fix: [Backport] backports adding boolean support (#7324)

Co-authored-by: Cursor <cursoragent@cursor.com>

.env.example

@@ -229,14 +229,5 @@ REDIS_URL=redis://localhost:6379
 # AUDIT_LOG_GET_USER_IP=0
 
 
-# Cube.js Analytics (optional — only needed for the analytics/dashboard feature)
-# Required when running the Cube service (docker-compose.dev.yml). Generate with: openssl rand -hex 32
-# Use the same value for CUBEJS_API_TOKEN so the client can authenticate.
-# CUBEJS_API_SECRET=
-# URL where the Cube.js instance is running
-# CUBEJS_API_URL=http://localhost:4000
-# API token sent with each Cube.js request; must match CUBEJS_API_SECRET when CUBEJS_DEV_MODE is off
-# CUBEJS_API_TOKEN=
-
 # Lingo.dev API key for translation generation
 LINGODOTDEV_API_KEY=your_api_key_here

apps/web/app/api/(internal)/pipeline/lib/handleIntegrations.ts

@@ -21,6 +21,7 @@ import { getElementsFromBlocks } from "@/lib/survey/utils";
 import { getFormattedDateTimeString } from "@/lib/utils/datetime";
 import { parseRecallInfo } from "@/lib/utils/recall";
 import { truncateText } from "@/lib/utils/strings";
+import { resolveStorageUrlAuto } from "@/modules/storage/utils";
 
 const convertMetaObjectToString = (metadata: TResponseMeta): string => {
   let result: string[] = [];
@@ -256,10 +257,16 @@ const processElementResponse = (
     const selectedChoiceIds = responseValue as string[];
     return element.choices
       .filter((choice) => selectedChoiceIds.includes(choice.id))
-      .map((choice) => choice.imageUrl)
+      .map((choice) => resolveStorageUrlAuto(choice.imageUrl))
       .join("\n");
   }
 
+  if (element.type === TSurveyElementTypeEnum.FileUpload && Array.isArray(responseValue)) {
+    return responseValue
+      .map((url) => (typeof url === "string" ? resolveStorageUrlAuto(url) : url))
+      .join("; ");
+  }
+
   return processResponseData(responseValue);
 };
 
@@ -368,7 +375,7 @@ const buildNotionPayloadProperties = (
 
       responses[resp] = (pictureElement as any)?.choices
         .filter((choice) => selectedChoiceIds.includes(choice.id))
-        .map((choice) => choice.imageUrl);
+        .map((choice) => resolveStorageUrlAuto(choice.imageUrl));
     }
   });
 

apps/web/app/api/(internal)/pipeline/route.ts

@@ -18,6 +18,7 @@ import { convertDatesInObject } from "@/lib/time";
 import { queueAuditEvent } from "@/modules/ee/audit-logs/lib/handler";
 import { TAuditStatus, UNKNOWN_DATA } from "@/modules/ee/audit-logs/types/audit-log";
 import { sendResponseFinishedEmail } from "@/modules/email";
+import { resolveStorageUrlsInObject } from "@/modules/storage/utils";
 import { sendFollowUpsForResponse } from "@/modules/survey/follow-ups/lib/follow-ups";
 import { FollowUpSendError } from "@/modules/survey/follow-ups/types/follow-up";
 import { handleIntegrations } from "./lib/handleIntegrations";
@@ -95,12 +96,15 @@ export const POST = async (request: Request) => {
     ]);
   };
 
+  const resolvedResponseData = resolveStorageUrlsInObject(response.data);
+
   const webhookPromises = webhooks.map((webhook) => {
     const body = JSON.stringify({
       webhookId: webhook.id,
       event,
       data: {
         ...response,
+        data: resolvedResponseData,
         survey: {
           title: survey.name,
           type: survey.type,

apps/web/app/api/v1/client/[environmentId]/environment/lib/data.ts

@@ -10,6 +10,7 @@ import {
   TJsEnvironmentStateSurvey,
 } from "@formbricks/types/js";
 import { validateInputs } from "@/lib/utils/validate";
+import { resolveStorageUrlsInObject } from "@/modules/storage/utils";
 import { transformPrismaSurvey } from "@/modules/survey/lib/utils";
 
 /**
@@ -177,14 +178,14 @@ export const getEnvironmentStateData = async (environmentId: string): Promise<En
           overlay: environmentData.project.overlay,
           placement: environmentData.project.placement,
           inAppSurveyBranding: environmentData.project.inAppSurveyBranding,
-          styling: environmentData.project.styling,
+          styling: resolveStorageUrlsInObject(environmentData.project.styling),
         },
       },
       organization: {
         id: environmentData.project.organization.id,
         billing: environmentData.project.organization.billing,
       },
-      surveys: transformedSurveys,
+      surveys: resolveStorageUrlsInObject(transformedSurveys),
       actionClasses: environmentData.actionClasses as TJsEnvironmentStateActionClass[],
     };
   } catch (error) {

apps/web/app/api/v1/client/[environmentId]/responses/[responseId]/route.ts

@@ -44,13 +44,10 @@ const validateResponse = (
     ...responseUpdateInput.data,
   };
 
-  const isFinished = responseUpdateInput.finished ?? false;
-
   const validationErrors = validateResponseData(
     survey.blocks,
     mergedData,
     responseUpdateInput.language ?? response.language ?? "en",
-    isFinished,
     survey.questions
   );
 

apps/web/app/api/v1/client/[environmentId]/responses/route.ts

@@ -41,7 +41,6 @@ const validateResponse = (responseInputData: TResponseInput, survey: TSurvey) =>
     survey.blocks,
     responseInputData.data,
     responseInputData.language ?? "en",
-    responseInputData.finished,
     survey.questions
   );
 

apps/web/app/api/v1/management/responses/[responseId]/route.ts

@@ -10,7 +10,7 @@ import { deleteResponse, getResponse } from "@/lib/response/service";
 import { getSurvey } from "@/lib/survey/service";
 import { formatValidationErrorsForV1Api, validateResponseData } from "@/modules/api/lib/validation";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
-import { validateFileUploads } from "@/modules/storage/utils";
+import { resolveStorageUrlsInObject, validateFileUploads } from "@/modules/storage/utils";
 import { updateResponseWithQuotaEvaluation } from "./lib/response";
 
 async function fetchAndAuthorizeResponse(
@@ -57,7 +57,10 @@ export const GET = withV1ApiWrapper({
       }
 
       return {
-        response: responses.successResponse(result.response),
+        response: responses.successResponse({
+          ...result.response,
+          data: resolveStorageUrlsInObject(result.response.data),
+        }),
       };
     } catch (error) {
       return {
@@ -146,7 +149,6 @@ export const PUT = withV1ApiWrapper({
         result.survey.blocks,
         responseUpdate.data,
         responseUpdate.language ?? "en",
-        responseUpdate.finished,
         result.survey.questions
       );
 
@@ -190,7 +192,7 @@ export const PUT = withV1ApiWrapper({
       }
 
       return {
-        response: responses.successResponse(updated),
+        response: responses.successResponse({ ...updated, data: resolveStorageUrlsInObject(updated.data) }),
       };
     } catch (error) {
       return {

apps/web/app/api/v1/management/responses/route.ts

@@ -9,7 +9,7 @@ import { sendToPipeline } from "@/app/lib/pipelines";
 import { getSurvey } from "@/lib/survey/service";
 import { formatValidationErrorsForV1Api, validateResponseData } from "@/modules/api/lib/validation";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
-import { validateFileUploads } from "@/modules/storage/utils";
+import { resolveStorageUrlsInObject, validateFileUploads } from "@/modules/storage/utils";
 import {
   createResponseWithQuotaEvaluation,
   getResponses,
@@ -54,7 +54,9 @@ export const GET = withV1ApiWrapper({
         allResponses.push(...environmentResponses);
       }
       return {
-        response: responses.successResponse(allResponses),
+        response: responses.successResponse(
+          allResponses.map((r) => ({ ...r, data: resolveStorageUrlsInObject(r.data) }))
+        ),
       };
     } catch (error) {
       if (error instanceof DatabaseError) {
@@ -155,7 +157,6 @@ export const POST = withV1ApiWrapper({
         surveyResult.survey.blocks,
         responseInput.data,
         responseInput.language ?? "en",
-        responseInput.finished,
         surveyResult.survey.questions
       );
 

apps/web/app/api/v1/management/surveys/[surveyId]/route.ts

@@ -16,6 +16,7 @@ import { TApiAuditLog, TApiKeyAuthentication, withV1ApiWrapper } from "@/app/lib
 import { getOrganizationByEnvironmentId } from "@/lib/organization/service";
 import { getSurvey, updateSurvey } from "@/lib/survey/service";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
+import { resolveStorageUrlsInObject } from "@/modules/storage/utils";
 
 const fetchAndAuthorizeSurvey = async (
   surveyId: string,
@@ -58,16 +59,18 @@ export const GET = withV1ApiWrapper({
 
       if (shouldTransformToQuestions) {
         return {
-          response: responses.successResponse({
-            ...result.survey,
-            questions: transformBlocksToQuestions(result.survey.blocks, result.survey.endings),
-            blocks: [],
-          }),
+          response: responses.successResponse(
+            resolveStorageUrlsInObject({
+              ...result.survey,
+              questions: transformBlocksToQuestions(result.survey.blocks, result.survey.endings),
+              blocks: [],
+            })
+          ),
         };
       }
 
       return {
-        response: responses.successResponse(result.survey),
+        response: responses.successResponse(resolveStorageUrlsInObject(result.survey)),
       };
     } catch (error) {
       return {
@@ -202,12 +205,12 @@ export const PUT = withV1ApiWrapper({
           };
 
           return {
-            response: responses.successResponse(surveyWithQuestions),
+            response: responses.successResponse(resolveStorageUrlsInObject(surveyWithQuestions)),
           };
         }
 
         return {
-          response: responses.successResponse(updatedSurvey),
+          response: responses.successResponse(resolveStorageUrlsInObject(updatedSurvey)),
         };
       } catch (error) {
         return {

apps/web/app/api/v1/management/surveys/route.ts

@@ -14,6 +14,7 @@ import { TApiAuditLog, TApiKeyAuthentication, withV1ApiWrapper } from "@/app/lib
 import { getOrganizationByEnvironmentId } from "@/lib/organization/service";
 import { createSurvey } from "@/lib/survey/service";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
+import { resolveStorageUrlsInObject } from "@/modules/storage/utils";
 import { getSurveys } from "./lib/surveys";
 
 export const GET = withV1ApiWrapper({
@@ -55,7 +56,7 @@ export const GET = withV1ApiWrapper({
       });
 
       return {
-        response: responses.successResponse(surveysWithQuestions),
+        response: responses.successResponse(resolveStorageUrlsInObject(surveysWithQuestions)),
       };
     } catch (error) {
       if (error instanceof DatabaseError) {

apps/web/app/api/v2/client/[environmentId]/responses/route.ts

@@ -112,7 +112,6 @@ export const POST = async (request: Request, context: Context): Promise<Response
     survey.blocks,
     responseInputData.data,
     responseInputData.language ?? "en",
-    responseInputData.finished,
     survey.questions
   );
 

apps/web/lib/response/service.ts

@@ -22,6 +22,7 @@ import { getElementsFromBlocks } from "@/lib/survey/utils";
 import { getIsQuotasEnabled } from "@/modules/ee/license-check/lib/utils";
 import { reduceQuotaLimits } from "@/modules/ee/quotas/lib/quotas";
 import { deleteFile } from "@/modules/storage/service";
+import { resolveStorageUrlsInObject } from "@/modules/storage/utils";
 import { getOrganizationIdFromEnvironmentId } from "@/modules/survey/lib/organization";
 import { getOrganizationBilling } from "@/modules/survey/lib/survey";
 import { ITEMS_PER_PAGE } from "../constants";
@@ -408,9 +409,10 @@ export const getResponseDownloadFile = async (
     if (survey.isVerifyEmailEnabled) {
       headers.push("Verified Email");
     }
+    const resolvedResponses = responses.map((r) => ({ ...r, data: resolveStorageUrlsInObject(r.data) }));
     const jsonData = getResponsesJson(
       survey,
-      responses,
+      resolvedResponses,
       elements,
       userAttributes,
       hiddenFields,

apps/web/modules/api/lib/validation.test.ts

@@ -95,7 +95,7 @@ describe("validateResponseData", () => {
     mockGetElementsFromBlocks.mockReturnValue(mockElements);
     mockValidateBlockResponses.mockReturnValue({});
 
-    validateResponseData([], mockResponseData, "en", true, mockQuestions);
+    validateResponseData([], mockResponseData, "en", mockQuestions);
 
     expect(mockTransformQuestionsToBlocks).toHaveBeenCalledWith(mockQuestions, []);
     expect(mockGetElementsFromBlocks).toHaveBeenCalledWith(transformedBlocks);
@@ -105,15 +105,15 @@ describe("validateResponseData", () => {
     mockGetElementsFromBlocks.mockReturnValue(mockElements);
     mockValidateBlockResponses.mockReturnValue({});
 
