fix: harden Helm release secret lookups (#8119)

Cascade delete in deleteOrganization calls DELETE /v1/tenants/{tenant_id}/data,
which is first available in Hub 0.4.0. Bumps the dev-compose default tag and the
Helm chart digest/tag so deployments don't silently land on the older Hub.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

.cursor/commands/create-question.md

@@ -53,7 +53,7 @@ function {QuestionType}({
 }: {QuestionType}Props): React.JSX.Element {
     // Ensure value is always the correct type (handle undefined/null)
     const currentValue = value ?? {defaultValue};
-
+    
     // Detect text direction from content
     const detectedDir = useTextDirection({
         dir,
@@ -63,11 +63,11 @@ function {QuestionType}({
     return (
         <div className="w-full space-y-4" id={elementId} dir={detectedDir}>
             {/* Headline */}
-            <ElementHeader
-                headline={headline}
-                description={description}
-                required={required}
-                htmlFor={inputId}
+            <ElementHeader 
+                headline={headline} 
+                description={description} 
+                required={required} 
+                htmlFor={inputId} 
             />
 
             {/* Question-specific controls */}

.github/workflows/release-helm-chart.yml

@@ -47,7 +47,7 @@ jobs:
       - name: Set up Helm
         uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
         with:
-          version: latest
+          version: v3.15.4
 
       - name: Log in to GitHub Container Registry
         env:

apps/storybook/package.json

@@ -5,7 +5,6 @@
   "type": "module",
   "scripts": {
     "lint": "eslint . --config .eslintrc.cjs --ext .ts,.tsx --report-unused-disable-directives --max-warnings 0",
-    "typecheck": "tsc --noEmit",
     "preview": "vite preview",
     "storybook": "storybook dev -p 6006",
     "build-storybook": "storybook build",

apps/storybook/src/main.tsx

@@ -1,6 +1,6 @@
 import React from "react";
 import ReactDOM from "react-dom/client";
-import { App } from "./App.tsx";
+import App from "./App.tsx";
 import "./index.css";
 
 ReactDOM.createRoot(document.getElementById("root")!).render(

apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/enterprise/components/EnterpriseLicenseFeaturesTable.tsx

@@ -66,11 +66,6 @@ const getFeatureDefinitions = (t: TFunction): TFeatureDefinition[] => {
       labelKey: t("workspace.settings.general.ai_smart_tools_enabled"),
       docsUrl: "https://formbricks.com/docs/self-hosting/configuration/ai",
     },
-    {
-      key: "aiDataAnalysis",
-      labelKey: t("workspace.settings.general.ai_data_analysis_enabled"),
-      docsUrl: "https://formbricks.com/docs/self-hosting/configuration/ai",
-    },
     {
       key: "auditLogs",
       labelKey: t("workspace.settings.enterprise.license_feature_audit_logs"),

apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/general/actions.test.ts

@@ -57,7 +57,6 @@ describe("organization AI settings actions", () => {
     mocks.getOrganization.mockResolvedValue({
       id: organizationId,
       isAISmartToolsEnabled: false,
-      isAIDataAnalysisEnabled: false,
     });
     mocks.isInstanceAIConfigured.mockReturnValue(true);
     mocks.getTranslate.mockResolvedValue((key: string, values?: Record<string, string>) =>
@@ -66,7 +65,6 @@ describe("organization AI settings actions", () => {
     mocks.updateOrganization.mockResolvedValue({
       id: organizationId,
       isAISmartToolsEnabled: true,
-      isAIDataAnalysisEnabled: false,
     });
     mocks.getIsMultiOrgEnabled.mockResolvedValue(true);
   });
@@ -114,18 +112,15 @@ describe("organization AI settings actions", () => {
       oldObject: {
         id: organizationId,
         isAISmartToolsEnabled: false,
-        isAIDataAnalysisEnabled: false,
       },
       newObject: {
         id: organizationId,
         isAISmartToolsEnabled: true,
-        isAIDataAnalysisEnabled: false,
       },
     });
     expect(result).toEqual({
       id: organizationId,
       isAISmartToolsEnabled: true,
-      isAIDataAnalysisEnabled: false,
     });
   });
 
@@ -194,7 +189,6 @@ describe("organization AI settings actions", () => {
     mocks.getOrganization.mockResolvedValueOnce({
       id: organizationId,
       isAISmartToolsEnabled: true,
-      isAIDataAnalysisEnabled: false,
     });
     mocks.isInstanceAIConfigured.mockReturnValueOnce(false);
 

apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/general/actions.ts

@@ -71,12 +71,11 @@ export const updateOrganizationNameAction = authenticatedActionClient
 
 type TOrganizationAISettings = Pick<
   NonNullable<Awaited<ReturnType<typeof getOrganization>>>,
-  "isAISmartToolsEnabled" | "isAIDataAnalysisEnabled"
+  "isAISmartToolsEnabled"
 >;
 
 type TResolvedOrganizationAISettings = {
   smartToolsEnabled: boolean;
-  dataAnalysisEnabled: boolean;
   isEnablingAnyAISetting: boolean;
 };
 
@@ -90,16 +89,10 @@ const resolveOrganizationAISettings = ({
   const smartToolsEnabled = Object.hasOwn(data, "isAISmartToolsEnabled")
     ? (data.isAISmartToolsEnabled ?? organization.isAISmartToolsEnabled)
     : organization.isAISmartToolsEnabled;
-  const dataAnalysisEnabled = Object.hasOwn(data, "isAIDataAnalysisEnabled")
-    ? (data.isAIDataAnalysisEnabled ?? organization.isAIDataAnalysisEnabled)
-    : organization.isAIDataAnalysisEnabled;
 
   return {
     smartToolsEnabled,
-    dataAnalysisEnabled,
-    isEnablingAnyAISetting:
-      (smartToolsEnabled && !organization.isAISmartToolsEnabled) ||
-      (dataAnalysisEnabled && !organization.isAIDataAnalysisEnabled),
+    isEnablingAnyAISetting: smartToolsEnabled && !organization.isAISmartToolsEnabled,
   };
 };
 

apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/general/components/AISettingsToggle.tsx

