feat: add HTTP HEAD method support (#1135)

Co-authored-by: stonith404 <58886915+stonith404@users.noreply.github.com>

.env.example

@@ -1,6 +1,18 @@
 # See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables
+
+# These variables must be configured for your deployment:
 APP_URL=https://your-pocket-id-domain.com
+
+# Encryption key (choose one method):
+# Method 1: Direct key (simple but less secure)
+# Generate with: openssl rand -base64 32
+ENCRYPTION_KEY=
+# Method 2: File-based key (recommended)
+# Put the base64 key in a file and point to it here.
+# ENCRYPTION_KEY_FILE=/path/to/encryption_key
+
+# These variables are optional but recommended to review:
 TRUST_PROXY=false
 MAXMIND_LICENSE_KEY=
 PUID=1000
-PGID=1000
+PGID=1000

.github/workflows/e2e-tests.yml

@@ -59,9 +59,9 @@ jobs:
       matrix:
         include:
           - db: sqlite
-            storage: fs
+            storage: filesystem
           - db: postgres
-            storage: fs
+            storage: filesystem
           - db: sqlite
             storage: s3
           - db: sqlite

.version

@@ -1 +1 @@
-1.15.0
+1.16.0

.vscode/launch.json

@@ -5,12 +5,14 @@
       "name": "Backend",
       "type": "go",
       "request": "launch",
-      "envFile": "${workspaceFolder}/backend/cmd/.env",
+      "envFile": "${workspaceFolder}/backend/.env",
       "env": {
         "APP_ENV": "development"
       },
       "mode": "debug",
       "program": "${workspaceFolder}/backend/cmd/main.go",
+      "buildFlags": "-tags=exclude_frontend",
+      "cwd": "${workspaceFolder}/backend",
     },
     {
       "name": "Frontend",

CHANGELOG.md

@@ -1,3 +1,44 @@
+## v1.16.0
+
+### Bug Fixes
+
+- use `quoted-printable` encoding for mails to prevent line limitation ([5cf73e9](https://github.com/pocket-id/pocket-id/commit/5cf73e9309640d097ba94d97851cf502b7b2e063) by @stonith404)
+- automatically create parent directory of Sqlite db ([cfc9e46](https://github.com/pocket-id/pocket-id/commit/cfc9e464d983b051e7ed4da1620fae61dc73cff2) by @stonith404)
+- global audit log user filter not working ([d98c0a3](https://github.com/pocket-id/pocket-id/commit/d98c0a391a747f9eea70ea01c3f984264a4a7a19) by @stonith404)
+- theme mode not correctly applied if selected manually ([a1cd325](https://github.com/pocket-id/pocket-id/commit/a1cd3251cd2b7d7aca610696ef338c5d01fdce2e) by @stonith404)
+- hide theme switcher on auth pages because of dynamic background ([5d6a7fd](https://github.com/pocket-id/pocket-id/commit/5d6a7fdb58b6b82894dcb9be3b9fe6ca3e53f5fa) by @stonith404)
+
+### Documentation
+
+- add `ENCRYPTION_KEY` to `.env.example` for breaking change preparation ([4eeb06f](https://github.com/pocket-id/pocket-id/commit/4eeb06f29d984164939bf66299075efead87ee19) by @stonith404)
+
+### Features
+
+- light/dark/system mode switcher ([#1081](https://github.com/pocket-id/pocket-id/pull/1081) by @kmendell)
+- add support for S3 storage backend ([#1080](https://github.com/pocket-id/pocket-id/pull/1080) by @stonith404)
+- add support for WEBP profile pictures ([#1090](https://github.com/pocket-id/pocket-id/pull/1090) by @stonith404)
+- add database storage backend ([#1091](https://github.com/pocket-id/pocket-id/pull/1091) by @ItalyPaleAle)
+- adding/removing passkeys creates an entry in audit logs ([#1099](https://github.com/pocket-id/pocket-id/pull/1099) by @ItalyPaleAle)
+- add option to disable S3 integrity check ([a3c9687](https://github.com/pocket-id/pocket-id/commit/a3c968758a17e95b2e55ae179d6601d8ec2cf052) by @stonith404)
+- add `Cache-Control: private, no-store` to all API routes per default ([#1126](https://github.com/pocket-id/pocket-id/pull/1126) by @stonith404)
+
+### Other
+
+- update pnpm to 10.20 ([#1082](https://github.com/pocket-id/pocket-id/pull/1082) by @kmendell)
+- run checks on PR to `breaking/**` branches ([ab9c0f9](https://github.com/pocket-id/pocket-id/commit/ab9c0f9ac092725c70ec3a963f57bc739f425d4f) by @stonith404)
+- use constants for AppEnv values ([#1098](https://github.com/pocket-id/pocket-id/pull/1098) by @ItalyPaleAle)
+- bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /backend in the go_modules group across 1 directory ([#1107](https://github.com/pocket-id/pocket-id/pull/1107) by @dependabot[bot])
+- add Finish files ([ca888b3](https://github.com/pocket-id/pocket-id/commit/ca888b3dd221a209df5e7beb749156f7ea21e1c0) by @stonith404)
+- upgrade dependencies ([4bde271](https://github.com/pocket-id/pocket-id/commit/4bde271b4715f59bd2ed1f7c18a867daf0f26b8b) by @stonith404)
+- fix Dutch validation message ([f523f39](https://github.com/pocket-id/pocket-id/commit/f523f39483a06256892d17dc02528ea009c87a9f) by @stonith404)
+- fix package vulnerabilities ([3d46bad](https://github.com/pocket-id/pocket-id/commit/3d46badb3cecc1ee8eb8bfc9b377108be32d4ffc) by @stonith404)
+- update vscode launch.json ([#1117](https://github.com/pocket-id/pocket-id/pull/1117) by @mnestor)
+- rename file backend value `fs` to `filesystem` ([8d30346](https://github.com/pocket-id/pocket-id/commit/8d30346f642b483653f7a3dec006cb0273927afb) by @stonith404)
+- fix wrong storage value ([b2c718d](https://github.com/pocket-id/pocket-id/commit/b2c718d13d12b6c152e19974d3490c2ed7f5d51d) by @stonith404)
+- run formatter ([14c7471](https://github.com/pocket-id/pocket-id/commit/14c7471b5272cdaf42751701d842348d0d60cd0e) by @stonith404)
+
+**Full Changelog**: https://github.com/pocket-id/pocket-id/compare/v1.15.0...v1.16.0
+
 ## v1.15.0
 
 ### Bug Fixes

backend/internal/bootstrap/db_bootstrap.go

@@ -155,6 +155,12 @@ func connectDatabase() (db *gorm.DB, err error) {
 			return nil, err
 		}
 
+		if !isMemoryDB {
+			if err := ensureSqliteDatabaseDir(dbPath); err != nil {
+				return nil, err
+			}
+		}
+
 		// Before we connect, also make sure that there's a temporary folder for SQLite to write its data
 		err = ensureSqliteTempDir(filepath.Dir(dbPath))
 		if err != nil {
@@ -388,6 +394,27 @@ func isSqliteInMemory(connString string) bool {
 	return len(qs["mode"]) > 0 && qs["mode"][0] == "memory"
 }
 
+// ensureSqliteDatabaseDir creates the parent directory for the SQLite database file if it doesn't exist yet
+func ensureSqliteDatabaseDir(dbPath string) error {
+	dir := filepath.Dir(dbPath)
+
+	info, err := os.Stat(dir)
+	switch {
+	case err == nil:
+		if !info.IsDir() {
+			return fmt.Errorf("SQLite database directory '%s' is not a directory", dir)
+		}
+		return nil
+	case os.IsNotExist(err):
+		if err := os.MkdirAll(dir, 0700); err != nil {
+			return fmt.Errorf("failed to create SQLite database directory '%s': %w", dir, err)
+		}
+		return nil
+	default:
+		return fmt.Errorf("failed to check SQLite database directory '%s': %w", dir, err)
+	}
+}
+
 // ensureSqliteTempDir ensures that SQLite has a directory where it can write temporary files if needed
 // The default directory may not be writable when using a container with a read-only root file system
 // See: https://www.sqlite.org/tempfiles.html

backend/internal/bootstrap/db_bootstrap_test.go

@@ -2,6 +2,8 @@ package bootstrap
 
 import (
 	"net/url"
+	"os"
+	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -84,6 +86,29 @@ func TestIsSqliteInMemory(t *testing.T) {
 	}
 }
 
+func TestEnsureSqliteDatabaseDir(t *testing.T) {
+	t.Run("creates missing directory", func(t *testing.T) {
+		tempDir := t.TempDir()
+		dbPath := filepath.Join(tempDir, "nested", "pocket-id.db")
+
+		err := ensureSqliteDatabaseDir(dbPath)
+		require.NoError(t, err)
+
+		info, err := os.Stat(filepath.Dir(dbPath))
+		require.NoError(t, err)
+		assert.True(t, info.IsDir())
+	})
+
+	t.Run("fails when parent is file", func(t *testing.T) {
+		tempDir := t.TempDir()
+		filePath := filepath.Join(tempDir, "file.txt")
+		require.NoError(t, os.WriteFile(filePath, []byte("test"), 0o600))
+
+		err := ensureSqliteDatabaseDir(filepath.Join(filePath, "data.db"))
+		require.Error(t, err)
+	})
+}
+
 func TestConvertSqlitePragmaArgs(t *testing.T) {
 	tests := []struct {
 		name     string

backend/internal/bootstrap/router_bootstrap.go

@@ -63,6 +63,8 @@ func initRouterInternal(db *gorm.DB, svc *services) (utils.Service, error) {
 	rateLimitMiddleware := middleware.NewRateLimitMiddleware().Add(rate.Every(time.Second), 60)
 
 	// Setup global middleware
+	r.Use(middleware.HeadMiddleware())
+	r.Use(middleware.NewCacheControlMiddleware().Add())
 	r.Use(middleware.NewCorsMiddleware().Add())
 	r.Use(middleware.NewCspMiddleware().Add())
 	r.Use(middleware.NewErrorHandlerMiddleware().Add())
@@ -110,7 +112,17 @@ func initRouterInternal(db *gorm.DB, svc *services) (utils.Service, error) {
 	srv := &http.Server{
 		MaxHeaderBytes:    1 << 20,
 		ReadHeaderTimeout: 10 * time.Second,
-		Handler:           r,
+		Handler: http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+			// HEAD requests don't get matched by Gin routes, so we convert them to GET
+			// middleware.HeadMiddleware will convert them back to HEAD later
+			if req.Method == http.MethodHead {
+				req.Method = http.MethodGet
+				ctx := context.WithValue(req.Context(), middleware.IsHeadRequestCtxKey{}, true)
+				req = req.WithContext(ctx)
+			}
+
+			r.ServeHTTP(w, req)
+		}),
 	}
 
 	// Set up the listener

backend/internal/common/env_config.go

@@ -88,7 +88,7 @@ func defaultConfig() EnvConfigSchema {
 		AppEnv:        AppEnvProduction,
 		LogLevel:      "info",
 		DbProvider:    "sqlite",
-		FileBackend:   "fs",
+		FileBackend:   "filesystem",
 		KeysPath:      "data/keys",
 		AppURL:        AppUrl,
 		Port:          "1411",
@@ -187,12 +187,12 @@ func validateEnvConfig(config *EnvConfigSchema) error {
 		}
 	case "database":
 		// All good, these are valid values
-	case "", "fs":
+	case "", "filesystem":
 		if config.UploadPath == "" {
 			config.UploadPath = defaultFsUploadPath
 		}
 	default:
-		return errors.New("invalid FILE_BACKEND value. Must be 'fs', 'database', or 's3'")
+		return errors.New("invalid FILE_BACKEND value. Must be 'filesystem', 'database', or 's3'")
 	}
 
 	// Validate LOCAL_IPV6_RANGES

backend/internal/common/env_config_test.go

@@ -214,12 +214,12 @@ func TestParseEnvConfig(t *testing.T) {
 		t.Setenv("DB_PROVIDER", "sqlite")
 		t.Setenv("DB_CONNECTION_STRING", "file:test.db")
 		t.Setenv("APP_URL", "http://localhost:3000")
-		t.Setenv("FILE_BACKEND", "FS")
+		t.Setenv("FILE_BACKEND", "FILESYSTEM")
 		t.Setenv("UPLOAD_PATH", "")
 
 		err := parseEnvConfig()
 		require.NoError(t, err)
-		assert.Equal(t, "fs", EnvConfig.FileBackend)
+		assert.Equal(t, "filesystem", EnvConfig.FileBackend)
 		assert.Equal(t, defaultFsUploadPath, EnvConfig.UploadPath)
 	})
 

backend/internal/middleware/cache_control.go

@@ -0,0 +1,26 @@
+package middleware
+
+import "github.com/gin-gonic/gin"
+
+// CacheControlMiddleware sets a safe default Cache-Control header on responses
+// that do not already specify one. This prevents proxies from caching
+// authenticated responses that might contain private data.
+type CacheControlMiddleware struct {
+	headerValue string
+}
+
+func NewCacheControlMiddleware() *CacheControlMiddleware {
+	return &CacheControlMiddleware{
+		headerValue: "private, no-store",
+	}
+}
+
+func (m *CacheControlMiddleware) Add() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if c.Writer.Header().Get("Cache-Control") == "" {
+			c.Header("Cache-Control", m.headerValue)
+		}
+
+		c.Next()
+	}
+}

backend/internal/middleware/cache_control_test.go

@@ -0,0 +1,45 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/require"
+)
+
+func TestCacheControlMiddlewareSetsDefault(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	router := gin.New()
+	router.Use(NewCacheControlMiddleware().Add())
+
+	router.GET("/test", func(c *gin.Context) {
+		c.Status(http.StatusOK)
+	})
+
+	req := httptest.NewRequest(http.MethodGet, "/test", http.NoBody)
+	w := httptest.NewRecorder()
+
+	router.ServeHTTP(w, req)
+
+	require.Equal(t, "private, no-store", w.Header().Get("Cache-Control"))
+}
+
+func TestCacheControlMiddlewarePreservesExistingHeader(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	router := gin.New()
+	router.Use(NewCacheControlMiddleware().Add())
+
+	router.GET("/custom", func(c *gin.Context) {
+		c.Header("Cache-Control", "public, max-age=60")
+		c.Status(http.StatusOK)
+	})
+
+	req := httptest.NewRequest(http.MethodGet, "/custom", http.NoBody)
+	w := httptest.NewRecorder()
+
+	router.ServeHTTP(w, req)
+
+	require.Equal(t, "public, max-age=60", w.Header().Get("Cache-Control"))
+}

backend/internal/middleware/head_middleware.go

@@ -0,0 +1,40 @@
+package middleware
+
+import (
+	"net/http"
+	"strconv"
+
+	"github.com/gin-gonic/gin"
+)
+
+type IsHeadRequestCtxKey struct{}
+
+type headWriter struct {
+	gin.ResponseWriter
+	size int
+}
+
+func (w *headWriter) Write(b []byte) (int, error) {
+	w.size += len(b)
+	return w.size, nil
+}
+
+func HeadMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// Only process if it's a HEAD request
+		if c.Request.Context().Value(IsHeadRequestCtxKey{}) != true {
+			c.Next()
+			return
+		}
+
+		// Replace the ResponseWriter with our headWriter to swallow the body
+		hw := &headWriter{ResponseWriter: c.Writer}
+		c.Writer = hw
+
+		c.Next()
+
+		c.Writer.Header().Set("Content-Length", strconv.Itoa(hw.size))
+		c.Request.Method = http.MethodHead
+
+	}
+}

backend/internal/storage/storage.go

@@ -8,7 +8,7 @@ import (
 )
 
 var (
-	TypeFileSystem = "fs"
+	TypeFileSystem = "filesystem"
 	TypeS3         = "s3"
 )
 

frontend/.prettierrc

@@ -3,6 +3,6 @@
 	"singleQuote": true,
 	"trailingComma": "none",
 	"printWidth": 100,
-	"plugins": ["prettier-plugin-svelte", "prettier-plugin-tailwindcss"],
+	"plugins": ["prettier-plugin-tailwindcss", "prettier-plugin-svelte"],
 	"overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }]
 }

frontend/messages/cs.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilový obrázek",
 	"profile_picture_is_managed_by_ldap_server": "Profilový obrázek je spravován LDAP serverem a nelze jej zde změnit.",
 	"click_profile_picture_to_upload_custom": "Klikněte na profilový obrázek pro nahrání vlastního ze souborů.",
-	"image_should_be_in_format": "Obrázek by měl být ve formátu PNG nebo JPEG.",
+	"image_should_be_in_format": "Obrázek by měl být ve formátu PNG, JPEG nebo WEBP.",
 	"items_per_page": "Položek na stránku",
 	"no_items_found": "Nenalezeny žádné položky",
 	"select_items": "Vyberte položky...",

frontend/messages/da.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilbillede",
 	"profile_picture_is_managed_by_ldap_server": "Profilbilledet administreres af LDAP-serveren og kan ikke ændres her.",
 	"click_profile_picture_to_upload_custom": "Klik på profilbilledet for at uploade et brugerdefineret billede fra dine filer.",
-	"image_should_be_in_format": "Billedet skal være i PNG eller JPEG-format.",
+	"image_should_be_in_format": "Billedet skal være i PNG, JPEG eller WEBP-format.",
 	"items_per_page": "Emner pr. side",
 	"no_items_found": "Ingen emner fundet",
 	"select_items": "Vælg emner...",

frontend/messages/de.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilbild",
 	"profile_picture_is_managed_by_ldap_server": "Das Profilbild wird vom LDAP-Server verwaltet und kann hier nicht geändert werden.",
 	"click_profile_picture_to_upload_custom": "Klicke auf das Profilbild, um ein benutzerdefiniertes Bild aus deinen Dateien hochzuladen.",
-	"image_should_be_in_format": "Das Bild sollte im PNG- oder JPEG-Format vorliegen.",
+	"image_should_be_in_format": "Das Bild sollte im PNG-, JPEG- oder WEBP-Format vorliegen.",
 	"items_per_page": "Einträge pro Seite",
 	"no_items_found": "Keine Einträge gefunden",
 	"select_items": "Elemente auswählen...",
@@ -443,7 +443,7 @@
 	"client_launch_url_description": "Die URL, die geöffnet wird, wenn jemand die App von der Seite „Meine Apps“ startet.",
 	"client_name_description": "Der Name des Clients, der in der Pocket ID-Benutzeroberfläche angezeigt wird.",
 	"revoke_access": "Zugriff widerrufen",
-	"revoke_access_description": "Zugriff widerrufen <b>{clientName}</b>. <b>{clientName}</b> kann nicht mehr auf deine Kontoinfos zugreifen.",
+	"revoke_access_description": "Zugriff auf <b>{clientName}</b> widerrufen. <b>{clientName}</b> kann nicht mehr auf deine Kontoinformationen zugreifen.",
 	"revoke_access_successful": "Der Zugriff auf „ {clientName} “ wurde erfolgreich gesperrt.",
 	"last_signed_in_ago": "Zuletzt angemeldet vor {time} Stunden",
 	"invalid_client_id": "Die Kunden-ID darf nur Buchstaben, Zahlen, Unterstriche und Bindestriche haben.",

