fix: i18n lock

Merge branch 'main' of https://github.com/formbricks/formbricks into fix/issue-7543-trial-conversion-template
fix: fix duplicate block and misleading subheader in trial conversion template
2026-05-06 19:35:53 -05:00 · 2026-04-17 15:15:06 +05:30 · 2026-04-17 15:13:03 +05:30 · 2026-03-23 09:49:08 +02:00
315 changed files with 8107 additions and 22029 deletions
@@ -20,12 +20,12 @@ runs:
  using: "composite"
  steps:
    - name: Checkout repo
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@v3
    - uses: ./.github/actions/dangerous-git-checkout
    - name: Cache Build
-      uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+      uses: actions/cache@v3
      id: cache-build
      env:
        cache-name: prod-build
@@ -43,7 +43,7 @@ runs:
      shell: bash
    - name: Setup Node.js 20.x
-      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      uses: actions/setup-node@v3
      with:
        node-version: 20.x
      if: steps.cache-build.outputs.cache-hit != 'true'
@@ -53,7 +53,7 @@ runs:
      if: steps.cache-build.outputs.cache-hit != 'true'
    - name: Install dependencies
-      run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+      run: pnpm install --config.platform=linux --config.architecture=x64
      if: steps.cache-build.outputs.cache-hit != 'true'
      shell: bash
@@ -4,7 +4,7 @@ runs:
  using: "composite"
  steps:
    - name: Checkout repo
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@v3
      with:
        ref: ${{ github.event.pull_request.head.sha }}
        fetch-depth: 2
@@ -49,7 +49,7 @@ jobs:
            ${{ runner.os }}-pnpm-store-
      - name: Install dependencies
-        run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+        run: pnpm install --config.platform=linux --config.architecture=x64
      - name: Run Chromatic
        uses: chromaui/action@4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694 # v13.3.4
@@ -57,7 +57,7 @@ jobs:
      - uses: ./.github/actions/dangerous-git-checkout
      - name: Setup Node.js 22.x
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3.8.2
        with:
          node-version: 22.x
@@ -65,7 +65,7 @@ jobs:
        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
      - name: Install dependencies
-        run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+        run: pnpm install --config.platform=linux --config.architecture=x64
        shell: bash
      - name: create .env
@@ -85,48 +85,65 @@ jobs:
          echo "S3_REGION=us-east-1" >> .env
          echo "S3_BUCKET_NAME=formbricks-e2e" >> .env
          echo "S3_ENDPOINT_URL=http://localhost:9000" >> .env
-          echo "S3_ACCESS_KEY=devrustfs-service" >> .env
+          echo "S3_ACCESS_KEY=devminio" >> .env
-          echo "S3_SECRET_KEY=devrustfs-service123" >> .env
+          echo "S3_SECRET_KEY=devminio123" >> .env
          echo "S3_FORCE_PATH_STYLE=1" >> .env
        shell: bash
-      - name: Start RustFS Server
+      - name: Install MinIO client (mc)
        run: |
          set -euo pipefail
          MC_VERSION="RELEASE.2025-08-13T08-35-41Z"
          MC_BASE="https://dl.min.io/client/mc/release/linux-amd64/archive"
          MC_BIN="mc.${MC_VERSION}"
          MC_SUM="${MC_BIN}.sha256sum"
          curl -fsSL "${MC_BASE}/${MC_BIN}" -o "${MC_BIN}"
          curl -fsSL "${MC_BASE}/${MC_SUM}" -o "${MC_SUM}"
          sha256sum -c "${MC_SUM}"
          chmod +x "${MC_BIN}"
          sudo mv "${MC_BIN}" /usr/local/bin/mc
      - name: Start MinIO Server
        run: |
          set -euo pipefail
-          # Start RustFS server in background
+          # Start MinIO server in background
          docker run -d \
-            --name rustfs-server \
+            --name minio-server \
            -p 9000:9000 \
            -p 9001:9001 \
-            -e RUSTFS_ACCESS_KEY=devrustfs \
+            -e MINIO_ROOT_USER=devminio \
-            -e RUSTFS_SECRET_KEY=devrustfs123 \
+            -e MINIO_ROOT_PASSWORD=devminio123 \
-            -e RUSTFS_ADDRESS=:9000 \
+            minio/minio:RELEASE.2025-09-07T16-13-09Z \
-            -e RUSTFS_CONSOLE_ENABLE=true \
+            server /data --console-address :9001
            -e RUSTFS_CONSOLE_ADDRESS=:9001 \
            rustfs/rustfs:1.0.0-alpha.93 \
            /data
-          echo "RustFS server started"
+          echo "MinIO server started"
-      - name: Bootstrap RustFS bucket and browser upload CORS
+      - name: Wait for MinIO and create S3 bucket
        run: |
          set -euo pipefail
-          docker run --rm \
+          echo "Waiting for MinIO to be ready..."
-            --network host \
+          ready=0
-            --entrypoint /bin/sh \
+          for i in {1..60}; do
-            -e RUSTFS_ENDPOINT_URL=http://127.0.0.1:9000 \
+            if curl -fsS http://localhost:9000/minio/health/live >/dev/null; then
-            -e RUSTFS_ADMIN_USER=devrustfs \
+              echo "MinIO is up after ${i} seconds"
-            -e RUSTFS_ADMIN_PASSWORD=devrustfs123 \
+              ready=1
-            -e RUSTFS_SERVICE_USER=devrustfs-service \
+              break
-            -e RUSTFS_SERVICE_PASSWORD=devrustfs-service123 \
+            fi
-            -e RUSTFS_BUCKET_NAME=formbricks-e2e \
+            sleep 1
-            -e RUSTFS_POLICY_NAME=formbricks-e2e-policy \
+          done
-            -e RUSTFS_CORS_ALLOWED_ORIGINS=http://localhost:3000,http://127.0.0.1:3000 \
+
-            -v "$PWD/docker/rustfs-init.sh:/tmp/rustfs-init.sh:ro" \
+          if [ "$ready" -ne 1 ]; then
-            minio/mc@sha256:95b5f3f7969a5c5a9f3a700ba72d5c84172819e13385aaf916e237cf111ab868 \
+            echo "::error::MinIO did not become ready within 60 seconds"
-            /tmp/rustfs-init.sh
+            exit 1
          fi
          mc alias set local http://localhost:9000 devminio devminio123
          mc mb --ignore-existing local/formbricks-e2e
      - name: Build App
        run: |
@@ -225,14 +242,8 @@ jobs:
        if: failure()
        with:
          name: app-logs
          if-no-files-found: ignore
          path: app.log
      - name: Output App Logs
        if: failure()
-        run: |
+        run: cat app.log
          if [ -f app.log ]; then
            cat app.log
          else
            echo "app.log not found because the Run App step did not execute or failed before log creation."
          fi
@@ -21,7 +21,7 @@ jobs:
      - uses: ./.github/actions/dangerous-git-checkout
      - name: Setup Node.js 20.x
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
        with:
          node-version: 20.x
@@ -29,7 +29,7 @@ jobs:
        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
      - name: Install dependencies
-        run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+        run: pnpm install --config.platform=linux --config.architecture=x64
      - name: create .env
        run: cp .env.example .env
@@ -25,7 +25,7 @@ jobs:
          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
      - name: Setup Node.js 22.x
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
        with:
          node-version: 22.x
@@ -33,7 +33,7 @@ jobs:
        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
      - name: Install dependencies
-        run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+        run: pnpm install --config.platform=linux --config.architecture=x64
      - name: create .env
        run: cp .env.example .env
@@ -22,7 +22,7 @@ jobs:
      - uses: ./.github/actions/dangerous-git-checkout
      - name: Setup Node.js 20.x
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3.8.2
        with:
          node-version: 20.x
@@ -30,7 +30,7 @@ jobs:
        uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
      - name: Install dependencies
-        run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+        run: pnpm install --config.platform=linux --config.architecture=x64
      - name: create .env
        run: cp .env.example .env
@@ -2,7 +2,6 @@ name: Translation Validation
 permissions:
  contents: read
  pull-requests: read
 on:
  pull_request:
@@ -40,7 +39,7 @@ jobs:
      - name: Setup Node.js 22.x
        if: steps.changes.outputs.translations == 'true'
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af
        with:
          node-version: 22.x
@@ -50,7 +49,7 @@ jobs:
      - name: Install dependencies
        if: steps.changes.outputs.translations == 'true'
-        run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
+        run: pnpm install --config.platform=linux --config.architecture=x64
      - name: Validate translation keys
        if: steps.changes.outputs.translations == 'true'
@@ -11,19 +11,19 @@
    "clean": "rimraf .turbo node_modules dist storybook-static"
  },
  "devDependencies": {
-    "@chromatic-com/storybook": "5.0.2",
+    "@chromatic-com/storybook": "^5.0.1",
-    "@storybook/addon-a11y": "10.3.5",
+    "@storybook/addon-a11y": "10.2.17",
-    "@storybook/addon-docs": "10.3.5",
+    "@storybook/addon-links": "10.2.17",
-    "@storybook/addon-links": "10.3.5",
+    "@storybook/addon-onboarding": "10.2.17",
-    "@storybook/addon-onboarding": "10.3.5",
+    "@storybook/react-vite": "10.2.17",
-    "@storybook/react-vite": "10.3.5",
+    "@typescript-eslint/eslint-plugin": "8.57.0",
-    "@tailwindcss/vite": "4.2.4",
+    "@tailwindcss/vite": "4.2.1",
-    "@typescript-eslint/eslint-plugin": "8.57.2",
+    "@typescript-eslint/parser": "8.57.0",
    "@typescript-eslint/parser": "8.57.2",
    "@vitejs/plugin-react": "5.1.4",
    "eslint-plugin-react-refresh": "0.4.26",
-    "eslint-plugin-storybook": "10.3.5",
+    "eslint-plugin-storybook": "10.2.17",
-    "storybook": "10.3.5",
+    "storybook": "10.2.17",
-    "vite": "7.3.2"
+    "vite": "7.3.1",
    "@storybook/addon-docs": "10.2.17"
  }
 }
@@ -1,4 +1,4 @@
-import { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";
+import { Prisma } from "@prisma/client";
 import { beforeEach, describe, expect, test, vi } from "vitest";
 import { prisma } from "@formbricks/database";
 import { DatabaseError } from "@formbricks/types/errors";
@@ -32,7 +32,7 @@ describe("getTeamsByOrganizationId", () => {
  test("throws DatabaseError on Prisma error", async () => {
    vi.mocked(prisma.team.findMany).mockRejectedValueOnce(
-      new PrismaClientKnownRequestError("fail", { code: "P2002", clientVersion: "1.0.0" })
+      new Prisma.PrismaClientKnownRequestError("fail", { code: "P2002", clientVersion: "1.0.0" })
    );
    await expect(getTeamsByOrganizationId("org1")).rejects.toThrow(DatabaseError);
  });
@@ -1,6 +1,6 @@
 "use server";
-import { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";
+import { Prisma } from "@prisma/client";
 import { cache as reactCache } from "react";
 import { prisma } from "@formbricks/database";
 import { ZId } from "@formbricks/types/common";
@@ -27,7 +27,7 @@ export const getTeamsByOrganizationId = reactCache(
        name: team.name,
      }));
    } catch (error) {
-      if (error instanceof PrismaClientKnownRequestError) {
+      if (error instanceof Prisma.PrismaClientKnownRequestError) {
        throw new DatabaseError(error.message);
      }
@@ -409,22 +409,16 @@ export const MainNavigation = ({
    : `/environments/${environment.id}/surveys/`;
  const handleProjectChange = (projectId: string) => {
-    const targetPath =
+    if (projectId === project.id) return;
      projectId === project.id ? `/environments/${environment.id}/surveys` : `/workspaces/${projectId}/`;
    startTransition(() => {
-      setIsWorkspaceDropdownOpen(false);
+      router.push(`/workspaces/${projectId}/`);
      router.push(targetPath);
    });
  };
  const handleOrganizationChange = (organizationId: string) => {
-    const targetPath =
+    if (organizationId === organization.id) return;
      organizationId === organization.id
        ? `/environments/${environment.id}/settings/general`
        : `/organizations/${organizationId}/`;
    startTransition(() => {
-      setIsOrganizationDropdownOpen(false);
+      router.push(`/organizations/${organizationId}/`);
      router.push(targetPath);
    });
  };
@@ -114,12 +114,8 @@ export const OrganizationBreadcrumb = ({
  }
  const handleOrganizationChange = (organizationId: string) => {
    if (organizationId === currentOrganizationId) return;
    startTransition(() => {
      setIsOrganizationDropdownOpen(false);
      if (organizationId === currentOrganizationId && currentEnvironmentId) {
        router.push(`/environments/${currentEnvironmentId}/settings/general`);
        return;
      }
      router.push(`/organizations/${organizationId}/`);
    });
  };
@@ -152,13 +152,9 @@ export const ProjectBreadcrumb = ({
  }
  const handleProjectChange = (projectId: string) => {
-    const targetPath =
+    if (projectId === currentProjectId) return;
      projectId === currentProjectId
        ? `/environments/${currentEnvironmentId}/surveys`
        : `/workspaces/${projectId}/`;
    startTransition(() => {
-      setIsProjectDropdownOpen(false);
+      router.push(`/workspaces/${projectId}/`);
      router.push(targetPath);
    });
  };
@@ -6,9 +6,11 @@ import {
  TUserUpdateInput,
  ZUserPersonalInfoUpdateInput,
 } from "@formbricks/types/user";
-import { getIsEmailUnique } from "@/app/(app)/environments/[environmentId]/settings/(account)/profile/lib/user";
+import {
  getIsEmailUnique,
  verifyUserPassword,
 } from "@/app/(app)/environments/[environmentId]/settings/(account)/profile/lib/user";
 import { EMAIL_VERIFICATION_DISABLED, PASSWORD_RESET_DISABLED } from "@/lib/constants";
 import { verifyUserPassword } from "@/lib/user/password";
 import { getUser, updateUser } from "@/lib/user/service";
 import { authenticatedActionClient } from "@/lib/utils/action-client";
 import { AuthenticatedActionClientCtx } from "@/lib/utils/action-client/types/context";
@@ -1,9 +1,8 @@
 import { beforeEach, describe, expect, test, vi } from "vitest";
 import { prisma } from "@formbricks/database";
 import { InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { verifyUserPassword } from "@/lib/user/password";
 import { verifyPassword as mockVerifyPasswordImported } from "@/modules/auth/lib/utils";
-import { getIsEmailUnique } from "./user";
+import { getIsEmailUnique, verifyUserPassword } from "./user";
 vi.mock("@/modules/auth/lib/utils", () => ({
  verifyPassword: vi.fn(),
@@ -1,5 +1,42 @@
 import { User } from "@prisma/client";
 import { cache as reactCache } from "react";
 import { prisma } from "@formbricks/database";
 import { InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { verifyPassword } from "@/modules/auth/lib/utils";
 export const getUserById = reactCache(
  async (userId: string): Promise<Pick<User, "password" | "identityProvider">> => {
    const user = await prisma.user.findUnique({
      where: {
        id: userId,
      },
      select: {
        password: true,
        identityProvider: true,
      },
    });
    if (!user) {
      throw new ResourceNotFoundError("user", userId);
    }
    return user;
  }
 );
 export const verifyUserPassword = async (userId: string, password: string): Promise<boolean> => {
  const user = await getUserById(userId);
  if (user.identityProvider !== "email" || !user.password) {
    throw new InvalidInputError("Password is not set for this user");
  }
  const isCorrectPassword = await verifyPassword(password, user.password);
  if (!isCorrectPassword) {
    return false;
  }
  return true;
 };
 export const getIsEmailUnique = reactCache(async (email: string): Promise<boolean> => {
  const user = await prisma.user.findUnique({
@@ -3,22 +3,25 @@
 import { InboxIcon, PresentationIcon } from "lucide-react";
 import { usePathname } from "next/navigation";
 import { useTranslation } from "react-i18next";
-import { useEnvironment } from "@/app/(app)/environments/[environmentId]/context/environment-context";
+import { TSurvey } from "@formbricks/types/surveys/types";
 import { revalidateSurveyIdPath } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/actions";
 import { useSurvey } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/context/survey-context";
 import { SecondaryNavigation } from "@/modules/ui/components/secondary-navigation";
 interface SurveyAnalysisNavigationProps {
  environmentId: string;
  survey: TSurvey;
  activeId: string;
 }
-export const SurveyAnalysisNavigation = ({ activeId }: SurveyAnalysisNavigationProps) => {
+export const SurveyAnalysisNavigation = ({
  environmentId,
  survey,
  activeId,
 }: SurveyAnalysisNavigationProps) => {
  const pathname = usePathname();
  const { t } = useTranslation();
  const { environment } = useEnvironment();
  const { survey } = useSurvey();
-  const url = `/environments/${environment.id}/surveys/${survey.id}`;
+  const url = `/environments/${environmentId}/surveys/${survey.id}`;
  const navigation = [
    {
@@ -28,7 +31,7 @@ export const SurveyAnalysisNavigation = ({ activeId }: SurveyAnalysisNavigationP
      href: `${url}/summary?referer=true`,
      current: pathname?.includes("/summary"),
      onClick: () => {
-        revalidateSurveyIdPath(environment.id, survey.id);
+        revalidateSurveyIdPath(environmentId, survey.id);
      },
    },
    {
@@ -38,7 +41,7 @@ export const SurveyAnalysisNavigation = ({ activeId }: SurveyAnalysisNavigationP
      href: `${url}/responses?referer=true`,
      current: pathname?.includes("/responses"),
      onClick: () => {
-        revalidateSurveyIdPath(environment.id, survey.id);
+        revalidateSurveyIdPath(environmentId, survey.id);
      },
    },
  ];
@@ -1,6 +1,6 @@
 "use client";
-import React, { createContext, useCallback, useContext, useMemo, useRef, useState } from "react";
+import React, { createContext, useCallback, useContext, useState } from "react";
 import {
  ElementOption,
  ElementOptions,
@@ -30,7 +30,7 @@ interface SelectedFilterOptions {
 export interface DateRange {
  from: Date | undefined;
-  to?: Date;
+  to?: Date | undefined;
 }
 interface FilterDateContextProps {
@@ -41,8 +41,6 @@ interface FilterDateContextProps {
  dateRange: DateRange;
  setDateRange: React.Dispatch<React.SetStateAction<DateRange>>;
  resetState: () => void;
  refreshAnalysisData: () => Promise<void>;
  registerAnalysisRefreshHandler: (handler: () => Promise<void>) => () => void;
 }
 const ResponseFilterContext = createContext<FilterDateContextProps | undefined>(undefined);
@@ -63,7 +61,6 @@ const ResponseFilterProvider = ({ children }: { children: React.ReactNode }) =>
    from: undefined,
    to: getTodayDate(),
  });
  const refreshHandlerRef = useRef<(() => Promise<void>) | null>(null);
  const resetState = useCallback(() => {
    setDateRange({
@@ -76,43 +73,20 @@ const ResponseFilterProvider = ({ children }: { children: React.ReactNode }) =>
    });
  }, []);
-  const refreshAnalysisData = useCallback(async () => {
+  return (
-    await refreshHandlerRef.current?.();
+    <ResponseFilterContext.Provider
-  }, []);
+      value={{
-
+        setSelectedFilter,
-  const registerAnalysisRefreshHandler = useCallback((handler: () => Promise<void>) => {
+        selectedFilter,
-    refreshHandlerRef.current = handler;
+        selectedOptions,
-
+        setSelectedOptions,
-    return () => {
+        dateRange,
-      if (refreshHandlerRef.current === handler) {
+        setDateRange,
-        refreshHandlerRef.current = null;
+        resetState,
-      }
+      }}>
-    };
+      {children}
-  }, []);
+    </ResponseFilterContext.Provider>
  const contextValue = useMemo(
    () => ({
      setSelectedFilter,
      selectedFilter,
      selectedOptions,
      setSelectedOptions,
      dateRange,
      setDateRange,
      resetState,
      refreshAnalysisData,
      registerAnalysisRefreshHandler,
    }),
    [
      dateRange,
      refreshAnalysisData,
      registerAnalysisRefreshHandler,
      resetState,
      selectedFilter,
      selectedOptions,
    ]
  );
  return <ResponseFilterContext.Provider value={contextValue}>{children}</ResponseFilterContext.Provider>;
 };
 const useResponseFilter = () => {
@@ -2,8 +2,6 @@
 import { useSearchParams } from "next/navigation";
 import { useCallback, useEffect, useMemo, useState } from "react";
 import toast from "react-hot-toast";
 import { useTranslation } from "react-i18next";
 import { TEnvironment } from "@formbricks/types/environment";
 import { TSurveyQuota } from "@formbricks/types/quota";
 import { TResponseWithQuotas } from "@formbricks/types/responses";
@@ -15,7 +13,6 @@ import { useResponseFilter } from "@/app/(app)/environments/[environmentId]/surv
 import { ResponseDataView } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/responses/components/ResponseDataView";
 import { CustomFilter } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/components/CustomFilter";
 import { getFormattedFilters } from "@/app/lib/surveys/surveys";
 import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { replaceHeadlineRecall } from "@/lib/utils/recall";
 interface ResponsePageProps {
@@ -49,8 +46,8 @@ export const ResponsePage = ({
  const [page, setPage] = useState<number | null>(null);
  const [hasMore, setHasMore] = useState<boolean>(initialResponses.length >= responsesPerPage);
  const [isFetchingFirstPage, setIsFetchingFirstPage] = useState<boolean>(false);
-  const { selectedFilter, dateRange, resetState, registerAnalysisRefreshHandler } = useResponseFilter();
+  const { selectedFilter, dateRange, resetState } = useResponseFilter();
-  const { t } = useTranslation();
+
  const filters = useMemo(
    () => getFormattedFilters(survey, selectedFilter, dateRange),
@@ -89,34 +86,6 @@ export const ResponsePage = ({
    setResponses((prev) => prev.map((r) => (r.id === responseId ? updatedResponse : r)));
  };
  const refetchResponses = useCallback(async () => {
    setIsFetchingFirstPage(true);
    try {
      const getResponsesActionResponse = await getResponsesAction({
        surveyId,
        limit: responsesPerPage,
        offset: 0,
        filterCriteria: filters,
      });
      if (getResponsesActionResponse?.serverError) {
        toast.error(getFormattedErrorMessage(getResponsesActionResponse) ?? t("common.something_went_wrong"));
      }
      const freshResponses = getResponsesActionResponse?.data ?? [];
      setResponses(freshResponses);
      setPage(1);
      setHasMore(freshResponses.length >= responsesPerPage);
    } finally {
      setIsFetchingFirstPage(false);
    }
  }, [filters, responsesPerPage, surveyId]);
  useEffect(() => {
    return registerAnalysisRefreshHandler(refetchResponses);
  }, [refetchResponses, registerAnalysisRefreshHandler]);
  const surveyMemoized = useMemo(() => {
    return replaceHeadlineRecall(survey, "default");
  }, [survey]);
@@ -165,8 +134,6 @@ export const ResponsePage = ({
      }
    };
    fetchFilteredResponses();
    // page is intentionally omitted to avoid refetching after the initial page setup.