-    validateResponseData(mockBlocks, mockResponseData, "en", true, mockQuestions);
+    validateResponseData(mockBlocks, mockResponseData, "en", mockQuestions);
 
     expect(mockTransformQuestionsToBlocks).not.toHaveBeenCalled();
   });
 
   test("should return null when both blocks and questions are empty", () => {
-    expect(validateResponseData([], mockResponseData, "en", true, [])).toBeNull();
-    expect(validateResponseData(null, mockResponseData, "en", true, [])).toBeNull();
-    expect(validateResponseData(undefined, mockResponseData, "en", true, null)).toBeNull();
+    expect(validateResponseData([], mockResponseData, "en", [])).toBeNull();
+    expect(validateResponseData(null, mockResponseData, "en", [])).toBeNull();
+    expect(validateResponseData(undefined, mockResponseData, "en", null)).toBeNull();
   });
 
   test("should use default language code", () => {
@@ -125,25 +125,58 @@ describe("validateResponseData", () => {
     expect(mockValidateBlockResponses).toHaveBeenCalledWith(mockElements, mockResponseData, "en");
   });
 
-  test("should validate only present fields when finished is false", () => {
+  test("should validate only fields present in responseData", () => {
     const partialResponseData: TResponseData = { element1: "test" };
-    const partialElements = [mockElements[0]];
+    const elementsToValidate = [mockElements[0]];
     mockGetElementsFromBlocks.mockReturnValue(mockElements);
     mockValidateBlockResponses.mockReturnValue({});
 
-    validateResponseData(mockBlocks, partialResponseData, "en", false);
+    validateResponseData(mockBlocks, partialResponseData, "en");
 
-    expect(mockValidateBlockResponses).toHaveBeenCalledWith(partialElements, partialResponseData, "en");
+    expect(mockValidateBlockResponses).toHaveBeenCalledWith(elementsToValidate, partialResponseData, "en");
   });
 
-  test("should validate all fields when finished is true", () => {
-    const partialResponseData: TResponseData = { element1: "test" };
-    mockGetElementsFromBlocks.mockReturnValue(mockElements);
+  test("should never validate elements not in responseData", () => {
+    const blocksWithTwoElements: TSurveyBlock[] = [
+      ...mockBlocks,
+      {
+        id: "block2",
+        name: "Block 2",
+        elements: [
+          {
+            id: "element2",
+            type: TSurveyElementTypeEnum.OpenText,
+            headline: { default: "Q2" },
+            required: true,
+            inputType: "text",
+            charLimit: { enabled: false },
+          },
+        ],
+      },
+    ];
+    const allElements = [
+      ...mockElements,
+      {
+        id: "element2",
+        type: TSurveyElementTypeEnum.OpenText,
+        headline: { default: "Q2" },
+        required: true,
+        inputType: "text",
+        charLimit: { enabled: false },
+      },
+    ];
+    const responseDataWithOnlyElement1: TResponseData = { element1: "test" };
+    mockGetElementsFromBlocks.mockReturnValue(allElements);
     mockValidateBlockResponses.mockReturnValue({});
 
-    validateResponseData(mockBlocks, partialResponseData, "en", true);
+    validateResponseData(blocksWithTwoElements, responseDataWithOnlyElement1, "en");
 
-    expect(mockValidateBlockResponses).toHaveBeenCalledWith(mockElements, partialResponseData, "en");
+    // Only element1 should be validated, not element2 (even though it's required)
+    expect(mockValidateBlockResponses).toHaveBeenCalledWith(
+      [allElements[0]],
+      responseDataWithOnlyElement1,
+      "en"
+    );
   });
 });
 

apps/web/modules/api/lib/validation.ts

@@ -9,13 +9,13 @@ import { getElementsFromBlocks } from "@/lib/survey/utils";
 import { ApiErrorDetails } from "@/modules/api/v2/types/api-error";
 
 /**
- * Validates response data against survey validation rules
- * Handles partial responses (in-progress) by only validating present fields when finished is false
+ * Validates response data against survey validation rules.
+ * Only validates elements that have data in responseData - never validates
+ * all survey elements regardless of completion status.
  *
  * @param blocks - Survey blocks containing elements with validation rules (preferred)
  * @param responseData - Response data to validate (keyed by element ID)
  * @param languageCode - Language code for error messages (defaults to "en")
- * @param finished - Whether the response is finished (defaults to true for management APIs)
  * @param questions - Survey questions (legacy format, used as fallback if blocks are empty)
  * @returns Validation error map keyed by element ID, or null if validation passes
  */
@@ -23,7 +23,6 @@ export const validateResponseData = (
   blocks: TSurveyBlock[] | undefined | null,
   responseData: TResponseData,
   languageCode: string = "en",
-  finished: boolean = true,
   questions?: TSurveyQuestion[] | undefined | null
 ): TValidationErrorMap | null => {
   // Use blocks if available, otherwise transform questions to blocks
@@ -42,11 +41,8 @@ export const validateResponseData = (
   // Extract elements from blocks
   const allElements = getElementsFromBlocks(blocksToUse);
 
-  // If response is not finished, only validate elements that are present in the response data
-  // This prevents "required" errors for fields the user hasn't reached yet
-  const elementsToValidate = finished
-    ? allElements
-    : allElements.filter((element) => Object.keys(responseData).includes(element.id));
+  // Always validate only elements that are present in responseData
+  const elementsToValidate = allElements.filter((element) => Object.keys(responseData).includes(element.id));
 
   // Validate selected elements
   const errorMap = validateBlockResponses(elementsToValidate, responseData, languageCode);

apps/web/modules/api/v2/management/lib/utils.ts

@@ -12,9 +12,7 @@ type HasFindMany =
   | Prisma.TeamFindManyArgs
   | Prisma.ProjectTeamFindManyArgs
   | Prisma.UserFindManyArgs
-  | Prisma.ContactAttributeKeyFindManyArgs
-  | Prisma.ChartFindManyArgs
-  | Prisma.DashboardFindManyArgs;
+  | Prisma.ContactAttributeKeyFindManyArgs;
 
 export function buildCommonFilterQuery<T extends HasFindMany>(query: T, params: TGetFilter): T {
   const { limit, skip, sortBy, order, startDate, endDate, filterDateField = "createdAt" } = params || {};

apps/web/modules/api/v2/management/responses/[responseId]/route.ts

@@ -15,7 +15,7 @@ import {
 import { getSurveyQuestions } from "@/modules/api/v2/management/responses/[responseId]/lib/survey";
 import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
-import { validateFileUploads } from "@/modules/storage/utils";
+import { resolveStorageUrlsInObject, validateFileUploads } from "@/modules/storage/utils";
 import { ZResponseIdSchema, ZResponseUpdateSchema } from "./types/responses";
 
 export const GET = async (request: Request, props: { params: Promise<{ responseId: string }> }) =>
@@ -51,7 +51,10 @@ export const GET = async (request: Request, props: { params: Promise<{ responseI
         return handleApiError(request, response.error as ApiErrorResponseV2);
       }
 
-      return responses.successResponse(response);
+      return responses.successResponse({
+        ...response,
+        data: { ...response.data, data: resolveStorageUrlsInObject(response.data.data) },
+      });
     },
   });
 
@@ -198,7 +201,6 @@ export const PUT = (request: Request, props: { params: Promise<{ responseId: str
         questionsResponse.data.blocks,
         body.data,
         body.language ?? "en",
-        body.finished,
         questionsResponse.data.questions
       );
 
@@ -244,7 +246,10 @@ export const PUT = (request: Request, props: { params: Promise<{ responseId: str
         auditLog.newObject = response.data;
       }
 
-      return responses.successResponse(response);
+      return responses.successResponse({
+        ...response,
+        data: { ...response.data, data: resolveStorageUrlsInObject(response.data.data) },
+      });
     },
     action: "updated",
     targetType: "response",

apps/web/modules/api/v2/management/responses/route.ts

@@ -12,7 +12,7 @@ import { getSurveyQuestions } from "@/modules/api/v2/management/responses/[respo
 import { ZGetResponsesFilter, ZResponseInput } from "@/modules/api/v2/management/responses/types/responses";
 import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
-import { validateFileUploads } from "@/modules/storage/utils";
+import { resolveStorageUrlsInObject, validateFileUploads } from "@/modules/storage/utils";
 import { createResponseWithQuotaEvaluation, getResponses } from "./lib/response";
 
 export const GET = async (request: NextRequest) =>
@@ -44,7 +44,9 @@ export const GET = async (request: NextRequest) =>
 
       environmentResponses.push(...res.data.data);
 
-      return responses.successResponse({ data: environmentResponses });
+      return responses.successResponse({
+        data: environmentResponses.map((r) => ({ ...r, data: resolveStorageUrlsInObject(r.data) })),
+      });
     },
   });
 
@@ -134,7 +136,6 @@ export const POST = async (request: Request) =>
         surveyQuestions.data.blocks,
         body.data,
         body.language ?? "en",
-        body.finished,
         surveyQuestions.data.questions
       );
 

apps/web/modules/core/rate-limit/rate-limit-configs.ts

@@ -30,4 +30,4 @@ export const rateLimitConfigs = {
     upload: { interval: 60, allowedPerInterval: 5, namespace: "storage:upload" }, // 5 per minute
     delete: { interval: 60, allowedPerInterval: 5, namespace: "storage:delete" }, // 5 per minute
   },
-} as const;
+};

apps/web/modules/ee/analysis/charts/actions.ts

@@ -1,293 +0,0 @@
-"use server";
-
-import { z } from "zod";
-import { prisma } from "@formbricks/database";
-import { ZId } from "@formbricks/types/common";
-import { ZChartConfig, ZChartQuery } from "@formbricks/types/dashboard";
-import { authenticatedActionClient } from "@/lib/utils/action-client";
-import { checkAuthorizationUpdated } from "@/lib/utils/action-client/action-client-middleware";
-import { AuthenticatedActionClientCtx } from "@/lib/utils/action-client/types/context";
-import { getOrganizationIdFromEnvironmentId, getProjectIdFromEnvironmentId } from "@/lib/utils/helper";
-import { withAuditLogging } from "@/modules/ee/audit-logs/lib/handler";
-import { ZChartType } from "../types/analysis";
-
-const checkProjectAccess = async (
-  userId: string,
-  environmentId: string,
-  minPermission: "read" | "readWrite" | "manage"
-) => {
-  const organizationId = await getOrganizationIdFromEnvironmentId(environmentId);
-  const projectId = await getProjectIdFromEnvironmentId(environmentId);
-
-  await checkAuthorizationUpdated({
-    userId,
-    organizationId,
-    access: [
-      { type: "organization", roles: ["owner", "manager"] },
-      { type: "projectTeam", minPermission, projectId },
-    ],
-  });
-
-  return { organizationId, projectId };
-};
-
-const ZCreateChartAction = z.object({
-  environmentId: ZId,
-  name: z.string().min(1),
-  type: ZChartType,
-  query: ZChartQuery,
-  config: ZChartConfig.optional().default({}),
-});
-
-export const createChartAction = authenticatedActionClient.schema(ZCreateChartAction).action(
-  withAuditLogging(
-    "created",
-    "chart",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZCreateChartAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const chart = await prisma.chart.create({
-        data: {
-          name: parsedInput.name,
-          type: parsedInput.type,
-          projectId,
-          query: parsedInput.query,
-          config: parsedInput.config || {},
-          createdBy: ctx.user.id,
-        },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.newObject = chart;
-      return chart;
-    }
-  )
-);
-
-const ZUpdateChartAction = z.object({
-  environmentId: ZId,
-  chartId: ZId,
-  name: z.string().min(1).optional(),
-  type: ZChartType.optional(),
-  query: ZChartQuery.optional(),
-  config: ZChartConfig.optional(),
-});
-
-export const updateChartAction = authenticatedActionClient.schema(ZUpdateChartAction).action(
-  withAuditLogging(
-    "updated",
-    "chart",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZUpdateChartAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const chart = await prisma.chart.findFirst({
-        where: { id: parsedInput.chartId, projectId },
-      });
-
-      if (!chart) {
-        throw new Error("Chart not found");
-      }
-
-      const updatedChart = await prisma.chart.update({
-        where: { id: parsedInput.chartId },
-        data: {
-          ...(parsedInput.name !== undefined && { name: parsedInput.name }),
-          ...(parsedInput.type !== undefined && { type: parsedInput.type }),
-          ...(parsedInput.query !== undefined && { query: parsedInput.query }),
-          ...(parsedInput.config !== undefined && { config: parsedInput.config }),
-        },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.oldObject = chart;
-      ctx.auditLoggingCtx.newObject = updatedChart;
-      return updatedChart;
-    }
-  )
-);
-
-const ZDuplicateChartAction = z.object({
-  environmentId: ZId,
-  chartId: ZId,
-});
-
-export const duplicateChartAction = authenticatedActionClient.schema(ZDuplicateChartAction).action(
-  withAuditLogging(
-    "created",
-    "chart",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZDuplicateChartAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const sourceChart = await prisma.chart.findFirst({
-        where: { id: parsedInput.chartId, projectId },
-      });
-
-      if (!sourceChart) {
-        throw new Error("Chart not found");
-      }
-
-      const duplicatedChart = await prisma.chart.create({
-        data: {
-          name: `${sourceChart.name} (copy)`,
-          type: sourceChart.type,
-          projectId,
-          query: sourceChart.query as object,
-          config: (sourceChart.config as object) || {},
-          createdBy: ctx.user.id,
-        },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.newObject = duplicatedChart;
-      return duplicatedChart;
-    }
-  )
-);
-
-const ZDeleteChartAction = z.object({
-  environmentId: ZId,
-  chartId: ZId,
-});
-
-export const deleteChartAction = authenticatedActionClient.schema(ZDeleteChartAction).action(
-  withAuditLogging(
-    "deleted",
-    "chart",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZDeleteChartAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const chart = await prisma.chart.findFirst({
-        where: { id: parsedInput.chartId, projectId },
-      });
-
-      if (!chart) {
-        throw new Error("Chart not found");
-      }
-
-      await prisma.chart.delete({
-        where: { id: parsedInput.chartId },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.oldObject = chart;
-      return { success: true };
-    }
-  )
-);
-
-const ZGetChartAction = z.object({
-  environmentId: ZId,
-  chartId: ZId,
-});
-
-export const getChartAction = authenticatedActionClient
-  .schema(ZGetChartAction)
-  .action(
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZGetChartAction>;
-    }) => {
-      const { projectId } = await checkProjectAccess(ctx.user.id, parsedInput.environmentId, "read");
-
-      const chart = await prisma.chart.findFirst({
-        where: { id: parsedInput.chartId, projectId },
-        select: {
-          id: true,
-          name: true,
-          type: true,
-          query: true,
-          config: true,
-          createdAt: true,
-          updatedAt: true,
-        },
-      });
-
-      if (!chart) {
-        throw new Error("Chart not found");
-      }
-
-      return chart;
-    }
-  );
-
-const ZGetChartsAction = z.object({
-  environmentId: ZId,
-});
-
-export const getChartsAction = authenticatedActionClient
-  .schema(ZGetChartsAction)
-  .action(
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZGetChartsAction>;
-    }) => {
-      const { projectId } = await checkProjectAccess(ctx.user.id, parsedInput.environmentId, "read");
-
-      return prisma.chart.findMany({
-        where: { projectId },
-        orderBy: { createdAt: "desc" },
-        select: {
-          id: true,
-          name: true,
-          type: true,
-          createdAt: true,
-          updatedAt: true,
-          query: true,
-          config: true,
-          widgets: {
-            select: { dashboardId: true },
-          },
-        },
-      });
-    }
-  );