frontend/messages/en.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profile Picture",
 	"profile_picture_is_managed_by_ldap_server": "The profile picture is managed by the LDAP server and cannot be changed here.",
 	"click_profile_picture_to_upload_custom": "Click on the profile picture to upload a custom one from your files.",
-	"image_should_be_in_format": "The image should be in PNG or JPEG format.",
+	"image_should_be_in_format": "The image should be in PNG, JPEG or WEBP format.",
 	"items_per_page": "Items per page",
 	"no_items_found": "No items found",
 	"select_items": "Select items...",

frontend/messages/es.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Foto de perfil",
 	"profile_picture_is_managed_by_ldap_server": "La imagen de perfil es administrada por el servidor LDAP y no puede ser cambiada aquí.",
 	"click_profile_picture_to_upload_custom": "Haga clic en la imagen de perfil para subir una personalizada desde sus archivos.",
-	"image_should_be_in_format": "La imagen debe ser en formato PNG o JPEG.",
+	"image_should_be_in_format": "La imagen debe ser en formato PNG, JPEG o WEBP.",
 	"items_per_page": "Elementos por página",
 	"no_items_found": "No se encontraron elementos",
 	"select_items": "Seleccionar elementos...",

frontend/messages/fi.json

@@ -1,473 +1,473 @@
 {
 	"$schema": "https://inlang.com/schema/inlang-message-format",
-	"my_account": "My Account",
-	"logout": "Logout",
-	"confirm": "Confirm",
-	"docs": "Docs",
-	"key": "Key",
-	"value": "Value",
-	"remove_custom_claim": "Remove custom claim",
-	"add_custom_claim": "Add custom claim",
-	"add_another": "Add another",
-	"select_a_date": "Select a date",
-	"select_file": "Select File",
-	"profile_picture": "Profile Picture",
-	"profile_picture_is_managed_by_ldap_server": "The profile picture is managed by the LDAP server and cannot be changed here.",
-	"click_profile_picture_to_upload_custom": "Click on the profile picture to upload a custom one from your files.",
-	"image_should_be_in_format": "The image should be in PNG or JPEG format.",
-	"items_per_page": "Items per page",
-	"no_items_found": "No items found",
-	"select_items": "Select items...",
-	"search": "Search...",
-	"expand_card": "Expand card",
-	"copied": "Copied",
-	"click_to_copy": "Click to copy",
-	"something_went_wrong": "Something went wrong",
-	"go_back_to_home": "Go back to home",
-	"alternative_sign_in_methods": "Alternative Sign In Methods",
-	"login_background": "Login background",
+	"my_account": "Oma tIli",
+	"logout": "Kirjaudu ulos",
+	"confirm": "Vahvista",
+	"docs": "Ohjeet",
+	"key": "Avain",
+	"value": "Arvo",
+	"remove_custom_claim": "Poista mukautettu vaatimus",
+	"add_custom_claim": "Lisää mukautettu vaatimus",
+	"add_another": "Lisää toinen",
+	"select_a_date": "Valitse päivämäärä",
+	"select_file": "Valitse tiedosto",
+	"profile_picture": "Profiilikuva",
+	"profile_picture_is_managed_by_ldap_server": "Profiilikuva hallitaan LDAP-palvelimella, eikä sitä voi muuttaa tässä.",
+	"click_profile_picture_to_upload_custom": "Napsauta profiilikuvaa ladataksesi kuvan tiedostoistasi.",
+	"image_should_be_in_format": "Kuvan tulee olla PNG-, JPEG- tai WEBP-muodossa.",
+	"items_per_page": "Kohteita per sivu",
+	"no_items_found": "Kohteita ei löytynyt",
+	"select_items": "Valitse kohteet...",
+	"search": "Hae...",
+	"expand_card": "Laajenna kortti",
+	"copied": "Kopioitu",
+	"click_to_copy": "Klikkaa kopioidaksesi",
+	"something_went_wrong": "Jokin meni pieleen",
+	"go_back_to_home": "Siirry takaisin kotiin",
+	"alternative_sign_in_methods": "Vaihtoehtoiset kirjautumistavat",
+	"login_background": "Kirjautumisen tausta",
 	"logo": "Logo",
-	"login_code": "Login Code",
-	"create_a_login_code_to_sign_in_without_a_passkey_once": "Create a login code that the user can use to sign in without a passkey once.",
-	"one_hour": "1 hour",
-	"twelve_hours": "12 hours",
-	"one_day": "1 day",
-	"one_week": "1 week",
-	"one_month": "1 month",
-	"expiration": "Expiration",
-	"generate_code": "Generate Code",
-	"name": "Name",
-	"browser_unsupported": "Browser unsupported",
-	"this_browser_does_not_support_passkeys": "This browser doesn't support passkeys. Please use an alternative sign in method.",
-	"an_unknown_error_occurred": "An unknown error occurred",
-	"authentication_process_was_aborted": "The authentication process was aborted",
-	"error_occurred_with_authenticator": "An error occurred with the authenticator",
-	"authenticator_does_not_support_discoverable_credentials": "The authenticator does not support discoverable credentials",
-	"authenticator_does_not_support_resident_keys": "The authenticator does not support resident keys",
-	"passkey_was_previously_registered": "This passkey was previously registered",
-	"authenticator_does_not_support_any_of_the_requested_algorithms": "The authenticator does not support any of the requested algorithms",
-	"authenticator_timed_out": "The authenticator timed out",
-	"critical_error_occurred_contact_administrator": "A critical error occurred. Please contact your administrator.",
-	"sign_in_to": "Sign in to {name}",
-	"client_not_found": "Client not found",
-	"client_wants_to_access_the_following_information": "<b>{client}</b> wants to access the following information:",
-	"do_you_want_to_sign_in_to_client_with_your_app_name_account": "Do you want to sign in to <b>{client}</b> with your {appName} account?",
-	"email": "Email",
-	"view_your_email_address": "View your email address",
-	"profile": "Profile",
-	"view_your_profile_information": "View your profile information",
-	"groups": "Groups",
-	"view_the_groups_you_are_a_member_of": "View the groups you are a member of",
-	"cancel": "Cancel",
-	"sign_in": "Sign in",
-	"try_again": "Try again",
-	"client_logo": "Client Logo",
-	"sign_out": "Sign out",
-	"do_you_want_to_sign_out_of_pocketid_with_the_account": "Do you want to sign out of {appName} with the account <b>{username}</b>?",
-	"sign_in_to_appname": "Sign in to {appName}",
-	"please_try_to_sign_in_again": "Please try to sign in again.",
-	"authenticate_with_passkey_to_access_account": "Authenticate yourself with your passkey to access your account.",
-	"authenticate": "Authenticate",
-	"please_try_again": "Please try again.",
-	"continue": "Continue",
-	"alternative_sign_in": "Alternative Sign In",
-	"if_you_do_not_have_access_to_your_passkey_you_can_sign_in_using_one_of_the_following_methods": "If you don't have access to your passkey, you can sign in using one of the following methods.",
-	"use_your_passkey_instead": "Use your passkey instead?",
-	"email_login": "Email Login",
-	"enter_a_login_code_to_sign_in": "Enter a login code to sign in.",
-	"sign_in_with_login_code": "Sign in with login code",
-	"request_a_login_code_via_email": "Request a login code via email.",
-	"go_back": "Go back",
-	"an_email_has_been_sent_to_the_provided_email_if_it_exists_in_the_system": "An email has been sent to the provided email, if it exists in the system.",
-	"enter_code": "Enter code",
-	"enter_your_email_address_to_receive_an_email_with_a_login_code": "Enter your email address to receive an email with a login code.",
-	"your_email": "Your email",
-	"submit": "Submit",
-	"enter_the_code_you_received_to_sign_in": "Enter the code you received to sign in.",
-	"code": "Code",
-	"invalid_redirect_url": "Invalid redirect URL",
-	"audit_log": "Audit Log",
-	"users": "Users",
-	"user_groups": "User Groups",
-	"oidc_clients": "OIDC Clients",
-	"api_keys": "API Keys",
-	"application_configuration": "Application Configuration",
-	"settings": "Settings",
-	"update_pocket_id": "Update Pocket ID",
-	"powered_by": "Powered by",
-	"see_your_account_activities_from_the_last_3_months": "See your account activities from the last 3 months.",
-	"time": "Time",
-	"event": "Event",
-	"approximate_location": "Approximate Location",
-	"ip_address": "IP Address",
-	"device": "Device",
-	"client": "Client",
-	"unknown": "Unknown",
-	"account_details_updated_successfully": "Account details updated successfully",
-	"profile_picture_updated_successfully": "Profile picture updated successfully. It may take a few minutes to update.",
-	"account_settings": "Account Settings",
-	"passkey_missing": "Passkey missing",
-	"please_provide_a_passkey_to_prevent_losing_access_to_your_account": "Please add a passkey to prevent losing access to your account.",
-	"single_passkey_configured": "Single Passkey Configured",
-	"it_is_recommended_to_add_more_than_one_passkey": "It is recommended to add more than one passkey to avoid losing access to your account.",
-	"account_details": "Account Details",
-	"passkeys": "Passkeys",
-	"manage_your_passkeys_that_you_can_use_to_authenticate_yourself": "Manage your passkeys that you can use to authenticate yourself.",
-	"add_passkey": "Add Passkey",
-	"create_a_one_time_login_code_to_sign_in_from_a_different_device_without_a_passkey": "Create a one-time login code to sign in from a different device without a passkey.",
-	"create": "Create",
-	"first_name": "First name",
-	"last_name": "Last name",
-	"username": "Username",
-	"save": "Save",
-	"username_can_only_contain": "Username can only contain lowercase letters, numbers, underscores, dots, hyphens, and '@' symbols",
-	"username_must_start_with": "Username must start with an alphanumeric character",
-	"username_must_end_with": "Username must end with an alphanumeric character",
-	"sign_in_using_the_following_code_the_code_will_expire_in_minutes": "Sign in using the following code. The code will expire in 15 minutes.",
-	"or_visit": "or visit",
-	"added_on": "Added on",
-	"rename": "Rename",
-	"delete": "Delete",
-	"are_you_sure_you_want_to_delete_this_passkey": "Are you sure you want to delete this passkey?",
-	"passkey_deleted_successfully": "Passkey deleted successfully",
-	"delete_passkey_name": "Delete {passkeyName}",
-	"passkey_name_updated_successfully": "Passkey name updated successfully",
-	"name_passkey": "Name Passkey",
-	"name_your_passkey_to_easily_identify_it_later": "Name your passkey to easily identify it later.",
-	"create_api_key": "Create API Key",
-	"add_a_new_api_key_for_programmatic_access": "Add a new API key for programmatic access to the <link href='https://pocket-id.org/docs/api'>Pocket ID API</link>.",
-	"add_api_key": "Add API Key",
-	"manage_api_keys": "Manage API Keys",
-	"api_key_created": "API Key Created",
-	"for_security_reasons_this_key_will_only_be_shown_once": "For security reasons, this key will only be shown once. Please store it securely.",
-	"description": "Description",
-	"api_key": "API Key",
-	"close": "Close",
-	"name_to_identify_this_api_key": "Name to identify this API key.",
-	"expires_at": "Expires At",
-	"when_this_api_key_will_expire": "When this API key will expire.",
-	"optional_description_to_help_identify_this_keys_purpose": "Optional description to help identify this key's purpose.",
-	"expiration_date_must_be_in_the_future": "Expiration date must be in the future",
-	"revoke_api_key": "Revoke API Key",
-	"never": "Never",
-	"revoke": "Revoke",
-	"api_key_revoked_successfully": "API key revoked successfully",
-	"are_you_sure_you_want_to_revoke_the_api_key_apikeyname": "Are you sure you want to revoke the API key \"{apiKeyName}\"? This will break any integrations using this key.",
-	"last_used": "Last Used",
-	"actions": "Actions",
-	"images_updated_successfully": "Images updated successfully. It may take a few minutes to update.",
-	"general": "General",
-	"configure_smtp_to_send_emails": "Enable email notifications to alert users when a login is detected from a new device or location.",
+	"login_code": "Kirjautumiskoodi",
+	"create_a_login_code_to_sign_in_without_a_passkey_once": "Luo kirjautumiskoodi, jota käyttäjä voi käyttää kirjautuakseen sisään ilman pääsyavainta kerran.",
+	"one_hour": "1 tunti",
+	"twelve_hours": "12 tuntia",
+	"one_day": "1 päivä",
+	"one_week": "1 viikko",
+	"one_month": "1 kuukausi",
+	"expiration": "Vanhentuminen",
+	"generate_code": "Luo koodi",
+	"name": "Nimi",
+	"browser_unsupported": "Selainta ei tueta",
+	"this_browser_does_not_support_passkeys": "Tämä selain ei tue pääsyavaimia. Käytä vaihtoehtoista kirjautumistapaa.",
+	"an_unknown_error_occurred": "Tapahtui tuntematon virhe",
+	"authentication_process_was_aborted": "Todentamisprosessi keskeytettiin",
+	"error_occurred_with_authenticator": "Todentajan kanssa tapahtui virhe",
+	"authenticator_does_not_support_discoverable_credentials": "Todentaja ei tue löydettäviä käyttäjätietoja",
+	"authenticator_does_not_support_resident_keys": "Todentaja ei tue laiteavaimia",
+	"passkey_was_previously_registered": "Tämä pääsyavain on aiemmin rekisteröity",
+	"authenticator_does_not_support_any_of_the_requested_algorithms": "Todentaja ei tue mitään pyydetyistä algoritmeista",
+	"authenticator_timed_out": "Todentaja aikakatkaistiin",
+	"critical_error_occurred_contact_administrator": "Kriittinen virhe tapahtui. Ota yhteyttä järjestelmänvalvojaan.",
+	"sign_in_to": "Kirjaudu palveluun {name}",
+	"client_not_found": "Asiakasta ei löydy",
+	"client_wants_to_access_the_following_information": "<b>{client}</b> haluaa käyttää seuraavia tietoja:",
+	"do_you_want_to_sign_in_to_client_with_your_app_name_account": "Haluatko kirjautua sisään palveluun <b>{client}</b> {appName} -tililläsi?",
+	"email": "Sähköposti",
+	"view_your_email_address": "Näytä sähköpostiosoitteesi",
+	"profile": "Profiili",
+	"view_your_profile_information": "Tarkastele profiilisi tietoja",
+	"groups": "Ryhmät",
+	"view_the_groups_you_are_a_member_of": "Tarkastele ryhmiä, joiden jäsen olet",
+	"cancel": "Peruuta",
+	"sign_in": "Kirjaudu sisään",
+	"try_again": "Yritä uudelleen",
+	"client_logo": "Asiakasohjelman Logo",
+	"sign_out": "Kirjaudu ulos",
+	"do_you_want_to_sign_out_of_pocketid_with_the_account": "Haluatko kirjautua ulos palvelusta {appName} tilillä <b>{username}</b>?",
+	"sign_in_to_appname": "Kirjaudu palveluun {appName}",
+	"please_try_to_sign_in_again": "Yritä kirjautua sisään uudelleen.",
+	"authenticate_with_passkey_to_access_account": "Tunnistaudu pääsyavaimellasi, jotta pääset tiliisi.",
+	"authenticate": "Tunnistaudu",
+	"please_try_again": "Ole hyvä ja yritä uudelleen.",
+	"continue": "Jatka",
+	"alternative_sign_in": "Vaihtoehtoinen kirjautuminen",
+	"if_you_do_not_have_access_to_your_passkey_you_can_sign_in_using_one_of_the_following_methods": "Jos sinulla ei ole pääsyä pääsyavaimeesi, voit kirjautua sisään jollakin seuraavista tavoista.",
+	"use_your_passkey_instead": "Käytä pääsyavainta sittenkin?",
+	"email_login": "Sisäänkirjautuminen sähköpostilla",
+	"enter_a_login_code_to_sign_in": "Syötä kirjautumiskoodi kirjautuaksesi sisään.",
+	"sign_in_with_login_code": "Kirjaudu sisään kirjautumiskoodilla",
+	"request_a_login_code_via_email": "Pyydä kirjautumiskoodi sähköpostitse.",
+	"go_back": "Takaisin",
+	"an_email_has_been_sent_to_the_provided_email_if_it_exists_in_the_system": "Sähköposti on lähetetty annettuun osoitteeseen, jos se on järjestelmässä.",
+	"enter_code": "Syötä koodi",
+	"enter_your_email_address_to_receive_an_email_with_a_login_code": "Syötä sähköpostiosoitteesi saadaksesi kirjautumiskoodin sähköpostitse.",
+	"your_email": "Sähköpostisi",
+	"submit": "Lähetä",
+	"enter_the_code_you_received_to_sign_in": "Syötä saamasi koodi kirjautuaksesi sisään.",
+	"code": "Koodi",
+	"invalid_redirect_url": "Virheellinen uudelleenohjauksen URL",
+	"audit_log": "Tarkastusloki",
+	"users": "Käyttäjät",
+	"user_groups": "Käyttäjäryhmät",
+	"oidc_clients": "OIDC Asiakkaat",
+	"api_keys": "API Avaimet",
+	"application_configuration": "Sovelluksen määritys",
+	"settings": "Asetukset",
+	"update_pocket_id": "Päivitä Pocket ID",
+	"powered_by": "Voimanlähteenä",
+	"see_your_account_activities_from_the_last_3_months": "Katso tilisi tapahtumat viimeisen 3 kuukauden ajalta.",
+	"time": "Aika",
+	"event": "Tapahtuma",
+	"approximate_location": "Arvioitu sijainti",
+	"ip_address": "IP-osoite",
+	"device": "Laite",
+	"client": "Asiakas",
+	"unknown": "Tuntematon",
+	"account_details_updated_successfully": "Tilin tiedot päivitetty onnistuneesti",
+	"profile_picture_updated_successfully": "Profiilikuva päivitetty onnistuneesti. Päivitys voi kestää muutaman minuutin.",
+	"account_settings": "Tilin asetukset",
+	"passkey_missing": "Pääsyavain puuttuu",
+	"please_provide_a_passkey_to_prevent_losing_access_to_your_account": "Lisää pääsyavain, jotta et menetä pääsyä tiliisi.",
+	"single_passkey_configured": "Yksi pääsyavain määritetty",
+	"it_is_recommended_to_add_more_than_one_passkey": "On suositeltavaa lisätä useampi pääsyavain, jottet menetä päsyä tiliisi.",
+	"account_details": "Tilitiedot",
+	"passkeys": "Pääsyavaimet",
+	"manage_your_passkeys_that_you_can_use_to_authenticate_yourself": "Hallitse pääsyavaimiasi, joita voit käyttää tunnistautumiseen.",
+	"add_passkey": "Lisää pääsyavain",
+	"create_a_one_time_login_code_to_sign_in_from_a_different_device_without_a_passkey": "Luo kertakäyttöinen kirjautumiskoodi, jotta voit kirjautua sisään toisella laitteella ilman pääsyavainta.",
+	"create": "Luo",
+	"first_name": "Etunimi",
+	"last_name": "Sukunimi",
+	"username": "Käyttäjätunnus",
+	"save": "Tallenna",
+	"username_can_only_contain": "Käyttäjätunnus voi sisältää vain pieniä kirjaimia, numeroita, alaviivoja, pisteitä, tavuviivoja ja @-merkkejä",
+	"username_must_start_with": "Käyttäjätunnuksen on alettava kirjaimella tai numerolla",
+	"username_must_end_with": "Käyttäjätunnuksen tulee päättyä kirjaimeen tai numeroon",
+	"sign_in_using_the_following_code_the_code_will_expire_in_minutes": "Kirjaudu sisään seuraavalla koodilla. Koodi vanhenee 15 minuutin kuluttua.",
+	"or_visit": "tai vieraile",
+	"added_on": "Lisätty",
+	"rename": "Nimeä uudelleen",
+	"delete": "Poista",
+	"are_you_sure_you_want_to_delete_this_passkey": "Haluatko varmasti poistaa tämän pääsyavaimen?",
+	"passkey_deleted_successfully": "Pääsyavaimen poistettu onnistuneesti",
+	"delete_passkey_name": "Poista {passkeyName}",
+	"passkey_name_updated_successfully": "Pääsyavaimen nimi päivitetty onnistuneesti",
+	"name_passkey": "Nimeä pääsyavain",
+	"name_your_passkey_to_easily_identify_it_later": "Nimeä pääsyavaimesi, jotta voit tunnistaa sen helposti myöhemmin.",
+	"create_api_key": "Luo API-avain",
+	"add_a_new_api_key_for_programmatic_access": "Lisää uusi API-avain ohjelmoitua pääsyä varten <link href='https://pocket-id.org/docs/api'>Pocket ID API</link>:iin.",
+	"add_api_key": "Lisää API-avain",
+	"manage_api_keys": "Hallitse API-avaimia",
+	"api_key_created": "API-avain luotu",
+	"for_security_reasons_this_key_will_only_be_shown_once": "Turvallisuussyistä tämä avain näytetään vain kerran. Säilytä se turvallisessa paikassa.",
+	"description": "Kuvaus",
+	"api_key": "API-avain",
+	"close": "Sulje",
+	"name_to_identify_this_api_key": "Nimi tämän API avaimen tunnistamiseksi.",
+	"expires_at": "Vanhenee",
+	"when_this_api_key_will_expire": "Milloin tämä API-avain vanhenee.",
+	"optional_description_to_help_identify_this_keys_purpose": "Valinnainen kuvaus, joka auttaa tunnistamaan tämän avaimen tarkoituksen.",
+	"expiration_date_must_be_in_the_future": "Päättymispäivän on oltava tulevaisuudessa",
+	"revoke_api_key": "Peruuta API-avain",
+	"never": "Ei koskaan",
+	"revoke": "Peru",
+	"api_key_revoked_successfully": "API-avain peruttu onnistuneesti",
+	"are_you_sure_you_want_to_revoke_the_api_key_apikeyname": "Haluatko varmasti perua API-avaimen \"{apiKeyName}\"? Tämä katkaisee kaikki tämän avaimen käyttävät integraatiot.",
+	"last_used": "Viimeksi käytetty",
+	"actions": "Toiminnot",
+	"images_updated_successfully": "Kuvat päivitetty onnistuneesti. Päivitys voi kestää muutaman minuutin.",
+	"general": "Yleiset",
+	"configure_smtp_to_send_emails": "Ota käyttöön sähköposti-ilmoitukset ilmoittaaksesi käyttäjille, kun kirjautuminen havaitaan uudesta laitteesta tai sijainnista.",
 	"ldap": "LDAP",
-	"configure_ldap_settings_to_sync_users_and_groups_from_an_ldap_server": "Configure LDAP settings to sync users and groups from an LDAP server.",
-	"images": "Images",
-	"update": "Update",
-	"email_configuration_updated_successfully": "Email configuration updated successfully",
-	"save_changes_question": "Save changes?",
-	"you_have_to_save_the_changes_before_sending_a_test_email_do_you_want_to_save_now": "You have to save the changes before sending a test email. Do you want to save now?",
-	"save_and_send": "Save and send",
-	"test_email_sent_successfully": "Test email sent successfully to your email address.",
-	"failed_to_send_test_email": "Failed to send test email. Check the server logs for more information.",
-	"smtp_configuration": "SMTP Configuration",
-	"smtp_host": "SMTP Host",
-	"smtp_port": "SMTP Port",
-	"smtp_user": "SMTP User",
-	"smtp_password": "SMTP Password",
-	"smtp_from": "SMTP From",
-	"smtp_tls_option": "SMTP TLS Option",
-	"email_tls_option": "Email TLS Option",
-	"skip_certificate_verification": "Skip Certificate Verification",