    // eslint-disable-next-line react-hooks/exhaustive-deps
  }, [filters, responsesPerPage, selectedFilter, dateRange, surveyId]);
  return (
@@ -1,4 +1,5 @@
 import { TFunction } from "i18next";
 import { capitalize } from "lodash";
 import {
  AirplayIcon,
  ArrowUpFromDotIcon,
@@ -8,7 +9,6 @@ import {
  SmartphoneIcon,
 } from "lucide-react";
 import { TResponseMeta } from "@formbricks/types/responses";
 import { capitalize } from "@/lib/utils/object";
 export const getAddressFieldLabel = (field: string, t: TFunction) => {
  switch (field) {
@@ -64,6 +64,8 @@ const Page = async (props: { params: Promise<{ environmentId: string; surveyId:
        pageTitle={survey.name}
        cta={
          <SurveyAnalysisCTA
            environment={environment}
            survey={survey}
            isReadOnly={isReadOnly}
            user={user}
            publicDomain={publicDomain}
@@ -74,7 +76,7 @@ const Page = async (props: { params: Promise<{ environmentId: string; surveyId:
            isStorageConfigured={IS_STORAGE_CONFIGURED}
          />
        }>
-        <SurveyAnalysisNavigation activeId="responses" />
+        <SurveyAnalysisNavigation environmentId={environment.id} survey={survey} activeId="responses" />
      </PageHeader>
      <ResponsePage
        environment={environment}
@@ -4,13 +4,16 @@ import { useSearchParams } from "next/navigation";
 import { useEffect, useState } from "react";
 import toast from "react-hot-toast";
 import { useTranslation } from "react-i18next";
-import { useEnvironment } from "@/app/(app)/environments/[environmentId]/context/environment-context";
+import { TEnvironment } from "@formbricks/types/environment";
-import { useSurvey } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/context/survey-context";
+import { TSurvey } from "@formbricks/types/surveys/types";
 import { Confetti } from "@/modules/ui/components/confetti";
-export const SuccessMessage = () => {
+interface SummaryMetadataProps {
-  const { environment } = useEnvironment();
+  environment: TEnvironment;
-  const { survey } = useSurvey();
+  survey: TSurvey;
 }
 export const SuccessMessage = ({ environment, survey }: SummaryMetadataProps) => {
  const { t } = useTranslation();
  const searchParams = useSearchParams();
  const [confetti, setConfetti] = useState(false);
@@ -71,7 +71,7 @@ export const SummaryPage = ({
  const [tab, setTab] = useState<"dropOffs" | "quotas" | "impressions" | undefined>(undefined);
  const [isLoading, setIsLoading] = useState(!initialSurveySummary);
-  const { selectedFilter, dateRange, resetState, registerAnalysisRefreshHandler } = useResponseFilter();
+  const { selectedFilter, dateRange, resetState } = useResponseFilter();
  const [displays, setDisplays] = useState<TDisplayWithContact[]>([]);
  const [isDisplaysLoading, setIsDisplaysLoading] = useState(false);
@@ -111,7 +111,7 @@ export const SummaryPage = ({
    } finally {
      setIsDisplaysLoading(false);
    }
-  }, [fetchDisplays]);
+  }, [fetchDisplays, t]);
  const handleLoadMoreDisplays = useCallback(async () => {
    try {
@@ -131,39 +131,13 @@ export const SummaryPage = ({
    }
  }, [tab, loadInitialDisplays]);
  const fetchSummary = useCallback(async () => {
    const currentFilters = getFormattedFilters(survey, selectedFilter, dateRange);
    const updatedSurveySummary = await getSurveySummaryAction({
      surveyId,
      filterCriteria: currentFilters,
    });
    if (updatedSurveySummary?.serverError) {
      throw new Error(getFormattedErrorMessage(updatedSurveySummary));
    }
    setSurveySummary(updatedSurveySummary?.data ?? defaultSurveySummary);
  }, [dateRange, selectedFilter, survey, surveyId]);
  const refreshSummary = useCallback(async () => {
    setIsLoading(true);
    try {
      await Promise.all([fetchSummary(), tab === "impressions" ? loadInitialDisplays() : Promise.resolve()]);
    } finally {
      setIsLoading(false);
    }
  }, [fetchSummary, loadInitialDisplays, tab]);
  useEffect(() => {
    return registerAnalysisRefreshHandler(refreshSummary);
  }, [refreshSummary, registerAnalysisRefreshHandler]);
  // Only fetch data when filters change or when there's no initial data
  useEffect(() => {
    // If we have initial data and no filters are applied, don't fetch
    const hasNoFilters =
-      (!selectedFilter || Object.keys(selectedFilter).length === 0 || selectedFilter.filter?.length === 0) &&
+      (!selectedFilter ||
        Object.keys(selectedFilter).length === 0 ||
        (selectedFilter.filter && selectedFilter.filter.length === 0)) &&
      (!dateRange || (!dateRange.from && !dateRange.to));
    if (initialSurveySummary && hasNoFilters) {
@@ -171,11 +145,21 @@ export const SummaryPage = ({
      return;
    }
-    const fetchFilteredSummary = async () => {
+    const fetchSummary = async () => {
      setIsLoading(true);
      try {
-        await fetchSummary();
+        // Recalculate filters inside the effect to ensure we have the latest values
        const currentFilters = getFormattedFilters(survey, selectedFilter, dateRange);
        let updatedSurveySummary;
        updatedSurveySummary = await getSurveySummaryAction({
          surveyId,
          filterCriteria: currentFilters,
        });
        const surveySummary = updatedSurveySummary?.data ?? defaultSurveySummary;
        setSurveySummary(surveySummary);
      } catch (error) {
        console.error(error);
      } finally {
@@ -183,8 +167,8 @@ export const SummaryPage = ({
      }
    };
-    fetchFilteredSummary();
+    fetchSummary();
-  }, [selectedFilter, dateRange, initialSurveySummary, fetchSummary]);
+  }, [selectedFilter, dateRange, survey, surveyId, initialSurveySummary]);
  const surveyMemoized = useMemo(() => {
    return replaceHeadlineRecall(survey, "default");
@@ -1,18 +1,18 @@
 "use client";
-import { BellRing, Eye, ListRestart, RefreshCcwIcon, SquarePenIcon } from "lucide-react";
+import { BellRing, Eye, ListRestart, SquarePenIcon } from "lucide-react";
 import { usePathname, useRouter, useSearchParams } from "next/navigation";
 import { useEffect, useState } from "react";
 import toast from "react-hot-toast";
 import { useTranslation } from "react-i18next";
 import { TEnvironment } from "@formbricks/types/environment";
 import { TSegment } from "@formbricks/types/segment";
 import { TSurvey } from "@formbricks/types/surveys/types";
 import { TUser } from "@formbricks/types/user";
 import { useEnvironment } from "@/app/(app)/environments/[environmentId]/context/environment-context";
 import { useResponseFilter } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/components/response-filter-context";
 import { SuccessMessage } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/SuccessMessage";
 import { ShareSurveyModal } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/share-survey-modal";
 import { SurveyStatusDropdown } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/components/SurveyStatusDropdown";
 import { useSurvey } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/context/survey-context";
 import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { EditPublicSurveyAlertDialog } from "@/modules/survey/components/edit-public-survey-alert-dialog";
 import { useSingleUseId } from "@/modules/survey/hooks/useSingleUseId";
@@ -23,6 +23,8 @@ import { IconBar } from "@/modules/ui/components/iconbar";
 import { resetSurveyAction } from "../actions";
 interface SurveyAnalysisCTAProps {
  survey: TSurvey;
  environment: TEnvironment;
  isReadOnly: boolean;
  user: TUser;
  publicDomain: string;
@@ -39,6 +41,8 @@ interface ModalState {
 }
 export const SurveyAnalysisCTA = ({
  survey,
  environment,
  isReadOnly,
  user,
  publicDomain,
@@ -59,12 +63,9 @@ export const SurveyAnalysisCTA = ({
  });
  const [isResetModalOpen, setIsResetModalOpen] = useState(false);
  const [isResetting, setIsResetting] = useState(false);
  const [isRefreshing, setIsRefreshing] = useState(false);
-  const { environment, project } = useEnvironment();
+  const { project } = useEnvironment();
  const { survey } = useSurvey();
  const { refreshSingleUseId } = useSingleUseId(survey, isReadOnly);
  const { refreshAnalysisData } = useResponseFilter();
  const appSetupCompleted = survey.type === "app" && environment.appSetupCompleted;
@@ -76,7 +77,7 @@ export const SurveyAnalysisCTA = ({
  }, [searchParams]);
  const handleShareModalToggle = (open: boolean) => {
-    const params = new URLSearchParams(globalThis.location.search);
+    const params = new URLSearchParams(window.location.search);
    const currentShareParam = params.get("share") === "true";
    if (open && !currentShareParam) {
@@ -146,25 +147,6 @@ export const SurveyAnalysisCTA = ({
  };
  const iconActions = [
    {
      icon: RefreshCcwIcon,
      tooltip: t("common.refresh"),
      onClick: async () => {
        if (isRefreshing) return;
        setIsRefreshing(true);
        try {
          await refreshAnalysisData();
          toast.success(t("common.data_refreshed_successfully"));
        } catch (error) {
          const errorMessage = error instanceof Error ? error.message : t("common.something_went_wrong");
          toast.error(errorMessage);
        } finally {
          setIsRefreshing(false);
        }
      },
      disabled: isRefreshing,
      isVisible: true,
    },
    {
      icon: BellRing,
      tooltip: t("environments.surveys.summary.configure_alerts"),
@@ -201,7 +183,7 @@ export const SurveyAnalysisCTA = ({
  return (
    <div className="hidden justify-end gap-x-1.5 sm:flex">
      {!isReadOnly && (appSetupCompleted || survey.type === "link") && survey.status !== "draft" && (
-        <SurveyStatusDropdown />
+        <SurveyStatusDropdown environment={environment} survey={survey} />
      )}
      <IconBar actions={iconActions} />
@@ -233,7 +215,7 @@ export const SurveyAnalysisCTA = ({
          projectCustomScripts={project.customHeadScripts}
        />
      )}
-      <SuccessMessage />
+      <SuccessMessage environment={environment} survey={survey} />
      {responseCount > 0 && (
        <EditPublicSurveyAlertDialog
@@ -2,7 +2,7 @@
 import DOMPurify from "dompurify";
 import { CopyIcon, SendIcon } from "lucide-react";
-import { type SyntheticEvent, useEffect, useMemo, useState } from "react";
+import { useEffect, useMemo, useState } from "react";
 import toast from "react-hot-toast";
 import { useTranslation } from "react-i18next";
 import { AuthenticationError } from "@formbricks/types/errors";
@@ -21,7 +21,6 @@ interface EmailTabProps {
 export const EmailTab = ({ surveyId, email }: EmailTabProps) => {
  const [activeTab, setActiveTab] = useState("preview");
  const [emailHtmlPreview, setEmailHtmlPreview] = useState<string>("");
  const [previewFrameHeight, setPreviewFrameHeight] = useState(560);
  const { t } = useTranslation();
  const emailHtml = useMemo(() => {
@@ -32,40 +31,6 @@ export const EmailTab = ({ surveyId, email }: EmailTabProps) => {
      .replaceAll("?preview=true", "");
  }, [emailHtmlPreview]);
  const sanitizedEmailHtml = useMemo(() => {
    if (!emailHtmlPreview) return "";
    return DOMPurify.sanitize(emailHtmlPreview, { ADD_ATTR: ["bgcolor", "target"] });
  }, [emailHtmlPreview]);
  const emailPreviewDocument = useMemo(() => {
    if (!sanitizedEmailHtml) return "";
    return `<!DOCTYPE html>
 <html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <meta name="color-scheme" content="only light" />
    <meta name="supported-color-schemes" content="light" />
    <base target="_blank" />
    <style>
      :root {
        color-scheme: only light;
        supported-color-schemes: light;
      }
      html, body {
        margin: 0;
        padding: 0;
        background: #ffffff;
        color-scheme: only light;
      }
    </style>
  </head>
  <body>${sanitizedEmailHtml}</body>
 </html>`;
  }, [sanitizedEmailHtml]);
  const tabs = [
    {
      id: "preview",
@@ -86,25 +51,6 @@ export const EmailTab = ({ surveyId, email }: EmailTabProps) => {
    getData();
  }, [surveyId]);
  useEffect(() => {
    setPreviewFrameHeight(560);
  }, [emailPreviewDocument]);
  const handlePreviewFrameLoad = (event: SyntheticEvent<HTMLIFrameElement>) => {
    const { contentDocument } = event.currentTarget;
    if (!contentDocument) {
      return;
    }
    const nextHeight = Math.max(
      contentDocument.body.scrollHeight,
      contentDocument.documentElement.scrollHeight,
      560
    );
    setPreviewFrameHeight(nextHeight);
  };
  const sendPreviewEmail = async () => {
    try {
      const val = await sendEmbedSurveyPreviewEmailAction({ surveyId });
@@ -127,9 +73,7 @@ export const EmailTab = ({ surveyId, email }: EmailTabProps) => {
    if (activeTab === "preview") {
      return (
        <div className="space-y-4 pb-4">
-          <div
+          <div className="flex-1 overflow-y-auto rounded-lg border border-slate-200 bg-white p-4">
            className="flex-1 overflow-y-auto rounded-lg border border-slate-200 bg-white p-4"
            data-testid="survey-email-preview-shell">
            <div className="mb-6 flex gap-2">
              <div className="h-3 w-3 rounded-full bg-red-500" />
              <div className="h-3 w-3 rounded-full bg-amber-500" />
@@ -143,17 +87,9 @@ export const EmailTab = ({ surveyId, email }: EmailTabProps) => {
                {t("environments.surveys.share.send_email.email_subject_label")} :{" "}
                {t("environments.surveys.share.send_email.formbricks_email_survey_preview")}
              </div>
-              <div data-testid="survey-email-preview-content">
+              <div className="p-2">
-                {emailPreviewDocument ? (
+                {emailHtml ? (
-                  <iframe
+                  <div dangerouslySetInnerHTML={{ __html: DOMPurify.sanitize(emailHtml) }} />
                    className="mt-2 w-full rounded-md border-0 bg-white"
                    data-testid="survey-email-preview-frame"
                    onLoad={handlePreviewFrameLoad}
                    sandbox="allow-popups allow-popups-to-escape-sandbox allow-same-origin"
                    srcDoc={emailPreviewDocument}
                    style={{ height: `${previewFrameHeight}px` }}
                    title={t("environments.surveys.share.send_email.email_preview_tab")}
                  />
                ) : (
                  <LoadingSpinner />
                )}
@@ -16,19 +16,13 @@ export const WebsiteEmbedTab = ({ surveyUrl }: WebsiteEmbedTabProps) => {
  const [embedModeEnabled, setEmbedModeEnabled] = useState(false);
  const { t } = useTranslation();
-  const separator = surveyUrl.includes("?") ? "&" : "?";
+  const iframeCode = `<div style="position: relative; height:80dvh; overflow:auto;"> 
-
+  <iframe 
-  const iframeSrc = embedModeEnabled ? `${surveyUrl}${separator}embed=true` : surveyUrl;
+    src="${surveyUrl}${embedModeEnabled ? "?embed=true" : ""}" 
  const iframeCode = `<div style="position: relative; height:80dvh; overflow:auto;">
  <iframe
    src="${iframeSrc}"
    frameborder="0" style="position: absolute; left:0; top:0; width:100%; height:100%; border:0;">
  </iframe>
 </div>`;
  const previewSrc = `${iframeSrc}${iframeSrc.includes("?") ? "&" : "?"}preview=true`;
  return (
    <>
      <CodeBlock language="html" noMargin>
@@ -54,15 +48,6 @@ export const WebsiteEmbedTab = ({ surveyUrl }: WebsiteEmbedTabProps) => {
        {t("common.copy_code")}
        <CopyIcon />
      </Button>
      <p className="text-base font-medium text-slate-800">{t("common.preview")}</p>
      <div className="relative h-[500px] w-full overflow-hidden rounded-lg border border-slate-300">
        <iframe
          title={t("common.preview")}
          src={previewSrc}
          className="absolute inset-0 h-full w-full border-0"
        />
      </div>
    </>
  );
 };
@@ -1,59 +0,0 @@
 import { describe, expect, test } from "vitest";
 import { extractEmailBodyFragment } from "./emailTemplateFragment";
 describe("extractEmailBodyFragment", () => {
  test("returns the body contents for rendered email documents", () => {
    const html = `
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
      <html>
        <head>
          <style>.foo { color: red; }</style>
        </head>
        <body class="email-body">
          <table>
            <tr>
              <td>Preview content</td>
            </tr>
          </table>
        </body>
      </html>
    `;
    expect(extractEmailBodyFragment(html)).toBe(
      "<table>\n            <tr>\n              <td>Preview content</td>\n            </tr>\n          </table>"
    );
  });
  test("removes document-level tags from rendered survey email markup", () => {
    const fragment = extractEmailBodyFragment(`
      <!DOCTYPE html>
      <html>
        <head>
          <style>.foo { color: red; }</style>
        </head>
        <body>
          <table>
            <tr>
              <td>Which fruits do you like</td>
            </tr>
          </table>
        </body>
      </html>
    `);
    expect(fragment).toBe(
      "<table>\n            <tr>\n              <td>Which fruits do you like</td>\n            </tr>\n          </table>"
    );
    expect(fragment).not.toMatch(/<!DOCTYPE|<html|<head|<body/i);
  });
  test("falls back to the original markup when no body tag exists", () => {
    expect(extractEmailBodyFragment("<div>Preview content</div>")).toBe("<div>Preview content</div>");
  });
  test("removes React server markers from rendered fragments", () => {
    expect(extractEmailBodyFragment("<body><!--$--><div>Preview content</div><!--/$--></body>")).toBe(
      "<div>Preview content</div>"
    );
  });
 });
@@ -5,7 +5,6 @@ import { getSurvey } from "@/lib/survey/service";
 import { getStyling } from "@/lib/utils/styling";
 import { getTranslate } from "@/lingodotdev/server";
 import { getPreviewEmailTemplateHtml } from "@/modules/email/components/preview-email-template";
 import { extractEmailBodyFragment } from "./emailTemplateFragment";
 export const getEmailTemplateHtml = async (surveyId: string, locale: string) => {
  const t = await getTranslate();
@@ -21,6 +20,9 @@ export const getEmailTemplateHtml = async (surveyId: string, locale: string) =>
  const styling = getStyling(project, survey);
  const surveyUrl = getPublicDomain() + "/s/" + survey.id;
  const html = await getPreviewEmailTemplateHtml(survey, surveyUrl, styling, locale, t);
  const doctype =
    '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
  const htmlCleaned = html.toString().replace(doctype, "");
-  return extractEmailBodyFragment(html.toString());
+  return htmlCleaned;
 };
@@ -1,11 +0,0 @@
 const EMAIL_DOCTYPE_PATTERN = /<!DOCTYPE[^>]*>/i;
 const EMAIL_BODY_PATTERN = /<body\b[^>]*>([\s\S]*?)<\/body>/i;
 const EMAIL_REACT_SERVER_MARKER_PATTERN = /<!--\/?\$-->/g;
 export const extractEmailBodyFragment = (html: string): string => {
  const htmlWithoutDoctype = html.replace(EMAIL_DOCTYPE_PATTERN, "").trim();
  const bodyMatch = EMAIL_BODY_PATTERN.exec(htmlWithoutDoctype);
  const fragment = bodyMatch?.[1].trim() ?? htmlWithoutDoctype;
  return fragment.replaceAll(EMAIL_REACT_SERVER_MARKER_PATTERN, "").trim();
 };
@@ -66,6 +66,8 @@ const SurveyPage = async (props: { params: Promise<{ environmentId: string; surv
        pageTitle={survey.name}
        cta={
          <SurveyAnalysisCTA
            environment={environment}
            survey={survey}
            isReadOnly={isReadOnly}
            user={user}
            publicDomain={publicDomain}
@@ -76,7 +78,7 @@ const SurveyPage = async (props: { params: Promise<{ environmentId: string; surv
            isStorageConfigured={IS_STORAGE_CONFIGURED}
          />
        }>
-        <SurveyAnalysisNavigation activeId="summary" />
+        <SurveyAnalysisNavigation environmentId={environment.id} survey={survey} activeId="summary" />
      </PageHeader>
      <SummaryPage
        environment={environment}
@@ -3,9 +3,8 @@
 import { useRouter } from "next/navigation";
 import toast from "react-hot-toast";
 import { useTranslation } from "react-i18next";
 import { TEnvironment } from "@formbricks/types/environment";
 import { TSurvey } from "@formbricks/types/surveys/types";
 import { useEnvironment } from "@/app/(app)/environments/[environmentId]/context/environment-context";
 import { useSurvey } from "@/app/(app)/environments/[environmentId]/surveys/[surveyId]/context/survey-context";
 import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { updateSurveyAction } from "@/modules/survey/editor/actions";
 import {
@@ -17,9 +16,17 @@ import {
 } from "@/modules/ui/components/select";
 import { SurveyStatusIndicator } from "@/modules/ui/components/survey-status-indicator";
-export const SurveyStatusDropdown = () => {
+interface SurveyStatusDropdownProps {
-  const { environment } = useEnvironment();
+  environment: TEnvironment;
-  const { survey } = useSurvey();
+  updateLocalSurveyStatus?: (status: TSurvey["status"]) => void;
  survey: TSurvey;
 }
 export const SurveyStatusDropdown = ({
  environment,
  updateLocalSurveyStatus,
  survey,
 }: SurveyStatusDropdownProps) => {
  const { t } = useTranslation();
  const router = useRouter();
@@ -39,6 +46,10 @@ export const SurveyStatusDropdown = () => {
        toast.success(toastMessage);
      }
      if (updateLocalSurveyStatus) {
        updateLocalSurveyStatus(resultingStatus);
      }
      router.refresh();
    } else {
      const errorMessage = getFormattedErrorMessage(updateSurveyActionResponse);
@@ -1,8 +0,0 @@
 import { type ReactNode } from "react";
 import { SurveysQueryClientProvider } from "./query-client-provider";
 const SurveysLayout = ({ children }: { children: ReactNode }) => {
  return <SurveysQueryClientProvider>{children}</SurveysQueryClientProvider>;
 };
 export default SurveysLayout;
@@ -1,10 +0,0 @@
 "use client";
 import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
 import { type ReactNode, useState } from "react";
 export const SurveysQueryClientProvider = ({ children }: { children: ReactNode }) => {
  const [queryClient] = useState(() => new QueryClient());
  return <QueryClientProvider client={queryClient}>{children}</QueryClientProvider>;
 };
@@ -18,7 +18,6 @@ interface AirtableWrapperProps {
  isEnabled: boolean;
  webAppUrl: string;
  locale: TUserLocale;
  showReconnectButton?: boolean;
 }
 export const AirtableWrapper = ({
@@ -29,7 +28,6 @@ export const AirtableWrapper = ({
  isEnabled,
  webAppUrl,
  locale,
  showReconnectButton = false,
 }: AirtableWrapperProps) => {