apps/web/modules/ee/analysis/dashboards/actions.ts

@@ -1,300 +0,0 @@
-"use server";
-
-import { z } from "zod";
-import { prisma } from "@formbricks/database";
-import { ZId } from "@formbricks/types/common";
-import { ZWidgetLayout } from "@formbricks/types/dashboard";
-import { authenticatedActionClient } from "@/lib/utils/action-client";
-import { checkAuthorizationUpdated } from "@/lib/utils/action-client/action-client-middleware";
-import { AuthenticatedActionClientCtx } from "@/lib/utils/action-client/types/context";
-import { getOrganizationIdFromEnvironmentId, getProjectIdFromEnvironmentId } from "@/lib/utils/helper";
-import { withAuditLogging } from "@/modules/ee/audit-logs/lib/handler";
-
-const checkProjectAccess = async (
-  userId: string,
-  environmentId: string,
-  minPermission: "read" | "readWrite" | "manage"
-) => {
-  const organizationId = await getOrganizationIdFromEnvironmentId(environmentId);
-  const projectId = await getProjectIdFromEnvironmentId(environmentId);
-
-  await checkAuthorizationUpdated({
-    userId,
-    organizationId,
-    access: [
-      { type: "organization", roles: ["owner", "manager"] },
-      { type: "projectTeam", minPermission, projectId },
-    ],
-  });
-
-  return { organizationId, projectId };
-};
-
-const ZCreateDashboardAction = z.object({
-  environmentId: ZId,
-  name: z.string().min(1),
-  description: z.string().optional(),
-});
-
-export const createDashboardAction = authenticatedActionClient.schema(ZCreateDashboardAction).action(
-  withAuditLogging(
-    "created",
-    "dashboard",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZCreateDashboardAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const dashboard = await prisma.dashboard.create({
-        data: {
-          name: parsedInput.name,
-          description: parsedInput.description,
-          projectId,
-          createdBy: ctx.user.id,
-        },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.newObject = dashboard;
-      return dashboard;
-    }
-  )
-);
-
-const ZUpdateDashboardAction = z.object({
-  environmentId: ZId,
-  dashboardId: ZId,
-  name: z.string().min(1).optional(),
-  description: z.string().optional().nullable(),
-});
-
-export const updateDashboardAction = authenticatedActionClient.schema(ZUpdateDashboardAction).action(
-  withAuditLogging(
-    "updated",
-    "dashboard",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZUpdateDashboardAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const dashboard = await prisma.dashboard.findFirst({
-        where: { id: parsedInput.dashboardId, projectId },
-      });
-
-      if (!dashboard) {
-        throw new Error("Dashboard not found");
-      }
-
-      const updatedDashboard = await prisma.dashboard.update({
-        where: { id: parsedInput.dashboardId },
-        data: {
-          ...(parsedInput.name !== undefined && { name: parsedInput.name }),
-          ...(parsedInput.description !== undefined && { description: parsedInput.description }),
-        },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.oldObject = dashboard;
-      ctx.auditLoggingCtx.newObject = updatedDashboard;
-      return updatedDashboard;
-    }
-  )
-);
-
-const ZDeleteDashboardAction = z.object({
-  environmentId: ZId,
-  dashboardId: ZId,
-});
-
-export const deleteDashboardAction = authenticatedActionClient.schema(ZDeleteDashboardAction).action(
-  withAuditLogging(
-    "deleted",
-    "dashboard",
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZDeleteDashboardAction>;
-    }) => {
-      const { organizationId, projectId } = await checkProjectAccess(
-        ctx.user.id,
-        parsedInput.environmentId,
-        "readWrite"
-      );
-
-      const dashboard = await prisma.dashboard.findFirst({
-        where: { id: parsedInput.dashboardId, projectId },
-      });
-
-      if (!dashboard) {
-        throw new Error("Dashboard not found");
-      }
-
-      await prisma.dashboard.delete({
-        where: { id: parsedInput.dashboardId },
-      });
-
-      ctx.auditLoggingCtx.organizationId = organizationId;
-      ctx.auditLoggingCtx.projectId = projectId;
-      ctx.auditLoggingCtx.oldObject = dashboard;
-      return { success: true };
-    }
-  )
-);
-
-const ZGetDashboardsAction = z.object({
-  environmentId: ZId,
-});
-
-export const getDashboardsAction = authenticatedActionClient
-  .schema(ZGetDashboardsAction)
-  .action(
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZGetDashboardsAction>;
-    }) => {
-      const { projectId } = await checkProjectAccess(ctx.user.id, parsedInput.environmentId, "read");
-
-      return prisma.dashboard.findMany({
-        where: { projectId },
-        orderBy: { createdAt: "desc" },
-        select: {
-          id: true,
-          name: true,
-          description: true,
-          createdAt: true,
-          updatedAt: true,
-          _count: { select: { widgets: true } },
-        },
-      });
-    }
-  );
-
-const ZGetDashboardAction = z.object({
-  environmentId: ZId,
-  dashboardId: ZId,
-});
-
-export const getDashboardAction = authenticatedActionClient
-  .schema(ZGetDashboardAction)
-  .action(
-    async ({
-      ctx,
-      parsedInput,
-    }: {
-      ctx: AuthenticatedActionClientCtx;
-      parsedInput: z.infer<typeof ZGetDashboardAction>;
-    }) => {
-      const { projectId } = await checkProjectAccess(ctx.user.id, parsedInput.environmentId, "read");
-
-      const dashboard = await prisma.dashboard.findFirst({
-        where: { id: parsedInput.dashboardId, projectId },
-        include: {
-          widgets: {
-            orderBy: { order: "asc" },
-            include: {
-              chart: {
-                select: {
-                  id: true,
-                  name: true,
-                  type: true,
-                  query: true,
-                  config: true,
-                },
-              },
-            },
-          },
-        },
-      });
-
-      if (!dashboard) {
-        throw new Error("Dashboard not found");
-      }
-
-      return dashboard;
-    }
-  );
-
-const ZAddChartToDashboardAction = z.object({
-  environmentId: ZId,
-  dashboardId: ZId,
-  chartId: ZId,
-  title: z.string().optional(),
-  layout: ZWidgetLayout.optional().default({ x: 0, y: 0, w: 4, h: 3 }),
-});
-
-export const addChartToDashboardAction = authenticatedActionClient
-  .schema(ZAddChartToDashboardAction)
-  .action(
-    withAuditLogging(
-      "created",
-      "dashboardWidget",
-      async ({
-        ctx,
-        parsedInput,
-      }: {
-        ctx: AuthenticatedActionClientCtx;
-        parsedInput: z.infer<typeof ZAddChartToDashboardAction>;
-      }) => {
-        const { organizationId, projectId } = await checkProjectAccess(
-          ctx.user.id,
-          parsedInput.environmentId,
-          "readWrite"
-        );
-
-        const [chart, dashboard] = await Promise.all([
-          prisma.chart.findFirst({ where: { id: parsedInput.chartId, projectId } }),
-          prisma.dashboard.findFirst({ where: { id: parsedInput.dashboardId, projectId } }),
-        ]);
-
-        if (!chart) {
-          throw new Error("Chart not found");
-        }
-        if (!dashboard) {
-          throw new Error("Dashboard not found");
-        }
-
-        const maxOrder = await prisma.dashboardWidget.aggregate({
-          where: { dashboardId: parsedInput.dashboardId },
-          _max: { order: true },
-        });
-
-        const widget = await prisma.dashboardWidget.create({
-          data: {
-            dashboardId: parsedInput.dashboardId,
-            chartId: parsedInput.chartId,
-            title: parsedInput.title,
-            layout: parsedInput.layout,
-            order: (maxOrder._max.order ?? -1) + 1,
-          },
-        });
-
-        ctx.auditLoggingCtx.organizationId = organizationId;
-        ctx.auditLoggingCtx.projectId = projectId;
-        ctx.auditLoggingCtx.newObject = widget;
-        return widget;
-      }
-    )
-  );

apps/web/modules/ee/analysis/types/analysis.ts

@@ -1,4 +0,0 @@
-import { z } from "zod";
-
-export const ZChartType = z.enum(["area", "bar", "line", "pie", "big_number"]);
-export type TChartType = z.infer<typeof ZChartType>;

apps/web/modules/ee/analytics/api/lib/cube-client.test.ts

@@ -1,29 +0,0 @@
-import { beforeEach, describe, expect, test, vi } from "vitest";
-import { executeQuery } from "./cube-client";
-
-const mockLoad = vi.fn();
-const mockTablePivot = vi.fn();
-
-vi.mock("@cubejs-client/core", () => ({
-  default: vi.fn(() => ({
-    load: mockLoad,
-  })),
-}));
-
-describe("executeQuery", () => {
-  beforeEach(() => {
-    vi.clearAllMocks();
-    const resultSet = { tablePivot: mockTablePivot };
-    mockLoad.mockResolvedValue(resultSet);
-    mockTablePivot.mockReturnValue([{ id: "1", count: 42 }]);
-  });
-
-  test("loads query and returns tablePivot result", async () => {
-    const query = { measures: ["FeedbackRecords.count"] };
-    const result = await executeQuery(query);
-
-    expect(mockLoad).toHaveBeenCalledWith(query);
-    expect(mockTablePivot).toHaveBeenCalled();
-    expect(result).toEqual([{ id: "1", count: 42 }]);
-  });
-});

apps/web/modules/ee/analytics/api/lib/cube-client.ts

@@ -1,25 +0,0 @@
-import cubejs, { type CubeApi, type Query } from "@cubejs-client/core";
-
-const getApiUrl = (): string => {
-  const baseUrl = process.env.CUBEJS_API_URL || "http://localhost:4000";
-  if (baseUrl.includes("/cubejs-api/v1")) {
-    return baseUrl;
-  }
-  return `${baseUrl.replace(/\/$/, "")}/cubejs-api/v1`;
-};
-
-let cubeClient: CubeApi | null = null;
-
-function getCubeClient(): CubeApi {
-  if (!cubeClient) {
-    const token = process.env.CUBEJS_API_TOKEN ?? "";
-    cubeClient = cubejs(token, { apiUrl: getApiUrl() });
-  }
-  return cubeClient;
-}
-
-export async function executeQuery(query: Query) {
-  const client = getCubeClient();
-  const resultSet = await client.load(query);
-  return resultSet.tablePivot();
-}

apps/web/modules/ee/audit-logs/types/audit-log.ts

@@ -25,9 +25,6 @@ export const ZAuditTarget = z.enum([
   "integration",
   "file",
   "quota",
-  "chart",
-  "dashboard",
-  "dashboardWidget",
 ]);
 export const ZAuditAction = z.enum([
   "created",

apps/web/modules/ee/contacts/lib/attribute-storage.ts

@@ -54,7 +54,6 @@ export const prepareNewSDKAttributeForStorage = (
 };
 
 const handleStringType = (value: TRawValue): TAttributeStorageColumns => {
-  // String type - only use value column
   let stringValue: string;
 
   if (value instanceof Date) {

apps/web/modules/ee/contacts/lib/attributes.ts

@@ -130,7 +130,12 @@ export const updateAttributes = async (
   const messages: TAttributeUpdateMessage[] = [];
   const errors: TAttributeUpdateMessage[] = [];
 