-	"this_can_be_useful_for_selfsigned_certificates": "This can be useful for self-signed certificates.",
-	"enabled_emails": "Enabled Emails",
-	"email_login_notification": "Email Login Notification",
-	"send_an_email_to_the_user_when_they_log_in_from_a_new_device": "Send an email to the user when they log in from a new device.",
-	"emai_login_code_requested_by_user": "Email Login Code Requested by User",
-	"allow_users_to_sign_in_with_a_login_code_sent_to_their_email": "Allows users to bypass passkeys by requesting a login code sent to their email. This significantly reduces security as anyone with access to the user's email can gain entry.",
-	"email_login_code_from_admin": "Email Login Code from Admin",
-	"allows_an_admin_to_send_a_login_code_to_the_user": "Allows an admin to send a login code to the user via email.",
-	"send_test_email": "Send test email",
-	"application_configuration_updated_successfully": "Application configuration updated successfully",
-	"application_name": "Application Name",
-	"session_duration": "Session Duration",
-	"the_duration_of_a_session_in_minutes_before_the_user_has_to_sign_in_again": "The duration of a session in minutes before the user has to sign in again.",
-	"enable_self_account_editing": "Enable Self-Account Editing",
-	"whether_the_users_should_be_able_to_edit_their_own_account_details": "Whether the users should be able to edit their own account details.",
-	"emails_verified": "Emails Verified",
-	"whether_the_users_email_should_be_marked_as_verified_for_the_oidc_clients": "Whether the user's email should be marked as verified for the OIDC clients.",
-	"ldap_configuration_updated_successfully": "LDAP configuration updated successfully",
-	"ldap_disabled_successfully": "LDAP disabled successfully",
-	"ldap_sync_finished": "LDAP sync finished",
-	"client_configuration": "Client Configuration",
+	"configure_ldap_settings_to_sync_users_and_groups_from_an_ldap_server": "Määritä LDAP-asetukset käyttäjien ja ryhmien synkronointia varten LDAP-palvelimelta.",
+	"images": "Kuvat",
+	"update": "Päivitä",
+	"email_configuration_updated_successfully": "Sähköpostiasetukset päivitetty onnistuneesti",
+	"save_changes_question": "Tallenna muutokset?",
+	"you_have_to_save_the_changes_before_sending_a_test_email_do_you_want_to_save_now": "Sinun on tallennettava muutokset ennen testisähköpostin lähettämistä. Haluatko tallentaa nyt?",
+	"save_and_send": "Tallenna ja lähetä",
+	"test_email_sent_successfully": "Testiviesti lähetetty onnistuneesti sähköpostiosoitteeseesi.",
+	"failed_to_send_test_email": "Testisähköpostin lähettäminen epäonnistui. Tarkista lisätietoja palvelimen lokitiedostoista.",
+	"smtp_configuration": "SMTP Asetukset",
+	"smtp_host": "SMTP palvelin",
+	"smtp_port": "SMTP portti",
+	"smtp_user": "SMTP käyttäjä",
+	"smtp_password": "SMTP salasana",
+	"smtp_from": "SMTP lähettäjä",
+	"smtp_tls_option": "SMTP TLS -valinta",
+	"email_tls_option": "Sähköpostin TLS-valinta",
+	"skip_certificate_verification": "Ohita varmenteen vahvistus",
+	"this_can_be_useful_for_selfsigned_certificates": "Tämä voi olla hyödyllistä itse-allekirjoitetuille varmenteille.",
+	"enabled_emails": "Käytössä olevat sähköpostit",
+	"email_login_notification": "Sähköposti-ilmoitus kirjautumisesta",
+	"send_an_email_to_the_user_when_they_log_in_from_a_new_device": "Lähetä käyttäjälle sähköposti, kun hän kirjautuu sisään uudelta laitteelta.",
+	"emai_login_code_requested_by_user": "Käyttäjän pyytämä sähköpostin kirjautumiskoodi",
+	"allow_users_to_sign_in_with_a_login_code_sent_to_their_email": "Antaa käyttäjille mahdollisuuden ohittaa pääsyavaimen pyytämällä kirjautumiskoodin, joka lähetetään heidän sähköpostiinsa. Tämä merkittävästi heikentää turvallisuutta, koska kuka tahansa, jolla on pääsy käyttäjän sähköpostiin, voi kirjautua sisään.",
+	"email_login_code_from_admin": "Sähköpostin kirjautumiskoodi järjestelmänvalvojalta",
+	"allows_an_admin_to_send_a_login_code_to_the_user": "Antaa järjestelmänvalvojalle mahdollisuuden lähettää käyttäjälle kirjautumiskoodi sähköpostitse.",
+	"send_test_email": "Lähetä testisähköposti",
+	"application_configuration_updated_successfully": "Sovelluksen määritykset päivitetty onnistuneesti",
+	"application_name": "Sovelluksen nimi",
+	"session_duration": "Istunnon kesto",
+	"the_duration_of_a_session_in_minutes_before_the_user_has_to_sign_in_again": "Istunnon kesto minuutteina ennen kuin käyttäjän on kirjauduttava uudelleen.",
+	"enable_self_account_editing": "Ota käyttöön tilin itsemuokkaus",
+	"whether_the_users_should_be_able_to_edit_their_own_account_details": "Määrittää voiko käyttäjät itse muokata oman tilinsä tietoja.",
+	"emails_verified": "Sähköpostiosoitteet vahvistettu",
+	"whether_the_users_email_should_be_marked_as_verified_for_the_oidc_clients": "Merkitäänkö käyttäjän sähköpostiosoite vahvistetuksi OIDC-asiakkaille.",
+	"ldap_configuration_updated_successfully": "LDAP-määritykset päivitetty onnistuneesti",
+	"ldap_disabled_successfully": "LDAP poistettu käytöstä onnistuneesti",
+	"ldap_sync_finished": "LDAP-synkronointi valmis",
+	"client_configuration": "Asiakkaan määritys",
 	"ldap_url": "LDAP URL",
 	"ldap_bind_dn": "LDAP Bind DN",
-	"ldap_bind_password": "LDAP Bind Password",
-	"ldap_base_dn": "LDAP Base DN",
-	"user_search_filter": "User Search Filter",
-	"the_search_filter_to_use_to_search_or_sync_users": "The Search filter to use to search/sync users.",
-	"groups_search_filter": "Groups Search Filter",
-	"the_search_filter_to_use_to_search_or_sync_groups": "The Search filter to use to search/sync groups.",
-	"attribute_mapping": "Attribute Mapping",
-	"user_unique_identifier_attribute": "User Unique Identifier Attribute",
-	"the_value_of_this_attribute_should_never_change": "The value of this attribute should never change.",
-	"username_attribute": "Username Attribute",
-	"user_mail_attribute": "User Mail Attribute",
-	"user_first_name_attribute": "User First Name Attribute",
-	"user_last_name_attribute": "User Last Name Attribute",
-	"user_profile_picture_attribute": "User Profile Picture Attribute",
-	"the_value_of_this_attribute_can_either_be_a_url_binary_or_base64_encoded_image": "The value of this attribute can either be a URL, a binary or a base64 encoded image.",
-	"group_members_attribute": "Group Members Attribute",
-	"the_attribute_to_use_for_querying_members_of_a_group": "The attribute to use for querying members of a group.",
-	"group_unique_identifier_attribute": "Group Unique Identifier Attribute",
-	"group_rdn_attribute": "Group RDN Attribute (in DN)",
-	"admin_group_name": "Admin Group Name",
-	"members_of_this_group_will_have_admin_privileges_in_pocketid": "Members of this group will have Admin Privileges in Pocket ID.",
-	"disable": "Disable",
-	"sync_now": "Sync now",
-	"enable": "Enable",
-	"user_created_successfully": "User created successfully",
-	"create_user": "Create User",
-	"add_a_new_user_to_appname": "Add a new user to {appName}",
-	"add_user": "Add User",
-	"manage_users": "Manage Users",
-	"admin_privileges": "Admin Privileges",
-	"admins_have_full_access_to_the_admin_panel": "Admins have full access to the admin panel.",
-	"delete_firstname_lastname": "Delete {firstName} {lastName}",
-	"are_you_sure_you_want_to_delete_this_user": "Are you sure you want to delete this user?",
-	"user_deleted_successfully": "User deleted successfully",
-	"role": "Role",
-	"source": "Source",
-	"admin": "Admin",
-	"user": "User",
-	"local": "Local",
-	"toggle_menu": "Toggle menu",
-	"edit": "Edit",
-	"user_groups_updated_successfully": "User groups updated successfully",
-	"user_updated_successfully": "User updated successfully",
-	"custom_claims_updated_successfully": "Custom claims updated successfully",
-	"back": "Back",
-	"user_details_firstname_lastname": "User Details {firstName} {lastName}",
-	"manage_which_groups_this_user_belongs_to": "Manage which groups this user belongs to.",
-	"custom_claims": "Custom Claims",
-	"custom_claims_are_key_value_pairs_that_can_be_used_to_store_additional_information_about_a_user": "Custom claims are key-value pairs that can be used to store additional information about a user. These claims will be included in the ID token if the scope 'profile' is requested.",
-	"user_group_created_successfully": "User group created successfully",
-	"create_user_group": "Create User Group",
-	"create_a_new_group_that_can_be_assigned_to_users": "Create a new group that can be assigned to users.",
-	"add_group": "Add Group",
-	"manage_user_groups": "Manage User Groups",
-	"friendly_name": "Friendly Name",
-	"name_that_will_be_displayed_in_the_ui": "Name that will be displayed in the UI",
-	"name_that_will_be_in_the_groups_claim": "Name that will be in the \"groups\" claim",
-	"delete_name": "Delete {name}",
-	"are_you_sure_you_want_to_delete_this_user_group": "Are you sure you want to delete this user group?",
-	"user_group_deleted_successfully": "User group deleted successfully",
-	"user_count": "User Count",
-	"user_group_updated_successfully": "User group updated successfully",
-	"users_updated_successfully": "Users updated successfully",
-	"user_group_details_name": "User Group Details {name}",
-	"assign_users_to_this_group": "Assign users to this group.",
-	"custom_claims_are_key_value_pairs_that_can_be_used_to_store_additional_information_about_a_user_prioritized": "Custom claims are key-value pairs that can be used to store additional information about a user. These claims will be included in the ID token if the scope 'profile' is requested. Custom claims defined on the user will be prioritized if there are conflicts.",
-	"oidc_client_created_successfully": "OIDC client created successfully",
-	"create_oidc_client": "Create OIDC Client",
-	"add_a_new_oidc_client_to_appname": "Add a new OIDC client to {appName}.",
-	"add_oidc_client": "Add OIDC Client",
-	"manage_oidc_clients": "Manage OIDC Clients",
-	"one_time_link": "One Time Link",
-	"use_this_link_to_sign_in_once": "Use this link to sign in once. This is needed for users who haven't added a passkey yet or have lost it.",
-	"add": "Add",
-	"callback_urls": "Callback URLs",
-	"logout_callback_urls": "Logout Callback URLs",
-	"public_client": "Public Client",
-	"public_clients_description": "Public clients do not have a client secret. They are designed for mobile, web, and native applications where secrets cannot be securely stored.",
+	"ldap_bind_password": "LDAP Bind Salasana",
+	"ldap_base_dn": "LDAP perus DN",
+	"user_search_filter": "Käyttäjän hakusuodatin",
+	"the_search_filter_to_use_to_search_or_sync_users": "Käyttäjien hakuun/synkronointiin käytettävä hakusuodatin.",
+	"groups_search_filter": "Ryhmien hakusuodatin",
+	"the_search_filter_to_use_to_search_or_sync_groups": "Ryhmien hakuun/synkronointiin käytettävä hakusuodatin.",
+	"attribute_mapping": "Attribuuttien yhdistäminen",
+	"user_unique_identifier_attribute": "Käyttäjän yksilöllinen tunnisteattribuutti",
+	"the_value_of_this_attribute_should_never_change": "Tämän attribuutin arvon ei tulisi koskaan muuttua.",
+	"username_attribute": "Käyttäjänimen attribuutti",
+	"user_mail_attribute": "Käyttäjän sähköpostin attribuutti",
+	"user_first_name_attribute": "Käyttäjän etunimi-attribuutti",
+	"user_last_name_attribute": "Käyttäjän sukunimi-attribuutti",
+	"user_profile_picture_attribute": "Käyttäjän profiilikuva-attribuutti",
+	"the_value_of_this_attribute_can_either_be_a_url_binary_or_base64_encoded_image": "Tämän attribuutin arvo voi olla joko URL, binääri tai base64-koodattu kuva.",
+	"group_members_attribute": "Ryhmän jäsenten attribuutti",
+	"the_attribute_to_use_for_querying_members_of_a_group": "Attribuutti, jota käytetään ryhmän jäsenten kyselyä varten.",
+	"group_unique_identifier_attribute": "Ryhmän yksilöllinen tunnisteattribuutti",
+	"group_rdn_attribute": "Ryhmän RDN-attribuutti (DN:ssä)",
+	"admin_group_name": "Järjestelmänvalvojan ryhmän nimi",
+	"members_of_this_group_will_have_admin_privileges_in_pocketid": "Tämän ryhmän jäsenillä on järjestelmänvalvojan oikeudet Pocket ID:ssä.",
+	"disable": "Poista käytöstä",
+	"sync_now": "Synkronoi nyt",
+	"enable": "Ota käyttöön",
+	"user_created_successfully": "Käyttäjä luotu onnistuneesti",
+	"create_user": "Luo käyttäjä",
+	"add_a_new_user_to_appname": "Lisää käyttäjä palveluun {appName}",
+	"add_user": "Lisää käyttäjä",
+	"manage_users": "Käyttäjien hallinta",
+	"admin_privileges": "Järjestelmänvalvojan oikeudet",
+	"admins_have_full_access_to_the_admin_panel": "Järjestelmänvalvojilla on täysi pääsy hallintapaneeliin.",
+	"delete_firstname_lastname": "Poista {firstName} {lastName}",
+	"are_you_sure_you_want_to_delete_this_user": "Haluatko varmasti poistaa tämän käyttäjän?",
+	"user_deleted_successfully": "Käyttäjä poistettu onnistuneesti",
+	"role": "Rooli",
+	"source": "Lähde",
+	"admin": "Järjestelmänvalvoja",
+	"user": "Käyttäjä",
+	"local": "Paikallinen",
+	"toggle_menu": "Avaa valikko",
+	"edit": "Muokkaa",
+	"user_groups_updated_successfully": "Käyttäjäryhmät päivitetty onnistuneesti",
+	"user_updated_successfully": "Käyttäjä päivitetty onnistuneesti",
+	"custom_claims_updated_successfully": "Mukautetut vaatimukset päivitetty onnistuneesti",
+	"back": "Takaisin",
+	"user_details_firstname_lastname": "Käyttäjän tiedot {firstName} {lastName}",
+	"manage_which_groups_this_user_belongs_to": "Hallitse, mihin ryhmiin tämä käyttäjä kuuluu.",
+	"custom_claims": "Mukautetut vaatimukset",
+	"custom_claims_are_key_value_pairs_that_can_be_used_to_store_additional_information_about_a_user": "Mukautetut vaatimukset ovat avain-arvo-pareja, joita voidaan käyttää käyttäjää koskevien lisätietojen tallentamiseen. Nämä vaatimukset sisällytetään tunnistustunnukseen, jos pyydetään oikeusaluetta \"profile\".",
+	"user_group_created_successfully": "Käyttäjäryhmä luotu onnistuneesti",
+	"create_user_group": "Luo käyttäjäryhmä",
+	"create_a_new_group_that_can_be_assigned_to_users": "Luo uusi ryhmä, joka voidaan määrittää käyttäjille.",
+	"add_group": "Lisää ryhmä",
+	"manage_user_groups": "Hallitse käyttäjäryhmiä",
+	"friendly_name": "Käyttäjäystävälinen nimi",
+	"name_that_will_be_displayed_in_the_ui": "Nimi, joka näkyy käyttöliittymässä",
+	"name_that_will_be_in_the_groups_claim": "Nimi, joka tulee olemaan \"groups\" -vaatimuksessa",
+	"delete_name": "Poista {name}",
+	"are_you_sure_you_want_to_delete_this_user_group": "Haluatko varmasti poistaa tämän käyttäjäryhmän?",
+	"user_group_deleted_successfully": "Käyttäjäryhmä poistettu onnistuneesti",
+	"user_count": "Käyttäjien määrä",
+	"user_group_updated_successfully": "Käyttäjäryhmä päivitetty onnistuneesti",
+	"users_updated_successfully": "Käyttäjät päivitetty onnistuneesti",
+	"user_group_details_name": "Käyttäjäryhmän tiedot {name}",
+	"assign_users_to_this_group": "Määritä käyttäjät tähän ryhmään.",
+	"custom_claims_are_key_value_pairs_that_can_be_used_to_store_additional_information_about_a_user_prioritized": "Mukautetut vaatimukset ovat avain-arvo-pareja, joita voidaan käyttää käyttäjää koskevien lisätietojen tallentamiseen. Nämä vaatimukset sisällytetään tunnistustunnukseen, jos pyydetään oikeusaluetta \"profiili\". Käyttäjälle määritellyt mukautetut vaatimukset asetetaan etusijalle, jos esiintyy ristiriitoja.",
+	"oidc_client_created_successfully": "OIDC-asiakasohjelma luotu onnistuneesti",
+	"create_oidc_client": "Luo OIDC-asiakas",
+	"add_a_new_oidc_client_to_appname": "Lisää uusi OIDC-asiakasohjelma {appName} palveluun.",
+	"add_oidc_client": "Lisää OIDC-asiakas",
+	"manage_oidc_clients": "Hallitse OIDC-asiakkaita",
+	"one_time_link": "Kertakäyttöinen linkki",
+	"use_this_link_to_sign_in_once": "Käytä tätä linkkiä kirjautuaksesi sisään kerran. Tätä tarvitaan käyttäjille, jotka eivät ole vielä lisänneet pääsyavainta tai ovat kadottaneet sen.",
+	"add": "Lisää",
+	"callback_urls": "Takaisinkutsu-URL",
+	"logout_callback_urls": "Uloskirjautumisen takaisinkutsun URL",
+	"public_client": "Julkinen asiakas",
+	"public_clients_description": "Julkisilla asiakkailla ei ole asiakassalaisuutta. Ne on suunniteltu mobiili-, web- ja natiivisovelluksiin, joissa salaisuuksia ei voida tallentaa turvallisesti.",
 	"pkce": "PKCE",
-	"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Code Exchange is a security feature to prevent CSRF and authorization code interception attacks.",
-	"requires_reauthentication": "Requires Re-Authentication",
-	"requires_users_to_authenticate_again_on_each_authorization": "Requires users to authenticate again on each authorization, even if already signed in",
+	"public_key_code_exchange_is_a_security_feature_to_prevent_csrf_and_authorization_code_interception_attacks": "Public Key Code Exchange on tietoturvatoiminto, joka estää CSRF:n ja valtuutuskoodin sieppaushyökkäykset.",
+	"requires_reauthentication": "Vaatii uudelleentodennuksen",
+	"requires_users_to_authenticate_again_on_each_authorization": "Vaatii käyttäjiltä uuden todennuksen jokaisella valtuutuksella, vaikka he olisivat jo kirjautuneet sisään",
 	"name_logo": "{name} logo",
-	"change_logo": "Change Logo",
-	"upload_logo": "Upload Logo",
-	"remove_logo": "Remove Logo",
-	"are_you_sure_you_want_to_delete_this_oidc_client": "Are you sure you want to delete this OIDC client?",
-	"oidc_client_deleted_successfully": "OIDC client deleted successfully",
-	"authorization_url": "Authorization URL",
+	"change_logo": "Vaihda logo",
+	"upload_logo": "Lataa logo",
+	"remove_logo": "Poista logo",
+	"are_you_sure_you_want_to_delete_this_oidc_client": "Haluatko varmasti poistaa tämän OIDC-asiakkaan?",
+	"oidc_client_deleted_successfully": "OIDC-asiakasohjelma poistettu onnistuneesti",
+	"authorization_url": "Valtuutuksen URL",
 	"oidc_discovery_url": "OIDC Discovery URL",
-	"token_url": "Token URL",
-	"userinfo_url": "Userinfo URL",
-	"logout_url": "Logout URL",
-	"certificate_url": "Certificate URL",
-	"enabled": "Enabled",
-	"disabled": "Disabled",
-	"oidc_client_updated_successfully": "OIDC client updated successfully",
-	"create_new_client_secret": "Create new client secret",
-	"are_you_sure_you_want_to_create_a_new_client_secret": "Are you sure you want to create a new client secret? The old one will be invalidated.",
-	"generate": "Generate",
-	"new_client_secret_created_successfully": "New client secret created successfully",
-	"allowed_user_groups_updated_successfully": "Allowed user groups updated successfully",
-	"oidc_client_name": "OIDC Client {name}",
-	"client_id": "Client ID",
-	"client_secret": "Client secret",
-	"show_more_details": "Show more details",
-	"allowed_user_groups": "Allowed User Groups",
-	"add_user_groups_to_this_client_to_restrict_access_to_users_in_these_groups": "Add user groups to this client to restrict access to users in these groups. If no user groups are selected, all users will have access to this client.",
-	"favicon": "Favicon",
-	"light_mode_logo": "Light Mode Logo",
-	"dark_mode_logo": "Dark Mode Logo",
-	"background_image": "Background Image",
-	"language": "Language",
-	"reset_profile_picture_question": "Reset profile picture?",
-	"this_will_remove_the_uploaded_image_and_reset_the_profile_picture_to_default": "This will remove the uploaded image and reset the profile picture to default. Do you want to continue?",
-	"reset": "Reset",
-	"reset_to_default": "Reset to default",
-	"profile_picture_has_been_reset": "Profile picture has been reset. It may take a few minutes to update.",
-	"select_the_language_you_want_to_use": "Select the language you want to use. Please note that some text may be automatically translated and could be inaccurate.",
-	"contribute_to_translation": "If you find an issue you're welcome to contribute to the translation on <link href='https://crowdin.com/project/pocket-id'>Crowdin</link>.",
-	"personal": "Personal",
-	"global": "Global",
-	"all_users": "All Users",
-	"all_events": "All Events",
-	"all_clients": "All Clients",
-	"all_locations": "All Locations",
-	"global_audit_log": "Global Audit Log",
-	"see_all_account_activities_from_the_last_3_months": "See all user activity for the last 3 months.",
-	"token_sign_in": "Token Sign In",
-	"client_authorization": "Client Authorization",
-	"new_client_authorization": "New Client Authorization",
-	"device_code_authorization": "Device Code Authorization",
-	"new_device_code_authorization": "New Device Code Authorization",
-	"passkey_added": "Passkey Added",
-	"passkey_removed": "Passkey Removed",
-	"disable_animations": "Disable Animations",
-	"turn_off_ui_animations": "Turn off animations throughout the UI.",
-	"user_disabled": "Account Disabled",
-	"disabled_users_cannot_log_in_or_use_services": "Disabled users cannot log in or use services.",
-	"user_disabled_successfully": "User has been disabled successfully.",
-	"user_enabled_successfully": "User has been enabled successfully.",
-	"status": "Status",
-	"disable_firstname_lastname": "Disable {firstName} {lastName}",