  const [isConnected, setIsConnected] = useState(
    airtableIntegration ? airtableIntegration.config?.key : false
@@ -51,8 +49,6 @@ export const AirtableWrapper = ({
      setIsConnected={setIsConnected}
      surveys={surveys}
      locale={locale}
      showReconnectButton={showReconnectButton}
      handleAirtableAuthorization={handleAirtableAuthorization}
    />
  ) : (
    <ConnectIntegration
@@ -1,6 +1,6 @@
 "use client";
-import { RefreshCcwIcon, Trash2Icon } from "lucide-react";
+import { Trash2Icon } from "lucide-react";
 import { useState } from "react";
 import { toast } from "react-hot-toast";
 import { useTranslation } from "react-i18next";
@@ -12,11 +12,9 @@ import { deleteIntegrationAction } from "@/app/(app)/environments/[environmentId
 import { AddIntegrationModal } from "@/app/(app)/environments/[environmentId]/workspace/integrations/airtable/components/AddIntegrationModal";
 import { timeSince } from "@/lib/time";
 import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { Alert, AlertButton, AlertDescription } from "@/modules/ui/components/alert";
 import { Button } from "@/modules/ui/components/button";
 import { DeleteDialog } from "@/modules/ui/components/delete-dialog";
 import { EmptyState } from "@/modules/ui/components/empty-state";
 import { Tooltip, TooltipContent, TooltipProvider, TooltipTrigger } from "@/modules/ui/components/tooltip";
 import { IntegrationModalInputs } from "../lib/types";
 interface ManageIntegrationProps {
@@ -26,20 +24,10 @@ interface ManageIntegrationProps {
  surveys: TSurvey[];
  airtableArray: TIntegrationItem[];
  locale: TUserLocale;
  showReconnectButton: boolean;
  handleAirtableAuthorization: () => Promise<void>;
 }
-export const ManageIntegration = ({
+export const ManageIntegration = (props: ManageIntegrationProps) => {
-  airtableIntegration,
+  const { airtableIntegration, environmentId, setIsConnected, surveys, airtableArray } = props;
  environmentId,
  setIsConnected,
  surveys,
  airtableArray,
  showReconnectButton,
  handleAirtableAuthorization,
  locale,
 }: ManageIntegrationProps) => {
  const { t } = useTranslation();
  const tableHeaders = [
@@ -85,34 +73,15 @@ export const ManageIntegration = ({
    : { isEditMode: false as const };
  return (
    <div className="mt-6 flex w-full flex-col items-center justify-center p-6">
-      {showReconnectButton && (
+      <div className="flex w-full justify-end gap-x-6">
-        <Alert variant="warning" size="small" className="mb-4 w-full">
+        <div className="flex items-center">
          <AlertDescription>{t("environments.integrations.reconnect_button_description")}</AlertDescription>
          <AlertButton onClick={handleAirtableAuthorization}>
            {t("environments.integrations.reconnect_button")}
          </AlertButton>
        </Alert>
      )}
      <div className="flex w-full justify-end space-x-2">
        <div className="mr-6 flex items-center">
          <span className="mr-4 h-4 w-4 rounded-full bg-green-600"></span>
-          <span className="text-slate-500">
+          <span className="cursor-pointer text-slate-500">
            {t("environments.integrations.connected_with_email", {
              email: airtableIntegration.config.email,
            })}
          </span>
        </div>
        <TooltipProvider>
          <Tooltip>
            <TooltipTrigger asChild>
              <Button variant="outline" onClick={handleAirtableAuthorization}>
                <RefreshCcwIcon className="mr-2 h-4 w-4" />
                {t("environments.integrations.reconnect_button")}
              </Button>
            </TooltipTrigger>
            <TooltipContent>{t("environments.integrations.reconnect_button_tooltip")}</TooltipContent>
          </Tooltip>
        </TooltipProvider>
        <Button
          onClick={() => {
            setDefaultValues(null);
@@ -153,7 +122,9 @@ export const ManageIntegration = ({
              <div className="col-span-2 text-center">{data.surveyName}</div>
              <div className="col-span-2 text-center">{data.tableName}</div>
              <div className="col-span-2 text-center">{data.elements}</div>
-              <div className="col-span-2 text-center">{timeSince(data.createdAt.toString(), locale)}</div>
+              <div className="col-span-2 text-center">
                {timeSince(data.createdAt.toString(), props.locale)}
              </div>
            </button>
          ))}
        </div>
@@ -1,5 +1,4 @@
 import { redirect } from "next/navigation";
 import { logger } from "@formbricks/logger";
 import { TIntegrationItem } from "@formbricks/types/integration";
 import { TIntegrationAirtable } from "@formbricks/types/integration/airtable";
 import { AirtableWrapper } from "@/app/(app)/environments/[environmentId]/workspace/integrations/airtable/components/AirtableWrapper";
@@ -32,14 +31,8 @@ const Page = async (props: { params: Promise<{ environmentId: string }> }) => {
  );
  let airtableArray: TIntegrationItem[] = [];
  let isTokenValid = true;
  if (airtableIntegration?.config.key) {
-    try {
+    airtableArray = await getAirtableTables(params.environmentId);
      airtableArray = await getAirtableTables(params.environmentId);
    } catch (error) {
      logger.error(error, "Failed to load Airtable bases — token may be expired or revoked");
      isTokenValid = false;
    }
  }
  if (isReadOnly) {
    return redirect("./");
@@ -58,7 +51,6 @@ const Page = async (props: { params: Promise<{ environmentId: string }> }) => {
          surveys={surveys}
          webAppUrl={WEBAPP_URL}
          locale={locale ?? DEFAULT_LOCALE}
          showReconnectButton={!isTokenValid}
        />
      </div>
    </PageContentWrapper>
@@ -8,7 +8,7 @@ import { sendTelemetryEvents } from "@/app/api/(internal)/pipeline/lib/telemetry
 import { ZPipelineInput } from "@/app/api/(internal)/pipeline/types/pipelines";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
-import { CRON_SECRET, DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS, POSTHOG_KEY } from "@/lib/constants";
+import { CRON_SECRET, POSTHOG_KEY } from "@/lib/constants";
 import { generateStandardWebhookSignature } from "@/lib/crypto";
 import { getIntegrations } from "@/lib/integration/service";
 import { getOrganizationByEnvironmentId } from "@/lib/organization/service";
@@ -91,15 +91,10 @@ export const POST = async (request: Request) => {
  const webhooks: Webhook[] = await getWebhooksForPipeline(environmentId, event, surveyId);
  // Prepare webhook and email promises
-  // Fetch with timeout of 5 seconds to prevent hanging.
+  // Fetch with timeout of 5 seconds to prevent hanging
  // `redirect: "manual"` blocks SSRF via redirect — webhook URLs are validated against private/internal
  // ranges before delivery, but redirect targets would otherwise bypass that check. Gated on the same
  // env var as `validateWebhookUrl`: self-hosters who opted into trusting internal URLs also get the
  // pre-patch redirect-follow behavior for consistency.
  const redirectMode: RequestRedirect = DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS ? "follow" : "manual";
  const fetchWithTimeout = (url: string, options: RequestInit, timeout: number = 5000): Promise<Response> => {
    return Promise.race([
-      fetch(url, { ...options, redirect: redirectMode }),
+      fetch(url, options),
      new Promise<never>((_, reject) => setTimeout(() => reject(new Error("Timeout")), timeout)),
    ]);
  };
@@ -185,20 +185,4 @@ describe("auth route audit logging", () => {
      })
    );
  });
  test("does not log a completed sign-in for the intermediate SSO recovery verification step", async () => {
    const authOptions = await getWrappedAuthOptions("req-sso-recovery");
    const user = {
      id: "user_4",
      email: "user4@example.com",
      authFlowPurpose: "sso_recovery",
    };
    const account = { provider: "token" };
    await expect(authOptions.callbacks.signIn({ user, account })).resolves.toBe(true);
    await authOptions.events.signIn({ user, account, isNewUser: false });
    expect(mocks.baseEventSignIn).not.toHaveBeenCalled();
    expect(mocks.queueAuditEventBackground).not.toHaveBeenCalled();
  });
 });
@@ -26,12 +26,6 @@ const getAuthMethod = (account: Account | null) => {
  return "unknown";
 };
 const isSsoRecoveryVerificationFlow = (account: Account | null, user: User | AdapterUser) =>
  account?.provider === "token" &&
  "authFlowPurpose" in user &&
  typeof user.authFlowPurpose === "string" &&
  user.authFlowPurpose === "sso_recovery";
 const handler = async (req: Request, ctx: any) => {
  const eventId = req.headers.get("x-request-id") ?? undefined;
@@ -123,10 +117,6 @@ const handler = async (req: Request, ctx: any) => {
    events: {
      ...baseAuthOptions.events,
      async signIn({ user, account, isNewUser }: any) {
        if (isSsoRecoveryVerificationFlow(account, user)) {
          return;
        }
        try {
          await baseAuthOptions.events?.signIn?.({ user, account, isNewUser });
        } catch (err) {
@@ -1,67 +0,0 @@
 import { getServerSession } from "next-auth";
 import { NextResponse } from "next/server";
 import { logger } from "@formbricks/logger";
 import { verifySsoRelinkIntent } from "@/lib/jwt";
 import { deleteSessionBySessionToken } from "@/modules/auth/lib/auth-session-repository";
 import { authOptions } from "@/modules/auth/lib/authOptions";
 import {
  NEXT_AUTH_SESSION_COOKIE_NAMES,
  getSessionTokenFromCookieHeader,
 } from "@/modules/auth/lib/session-cookie";
 import { completeSsoRecovery, getSsoRecoveryFailureRedirectUrl } from "@/modules/ee/sso/lib/sso-recovery";
 const clearSessionCookies = (response: NextResponse) => {
  for (const cookieName of NEXT_AUTH_SESSION_COOKIE_NAMES) {
    response.cookies.set({
      name: cookieName,
      value: "",
      expires: new Date(0),
      path: "/",
      secure: cookieName.startsWith("__Secure-"),
    });
  }
 };
 const buildFailedRecoveryResponse = async (request: Request, callbackUrl?: string) => {
  const response = NextResponse.redirect(getSsoRecoveryFailureRedirectUrl(callbackUrl));
  clearSessionCookies(response);
  const sessionToken = getSessionTokenFromCookieHeader(request.headers.get("cookie"));
  if (!sessionToken) {
    return response;
  }
  try {
    await deleteSessionBySessionToken(sessionToken);
  } catch (error) {
    logger.error(error, "Failed to delete SSO recovery session after recovery completion error");
  }
  return response;
 };
 export const GET = async (request: Request) => {
  const url = new URL(request.url);
  const intentToken = url.searchParams.get("intent");
  if (!intentToken) {
    return NextResponse.redirect(getSsoRecoveryFailureRedirectUrl());
  }
  try {
    const session = await getServerSession(authOptions);
    const callbackUrl = await completeSsoRecovery({
      intentToken,
      sessionUserId: session?.user.id,
    });
    return NextResponse.redirect(callbackUrl);
  } catch {
    try {
      const intent = verifySsoRelinkIntent(intentToken);
      return await buildFailedRecoveryResponse(request, intent.callbackUrl);
    } catch {
      return await buildFailedRecoveryResponse(request);
    }
  }
 };
@@ -1,15 +1,9 @@
 import { NextRequest } from "next/server";
 import { describe, expect, test, vi } from "vitest";
 import { TAPIKeyEnvironmentPermission } from "@formbricks/types/auth";
 import {
  DatabaseError,
  InvalidInputError,
  ResourceNotFoundError,
  UniqueConstraintError,
 } from "@formbricks/types/errors";
 import { getApiKeyWithPermissions } from "@/modules/organization/settings/api-keys/lib/api-key";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
-import { authenticateRequest, handleErrorResponse } from "./auth";
+import { authenticateRequest } from "./auth";
 vi.mock("@/modules/organization/settings/api-keys/lib/api-key", () => ({
  getApiKeyWithPermissions: vi.fn(),
@@ -199,53 +193,3 @@ describe("authenticateRequest", () => {
    expect(result).toBeNull();
  });
 });
 describe("handleErrorResponse", () => {
  test("returns 401 notAuthenticated for 'NotAuthenticated' message", async () => {
    const response = handleErrorResponse(new Error("NotAuthenticated"));
    expect(response.status).toBe(401);
    const body = await response.json();
    expect(body.code).toBe("not_authenticated");
  });
  test("returns 401 unauthorized for 'Unauthorized' message", async () => {
    const response = handleErrorResponse(new Error("Unauthorized"));
    expect(response.status).toBe(401);
    const body = await response.json();
    expect(body.code).toBe("unauthorized");
  });
  test("returns 409 conflict for UniqueConstraintError", async () => {
    const response = handleErrorResponse(new UniqueConstraintError("Action with name foo already exists"));
    expect(response.status).toBe(409);
    const body = await response.json();
    expect(body.code).toBe("conflict");
    expect(body.message).toBe("Action with name foo already exists");
  });
  test("returns 400 badRequest for DatabaseError", async () => {
    const response = handleErrorResponse(new DatabaseError("db boom"));
    expect(response.status).toBe(400);
    const body = await response.json();
    expect(body.message).toBe("db boom");
  });
  test("returns 400 badRequest for InvalidInputError", async () => {
    const response = handleErrorResponse(new InvalidInputError("bad input"));
    expect(response.status).toBe(400);
    const body = await response.json();
    expect(body.message).toBe("bad input");
  });
  test("returns 400 badRequest for ResourceNotFoundError", async () => {
    const response = handleErrorResponse(new ResourceNotFoundError("Survey", "id-1"));
    expect(response.status).toBe(400);
  });
  test("returns 500 internalServerError for unknown errors", async () => {
    const response = handleErrorResponse(new Error("something else"));
    expect(response.status).toBe(500);
    const body = await response.json();
    expect(body.message).toBe("Some error occurred");
  });
 });
@@ -1,11 +1,6 @@
 import { NextRequest } from "next/server";
 import { TAuthenticationApiKey } from "@formbricks/types/auth";
-import {
+import { DatabaseError, InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
  DatabaseError,
  InvalidInputError,
  ResourceNotFoundError,
  UniqueConstraintError,
 } from "@formbricks/types/errors";
 import { responses } from "@/app/lib/api/response";
 import { getApiKeyWithPermissions } from "@/modules/organization/settings/api-keys/lib/api-key";
@@ -45,9 +40,6 @@ export const handleErrorResponse = (error: any): Response => {
    case "Unauthorized":
      return responses.unauthorizedResponse();
    default:
      if (error instanceof UniqueConstraintError) {
        return responses.conflictResponse(error.message);
      }
      if (
        error instanceof DatabaseError ||
        error instanceof InvalidInputError ||
@@ -1,98 +0,0 @@
 import { Prisma } from "@prisma/client";
 import { beforeEach, describe, expect, test, vi } from "vitest";
 import { prisma } from "@formbricks/database";
 import { DatabaseError, ResourceNotFoundError, ValidationError } from "@formbricks/types/errors";
 import { validateInputs } from "@/lib/utils/validate";
 import { getResponseIdByDisplayId } from "./response";
 vi.mock("@/lib/utils/validate", () => ({
  validateInputs: vi.fn((inputs: [unknown, unknown][]) =>
    inputs.map((input: [unknown, unknown]) => input[0])
  ),
 }));
 vi.mock("@formbricks/database", () => ({
  prisma: {
    display: {
      findFirst: vi.fn(),
    },
  },
 }));
 describe("getResponseIdByDisplayId", () => {
  const environmentId = "env1234567890123456789012";
  const displayId = "display1234567890123456789";
  beforeEach(() => {
    vi.clearAllMocks();
  });
  test("returns the linked responseId when a response exists", async () => {
    vi.mocked(prisma.display.findFirst).mockResolvedValue({
      response: {
        id: "response123456789012345678",
      },
    } as any);
    const result = await getResponseIdByDisplayId(environmentId, displayId);
    expect(validateInputs).toHaveBeenCalledWith(
      [environmentId, expect.any(Object)],
      [displayId, expect.any(Object)]
    );
    expect(prisma.display.findFirst).toHaveBeenCalledWith({
      where: {
        id: displayId,
        survey: {
          environmentId,
        },
      },
      select: {
        response: {
          select: {
            id: true,
          },
        },
      },
    });
    expect(result).toEqual({ responseId: "response123456789012345678" });
  });
  test("returns null when the display exists but has no response", async () => {
    vi.mocked(prisma.display.findFirst).mockResolvedValue({
      response: null,
    } as any);
    await expect(getResponseIdByDisplayId(environmentId, displayId)).resolves.toEqual({
      responseId: null,
    });
  });
  test("throws ResourceNotFoundError when the display does not exist in the environment", async () => {
    vi.mocked(prisma.display.findFirst).mockResolvedValue(null);
    await expect(getResponseIdByDisplayId(environmentId, displayId)).rejects.toThrow(
      new ResourceNotFoundError("Display", displayId)
    );
  });
  test("throws ValidationError when input validation fails", async () => {
    const validationError = new ValidationError("Validation failed");
    vi.mocked(validateInputs).mockImplementation(() => {
      throw validationError;
    });
    await expect(getResponseIdByDisplayId(environmentId, displayId)).rejects.toThrow(ValidationError);
    expect(prisma.display.findFirst).not.toHaveBeenCalled();
  });
  test("throws DatabaseError on Prisma request errors", async () => {
    const prismaError = new Prisma.PrismaClientKnownRequestError("Database error", {
      code: "P2002",
      clientVersion: "test",
    });
    vi.mocked(prisma.display.findFirst).mockRejectedValue(prismaError);
    await expect(getResponseIdByDisplayId(environmentId, displayId)).rejects.toThrow(DatabaseError);
  });
 });
@@ -1,44 +0,0 @@
 import { Prisma } from "@prisma/client";
 import { prisma } from "@formbricks/database";
 import { ZId } from "@formbricks/types/common";
 import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { validateInputs } from "@/lib/utils/validate";
 export const getResponseIdByDisplayId = async (
  environmentId: string,
  displayId: string
 ): Promise<{ responseId: string | null }> => {
  validateInputs([environmentId, ZId], [displayId, ZId]);
  try {
    const display = await prisma.display.findFirst({
      where: {
        id: displayId,
        survey: {
          environmentId,
        },
      },
      select: {
        response: {
          select: {
            id: true,
          },
        },
      },
    });
    if (!display) {
      throw new ResourceNotFoundError("Display", displayId);
    }
    return {
      responseId: display.response?.id ?? null,
    };
  } catch (error) {
    if (error instanceof Prisma.PrismaClientKnownRequestError) {
      throw new DatabaseError(error.message);
    }
    throw error;
  }
 };
@@ -1,70 +0,0 @@
 import { NextRequest } from "next/server";
 import { beforeEach, describe, expect, test, vi } from "vitest";
 import { ResourceNotFoundError } from "@formbricks/types/errors";
 import { getResponseIdByDisplayId } from "./lib/response";
 import { GET } from "./route";
 vi.mock("@/app/lib/api/with-api-logging", async () => {
  return {
    withV1ApiWrapper:
      ({ handler }: { handler: any }) =>
      async (req: NextRequest, props: any) => {
        const result = await handler({ req, props });
        return result.response;
      },
  };
 });
 vi.mock("./lib/response", () => ({
  getResponseIdByDisplayId: vi.fn(),
 }));
 describe("GET /api/v1/client/[environmentId]/displays/[displayId]/response", () => {
  const req = new NextRequest("http://localhost/api/v1/client/env/displays/display/response");
  const props = {
    params: Promise.resolve({
      environmentId: "env1234567890123456789012",
      displayId: "display1234567890123456789",
    }),
  };
  beforeEach(() => {
    vi.clearAllMocks();
  });
  test("returns the responseId when a linked response exists", async () => {
    vi.mocked(getResponseIdByDisplayId).mockResolvedValue({ responseId: "response123456789012345678" });
    const response = await GET(req, props);
    expect(response.status).toBe(200);
    await expect(response.json()).resolves.toEqual({
      data: {
        responseId: "response123456789012345678",
      },
    });
  });
  test("returns null when the display exists without a response", async () => {
    vi.mocked(getResponseIdByDisplayId).mockResolvedValue({ responseId: null });
    const response = await GET(req, props);
    expect(response.status).toBe(200);
    await expect(response.json()).resolves.toEqual({
      data: {
        responseId: null,
      },
    });
  });
  test("returns 404 when the display is missing for the environment", async () => {
    vi.mocked(getResponseIdByDisplayId).mockRejectedValue(
      new ResourceNotFoundError("Display", "display1234567890123456789")
    );
    const response = await GET(req, props);
    expect(response.status).toBe(404);
  });
 });
@@ -1,40 +0,0 @@
 import { logger } from "@formbricks/logger";
 import { ResourceNotFoundError } from "@formbricks/types/errors";
 import { responses } from "@/app/lib/api/response";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
 import { getResponseIdByDisplayId } from "./lib/response";
 export const OPTIONS = async (): Promise<Response> => {
  return responses.successResponse({}, true);
 };
 export const GET = withV1ApiWrapper({
  handler: async ({
    req,
    props,
  }: THandlerParams<{ params: Promise<{ environmentId: string; displayId: string }> }>) => {
    const params = await props.params;
    try {
      const response = await getResponseIdByDisplayId(params.environmentId, params.displayId);
      return {
        response: responses.successResponse(response, true),
      };
    } catch (error) {
      if (error instanceof ResourceNotFoundError) {
        return {
          response: responses.notFoundResponse("Display", params.displayId, true),
        };
      }
      logger.error(
        { error, url: req.url, environmentId: params.environmentId, displayId: params.displayId },
        "Error in GET /api/v1/client/[environmentId]/displays/[displayId]/response"
      );
      return {
        response: responses.internalServerErrorResponse("Something went wrong. Please try again."),
      };
    }
  },
 });