-  // Convert email and userId to strings for lookup (they should always be strings, but handle numbers gracefully)
+  // Coerce boolean values to strings (SDK may send booleans for string attributes)
+  const coercedAttributes: Record<string, string | number> = {};
+  for (const [key, value] of Object.entries(contactAttributesParam)) {
+    coercedAttributes[key] = typeof value === "boolean" ? String(value) : value;
+  }
+
   const emailValue =
     contactAttributesParam.email === null || contactAttributesParam.email === undefined
       ? null
@@ -154,7 +159,7 @@ export const updateAttributes = async (
   const userIdExists = !!existingUserIdAttribute;
 
   // Remove email and/or userId from attributes if they already exist on another contact
-  let contactAttributes = { ...contactAttributesParam };
+  let contactAttributes = { ...coercedAttributes };
 
   // Determine what the final email and userId values will be after this update
   // Only consider a value as "submitted" if it was explicitly included in the attributes

apps/web/modules/ee/contacts/segments/lib/filter/prisma-query.test.ts

@@ -5,10 +5,14 @@ import { getSegment } from "../segments";
 import { segmentFilterToPrismaQuery } from "./prisma-query";
 
 const mockQueryRawUnsafe = vi.fn();
+const mockFindFirst = vi.fn();
 
 vi.mock("@formbricks/database", () => ({
   prisma: {
     $queryRawUnsafe: (...args: unknown[]) => mockQueryRawUnsafe(...args),
+    contactAttribute: {
+      findFirst: (...args: unknown[]) => mockFindFirst(...args),
+    },
   },
 }));
 
@@ -26,7 +30,9 @@ describe("segmentFilterToPrismaQuery", () => {
 
   beforeEach(() => {
     vi.clearAllMocks();
-    // Default mock: number filter raw SQL returns one matching contact
+    // Default: backfill is complete, no un-migrated rows
+    mockFindFirst.mockResolvedValue(null);
+    // Fallback path mock: raw SQL returns one matching contact when un-migrated rows exist
     mockQueryRawUnsafe.mockResolvedValue([{ contactId: "mock-contact-1" }]);
   });
 
@@ -145,7 +151,16 @@ describe("segmentFilterToPrismaQuery", () => {
             },
           },
         ],
-        OR: [{ id: { in: ["mock-contact-1"] } }],
+        OR: [
+          {
+            attributes: {
+              some: {
+                attributeKey: { key: "age" },
+                valueNumber: { gt: 30 },
+              },
+            },
+          },
+        ],
       });
     }
   });
@@ -757,7 +772,12 @@ describe("segmentFilterToPrismaQuery", () => {
       });
 
       expect(subgroup.AND[0].AND[2]).toStrictEqual({
-        id: { in: ["mock-contact-1"] },
+        attributes: {
+          some: {
+            attributeKey: { key: "age" },
+            valueNumber: { gte: 18 },
+          },
+        },
       });
 
       // Segment inclusion
@@ -1158,10 +1178,23 @@ describe("segmentFilterToPrismaQuery", () => {
         },
       });
 
-      // Second subgroup (numeric operators - now use raw SQL subquery returning contact IDs)
+      // Second subgroup (numeric operators - uses clean Prisma filter post-backfill)
       const secondSubgroup = whereClause.AND?.[0];
       expect(secondSubgroup.AND[1].AND).toContainEqual({
-        id: { in: ["mock-contact-1"] },
+        attributes: {
+          some: {
+            attributeKey: { key: "loginCount" },
+            valueNumber: { gt: 5 },
+          },
+        },
+      });
+      expect(secondSubgroup.AND[1].AND).toContainEqual({
+        attributes: {
+          some: {
+            attributeKey: { key: "purchaseAmount" },
+            valueNumber: { lte: 1000 },
+          },
+        },
       });
 
       // Third subgroup (negation operators in OR clause)
@@ -1232,7 +1265,7 @@ describe("segmentFilterToPrismaQuery", () => {
             {
               attributes: {
                 some: {
-                  attributeKey: { key: "purchaseDate" },
+                  attributeKey: { key: "purchaseDate", dataType: "date" },
                   OR: [
                     { valueDate: { lt: new Date(targetDate) } },
                     { valueDate: null, value: { lt: new Date(targetDate).toISOString() } },
@@ -1276,7 +1309,7 @@ describe("segmentFilterToPrismaQuery", () => {
             {
               attributes: {
                 some: {
-                  attributeKey: { key: "signupDate" },
+                  attributeKey: { key: "signupDate", dataType: "date" },
                   OR: [
                     { valueDate: { gt: new Date(targetDate) } },
                     { valueDate: null, value: { gt: new Date(targetDate).toISOString() } },
@@ -1321,7 +1354,7 @@ describe("segmentFilterToPrismaQuery", () => {
             {
               attributes: {
                 some: {
-                  attributeKey: { key: "lastActivityDate" },
+                  attributeKey: { key: "lastActivityDate", dataType: "date" },
                   OR: [
                     { valueDate: { gte: new Date(startDate), lte: new Date(endDate) } },
                     {
@@ -1638,8 +1671,15 @@ describe("segmentFilterToPrismaQuery", () => {
           mode: "insensitive",
         });
 
-        // Number filter uses raw SQL subquery (transition code) returning contact IDs
-        expect(andConditions[1]).toEqual({ id: { in: ["mock-contact-1"] } });
+        // Number filter uses clean Prisma filter post-backfill
+        expect(andConditions[1]).toEqual({
+          attributes: {
+            some: {
+              attributeKey: { key: "purchaseCount" },
+              valueNumber: { gt: 5 },
+            },
+          },
+        });
 
         // Date filter uses OR fallback with 'valueDate' and string 'value'
         expect((andConditions[2] as unknown as any).attributes.some.OR[0].valueDate).toHaveProperty("gte");

apps/web/modules/ee/contacts/segments/lib/filter/prisma-query.ts

@@ -107,7 +107,7 @@ const buildDateAttributeFilterWhereClause = (filter: TSegmentAttributeFilter): P
   return {
     attributes: {
       some: {
-        attributeKey: { key: contactAttributeKey },
+        attributeKey: { key: contactAttributeKey, dataType: "date" },
         OR: [{ valueDate: dateCondition }, { valueDate: null, value: stringDateCondition }],
       },
     },
@@ -116,59 +116,102 @@ const buildDateAttributeFilterWhereClause = (filter: TSegmentAttributeFilter): P
 
 /**
  * Builds a Prisma where clause for number attribute filters.
- * Uses a raw SQL subquery to handle both migrated rows (valueNumber populated)
- * and un-migrated rows (valueNumber NULL, value contains numeric string).
- * This is transition code for the deferred value backfill.
+ * Uses a clean Prisma query when all rows have valueNumber populated (post-backfill).
+ * Falls back to a raw SQL subquery for un-migrated rows (valueNumber NULL, value contains numeric string).
  *
  * TODO: After the backfill script has been run and all valueNumber columns are populated,
- * revert this to the clean Prisma-only version that queries valueNumber directly.
+ * remove the un-migrated fallback path entirely.
  */
 const buildNumberAttributeFilterWhereClause = async (
-  filter: TSegmentAttributeFilter
+  filter: TSegmentAttributeFilter,
+  environmentId: string
 ): Promise<Prisma.ContactWhereInput> => {
   const { root, qualifier, value } = filter;
   const { contactAttributeKey } = root;
   const { operator } = qualifier;
 
   const numericValue = typeof value === "number" ? value : Number(value);
-  const sqlOp = SQL_OPERATORS[operator];
 
-  if (!sqlOp) {
-    return {};
+  let valueNumberCondition: Prisma.FloatNullableFilter;
+
+  switch (operator) {
+    case "greaterThan":
+      valueNumberCondition = { gt: numericValue };
+      break;
+    case "greaterEqual":
+      valueNumberCondition = { gte: numericValue };
+      break;
+    case "lessThan":
+      valueNumberCondition = { lt: numericValue };
+      break;
+    case "lessEqual":
+      valueNumberCondition = { lte: numericValue };
+      break;
+    default:
+      return {};
   }
 
-  const matchingContactIds = await prisma.$queryRawUnsafe<{ contactId: string }[]>(
+  const migratedFilter: Prisma.ContactWhereInput = {
+    attributes: {
+      some: {
+        attributeKey: { key: contactAttributeKey },
+        valueNumber: valueNumberCondition,
+      },
+    },
+  };
+
+  const hasUnmigratedRows = await prisma.contactAttribute.findFirst({
+    where: {
+      attributeKey: {
+        key: contactAttributeKey,
+        environmentId,
+        dataType: "number",
+      },
+      valueNumber: null,
+    },
+    select: { id: true },
+  });
+
+  if (!hasUnmigratedRows) {
+    return migratedFilter;
+  }
+
+  const sqlOp = SQL_OPERATORS[operator];
+  const unmigratedMatchingIds = await prisma.$queryRawUnsafe<{ contactId: string }[]>(
     `
     SELECT DISTINCT ca."contactId"
     FROM "ContactAttribute" ca
     JOIN "ContactAttributeKey" cak ON ca."attributeKeyId" = cak.id
     WHERE cak.key = $1
-    AND (
-      (ca."valueNumber" IS NOT NULL AND ca."valueNumber" ${sqlOp} $2)
-      OR
-      (ca."valueNumber" IS NULL AND ca.value ~ $3 AND ca.value::double precision ${sqlOp} $2)
-    )
+    AND cak."environmentId" = $4
+    AND cak."dataType" = 'number'
+    AND ca."valueNumber" IS NULL
+    AND ca.value ~ $3
+    AND ca.value::double precision ${sqlOp} $2
     `,
     contactAttributeKey,
     numericValue,
-    NUMBER_PATTERN_SQL
+    NUMBER_PATTERN_SQL,
+    environmentId
   );
 
-  const contactIds = matchingContactIds.map((r) => r.contactId);
-
-  if (contactIds.length === 0) {
-    // Return an impossible condition so the filter correctly excludes all contacts
-    return { id: "__NUMBER_FILTER_NO_MATCH__" };
+  if (unmigratedMatchingIds.length === 0) {
+    return migratedFilter;
   }
 
-  return { id: { in: contactIds } };
+  const contactIds = unmigratedMatchingIds.map((r) => r.contactId);
+
+  return {
+    OR: [migratedFilter, { id: { in: contactIds } }],
+  };
 };
 
 /**
  * Builds a Prisma where clause from a segment attribute filter
  */
 const buildAttributeFilterWhereClause = async (
-  filter: TSegmentAttributeFilter
+  filter: TSegmentAttributeFilter,
+  environmentId: string
 ): Promise<Prisma.ContactWhereInput> => {
   const { root, qualifier, value } = filter;
   const { contactAttributeKey } = root;
@@ -215,7 +258,7 @@ const buildAttributeFilterWhereClause = async (
 
   // Handle number operators
   if (["greaterThan", "greaterEqual", "lessThan", "lessEqual"].includes(operator)) {
-    return await buildNumberAttributeFilterWhereClause(filter);
+    return await buildNumberAttributeFilterWhereClause(filter, environmentId);
   }
 