-	"are_you_sure_you_want_to_disable_this_user": "Are you sure you want to disable this user? They will not be able to log in or access any services.",
-	"ldap_soft_delete_users": "Keep disabled users from LDAP.",
-	"ldap_soft_delete_users_description": "When enabled, users removed from LDAP will be disabled rather than deleted from the system.",
-	"login_code_email_success": "The login code has been sent to the user.",
-	"send_email": "Send Email",
-	"show_code": "Show Code",
-	"callback_url_description": "URL(s) provided by your client. Will be automatically added if left blank. Wildcards (*) are supported, but best avoided for better security.",
-	"logout_callback_url_description": "URL(s) provided by your client for logout. Wildcards (*) are supported, but best avoided for better security.",
-	"api_key_expiration": "API Key Expiration",
-	"send_an_email_to_the_user_when_their_api_key_is_about_to_expire": "Send an email to the user when their API key is about to expire.",
-	"authorize_device": "Authorize Device",
-	"the_device_has_been_authorized": "The device has been authorized.",
-	"enter_code_displayed_in_previous_step": "Enter the code that was displayed in the previous step.",
-	"authorize": "Authorize",
-	"federated_client_credentials": "Federated Client Credentials",
-	"federated_client_credentials_description": "Using federated client credentials, you can authenticate OIDC clients using JWT tokens issued by third-party authorities.",
-	"add_federated_client_credential": "Add Federated Client Credential",
-	"add_another_federated_client_credential": "Add another federated client credential",
-	"oidc_allowed_group_count": "Allowed Group Count",
-	"unrestricted": "Unrestricted",
-	"show_advanced_options": "Show Advanced Options",
-	"hide_advanced_options": "Hide Advanced Options",
-	"oidc_data_preview": "OIDC Data Preview",
-	"preview_the_oidc_data_that_would_be_sent_for_different_users": "Preview the OIDC data that would be sent for different users",
-	"id_token": "ID Token",
-	"access_token": "Access Token",
-	"userinfo": "Userinfo",
-	"id_token_payload": "ID Token Payload",
-	"access_token_payload": "Access Token Payload",
-	"userinfo_endpoint_response": "Userinfo Endpoint Response",
-	"copy": "Copy",
-	"no_preview_data_available": "No preview data available",
-	"copy_all": "Copy All",
-	"preview": "Preview",
-	"preview_for_user": "Preview for {name}",
-	"preview_the_oidc_data_that_would_be_sent_for_this_user": "Preview the OIDC data that would be sent for this user",
-	"show": "Show",
-	"select_an_option": "Select an option",
-	"select_user": "Select User",
-	"error": "Error",
-	"select_an_accent_color_to_customize_the_appearance_of_pocket_id": "Select an accent color to customize the appearance of Pocket ID.",
-	"accent_color": "Accent Color",
-	"custom_accent_color": "Custom Accent Color",
-	"custom_accent_color_description": "Enter a custom color using valid CSS color formats (e.g., hex, rgb, hsl).",
-	"color_value": "Color Value",
-	"apply": "Apply",
-	"signup_token": "Signup Token",
-	"create_a_signup_token_to_allow_new_user_registration": "Create a signup token to allow new user registration.",
-	"usage_limit": "Usage Limit",
-	"number_of_times_token_can_be_used": "Number of times the signup token can be used.",
-	"expires": "Expires",
-	"signup": "Sign Up",
-	"user_creation": "User Creation",
-	"configure_user_creation": "Manage user creation settings, including signup methods and default permissions for new users.",
-	"user_creation_groups_description": "Assign these groups automatically to new users upon signup.",
-	"user_creation_claims_description": "Assign these custom claims automatically to new users upon signup.",
-	"user_creation_updated_successfully": "User creation settings updated successfully.",
-	"signup_disabled_description": "User signups are completely disabled. Only administrators can create new user accounts.",
-	"signup_requires_valid_token": "A valid signup token is required to create an account",
-	"validating_signup_token": "Validating signup token",
-	"go_to_login": "Go to login",
-	"signup_to_appname": "Sign Up to {appName}",
-	"create_your_account_to_get_started": "Create your account to get started.",
-	"initial_account_creation_description": "Please create your account to get started. You will be able to set up a passkey later.",
-	"setup_your_passkey": "Set up your passkey",
-	"create_a_passkey_to_securely_access_your_account": "Create a passkey to securely access your account. This will be your primary way to sign in.",
-	"skip_for_now": "Skip for now",
-	"account_created": "Account Created",
-	"enable_user_signups": "Enable User Signups",
-	"enable_user_signups_description": "Decide how users can sign up for new accounts in Pocket ID.",
-	"user_signups_are_disabled": "User signups are currently disabled",
-	"create_signup_token": "Create Signup Token",
-	"view_active_signup_tokens": "View Active Signup Tokens",
-	"manage_signup_tokens": "Manage Signup Tokens",
-	"view_and_manage_active_signup_tokens": "View and manage active signup tokens.",
-	"signup_token_deleted_successfully": "Signup token deleted successfully.",
-	"expired": "Expired",
-	"used_up": "Used Up",
-	"active": "Active",
-	"usage": "Usage",
-	"created": "Created",
-	"token": "Token",
-	"loading": "Loading",
-	"delete_signup_token": "Delete Signup Token",
-	"are_you_sure_you_want_to_delete_this_signup_token": "Are you sure you want to delete this signup token? This action cannot be undone.",
-	"signup_with_token": "Signup with token",
-	"signup_with_token_description": "Users can only sign up using a valid signup token created by an administrator.",
-	"signup_open": "Open Signup",
-	"signup_open_description": "Anyone can create a new account without restrictions.",
-	"of": "of",
-	"skip_passkey_setup": "Skip Passkey Setup",
-	"skip_passkey_setup_description": "It's highly recommended to set up a passkey because without one, you will be locked out of your account as soon as the session expires.",
-	"my_apps": "My Apps",
-	"no_apps_available": "No apps available",
-	"contact_your_administrator_for_app_access": "Contact your administrator to get access to applications.",
-	"launch": "Launch",
-	"client_launch_url": "Client Launch URL",
-	"client_launch_url_description": "The URL that will be opened when a user launches the app from the My Apps page.",
-	"client_name_description": "The name of the client that shows in the Pocket ID UI.",
-	"revoke_access": "Revoke Access",
-	"revoke_access_description": "Revoke access to <b>{clientName}</b>. <b>{clientName}</b> will no longer be able to access your account information.",
-	"revoke_access_successful": "The access to {clientName} has been successfully revoked.",
-	"last_signed_in_ago": "Last signed in {time} ago",
-	"invalid_client_id": "Client ID can only contain letters, numbers, underscores, and hyphens",
-	"custom_client_id_description": "Set a custom client ID if this is required by your application. Otherwise, leave it blank to generate a random one.",
-	"generated": "Generated",
-	"administration": "Administration",
-	"group_rdn_attribute_description": "The attribute used in the groups distinguished name (DN).",
-	"display_name_attribute": "Display Name Attribute",
-	"display_name": "Display Name",
-	"configure_application_images": "Configure Application Images",
-	"ui_config_disabled_info_title": "UI Configuration Disabled",
-	"ui_config_disabled_info_description": "The UI configuration is disabled because the application configuration settings are managed through environment variables. Some settings may not be editable.",
-	"logo_from_url_description": "Paste a direct image URL (svg, png, webp). Find icons at <link  href=\"https://selfh.st/icons\">Selfh.st Icons</link> or <link href=\"https://dashboardicons.com\">Dashboard Icons</link>.",
-	"invalid_url": "Invalid URL",
-	"require_user_email": "Require Email Address",
-	"require_user_email_description": "Requires users to have an email address. If disabled, the users without an email address won't be able to use features that require an email address.",
-	"view": "View",
-	"toggle_columns": "Toggle columns",
-	"locale": "Locale",
+	"token_url": "Tokenin URL",
+	"userinfo_url": "Käyttäjätietojen URL-osoite",
+	"logout_url": "Uloskirjautumisen URL-osoite",
+	"certificate_url": "Sertifikaatin URL-osoite",
+	"enabled": "Käytössä",
+	"disabled": "Pois käytöstä",
+	"oidc_client_updated_successfully": "OIDC-asiakasohjelma päivitetty onnistuneesti",
+	"create_new_client_secret": "Luo uusi asiakassalaisuus",
+	"are_you_sure_you_want_to_create_a_new_client_secret": "Haluatko varmasti luoda uuden asiakassalaisuuden? Vanha salaisuus mitätöidään.",
+	"generate": "Luo",
+	"new_client_secret_created_successfully": "Uusi asiakassalaisuus luotu onnistuneesti",
+	"allowed_user_groups_updated_successfully": "Sallitut käyttäjäryhmät päivitetty onnistuneesti",
+	"oidc_client_name": "OIDC-asiakas {name}",
+	"client_id": "Asiakas ID",
+	"client_secret": "Asiakkaan salaisuus",
+	"show_more_details": "Näytä lisätietoja",
+	"allowed_user_groups": "Sallitut käyttäjäryhmät",
+	"add_user_groups_to_this_client_to_restrict_access_to_users_in_these_groups": "Lisää käyttäjäryhmiä tähän asiakkaaseen rajoittaaksesi pääsyn näiden ryhmien käyttäjille. Jos käyttäjäryhmiä ei ole valittu, kaikki käyttäjät pääsevät käyttämään tätä asiakasta.",
+	"favicon": "Sivustokuvake",
+	"light_mode_logo": "Vaalean tilan logo",
+	"dark_mode_logo": "Tumman tilan logo",
+	"background_image": "Taustakuva",
+	"language": "Kieli",
+	"reset_profile_picture_question": "Palautetaanko profiilikuva?",
+	"this_will_remove_the_uploaded_image_and_reset_the_profile_picture_to_default": "Tämä poistaa ladatun kuvan ja palauttaa profiilikuva oletusasetuksiin. Haluatko jatkaa?",
+	"reset": "Palauta",
+	"reset_to_default": "Palauta oletukset",
+	"profile_picture_has_been_reset": "Profiilikuva on nollattu. Päivitys voi kestää muutaman minuutin.",
+	"select_the_language_you_want_to_use": "Valitse haluamasi kieli. Huomaa, että osa tekstistä saatetaan kääntää automaattisesti, jolloin käännös voi olla epätarkka.",
+	"contribute_to_translation": "Jos löydät ongelman, voit osallistua käännöstyöhön <link href='https://crowdin.com/project/pocket-id'>Crowdinissa</link>.",
+	"personal": "Henkilökohtainen",
+	"global": "Globaali",
+	"all_users": "Kaikki käyttäjät",
+	"all_events": "Kaikki tapahtumat",
+	"all_clients": "Kaikki asiakkaat",
+	"all_locations": "Kaikki sijainnit",
+	"global_audit_log": "Globaali tarkastusloki",
+	"see_all_account_activities_from_the_last_3_months": "Katso kaikkien käyttäjien toiminnot viimeisen 3 kuukauden ajalta.",
+	"token_sign_in": "Tunnuksella kirjautuminen",
+	"client_authorization": "Asiakkaan valtuutus",
+	"new_client_authorization": "Uuden asiakkaan valtuutus",
+	"device_code_authorization": "Laitteen koodivaltuutus",
+	"new_device_code_authorization": "Uuden laitteen koodivaltuutus",
+	"passkey_added": "Pääsyavain lisättiin",
+	"passkey_removed": "Pääsyavain poistettiin",
+	"disable_animations": "Poista animaatiot käytöstä",
+	"turn_off_ui_animations": "Poista animaatiot käytöstä koko käyttöliittymässä.",
+	"user_disabled": "Tili poistettu käytöstä",
+	"disabled_users_cannot_log_in_or_use_services": "Käytöstä poistetut käyttäjät eivät voi kirjautua sisään tai käyttää palveluita.",
+	"user_disabled_successfully": "Käyttäjä on poistettu käytöstä onnistuneesti.",
+	"user_enabled_successfully": "Käyttäjä on otettu käyttöön onnistuneesti.",
+	"status": "Tila",
+	"disable_firstname_lastname": "Poista käytöstä {firstName} {lastName}",
+	"are_you_sure_you_want_to_disable_this_user": "Haluatko varmasti poistaa tämän käyttäjän käytöstä? Hän ei voi kirjautua sisään tai käyttää mitään palveluita.",
+	"ldap_soft_delete_users": "Säilytä LDAP:sta käytöstä poistetut käyttäjät.",
+	"ldap_soft_delete_users_description": "Kun tämä toiminto on käytössä, LDAP:sta poistetut käyttäjät merkitään käytöstä poistetuiksi sen sijaan, että ne poistettaisiin järjestelmästä kokonaan.",
+	"login_code_email_success": "Pääsyavain poistettiin",
+	"send_email": "Lähetä sähköposti",
+	"show_code": "Näytä koodi",
+	"callback_url_description": "Asiakkaasi antamat URL-osoitteet. Lisätään automaattisesti, jos kenttä jätetään tyhjäksi. Villikortit (*) ovat tuettuja, mutta niitä on parempi välttää turvallisuussyistä.",
+	"logout_callback_url_description": "Asiakkaasi antamat URL-osoitteet kirjautumiseen. Villikortit (*) ovat tuettuja, mutta niitä on parempi välttää turvallisuuden vuoksi.",
+	"api_key_expiration": "API-avaimen voimassaolon päättyminen",
+	"send_an_email_to_the_user_when_their_api_key_is_about_to_expire": "Lähetä käyttäjälle sähköpostiviesti, kun hänen API-avaimensa on vanhentumassa.",
+	"authorize_device": "Valtuuta laite",
+	"the_device_has_been_authorized": "Laite on valtuutettu.",
+	"enter_code_displayed_in_previous_step": "Syötä edellisessä vaiheessa näkynyt koodi.",
+	"authorize": "Salli",
+	"federated_client_credentials": "Federoidut asiakastunnukset",
+	"federated_client_credentials_description": "Yhdistettyjen asiakastunnistetietojen avulla voit todentaa OIDC-asiakkaat kolmannen osapuolen myöntämillä JWT-tunnuksilla.",
+	"add_federated_client_credential": "Lisää federoitu asiakastunnus",
+	"add_another_federated_client_credential": "Lisää toinen federoitu asiakastunnus",
+	"oidc_allowed_group_count": "Sallittujen ryhmien määrä",
+	"unrestricted": "Rajoittamaton",
+	"show_advanced_options": "Näytä lisäasetukset",
+	"hide_advanced_options": "Piilota lisäasetukset",
+	"oidc_data_preview": "OIDC-tietojen esikatselu",
+	"preview_the_oidc_data_that_would_be_sent_for_different_users": "Esikatsele OIDC-tiedot, jotka lähetetään eri käyttäjille",
+	"id_token": "ID-tunnus",
+	"access_token": "Käyttöoikeustunnus",
+	"userinfo": "Käyttäjätieto",
+	"id_token_payload": "ID tunnuksen data",
+	"access_token_payload": "Pääsytunnuksen data",
+	"userinfo_endpoint_response": "Käyttäjätietojen päätepisteen vastaus",
+	"copy": "Kopioi",
+	"no_preview_data_available": "Esikatselutietoja ei saatavilla",
+	"copy_all": "Kopioi kaikki",
+	"preview": "Esikatsele",
+	"preview_for_user": "Esikatsele käyttäjänä {name}",
+	"preview_the_oidc_data_that_would_be_sent_for_this_user": "Esikatsele OIDC-tiedot, jotka lähetetään tälle käyttäjälle",
+	"show": "Näytä",
+	"select_an_option": "Valitse vaihtoehto",
+	"select_user": "Valitse käyttäjä",
+	"error": "Virhe",
+	"select_an_accent_color_to_customize_the_appearance_of_pocket_id": "Valitse korostusväri Pocket ID:n ulkoasun mukauttamiseksi.",
+	"accent_color": "Korostusväri",
+	"custom_accent_color": "Mukautettu korostusväri",
+	"custom_accent_color_description": "Syötä mukautettu väri käyttämällä CSS-väriformaatteja (esim. hex, rgb, hsl).",
+	"color_value": "Väriarvo",
+	"apply": "Käytä",
+	"signup_token": "Rekisteröitymistunnus",
+	"create_a_signup_token_to_allow_new_user_registration": "Luo rekisteröitymistunnus, jotta uudet käyttäjät voivat rekisteröityä.",
+	"usage_limit": "Käyttöraja",
+	"number_of_times_token_can_be_used": "Kuinka monta kertaa rekisteröitymistunnusta voidaan käyttää.",
+	"expires": "Vanhenee",
+	"signup": "Rekisteröidy",
+	"user_creation": "Käyttäjän luominen",
+	"configure_user_creation": "Hallitse käyttäjien luomisen asetuksia, mukaan lukien rekisteröitymistavat ja uusien käyttäjien oletusluvat.",
+	"user_creation_groups_description": "Määritä nämä ryhmät automaattisesti uusille käyttäjille rekisteröitymisen yhteydessä.",
+	"user_creation_claims_description": "Määritä nämä mukautetut vaatimukset automaattisesti uusille käyttäjille rekisteröitymisen yhteydessä.",
+	"user_creation_updated_successfully": "Käyttäjän luomisen asetukset päivitetty onnistuneesti.",
+	"signup_disabled_description": "Käyttäjien rekisteröityminen on kokonaan estetty. Vain järjestelmänvalvojat voivat luoda uusia käyttäjätilejä.",
+	"signup_requires_valid_token": "Tilisi luomiseen tarvitaan voimassa oleva rekisteröitymistunnus",
+	"validating_signup_token": "Kirjautumistunnuksen validointi",
+	"go_to_login": "Siirry kirjautumiseen",
+	"signup_to_appname": "Rekisteröidy palveluun {appName}",
+	"create_your_account_to_get_started": "Luo käyttäjä alottaaksesi.",
+	"initial_account_creation_description": "Luo tili aloittaaksesi. Voit asettaa pääsyavaimen myöhemmin.",
+	"setup_your_passkey": "Määritä pääsyavain",
+	"create_a_passkey_to_securely_access_your_account": "Luo pääsyavain, jolla voit kirjautua sisään tiliisi turvallisesti. Tämä tulee olemaan ensisijainen tapasi kirjautua sisään.",
+	"skip_for_now": "Ohita toistaiseksi",
+	"account_created": "Tili luotu",
+	"enable_user_signups": "Ota käyttäjien rekisteröityminen käyttöön",
+	"enable_user_signups_description": "Päätä, miten käyttäjät voivat rekisteröidä uusia tilejä Pocket ID:ssä.",
+	"user_signups_are_disabled": "Käyttäjien rekisteröityminen on tällä hetkellä pois käytöstä",
+	"create_signup_token": "Luo rekisteröitymistunnus",
+	"view_active_signup_tokens": "Näytä aktiiviset rekisteröitymistunnukset",
+	"manage_signup_tokens": "Hallitse rekisteröitymistunnuksia",
+	"view_and_manage_active_signup_tokens": "Tarkastele ja hallitse aktiivisia rekisteröitymistunnuksia.",
+	"signup_token_deleted_successfully": "Rekisteröitymistunnus poistettu onnistuneesti.",
+	"expired": "Vanhentunut",
+	"used_up": "Käytetty loppuun",
+	"active": "Aktiivinen",
+	"usage": "Käyttö",
+	"created": "Luotu",
+	"token": "Tunnus",
+	"loading": "Ladataan",
+	"delete_signup_token": "Poista rekisteröitymistunnus",
+	"are_you_sure_you_want_to_delete_this_signup_token": "Haluatko varmasti poistaa tämän rekisteröitymistunnuksen? Tätä toimintoa ei voi peruuttaa.",
+	"signup_with_token": "Rekisteröidy tunnuksella",
+	"signup_with_token_description": "Käyttäjät voivat rekisteröityä vain käyttämällä järjestelmänvalvojan luomaa voimassa olevaa rekisteröitymistunnusta.",
+	"signup_open": "Avoin rekisteröityminen",
+	"signup_open_description": "Kuka tahansa voi luoda uuden tilin ilman rajoituksia.",
+	"of": "/",
+	"skip_passkey_setup": "Ohita pääsyavaimen määritys",
+	"skip_passkey_setup_description": "On erittäin suositeltavaa asettaa pääsyavain, koska ilman sitä tilisi lukkiutuu heti, kun istunto vanhenee.",
+	"my_apps": "Omat sovellukset",
+	"no_apps_available": "Ei sovelluksia saatavilla",
+	"contact_your_administrator_for_app_access": "Ota yhteyttä järjestelmänvalvojaan saadaksesi pääsyn sovelluksiin.",
+	"launch": "Avaa",
+	"client_launch_url": "Asiakkaan käynnistys-URL",
+	"client_launch_url_description": "URL-osoite, joka avautuu, kun käyttäjä käynnistää sovelluksen Omat sovellukset -sivulta.",
+	"client_name_description": "Asiakkaan nimi, joka näkyy Pocket ID käyttöliittymässä.",
+	"revoke_access": "Peru käyttöoikeus",
+	"revoke_access_description": "Peruuta käyttöoikeus palveluun <b>{clientName}</b>. <b>{clientName}</b> palvelu ei voi enää käyttää tilisi tietoja.",
+	"revoke_access_successful": "Pääsy palveluun {clientName} on peruutettu onnistuneesti.",
+	"last_signed_in_ago": "Viimeksi kirjautunut {time} sitten",
+	"invalid_client_id": "Asiakastunnus voi sisältää vain kirjaimia, numeroita, alaviivoja ja väliviivoja",
+	"custom_client_id_description": "Aseta mukautettu asiakastunnus, jos sovelluksesi sitä vaatii. Muussa tapauksessa jätä kenttä tyhjäksi, jotta järjestelmä luo satunnaisen tunnuksen.",
+	"generated": "Luotu",
+	"administration": "Ylläpito",
+	"group_rdn_attribute_description": "Ryhmien erottavassa nimessä (DN) käytetty attribuutti.",
+	"display_name_attribute": "Näytönimien attribuutti",
+	"display_name": "Näyttönimi",
+	"configure_application_images": "Määritä sovelluksen kuvat",
+	"ui_config_disabled_info_title": "UI-asetukset poistettu käytöstä",
+	"ui_config_disabled_info_description": "Käyttöliittymän asetukset on poistettu käytöstä, koska sovelluksen asetuksia hallitaan ympäristömuuttujien avulla. Joitakin asetuksia ei ehkä voi muokata.",
+	"logo_from_url_description": "Liitä suora kuvan URL-osoite (svg, png, webp). Löydät kuvakkeita osoitteesta <link  href=\"https://selfh.st/icons\">Selfh.st Icons</link> tai <link href=\"https://dashboardicons.com\">Dashboard Icons</link>.",
+	"invalid_url": "Virheellinen URL-osoite",
+	"require_user_email": "Vaadi sähköpostiosoite",
+	"require_user_email_description": "Vaatii käyttäjiltä sähköpostiosoitteen. Jos tämä asetus on pois käytöstä, käyttäjät, joilla ei ole sähköpostiosoitetta, eivät voi käyttää ominaisuuksia, jotka edellyttävät sähköpostiosoitetta.",
+	"view": "Näytä",
+	"toggle_columns": "Näytä sarakkeet",
+	"locale": "Kieli",
 	"ldap_id": "LDAP ID",
-	"reauthentication": "Re-authentication",
-	"clear_filters": "Clear Filters",
-	"default_profile_picture": "Default Profile Picture",
-	"light": "Light",
-	"dark": "Dark",
-	"system": "System"
+	"reauthentication": "Uudelleentodentaminen",
+	"clear_filters": "Tyhjennä suodattimet",
+	"default_profile_picture": "Oletusprofiilikuva",
+	"light": "Vaalea",
+	"dark": "Tumma",
+	"system": "Järjestelmä"
 }