@@ -10,8 +10,6 @@ import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
 import { sendToPipeline } from "@/app/lib/pipelines";
 import { ENCRYPTION_KEY } from "@/lib/constants";
 import { symmetricDecrypt } from "@/lib/crypto";
 import { getSurvey } from "@/lib/survey/service";
 import { getClientIpFromHeaders } from "@/lib/utils/client-ip";
 import { getOrganizationIdFromEnvironmentId } from "@/lib/utils/helper";
@@ -129,114 +127,6 @@ export const POST = withV1ApiWrapper({
      };
    }
    if (survey.type === "link" && survey.singleUse?.enabled) {
      if (!responseInputData.singleUseId) {
        return {
          response: responses.badRequestResponse(
            "Missing single use id",
            {
              surveyId: survey.id,
              environmentId,
            },
            true
          ),
        };
      }
      if (!responseInputData.meta?.url) {
        return {
          response: responses.badRequestResponse(
            "Missing or invalid URL in response metadata",
            {
              surveyId: survey.id,
              environmentId,
            },
            true
          ),
        };
      }
      let url: URL;
      try {
        url = new URL(responseInputData.meta.url);
      } catch (error) {
        return {
          response: responses.badRequestResponse(
            "Invalid URL in response metadata",
            {
              surveyId: survey.id,
              environmentId,
              error: error instanceof Error ? error.message : "Unknown error occurred",
            },
            true
          ),
        };
      }
      const suId = url.searchParams.get("suId");
      if (!suId) {
        return {
          response: responses.badRequestResponse(
            "Missing single use id",
            {
              surveyId: survey.id,
              environmentId,
            },
            true
          ),
        };
      }
      if (survey.singleUse.isEncrypted) {
        if (!ENCRYPTION_KEY) {
          logger.error({ url: req.url, surveyId: survey.id, environmentId }, "ENCRYPTION_KEY is not set");
          return {
            response: responses.internalServerErrorResponse("An unexpected error occurred.", true),
          };
        }
        let decryptedSuId: string;
        try {
          decryptedSuId = symmetricDecrypt(suId, ENCRYPTION_KEY);
        } catch {
          return {
            response: responses.badRequestResponse(
              "Invalid single use id",
              {
                surveyId: survey.id,
                environmentId,
              },
              true
            ),
          };
        }
        if (decryptedSuId !== responseInputData.singleUseId) {
          return {
            response: responses.badRequestResponse(
              "Invalid single use id",
              {
                surveyId: survey.id,
                environmentId,
              },
              true
            ),
          };
        }
      } else if (responseInputData.singleUseId !== suId) {
        return {
          response: responses.badRequestResponse(
            "Invalid single use id",
            {
              surveyId: survey.id,
              environmentId,
            },
            true
          ),
        };
      }
    }
    if (!validateFileUploads(responseInputData.data, survey.questions)) {
      return {
        response: responses.badRequestResponse("Invalid file upload response"),
@@ -5,7 +5,7 @@ import { withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
 import { fetchAirtableAuthToken } from "@/lib/airtable/service";
 import { AIRTABLE_CLIENT_ID, WEBAPP_URL } from "@/lib/constants";
 import { hasUserEnvironmentAccess } from "@/lib/environment/auth";
-import { createOrUpdateIntegration, getIntegrationByType } from "@/lib/integration/service";
+import { createOrUpdateIntegration } from "@/lib/integration/service";
 import { capturePostHogEvent } from "@/lib/posthog";
 import { getOrganizationIdFromEnvironmentId } from "@/lib/utils/helper";
@@ -78,16 +78,12 @@ export const GET = withV1ApiWrapper({
      }
      const email = await getEmail(key.access_token);
      // Preserve existing integration data (survey-to-table mappings) when re-authorizing
      const existingIntegration = await getIntegrationByType(environmentId, "airtable");
      const existingData = existingIntegration?.config?.data ?? [];
      const airtableIntegrationInput = {
        type: "airtable" as "airtable",
        environment: environmentId,
        config: {
          key,
-          data: existingData,
+          data: [],
          email,
        },
      };
@@ -1,7 +1,8 @@
 import * as z from "zod";
 import { TIntegrationAirtable } from "@formbricks/types/integration/airtable";
 import { responses } from "@/app/lib/api/response";
 import { withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
-import { getAirtableToken, getTables } from "@/lib/airtable/service";
+import { getTables } from "@/lib/airtable/service";
 import { hasUserEnvironmentAccess } from "@/lib/environment/auth";
 import { getIntegrationByType } from "@/lib/integration/service";
@@ -35,7 +36,7 @@ export const GET = withV1ApiWrapper({
      };
    }
-    const integration = await getIntegrationByType(environmentId, "airtable");
+    const integration = (await getIntegrationByType(environmentId, "airtable")) as TIntegrationAirtable;
    if (!integration) {
      return {
@@ -43,12 +44,7 @@ export const GET = withV1ApiWrapper({
      };
    }
-    // Use getAirtableToken to ensure the access token is refreshed if expired
+    const tables = await getTables(integration.config.key, baseId.data);
    const freshAccessToken = await getAirtableToken(environmentId);
    const tables = await getTables(
      { ...integration.config.key, access_token: freshAccessToken },
      baseId.data
    );
    return {
      response: responses.successResponse(tables),
    };
@@ -1,6 +1,6 @@
 import { logger } from "@formbricks/logger";
 import { TActionClass, ZActionClassInput } from "@formbricks/types/action-classes";
-import { DatabaseError, UniqueConstraintError } from "@formbricks/types/errors";
+import { DatabaseError } from "@formbricks/types/errors";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -80,11 +80,6 @@ export const POST = withV1ApiWrapper({
        response: responses.successResponse(actionClass),
      };
    } catch (error) {
      if (error instanceof UniqueConstraintError) {
        return {
          response: responses.conflictResponse(error.message),
        };
      }
      if (error instanceof DatabaseError) {
        return {
          response: responses.badRequestResponse(error.message),
@@ -4,7 +4,6 @@ import { getSessionUser } from "@/app/api/v1/management/me/lib/utils";
 import { responses } from "@/app/lib/api/response";
 import { CONTROL_HASH } from "@/lib/constants";
 import { hashSha256, parseApiKeyV2, verifySecret } from "@/lib/crypto";
 import { publicUserSelect } from "@/lib/user/public-user";
 import { applyRateLimit } from "@/modules/core/rate-limit/helpers";
 import { rateLimitConfigs } from "@/modules/core/rate-limit/rate-limit-configs";
@@ -177,7 +176,6 @@ const handleSessionAuthentication = async () => {
  const user = await prisma.user.findUnique({
    where: { id: sessionUser.id },
    select: publicUserSelect,
  });
  return Response.json(user);
@@ -1,19 +1,47 @@
 import { Prisma } from "@prisma/client";
 import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { DatabaseError } from "@formbricks/types/errors";
 import { validateInputs } from "@/lib/utils/validate";
 import { deleteSurvey } from "./surveys";
-const { mockDeleteSharedSurvey } = vi.hoisted(() => ({
+vi.mock("@/lib/utils/validate", () => ({
-  mockDeleteSharedSurvey: vi.fn(),
+  validateInputs: vi.fn(),
 }));
-
+vi.mock("@formbricks/database", () => ({
-vi.mock("@/modules/survey/lib/surveys", () => ({
+  prisma: {
-  deleteSurvey: mockDeleteSharedSurvey,
+    survey: {
      delete: vi.fn(),
    },
    segment: {
      delete: vi.fn(),
    },
  },
 }));
 vi.mock("@formbricks/logger", () => ({
  logger: {
    error: vi.fn(),
  },
 }));
 const surveyId = "clq5n7p1q0000m7z0h5p6g3r2";
 const environmentId = "clq5n7p1q0000m7z0h5p6g3r3";
 const segmentId = "clq5n7p1q0000m7z0h5p6g3r4";
 const actionClassId1 = "clq5n7p1q0000m7z0h5p6g3r5";
 const actionClassId2 = "clq5n7p1q0000m7z0h5p6g3r6";
 const mockDeletedSurveyAppPrivateSegment = {
  id: surveyId,
  environmentId,
  type: "app",
  segment: { id: segmentId, isPrivate: true },
  triggers: [{ actionClass: { id: actionClassId1 } }, { actionClass: { id: actionClassId2 } }],
 };
 const mockDeletedSurveyLink = {
  id: surveyId,
-  environmentId: "clq5n7p1q0000m7z0h5p6g3r3",
+  environmentId,
  type: "link",
  segment: null,
  triggers: [],
@@ -28,20 +56,66 @@ describe("deleteSurvey", () => {
    vi.clearAllMocks();
  });
-  test("delegates survey deletion to the shared service", async () => {
+  test("should delete a link survey without a segment and revalidate caches", async () => {
-    mockDeleteSharedSurvey.mockResolvedValue(mockDeletedSurveyLink);
+    vi.mocked(prisma.survey.delete).mockResolvedValue(mockDeletedSurveyLink as any);
    const deletedSurvey = await deleteSurvey(surveyId);
-    expect(mockDeleteSharedSurvey).toHaveBeenCalledWith(surveyId);
+    expect(validateInputs).toHaveBeenCalledWith([surveyId, expect.any(Object)]);
    expect(prisma.survey.delete).toHaveBeenCalledWith({
      where: { id: surveyId },
      include: {
        segment: true,
        triggers: { include: { actionClass: true } },
      },
    });
    expect(prisma.segment.delete).not.toHaveBeenCalled();
    expect(deletedSurvey).toEqual(mockDeletedSurveyLink);
  });
-  test("rethrows shared delete service errors", async () => {
+  test("should handle PrismaClientKnownRequestError during survey deletion", async () => {
    const prismaError = new Prisma.PrismaClientKnownRequestError("Record not found", {
      code: "P2025",
      clientVersion: "4.0.0",
    });
    vi.mocked(prisma.survey.delete).mockRejectedValue(prismaError);
    await expect(deleteSurvey(surveyId)).rejects.toThrow(DatabaseError);
    expect(logger.error).toHaveBeenCalledWith({ error: prismaError, surveyId }, "Error deleting survey");
    expect(prisma.segment.delete).not.toHaveBeenCalled();
  });
  test("should handle PrismaClientKnownRequestError during segment deletion", async () => {
    const prismaError = new Prisma.PrismaClientKnownRequestError("Foreign key constraint failed", {
      code: "P2003",
      clientVersion: "4.0.0",
    });
    vi.mocked(prisma.survey.delete).mockResolvedValue(mockDeletedSurveyAppPrivateSegment as any);
    vi.mocked(prisma.segment.delete).mockRejectedValue(prismaError);
    await expect(deleteSurvey(surveyId)).rejects.toThrow(DatabaseError);
    expect(logger.error).toHaveBeenCalledWith({ error: prismaError, surveyId }, "Error deleting survey");
    expect(prisma.segment.delete).toHaveBeenCalledWith({ where: { id: segmentId } });
  });
  test("should handle generic errors during deletion", async () => {
    const genericError = new Error("Something went wrong");
-    mockDeleteSharedSurvey.mockRejectedValue(genericError);
+    vi.mocked(prisma.survey.delete).mockRejectedValue(genericError);
    await expect(deleteSurvey(surveyId)).rejects.toThrow(genericError);
-    expect(mockDeleteSharedSurvey).toHaveBeenCalledWith(surveyId);
+    expect(logger.error).not.toHaveBeenCalled();
    expect(prisma.segment.delete).not.toHaveBeenCalled();
  });
  test("should throw validation error for invalid surveyId", async () => {
    const invalidSurveyId = "invalid-id";
    const validationError = new Error("Validation failed");
    vi.mocked(validateInputs).mockImplementation(() => {
      throw validationError;
    });
    await expect(deleteSurvey(invalidSurveyId)).rejects.toThrow(validationError);
    expect(prisma.survey.delete).not.toHaveBeenCalled();
  });
 });
@@ -1,3 +1,43 @@
-import { deleteSurvey as deleteSharedSurvey } from "@/modules/survey/lib/surveys";
+import { Prisma } from "@prisma/client";
 import { z } from "zod";
 import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { DatabaseError } from "@formbricks/types/errors";
 import { validateInputs } from "@/lib/utils/validate";
-export const deleteSurvey = async (surveyId: string) => deleteSharedSurvey(surveyId);
+export const deleteSurvey = async (surveyId: string) => {
  validateInputs([surveyId, z.cuid2()]);
  try {
    const deletedSurvey = await prisma.survey.delete({
      where: {
        id: surveyId,
      },
      include: {
        segment: true,
        triggers: {
          include: {
            actionClass: true,
          },
        },
      },
    });
    if (deletedSurvey.type === "app" && deletedSurvey.segment?.isPrivate) {
      await prisma.segment.delete({
        where: {
          id: deletedSurvey.segment.id,
        },
      });
    }
    return deletedSurvey;
  } catch (error) {
    if (error instanceof Prisma.PrismaClientKnownRequestError) {
      logger.error({ error, surveyId }, "Error deleting survey");
      throw new DatabaseError(error.message);
    }
    throw error;
  }
 };
@@ -1,6 +1,5 @@
 import { logger } from "@formbricks/logger";
 import { TAuthenticationApiKey } from "@formbricks/types/auth";
 import { ResourceNotFoundError } from "@formbricks/types/errors";
 import { ZSurveyUpdateInput } from "@formbricks/types/surveys/types";
 import { handleErrorResponse } from "@/app/api/v1/auth";
 import { deleteSurvey } from "@/app/api/v1/management/surveys/[surveyId]/lib/surveys";
@@ -71,12 +70,6 @@ export const GET = withV1ApiWrapper({
        response: responses.successResponse(resolveStorageUrlsInObject(result.survey)),
      };
    } catch (error) {
      if (error instanceof ResourceNotFoundError) {
        return {
          response: responses.notFoundResponse("Survey", params.surveyId),
        };
      }
      return {
        response: handleErrorResponse(error),
      };
@@ -9,22 +9,6 @@ const { mockAuthenticateRequest, mockGetServerSession } = vi.hoisted(() => ({
  mockGetServerSession: vi.fn(),
 }));
 const { mockQueueAuditEvent, mockBuildAuditLogBaseObject } = vi.hoisted(() => ({
  mockQueueAuditEvent: vi.fn().mockImplementation(async () => undefined),
  mockBuildAuditLogBaseObject: vi.fn((action: string, targetType: string, apiUrl: string) => ({
    action,
    targetType,
    userId: "unknown",
    targetId: "unknown",
    organizationId: "unknown",
    status: "failure",
    oldObject: undefined,
    newObject: undefined,
    userType: "api",
    apiUrl,
  })),
 }));
 vi.mock("next-auth", () => ({
  getServerSession: mockGetServerSession,
 }));
@@ -41,14 +25,6 @@ vi.mock("@/modules/core/rate-limit/helpers", () => ({
  applyRateLimit: vi.fn().mockResolvedValue(undefined),
 }));
 vi.mock("@/modules/ee/audit-logs/lib/handler", () => ({
  queueAuditEvent: mockQueueAuditEvent,
 }));
 vi.mock("@/app/lib/api/with-api-logging", () => ({
  buildAuditLogBaseObject: mockBuildAuditLogBaseObject,
 }));
 vi.mock("@formbricks/logger", () => ({
  logger: {
    withContext: vi.fn(() => ({
@@ -69,114 +45,6 @@ describe("withV3ApiWrapper", () => {
    vi.clearAllMocks();
  });
  test("passes an audit log to the handler and queues success after the response", async () => {
    const { queueAuditEvent } = await import("@/modules/ee/audit-logs/lib/handler");
    mockGetServerSession.mockResolvedValue({
      user: { id: "user_1", name: "Test", email: "t@example.com" },
      expires: "2026-01-01",
    });
    const handler = vi.fn(async ({ auditLog }) => {
      expect(auditLog).toEqual(
        expect.objectContaining({
          action: "deleted",
          targetType: "survey",
          userId: "user_1",
          userType: "user",
          status: "failure",
        })
      );
      if (auditLog) {
        auditLog.targetId = "survey_1";
        auditLog.organizationId = "org_1";
        auditLog.oldObject = { id: "survey_1" };
      }
      return Response.json({ ok: true });
    });
    const wrapped = withV3ApiWrapper({
      auth: "both",
      action: "deleted",
      targetType: "survey",
      handler,
    });
    const response = await wrapped(
      new NextRequest("http://localhost/api/v3/surveys/survey_1", {
        method: "DELETE",
        headers: { "x-request-id": "req-audit" },
      }),
      {} as never
    );
    expect(response.status).toBe(200);
    expect(queueAuditEvent).toHaveBeenCalledWith(
      expect.objectContaining({
        action: "deleted",
        targetType: "survey",
        targetId: "survey_1",
        organizationId: "org_1",
        userId: "user_1",
        userType: "user",
        status: "success",
        oldObject: { id: "survey_1" },
      })
    );
  });
  test("queues a failure audit log when the handler returns a non-ok response", async () => {
    const { queueAuditEvent } = await import("@/modules/ee/audit-logs/lib/handler");
    mockAuthenticateRequest.mockResolvedValue({
      type: "apiKey",
      apiKeyId: "key_1",
      organizationId: "org_1",
      organizationAccess: { accessControl: { read: true, write: true } },
      environmentPermissions: [],
    });
    const wrapped = withV3ApiWrapper({
      auth: "both",
      action: "deleted",
      targetType: "survey",
      handler: async ({ auditLog }) => {
        if (auditLog) {
          auditLog.targetId = "survey_2";
        }
        return new Response("forbidden", { status: 403 });
      },
    });
    const response = await wrapped(
      new NextRequest("http://localhost/api/v3/surveys/survey_2", {
        method: "DELETE",
        headers: {
          "x-request-id": "req-failure-audit",
          "x-api-key": "fbk_test",
        },
      }),
      {} as never
    );
    expect(response.status).toBe(403);
    expect(queueAuditEvent).toHaveBeenCalledWith(
      expect.objectContaining({
        action: "deleted",
        targetType: "survey",
        targetId: "survey_2",
        organizationId: "org_1",
        userId: "key_1",
        userType: "api",
        status: "failure",
        eventId: "req-failure-audit",
      })
    );
  });
  test("uses session auth first in both mode and injects request id into plain responses", async () => {
    const { applyRateLimit } = await import("@/modules/core/rate-limit/helpers");
    mockGetServerSession.mockResolvedValue({
@@ -4,13 +4,10 @@ import { z } from "zod";
 import { logger } from "@formbricks/logger";
 import { TooManyRequestsError } from "@formbricks/types/errors";
 import { authenticateRequest } from "@/app/api/v1/auth";
 import { buildAuditLogBaseObject } from "@/app/lib/api/with-api-logging";
 import { authOptions } from "@/modules/auth/lib/authOptions";
 import { applyRateLimit } from "@/modules/core/rate-limit/helpers";
 import { rateLimitConfigs } from "@/modules/core/rate-limit/rate-limit-configs";
 import type { TRateLimitConfig } from "@/modules/core/rate-limit/types/rate-limit";
 import { queueAuditEvent } from "@/modules/ee/audit-logs/lib/handler";
 import { TAuditAction, TAuditTarget } from "@/modules/ee/audit-logs/types/audit-log";
 import {
  type InvalidParam,
  problemBadRequest,
@@ -18,7 +15,7 @@ import {
  problemTooManyRequests,
  problemUnauthorized,
 } from "./response";
-import type { TV3AuditLog, TV3Authentication } from "./types";
+import type { TV3Authentication } from "./types";
 type TV3Schema = z.ZodTypeAny;
 type MaybePromise<T> = T | Promise<T>;
@@ -41,7 +38,6 @@ export type TV3HandlerParams<TParsedInput = Record<string, never>, TProps = unkn
  req: NextRequest;
  props: TProps;
  authentication: TV3Authentication;
  auditLog?: TV3AuditLog;
  parsedInput: TParsedInput;
  requestId: string;
  instance: string;
@@ -52,8 +48,6 @@ export type TWithV3ApiWrapperParams<S extends TV3Schemas | undefined, TProps = u
  schemas?: S;
  rateLimit?: boolean;
  customRateLimitConfig?: TRateLimitConfig;
  action?: TAuditAction;
  targetType?: TAuditTarget;
  handler: (params: TV3HandlerParams<TV3ParsedInput<S>, TProps>) => MaybePromise<Response>;
 };
@@ -299,61 +293,10 @@ async function applyV3RateLimitOrRespond(params: {
  return null;
 }
 function buildV3AuditLog(
  authentication: TV3Authentication,
  action?: TAuditAction,
  targetType?: TAuditTarget,
  apiUrl?: string
 ): TV3AuditLog | undefined {
  if (!authentication || !action || !targetType || !apiUrl) {
    return undefined;
  }
  const auditLog = buildAuditLogBaseObject(action, targetType, apiUrl);
  if ("user" in authentication && authentication.user?.id) {
    auditLog.userId = authentication.user.id;
    auditLog.userType = "user";
  } else if ("apiKeyId" in authentication) {
    auditLog.userId = authentication.apiKeyId;
    auditLog.userType = "api";
    auditLog.organizationId = authentication.organizationId;
  }
  return auditLog;
 }
 async function queueV3AuditLog(
  auditLog: TV3AuditLog | undefined,
  requestId: string,
  log: ReturnType<typeof logger.withContext>
 ): Promise<void> {
  if (!auditLog) {
    return;
  }
  try {
    await queueAuditEvent({
      ...auditLog,
      ...(auditLog.status === "failure" ? { eventId: auditLog.eventId ?? requestId } : {}),
    });
  } catch (error) {
    log.error({ error }, "Failed to queue V3 audit event");
  }
 }
 export const withV3ApiWrapper = <S extends TV3Schemas | undefined, TProps = unknown>(
  params: TWithV3ApiWrapperParams<S, TProps>
 ): ((req: NextRequest, props: TProps) => Promise<Response>) => {
-  const {
+  const { auth = "both", schemas, rateLimit = true, customRateLimitConfig, handler } = params;
    auth = "both",
    schemas,
    rateLimit = true,
    customRateLimitConfig,
    handler,
    action,
    targetType,
  } = params;
  return async (req: NextRequest, props: TProps): Promise<Response> => {
    const requestId = req.headers.get("x-request-id") ?? crypto.randomUUID();
@@ -363,7 +306,6 @@ export const withV3ApiWrapper = <S extends TV3Schemas | undefined, TProps = unkn
      method: req.method,
      path: instance,
    });
    let auditLog: TV3AuditLog | undefined;
    try {
      const authResult = await authenticateV3RequestOrRespond(req, auth, requestId, instance);
@@ -389,33 +331,17 @@ export const withV3ApiWrapper = <S extends TV3Schemas | undefined, TProps = unkn
        return rateLimitResponse;
      }
      auditLog = buildV3AuditLog(authResult.authentication, action, targetType, req.url);
      const response = await handler({
        req,
        props,