   // For string operators, ensure value is a primitive (not an object or array)
@@ -253,7 +296,8 @@ const buildAttributeFilterWhereClause = async (
  * Builds a Prisma where clause from a person filter
  */
 const buildPersonFilterWhereClause = async (
-  filter: TSegmentPersonFilter
+  filter: TSegmentPersonFilter,
+  environmentId: string
 ): Promise<Prisma.ContactWhereInput> => {
   const { personIdentifier } = filter.root;
 
@@ -265,7 +309,7 @@ const buildPersonFilterWhereClause = async (
         contactAttributeKey: personIdentifier,
       },
     };
-    return await buildAttributeFilterWhereClause(personFilter);
+    return await buildAttributeFilterWhereClause(personFilter, environmentId);
   }
 
   return {};
@@ -314,6 +358,7 @@ const buildDeviceFilterWhereClause = (
 const buildSegmentFilterWhereClause = async (
   filter: TSegmentSegmentFilter,
   segmentPath: Set<string>,
+  environmentId: string,
   deviceType?: "phone" | "desktop"
 ): Promise<Prisma.ContactWhereInput> => {
   const { root } = filter;
@@ -337,7 +382,7 @@ const buildSegmentFilterWhereClause = async (
   const newPath = new Set(segmentPath);
   newPath.add(segmentId);
 
-  return processFilters(segment.filters, newPath, deviceType);
+  return processFilters(segment.filters, newPath, environmentId, deviceType);
 };
 
 /**
@@ -346,19 +391,25 @@ const buildSegmentFilterWhereClause = async (
 const processSingleFilter = async (
   filter: TSegmentFilter,
   segmentPath: Set<string>,
+  environmentId: string,
   deviceType?: "phone" | "desktop"
 ): Promise<Prisma.ContactWhereInput> => {
   const { root } = filter;
 
   switch (root.type) {
     case "attribute":
-      return await buildAttributeFilterWhereClause(filter as TSegmentAttributeFilter);
+      return await buildAttributeFilterWhereClause(filter as TSegmentAttributeFilter, environmentId);
     case "person":
-      return await buildPersonFilterWhereClause(filter as TSegmentPersonFilter);
+      return await buildPersonFilterWhereClause(filter as TSegmentPersonFilter, environmentId);
     case "device":
       return buildDeviceFilterWhereClause(filter as TSegmentDeviceFilter, deviceType);
     case "segment":
-      return await buildSegmentFilterWhereClause(filter as TSegmentSegmentFilter, segmentPath, deviceType);
+      return await buildSegmentFilterWhereClause(
+        filter as TSegmentSegmentFilter,
+        segmentPath,
+        environmentId,
+        deviceType
+      );
     default:
       return {};
   }
@@ -370,6 +421,7 @@ const processSingleFilter = async (
 const processFilters = async (
   filters: TBaseFilters,
   segmentPath: Set<string>,
+  environmentId: string,
   deviceType?: "phone" | "desktop"
 ): Promise<Prisma.ContactWhereInput> => {
   if (filters.length === 0) return {};
@@ -386,10 +438,10 @@ const processFilters = async (
     // Process the resource based on its type
     if (isResourceFilter(resource)) {
       // If it's a single filter, process it directly
-      whereClause = await processSingleFilter(resource, segmentPath, deviceType);
+      whereClause = await processSingleFilter(resource, segmentPath, environmentId, deviceType);
     } else {
       // If it's a group of filters, process it recursively
-      whereClause = await processFilters(resource, segmentPath, deviceType);
+      whereClause = await processFilters(resource, segmentPath, environmentId, deviceType);
     }
 
     if (Object.keys(whereClause).length === 0) continue;
@@ -432,7 +484,7 @@ export const segmentFilterToPrismaQuery = reactCache(
 
       // Initialize an empty stack for tracking the current evaluation path
       const segmentPath = new Set<string>([segmentId]);
-      const filtersWhereClause = await processFilters(filters, segmentPath, deviceType);
+      const filtersWhereClause = await processFilters(filters, segmentPath, environmentId, deviceType);
 
       const whereClause = {
         AND: [baseWhereClause, filtersWhereClause],

apps/web/modules/ee/contacts/segments/lib/segments.ts

@@ -136,28 +136,48 @@ export const createSegment = async (segmentCreateInput: TSegmentCreateInput): Pr
 
   const { description, environmentId, filters, isPrivate, surveyId, title } = segmentCreateInput;
 
-  let data: Prisma.SegmentCreateArgs["data"] = {
-    environmentId,
-    title,
-    description,
-    isPrivate,
-    filters,
-  };
-
-  if (surveyId) {
-    data = {
-      ...data,
-      surveys: {
-        connect: {
-          id: surveyId,
-        },
-      },
-    };
-  }
+  const surveyConnect = surveyId ? { surveys: { connect: { id: surveyId } } } : {};
 
   try {
+    // Private segments use upsert because auto-save may have already created a
+    // default (empty-filter) segment via connectOrCreate before the user publishes.
+    // Without upsert the second create hits the (environmentId, title) unique constraint.
+    if (isPrivate) {
+      const segment = await prisma.segment.upsert({
+        where: {
+          environmentId_title: {
+            environmentId,
+            title,
+          },
+        },
+        create: {
+          environmentId,
+          title,
+          description,
+          isPrivate,
+          filters,
+          ...surveyConnect,
+        },
+        update: {
+          description,
+          filters,
+          ...surveyConnect,
+        },
+        select: selectSegment,
+      });
+
+      return transformPrismaSegment(segment);
+    }
+
     const segment = await prisma.segment.create({
-      data,
+      data: {
+        environmentId,
+        title,
+        description,
+        isPrivate,
+        filters,
+        ...surveyConnect,
+      },
       select: selectSegment,
     });
 

apps/web/modules/storage/utils.ts

@@ -151,7 +151,7 @@ export const getErrorResponseFromStorageError = (
 
 /**
  * Resolves a storage URL to an absolute URL.
- * - If already absolute, returns as-is (backward compatibility for old data)
+ * - If already absolute, returns as-is
  * - If relative (/storage/...), prepends the appropriate base URL
  * @param url The storage URL (relative or absolute)
  * @param accessType The access type to determine which base URL to use (defaults to "public")
@@ -163,7 +163,7 @@ export const resolveStorageUrl = (
 ): string => {
   if (!url) return "";
 
-  // Already absolute URL - return as-is (backward compatibility for old data)
+  // Already absolute URL - return as-is
   if (url.startsWith("http://") || url.startsWith("https://")) {
     return url;
   }
@@ -176,3 +176,41 @@ export const resolveStorageUrl = (
 
   return url;
 };
+
+// Matches the actual storage URL format: /storage/{id}/{public|private}/{filename...}
+const STORAGE_URL_PATTERN = /^\/storage\/[^/]+\/(public|private)\/.+/;
+
+const isStorageUrl = (value: string): boolean => STORAGE_URL_PATTERN.test(value);
+
+export const resolveStorageUrlAuto = (url: string): string => {
+  if (!isStorageUrl(url)) return url;
+  const accessType = url.includes("/private/") ? "private" : "public";
+  return resolveStorageUrl(url, accessType);
+};
+
+/**
+ * Recursively walks an object/array and resolves all relative storage URLs
+ * Preserves the original structure; skips Date instances and non-object primitives.
+ */
+export const resolveStorageUrlsInObject = <T>(obj: T): T => {
+  if (obj === null || obj === undefined) return obj;
+
+  if (typeof obj === "string") {
+    return resolveStorageUrlAuto(obj) as T;
+  }
+
+  if (typeof obj !== "object") return obj;
+
+  if (obj instanceof Date) return obj;
+
+  if (Array.isArray(obj)) {
+    return obj.map((item) => resolveStorageUrlsInObject(item)) as T;
+  }
+
+  const result: Record<string, unknown> = {};
+  for (const [key, value] of Object.entries(obj as Record<string, unknown>)) {
+    result[key] = resolveStorageUrlsInObject(value);
+  }
+
+  return result as T;
+};

apps/web/modules/ui/components/survey/index.tsx

@@ -40,10 +40,7 @@ export const SurveyInline = (props: Omit<SurveyContainerProps, "containerId">) =
     isLoadingScript = true;
     try {
       const scriptUrl = props.appUrl ? `${props.appUrl}/js/surveys.umd.cjs` : "/js/surveys.umd.cjs";
-      const response = await fetch(
-        scriptUrl,
-        process.env.NODE_ENV === "development" ? { cache: "no-store" } : {}
-      );
+      const response = await fetch(scriptUrl);
 
       if (!response.ok) {
         throw new Error("Failed to load the surveys package");

apps/web/package.json

@@ -23,7 +23,6 @@
     "@aws-sdk/s3-presigned-post": "3.971.0",
     "@aws-sdk/s3-request-presigner": "3.971.0",
     "@boxyhq/saml-jackson": "1.52.2",
-    "@cubejs-client/core": "1.6.6",
     "@dnd-kit/core": "6.3.1",
     "@dnd-kit/modifiers": "9.0.0",
     "@dnd-kit/sortable": "10.0.0",

cube/cube.js

@@ -1,12 +0,0 @@
-module.exports = {
-  // queryRewrite runs before every Cube query. Use it to enforce row-level security (RLS)
-  // by injecting filters based on the caller's identity (e.g. organizationId, projectId).
-  //
-  // The securityContext is populated from the decoded JWT passed via the API token.
-  // Currently a passthrough because access control is handled in the Next.js API layer
-  // before reaching Cube. When Cube is exposed more broadly or multi-tenancy enforcement
-  // is needed at the Cube level, add filters here based on securityContext claims.
-  queryRewrite: (query, { securityContext }) => {
-    return query;
-  },
-};

cube/schema/FeedbackRecords.js

@@ -1,159 +0,0 @@
-// This schema maps to the `feedback_records` table owned by the Formbricks Hub Postgres.
-// If the Hub changes column names, types, or the metadata JSONB shape (e.g. the `topics` array),
-// this schema must be updated to match.
-cube(`FeedbackRecords`, {
-  sql: `SELECT * FROM feedback_records`,
-
-  measures: {
-    count: {
-      type: `count`,
-      description: `Total number of feedback responses`,
-    },
-
-    promoterCount: {
-      type: `count`,
-      filters: [{ sql: `${CUBE}.value_number >= 9` }],
-      description: `Number of promoters (NPS score 9-10)`,
-    },
-
-    detractorCount: {
-      type: `count`,
-      filters: [{ sql: `${CUBE}.value_number <= 6` }],
-      description: `Number of detractors (NPS score 0-6)`,
-    },
-
-    passiveCount: {
-      type: `count`,
-      filters: [{ sql: `${CUBE}.value_number >= 7 AND ${CUBE}.value_number <= 8` }],
-      description: `Number of passives (NPS score 7-8)`,
-    },
-
-    npsScore: {
-      type: `number`,
-      sql: `
-        CASE 
-          WHEN COUNT(*) = 0 THEN 0
-          ELSE ROUND(
-            (
-              (COUNT(CASE WHEN ${CUBE}.value_number >= 9 THEN 1 END)::numeric - 
-               COUNT(CASE WHEN ${CUBE}.value_number <= 6 THEN 1 END)::numeric) 
-              / COUNT(*)::numeric
-            ) * 100,
-            2
-          )
-        END
-      `,
-      description: `Net Promoter Score: ((Promoters - Detractors) / Total) * 100`,
-    },
-
-    averageScore: {
-      type: `avg`,
-      sql: `${CUBE}.value_number`,
-      description: `Average NPS score`,
-    },
-  },
-
-  dimensions: {
-    id: {
-      sql: `id`,
-      type: `string`,
-      primaryKey: true,
-    },
-
-    sentiment: {
-      sql: `sentiment`,
-      type: `string`,
-      description: `Sentiment extracted from metadata JSONB field`,
-    },
-
-    sourceType: {
-      sql: `source_type`,
-      type: `string`,
-      description: `Source type of the feedback (e.g., nps_campaign, survey)`,
-    },
-
-    sourceName: {
-      sql: `source_name`,
-      type: `string`,
-      description: `Human-readable name of the source`,
-    },
-
-    fieldType: {
-      sql: `field_type`,
-      type: `string`,
-      description: `Type of feedback field (e.g., nps, text, rating)`,
-    },
-
-    collectedAt: {
-      sql: `collected_at`,
-      type: `time`,
-      description: `Timestamp when the feedback was collected`,
-    },
-
-    npsValue: {
-      sql: `value_number`,
-      type: `number`,
-      description: `Raw NPS score value (0-10)`,
-    },
-
-    responseId: {
-      sql: `response_id`,
-      type: `string`,
-      description: `Unique identifier linking related feedback records`,
-    },
-
-    userIdentifier: {
-      sql: `user_identifier`,
-      type: `string`,
-      description: `Identifier of the user who provided feedback`,
-    },
-
-    emotion: {
-      sql: `emotion`,
-      type: `string`,
-      description: `Emotion extracted from metadata JSONB field`,
-    },
-  },
-
-  joins: {
-    TopicsUnnested: {
-      sql: `${CUBE}.id = ${TopicsUnnested}.feedback_record_id`,
-      relationship: `hasMany`,
-    },
-  },
-});
-
-cube(`TopicsUnnested`, {
-  sql: `
-    SELECT 
-      fr.id as feedback_record_id,
-      topic_elem.topic
-    FROM feedback_records fr
-    CROSS JOIN LATERAL jsonb_array_elements_text(COALESCE(fr.metadata->'topics', '[]'::jsonb)) AS topic_elem(topic)
-  `,
-
-  measures: {
-    count: {
-      type: `count`,
-    },
-  },
-
-  dimensions: {
-    id: {
-      sql: `feedback_record_id || '-' || topic`,
-      type: `string`,
-      primaryKey: true,
-    },
-
-    feedbackRecordId: {
-      sql: `feedback_record_id`,
-      type: `string`,
-    },
-
-    topic: {
-      sql: `topic`,
-      type: `string`,
-      description: `Individual topic from the topics array`,
-    },
-  },
-});