frontend/messages/fr.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Photo de profil",
 	"profile_picture_is_managed_by_ldap_server": "La photo de profil est gérée par le serveur LDAP et ne peut pas être modifiée ici.",
 	"click_profile_picture_to_upload_custom": "Cliquez sur la photo de profil pour télécharger une photo depuis votre ordinateur.",
-	"image_should_be_in_format": "L'image doit être au format PNG ou JPEG.",
+	"image_should_be_in_format": "L'image doit être au format PNG, JPEG ou WEBP.",
 	"items_per_page": "Éléments par page",
 	"no_items_found": "Aucune donnée trouvée",
 	"select_items": "Sélectionner des éléments...",

frontend/messages/it.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Immagine del profilo",
 	"profile_picture_is_managed_by_ldap_server": "L'immagine del profilo è gestita dal server LDAP e non può essere modificata qui.",
 	"click_profile_picture_to_upload_custom": "Clicca sull'immagine del profilo per caricarne una personalizzata dai tuoi file.",
-	"image_should_be_in_format": "L'immagine deve essere in formato PNG o JPEG.",
+	"image_should_be_in_format": "L'immagine deve essere in formato PNG, JPEG o WEBP.",
 	"items_per_page": "Elementi per pagina",
 	"no_items_found": "Nessun elemento trovato",
 	"select_items": "Scegli gli articoli...",

frontend/messages/ja.json

@@ -14,7 +14,7 @@
 	"profile_picture": "プロフィール画像",
 	"profile_picture_is_managed_by_ldap_server": "プロフィール画像はLDAPサーバーによって管理されており、ここでは変更できません。",
 	"click_profile_picture_to_upload_custom": "プロフィール画像をクリックして、ファイルからカスタム画像をアップロードします。",
-	"image_should_be_in_format": "画像はPNGまたはJPEG形式である必要があります。",
+	"image_should_be_in_format": "画像はPNG、JPEG、またはWEBP形式である必要があります。",
 	"items_per_page": "ページあたりの表示件数",
 	"no_items_found": "項目が見つかりません",
 	"select_items": "項目を選択…",

frontend/messages/ko.json

@@ -14,7 +14,7 @@
 	"profile_picture": "프로필 사진",
 	"profile_picture_is_managed_by_ldap_server": "프로필 사진이 LDAP 서버에서 관리되어 여기에서 변경할 수 없습니다.",
 	"click_profile_picture_to_upload_custom": "프로필 사진을 클릭하여 파일에서 사용자 정의 사진을 업로드하세요.",
-	"image_should_be_in_format": "이미지는 PNG 또는 JPEG 형식이어야 합니다.",
+	"image_should_be_in_format": "이미지는 PNG, JPEG 또는 WEBP 형식이어야 합니다.",
 	"items_per_page": "페이지당 항목",
 	"no_items_found": "항목 없음",
 	"select_items": "항목을 선택하세요...",

frontend/messages/nl.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profielfoto",
 	"profile_picture_is_managed_by_ldap_server": "De profielfoto wordt beheerd door de LDAP-server en kan hier niet worden gewijzigd.",
 	"click_profile_picture_to_upload_custom": "Klik op de profielfoto om een aangepaste foto uit je bestanden te uploaden.",
-	"image_should_be_in_format": "De afbeelding moet in PNG- of JPEG-formaat zijn.",
+	"image_should_be_in_format": "De afbeelding moet in PNG-, JPEG- of WEBP-formaat zijn.",
 	"items_per_page": "Aantal per pagina",
 	"no_items_found": "Geen items gevonden",
 	"select_items": "Kies items...",

frontend/messages/pl.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Zdjęcie profilowe",
 	"profile_picture_is_managed_by_ldap_server": "Zdjęcie profilowe jest zarządzane przez serwer LDAP i nie można go tutaj zmienić.",
 	"click_profile_picture_to_upload_custom": "Kliknij zdjęcie profilowe, aby przesłać własne z plików.",
-	"image_should_be_in_format": "Obraz powinien być w formacie PNG lub JPEG.",
+	"image_should_be_in_format": "Obraz powinien być w formacie PNG, JPEG lub WEBP.",
 	"items_per_page": "Elementów na stronę",
 	"no_items_found": "Nie znaleziono żadnych elementów",
 	"select_items": "Wybierz elementy...",

frontend/messages/pt-BR.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Foto de Perfil",
 	"profile_picture_is_managed_by_ldap_server": "A foto de perfil é gerenciada pelo servidor LDAP e não pode ser alterada aqui.",
 	"click_profile_picture_to_upload_custom": "Clique na foto de perfil para enviar uma imagem personalizada dos seus arquivos.",
-	"image_should_be_in_format": "A imagem deve estar no formato PNG ou JPEG.",
+	"image_should_be_in_format": "A imagem deve estar no formato PNG, JPEG ou WEBP.",
 	"items_per_page": "Itens por página",
 	"no_items_found": "Nada foi encontrado",
 	"select_items": "Selecione os itens...",