        authentication: authResult.authentication,
        auditLog,
        parsedInput: parsedInputResult.parsedInput,
        requestId,
        instance,
      });
      if (auditLog) {
        if (response.ok) {
          auditLog.status = "success";
        } else {
          auditLog.eventId = requestId;
        }
      }
      await queueV3AuditLog(auditLog, requestId, log);
      return ensureRequestIdHeader(response, requestId);
    } catch (error) {
      if (auditLog) {
        auditLog.eventId = requestId;
        await queueV3AuditLog(auditLog, requestId, log);
      }
      log.error({ error, statusCode: 500 }, "V3 API unexpected error");
      return problemInternalError(requestId, "An unexpected error occurred.", instance);
    }
@@ -7,7 +7,6 @@ import {
  problemTooManyRequests,
  problemUnauthorized,
  successListResponse,
  successResponse,
 } from "./response";
 describe("v3 problem responses", () => {
@@ -94,27 +93,3 @@ describe("successListResponse", () => {
    expect(res.headers.get("Cache-Control")).toBe("private, max-age=0");
  });
 });
 describe("successResponse", () => {
  test("wraps the payload in a data envelope", async () => {
    const res = successResponse({ id: "survey_1" }, { requestId: "req-success" });
    expect(res.status).toBe(200);
    expect(res.headers.get("X-Request-Id")).toBe("req-success");
    expect(res.headers.get("Cache-Control")).toContain("no-store");
    expect(await res.json()).toEqual({
      data: { id: "survey_1" },
    });
  });
  test("allows custom status and cache headers", async () => {
    const res = successResponse(
      { ok: true },
      {
        cache: "private, max-age=60",
        status: 202,
      }
    );
    expect(res.status).toBe(202);
    expect(res.headers.get("Cache-Control")).toBe("private, max-age=60");
  });
 });
@@ -147,27 +147,3 @@ export function successListResponse<T, TMeta extends Record<string, unknown>>(
  }
  return Response.json({ data, meta }, { status: 200, headers });
 }
 export function successResponse<T>(
  data: T,
  options?: { requestId?: string; cache?: string; status?: number }
 ): Response {
  const headers: Record<string, string> = {
    "Content-Type": "application/json",
    "Cache-Control": options?.cache ?? CACHE_NO_STORE,
  };
  if (options?.requestId) {
    headers["X-Request-Id"] = options.requestId;
  }
  return Response.json(
    {
      data,
    },
    {
      status: options?.status ?? 200,
      headers,
    }
  );
 }
@@ -1,6 +1,4 @@
 import type { Session } from "next-auth";
 import type { TAuthenticationApiKey } from "@formbricks/types/auth";
 import type { TApiAuditLog } from "@/app/lib/api/with-api-logging";
 export type TV3Authentication = TAuthenticationApiKey | Session | null;
 export type TV3AuditLog = TApiAuditLog;
@@ -1,321 +0,0 @@
 import { ApiKeyPermission, EnvironmentType } from "@prisma/client";
 import { NextRequest } from "next/server";
 import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
 import { getSurvey } from "@/lib/survey/service";
 import { deleteSurvey } from "@/modules/survey/lib/surveys";
 import { DELETE } from "./route";
 const { mockAuthenticateRequest } = vi.hoisted(() => ({
  mockAuthenticateRequest: vi.fn(),
 }));
 const { mockQueueAuditEvent, mockBuildAuditLogBaseObject } = vi.hoisted(() => ({
  mockQueueAuditEvent: vi.fn().mockImplementation(async () => undefined),
  mockBuildAuditLogBaseObject: vi.fn((action: string, targetType: string, apiUrl: string) => ({
    action,
    targetType,
    userId: "unknown",
    targetId: "unknown",
    organizationId: "unknown",
    status: "failure",
    oldObject: undefined,
    newObject: undefined,
    userType: "api",
    apiUrl,
  })),
 }));
 vi.mock("next-auth", () => ({
  getServerSession: vi.fn(),
 }));
 vi.mock("@/app/api/v1/auth", async (importOriginal) => {
  const actual = await importOriginal<typeof import("@/app/api/v1/auth")>();
  return { ...actual, authenticateRequest: mockAuthenticateRequest };
 });
 vi.mock("@/modules/core/rate-limit/helpers", () => ({
  applyRateLimit: vi.fn().mockResolvedValue(undefined),
  applyIPRateLimit: vi.fn().mockResolvedValue(undefined),
 }));
 vi.mock("@/lib/constants", async (importOriginal) => {
  const actual = await importOriginal<typeof import("@/lib/constants")>();
  return { ...actual, AUDIT_LOG_ENABLED: false };
 });
 vi.mock("@/app/api/v3/lib/auth", () => ({
  requireV3WorkspaceAccess: vi.fn(),
 }));
 vi.mock("@/lib/survey/service", () => ({
  getSurvey: vi.fn(),
 }));
 vi.mock("@/modules/survey/lib/surveys", () => ({
  deleteSurvey: vi.fn(),
 }));
 vi.mock("@/modules/ee/audit-logs/lib/handler", () => ({
  queueAuditEvent: mockQueueAuditEvent,
 }));
 vi.mock("@/app/lib/api/with-api-logging", () => ({
  buildAuditLogBaseObject: mockBuildAuditLogBaseObject,
 }));
 vi.mock("@formbricks/logger", () => ({
  logger: {
    withContext: vi.fn(() => ({
      warn: vi.fn(),
      error: vi.fn(),
    })),
  },
 }));
 const getServerSession = vi.mocked((await import("next-auth")).getServerSession);
 const queueAuditEvent = vi.mocked((await import("@/modules/ee/audit-logs/lib/handler")).queueAuditEvent);
 const surveyId = "clxx1234567890123456789012";
 const environmentId = "clzz9876543210987654321098";
 function createRequest(url: string, requestId?: string, extraHeaders?: Record<string, string>): NextRequest {
  const headers: Record<string, string> = { ...extraHeaders };
  if (requestId) {
    headers["x-request-id"] = requestId;
  }
  return new NextRequest(url, {
    method: "DELETE",
    headers,
  });
 }
 const apiKeyAuth = {
  type: "apiKey" as const,
  apiKeyId: "key_1",
  organizationId: "org_1",
  organizationAccess: {
    accessControl: { read: true, write: true },
  },
  environmentPermissions: [
    {
      environmentId,
      environmentType: EnvironmentType.development,
      projectId: "proj_1",
      projectName: "P",
      permission: ApiKeyPermission.write,
    },
  ],
 };
 describe("DELETE /api/v3/surveys/[surveyId]", () => {
  beforeEach(() => {
    vi.resetAllMocks();
    getServerSession.mockResolvedValue({
      user: { id: "user_1", name: "User", email: "u@example.com" },
      expires: "2026-01-01",
    } as any);
    mockAuthenticateRequest.mockResolvedValue(null);
    vi.mocked(getSurvey).mockResolvedValue({
      id: surveyId,
      name: "Delete me",
      environmentId,
      type: "link",
      status: "draft",
      createdAt: new Date("2026-04-15T10:00:00.000Z"),
      updatedAt: new Date("2026-04-15T10:00:00.000Z"),
      responseCount: 0,
      creator: { name: "User" },
      singleUse: null,
    } as any);
    vi.mocked(deleteSurvey).mockResolvedValue({
      id: surveyId,
      environmentId,
      type: "link",
      segment: null,
      triggers: [],
    } as any);
    vi.mocked(requireV3WorkspaceAccess).mockResolvedValue({
      environmentId,
      projectId: "proj_1",
      organizationId: "org_1",
    });
  });
  afterEach(() => {
    vi.clearAllMocks();
  });
  test("returns 401 when no session and no API key", async () => {
    getServerSession.mockResolvedValue(null);
    mockAuthenticateRequest.mockResolvedValue(null);
    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(res.status).toBe(401);
    expect(vi.mocked(getSurvey)).not.toHaveBeenCalled();
  });
  test("returns 200 with session auth and deletes the survey", async () => {
    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-delete"), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(res.status).toBe(200);
    expect(requireV3WorkspaceAccess).toHaveBeenCalledWith(
      expect.objectContaining({ user: expect.any(Object) }),
      environmentId,
      "readWrite",
      "req-delete",
      `/api/v3/surveys/${surveyId}`
    );
    expect(deleteSurvey).toHaveBeenCalledWith(surveyId);
    expect(await res.json()).toEqual({
      data: {
        id: surveyId,
      },
    });
  });
  test("returns 200 with x-api-key when the key can delete in the survey workspace", async () => {
    getServerSession.mockResolvedValue(null);
    mockAuthenticateRequest.mockResolvedValue(apiKeyAuth as any);
    const res = await DELETE(
      createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-api-key", {
        "x-api-key": "fbk_test",
      }),
      {
        params: Promise.resolve({ surveyId }),
      } as never
    );
    expect(res.status).toBe(200);
    expect(requireV3WorkspaceAccess).toHaveBeenCalledWith(
      expect.objectContaining({ apiKeyId: "key_1" }),
      environmentId,
      "readWrite",
      "req-api-key",
      `/api/v3/surveys/${surveyId}`
    );
  });
  test("returns 400 when surveyId is invalid", async () => {
    const res = await DELETE(createRequest("http://localhost/api/v3/surveys/not-a-cuid"), {
      params: Promise.resolve({ surveyId: "not-a-cuid" }),
    } as never);
    expect(res.status).toBe(400);
    expect(vi.mocked(getSurvey)).not.toHaveBeenCalled();
  });
  test("returns 403 when the survey does not exist", async () => {
    vi.mocked(getSurvey).mockResolvedValueOnce(null);
    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(res.status).toBe(403);
    expect(deleteSurvey).not.toHaveBeenCalled();
  });
  test("returns 403 when the user lacks readWrite workspace access", async () => {
    vi.mocked(requireV3WorkspaceAccess).mockResolvedValueOnce(
      new Response(
        JSON.stringify({
          title: "Forbidden",
          status: 403,
          detail: "You are not authorized to access this resource",
          requestId: "req-forbidden",
        }),
        { status: 403, headers: { "Content-Type": "application/problem+json" } }
      )
    );
    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-forbidden"), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(res.status).toBe(403);
    expect(deleteSurvey).not.toHaveBeenCalled();
    expect(queueAuditEvent).toHaveBeenCalledWith(
      expect.objectContaining({
        action: "deleted",
        targetType: "survey",
        targetId: "unknown",
        organizationId: "unknown",
        userId: "user_1",
        userType: "user",
        status: "failure",
        oldObject: undefined,
      })
    );
  });
  test("returns 500 when survey deletion fails", async () => {
    vi.mocked(deleteSurvey).mockRejectedValueOnce(new DatabaseError("db down"));
    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-db"), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(res.status).toBe(500);
    const body = await res.json();
    expect(body.code).toBe("internal_server_error");
  });
  test("returns 403 when the survey is deleted after authorization succeeds", async () => {
    vi.mocked(deleteSurvey).mockRejectedValueOnce(new ResourceNotFoundError("Survey", surveyId));
    const res = await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-race"), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(res.status).toBe(403);
    const body = await res.json();
    expect(body.code).toBe("forbidden");
    expect(queueAuditEvent).toHaveBeenCalledWith(
      expect.objectContaining({
        action: "deleted",
        targetType: "survey",
        targetId: surveyId,
        organizationId: "org_1",
        userId: "user_1",
        userType: "user",
        status: "failure",
        oldObject: expect.objectContaining({
          id: surveyId,
          environmentId,
        }),
      })
    );
  });
  test("queues an audit log with target, actor, organization, and old object", async () => {
    await DELETE(createRequest(`http://localhost/api/v3/surveys/${surveyId}`, "req-audit"), {
      params: Promise.resolve({ surveyId }),
    } as never);
    expect(queueAuditEvent).toHaveBeenCalledWith(
      expect.objectContaining({
        action: "deleted",
        targetType: "survey",
        targetId: surveyId,
        organizationId: "org_1",
        userId: "user_1",
        userType: "user",
        status: "success",
        oldObject: expect.objectContaining({
          id: surveyId,
          environmentId,
        }),
      })
    );
  });
 });
@@ -1,72 +0,0 @@
 import { z } from "zod";
 import { logger } from "@formbricks/logger";
 import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { withV3ApiWrapper } from "@/app/api/v3/lib/api-wrapper";
 import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
 import { problemForbidden, problemInternalError, successResponse } from "@/app/api/v3/lib/response";
 import { getSurvey } from "@/lib/survey/service";
 import { deleteSurvey } from "@/modules/survey/lib/surveys";
 export const DELETE = withV3ApiWrapper({
  auth: "both",
  action: "deleted",
  targetType: "survey",
  schemas: {
    params: z.object({
      surveyId: z.cuid2(),
    }),
  },
  handler: async ({ parsedInput, authentication, requestId, instance, auditLog }) => {
    const surveyId = parsedInput.params.surveyId;
    const log = logger.withContext({ requestId, surveyId });
    try {
      const survey = await getSurvey(surveyId);
      if (!survey) {
        log.warn({ statusCode: 403 }, "Survey not found or not accessible");
        return problemForbidden(requestId, "You are not authorized to access this resource", instance);
      }
      const authResult = await requireV3WorkspaceAccess(
        authentication,
        survey.environmentId,
        "readWrite",
        requestId,
        instance
      );
      if (authResult instanceof Response) {
        return authResult;
      }
      if (auditLog) {
        auditLog.targetId = survey.id;
        auditLog.organizationId = authResult.organizationId;
        auditLog.oldObject = survey;
      }
      const deletedSurvey = await deleteSurvey(surveyId);
      return successResponse(
        {
          id: deletedSurvey.id,
        },
        { requestId }
      );
    } catch (error) {
      if (error instanceof ResourceNotFoundError) {
        log.warn({ errorCode: error.name, statusCode: 403 }, "Survey not found or not accessible");
        return problemForbidden(requestId, "You are not authorized to access this resource", instance);
      }
      if (error instanceof DatabaseError) {
        log.error({ error, statusCode: 500 }, "Database error");
        return problemInternalError(requestId, "An unexpected error occurred.", instance);
      }
      log.error({ error, statusCode: 500 }, "V3 survey delete unexpected error");
      return problemInternalError(requestId, "An unexpected error occurred.", instance);
    }
  },
 });
@@ -34,7 +34,7 @@ describe("parseV3SurveysListQuery", () => {
      expect(r.invalid_params[0]).toEqual({
        name: "foo",
        reason:
-          "Unsupported query parameter. Use only workspaceId, limit, cursor, includeTotalCount, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
+          "Unsupported query parameter. Use only workspaceId, limit, cursor, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
      });
  });
@@ -45,7 +45,7 @@ describe("parseV3SurveysListQuery", () => {
      expect(r.invalid_params[0]).toEqual({
        name: "after",
        reason:
-          "Unsupported query parameter. Use only workspaceId, limit, cursor, includeTotalCount, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
+          "Unsupported query parameter. Use only workspaceId, limit, cursor, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
      });
    }
  });
@@ -57,7 +57,7 @@ describe("parseV3SurveysListQuery", () => {
      expect(r.invalid_params[0]).toEqual({
        name: "name",
        reason:
-          "Unsupported query parameter. Use only workspaceId, limit, cursor, includeTotalCount, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
+          "Unsupported query parameter. Use only workspaceId, limit, cursor, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
      });
    }
  });
@@ -68,20 +68,11 @@ describe("parseV3SurveysListQuery", () => {
    if (r.ok) {
      expect(r.limit).toBe(20);
      expect(r.cursor).toBeNull();
      expect(r.includeTotalCount).toBe(true);
      expect(r.sortBy).toBe("updatedAt");
      expect(r.filterCriteria).toBeUndefined();
    }
  });
  test("parses includeTotalCount=false", () => {
    const r = parseV3SurveysListQuery(params(`workspaceId=${wid}&includeTotalCount=false`));
    expect(r.ok).toBe(true);
    if (r.ok) {
      expect(r.includeTotalCount).toBe(false);
    }
  });
  test("builds filter from explicit operator params", () => {
    const r = parseV3SurveysListQuery(
      params(
@@ -111,7 +102,7 @@ describe("parseV3SurveysListQuery", () => {
      expect(r.invalid_params[0]).toEqual({
        name: "filter[createdBy][in]",
        reason:
-          "Unsupported query parameter. Use only workspaceId, limit, cursor, includeTotalCount, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
+          "Unsupported query parameter. Use only workspaceId, limit, cursor, filter[name][contains], filter[status][in], filter[type][in], sortBy.",
      });
    }
  });
@@ -28,7 +28,6 @@ const SUPPORTED_QUERY_PARAMS = [
  "workspaceId",
  "limit",
  "cursor",
  "includeTotalCount",
  FILTER_NAME_CONTAINS_QUERY_PARAM,
  FILTER_STATUS_IN_QUERY_PARAM,
  FILTER_TYPE_IN_QUERY_PARAM,
@@ -54,11 +53,6 @@ const ZV3SurveysListQuery = z.object({
  workspaceId: ZId,
  limit: z.coerce.number().int().min(1).max(V3_SURVEYS_MAX_LIMIT).default(V3_SURVEYS_DEFAULT_LIMIT),
  cursor: z.string().min(1).optional(),
  includeTotalCount: z
    .enum(["true", "false"])
    .optional()
    .transform((value) => value !== "false")
    .default(true),
  [FILTER_NAME_CONTAINS_QUERY_PARAM]: z
    .string()
    .max(512)
@@ -77,7 +71,6 @@ export type TV3SurveysListQueryParseResult =
      workspaceId: string;
      limit: number;
      cursor: TSurveyListPageCursor | null;
      includeTotalCount: boolean;
      sortBy: TSurveyListSort;
      filterCriteria: TSurveyFilterCriteria | undefined;
    }
@@ -118,7 +111,6 @@ export function parseV3SurveysListQuery(searchParams: URLSearchParams): TV3Surve
    workspaceId: searchParams.get("workspaceId"),
    limit: searchParams.get("limit") ?? undefined,
    cursor: searchParams.get("cursor")?.trim() || undefined,
    includeTotalCount: searchParams.get("includeTotalCount")?.trim() || undefined,
    [FILTER_NAME_CONTAINS_QUERY_PARAM]: searchParams.get(FILTER_NAME_CONTAINS_QUERY_PARAM) ?? undefined,
    [FILTER_STATUS_IN_QUERY_PARAM]: statusVals.length > 0 ? statusVals : undefined,
    [FILTER_TYPE_IN_QUERY_PARAM]: typeVals.length > 0 ? typeVals : undefined,
@@ -161,7 +153,6 @@ export function parseV3SurveysListQuery(searchParams: URLSearchParams): TV3Surve
    workspaceId: q.workspaceId,
    limit: q.limit,
    cursor,
    includeTotalCount: q.includeTotalCount,
    sortBy,
    filterCriteria: buildFilterCriteria(q),
  };
@@ -4,7 +4,7 @@ import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { requireV3WorkspaceAccess } from "@/app/api/v3/lib/auth";
 import { getSurveyCount } from "@/modules/survey/list/lib/survey";
-import { encodeSurveyListPageCursor, getSurveyListPage } from "@/modules/survey/list/lib/survey-page";
+import { getSurveyListPage } from "@/modules/survey/list/lib/survey-page";
 import { GET } from "./route";
 const { mockAuthenticateRequest } = vi.hoisted(() => ({
@@ -257,29 +257,6 @@ describe("GET /api/v3/surveys", () => {
    expect(getSurveyCount).toHaveBeenCalledWith(resolvedEnvironmentId, undefined);
  });
  test("skips totalCount when includeTotalCount=false", async () => {
    vi.mocked(getSurveyListPage).mockResolvedValue({
      surveys: [],
      nextCursor: null,
    });
    const cursor = encodeSurveyListPageCursor({
      version: 1,
      sortBy: "updatedAt",
      value: "2026-04-15T10:00:00.000Z",
      id: "survey_1",
    });
    const req = createRequest(
      `http://localhost/api/v3/surveys?workspaceId=${validWorkspaceId}&cursor=${cursor}&includeTotalCount=false`
    );
    const res = await GET(req, {} as any);
    expect(res.status).toBe(200);
    const body = await res.json();
    expect(body.meta).toEqual({ limit: 20, nextCursor: null, totalCount: null });
    expect(getSurveyCount).not.toHaveBeenCalled();
  });
  test("passes filter query to getSurveyListPage", async () => {
    const filterCriteria = { status: ["inProgress"] };
    const req = createRequest(
@@ -344,11 +321,11 @@ describe("GET /api/v3/surveys", () => {
    const res = await GET(req, {} as any);
    const body = await res.json();
    expect(body.data[0]).not.toHaveProperty("blocks");
    expect(body.data[0]).not.toHaveProperty("singleUse");
    expect(body.data[0]).not.toHaveProperty("_count");
    expect(body.data[0]).not.toHaveProperty("environmentId");
    expect(body.data[0].id).toBe("s1");
    expect(body.data[0].workspaceId).toBe("env_1");
    expect(body.data[0].singleUse).toBeNull();
  });
  test("returns 403 when getSurveyListPage throws ResourceNotFoundError", async () => {
@@ -46,22 +46,21 @@ export const GET = withV3ApiWrapper({
      const { environmentId } = authResult;
-      const surveyPagePromise = getSurveyListPage(environmentId, {
+      const [{ surveys, nextCursor }, totalCount] = await Promise.all([
-        limit: parsed.limit,
+        getSurveyListPage(environmentId, {
-        cursor: parsed.cursor,
+          limit: parsed.limit,
-        sortBy: parsed.sortBy,
+          cursor: parsed.cursor,
-        filterCriteria: parsed.filterCriteria,
+          sortBy: parsed.sortBy,
-      });
+          filterCriteria: parsed.filterCriteria,
-      const totalCountPromise = parsed.includeTotalCount
+        }),
-        ? getSurveyCount(environmentId, parsed.filterCriteria)
+        getSurveyCount(environmentId, parsed.filterCriteria),
-        : Promise.resolve(null);
+      ]);
      const [surveyPage, totalCount] = await Promise.all([surveyPagePromise, totalCountPromise]);
      return successListResponse(
-        surveyPage.surveys.map(serializeV3SurveyListItem),
+        surveys.map(serializeV3SurveyListItem),
        {
          limit: parsed.limit,
-          nextCursor: surveyPage.nextCursor,
+          nextCursor,
          totalCount,
        },
        { requestId, cache: "private, no-store" }
@@ -1,6 +1,6 @@
 import type { TSurvey } from "@/modules/survey/list/types/surveys";
-export type TV3SurveyListItem = Omit<TSurvey, "environmentId"> & {
+export type TV3SurveyListItem = Omit<TSurvey, "environmentId" | "singleUse"> & {
  workspaceId: string;
 };
@@ -9,7 +9,7 @@ export type TV3SurveyListItem = Omit<TSurvey, "environmentId"> & {
 * Internally surveys are still scoped by environmentId; externally v3 exposes workspaceId.