docker-compose.dev.yml

@@ -36,34 +36,6 @@ services:
     volumes:
       - minio-data:/data
 
-  # Cube connects to the Formbricks Hub Postgres which owns the feedback_records table.
-  # The CUBEJS_DB_* defaults below must match the Hub's Postgres credentials.
-  # Override via env vars if your Hub database uses different credentials or runs on another host.
-  #
-  # SECURITY: CUBEJS_API_SECRET has no default and must be set explicitly (e.g. in .env).
-  # Never use a weak secret in production/staging. Generate with: openssl rand -hex 32
-  cube:
-    image: cubejs/cube:v1.6.6
-    ports:
-      - 4000:4000
-      - 4001:4001 # Cube Playground UI (dev only)
-    environment:
-      CUBEJS_DB_TYPE: postgres
-      CUBEJS_DB_HOST: ${CUBEJS_DB_HOST:-postgres}
-      CUBEJS_DB_NAME: ${CUBEJS_DB_NAME:-postgres}
-      CUBEJS_DB_USER: ${CUBEJS_DB_USER:-postgres}
-      CUBEJS_DB_PASS: ${CUBEJS_DB_PASS:-postgres}
-      CUBEJS_DB_PORT: ${CUBEJS_DB_PORT:-5432}
-      CUBEJS_DEV_MODE: "true"
-      CUBEJS_API_SECRET: ${CUBEJS_API_SECRET}
-      CUBEJS_CACHE_AND_QUEUE_DRIVER: memory
-    volumes:
-      - ./cube/cube.js:/cube/conf/cube.js
-      - ./cube/schema:/cube/conf/model
-    restart: on-failure
-    depends_on:
-      - postgres
-
 volumes:
   postgres:
     driver: local

docs/self-hosting/advanced/rate-limiting.mdx

@@ -1,94 +1,41 @@
 ---
 title: "Rate Limiting"
-description: "Current request rate limits in Formbricks"
+description: "Rate limiting for Formbricks"
 icon: "timer"
 ---
 
-Formbricks applies request rate limits to protect against abuse and keep API usage fair.
+To protect the platform from abuse and ensure fair usage, rate limiting is enforced by default on an IP-address basis. If a client exceeds the allowed number of requests within the specified time window, the API will return a `429 Too Many Requests` status code.
 
-Rate limits are scoped by identifier, depending on the endpoint:
+## Default Rate Limits
 
-- IP hash (for unauthenticated/client-side routes and public actions)
-- API key ID (for authenticated API calls)
-- User ID (for authenticated session-based calls and server actions)
-- Organization ID (for follow-up email dispatch)
+The following rate limits apply to various endpoints:
 
-When a limit is exceeded, the API returns `429 Too Many Requests`.
+| **Endpoint**            | **Rate Limit** | **Time Window** |
+| ----------------------- | -------------- | --------------- |
+| `POST /login`           | 30 requests    | 15 minutes      |
+| `POST /signup`          | 30 requests    | 60 minutes      |
+| `POST /verify-email`    | 10 requests    | 60 minutes      |
+| `POST /forgot-password` | 5 requests     | 60 minutes      |
+| `GET /client-side-api`  | 100 requests   | 1 minute        |
+| `POST /share`           | 100 requests   | 60 minutes      |
 
-## Management API Rate Limits
-
-These are the current limits for Management APIs:
-
-| **Route Group** | **Limit** | **Window** | **Identifier** |
-| --- | --- | --- | --- |
-| `/api/v1/management/*` (except `/api/v1/management/storage`), `/api/v1/webhooks/*`, `/api/v1/integrations/*`, `/api/v1/management/me` | 100 requests | 1 minute | API key ID or session user ID |
-| `/api/v2/management/*` (and other v2 authenticated routes that use `authenticatedApiClient`) | 100 requests | 1 minute | API key ID |
-| `POST /api/v1/management/storage` | 5 requests | 1 minute | API key ID or session user ID |
-
-## All Enforced Limits
-
-| **Config** | **Limit** | **Window** | **Identifier** | **Used For** |
-| --- | --- | --- | --- | --- |
-| `auth.login` | 10 requests | 15 minutes | IP hash | Email/password login flow (`/api/auth/callback/credentials`) |
-| `auth.signup` | 30 requests | 60 minutes | IP hash | Signup server action |
-| `auth.forgotPassword` | 5 requests | 60 minutes | IP hash | Forgot password server action |
-| `auth.verifyEmail` | 10 requests | 60 minutes | IP hash | Email verification callback + resend verification action |
-| `api.v1` | 100 requests | 1 minute | API key ID or session user ID | v1 management, webhooks, integrations, and `/api/v1/management/me` |
-| `api.v2` | 100 requests | 1 minute | API key ID | v2 authenticated API wrapper (`authenticatedApiClient`) |
-| `api.client` | 100 requests | 1 minute | IP hash | v1 client API routes (except `/api/v1/client/og` and storage upload override), plus v2 routes that re-use those v1 handlers |
-| `storage.upload` | 5 requests | 1 minute | IP hash or authenticated ID | Client storage upload and management storage upload |
-| `storage.delete` | 5 requests | 1 minute | API key ID or session user ID | `DELETE /storage/[environmentId]/[accessType]/[fileName]` |
-| `actions.emailUpdate` | 3 requests | 60 minutes | User ID | Profile email update action |
-| `actions.surveyFollowUp` | 50 requests | 60 minutes | Organization ID | Survey follow-up email processing |
-| `actions.sendLinkSurveyEmail` | 10 requests | 60 minutes | IP hash | Link survey email send action |
-| `actions.licenseRecheck` | 5 requests | 1 minute | User ID | Enterprise license recheck action |
-
-## Current Endpoint Exceptions
-
-The following routes are currently not rate-limited by the server-side limiter:
-
-- `GET /api/v1/client/og` (explicitly excluded)
-- `POST /api/v2/client/[environmentId]/responses`
-- `POST /api/v2/client/[environmentId]/displays`
-- `GET /api/v2/health`
-
-## 429 Response Shape
-
-v1-style endpoints return:
+If a request exceeds the defined rate limit, the server will respond with:
 
 ```json
 {
-  "code": "too_many_requests",
-  "message": "Maximum number of requests reached. Please try again later.",
-  "details": {}
-}
-```
-
-v2-style endpoints return:
-
-```json
-{
-  "error": {
-    "code": 429,
-    "message": "Too Many Requests"
-  }
+  "code": 429,
+  "error": "Too many requests, Please try after a while!"
 }
 ```
 
 ## Disabling Rate Limiting
 
-For self-hosters, rate limiting can be disabled if necessary. We strongly recommend keeping it enabled in production.
+For self-hosters, rate limiting can be disabled if necessary. However, we **strongly recommend keeping rate limiting enabled in production environments** to prevent abuse.
 
-Set:
+To disable rate limiting, set the following environment variable:
 
 ```bash
 RATE_LIMITING_DISABLED=1
 ```
 
-After changing this value, restart the server.
-
-## Operational Notes
-
-- Redis/Valkey is required for robust rate limiting (`REDIS_URL`).
-- If Redis is unavailable at runtime, rate-limiter checks currently fail open (requests are allowed through without enforcement).
-- Authentication failure audit logging uses a separate throttle (`shouldLogAuthFailure()`) and is intentionally **fail-closed**: when Redis is unavailable or errors occur, audit log entries are **skipped entirely** rather than written without throttle control. This prevents spam while preserving the hash-integrity chain required for compliance. In other words, if Redis is down, no authentication-failure audit logs will be recorded—requests themselves are still allowed (fail-open rate limiting above), but the audit trail for those failures will not be written.
+After making this change, restart your server to apply the new setting.

docs/xm-and-surveys/xm/best-practices/cancel-subscription.mdx

@@ -16,6 +16,8 @@ The Churn Survey is among the most effective ways to identify weaknesses in your
 
 * Follow-up to prevent bad reviews
 
+* Coming soon: Make survey mandatory
+
 ## Overview
 
 To run the Churn Survey in your app you want to proceed as follows:
@@ -78,6 +80,13 @@ Whenever a user visits this page, matches the filter conditions above and the re
 
 Here is our complete [Actions manual](/xm-and-surveys/surveys/website-app-surveys/actions/) covering [No-Code](/xm-and-surveys/surveys/website-app-surveys/actions#setting-up-no-code-actions) and [Code](/xm-and-surveys/surveys/website-app-surveys/actions#setting-up-code-actions) Actions.
 
+<Note>
+  Pre-churn flow coming soon We’re currently building full-screen survey
+  pop-ups. You’ll be able to prevent users from closing the survey unless they
+  respond to it. It’s certainly debatable if you want that but you could force
+  them to click through the survey before letting them cancel 🤷
+</Note>
+
 ### 5. Select Action in the “When to ask” card
 
 ![Select feedback button action](/images/xm-and-surveys/xm/best-practices/cancel-subscription/select-action.webp)

docs/xm-and-surveys/xm/best-practices/improve-trial-cr.mdx

@@ -46,7 +46,13 @@ _Want to change the button color? Adjust it in the project settings!_
 
 Save, and move over to the **Audience** tab.
 
-### 3. Pre-segment your audience
+### 3. Pre-segment your audience (coming soon)
+
+<Note>
+### Filter by Attribute Coming Soon
+
+We're working on pre-segmenting users by attributes. This manual will be updated in the coming days.
+</Note>
 
 Pre-segmentation isn't needed for this survey since you likely want to target all users who cancel their trial. You can use a specific user action, like clicking **Cancel Trial**, to show the survey only to users trying your product.
 
@@ -56,13 +62,13 @@ How you trigger your survey depends on your product. There are two options:
 
 - **Trigger by Page view:** If you have a page like `/trial-cancelled` for users who cancel their trial subscription, create a user action with the type "Page View." Select "Limit to specific pages" and apply URL filters with these settings:
 
-![Add page URL action](/images/xm-and-surveys/xm/best-practices/improve-trial-cr/action-pageurl.webp)
+![Change text content](/images/xm-and-surveys/xm/best-practices/improve-trial-cr/action-pageurl.webp)
 
 Whenever a user visits this page, the survey will be displayed ✅
 
 - **Trigger by Button Click:** In a different case, you have a “Cancel Trial" button in your app. You can setup a user Action with the `Inner Text`:
 
-![Add inner text action](/images/xm-and-surveys/xm/best-practices/improve-trial-cr/action-innertext.webp)
+![Change text content](/images/xm-and-surveys/xm/best-practices/improve-trial-cr/action-innertext.webp)
 
 Please have a look at our complete [Actions manual](/xm-and-surveys/surveys/website-app-surveys/actions) if you have questions.
 

docs/xm-and-surveys/xm/best-practices/interview-prompt.mdx

@@ -54,7 +54,13 @@ In the button settings you have to make sure it is set to “External URL”. In
 
 Save, and move over to the “Audience” tab.
 
