:
-      prettier: 3.7.0
+      prettier: 3.7.3
       svelte: 5.45.2
 
-  prettier-plugin-tailwindcss@0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.7.0)(svelte@5.45.2))(prettier@3.7.0):
+  prettier-plugin-tailwindcss@0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.7.3)(svelte@5.45.2))(prettier@3.7.3):
     dependencies:
-      prettier: 3.7.0
+      prettier: 3.7.3
     optionalDependencies:
-      prettier-plugin-svelte: 3.4.0(prettier@3.7.0)(svelte@5.45.2)
+      prettier-plugin-svelte: 3.4.0(prettier@3.7.3)(svelte@5.45.2)
 
   prettier@3.7.0: {}
 
+  prettier@3.7.3: {}
+
   prismjs@1.30.0: {}
 
   prompts@2.4.2:

tests/specs/api-key.spec.ts

@@ -22,7 +22,7 @@ test.describe('API Key Management', () => {
 		await page.getByRole('button', { name: 'Select a date' }).click();
 		await page.getByLabel('Select year').click();
 		// Select the next year
-		await page.getByText((currentDate.getFullYear() + 1).toString()).click();
+		await page.getByRole('option', { name: (currentDate.getFullYear() + 1).toString() }).click();
 		// Select the first day of the month
 		await page
 			.getByRole('button', { name: /([A-Z][a-z]+), ([A-Z][a-z]+) 1, (\d{4})/ })
@@ -62,7 +62,7 @@ test.describe('API Key Management', () => {
 		await page.getByRole('menuitem', { name: 'Revoke' }).click();
 
 		await page.getByRole('button', { name: 'Revoke' }).click();
-		
+
 		// Verify success message
 		await expect(page.locator('[data-type="success"]')).toHaveText('API key revoked successfully');