 */
 export function serializeV3SurveyListItem(survey: TSurvey): TV3SurveyListItem {
-  const { environmentId, ...rest } = survey;
+  const { environmentId, singleUse: _omitSingleUse, ...rest } = survey;
  return {
    ...rest,
@@ -1647,14 +1647,14 @@ const identifyCustomerGoals = (t: TFunction): TTemplate => {
          elements: [
            buildMultipleChoiceElement({
              type: TSurveyElementTypeEnum.MultipleChoiceSingle,
-              headline: t("templates.identify_customer_goals_question_1_headline"),
+              headline: "What's your primary goal for using $[projectName]?",
              required: true,
              shuffleOption: "none",
              choices: [
-                t("templates.identify_customer_goals_question_1_choice_1"),
+                "Understand my user base deeply",
-                t("templates.identify_customer_goals_question_1_choice_2"),
+                "Identify upselling opportunities",
-                t("templates.identify_customer_goals_question_1_choice_3"),
+                "Build the best possible product",
-                t("templates.identify_customer_goals_question_1_choice_4"),
+                "Rule the world to make everyone breakfast brussels sprouts.",
              ],
            }),
          ],
@@ -19,7 +19,6 @@
      "ro-RO",
      "ru-RU",
      "sv-SE",
      "tr-TR",
      "zh-Hans-CN",
      "zh-Hant-TW"
    ]
@@ -170,7 +170,6 @@ checksums:
    common/created_by: 6775c2fa7d495fea48f1ad816daea93b
    common/customer_success: 2b0c99a5f57e1d16cf0a998f9bb116c4
    common/dark_overlay: 173e84b526414dbc70dbf9737e443b60
    common/data_refreshed_successfully: 85728c61a9e1a16e46af69ddf0dbcda6
    common/date: 56f41c5d30a76295bb087b20b7bee4c3
    common/days: c95fe8aedde21a0b5653dbd0b3c58b48
    common/default: d9c6dc5c412fe94143dfd1d332ec81d4
@@ -316,6 +315,7 @@ checksums:
    common/other: 79acaa6cd481262bea4e743a422529d2
    common/other_filters: 20b09213c131db47eb8b23e72d0c4bea
    common/other_placeholder: f3a0fa2eaaf75aa92b290449c928c081
    common/others: 39160224ce0e35eb4eb252c997edf4d8
    common/overlay_color: 4b72073285d13fff93d094aabffe05ac
    common/overview: 30c54e4dc4ce599b87d94be34a8617f5
    common/password: 223a61cf906ab9c40d22612c588dff48
@@ -333,6 +333,7 @@ checksums:
    common/please_upgrade_your_plan: 03d54a21ecd27723c72a13644837e5ed
    common/powered_by_formbricks: 1c3e19894583292bfaf686cac84a4960
    common/preview: 3173ee1f0f1d4e50665ca4a84c38e15d
    common/preview_survey: 7409e9c118e3e5d5f2a86201c2b354f2
    common/privacy: 7459744a63ef8af4e517a09024bd7c08
    common/product_manager: dfeadc96e6d3de22a884ee97974b505e
    common/production: 226e0ce83b49700bc1b1c08c4c3ed23a
@@ -347,7 +348,6 @@ checksums:
    common/quotas_description: a2caa44fa74664b3b6007e813f31a754
    common/read_docs: d06513c266fdd9056e0500eab838ebac
    common/recipients: f90e7f266be3f5a724858f21a9fd855e
    common/refresh: c0aec3f31be4c984bae9a482572d2857
    common/remove: dba2fe5fe9f83f8078c687f28cba4b52
    common/remove_from_team: 69bcc7a1001c3017f9de578ee22cffd6
    common/reorder_and_hide_columns: a5e3d7c0c7ef879211d05a37be1c5069
@@ -468,6 +468,7 @@ checksums:
    common/workspace_name_placeholder: 8a9e30ab01666af13c44a73b82c37ec1
    common/workspaces: 8ba082a84aa35cf851af1cf874b853e2
    common/years: eb4f5fdd2b320bf13e200fd6a6c1abff
    common/you: db2a4a796b70cc1430d1b21f6ffb6dcb
    common/you_are_downgraded_to_the_community_edition: e3ae56502ff787109cae0997519f628e
    common/you_are_not_authorized_to_perform_this_action: 1b3255ab740582ddff016a399f8bf302
    common/you_have_reached_your_limit_of_workspace_limit: 54d754c3267036742f23fb05fd3fcc45
@@ -640,6 +641,8 @@ checksums:
    environments/contacts/attributes_msg_new_attribute_created: 5cba6158c4305c05104814ec1479267c
    environments/contacts/attributes_msg_userid_already_exists: 9c695538befc152806c460f52a73821a
    environments/contacts/contact_deleted_successfully: c5b64a42a50e055f9e27ec49e20e03fa
    environments/contacts/contacts_table_refresh: 6a959475991dd4ab28ad881bae569a09
    environments/contacts/contacts_table_refresh_success: 40951396e88e5c8fdafa0b3bb4fadca8
    environments/contacts/create_attribute: 87320615901f95b4f35ee83c290a3a6c
    environments/contacts/create_new_attribute: c17d407dacd0b90f360f9f5e899d662f
    environments/contacts/create_new_attribute_description: cc19d76bb6940537bbe3461191f25d26
@@ -789,9 +792,6 @@ checksums:
    environments/integrations/notion/update_connection_tooltip: 2429919f575e47f5c76e54b4442ba706
    environments/integrations/notion_integration_description: 31a73dbe88fe18a078d6dc15f0c303e2
    environments/integrations/please_select_a_survey_error: 465aa7048773079c8ffdde8b333b78eb
    environments/integrations/reconnect_button: 8992a0f250278c116cb26be448b68ba2
    environments/integrations/reconnect_button_description: 01f79dc561ff87b5f2a80bf66e492844
    environments/integrations/reconnect_button_tooltip: 5552effda9df8d6778dda1cf42e5d880
    environments/integrations/select_at_least_one_question_error: a3513cb02ab0de2a1531893ac0c7e089
    environments/integrations/slack/already_connected_another_survey: 4508f9e4a2915e3818ea5f9e2695e000
    environments/integrations/slack/channel_name: 1afcd1d0401850ff353f5ae27502b04a
@@ -1137,7 +1137,7 @@ checksums:
    environments/settings/general/organization_invite_link_ready: e54b37c4ec2e5a9ea9f6bc6e5b512b0b
    environments/settings/general/organization_name: 73c9b31c9032a22bd84a07881942bb04
    environments/settings/general/organization_name_description: ff517b4749a332b94a26110d7c7e771f
-    environments/settings/general/organization_name_placeholder: abcee7d91a848e573b63a763cfaf6a08
+    environments/settings/general/organization_name_placeholder: fc91de3ddc89ab77f30d555778312380
    environments/settings/general/organization_name_updated_successfully: d36ba3a4f614d30b10e696d25da22432
    environments/settings/general/organization_settings: d31952131ad5f0ec72ad96f1ed11bef6
    environments/settings/general/please_add_a_logo: 66d6f97a2e7b27efc04bd653240ee813
@@ -1192,7 +1192,6 @@ checksums:
    environments/settings/profile/update_personal_info: 5806f9bae0248a604cf85a2d8790a606
    environments/settings/profile/warning_cannot_delete_account: 07c25c3829149cd7171e7ad88229deac
    environments/settings/profile/warning_cannot_undo: dd1b2a59ff244b362d1d0d4eb1dbf7c6
    environments/settings/profile/wrong_password: e3523f78b302d11b33af6cc40d8df9da
    environments/settings/teams/add_members_description: 96e1e7125a0dfeaecc2c238eda3a216f
    environments/settings/teams/add_workspaces_description: f0f0cdd4d1032fbcb83d34a780bdfa52
    environments/settings/teams/all_members_added: 0541be1777b5c838f2e039035488506c
@@ -1240,7 +1239,12 @@ checksums:
    environments/settings/teams/you_are_a_member: cf5af638d5371c8fbc337e92519e5150
    environments/surveys/all_set_time_to_create_first_survey: 21d3bb74c3b9642b3195d17c17346399
    environments/surveys/alphabetical: 5fcfeff9c5fd28714f0a390e0ddaaaee
    environments/surveys/copy_survey: de8142b45e7bca61f2dca0069a62b417
    environments/surveys/copy_survey_description: 66d0aadf192ad5790fbf3f55f3bb5485
    environments/surveys/copy_survey_error: 74cab7d84ea8b669e106d4c326cac005
    environments/surveys/copy_survey_link_to_clipboard: 77387e3d3de4be07a2a34963f73cd7e8
    environments/surveys/copy_survey_partially_success: a436a5fb7167b95c2308794d35aab070
    environments/surveys/copy_survey_success: a829e645fe034b3e712d0b8572a5edc4
    environments/surveys/delete_survey_and_responses_warning: 3320c91c1fd27378b7f3d6abc003f2ae
    environments/surveys/edit/activate_translations: af127c1bed2b47e2012e3a23e489ecb8
    environments/surveys/edit/add: 5196f5cd4ba3a6ac8edef91345e17f66
@@ -1292,7 +1296,7 @@ checksums:
    environments/surveys/edit/audience: a4d9fab4214a641e2d358fbb28f010e0
    environments/surveys/edit/auto_close_on_inactivity: 093db516799315ccd4242a3675693012
    environments/surveys/edit/auto_progress_rating_and_nps: 76b98e95a5b850850baa0ccc3c7fbf7c
-    environments/surveys/edit/auto_progress_rating_and_nps_description: 2a992dd8a5b9532f178f9a21881feb9a
+    environments/surveys/edit/auto_progress_rating_and_nps_description: cbf676789b9f3f47e36bdf35fa58282b
    environments/surveys/edit/auto_save_disabled: f7411fb0dcfb8f7b19b85f0be54f2231
    environments/surveys/edit/auto_save_disabled_tooltip: 77322e1e866b7d29f7641a88bbd3b681
    environments/surveys/edit/auto_save_on: 1524d466830b00c5d727c701db404963
@@ -1482,7 +1486,7 @@ checksums:
    environments/surveys/edit/hide_question_settings: 99127cd016db2f7fc80333b36473c0ef
    environments/surveys/edit/hostname: 9bdaa7692869999df51bb60d58d9ef62
    environments/surveys/edit/if_you_need_more_please: a7d208c283caf6b93800b809fca80768
-    environments/surveys/edit/if_you_really_want_that_answer_ask_until_you_get_it: 5abd8b702f9fb0e3815c3413d6f8aef6
+    environments/surveys/edit/if_you_really_want_that_answer_ask_until_you_get_it: 31c18a8c7c578db2ba49eed663d1739f
    environments/surveys/edit/ignore_global_waiting_time: e08db543ace4935625e0961cc6e60489
    environments/surveys/edit/ignore_global_waiting_time_description: 37d173a4d537622de40677389238d859
    environments/surveys/edit/image: 048ba7a239de0fbd883ade8558415830
@@ -1961,6 +1965,7 @@ checksums:
    environments/surveys/summary/downloading_qr_code: 3c46bf636e617848a4fca9b6c5b51dac
    environments/surveys/summary/drop_offs: 605ee950f82110132d6c5780926af109
    environments/surveys/summary/drop_offs_tooltip: 2a01683380be45f17636365886cf3452
    environments/surveys/summary/failed_to_copy_link: 4e891c757c80e770674e8e74d1c08487
    environments/surveys/summary/filter_added_successfully: e247f65020cd87454bcec0da6f0fd034
    environments/surveys/summary/filter_updated_successfully: 01146bc7e6394e271836be2f1b3a257b
    environments/surveys/summary/filtered_responses_csv: aad66a98be6a09cac8bef9e4db4a75cf
@@ -2045,6 +2050,7 @@ checksums:
    environments/surveys/summary/youre_not_plugged_in_yet: f19da3cd474b9a3cf28e956fd811fb00
    environments/surveys/survey_deleted_successfully: a6b654cc914b344a4475fd2fd4a98cc5
    environments/surveys/survey_duplicated_successfully: 91e244f1e7a33640bb4817166a01ff46
    environments/surveys/survey_duplication_error: 35994330aed844ce37d8b4f09df24581
    environments/surveys/templates/all_channels: 6be67a82fc7326dc2304b23ab3348b87
    environments/surveys/templates/all_industries: c7354412fe34585526ff2232aadace41
    environments/surveys/templates/all_roles: 6582ccd0a2349c162a7ae1574cdf76be
@@ -2726,11 +2732,6 @@ checksums:
    templates/gauge_feature_satisfaction_question_2_headline: 0fcbefbfcf5c21e42de8a36cb2cad854
    templates/identify_customer_goals_description: c30d06df9e5c76334e4c3d470ee6e4d8
    templates/identify_customer_goals_name: f8123dbfa22e169517a811fae7496595
    templates/identify_customer_goals_question_1_choice_1: a6803cfbdbd6208eedf5c691f9e106a5
    templates/identify_customer_goals_question_1_choice_2: 7461749517d62030ec2e3915cf1d223b
    templates/identify_customer_goals_question_1_choice_3: 725eb3ee0d4f2d229fcf588c21e66a86
    templates/identify_customer_goals_question_1_choice_4: 3985521036afaf1cbd2bdc7a4d86d351
    templates/identify_customer_goals_question_1_headline: bd9cd414fb723110d7f0a786bbf89d6c
    templates/identify_sign_up_barriers_description: 5b2fbee8c425d7a4d0706ec3628cea11
    templates/identify_sign_up_barriers_name: 3bbc5352dfa7a9c237bc2c6b21b608dd
    templates/identify_sign_up_barriers_question_1_button_label: 080fd22c580f56ffdcea6c3d60448b84
@@ -1,16 +1,12 @@
 import { Prisma } from "@prisma/client";
 import { afterEach, describe, expect, test, vi } from "vitest";
 import { prisma } from "@formbricks/database";
-import { PrismaErrorType } from "@formbricks/database/types/error";
+import { TActionClass } from "@formbricks/types/action-classes";
-import { TActionClass, TActionClassInput } from "@formbricks/types/action-classes";
+import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { DatabaseError, ResourceNotFoundError, UniqueConstraintError } from "@formbricks/types/errors";
 import {
  createActionClass,
  deleteActionClass,
  getActionClass,
  getActionClassByEnvironmentIdAndName,
  getActionClasses,
  updateActionClass,
 } from "./service";
 vi.mock("@formbricks/database", () => ({
@@ -20,8 +16,6 @@ vi.mock("@formbricks/database", () => ({
      findFirst: vi.fn(),
      findUnique: vi.fn(),
      delete: vi.fn(),
      create: vi.fn(),
      update: vi.fn(),
    },
  },
 }));
@@ -184,147 +178,4 @@ describe("ActionClass Service", () => {
      await expect(deleteActionClass("id4")).rejects.toThrow("unknown");
    });
  });
  describe("createActionClass", () => {
    const codeInput: TActionClassInput = {
      name: "Code Action",
      description: "desc",
      type: "code",
      key: "code-action-key",
      environmentId: "env-create",
    };
    const buildPrismaUniqueError = (target: string[]) =>
      Object.assign(
        new Prisma.PrismaClientKnownRequestError("Unique constraint failed", {
          code: PrismaErrorType.UniqueConstraintViolation,
          clientVersion: "test",
        }),
        { meta: { target } }
      );
    test("should create and return the action class", async () => {
      const created: TActionClass = {
        id: "id-create",
        createdAt: new Date(),
        updatedAt: new Date(),
        name: codeInput.name,
        description: codeInput.description ?? null,
        type: "code",
        key: codeInput.type === "code" ? codeInput.key : null,
        noCodeConfig: null,
        environmentId: codeInput.environmentId,
      };
      vi.mocked(prisma.actionClass.create).mockResolvedValue(created as never);
      const result = await createActionClass(codeInput.environmentId, codeInput);
      expect(result).toEqual(created);
    });
    test("should throw UniqueConstraintError on P2002 with target field", async () => {
      vi.mocked(prisma.actionClass.create).mockRejectedValue(buildPrismaUniqueError(["name"]));
      await expect(createActionClass(codeInput.environmentId, codeInput)).rejects.toThrow(
        UniqueConstraintError
      );
      await expect(createActionClass(codeInput.environmentId, codeInput)).rejects.toThrow(
        `Action with name ${codeInput.name} already exists`
      );
    });
    test("should throw UniqueConstraintError on P2002 even when target is missing", async () => {
      vi.mocked(prisma.actionClass.create).mockRejectedValue(
        Object.assign(
          new Prisma.PrismaClientKnownRequestError("Unique constraint failed", {
            code: PrismaErrorType.UniqueConstraintViolation,
            clientVersion: "test",
          }),
          { meta: undefined }
        )
      );
      await expect(createActionClass(codeInput.environmentId, codeInput)).rejects.toThrow(
        UniqueConstraintError
      );
    });
    test("should throw DatabaseError for non-P2002 errors", async () => {
      vi.mocked(prisma.actionClass.create).mockRejectedValue(new Error("boom"));
      await expect(createActionClass(codeInput.environmentId, codeInput)).rejects.toThrow(DatabaseError);
      await expect(createActionClass(codeInput.environmentId, codeInput)).rejects.toThrow(
        `Database error when creating an action for environment ${codeInput.environmentId}`
      );
    });
  });
  describe("updateActionClass", () => {
    const updateInput: Partial<TActionClassInput> = {
      name: "Renamed Action",
      description: "updated desc",
      type: "code",
      key: "renamed-key",
      environmentId: "env-update",
    };
    const buildPrismaUniqueError = (target: string[]) =>
      Object.assign(
        new Prisma.PrismaClientKnownRequestError("Unique constraint failed", {
          code: PrismaErrorType.UniqueConstraintViolation,
          clientVersion: "test",
        }),
        { meta: { target } }
      );
    test("should update and return the action class", async () => {
      const updated = {
        id: "id-update",
        createdAt: new Date(),
        updatedAt: new Date(),
        name: updateInput.name,
        description: updateInput.description ?? null,
        type: "code" as const,
        key: "renamed-key",
        noCodeConfig: null,
        environmentId: updateInput.environmentId,
        surveyTriggers: [],
      };
      vi.mocked(prisma.actionClass.update).mockResolvedValue(updated as never);
      const result = await updateActionClass(updateInput.environmentId!, "id-update", updateInput);
      expect(result).toEqual(updated);
    });
    test("should throw UniqueConstraintError on P2002 with target field", async () => {
      vi.mocked(prisma.actionClass.update).mockRejectedValue(buildPrismaUniqueError(["name"]));
      await expect(updateActionClass(updateInput.environmentId!, "id-update", updateInput)).rejects.toThrow(
        UniqueConstraintError
      );
      await expect(updateActionClass(updateInput.environmentId!, "id-update", updateInput)).rejects.toThrow(
        `Action with name ${updateInput.name} already exists`
      );
    });
    test("should throw DatabaseError for other PrismaClientKnownRequestError codes", async () => {
      vi.mocked(prisma.actionClass.update).mockRejectedValue(
        new Prisma.PrismaClientKnownRequestError("Record not found", {
          code: "P2025",
          clientVersion: "test",
        })
      );
      await expect(updateActionClass(updateInput.environmentId!, "id-update", updateInput)).rejects.toThrow(
        DatabaseError
      );
    });
    test("should rethrow unknown errors", async () => {
      vi.mocked(prisma.actionClass.update).mockRejectedValue(new Error("boom"));
      await expect(updateActionClass(updateInput.environmentId!, "id-update", updateInput)).rejects.toThrow(
        "boom"
      );
    });
  });
 });
@@ -7,7 +7,7 @@ import { prisma } from "@formbricks/database";
 import { PrismaErrorType } from "@formbricks/database/types/error";
 import { TActionClass, TActionClassInput, ZActionClassInput } from "@formbricks/types/action-classes";
 import { ZId, ZOptionalNumber, ZString } from "@formbricks/types/common";
-import { DatabaseError, ResourceNotFoundError, UniqueConstraintError } from "@formbricks/types/errors";
+import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { ITEMS_PER_PAGE } from "../constants";
 import { validateInputs } from "../utils/validate";
@@ -135,7 +135,7 @@ export const createActionClass = async (
      error.code === PrismaErrorType.UniqueConstraintViolation
    ) {
      const targetField = (error.meta?.target as string[] | undefined)?.[0];
-      throw new UniqueConstraintError(
+      throw new DatabaseError(
        `Action with ${targetField} ${targetField ? (actionClass as Record<string, unknown>)[targetField] : ""} already exists`
      );
    }
@@ -185,7 +185,7 @@ export const updateActionClass = async (
      error.code === PrismaErrorType.UniqueConstraintViolation
    ) {
      const targetField = (error.meta?.target as string[] | undefined)?.[0];
-      throw new UniqueConstraintError(
+      throw new DatabaseError(
        `Action with ${targetField} ${targetField ? (inputActionClass as Record<string, unknown>)[targetField] : ""} already exists`
      );
    }
@@ -3,6 +3,7 @@ import { logger } from "@formbricks/logger";
 import { DatabaseError } from "@formbricks/types/errors";
 import { TIntegrationItem } from "@formbricks/types/integration";
 import {
  TIntegrationAirtable,
  TIntegrationAirtableConfigData,
  TIntegrationAirtableCredential,
  ZIntegrationAirtableBases,
@@ -23,11 +24,6 @@ export const getBases = async (key: string) => {
    },
  });
  if (!req.ok) {
    const body = await req.text().catch(() => "");
    throw new Error(`Airtable API error fetching bases: ${req.status} ${req.statusText} ${body}`);
  }
  const res = await req.json();
  return ZIntegrationAirtableBases.parse(res);
 };