-### 3. Pre-segment your audience
+### 3. Pre-segment your audience (coming soon)
+
+<Note>
+  ## Filter by attribute coming soon. We're working on pre-segmenting users by
+
+  attributes. We will update this manual in the next few days.
+</Note>
 
 Once you clicked over to the “Audience” tab you can change the settings. In the **Who To Send** card, select “Filter audience by attribute”. This allows you to only show the prompt to a specific segment of your user base.
 

packages/database/json-types.ts

@@ -2,7 +2,6 @@
 /* eslint-disable @typescript-eslint/no-namespace -- using namespaces is required for prisma-json-types-generator */
 import { type TActionClassNoCodeConfig } from "../types/action-classes";
 import type { TOrganizationAccess } from "../types/api-key";
-import type { TChartConfig, TChartQuery, TWidgetLayout } from "../types/dashboard";
 import { type TIntegrationConfig } from "../types/integration";
 import { type TOrganizationBilling } from "../types/organizations";
 import { type TProjectConfig, type TProjectStyling } from "../types/project";
@@ -56,8 +55,5 @@ declare global {
     export type OrganizationAccess = TOrganizationAccess;
     export type SurveyMetadata = TSurveyMetadata;
     export type SurveyQuotaLogic = TSurveyQuotaLogic;
-    export type ChartQuery = TChartQuery;
-    export type ChartConfig = TChartConfig;
-    export type WidgetLayout = TWidgetLayout;
   }
 }

packages/database/migration/20260128111722_add_dashboards_and_charts_to_workspace/migration.sql

@@ -1,77 +0,0 @@
--- CreateEnum
-CREATE TYPE "public"."ChartType" AS ENUM ('area', 'bar', 'line', 'pie', 'big_number');
-
--- CreateTable
-CREATE TABLE "public"."Chart" (
-    "id" TEXT NOT NULL,
-    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    "updated_at" TIMESTAMP(3) NOT NULL,
-    "name" TEXT NOT NULL,
-    "type" "public"."ChartType" NOT NULL,
-    "projectId" TEXT NOT NULL,
-    "query" JSONB NOT NULL DEFAULT '{}',
-    "config" JSONB NOT NULL DEFAULT '{}',
-    "createdBy" TEXT,
-
-    CONSTRAINT "Chart_pkey" PRIMARY KEY ("id")
-);
-
--- CreateTable
-CREATE TABLE "public"."Dashboard" (
-    "id" TEXT NOT NULL,
-    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    "updated_at" TIMESTAMP(3) NOT NULL,
-    "name" TEXT NOT NULL,
-    "description" TEXT,
-    "projectId" TEXT NOT NULL,
-    "createdBy" TEXT,
-
-    CONSTRAINT "Dashboard_pkey" PRIMARY KEY ("id")
-);
-
--- CreateTable
-CREATE TABLE "public"."DashboardWidget" (
-    "id" TEXT NOT NULL,
-    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    "updated_at" TIMESTAMP(3) NOT NULL,
-    "dashboardId" TEXT NOT NULL,
-    "title" TEXT,
-    "chartId" TEXT NOT NULL,
-    "layout" JSONB NOT NULL DEFAULT '{"x":0,"y":0,"w":4,"h":3}',
-    "order" INTEGER NOT NULL DEFAULT 0,
-
-    CONSTRAINT "DashboardWidget_pkey" PRIMARY KEY ("id")
-);
-
--- CreateIndex
-CREATE INDEX "Chart_projectId_created_at_idx" ON "public"."Chart"("projectId", "created_at");
-
--- CreateIndex
-CREATE UNIQUE INDEX "Chart_projectId_name_key" ON "public"."Chart"("projectId", "name");
-
--- CreateIndex
-CREATE INDEX "Dashboard_projectId_created_at_idx" ON "public"."Dashboard"("projectId", "created_at");
-
--- CreateIndex
-CREATE UNIQUE INDEX "Dashboard_projectId_name_key" ON "public"."Dashboard"("projectId", "name");
-
--- CreateIndex
-CREATE INDEX "DashboardWidget_dashboardId_order_idx" ON "public"."DashboardWidget"("dashboardId", "order");
-
--- AddForeignKey
-ALTER TABLE "public"."Chart" ADD CONSTRAINT "Chart_projectId_fkey" FOREIGN KEY ("projectId") REFERENCES "public"."Project"("id") ON DELETE CASCADE ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "public"."Chart" ADD CONSTRAINT "Chart_createdBy_fkey" FOREIGN KEY ("createdBy") REFERENCES "public"."User"("id") ON DELETE SET NULL ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "public"."Dashboard" ADD CONSTRAINT "Dashboard_projectId_fkey" FOREIGN KEY ("projectId") REFERENCES "public"."Project"("id") ON DELETE CASCADE ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "public"."Dashboard" ADD CONSTRAINT "Dashboard_createdBy_fkey" FOREIGN KEY ("createdBy") REFERENCES "public"."User"("id") ON DELETE SET NULL ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "public"."DashboardWidget" ADD CONSTRAINT "DashboardWidget_dashboardId_fkey" FOREIGN KEY ("dashboardId") REFERENCES "public"."Dashboard"("id") ON DELETE CASCADE ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "public"."DashboardWidget" ADD CONSTRAINT "DashboardWidget_chartId_fkey" FOREIGN KEY ("chartId") REFERENCES "public"."Chart"("id") ON DELETE CASCADE ON UPDATE CASCADE;

packages/database/schema.prisma

@@ -647,8 +647,6 @@ model Project {
   logo                Json?
   projectTeams        ProjectTeam[]
   customHeadScripts   String? // Custom HTML scripts for link surveys (self-hosted only)
-  charts              Chart[]
-  dashboards          Dashboard[]
 
   @@unique([organizationId, name])
 }
@@ -869,8 +867,6 @@ model User {
   /// [Locale]
   locale                    String           @default("en-US")
   surveys                   Survey[]
-  charts                    Chart[]          @relation("chartCreatedBy")
-  dashboards                Dashboard[]      @relation("dashboardCreatedBy")
   teamUsers                 TeamUser[]
   lastLoginAt               DateTime?
   isActive                  Boolean          @default(true)
@@ -1008,92 +1004,3 @@ model ProjectTeam {
   @@id([projectId, teamId])
   @@index([teamId])
 }
-
-enum ChartType {
-  area
-  bar
-  line
-  pie
-  big_number
-}
-
-/// Represents a chart/visualization that can be used in multiple dashboards.
-/// Charts are reusable components that query analytics data.
-///
-/// @property id - Unique identifier for the chart
-/// @property name - Display name of the chart
-/// @property type - Type of visualization (bar, line, pie, etc.)
-/// @property project - The project this chart belongs to
-/// @property query - Cube.js query configuration (JSON)
-/// @property config - Chart-specific configuration (colors, labels, etc.)
-/// @property createdBy - User who created the chart
-/// @property dashboards - Dashboards that use this chart
-model Chart {
-  id        String            @id @default(cuid())
-  createdAt DateTime          @default(now()) @map(name: "created_at")
-  updatedAt DateTime          @updatedAt @map(name: "updated_at")
-  name      String
-  type      ChartType
-  project   Project           @relation(fields: [projectId], references: [id], onDelete: Cascade)
-  projectId String
-  /// [ChartQuery] - Cube.js query configuration
-  query     Json              @default("{}")
-  /// [ChartConfig] - Visualization configuration (colors, labels, formatting)
-  config    Json              @default("{}")
-  creator   User?             @relation("chartCreatedBy", fields: [createdBy], references: [id], onDelete: SetNull)
-  createdBy String?
-  widgets   DashboardWidget[]
-
-  @@unique([projectId, name])
-  @@index([projectId, createdAt])
-}
-
-/// Represents a dashboard containing multiple charts.
-/// Dashboards aggregate analytics insights at the project level.
-///
-/// @property id - Unique identifier for the dashboard
-/// @property name - Display name of the dashboard
-/// @property description - Optional description
-/// @property project - The project this dashboard belongs to
-/// @property widgets - Charts on this dashboard
-/// @property createdBy - User who created the dashboard
-model Dashboard {
-  id          String            @id @default(cuid())
-  createdAt   DateTime          @default(now()) @map(name: "created_at")
-  updatedAt   DateTime          @updatedAt @map(name: "updated_at")
-  name        String
-  description String?
-  project     Project           @relation(fields: [projectId], references: [id], onDelete: Cascade)
-  projectId   String
-  creator     User?             @relation("dashboardCreatedBy", fields: [createdBy], references: [id], onDelete: SetNull)
-  createdBy   String?
-  widgets     DashboardWidget[]
-
-  @@unique([projectId, name])
-  @@index([projectId, createdAt])
-}
-
-/// Represents a chart widget on a dashboard.
-/// Widgets are positioned using a grid layout system.
-///
-/// @property id - Unique identifier for the widget
-/// @property dashboard - The dashboard this widget belongs to
-/// @property title - Optional title for the widget
-/// @property chart - The chart displayed in this widget
-/// @property layout - Grid layout configuration (x, y, width, height)
-/// @property order - Display order within the dashboard
-model DashboardWidget {
-  id          String    @id @default(cuid())
-  createdAt   DateTime  @default(now()) @map(name: "created_at")
-  updatedAt   DateTime  @updatedAt @map(name: "updated_at")
-  dashboard   Dashboard @relation(fields: [dashboardId], references: [id], onDelete: Cascade)
-  dashboardId String
-  title       String?
-  chart       Chart     @relation(fields: [chartId], references: [id], onDelete: Cascade)
-  chartId     String
-  /// [WidgetLayout] - Grid layout: { x, y, w, h }
-  layout      Json      @default("{\"x\":0,\"y\":0,\"w\":4,\"h\":3}")
-  order       Int       @default(0)
-
-  @@index([dashboardId, order])
-}

packages/surveys/src/lib/validation/evaluator.ts

@@ -137,6 +137,11 @@ const checkRequiredField = (
     return null;
   }
 
+  // CTA elements never block progression (informational only)
+  if (element.type === TSurveyElementTypeEnum.CTA) {
+    return null;
+  }
+
   if (element.type === TSurveyElementTypeEnum.Ranking) {
     return validateRequiredRanking(value, t);
   }

packages/types/contact-attribute.ts

@@ -16,5 +16,5 @@ export type TContactAttribute = z.infer<typeof ZContactAttribute>;
 export const ZContactAttributes = z.record(z.string());
 export type TContactAttributes = z.infer<typeof ZContactAttributes>;
 
-export const ZContactAttributesInput = z.record(z.union([z.string(), z.number()]));
+export const ZContactAttributesInput = z.record(z.union([z.string(), z.number(), z.boolean()]));
 export type TContactAttributesInput = z.infer<typeof ZContactAttributesInput>;

packages/types/dashboard.ts

@@ -1,75 +0,0 @@
-import { z } from "zod";
-
-// ── Cube.js Query shape (stored as JSON in Chart.query) ─────────────────────
-// Mirrors https://cube.dev/docs/product/apis-integrations/core-data-apis/rest-api/query-format
-
-const ZCubeTimeDimension = z.object({
-  dimension: z.string(),
-  dateRange: z.union([z.string(), z.tuple([z.string(), z.string()])]).optional(),
-  compareDateRange: z.array(z.union([z.string(), z.tuple([z.string(), z.string()])])).optional(),
-  granularity: z.enum(["second", "minute", "hour", "day", "week", "month", "quarter", "year"]).optional(),
-});
-
-const ZCubeMemberFilter = z.object({
-  member: z.string(),
-  operator: z.string(),
-  values: z.array(z.string()).optional(),
-});
-
-type TCubeFilter = z.infer<typeof ZCubeMemberFilter> | { and: TCubeFilter[] } | { or: TCubeFilter[] };
-
-const ZCubeFilter: z.ZodType<TCubeFilter> = z.union([
-  ZCubeMemberFilter,
-  z.object({ and: z.lazy(() => z.array(ZCubeFilter)) }),
-  z.object({ or: z.lazy(() => z.array(ZCubeFilter)) }),
-]);
-
-export const ZChartQuery = z.object({
-  measures: z.array(z.string()).optional(),
-  dimensions: z.array(z.string()).optional(),
-  segments: z.array(z.string()).optional(),
-  timeDimensions: z.array(ZCubeTimeDimension).optional(),
-  filters: z.array(ZCubeFilter).optional(),
-  order: z
-    .union([z.array(z.tuple([z.string(), z.enum(["asc", "desc"])])), z.record(z.enum(["asc", "desc"]))])
-    .optional(),
-  limit: z.number().int().positive().optional(),
-  total: z.boolean().optional(),
-  offset: z.number().int().nonnegative().optional(),
-  timezone: z.string().optional(),
-  renewQuery: z.boolean().optional(),
-  ungrouped: z.boolean().optional(),
-  joinHints: z.array(z.tuple([z.string(), z.string()])).optional(),
-});
-
-export type TChartQuery = z.infer<typeof ZChartQuery>;
-
-// ── Chart visualization config (stored as JSON in Chart.config) ─────────────
-
-export const ZChartConfig = z.object({
-  colors: z.array(z.string()).optional(),
-  xAxisLabel: z.string().optional(),
-  yAxisLabel: z.string().optional(),
-  showLegend: z.boolean().optional(),
-  legendPosition: z.enum(["top", "bottom", "left", "right"]).optional(),
-  stacked: z.boolean().optional(),
-  showGrid: z.boolean().optional(),
-  showValues: z.boolean().optional(),
-  numberFormat: z.string().optional(),
-  dateFormat: z.string().optional(),
-  prefix: z.string().optional(),
-  suffix: z.string().optional(),
-});
-
-export type TChartConfig = z.infer<typeof ZChartConfig>;
-
-// ── Widget grid layout (stored as JSON in DashboardWidget.layout) ───────────
-
-export const ZWidgetLayout = z.object({
-  x: z.number().int().nonnegative(),
-  y: z.number().int().nonnegative(),
-  w: z.number().int().positive(),
-  h: z.number().int().positive(),
-});
-
-export type TWidgetLayout = z.infer<typeof ZWidgetLayout>;