frontend/messages/ru.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Изображение профиля",
 	"profile_picture_is_managed_by_ldap_server": "Изображение профиля управляется сервером LDAP и не может быть изменено здесь.",
 	"click_profile_picture_to_upload_custom": "Нажмите на изображение профиля, чтобы загрузить его из ваших файлов.",
-	"image_should_be_in_format": "Изображение должно быть в формате PNG или JPEG.",
+	"image_should_be_in_format": "Изображение должно быть в формате PNG, JPEG или WEBP.",
 	"items_per_page": "Элементов на странице",
 	"no_items_found": "Элементы не найдены",
 	"select_items": "Выбрать элементы...",
@@ -155,7 +155,7 @@
 	"are_you_sure_you_want_to_revoke_the_api_key_apikeyname": "Вы уверены, что хотите отозвать ключ API \"{apiKeyName}\"? Любые интеграции, использующие этот ключ, перестанут работать.",
 	"last_used": "Последнее использование",
 	"actions": "Действия",
-	"images_updated_successfully": "Изображения обновились, но может занять пару минут.",
+	"images_updated_successfully": "Изображения успешно обновлены. Это может занять пару минут для обновления.",
 	"general": "Общее",
 	"configure_smtp_to_send_emails": "Включить уведомления пользователей по электронной почте при обнаружении логина с нового устройства или локации.",
 	"ldap": "LDAP",
@@ -331,10 +331,10 @@
 	"token_sign_in": "Вход с помощью токена",
 	"client_authorization": "Авторизация клиента",
 	"new_client_authorization": "Авторизация нового клиента",
-	"device_code_authorization": "Авторизация кода устройства",
-	"new_device_code_authorization": "Авторизация нового кода устройства",
-	"passkey_added": "Добавлен пароль",
-	"passkey_removed": "Удален ключ доступа",
+	"device_code_authorization": "Авторизация через код устройства",
+	"new_device_code_authorization": "Новая авторизация через код устройства",
+	"passkey_added": "Пасскей добавлен",
+	"passkey_removed": "Пасскей удален",
 	"disable_animations": "Отключить анимации",
 	"turn_off_ui_animations": "Отключить все анимации в интерфейсе.",
 	"user_disabled": "Учетная запись отключена",
@@ -467,7 +467,7 @@
 	"reauthentication": "Повторная аутентификация",
 	"clear_filters": "Сбросить фильтры",
 	"default_profile_picture": "Изображение профиля по умолчанию",
-	"light": "Свет",
-	"dark": "Темный",
-	"system": "Система"
+	"light": "Светлая",
+	"dark": "Темная",
+	"system": "Системная"
 }

frontend/messages/sv.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profilbild",
 	"profile_picture_is_managed_by_ldap_server": "Profilbilden hanteras av LDAP-servern och kan inte ändras här.",
 	"click_profile_picture_to_upload_custom": "Klicka på profilbilden för att ladda upp en anpassad bild från dina filer.",
-	"image_should_be_in_format": "Bilden ska vara i PNG- eller JPEG-format.",
+	"image_should_be_in_format": "Bilden ska vara i PNG-, JPEG- eller WEBP-format.",
 	"items_per_page": "Objekt per sida",
 	"no_items_found": "Inga objekt hittades",
 	"select_items": "Välj objekt...",

frontend/messages/tr.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Profil resmi",
 	"profile_picture_is_managed_by_ldap_server": "Profil resmi LDAP sunucusu tarafından yönetilmektedir ve burada değiştirilemez.",
 	"click_profile_picture_to_upload_custom": "Özel bir resim yüklemek için profil resmine tıklayın.",
-	"image_should_be_in_format": "Resim PNG veya JPEG formatın’da olmalıdır.",
+	"image_should_be_in_format": "Resim PNG, JPEG veya WEBP formatın’da olmalıdır.",
 	"items_per_page": "Sayfa başına öğe sayısı",
 	"no_items_found": "Hiçbir öğe bulunamadı",
 	"select_items": "Öğeleri seçin...",

frontend/messages/uk.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Фотографія профілю",
 	"profile_picture_is_managed_by_ldap_server": "Фотографія профілю управляється сервером LDAP і не може бути змінена тут.",
 	"click_profile_picture_to_upload_custom": "Натисніть на зображення профілю, щоб завантажити власне зображення.",
-	"image_should_be_in_format": "Зображення повинно бути у форматі PNG або JPEG.",
+	"image_should_be_in_format": "Зображення повинно бути у форматі PNG, JPEG або WEBP.",
 	"items_per_page": "Елементів на сторінці",
 	"no_items_found": "Нічого не знайдено",
 	"select_items": "Виберіть елементи...",

frontend/messages/vi.json

@@ -14,7 +14,7 @@
 	"profile_picture": "Ảnh đại diện",
 	"profile_picture_is_managed_by_ldap_server": "Hình đại diện được quản lý bởi máy chủ LDAP và không thể thay đổi tại đây.",
 	"click_profile_picture_to_upload_custom": "Nhấp vào hình ảnh hồ sơ để tải lên hình ảnh tùy chỉnh.",
-	"image_should_be_in_format": "Hình ảnh phải ở định dạng PNG hoặc JPEG.",
+	"image_should_be_in_format": "Hình ảnh phải ở định dạng PNG, JPEG hoặc WEBP.",
 	"items_per_page": "Số kết quả mỗi trang",
 	"no_items_found": "Không tìm thấy kết quả nào",
 	"select_items": "Chọn các mục...",

frontend/messages/zh-CN.json

@@ -14,7 +14,7 @@
 	"profile_picture": "头像",
 	"profile_picture_is_managed_by_ldap_server": "头像由 LDAP 服务器管理，无法在此处更改。",
 	"click_profile_picture_to_upload_custom": "点击头像来从文件中上传您的自定义头像。",
-	"image_should_be_in_format": "图片应为 PNG 或 JPEG 格式。",
+	"image_should_be_in_format": "图片应为 PNG、JPEG 或 WEBP 格式。",
 	"items_per_page": "每页条数",
 	"no_items_found": "这里暂时空空如也",
 	"select_items": "选择项目……",

frontend/messages/zh-TW.json

@@ -14,7 +14,7 @@
 	"profile_picture": "個人資料圖片",
 	"profile_picture_is_managed_by_ldap_server": "這張個人資料圖片是由 LDAP 伺服器管理，無法在此變更。",
 	"click_profile_picture_to_upload_custom": "點擊個人資料圖片，從您的檔案中上傳自訂圖片。",
-	"image_should_be_in_format": "圖片應為 PNG 或 JPEG 格式。",
+	"image_should_be_in_format": "圖片應為 PNG、JPEG 或 WEBP 格式。",
 	"items_per_page": "每頁項目數",
 	"no_items_found": "找不到任何項目",
 	"select_items": "選擇項目...",

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pocket-id-frontend",
-  "version": "1.15.0",
+  "version": "1.16.0",
   "private": true,
   "type": "module",
   "scripts": {
@@ -21,7 +21,7 @@
     "date-fns": "^4.1.0",
     "jose": "^6.1.2",
     "qrcode": "^1.5.4",
-    "runed": "^0.36.0",
+    "runed": "^0.37.0",
     "sveltekit-superforms": "^2.28.1",
     "tailwind-merge": "^3.4.0",
     "zod": "^4.1.13"
@@ -31,7 +31,7 @@
     "@inlang/plugin-m-function-matcher": "^2.1.0",
     "@inlang/plugin-message-format": "^4.0.0",
     "@internationalized/date": "^3.10.0",
-    "@lucide/svelte": "^0.554.0",
+    "@lucide/svelte": "^0.555.0",
     "@sveltejs/adapter-static": "^3.0.10",
     "@sveltejs/kit": "^2.49.0",
     "@sveltejs/vite-plugin-svelte": "^6.2.1",
@@ -45,11 +45,11 @@
     "formsnap": "^2.0.1",
     "globals": "^16.5.0",
     "mode-watcher": "^1.1.0",
-    "prettier": "^3.6.2",
+    "prettier": "^3.7.3",
     "prettier-plugin-svelte": "^3.4.0",
     "prettier-plugin-tailwindcss": "^0.7.1",
     "rollup": "^4.53.3",
-    "svelte": "^5.44.0",
+    "svelte": "^5.45.2",
     "svelte-check": "^4.3.4",
     "svelte-sonner": "^1.0.6",
     "tailwind-variants": "^3.2.2",

frontend/src/app.css

@@ -1,6 +1,8 @@
 @import 'tailwindcss';
 @import 'tw-animate-css';
 
+@variant dark (&:where(.dark, .dark *));
+
 /*
   The default border color has changed to `currentcolor` in Tailwind CSS v4,
   so we've added these compatibility styles to make sure everything still

frontend/src/lib/components/audit-log-list.svelte

@@ -6,6 +6,7 @@
 	import type { AdvancedTableColumn } from '$lib/types/advanced-table.type';
 	import type { AuditLog, AuditLogFilter } from '$lib/types/audit-log.type';
 	import { translateAuditLogEvent } from '$lib/utils/audit-log-translator';
+	import { untrack } from 'svelte';
 
 	let {
 		isAdmin = false,
@@ -61,7 +62,11 @@
 
 	$effect(() => {
 		if (filters) {
-			tableRef?.refresh();
+			filters.userID;
+			filters.event;
+			filters.location;
+			filters.clientName;
+			untrack(() => tableRef?.refresh());
 		}
 	});
 

frontend/src/lib/components/form/searchable-multi-select.svelte

@@ -4,7 +4,7 @@
 	import * as Command from '$lib/components/ui/command';
 	import * as Popover from '$lib/components/ui/popover';
 	import { cn } from '$lib/utils/style';
-    import { m } from '$lib/paraglide/messages';
+	import { m } from '$lib/paraglide/messages';
 	import { LoaderCircle, LucideCheck, LucideChevronDown } from '@lucide/svelte';
 	import type { FormEventHandler } from 'svelte/elements';
 

frontend/src/lib/components/header/header.svelte

@@ -39,7 +39,9 @@
 			{/if}
 		</div>
 		<div class="flex items-center justify-between gap-4">
-			<ModeSwitcher />
+			{#if !isAuthPage}
+				<ModeSwitcher />
+			{/if}
 			{#if $userStore?.id}
 				<HeaderAvatar />
 			{/if}

frontend/src/lib/components/header/mode-switcher.svelte

@@ -1,11 +1,11 @@
 <script lang="ts">
-	import SunIcon from '@lucide/svelte/icons/sun';
 	import MoonIcon from '@lucide/svelte/icons/moon';
+	import SunIcon from '@lucide/svelte/icons/sun';
 
-	import { mode, resetMode, setMode } from 'mode-watcher';
-	import * as DropdownMenu from '$lib/components/ui/dropdown-menu/index.js';
 	import { buttonVariants } from '$lib/components/ui/button/index.js';
+	import * as DropdownMenu from '$lib/components/ui/dropdown-menu/index.js';
 	import { m } from '$lib/paraglide/messages';
+	import { mode, resetMode, setMode } from 'mode-watcher';
 
 	const isDark = $derived(mode.current === 'dark');
 </script>

frontend/src/lib/components/one-time-link-modal.svelte

@@ -36,7 +36,10 @@
 
 	async function createLoginCode() {
 		try {
-			code = await userService.createOneTimeAccessToken(userId!, availableExpirations[selectedExpiration]);
+			code = await userService.createOneTimeAccessToken(
+				userId!,
+				availableExpirations[selectedExpiration]
+			);
 			oneTimeLink = `${page.url.origin}/lc/${code}`;
 		} catch (e) {
 			axiosErrorToast(e);
@@ -45,7 +48,10 @@
 
 	async function sendLoginCodeEmail() {
 		try {
-			await userService.requestOneTimeAccessEmailAsAdmin(userId!, availableExpirations[selectedExpiration]);
+			await userService.requestOneTimeAccessEmailAsAdmin(
+				userId!,
+				availableExpirations[selectedExpiration]
+			);
 			toast.success(m.login_code_email_success());
 			onOpenChange(false);
 		} catch (e) {

frontend/src/lib/components/ui/skeleton/index.ts

@@ -1,7 +1,7 @@
-import Root from "./skeleton.svelte";
+import Root from './skeleton.svelte';
 
 export {
 	Root,
 	//
-	Root as Skeleton,
+	Root as Skeleton
 };

frontend/src/lib/components/ui/skeleton/skeleton.svelte

@@ -1,6 +1,6 @@
 <script lang="ts">
-	import { cn, type WithElementRef, type WithoutChildren } from "$lib/utils/style.js";
-	import type { HTMLAttributes } from "svelte/elements";
+	import { cn, type WithElementRef, type WithoutChildren } from '$lib/utils/style.js';
+	import type { HTMLAttributes } from 'svelte/elements';
 
 	let {
 		ref = $bindable(null),
@@ -12,6 +12,6 @@
 <div
 	bind:this={ref}
 	data-slot="skeleton"
-	class={cn("bg-accent animate-pulse rounded-md", className)}
+	class={cn('bg-accent animate-pulse rounded-md', className)}
 	{...restProps}
 ></div>

frontend/src/lib/services/api-service.ts

@@ -1,13 +1,13 @@
 import axios from 'axios';
 
 abstract class APIService {
-  protected api = axios.create({ baseURL: '/api' });
+	protected api = axios.create({ baseURL: '/api' });
 
-  constructor() {
-    if (typeof process !== 'undefined' && process?.env?.DEVELOPMENT_BACKEND_URL) {
-      this.api.defaults.baseURL = process.env.DEVELOPMENT_BACKEND_URL;
-    }
-  }
+	constructor() {
+		if (typeof process !== 'undefined' && process?.env?.DEVELOPMENT_BACKEND_URL) {
+			this.api.defaults.baseURL = process.env.DEVELOPMENT_BACKEND_URL;
+		}
+	}
 }
 
 export default APIService;

frontend/src/lib/services/webauthn-service.ts

@@ -4,35 +4,35 @@ import APIService from './api-service';
 import userStore from '$lib/stores/user-store';
 import type { AuthenticationResponseJSON, RegistrationResponseJSON } from '@simplewebauthn/browser';
 class WebAuthnService extends APIService {
-  getRegistrationOptions = async () => (await this.api.get(`/webauthn/register/start`)).data;
+	getRegistrationOptions = async () => (await this.api.get(`/webauthn/register/start`)).data;
 
-  finishRegistration = async (body: RegistrationResponseJSON) =>
-    (await this.api.post(`/webauthn/register/finish`, body)).data as Passkey;
+	finishRegistration = async (body: RegistrationResponseJSON) =>
+		(await this.api.post(`/webauthn/register/finish`, body)).data as Passkey;
 
-  getLoginOptions = async () => (await this.api.get(`/webauthn/login/start`)).data;
+	getLoginOptions = async () => (await this.api.get(`/webauthn/login/start`)).data;
 
-  finishLogin = async (body: AuthenticationResponseJSON) =>
-    (await this.api.post(`/webauthn/login/finish`, body)).data as User;
+	finishLogin = async (body: AuthenticationResponseJSON) =>
+		(await this.api.post(`/webauthn/login/finish`, body)).data as User;
 
-  logout = async () => {
-    await this.api.post(`/webauthn/logout`);
-    userStore.clearUser();
-  };
+	logout = async () => {
+		await this.api.post(`/webauthn/logout`);
+		userStore.clearUser();
+	};
 
-  listCredentials = async () => (await this.api.get(`/webauthn/credentials`)).data as Passkey[];
+	listCredentials = async () => (await this.api.get(`/webauthn/credentials`)).data as Passkey[];
 
-  removeCredential = async (id: string) => {
-    await this.api.delete(`/webauthn/credentials/${id}`);
-  };
+	removeCredential = async (id: string) => {
+		await this.api.delete(`/webauthn/credentials/${id}`);
+	};
 
-  updateCredentialName = async (id: string, name: string) => {
-    await this.api.patch(`/webauthn/credentials/${id}`, { name });
-  };
+	updateCredentialName = async (id: string, name: string) => {
+		await this.api.patch(`/webauthn/credentials/${id}`, { name });
+	};
 
-  reauthenticate = async (body?: AuthenticationResponseJSON) => {
-    const res = await this.api.post('/webauthn/reauthenticate', body);
-    return res.data.reauthenticationToken as string;
-  };
+	reauthenticate = async (body?: AuthenticationResponseJSON) => {
+		const res = await this.api.post('/webauthn/reauthenticate', body);
+		return res.data.reauthenticationToken as string;
+	};
 }
 
 export default WebAuthnService;

frontend/src/lib/types/advanced-table.type.ts

@@ -3,7 +3,7 @@ import type { Component, Snippet } from 'svelte';
 export type AdvancedTableColumn<T extends Record<string, any>> = {
 	label: string;
 	column?: keyof T & string;
-    key?: string;
+	key?: string;
 	value?: (item: T) => string | number | boolean | undefined;
 	cell?: Snippet<[{ item: T }]>;
 	sortable?: boolean;
@@ -12,9 +12,11 @@ export type AdvancedTableColumn<T extends Record<string, any>> = {
 		value: string | boolean;
 		icon?: Component;
 	}[];
-    hidden?: boolean;
+	hidden?: boolean;
 };
-export type CreateAdvancedTableActions<T extends Record<string, any>> = (item: T) => AdvancedTableAction<T>[];
+export type CreateAdvancedTableActions<T extends Record<string, any>> = (
+	item: T
+) => AdvancedTableAction<T>[];
 
 export type AdvancedTableAction<T> = {
 	label: string;

frontend/src/lib/types/audit-log.type.ts

@@ -12,7 +12,7 @@ export type AuditLog = {
 };
 
 export type AuditLogFilter = {
-	userId: string;
+	userID: string;
 	event: string;
 	location: string;
 	clientName: string;

frontend/src/lib/utils/audit-log-translator.ts

@@ -9,8 +9,8 @@ export const eventTypes: Record<string, string> = {
 	DEVICE_CODE_AUTHORIZATION: m.device_code_authorization(),
 	NEW_DEVICE_CODE_AUTHORIZATION: m.new_device_code_authorization(),
 	PASSKEY_ADDED: m.passkey_added(),
-	PASSKEY_REMOVED: m.passkey_removed(),
-}
+	PASSKEY_REMOVED: m.passkey_removed()
+};
 
 /**
  * Translates an audit log event type using paraglide messages.

frontend/src/lib/utils/cached-image-util.ts

@@ -22,9 +22,13 @@ export const cachedApplicationLogo: CachableImage = {
 
 export const cachedDefaultProfilePicture: CachableImage = {
 	getUrl: () =>
-		getCachedImageUrl(new URL('/api/application-images/default-profile-picture', window.location.origin)),
+		getCachedImageUrl(
+			new URL('/api/application-images/default-profile-picture', window.location.origin)
+		),
 	bustCache: () =>
-		bustImageCache(new URL('/api/application-images/default-profile-picture', window.location.origin))
+		bustImageCache(
+			new URL('/api/application-images/default-profile-picture', window.location.origin)
+		)
 };
 
 export const cachedBackgroundImage: CachableImage = {

frontend/src/routes/settings/audit-log/global/+page.svelte

@@ -13,7 +13,7 @@
 	let auditLogListRef: AuditLogList;
 
 	let filters: AuditLogFilter = $state({
-		userId: '',
+		userID: '',
 		event: '',
 		location: '',
 		clientName: ''
@@ -59,7 +59,7 @@
 								label: username
 							}))
 						]}
-						bind:value={filters.userId}
+						bind:value={filters.userID}
 					/>
 				{/await}
 			</div>

pnpm-lock.yaml

@@ -5,7 +5,12 @@ settings:
   excludeLinksFromLockfile: false
 
 overrides:
+  cookie@<0.7.0: '>=0.7.0'
   devalue: ^5.3.2
+  glob@>=11.0.0 <11.1.0: '>=11.1.0'
+  js-yaml@>=4.0.0 <4.1.1: '>=4.1.1'
+  valibot@>=0.31.0 <1.2.0: '>=1.2.0'
+  validator@<13.15.20: '>=13.15.20'
 
 importers:
 