@@ -39,11 +35,6 @@ const tableFetcher = async (key: TIntegrationAirtableCredential, baseId: string)
    },
  });
  if (!req.ok) {
    const body = await req.text().catch(() => "");
    throw new Error(`Airtable API error fetching tables: ${req.status} ${req.statusText} ${body}`);
  }
  const res = await req.json();
  return res;
@@ -87,7 +78,10 @@ export const fetchAirtableAuthToken = async (formData: Record<string, any>) => {
 export const getAirtableToken = async (environmentId: string) => {
  try {
-    const airtableIntegration = await getIntegrationByType(environmentId, "airtable");
+    const airtableIntegration = (await getIntegrationByType(
      environmentId,
      "airtable"
    )) as TIntegrationAirtable;
    const { access_token, expiry_date, refresh_token } = ZIntegrationAirtableCredential.parse(
      airtableIntegration?.config.key
@@ -182,7 +182,6 @@ export const AVAILABLE_LOCALES: TUserLocale[] = [
  "ro-RO",
  "ru-RU",
  "sv-SE",
  "tr-TR",
  "zh-Hans-CN",
  "zh-Hant-TW",
 ];
@@ -213,13 +213,6 @@ export const appLanguages = [
      native: "Svenska",
    },
  },
  {
    code: "tr-TR",
    label: {
      "en-US": "Turkish",
      native: "Türkçe",
    },
  },
  {
    code: "zh-Hans-CN",
    label: {
@@ -5,12 +5,7 @@ import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { ZId, ZOptionalNumber, ZString } from "@formbricks/types/common";
 import { DatabaseError } from "@formbricks/types/errors";
-import {
+import { TIntegration, TIntegrationInput, ZIntegrationType } from "@formbricks/types/integration";
  TIntegration,
  TIntegrationByType,
  TIntegrationInput,
  ZIntegrationType,
 } from "@formbricks/types/integration";
 import { ITEMS_PER_PAGE } from "../constants";
 import { validateInputs } from "../utils/validate";
@@ -99,10 +94,7 @@ export const getIntegration = reactCache(async (integrationId: string): Promise<
 });
 export const getIntegrationByType = reactCache(
-  async <T extends TIntegrationInput["type"]>(
+  async (environmentId: string, type: TIntegrationInput["type"]): Promise<TIntegration | null> => {
    environmentId: string,
    type: T
  ): Promise<TIntegrationByType<T> | null> => {
    validateInputs([environmentId, ZId], [type, ZIntegrationType]);
    try {
@@ -114,7 +106,7 @@ export const getIntegrationByType = reactCache(
          },
        },
      });
-      return integration ? (transformIntegration(integration) as TIntegrationByType<T>) : null;
+      return integration ? transformIntegration(integration) : null;
    } catch (error) {
      if (error instanceof Prisma.PrismaClientKnownRequestError) {
        throw new DatabaseError(error.message);
@@ -6,13 +6,11 @@ import {
  createEmailChangeToken,
  createEmailToken,
  createInviteToken,
  createSsoRelinkIntent,
  createToken,
  createTokenForLinkSurvey,
  getEmailFromEmailToken,
  verifyEmailChangeToken,
  verifyInviteToken,
  verifySsoRelinkIntent,
  verifyToken,
  verifyTokenForLinkSurvey,
 } from "./jwt";
@@ -382,7 +380,6 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
      expect(verified).toEqual({
        id: mockUser.id, // Returns the decrypted user ID
        email: mockUser.email,
        purpose: "email_verification",
      });
    });
@@ -417,7 +414,6 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
      expect(verified).toEqual({
        id: mockUser.id, // Returns the raw ID from payload
        email: mockUser.email,
        purpose: "email_verification",
      });
    });
@@ -429,7 +425,6 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
      expect(verified).toEqual({
        id: mockUser.id, // Returns the decrypted user ID
        email: mockUser.email,
        purpose: "email_verification",
      });
    });
@@ -1009,78 +1004,5 @@ describe("JWT Functions - Comprehensive Security Tests", () => {
        expect(results.every((result: any) => result.id === mockUser.id)).toBe(true); // Returns decrypted user ID
      });
    });
    describe("SSO recovery support", () => {
      test("creates verification tokens that preserve the recovery purpose", async () => {
        const token = createToken(mockUser.id, { purpose: "sso_recovery", expiresIn: "15m" });
        await expect(verifyToken(token)).resolves.toEqual(
          expect.objectContaining({
            id: mockUser.id,
            email: mockUser.email,
            purpose: "sso_recovery",
          })
        );
      });
      test("defaults legacy verification tokens to email_verification when purpose is missing", async () => {
        const legacyToken = jwt.sign({ id: `encrypted_${mockUser.id}` }, TEST_NEXTAUTH_SECRET);
        await expect(verifyToken(legacyToken)).resolves.toEqual(
          expect.objectContaining({
            id: mockUser.id,
            email: mockUser.email,
            purpose: "email_verification",
          })
        );
      });
      test("round-trips SSO relink intents without losing callback state", () => {
        const intent = createSsoRelinkIntent({
          userId: mockUser.id,
          email: mockUser.email,
          provider: "google",
          providerAccountId: "provider-123",
          callbackUrl: "http://localhost:3000/invite?token=invite-token",
        });
        expect(verifySsoRelinkIntent(intent)).toEqual({
          userId: mockUser.id,
          email: mockUser.email,
          provider: "google",
          providerAccountId: "provider-123",
          callbackUrl: "http://localhost:3000/invite?token=invite-token",
        });
      });
      test("rejects expired SSO relink intents", () => {
        const expiredIntent = jwt.sign(
          {
            userId: crypto.symmetricEncrypt(mockUser.id, TEST_ENCRYPTION_KEY),
            email: crypto.symmetricEncrypt(mockUser.email, TEST_ENCRYPTION_KEY),
            provider: "google",
            providerAccountId: crypto.symmetricEncrypt("provider-123", TEST_ENCRYPTION_KEY),
            callbackUrl: crypto.symmetricEncrypt("http://localhost:3000", TEST_ENCRYPTION_KEY),
            exp: Math.floor(Date.now() / 1000) - 3600,
          },
          TEST_NEXTAUTH_SECRET
        );
        expect(() => verifySsoRelinkIntent(expiredIntent)).toThrow();
      });
      test("rejects tampered SSO relink intents", () => {
        const intent = createSsoRelinkIntent({
          userId: mockUser.id,
          email: mockUser.email,
          provider: "google",
          providerAccountId: "provider-123",
          callbackUrl: "http://localhost:3000",
        });
        const tamperedIntent = `${intent.slice(0, -1)}x`;
        expect(() => verifySsoRelinkIntent(tamperedIntent)).toThrow();
      });
    });
  });
 });
@@ -1,4 +1,4 @@
-import jwt, { JwtPayload, SignOptions } from "jsonwebtoken";
+import jwt, { JwtPayload } from "jsonwebtoken";
 import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { ENCRYPTION_KEY, NEXTAUTH_SECRET } from "@/lib/constants";
@@ -13,39 +13,7 @@ const decryptWithFallback = (encryptedText: string, key: string): string => {
  }
 };
-export const VERIFICATION_TOKEN_PURPOSES = ["email_verification", "sso_recovery"] as const;
+export const createToken = (userId: string, options = {}): string => {
 export type TVerificationTokenPurpose = (typeof VERIFICATION_TOKEN_PURPOSES)[number];
 export type TVerifyTokenPayload = JwtPayload & {
  id: string;
  email: string;
  purpose: TVerificationTokenPurpose;
 };
 type TVerificationTokenOptions = SignOptions & {
  purpose?: TVerificationTokenPurpose;
 };
 type TSsoRelinkIntentPayload = {
  callbackUrl: string;
  email: string;
  provider: string;
  providerAccountId: string;
  userId: string;
 };
 const DEFAULT_VERIFICATION_TOKEN_PURPOSE: TVerificationTokenPurpose = "email_verification";
 const getVerificationTokenPurpose = (purpose: unknown): TVerificationTokenPurpose => {
  if (purpose && VERIFICATION_TOKEN_PURPOSES.includes(purpose as TVerificationTokenPurpose)) {
    return purpose as TVerificationTokenPurpose;
  }
  return DEFAULT_VERIFICATION_TOKEN_PURPOSE;
 };
 export const createToken = (userId: string, options: TVerificationTokenOptions = {}): string => {
  if (!NEXTAUTH_SECRET) {
    throw new Error("NEXTAUTH_SECRET is not set");
  }
@@ -55,9 +23,7 @@ export const createToken = (userId: string, options: TVerificationTokenOptions =
  }
  const encryptedUserId = symmetricEncrypt(userId, ENCRYPTION_KEY);
-  const { purpose = DEFAULT_VERIFICATION_TOKEN_PURPOSE, ...jwtOptions } = options;
+  return jwt.sign({ id: encryptedUserId }, NEXTAUTH_SECRET, options);
  return jwt.sign({ id: encryptedUserId, purpose }, NEXTAUTH_SECRET, jwtOptions);
 };
 export const createTokenForLinkSurvey = (surveyId: string, userEmail: string): string => {
  if (!NEXTAUTH_SECRET) {
@@ -258,72 +224,7 @@ const getUserEmailForLegacyVerification = async (
  return { userId: decryptedId, userEmail: foundUser.email };
 };
-const DEFAULT_SSO_RELINK_INTENT_OPTIONS: SignOptions = {
+export const verifyToken = async (token: string): Promise<JwtPayload> => {
  expiresIn: "15m",
 };
 export const createSsoRelinkIntent = (
  payload: TSsoRelinkIntentPayload,
  options: SignOptions = DEFAULT_SSO_RELINK_INTENT_OPTIONS
 ): string => {
  if (!NEXTAUTH_SECRET) {
    throw new Error("NEXTAUTH_SECRET is not set");
  }
  if (!ENCRYPTION_KEY) {
    throw new Error("ENCRYPTION_KEY is not set");
  }
  return jwt.sign(
    {
      userId: symmetricEncrypt(payload.userId, ENCRYPTION_KEY),
      email: symmetricEncrypt(payload.email, ENCRYPTION_KEY),
      provider: payload.provider,
      providerAccountId: symmetricEncrypt(payload.providerAccountId, ENCRYPTION_KEY),
      callbackUrl: symmetricEncrypt(payload.callbackUrl, ENCRYPTION_KEY),
    },
    NEXTAUTH_SECRET,
    options
  );
 };
 export const verifySsoRelinkIntent = (token: string): TSsoRelinkIntentPayload => {
  if (!NEXTAUTH_SECRET) {
    throw new Error("NEXTAUTH_SECRET is not set");
  }
  if (!ENCRYPTION_KEY) {
    throw new Error("ENCRYPTION_KEY is not set");
  }
  const payload = jwt.verify(token, NEXTAUTH_SECRET, { algorithms: ["HS256"] }) as JwtPayload & {
    userId: string;
    email: string;
    provider: string;
    providerAccountId: string;
    callbackUrl: string;
  };
  if (
    !payload?.userId ||
    !payload?.email ||
    !payload?.provider ||
    !payload?.providerAccountId ||
    !payload?.callbackUrl
  ) {
    throw new Error("Token is invalid or missing required fields");
  }
  return {
    userId: decryptWithFallback(payload.userId, ENCRYPTION_KEY),
    email: decryptWithFallback(payload.email, ENCRYPTION_KEY),
    provider: payload.provider,
    providerAccountId: decryptWithFallback(payload.providerAccountId, ENCRYPTION_KEY),
    callbackUrl: decryptWithFallback(payload.callbackUrl, ENCRYPTION_KEY),
  };
 };
 export const verifyToken = async (token: string): Promise<TVerifyTokenPayload> => {
  if (!NEXTAUTH_SECRET) {
    throw new Error("NEXTAUTH_SECRET is not set");
  }
@@ -362,11 +263,7 @@ export const verifyToken = async (token: string): Promise<TVerifyTokenPayload> =
  // Get user email if we don't have it yet
  userData ??= await getUserEmailForLegacyVerification(token, payload.id);
-  return {
+  return { id: userData.userId, email: userData.userEmail };
    id: userData.userId,
    email: userData.userEmail,
    purpose: getVerificationTokenPurpose(payload.purpose),
  };
 };
 export const verifyInviteToken = (token: string): { inviteId: string; email: string } => {
@@ -1,4 +1,8 @@
-import { TIntegrationNotionConfig, TIntegrationNotionDatabase } from "@formbricks/types/integration/notion";
+import {
  TIntegrationNotion,
  TIntegrationNotionConfig,
  TIntegrationNotionDatabase,
 } from "@formbricks/types/integration/notion";
 import { ENCRYPTION_KEY } from "@/lib/constants";
 import { symmetricDecrypt } from "@/lib/crypto";
 import { getIntegrationByType } from "../integration/service";
@@ -25,7 +29,7 @@ const fetchPages = async (config: TIntegrationNotionConfig) => {
 export const getNotionDatabases = async (environmentId: string): Promise<TIntegrationNotionDatabase[]> => {
  let results: TIntegrationNotionDatabase[] = [];
  try {
-    const notionIntegration = await getIntegrationByType(environmentId, "notion");
+    const notionIntegration = (await getIntegrationByType(environmentId, "notion")) as TIntegrationNotion;
    if (notionIntegration && notionIntegration.config?.key.bot_id) {
      results = await fetchPages(notionIntegration.config);
    }
@@ -63,7 +63,7 @@ const mapOrganizationBilling = (billing: TOrganizationWithBilling["billing"]): T
    stripeCustomerId: billing.stripeCustomerId,
    limits: billing.limits,
    usageCycleAnchor: billing.usageCycleAnchor,
-    ...(billing.stripe == null ? {} : { stripe: billing.stripe }),
+    ...(billing.stripe === undefined ? {} : { stripe: billing.stripe }),
  };
 };
@@ -1,3 +1,6 @@
-const structuredCloneExport = globalThis.structuredClone;
+import structuredClonePolyfill from "@ungap/structured-clone";
 const structuredCloneExport =
  typeof structuredClone === "undefined" ? structuredClonePolyfill : structuredClone;
 export { structuredCloneExport as structuredClone };
@@ -1,64 +0,0 @@
 import { beforeEach, describe, expect, test, vi } from "vitest";
 const mocks = vi.hoisted(() => ({
  getFeatureFlag: vi.fn(),
  posthog: {
    __loaded: false,
    getFeatureFlag: vi.fn(),
  },
 }));
 vi.mock("posthog-js", () => ({
  default: mocks.posthog,
 }));
 describe("getPostHogClientFeatureFlag", () => {
  beforeEach(() => {
    vi.clearAllMocks();
    mocks.posthog.__loaded = false;
    mocks.posthog.getFeatureFlag = mocks.getFeatureFlag;
  });
  test("returns false before PostHog is initialized", async () => {
    const { getPostHogClientFeatureFlag } = await import("./client");
    expect(getPostHogClientFeatureFlag("test-flag")).toBe(false);
    expect(mocks.getFeatureFlag).not.toHaveBeenCalled();
  });
  test("returns true from posthog.getFeatureFlag", async () => {
    mocks.posthog.__loaded = true;
    mocks.getFeatureFlag.mockReturnValue(true);
    const { getPostHogClientFeatureFlag } = await import("./client");
    expect(getPostHogClientFeatureFlag("test-flag")).toBe(true);
  });
  test("returns false from posthog.getFeatureFlag", async () => {
    mocks.posthog.__loaded = true;
    mocks.getFeatureFlag.mockReturnValue(false);
    const { getPostHogClientFeatureFlag } = await import("./client");
    expect(getPostHogClientFeatureFlag("test-flag")).toBe(false);
  });
  test("returns variant string from posthog.getFeatureFlag", async () => {
    mocks.posthog.__loaded = true;
    mocks.getFeatureFlag.mockReturnValue("variant-a");
    const { getPostHogClientFeatureFlag } = await import("./client");
    expect(getPostHogClientFeatureFlag("test-flag")).toBe("variant-a");
  });
  test("coerces undefined to false", async () => {
    mocks.posthog.__loaded = true;
    mocks.getFeatureFlag.mockReturnValue(undefined);
    const { getPostHogClientFeatureFlag } = await import("./client");
    expect(getPostHogClientFeatureFlag("test-flag")).toBe(false);
  });
 });
@@ -1,15 +0,0 @@
 "use client";
 import posthog from "posthog-js";
 import type { TPostHogFeatureFlagValue } from "./types";
 export const getPostHogClientFeatureFlag = (flagKey: string): TPostHogFeatureFlagValue => {
  if (!posthog.__loaded) {
    return false;
  }
  const featureFlagValue = posthog.getFeatureFlag(flagKey);
  return featureFlagValue ?? false;
 };
 export type { TPostHogFeatureFlagContext, TPostHogFeatureFlagValue } from "./types";
@@ -1,131 +0,0 @@
 import { beforeEach, describe, expect, test, vi } from "vitest";
 const mocks = vi.hoisted(() => ({
  getFeatureFlag: vi.fn(),
  loggerWarn: vi.fn(),
 }));
 describe("getPostHogFeatureFlag", () => {
  beforeEach(() => {
    vi.clearAllMocks();
    vi.resetModules();
  });
  test("returns false when PostHog is not configured", async () => {
    vi.doMock("server-only", () => ({}));
    vi.doMock("@formbricks/logger", () => ({
      logger: { warn: mocks.loggerWarn },
    }));
    vi.doMock("@/lib/constants", () => ({ POSTHOG_KEY: undefined }));
    vi.doMock("./server", () => ({
      posthogServerClient: { getFeatureFlag: mocks.getFeatureFlag },
    }));
    const { getPostHogFeatureFlag } = await import("./get-feature-flag");
    await expect(getPostHogFeatureFlag("user123", "test-flag")).resolves.toBe(false);
    expect(mocks.getFeatureFlag).not.toHaveBeenCalled();
    expect(mocks.loggerWarn).not.toHaveBeenCalled();
  });
  test("returns false when posthogServerClient is null", async () => {
    vi.doMock("server-only", () => ({}));
    vi.doMock("@formbricks/logger", () => ({
      logger: { warn: mocks.loggerWarn },
    }));
    vi.doMock("@/lib/constants", () => ({ POSTHOG_KEY: "phc_test_key" }));
    vi.doMock("./server", () => ({
      posthogServerClient: null,
    }));
    const { getPostHogFeatureFlag } = await import("./get-feature-flag");
    await expect(getPostHogFeatureFlag("user123", "test-flag")).resolves.toBe(false);
    expect(mocks.getFeatureFlag).not.toHaveBeenCalled();
    expect(mocks.loggerWarn).not.toHaveBeenCalled();
  });
  test("forwards distinctId, flagKey, and mapped groups to PostHog", async () => {
    mocks.getFeatureFlag.mockResolvedValue(true);
    vi.doMock("server-only", () => ({}));
    vi.doMock("@formbricks/logger", () => ({
      logger: { warn: mocks.loggerWarn },
    }));
    vi.doMock("@/lib/constants", () => ({ POSTHOG_KEY: "phc_test_key" }));
    vi.doMock("./server", () => ({
      posthogServerClient: { getFeatureFlag: mocks.getFeatureFlag },
    }));
    const { getPostHogFeatureFlag } = await import("./get-feature-flag");
    await expect(
      getPostHogFeatureFlag("user123", "experiment-flag", {
        organizationId: "org_123",
        workspaceId: "ws_456",
      })
    ).resolves.toBe(true);
    expect(mocks.getFeatureFlag).toHaveBeenCalledWith("experiment-flag", "user123", {
      groups: {
        organization: "org_123",
        workspace: "ws_456",
      },
    });
  });
  test("preserves variant string responses", async () => {
    mocks.getFeatureFlag.mockResolvedValue("variant-a");
    vi.doMock("server-only", () => ({}));
    vi.doMock("@formbricks/logger", () => ({
      logger: { warn: mocks.loggerWarn },
    }));
    vi.doMock("@/lib/constants", () => ({ POSTHOG_KEY: "phc_test_key" }));
    vi.doMock("./server", () => ({
      posthogServerClient: { getFeatureFlag: mocks.getFeatureFlag },
    }));
    const { getPostHogFeatureFlag } = await import("./get-feature-flag");
    await expect(getPostHogFeatureFlag("user123", "experiment-flag")).resolves.toBe("variant-a");
  });
  test("coerces undefined to false", async () => {
    mocks.getFeatureFlag.mockResolvedValue(undefined);
    vi.doMock("server-only", () => ({}));
    vi.doMock("@formbricks/logger", () => ({
      logger: { warn: mocks.loggerWarn },
    }));
    vi.doMock("@/lib/constants", () => ({ POSTHOG_KEY: "phc_test_key" }));
    vi.doMock("./server", () => ({
      posthogServerClient: { getFeatureFlag: mocks.getFeatureFlag },
    }));
    const { getPostHogFeatureFlag } = await import("./get-feature-flag");
    await expect(getPostHogFeatureFlag("user123", "experiment-flag")).resolves.toBe(false);
  });
  test("logs and returns false when PostHog throws", async () => {
    mocks.getFeatureFlag.mockRejectedValue(new Error("network error"));
    vi.doMock("server-only", () => ({}));
    vi.doMock("@formbricks/logger", () => ({
      logger: { warn: mocks.loggerWarn },
    }));
    vi.doMock("@/lib/constants", () => ({ POSTHOG_KEY: "phc_test_key" }));
    vi.doMock("./server", () => ({
      posthogServerClient: { getFeatureFlag: mocks.getFeatureFlag },
    }));
    const { getPostHogFeatureFlag } = await import("./get-feature-flag");
    await expect(getPostHogFeatureFlag("user123", "experiment-flag")).resolves.toBe(false);
    expect(mocks.loggerWarn).toHaveBeenCalledWith(
      { error: expect.any(Error), flagKey: "experiment-flag" },
      "Failed to evaluate PostHog feature flag"