pnpm-lock.yaml

@@ -28,7 +28,7 @@ importers:
     dependencies:
       next:
         specifier: 16.1.6
-        version: 16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+        version: 16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       react:
         specifier: 19.2.3
         version: 19.2.3
@@ -139,9 +139,6 @@ importers:
       '@boxyhq/saml-jackson':
         specifier: 1.52.2
         version: 1.52.2(socks@2.8.7)(ts-node@10.9.2(@types/node@22.15.18)(typescript@5.8.3))
-      '@cubejs-client/core':
-        specifier: 1.6.6
-        version: 1.6.6(encoding@0.1.13)
       '@dnd-kit/core':
         specifier: 6.3.1
         version: 6.3.1(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
@@ -297,7 +294,7 @@ importers:
         version: 1.2.6(@types/react-dom@19.2.1(@types/react@19.2.1))(@types/react@19.2.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       '@sentry/nextjs':
         specifier: 10.5.0
-        version: 10.5.0(@opentelemetry/context-async-hooks@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/core@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/sdk-trace-base@2.5.0(@opentelemetry/api@1.9.0))(encoding@0.1.13)(next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react@19.2.3)(webpack@5.99.8(esbuild@0.25.12))
+        version: 10.5.0(@opentelemetry/context-async-hooks@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/core@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/sdk-trace-base@2.5.0(@opentelemetry/api@1.9.0))(encoding@0.1.13)(next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react@19.2.3)(webpack@5.99.8(esbuild@0.25.12))
       '@t3-oss/env-nextjs':
         specifier: 0.13.4
         version: 0.13.4(arktype@2.1.29)(typescript@5.8.3)(zod@3.24.4)
@@ -387,13 +384,13 @@ importers:
         version: 3.0.1
       next:
         specifier: 16.1.6
-        version: 16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+        version: 16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       next-auth:
         specifier: 4.24.12
-        version: 4.24.12(patch_hash=7ac5717a8d7d2049442182b5d83ab492d33fe774ff51ff5ea3884628b77df87b)(next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(nodemailer@7.0.11)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+        version: 4.24.12(patch_hash=7ac5717a8d7d2049442182b5d83ab492d33fe774ff51ff5ea3884628b77df87b)(next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(nodemailer@7.0.11)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       next-safe-action:
         specifier: 7.10.8
-        version: 7.10.8(next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(zod@3.24.4)
+        version: 7.10.8(next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(zod@3.24.4)
       node-fetch:
         specifier: 3.3.2
         version: 3.3.2
@@ -1778,9 +1775,6 @@ packages:
     resolution: {integrity: sha512-Vd/9EVDiu6PPJt9yAh6roZP6El1xHrdvIVGjyBsHR0RYwNHgL7FJPyIIW4fANJNG6FtyZfvlRPpFI4ZM/lubvw==}
     engines: {node: '>=18'}
 
-  '@cubejs-client/core@1.6.6':
-    resolution: {integrity: sha512-JWEVQaaS7y6Y3Nhe4Lcjl8coP5eXIgYZQTb2WMlLdMluSGM4mWOSFpAis77lAPV+nybFvRf9ri+PjCGqGJXH5g==}
-
   '@date-fns/tz@1.2.0':
     resolution: {integrity: sha512-LBrd7MiJZ9McsOgxqWX7AaxrDjcFVjWH/tIKJd7pnR7McaslGYOP1QmmiBXdJH/H/yLCT+rcQ7FaPBUxRGUtrg==}
 
@@ -7161,9 +7155,6 @@ packages:
   core-js-compat@3.47.0:
     resolution: {integrity: sha512-IGfuznZ/n7Kp9+nypamBhvwdwLsW6KC8IOaURw2doAK5e98AG3acVLdh0woOnEqCfUtS+Vu882JE4k/DAm3ItQ==}
 
-  core-js@3.48.0:
-    resolution: {integrity: sha512-zpEHTy1fjTMZCKLHUZoVeylt9XrzaIN2rbPXEt0k+q7JE5CkCZdo6bNq55bn24a69CH7ErAVLKijxJja4fw+UQ==}
-
   core-util-is@1.0.3:
     resolution: {integrity: sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==}
 
@@ -7179,9 +7170,6 @@ packages:
     engines: {node: '>=20'}
     hasBin: true
 
-  cross-fetch@3.2.0:
-    resolution: {integrity: sha512-Q+xVJLoGOeIMXZmbUK4HYk+69cQH6LudR0Vu/pRm2YlU/hDV9CiS0gKUMaWY5f2NeUH9C1nV3bsTlCo0FsTV1Q==}
-
   cross-spawn@7.0.6:
     resolution: {integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==}
     engines: {node: '>= 8'}
@@ -10047,9 +10035,6 @@ packages:
   quick-format-unescaped@4.0.4:
     resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==}
 
-  ramda@0.27.2:
-    resolution: {integrity: sha512-SbiLPU40JuJniHexQSAgad32hfwd+DRUdwF2PlVuI5RZD0/vahUco7R8vD86J/tcEKKF9vZrUVwgtmGCqlCKyA==}
-
   randombytes@2.1.0:
     resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==}
 
@@ -11321,9 +11306,6 @@ packages:
   uri-js@4.4.1:
     resolution: {integrity: sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==}
 
-  url-search-params-polyfill@7.0.1:
-    resolution: {integrity: sha512-bAw7L2E+jn9XHG5P9zrPnHdO0yJub4U+yXJOdpcpkr7OBd9T8oll4lUos0iSGRcDvfZoLUKfx9a6aNmIhJ4+mQ==}
-
   url-template@2.0.8:
     resolution: {integrity: sha512-XdVKMF4SJ0nP/O7XIPB0JwAEuT9lDIYnNsK8yGVe43y0AWoKeJNdv3ZNWh7ksJ6KqQFjOO6ox/VEitLnaVNufw==}
 
@@ -13533,17 +13515,6 @@ snapshots:
 
   '@csstools/css-tokenizer@3.0.4': {}
 
-  '@cubejs-client/core@1.6.6(encoding@0.1.13)':
-    dependencies:
-      core-js: 3.48.0
-      cross-fetch: 3.2.0(encoding@0.1.13)
-      dayjs: 1.11.19
-      ramda: 0.27.2
-      url-search-params-polyfill: 7.0.1
-      uuid: 11.1.0
-    transitivePeerDependencies:
-      - encoding
-
   '@date-fns/tz@1.2.0': {}
 
   '@dnd-kit/accessibility@3.1.1(react@19.2.3)':
@@ -17078,7 +17049,7 @@ snapshots:
 
   '@sentry/core@10.5.0': {}
 
-  '@sentry/nextjs@10.5.0(@opentelemetry/context-async-hooks@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/core@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/sdk-trace-base@2.5.0(@opentelemetry/api@1.9.0))(encoding@0.1.13)(next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react@19.2.3)(webpack@5.99.8(esbuild@0.25.12))':
+  '@sentry/nextjs@10.5.0(@opentelemetry/context-async-hooks@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/core@2.5.0(@opentelemetry/api@1.9.0))(@opentelemetry/sdk-trace-base@2.5.0(@opentelemetry/api@1.9.0))(encoding@0.1.13)(next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react@19.2.3)(webpack@5.99.8(esbuild@0.25.12))':
     dependencies:
       '@opentelemetry/api': 1.9.0
       '@opentelemetry/semantic-conventions': 1.38.0
@@ -17091,7 +17062,7 @@ snapshots:
       '@sentry/vercel-edge': 10.5.0
       '@sentry/webpack-plugin': 4.6.1(encoding@0.1.13)(webpack@5.99.8(esbuild@0.25.12))
       chalk: 3.0.0
-      next: 16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+      next: 16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       resolve: 1.22.8
       rollup: 4.54.0
       stacktrace-parser: 0.1.11
@@ -19815,8 +19786,6 @@ snapshots:
     dependencies:
       browserslist: 4.28.1
 
-  core-js@3.48.0: {}
-
   core-util-is@1.0.3: {}
 
   cors@2.8.5:
@@ -19831,12 +19800,6 @@ snapshots:
       '@epic-web/invariant': 1.0.0
       cross-spawn: 7.0.6
 
-  cross-fetch@3.2.0(encoding@0.1.13):
-    dependencies:
-      node-fetch: 2.7.0(encoding@0.1.13)
-    transitivePeerDependencies:
-      - encoding
-
   cross-spawn@7.0.6:
     dependencies:
       path-key: 3.1.1
@@ -22223,13 +22186,13 @@ snapshots:
 
   neo-async@2.6.2: {}
 
-  next-auth@4.24.12(patch_hash=7ac5717a8d7d2049442182b5d83ab492d33fe774ff51ff5ea3884628b77df87b)(next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(nodemailer@7.0.11)(react-dom@19.2.3(react@19.2.3))(react@19.2.3):
+  next-auth@4.24.12(patch_hash=7ac5717a8d7d2049442182b5d83ab492d33fe774ff51ff5ea3884628b77df87b)(next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(nodemailer@7.0.11)(react-dom@19.2.3(react@19.2.3))(react@19.2.3):
     dependencies:
       '@babel/runtime': 7.28.4
       '@panva/hkdf': 1.2.1
       cookie: 0.7.2
       jose: 4.15.9
-      next: 16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+      next: 16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       oauth: 0.9.15
       openid-client: 5.7.1
       preact: 10.28.2
@@ -22240,9 +22203,9 @@ snapshots:
     optionalDependencies:
       nodemailer: 7.0.11
 
-  next-safe-action@7.10.8(next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(zod@3.24.4):
+  next-safe-action@7.10.8(next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3))(react-dom@19.2.3(react@19.2.3))(react@19.2.3)(zod@3.24.4):
     dependencies:
-      next: 16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+      next: 16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
       react: 19.2.3
       react-dom: 19.2.3(react@19.2.3)
     optionalDependencies:
@@ -22256,7 +22219,7 @@ snapshots:
       postcss: 8.4.31
       react: 19.2.3
       react-dom: 19.2.3(react@19.2.3)
-      styled-jsx: 5.1.6(react@19.2.3)
+      styled-jsx: 5.1.6(@babel/core@7.28.5)(react@19.2.3)
     optionalDependencies:
       '@next/swc-darwin-arm64': 16.0.10
       '@next/swc-darwin-x64': 16.0.10
@@ -22273,7 +22236,7 @@ snapshots:
       - '@babel/core'
       - babel-plugin-macros
 
-  next@16.1.6(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3):
+  next@16.1.6(@babel/core@7.28.5)(@opentelemetry/api@1.9.0)(@playwright/test@1.56.1)(react-dom@19.2.3(react@19.2.3))(react@19.2.3):
     dependencies:
       '@next/env': 16.1.6
       '@swc/helpers': 0.5.15
@@ -22282,7 +22245,7 @@ snapshots:
       postcss: 8.4.31
       react: 19.2.3
       react-dom: 19.2.3(react@19.2.3)
-      styled-jsx: 5.1.6(react@19.2.3)
+      styled-jsx: 5.1.6(@babel/core@7.28.5)(react@19.2.3)
     optionalDependencies:
       '@next/swc-darwin-arm64': 16.1.6
       '@next/swc-darwin-x64': 16.1.6
@@ -22970,8 +22933,6 @@ snapshots:
 
   quick-format-unescaped@4.0.4: {}
 
-  ramda@0.27.2: {}
-
   randombytes@2.1.0:
     dependencies:
       safe-buffer: 5.2.1
@@ -24030,10 +23991,12 @@ snapshots:
 
   stubborn-utils@1.0.2: {}
 
-  styled-jsx@5.1.6(react@19.2.3):
+  styled-jsx@5.1.6(@babel/core@7.28.5)(react@19.2.3):
     dependencies:
       client-only: 0.0.1
       react: 19.2.3
+    optionalDependencies:
+      '@babel/core': 7.28.5
 
   stylis@4.3.6: {}
 
@@ -24541,8 +24504,6 @@ snapshots:
     dependencies:
       punycode: 2.3.1
 
-  url-search-params-polyfill@7.0.1: {}
-
   url-template@2.0.8: {}
 
   use-callback-ref@1.3.3(@types/react@19.2.1)(react@19.2.1):

turbo.json

@@ -156,8 +156,6 @@
         "BREVO_API_KEY",
         "BREVO_LIST_ID",
         "CRON_SECRET",
-        "CUBEJS_API_TOKEN",
-        "CUBEJS_API_URL",
         "DATABASE_URL",
         "DEBUG",
         "E2E_TESTING",