@@ -69,11 +74,11 @@ importers:
         specifier: ^1.5.4
         version: 1.5.4
       runed:
-        specifier: ^0.36.0
-        version: 0.36.0(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(zod@4.1.13)
+        specifier: ^0.37.0
+        version: 0.37.0(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(zod@4.1.13)
       sveltekit-superforms:
         specifier: ^2.28.1
-        version: 2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.44.0)(typescript@5.9.3)
+        version: 2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.45.2)(typescript@5.9.3)
       tailwind-merge:
         specifier: ^3.4.0
         version: 3.4.0
@@ -94,17 +99,17 @@ importers:
         specifier: ^3.10.0
         version: 3.10.0
       '@lucide/svelte':
-        specifier: ^0.554.0
-        version: 0.554.0(svelte@5.44.0)
+        specifier: ^0.555.0
+        version: 0.555.0(svelte@5.45.2)
       '@sveltejs/adapter-static':
         specifier: ^3.0.10
-        version: 3.0.10(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))
+        version: 3.0.10(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))
       '@sveltejs/kit':
         specifier: ^2.49.0
-        version: 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+        version: 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       '@sveltejs/vite-plugin-svelte':
         specifier: ^6.2.1
-        version: 6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+        version: 6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       '@types/eslint':
         specifier: ^9.6.1
         version: 9.6.1
@@ -116,7 +121,7 @@ importers:
         version: 1.5.6
       bits-ui:
         specifier: ^2.14.4
-        version: 2.14.4(@internationalized/date@3.10.0)(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)
+        version: 2.14.4(@internationalized/date@3.10.0)(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)
       eslint:
         specifier: ^9.39.1
         version: 9.39.1(jiti@2.6.1)
@@ -125,37 +130,37 @@ importers:
         version: 10.1.8(eslint@9.39.1(jiti@2.6.1))
       eslint-plugin-svelte:
         specifier: ^3.13.0
-        version: 3.13.0(eslint@9.39.1(jiti@2.6.1))(svelte@5.44.0)
+        version: 3.13.0(eslint@9.39.1(jiti@2.6.1))(svelte@5.45.2)
       formsnap:
         specifier: ^2.0.1
-        version: 2.0.1(svelte@5.44.0)(sveltekit-superforms@2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.44.0)(typescript@5.9.3))
+        version: 2.0.1(svelte@5.45.2)(sveltekit-superforms@2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.45.2)(typescript@5.9.3))
       globals:
         specifier: ^16.5.0
         version: 16.5.0
       mode-watcher:
         specifier: ^1.1.0
-        version: 1.1.0(svelte@5.44.0)
+        version: 1.1.0(svelte@5.45.2)
       prettier:
-        specifier: ^3.6.2
-        version: 3.6.2
+        specifier: ^3.7.3
+        version: 3.7.3
       prettier-plugin-svelte:
         specifier: ^3.4.0
-        version: 3.4.0(prettier@3.6.2)(svelte@5.44.0)
+        version: 3.4.0(prettier@3.7.3)(svelte@5.45.2)
       prettier-plugin-tailwindcss:
         specifier: ^0.7.1
-        version: 0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.6.2)(svelte@5.44.0))(prettier@3.6.2)
+        version: 0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.7.3)(svelte@5.45.2))(prettier@3.7.3)
       rollup:
         specifier: ^4.53.3
         version: 4.53.3
       svelte:
-        specifier: ^5.44.0
-        version: 5.44.0
+        specifier: ^5.45.2
+        version: 5.45.2
       svelte-check:
         specifier: ^4.3.4
-        version: 4.3.4(picomatch@4.0.3)(svelte@5.44.0)(typescript@5.9.3)
+        version: 4.3.4(picomatch@4.0.3)(svelte@5.45.2)(typescript@5.9.3)
       svelte-sonner:
         specifier: ^1.0.6
-        version: 1.0.6(svelte@5.44.0)
+        version: 1.0.6(svelte@5.45.2)
       tailwind-variants:
         specifier: ^3.2.2
         version: 3.2.2(tailwind-merge@3.4.0)(tailwindcss@4.1.17)
@@ -193,8 +198,8 @@ importers:
         specifier: ^6.1.2
         version: 6.1.2
       prettier:
-        specifier: ^3.6.2
-        version: 3.6.2
+        specifier: ^3.7.0
+        version: 3.7.0
 
 packages:
 
@@ -643,10 +648,6 @@ packages:
     resolution: {integrity: sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==}
     engines: {node: 20 || >=22}
 
-  '@isaacs/cliui@8.0.2':
-    resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==}
-    engines: {node: '>=12'}
-
   '@jridgewell/gen-mapping@0.3.13':
     resolution: {integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==}
 
@@ -673,8 +674,8 @@ packages:
   '@lix-js/server-protocol-schema@0.1.1':
     resolution: {integrity: sha512-jBeALB6prAbtr5q4vTuxnRZZv1M2rKe8iNqRQhFJ4Tv7150unEa0vKyz0hs8Gl3fUGsWaNJBh3J8++fpbrpRBQ==}
 
-  '@lucide/svelte@0.554.0':
-    resolution: {integrity: sha512-CM6wLEH8uk3WBpC42t8R0hF7SlQrsYEL6qGuXdB99xKZwKglpWmX5XgYu7FIYOCBYOyC1rm4dNhIe6uF9pOXqw==}
+  '@lucide/svelte@0.555.0':
+    resolution: {integrity: sha512-aqTOMjBjf/HNwrhggRdb83T0QslZdpJTyTwr/chtXTGw7u4Hcu4zQb/5uA+csF0KKawKWVnsNI1MdHEHeEXTcQ==}
     peerDependencies:
       svelte: ^5
 
@@ -1327,10 +1328,6 @@ packages:
     resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==}
     engines: {node: '>=8'}
 
-  ansi-styles@6.2.3:
-    resolution: {integrity: sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==}
-    engines: {node: '>=12'}
-
   argparse@2.0.1:
     resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==}
 
@@ -1479,10 +1476,6 @@ packages:
     resolution: {integrity: sha512-5IKcdX0nnYavi6G7TtOhwkYzyjfJlatbjMjuLSfE2kYT5pMDOilZ4OvMhi637CcDICTmz3wARPoyhqyX1Y+XvA==}
     engines: {node: ^14.18.0 || >=16.10.0}
 
-  cookie@0.6.0:
-    resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==}
-    engines: {node: '>= 0.6'}
-
   cookie@0.7.2:
     resolution: {integrity: sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==}
     engines: {node: '>= 0.6'}
@@ -1603,9 +1596,6 @@ packages:
     resolution: {integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==}
     engines: {node: '>= 0.4'}
 
-  eastasianwidth@0.2.0:
-    resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==}
-
   effect@3.18.4:
     resolution: {integrity: sha512-b1LXQJLe9D11wfnOKAk3PKxuqYshQ0Heez+y5pnkd3jLj1yx9QhM72zZ9uUrOQyNvrs2GZZd/3maL0ZV18YuDA==}
 
@@ -1615,9 +1605,6 @@ packages:
   emoji-regex@8.0.0:
     resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==}
 
-  emoji-regex@9.2.2:
-    resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==}
-
   engine.io-parser@5.2.3:
     resolution: {integrity: sha512-HqD3yTBfnBxIrbnM1DoD6Pcq8NECnh8d4As1Qgh0z5Gg3jRRIqijury0CL3ghu/edArpUYiYqQiDUQBIs4np3Q==}
     engines: {node: '>=10.0.0'}
@@ -1723,8 +1710,8 @@ packages:
     resolution: {integrity: sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg==}
     engines: {node: '>=0.10'}
 
-  esrap@2.1.0:
-    resolution: {integrity: sha512-yzmPNpl7TBbMRC5Lj2JlJZNPml0tzqoqP5B1JXycNUwtqma9AKCO0M2wHrdgsHcy1WRW7S9rJknAMtByg3usgA==}
+  esrap@2.2.0:
+    resolution: {integrity: sha512-WBmtxe7R9C5mvL4n2le8nMUe4mD5V9oiK2vJpQ9I3y20ENPUomPcphBXE8D1x/Bm84oN1V+lOfgXxtqmxTp3Xg==}
 
   esrecurse@4.3.0:
     resolution: {integrity: sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==}
@@ -1799,10 +1786,6 @@ packages:
       debug:
         optional: true
 
-  foreground-child@3.3.1:
-    resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==}
-    engines: {node: '>=14'}
-
   form-data@4.0.4:
     resolution: {integrity: sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==}
     engines: {node: '>= 6'}
@@ -1850,10 +1833,9 @@ packages:
     resolution: {integrity: sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==}
     engines: {node: '>=10.13.0'}
 
-  glob@11.0.3:
-    resolution: {integrity: sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==}
+  glob@13.0.0:
+    resolution: {integrity: sha512-tvZgpqk6fz4BaNZ66ZsRaZnbHvP/jG3uKJvAZOwEVUL4RTA5nJeeLYfyN9/VA8NX/V3IBG+hkeuGpKjvELkVhA==}
     engines: {node: 20 || >=22}
-    hasBin: true
 
   globals@14.0.0:
     resolution: {integrity: sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==}
@@ -1949,10 +1931,6 @@ packages:
   isexe@2.0.0:
     resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==}
 
-  jackspeak@4.1.1:
-    resolution: {integrity: sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==}
-    engines: {node: 20 || >=22}
-
   jiti@2.4.2:
     resolution: {integrity: sha512-rg9zJN+G4n2nfJl5MW3BMygZX56zKPNVEYYqq7adpmMh4Jn2QNEwhvQlFy6jPVdcod7txZtKHWnyZiA3a0zP7A==}
     hasBin: true
@@ -1973,8 +1951,8 @@ packages:
   js-tokens@4.0.0:
     resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
 
-  js-yaml@4.1.0:
-    resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==}
+  js-yaml@4.1.1:
+    resolution: {integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==}
     hasBin: true
 
   jsesc@3.1.0:
@@ -2173,8 +2151,8 @@ packages:
     resolution: {integrity: sha512-VP79XUPxV2CigYP3jWwAUFSku2aKqBH7uTAapFWCBqutsbmDo96KY5o8uh6U+/YSIn5OxJnXp73beVkpqMIGhA==}
     engines: {node: '>=18'}
 
-  minimatch@10.0.3:
-    resolution: {integrity: sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==}
+  minimatch@10.1.1:
+    resolution: {integrity: sha512-enIvLvRAFZYXJzkCYG5RKmPfrFArdLv+R+lbQ53BmIMLIry74bjKzX6iHAm8WYamJkhSSEabrWN5D97XnKObjQ==}
     engines: {node: 20 || >=22}
 
   minimatch@3.1.2:
@@ -2289,9 +2267,6 @@ packages:
     resolution: {integrity: sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==}
     engines: {node: '>=6'}
 
-  package-json-from-dist@1.0.1:
-    resolution: {integrity: sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==}
-
   parent-module@1.0.1:
     resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==}
     engines: {node: '>=6'}
@@ -2442,8 +2417,13 @@ packages:
       prettier-plugin-svelte:
         optional: true
 
-  prettier@3.6.2:
-    resolution: {integrity: sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==}
+  prettier@3.7.0:
+    resolution: {integrity: sha512-pBiBj/gjRY9Qpk1b7cDda6Rbwvkaggos779AHQ0Ek/odwDx6xG6DRBxtnp1QmxbuD7pAO8/SQ8vuhtGv9LoLWA==}
+    engines: {node: '>=14'}
+    hasBin: true
+
+  prettier@3.7.3:
+    resolution: {integrity: sha512-QgODejq9K3OzoBbuyobZlUhznP5SKwPqp+6Q6xw6o8gnhr4O85L2U915iM2IDcfF2NPXVaM9zlo9tdwipnYwzg==}
     engines: {node: '>=14'}
     hasBin: true
 
@@ -2542,8 +2522,8 @@ packages:
       '@sveltejs/kit':
         optional: true
 
-  runed@0.36.0:
-    resolution: {integrity: sha512-CK84KPwAausPQEyWF9t6miCuNW5isAKPMswDsz7jhdueiZZ9du/UrgWc/aggLts8QuppT8KucryrHDFBAqk9Ww==}
+  runed@0.37.0:
+    resolution: {integrity: sha512-zphHjvLZEpcJiV3jezT96SnNwePaUIEd1HEMuPGZ6DwOMao9S2ZAUCYJPKquRM5J22AwAOpGj0KmxOkQdkBfwQ==}
     peerDependencies:
       '@sveltejs/kit': ^2.21.0
       svelte: ^5.7.0
@@ -2633,10 +2613,6 @@ packages:
     resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==}
     engines: {node: '>=8'}
 
-  string-width@5.1.2:
-    resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==}
-    engines: {node: '>=12'}
-
   string-width@7.2.0:
     resolution: {integrity: sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==}
     engines: {node: '>=18'}
@@ -2727,8 +2703,8 @@ packages:
     peerDependencies:
       svelte: ^5.0.0
 
-  svelte@5.44.0:
-    resolution: {integrity: sha512-R7387No2zEGw4CtYtI2rgsui6BqjFARzoZFGLiLN5OPla0Pq4Ra2WwcP/zBomP3MYalhSNvF1fzDMuU0P0zPJw==}
+  svelte@5.45.2:
+    resolution: {integrity: sha512-yyXdW2u3H0H/zxxWoGwJoQlRgaSJLp+Vhktv12iRw2WRDlKqUPT54Fi0K/PkXqrdkcQ98aBazpy0AH4BCBVfoA==}
     engines: {node: '>=18'}
 
   sveltekit-superforms@2.28.1:
@@ -2868,24 +2844,16 @@ packages:
     resolution: {integrity: sha512-8XkAphELsDnEGrDxUOHB3RGvXz6TeuYSGEZBOjtTtPm2lwhGBjLgOzLHB63IUWfBpNucQjND6d3AOudO+H3RWQ==}
     hasBin: true
 
-  valibot@0.42.1:
-    resolution: {integrity: sha512-3keXV29Ar5b//Hqi4MbSdV7lfVp6zuYLZuA9V1PvQUsXqogr+u5lvLPLk3A4f74VUXDnf/JfWMN6sB+koJ/FFw==}
+  valibot@1.2.0:
+    resolution: {integrity: sha512-mm1rxUsmOxzrwnX5arGS+U4T25RdvpPjPN4yR0u9pUBov9+zGVtO84tif1eY4r6zWxVxu3KzIyknJy3rxfRZZg==}
     peerDependencies:
       typescript: '>=5'
     peerDependenciesMeta:
       typescript:
         optional: true
 
-  valibot@1.1.0:
-    resolution: {integrity: sha512-Nk8lX30Qhu+9txPYTwM0cFlWLdPFsFr6LblzqIySfbZph9+BFsAHsNvHOymEviUepeIW6KFHzpX8TKhbptBXXw==}
-    peerDependencies:
-      typescript: '>=5'
-    peerDependenciesMeta:
-      typescript:
-        optional: true
-
-  validator@13.15.15:
-    resolution: {integrity: sha512-BgWVbCI72aIQy937xbawcs+hrVaN/CZ2UwutgaJ36hGqRrLNM+f5LUT/YPRbo8IV/ASeFzXszezV+y2+rq3l8A==}
+  validator@13.15.23:
+    resolution: {integrity: sha512-4yoz1kEWqUjzi5zsPbAS/903QXSYp0UOtHsPpp7p9rHAw/W+dkInskAE386Fat3oKRROwO98d9ZB0G4cObgUyw==}
     engines: {node: '>= 0.10'}
 
   vary@1.1.2:
@@ -2962,14 +2930,6 @@ packages:
     resolution: {integrity: sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==}
     engines: {node: '>=8'}
 
-  wrap-ansi@7.0.0:
-    resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==}
-    engines: {node: '>=10'}
-
-  wrap-ansi@8.1.0:
-    resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==}
-    engines: {node: '>=12'}
-
   ws@8.17.1:
     resolution: {integrity: sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==}
     engines: {node: '>=10.0.0'}
@@ -3198,7 +3158,7 @@ snapshots:
       globals: 14.0.0
       ignore: 5.3.2
       import-fresh: 3.3.1
-      js-yaml: 4.1.0
+      js-yaml: 4.1.1
       minimatch: 3.1.2
       strip-json-comments: 3.1.1
     transitivePeerDependencies:
@@ -3234,7 +3194,7 @@ snapshots:
 
   '@gcornut/valibot-json-schema@0.42.0(esbuild@0.25.11)(typescript@5.9.3)':
     dependencies:
-      valibot: 0.42.1(typescript@5.9.3)
+      valibot: 1.2.0(typescript@5.9.3)
     optionalDependencies:
       '@types/json-schema': 7.0.15
       esbuild-runner: 2.2.2(esbuild@0.25.11)
@@ -3397,15 +3357,6 @@ snapshots:
     dependencies:
       '@isaacs/balanced-match': 4.0.1
 
-  '@isaacs/cliui@8.0.2':
-    dependencies:
-      string-width: 5.1.2
-      string-width-cjs: string-width@4.2.3
-      strip-ansi: 7.1.2
-      strip-ansi-cjs: strip-ansi@6.0.1
-      wrap-ansi: 8.1.0
-      wrap-ansi-cjs: wrap-ansi@7.0.0
-
   '@jridgewell/gen-mapping@0.3.13':
     dependencies:
       '@jridgewell/sourcemap-codec': 1.5.5
@@ -3445,9 +3396,9 @@ snapshots:
 
   '@lix-js/server-protocol-schema@0.1.1': {}
 
-  '@lucide/svelte@0.554.0(svelte@5.44.0)':
+  '@lucide/svelte@0.555.0(svelte@5.45.2)':
     dependencies:
-      svelte: 5.44.0
+      svelte: 5.45.2
 
   '@next/env@16.0.1': {}
 
@@ -3588,7 +3539,7 @@ snapshots:
   '@react-email/render@2.0.0(react-dom@19.2.0(react@19.2.0))(react@19.2.0)':
     dependencies:
       html-to-text: 9.0.5
-      prettier: 3.6.2
+      prettier: 3.7.3
       react: 19.2.0
       react-dom: 19.2.0(react@19.2.0)
 
@@ -3717,18 +3668,18 @@ snapshots:
     dependencies:
       acorn: 8.15.0
 
-  '@sveltejs/adapter-static@3.0.10(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))':
+  '@sveltejs/adapter-static@3.0.10(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))':
     dependencies:
-      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
 