    );
  });
 });
@@ -1,35 +0,0 @@
 import "server-only";
 import { logger } from "@formbricks/logger";
 import { POSTHOG_KEY } from "@/lib/constants";
 import { posthogServerClient } from "./server";
 import type { TPostHogFeatureFlagContext, TPostHogFeatureFlagValue } from "./types";
 const buildPostHogGroups = (context?: TPostHogFeatureFlagContext): Record<string, string> | undefined => {
  const groups = {
    ...(context?.organizationId ? { organization: context.organizationId } : {}),
    ...(context?.workspaceId ? { workspace: context.workspaceId } : {}),
  };
  return Object.keys(groups).length > 0 ? groups : undefined;
 };
 export const getPostHogFeatureFlag = async (
  distinctId: string,
  flagKey: string,
  context?: TPostHogFeatureFlagContext
 ): Promise<TPostHogFeatureFlagValue> => {
  if (!POSTHOG_KEY || !posthogServerClient) {
    return false;
  }
  try {
    const featureFlagValue = await posthogServerClient.getFeatureFlag(flagKey, distinctId, {
      groups: buildPostHogGroups(context),
    });
    return featureFlagValue ?? false;
  } catch (error) {
    logger.warn({ error, flagKey }, "Failed to evaluate PostHog feature flag");
    return false;
  }
 };
@@ -1,5 +1 @@
 import "server-only";
 export { capturePostHogEvent } from "./capture";
 export { getPostHogFeatureFlag } from "./get-feature-flag";
 export type { TPostHogFeatureFlagContext, TPostHogFeatureFlagValue } from "./types";
@@ -1,6 +0,0 @@
 export type TPostHogFeatureFlagValue = boolean | string;
 export type TPostHogFeatureFlagContext = {
  organizationId?: string;
  workspaceId?: string;
 };
@@ -1,7 +1,7 @@
 import { Prisma } from "@prisma/client";
 import { DatabaseError, UnknownError } from "@formbricks/types/errors";
 import { TIntegration, TIntegrationItem } from "@formbricks/types/integration";
-import { TIntegrationSlackCredential } from "@formbricks/types/integration/slack";
+import { TIntegrationSlack, TIntegrationSlackCredential } from "@formbricks/types/integration/slack";
 import { SLACK_MESSAGE_LIMIT } from "../constants";
 import { deleteIntegration, getIntegrationByType } from "../integration/service";
 import { truncateText } from "../utils/strings";
@@ -58,7 +58,7 @@ export const fetchChannels = async (slackIntegration: TIntegration): Promise<TIn
 export const getSlackChannels = async (environmentId: string): Promise<TIntegrationItem[]> => {
  let channels: TIntegrationItem[] = [];
  try {
-    const slackIntegration = await getIntegrationByType(environmentId, "slack");
+    const slackIntegration = (await getIntegrationByType(environmentId, "slack")) as TIntegrationSlack;
    if (slackIntegration && slackIntegration.config?.key) {
      channels = await fetchChannels(slackIntegration);
    }
@@ -190,14 +190,6 @@ const mockWelcomeCard: TSurveyWelcomeCard = {
  showResponseCount: false,
 };
 const mockBlocks = [
  {
    id: "block1",
    name: "Block 1",
    elements: [mockQuestion],
  },
 ];
 const baseSurveyProperties = {
  id: mockId,
  name: "Mock Survey",
@@ -209,7 +201,13 @@ const baseSurveyProperties = {
  displayLimit: 3,
  welcomeCard: mockWelcomeCard,
  questions: [],
-  blocks: mockBlocks as unknown as SurveyMock["blocks"],
+  blocks: [
    {
      id: "block1",
      name: "Block 1",
      elements: [mockQuestion],
    },
  ],
  isBackButtonHidden: false,
  isAutoProgressingEnabled: false,
  isCaptureIpEnabled: false,
@@ -306,7 +304,6 @@ export const createSurveyInput: TSurveyCreateInput = {
  displayOption: "respondMultiple",
  triggers: [{ actionClass: mockActionClass }],
  ...baseSurveyProperties,
  blocks: mockBlocks,
 };
 export const updateSurveyInput: TSurvey = {
@@ -329,7 +326,6 @@ export const updateSurveyInput: TSurvey = {
  followUps: [],
  ...baseSurveyProperties,
  ...commonMockProperties,
  blocks: mockBlocks,
  slug: null,
  customHeadScripts: null,
  customHeadScriptsMode: null,
@@ -5,8 +5,7 @@ import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { ZId, ZOptionalNumber } from "@formbricks/types/common";
 import { DatabaseError, InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
-import { ZSegmentFilters } from "@formbricks/types/segment";
+import { TSegment, ZSegmentFilters } from "@formbricks/types/segment";
 import { TSurveyBlock } from "@formbricks/types/surveys/blocks";
 import { TSurvey, TSurveyCreateInput, ZSurvey, ZSurveyCreateInput } from "@formbricks/types/surveys/types";
 import {
  getOrganizationByEnvironmentId,
@@ -559,7 +558,22 @@ export const updateSurveyInternal = async (
      select: selectSurvey,
    });
-    return transformPrismaSurvey<TSurvey>(prismaSurvey);
+    let surveySegment: TSegment | null = null;
    if (prismaSurvey.segment) {
      surveySegment = {
        ...prismaSurvey.segment,
        surveys: prismaSurvey.segment.surveys.map((survey) => survey.id),
      };
    }
    const modifiedSurvey: TSurvey = {
      ...prismaSurvey, // Properties from prismaSurvey
      displayPercentage: Number(prismaSurvey.displayPercentage) || null,
      segment: surveySegment,
      customHeadScriptsMode: prismaSurvey.customHeadScriptsMode,
    };
    return modifiedSurvey;
  } catch (error) {
    logger.error(error, "Error updating survey");
    if (error instanceof Prisma.PrismaClientKnownRequestError) {
@@ -634,8 +648,8 @@ export const createSurvey = async (
    }
    // Validate and prepare blocks for persistence
-    if (Array.isArray(data.blocks) && data.blocks.length > 0) {
+    if (data.blocks && data.blocks.length > 0) {
-      data.blocks = validateMediaAndPrepareBlocks(data.blocks as unknown as TSurveyBlock[]);
+      data.blocks = validateMediaAndPrepareBlocks(data.blocks);
    }
    const survey = await prisma.survey.create({
@@ -759,7 +773,21 @@ export const loadNewSegmentInSurvey = async (surveyId: string, newSegmentId: str
      });
    }
-    return transformPrismaSurvey<TSurvey>(prismaSurvey);
+    let surveySegment: TSegment | null = null;
    if (prismaSurvey.segment) {
      surveySegment = {
        ...prismaSurvey.segment,
        surveys: prismaSurvey.segment.surveys.map((survey) => survey.id),
      };
    }
    const modifiedSurvey = {
      ...prismaSurvey,
      segment: surveySegment,
      customHeadScriptsMode: prismaSurvey.customHeadScriptsMode,
    };
    return modifiedSurvey as TSurvey;
  } catch (error) {
    if (error instanceof Prisma.PrismaClientKnownRequestError) {
      throw new DatabaseError(error.message);
@@ -1,5 +1,5 @@
 import { type Locale, formatDistance } from "date-fns";
-import { de, enUS, es, fr, hu, ja, nl, pt, ptBR, ro, ru, sv, tr, zhCN, zhTW } from "date-fns/locale";
+import { de, enUS, es, fr, hu, ja, nl, pt, ptBR, ro, ru, sv, zhCN, zhTW } from "date-fns/locale";
 import { TUserLocale } from "@formbricks/types/user";
 import { formatDateForDisplay } from "./utils/datetime";
@@ -17,7 +17,6 @@ const TIME_SINCE_LOCALES: Record<TUserLocale, Locale> = {
  "ro-RO": ro,
  "ru-RU": ru,
  "sv-SE": sv,
  "tr-TR": tr,
  "zh-Hans-CN": zhCN,
  "zh-Hant-TW": zhTW,
 };
@@ -1,36 +0,0 @@
 import "server-only";
 import { User } from "@prisma/client";
 import { cache as reactCache } from "react";
 import { prisma } from "@formbricks/database";
 import { InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { verifyPassword } from "@/modules/auth/lib/utils";
 const getUserAuthenticationData = reactCache(
  async (userId: string): Promise<Pick<User, "password" | "identityProvider">> => {
    const user = await prisma.user.findUnique({
      where: {
        id: userId,
      },
      select: {
        password: true,
        identityProvider: true,
      },
    });
    if (!user) {
      throw new ResourceNotFoundError("user", userId);
    }
    return user;
  }
 );
 export const verifyUserPassword = async (userId: string, password: string): Promise<boolean> => {
  const user = await getUserAuthenticationData(userId);
  if (user.identityProvider !== "email" || !user.password) {
    throw new InvalidInputError("Password is not set for this user");
  }
  return await verifyPassword(password, user.password);
 };
@@ -1,20 +0,0 @@
 import { Prisma } from "@prisma/client";
 export const publicUserSelect = {
  id: true,
  name: true,
  email: true,
  emailVerified: true,
  createdAt: true,
  updatedAt: true,
  twoFactorEnabled: true,
  identityProvider: true,
  notificationSettings: true,
  locale: true,
  lastLoginAt: true,
  isActive: true,
 } as const satisfies Prisma.UserSelect;
 export type TPublicUser = Prisma.UserGetPayload<{
  select: typeof publicUserSelect;
 }>;
@@ -6,7 +6,6 @@ import { DatabaseError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { TOrganization } from "@formbricks/types/organizations";
 import { TUserLocale, TUserUpdateInput } from "@formbricks/types/user";
 import { deleteOrganization, getOrganizationsWhereUserIsSingleOwner } from "@/lib/organization/service";
 import { publicUserSelect } from "./public-user";
 import { deleteUser, getUser, getUserByEmail, getUsersWithOrganization, updateUser } from "./service";
 vi.mock("@formbricks/database", () => ({
@@ -48,6 +47,11 @@ describe("User Service", () => {
    locale: "en-US" as TUserLocale,
    lastLoginAt: new Date(),
    isActive: true,
    twoFactorSecret: null,
    backupCodes: null,
    password: null,
    identityProviderAccountId: null,
    groupId: null,
  };
  const mockOrganizations: TOrganization[] = [
@@ -98,12 +102,8 @@ describe("User Service", () => {
      expect(result).toEqual(mockPrismaUser);
      expect(prisma.user.findUnique).toHaveBeenCalledWith({
        where: { id: "user1" },
-        select: publicUserSelect,
+        select: expect.any(Object),
      });
      expect(result).not.toHaveProperty("password");
      expect(result).not.toHaveProperty("twoFactorSecret");
      expect(result).not.toHaveProperty("backupCodes");
      expect(result).not.toHaveProperty("identityProviderAccountId");
    });
    test("should return null when user not found", async () => {
@@ -134,7 +134,7 @@ describe("User Service", () => {
      expect(result).toEqual(mockPrismaUser);
      expect(prisma.user.findFirst).toHaveBeenCalledWith({
        where: { email: "test@example.com" },
-        select: publicUserSelect,
+        select: expect.any(Object),
      });
    });
@@ -176,7 +176,7 @@ describe("User Service", () => {
      expect(prisma.user.update).toHaveBeenCalledWith({
        where: { id: "user1" },
        data: updateData,
-        select: publicUserSelect,
+        select: expect.any(Object),
      });
    });
@@ -204,7 +204,7 @@ describe("User Service", () => {
      expect(deleteOrganization).toHaveBeenCalledWith("org1");
      expect(prisma.user.delete).toHaveBeenCalledWith({
        where: { id: "user1" },
-        select: publicUserSelect,
+        select: expect.any(Object),
      });
    });
@@ -236,7 +236,7 @@ describe("User Service", () => {
            },
          },
        },
-        select: publicUserSelect,
+        select: expect.any(Object),
      });
    });
@@ -10,7 +10,21 @@ import { TUser, TUserLocale, TUserUpdateInput, ZUserUpdateInput } from "@formbri
 import { deleteOrganization, getOrganizationsWhereUserIsSingleOwner } from "@/lib/organization/service";
 import { deleteBrevoCustomerByEmail } from "@/modules/auth/lib/brevo";
 import { validateInputs } from "../utils/validate";
-import { publicUserSelect } from "./public-user";
+
 const responseSelection = {
  id: true,
  name: true,
  email: true,
  emailVerified: true,
  createdAt: true,
  updatedAt: true,
  twoFactorEnabled: true,
  identityProvider: true,
  notificationSettings: true,
  locale: true,
  lastLoginAt: true,
  isActive: true,
 };
 // function to retrive basic information about a user's user
 export const getUser = reactCache(async (id: string): Promise<TUser | null> => {
@@ -21,7 +35,7 @@ export const getUser = reactCache(async (id: string): Promise<TUser | null> => {
      where: {
        id,
      },
-      select: publicUserSelect,
+      select: responseSelection,
    });
    if (!user) {
@@ -45,7 +59,7 @@ export const getUserByEmail = reactCache(async (email: string): Promise<TUser |
      where: {
        email,
      },
-      select: publicUserSelect,
+      select: responseSelection,
    });
    return user;
@@ -68,7 +82,7 @@ export const updateUser = async (personId: string, data: TUserUpdateInput): Prom
        id: personId,
      },
      data: data,
-      select: publicUserSelect,
+      select: responseSelection,
    });
    return updatedUser;
@@ -91,7 +105,7 @@ const deleteUserById = async (id: string): Promise<TUser> => {
      where: {
        id,
      },
-      select: publicUserSelect,
+      select: responseSelection,
    });
    return user;
  } catch (error) {
@@ -139,7 +153,7 @@ export const getUsersWithOrganization = async (organizationId: string): Promise<
          },
        },
      },
-      select: publicUserSelect,
+      select: responseSelection,
    });
    return users;
@@ -160,7 +174,7 @@ export const getUserLocale = reactCache(async (id: string): Promise<TUserLocale
      where: {
        id,
      },
-      select: publicUserSelect,
+      select: responseSelection,
    });
    if (!user) {
@@ -12,7 +12,6 @@ import {
  OperationNotAllowedError,
  ResourceNotFoundError,
  TooManyRequestsError,
  UniqueConstraintError,
  UnknownError,
  ValidationError,
  isExpectedError,
@@ -75,7 +74,6 @@ describe("isExpectedError (shared helper)", () => {
      "OperationNotAllowedError",
      "TooManyRequestsError",
      "InvalidPasswordResetTokenError",
      "UniqueConstraintError",
    ];
    expect(EXPECTED_ERROR_NAMES.size).toBe(expected.length);
@@ -93,7 +91,6 @@ describe("isExpectedError (shared helper)", () => {
    { ErrorClass: ValidationError, args: ["Invalid data"] },
    { ErrorClass: OperationNotAllowedError, args: ["Not allowed"] },
    { ErrorClass: InvalidPasswordResetTokenError, args: [INVALID_PASSWORD_RESET_TOKEN_ERROR_CODE] },
    { ErrorClass: UniqueConstraintError, args: ["Already exists"] },
  ])("returns true for $ErrorClass.name", ({ ErrorClass, args }) => {
    const error = new (ErrorClass as any)(...args);
    expect(isExpectedError(error)).toBe(true);
@@ -189,14 +186,6 @@ describe("actionClient handleServerError", () => {
      expect(result?.serverError).toBe(INVALID_PASSWORD_RESET_TOKEN_ERROR_CODE);
      expect(Sentry.captureException).not.toHaveBeenCalled();
    });
    test("UniqueConstraintError returns its message and is not sent to Sentry", async () => {
      const result = await executeThrowingAction(
        new UniqueConstraintError("Action with name foo already exists")
      );
      expect(result?.serverError).toBe("Action with name foo already exists");
      expect(Sentry.captureException).not.toHaveBeenCalled();
    });
  });
  describe("unexpected errors SHOULD be reported to Sentry", () => {
@@ -1,27 +0,0 @@
 export type DebouncedFunction<T extends (...args: any[]) => void> = ((...args: Parameters<T>) => void) & {
  cancel: () => void;
 };
 export const debounce = <T extends (...args: any[]) => void>(
  callback: T,
  delay: number
 ): DebouncedFunction<T> => {
  let timeoutId: ReturnType<typeof setTimeout> | undefined;
  const debounced = ((...args: Parameters<T>) => {
    if (timeoutId !== undefined) {
      clearTimeout(timeoutId);
    }
    timeoutId = setTimeout(() => callback(...args), delay);
  }) as DebouncedFunction<T>;
  debounced.cancel = () => {
    if (timeoutId !== undefined) {
      clearTimeout(timeoutId);
      timeoutId = undefined;
    }
  };
  return debounced;
 };
@@ -1,35 +0,0 @@
 export const capitalize = (value: string): string => {
  if (!value) return "";
  return `${value.charAt(0).toUpperCase()}${value.slice(1).toLowerCase()}`;
 };
 export const isDeepEqual = (left: unknown, right: unknown): boolean => {
  if (Object.is(left, right)) return true;
  if (left instanceof Date && right instanceof Date) {
    return left.getTime() === right.getTime();
  }
  if (typeof left !== "object" || left === null || typeof right !== "object" || right === null) {
    return false;
  }
  if (Array.isArray(left) || Array.isArray(right)) {
    if (!Array.isArray(left) || !Array.isArray(right) || left.length !== right.length) return false;
    return left.every((item, index) => isDeepEqual(item, right[index]));
  }
  const leftRecord = left as Record<string, unknown>;
  const rightRecord = right as Record<string, unknown>;
  const leftKeys = Object.keys(leftRecord);
  const rightKeys = Object.keys(rightRecord);
  if (leftKeys.length !== rightKeys.length) return false;
  return leftKeys.every(
    (key) =>
      Object.prototype.hasOwnProperty.call(rightRecord, key) && isDeepEqual(leftRecord[key], rightRecord[key])
  );
 };
@@ -1,5 +1,5 @@
 import { describe, expect, test } from "vitest";
-import { isSafeIdentifier, toSafeIdentifier } from "./safe-identifier";
+import { isSafeIdentifier } from "./safe-identifier";
 describe("safe-identifier", () => {
  describe("isSafeIdentifier", () => {
@@ -32,23 +32,4 @@ describe("safe-identifier", () => {
      expect(isSafeIdentifier("")).toBe(false);
    });
  });
  describe("toSafeIdentifier", () => {
    test("normalizes free-form labels into safe identifiers", () => {
      expect(toSafeIdentifier("Date of Birth")).toBe("date_of_birth");
      expect(toSafeIdentifier("Customer-ID")).toBe("customer_id");
      expect(toSafeIdentifier("  Preferred Language  ")).toBe("preferred_language");
      expect(toSafeIdentifier("city__name")).toBe("city_name");
    });
    test("strips invalid leading characters until first lowercase letter", () => {
      expect(toSafeIdentifier("123 Date")).toBe("date");
      expect(toSafeIdentifier("__name")).toBe("name");
      expect(toSafeIdentifier("99")).toBe("");
    });
    test("keeps already safe identifiers unchanged", () => {
      expect(toSafeIdentifier("country_code")).toBe("country_code");
    });
  });
 });
@@ -12,44 +12,6 @@ export const isSafeIdentifier = (value: string): boolean => {
  return /^[a-z0-9_]+$/.test(value);
 };
 /**
 * Converts a free-form string to a safe identifier candidate.
 * The output only contains lowercase letters, numbers, and underscores.
 * It also ensures the identifier starts with a lowercase letter by stripping invalid leading chars.
 */
 export const toSafeIdentifier = (value: string): string => {
  const normalized = value.trim().toLowerCase();
  let safeIdentifier = "";
  let shouldInsertUnderscore = false;
  for (const char of normalized) {
    const isLowercaseLetter = char >= "a" && char <= "z";
    const isDigit = char >= "0" && char <= "9";
    if (isLowercaseLetter || isDigit) {
      if (shouldInsertUnderscore && safeIdentifier.length > 0) {
        safeIdentifier += "_";
      }
      safeIdentifier += char;
      shouldInsertUnderscore = false;
      continue;
    }
    if (safeIdentifier.length > 0) {
      shouldInsertUnderscore = true;
    }
  }
  for (let i = 0; i < safeIdentifier.length; i++) {
    const char = safeIdentifier[i];
    if (char >= "a" && char <= "z") {
      return safeIdentifier.slice(i);
    }
  }
  return "";
 };
 /**
 * Converts a snake_case string to Title Case for display as a label.
 * Example: "job_description" -> "Job Description"
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Dhruwang	8374eea770	fix: i18n lock	2026-04-17 15:15:06 +05:30
Dhruwang	d3ccc623e0	Merge branch 'main' of https://github.com/formbricks/formbricks into fix/issue-7543-trial-conversion-template	2026-04-17 15:13:03 +05:30
Niels Kaspers	8619916682	fix: fix duplicate block and misleading subheader in trial conversion template - Block 3 now uses its own question ("What did you expect to do?") instead of duplicating Block 2's question - Updated Block 5 subheader from "Please select one of the following options" to "Please describe below" to match the open text input type - Added translations for the new Block 3 question across all locales Fixes #7543	2026-03-23 09:49:08 +02:00