-  '@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))':
+  '@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))':
     dependencies:
       '@standard-schema/spec': 1.0.0
       '@sveltejs/acorn-typescript': 1.0.6(acorn@8.15.0)
-      '@sveltejs/vite-plugin-svelte': 6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/vite-plugin-svelte': 6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       '@types/cookie': 0.6.0
       acorn: 8.15.0
-      cookie: 0.6.0
+      cookie: 0.7.2
       devalue: 5.4.2
       esm-env: 1.2.2
       kleur: 4.1.5
@@ -3737,25 +3688,25 @@ snapshots:
       sade: 1.8.1
       set-cookie-parser: 2.7.1
       sirv: 3.0.2
-      svelte: 5.44.0
+      svelte: 5.45.2
       vite: 7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)
 
-  '@sveltejs/vite-plugin-svelte-inspector@5.0.1(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))':
+  '@sveltejs/vite-plugin-svelte-inspector@5.0.1(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))':
     dependencies:
-      '@sveltejs/vite-plugin-svelte': 6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/vite-plugin-svelte': 6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       debug: 4.4.3
-      svelte: 5.44.0
+      svelte: 5.45.2
       vite: 7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)
     transitivePeerDependencies:
       - supports-color
 
-  '@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))':
+  '@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))':
     dependencies:
-      '@sveltejs/vite-plugin-svelte-inspector': 5.0.1(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/vite-plugin-svelte-inspector': 5.0.1(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       debug: 4.4.3
       deepmerge: 4.3.1
       magic-string: 0.30.21
-      svelte: 5.44.0
+      svelte: 5.45.2
       vite: 7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)
       vitefu: 1.1.1(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
     transitivePeerDependencies:
@@ -3989,7 +3940,7 @@ snapshots:
       dayjs: 1.11.18
       dlv: 1.1.3
       normalize-url: 8.1.0
-      validator: 13.15.15
+      validator: 13.15.23
     optional: true
 
   accepts@1.3.8:
@@ -4029,8 +3980,6 @@ snapshots:
     dependencies:
       color-convert: 2.0.1
 
-  ansi-styles@6.2.3: {}
-
   argparse@2.0.1: {}
 
   aria-query@5.3.2: {}
@@ -4065,15 +4014,15 @@ snapshots:
 
   base64id@2.0.0: {}
 
-  bits-ui@2.14.4(@internationalized/date@3.10.0)(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0):
+  bits-ui@2.14.4(@internationalized/date@3.10.0)(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2):
     dependencies:
       '@floating-ui/core': 1.7.3
       '@floating-ui/dom': 1.7.4
       '@internationalized/date': 3.10.0
       esm-env: 1.2.2
-      runed: 0.35.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)
-      svelte: 5.44.0
-      svelte-toolbelt: 0.10.6(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)
+      runed: 0.35.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)
+      svelte: 5.45.2
+      svelte-toolbelt: 0.10.6(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)
       tabbable: 6.3.0
     transitivePeerDependencies:
       - '@sveltejs/kit'
@@ -4123,7 +4072,7 @@ snapshots:
     dependencies:
       '@types/validator': 13.15.3
       libphonenumber-js: 1.12.24
-      validator: 13.15.15
+      validator: 13.15.23
     optional: true
 
   cli-cursor@5.0.0:
@@ -4185,8 +4134,6 @@ snapshots:
 
   consola@3.4.2: {}
 
-  cookie@0.6.0: {}
-
   cookie@0.7.2: {}
 
   core-util-is@1.0.3: {}
@@ -4276,8 +4223,6 @@ snapshots:
       es-errors: 1.3.0
       gopd: 1.2.0
 
-  eastasianwidth@0.2.0: {}
-
   effect@3.18.4:
     dependencies:
       '@standard-schema/spec': 1.0.0
@@ -4288,8 +4233,6 @@ snapshots:
 
   emoji-regex@8.0.0: {}
 
-  emoji-regex@9.2.2: {}
-
   engine.io-parser@5.2.3: {}
 
   engine.io@6.6.4:
@@ -4374,7 +4317,7 @@ snapshots:
     dependencies:
       eslint: 9.39.1(jiti@2.6.1)
 
-  eslint-plugin-svelte@3.13.0(eslint@9.39.1(jiti@2.6.1))(svelte@5.44.0):
+  eslint-plugin-svelte@3.13.0(eslint@9.39.1(jiti@2.6.1))(svelte@5.45.2):
     dependencies:
       '@eslint-community/eslint-utils': 4.9.0(eslint@9.39.1(jiti@2.6.1))
       '@jridgewell/sourcemap-codec': 1.5.5
@@ -4386,9 +4329,9 @@ snapshots:
       postcss-load-config: 3.1.4(postcss@8.5.6)
       postcss-safe-parser: 7.0.1(postcss@8.5.6)
       semver: 7.7.3
-      svelte-eslint-parser: 1.4.0(svelte@5.44.0)
+      svelte-eslint-parser: 1.4.0(svelte@5.45.2)
     optionalDependencies:
-      svelte: 5.44.0
+      svelte: 5.45.2
     transitivePeerDependencies:
       - ts-node
 
@@ -4456,7 +4399,7 @@ snapshots:
     dependencies:
       estraverse: 5.3.0
 
-  esrap@2.1.0:
+  esrap@2.2.0:
     dependencies:
       '@jridgewell/sourcemap-codec': 1.5.5
 
@@ -4512,11 +4455,6 @@ snapshots:
 
   follow-redirects@1.15.11: {}
 
-  foreground-child@3.3.1:
-    dependencies:
-      cross-spawn: 7.0.6
-      signal-exit: 4.1.0
-
   form-data@4.0.4:
     dependencies:
       asynckit: 0.4.0
@@ -4525,11 +4463,11 @@ snapshots:
       hasown: 2.0.2
       mime-types: 2.1.35
 
-  formsnap@2.0.1(svelte@5.44.0)(sveltekit-superforms@2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.44.0)(typescript@5.9.3)):
+  formsnap@2.0.1(svelte@5.45.2)(sveltekit-superforms@2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.45.2)(typescript@5.9.3)):
     dependencies:
-      svelte: 5.44.0
-      svelte-toolbelt: 0.5.0(svelte@5.44.0)
-      sveltekit-superforms: 2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.44.0)(typescript@5.9.3)
+      svelte: 5.45.2
+      svelte-toolbelt: 0.5.0(svelte@5.45.2)
+      sveltekit-superforms: 2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.45.2)(typescript@5.9.3)
 
   fsevents@2.3.2:
     optional: true
@@ -4569,13 +4507,10 @@ snapshots:
     dependencies:
       is-glob: 4.0.3
 
-  glob@11.0.3:
+  glob@13.0.0:
     dependencies:
-      foreground-child: 3.3.1
-      jackspeak: 4.1.1
-      minimatch: 10.0.3
+      minimatch: 10.1.1
       minipass: 7.1.2
-      package-json-from-dist: 1.0.1
       path-scurry: 2.0.0
 
   globals@14.0.0: {}
@@ -4650,10 +4585,6 @@ snapshots:
 
   isexe@2.0.0: {}
 
-  jackspeak@4.1.1:
-    dependencies:
-      '@isaacs/cliui': 8.0.2
-
   jiti@2.4.2: {}
 
   jiti@2.6.1: {}
@@ -4673,7 +4604,7 @@ snapshots:
 
   js-tokens@4.0.0: {}
 
-  js-yaml@4.1.0:
+  js-yaml@4.1.1:
     dependencies:
       argparse: 2.0.1
 
@@ -4820,7 +4751,7 @@ snapshots:
 
   mimic-function@5.0.1: {}
 
-  minimatch@10.0.3:
+  minimatch@10.1.1:
     dependencies:
       '@isaacs/brace-expansion': 5.0.0
 
@@ -4836,11 +4767,11 @@ snapshots:
 
   minipass@7.1.2: {}
 
-  mode-watcher@1.1.0(svelte@5.44.0):
+  mode-watcher@1.1.0(svelte@5.45.2):
     dependencies:
-      runed: 0.25.0(svelte@5.44.0)
-      svelte: 5.44.0
-      svelte-toolbelt: 0.7.1(svelte@5.44.0)
+      runed: 0.25.0(svelte@5.45.2)
+      svelte: 5.45.2
+      svelte-toolbelt: 0.7.1(svelte@5.45.2)
 
   mri@1.2.0: {}
 
@@ -4936,8 +4867,6 @@ snapshots:
 
   p-try@2.2.0: {}
 
-  package-json-from-dist@1.0.1: {}
-
   parent-module@1.0.1:
     dependencies:
       callsites: 3.1.0
@@ -5014,18 +4943,20 @@ snapshots:
 
   prelude-ls@1.2.1: {}
 
-  prettier-plugin-svelte@3.4.0(prettier@3.6.2)(svelte@5.44.0):
+  prettier-plugin-svelte@3.4.0(prettier@3.7.3)(svelte@5.45.2):
     dependencies:
-      prettier: 3.6.2
-      svelte: 5.44.0
+      prettier: 3.7.3
+      svelte: 5.45.2
 
-  prettier-plugin-tailwindcss@0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.6.2)(svelte@5.44.0))(prettier@3.6.2):
+  prettier-plugin-tailwindcss@0.7.1(prettier-plugin-svelte@3.4.0(prettier@3.7.3)(svelte@5.45.2))(prettier@3.7.3):
     dependencies:
-      prettier: 3.6.2
+      prettier: 3.7.3
     optionalDependencies:
-      prettier-plugin-svelte: 3.4.0(prettier@3.6.2)(svelte@5.44.0)
+      prettier-plugin-svelte: 3.4.0(prettier@3.7.3)(svelte@5.45.2)
 
-  prettier@3.6.2: {}
+  prettier@3.7.0: {}
+
+  prettier@3.7.3: {}
 
   prismjs@1.30.0: {}
 
@@ -5064,7 +4995,7 @@ snapshots:
       conf: 15.0.2
       debounce: 2.2.0
       esbuild: 0.25.11
-      glob: 11.0.3
+      glob: 13.0.0
       jiti: 2.4.2
       log-symbols: 7.0.1
       mime-types: 3.0.1
@@ -5126,38 +5057,38 @@ snapshots:
       '@rollup/rollup-win32-x64-msvc': 4.53.3
       fsevents: 2.3.3
 
-  runed@0.23.4(svelte@5.44.0):
+  runed@0.23.4(svelte@5.45.2):
     dependencies:
       esm-env: 1.2.2
-      svelte: 5.44.0
+      svelte: 5.45.2
 
-  runed@0.25.0(svelte@5.44.0):
+  runed@0.25.0(svelte@5.45.2):
     dependencies:
       esm-env: 1.2.2
-      svelte: 5.44.0
+      svelte: 5.45.2
 
-  runed@0.28.0(svelte@5.44.0):
+  runed@0.28.0(svelte@5.45.2):
     dependencies:
       esm-env: 1.2.2
-      svelte: 5.44.0
+      svelte: 5.45.2
 
-  runed@0.35.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0):
+  runed@0.35.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2):
     dependencies:
       dequal: 2.0.3
       esm-env: 1.2.2
       lz-string: 1.5.0
-      svelte: 5.44.0
+      svelte: 5.45.2
     optionalDependencies:
-      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
 
-  runed@0.36.0(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(zod@4.1.13):
+  runed@0.37.0(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(zod@4.1.13):
     dependencies:
       dequal: 2.0.3
       esm-env: 1.2.2
       lz-string: 1.5.0
-      svelte: 5.44.0
+      svelte: 5.45.2
     optionalDependencies:
-      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       zod: 4.1.13
 
   sade@1.8.1:
@@ -5276,12 +5207,6 @@ snapshots:
       is-fullwidth-code-point: 3.0.0
       strip-ansi: 6.0.1
 
-  string-width@5.1.2:
-    dependencies:
-      eastasianwidth: 0.2.0
-      emoji-regex: 9.2.2
-      strip-ansi: 7.1.2
-
   string-width@7.2.0:
     dependencies:
       emoji-regex: 10.6.0
@@ -5322,19 +5247,19 @@ snapshots:
     dependencies:
       has-flag: 4.0.0
 
-  svelte-check@4.3.4(picomatch@4.0.3)(svelte@5.44.0)(typescript@5.9.3):
+  svelte-check@4.3.4(picomatch@4.0.3)(svelte@5.45.2)(typescript@5.9.3):
     dependencies:
       '@jridgewell/trace-mapping': 0.3.31
       chokidar: 4.0.3
       fdir: 6.5.0(picomatch@4.0.3)
       picocolors: 1.1.1
       sade: 1.8.1
-      svelte: 5.44.0
+      svelte: 5.45.2
       typescript: 5.9.3
     transitivePeerDependencies:
       - picomatch
 
-  svelte-eslint-parser@1.4.0(svelte@5.44.0):
+  svelte-eslint-parser@1.4.0(svelte@5.45.2):
     dependencies:
       eslint-scope: 8.4.0
       eslint-visitor-keys: 4.2.1
@@ -5343,36 +5268,36 @@ snapshots:
       postcss-scss: 4.0.9(postcss@8.5.6)
       postcss-selector-parser: 7.1.0
     optionalDependencies:
-      svelte: 5.44.0
+      svelte: 5.45.2
 
-  svelte-sonner@1.0.6(svelte@5.44.0):
+  svelte-sonner@1.0.6(svelte@5.45.2):
     dependencies:
-      runed: 0.28.0(svelte@5.44.0)
-      svelte: 5.44.0
+      runed: 0.28.0(svelte@5.45.2)
+      svelte: 5.45.2
 
-  svelte-toolbelt@0.10.6(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0):
+  svelte-toolbelt@0.10.6(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2):
     dependencies:
       clsx: 2.1.1
-      runed: 0.35.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)
+      runed: 0.35.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)
       style-to-object: 1.0.11
-      svelte: 5.44.0
+      svelte: 5.45.2
     transitivePeerDependencies:
       - '@sveltejs/kit'
 
-  svelte-toolbelt@0.5.0(svelte@5.44.0):
+  svelte-toolbelt@0.5.0(svelte@5.45.2):
     dependencies:
       clsx: 2.1.1
       style-to-object: 1.0.11
-      svelte: 5.44.0
+      svelte: 5.45.2
 
-  svelte-toolbelt@0.7.1(svelte@5.44.0):
+  svelte-toolbelt@0.7.1(svelte@5.45.2):
     dependencies:
       clsx: 2.1.1
-      runed: 0.23.4(svelte@5.44.0)
+      runed: 0.23.4(svelte@5.45.2)
       style-to-object: 1.0.11
-      svelte: 5.44.0
+      svelte: 5.45.2
 
-  svelte@5.44.0:
+  svelte@5.45.2:
     dependencies:
       '@jridgewell/remapping': 2.3.5
       '@jridgewell/sourcemap-codec': 1.5.5
@@ -5384,18 +5309,18 @@ snapshots:
       clsx: 2.1.1
       devalue: 5.4.2
       esm-env: 1.2.2
-      esrap: 2.1.0
+      esrap: 2.2.0
       is-reference: 3.0.3
       locate-character: 3.0.0
       magic-string: 0.30.21
       zimmerframe: 1.1.4
 
-  sveltekit-superforms@2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.44.0)(typescript@5.9.3):
+  sveltekit-superforms@2.28.1(@sveltejs/kit@2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(@types/json-schema@7.0.15)(esbuild@0.25.11)(svelte@5.45.2)(typescript@5.9.3):
     dependencies:
-      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.44.0)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
+      '@sveltejs/kit': 2.49.0(@sveltejs/vite-plugin-svelte@6.2.1(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1)))(svelte@5.45.2)(vite@7.2.4(@types/node@24.10.1)(jiti@2.6.1)(lightningcss@1.30.2)(terser@5.44.0)(tsx@4.20.6)(yaml@2.8.1))
       devalue: 5.4.2
       memoize-weak: 1.0.2
-      svelte: 5.44.0
+      svelte: 5.45.2
       ts-deepmerge: 7.0.3
     optionalDependencies:
       '@exodus/schemasafe': 1.3.0
@@ -5410,7 +5335,7 @@ snapshots:
       json-schema-to-ts: 3.1.1
       superstruct: 2.0.2
       typebox: 1.0.43
-      valibot: 1.1.0(typescript@5.9.3)
+      valibot: 1.2.0(typescript@5.9.3)
       yup: 1.7.1
       zod: 4.1.13
     transitivePeerDependencies:
@@ -5534,17 +5459,12 @@ snapshots:
 
   uuid@10.0.0: {}
 
-  valibot@0.42.1(typescript@5.9.3):
+  valibot@1.2.0(typescript@5.9.3):
     optionalDependencies:
       typescript: 5.9.3
     optional: true
 
-  valibot@1.1.0(typescript@5.9.3):
-    optionalDependencies:
-      typescript: 5.9.3
-    optional: true
-
-  validator@13.15.15:
+  validator@13.15.23:
     optional: true
 
   vary@1.1.2: {}
@@ -5588,18 +5508,6 @@ snapshots:
       string-width: 4.2.3
       strip-ansi: 6.0.1
 
-  wrap-ansi@7.0.0:
-    dependencies:
-      ansi-styles: 4.3.0
-      string-width: 4.2.3
-      strip-ansi: 6.0.1
-
-  wrap-ansi@8.1.0:
-    dependencies:
-      ansi-styles: 6.2.3
-      string-width: 5.1.2
-      strip-ansi: 7.1.2
-
   ws@8.17.1: {}
 
   y18n@4.0.3: {}

pnpm-workspace.yaml

@@ -1,7 +1,12 @@
 packages:
-  - 'frontend'
-  - 'tests'
-  - 'email-templates'
+  - frontend
+  - tests
+  - email-templates
 
 overrides:
-  'devalue': '^5.3.2'
+  cookie@<0.7.0: '>=0.7.0'
+  devalue: ^5.3.2
+  glob@>=11.0.0 <11.1.0: '>=11.1.0'
+  js-yaml@>=4.0.0 <4.1.1: '>=4.1.1'
+  valibot@>=0.31.0 <1.2.0: '>=1.2.0'
+  validator@<13.15.20: '>=13.15.20'

tests/package.json

@@ -11,6 +11,6 @@
 		"@types/node": "^24.10.1",
 		"dotenv": "^17.2.3",
 		"jose": "^6.1.2",
-		"prettier": "^3.6.2"
+		"prettier": "^3.7.0"
 	}
 }

tests/specs/api-key.spec.ts

@@ -22,7 +22,7 @@ test.describe('API Key Management', () => {
 		await page.getByRole('button', { name: 'Select a date' }).click();
 		await page.getByLabel('Select year').click();
 		// Select the next year
-		await page.getByText((currentDate.getFullYear() + 1).toString()).click();
+		await page.getByRole('option', { name: (currentDate.getFullYear() + 1).toString() }).click();
 		// Select the first day of the month
 		await page
 			.getByRole('button', { name: /([A-Z][a-z]+), ([A-Z][a-z]+) 1, (\d{4})/ })
@@ -62,7 +62,7 @@ test.describe('API Key Management', () => {
 		await page.getByRole('menuitem', { name: 'Revoke' }).click();
 
 		await page.getByRole('button', { name: 'Revoke' }).click();
-		
+
 		// Verify success message
 		await expect(page.locator('[data-type="success"]')).toHaveText('API key revoked successfully');