@@ -50,29 +50,18 @@ export const AISettingsToggle = ({
     currentValue: organization.isAISmartToolsEnabled,
     isInstanceConfigured: isInstanceAIConfigured,
   });
-  const displayedDataAnalysisValue = getDisplayedOrganizationAISettingValue({
-    currentValue: organization.isAIDataAnalysisEnabled,
-    isInstanceConfigured: isInstanceAIConfigured,
-  });
 
-  const handleToggle = async (
-    field: "isAISmartToolsEnabled" | "isAIDataAnalysisEnabled",
-    checked: boolean
-  ) => {
+  const handleToggle = async (checked: boolean) => {
     if (checked && !aiEnablementState.canEnableFeatures) {
       toast.error(aiEnablementBlockedMessage);
       return;
     }
 
-    setLoadingField(field);
+    setLoadingField("isAISmartToolsEnabled");
     try {
-      const data =
-        field === "isAISmartToolsEnabled"
-          ? { isAISmartToolsEnabled: checked }
-          : { isAIDataAnalysisEnabled: checked };
       const response = await updateOrganizationAISettingsAction({
         organizationId: organization.id,
-        data,
+        data: { isAISmartToolsEnabled: checked },
       });
 
       if (response?.data) {
@@ -122,7 +111,7 @@ export const AISettingsToggle = ({
 
       <AdvancedOptionToggle
         isChecked={displayedSmartToolsValue}
-        onToggle={(checked) => handleToggle("isAISmartToolsEnabled", checked)}
+        onToggle={handleToggle}
         htmlId="ai-smart-tools-toggle"
         title={t("workspace.settings.general.ai_smart_tools_enabled")}
         description={t("workspace.settings.general.ai_smart_tools_enabled_description")}
@@ -130,16 +119,6 @@ export const AISettingsToggle = ({
         customContainerClass="px-0"
       />
 
-      <AdvancedOptionToggle
-        isChecked={displayedDataAnalysisValue}
-        onToggle={(checked) => handleToggle("isAIDataAnalysisEnabled", checked)}
-        htmlId="ai-data-analysis-toggle"
-        title={t("workspace.settings.general.ai_data_analysis_enabled")}
-        description={t("workspace.settings.general.ai_data_analysis_enabled_description")}
-        disabled={isToggleDisabled}
-        customContainerClass="px-0"
-      />
-
       {!canEdit && (
         <Alert variant="warning">
           <AlertDescription>

apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/general/page.tsx

@@ -9,7 +9,6 @@ import {
 import { getUser } from "@/lib/user/service";
 import { getTranslate } from "@/lingodotdev/server";
 import {
-  getIsAIDataAnalysisEnabled,
   getIsAISmartToolsEnabled,
   getIsMultiOrgEnabled,
   getWhiteLabelPermission,
@@ -38,14 +37,11 @@ const Page = async (props: Readonly<{ params: Promise<{ workspaceId: string }> }
 
   const user = session?.user?.id ? await getUser(session.user.id) : null;
 
-  const [isMultiOrgEnabled, hasWhiteLabelPermission, hasAISmartToolsPermission, hasAIDataAnalysisPermission] =
-    await Promise.all([
-      getIsMultiOrgEnabled(),
-      getWhiteLabelPermission(organization.id),
-      getIsAISmartToolsEnabled(organization.id),
-      getIsAIDataAnalysisEnabled(organization.id),
-    ]);
-  const hasAIPermission = hasAISmartToolsPermission || hasAIDataAnalysisPermission;
+  const [isMultiOrgEnabled, hasWhiteLabelPermission, hasAIPermission] = await Promise.all([
+    getIsMultiOrgEnabled(),
+    getWhiteLabelPermission(organization.id),
+    getIsAISmartToolsEnabled(organization.id),
+  ]);
 
   const isDeleteDisabled = !isOwner || !isMultiOrgEnabled;
   const currentUserRole = currentUserMembership?.role;

apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/general/schemas.ts

@@ -4,7 +4,6 @@ import { ZOrganizationUpdateInput } from "@formbricks/types/organizations";
 
 export const ZOrganizationAISettingsInput = ZOrganizationUpdateInput.pick({
   isAISmartToolsEnabled: true,
-  isAIDataAnalysisEnabled: true,
 });
 
 export const ZUpdateOrganizationAISettingsAction = z.object({

apps/web/app/api/client/[workspaceId]/responses/lib/response-error.ts

@@ -1,11 +1,10 @@
 import { Prisma } from "@prisma/client";
-import type { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";
 import { PrismaErrorType } from "@formbricks/database/types/error";
 
-export const isPrismaKnownRequestError = (error: unknown): error is PrismaClientKnownRequestError =>
+export const isPrismaKnownRequestError = (error: unknown): error is Prisma.PrismaClientKnownRequestError =>
   error instanceof Prisma.PrismaClientKnownRequestError;
 
-export const isSingleUseIdUniqueConstraintError = (error: PrismaClientKnownRequestError): boolean => {
+export const isSingleUseIdUniqueConstraintError = (error: Prisma.PrismaClientKnownRequestError): boolean => {
   if (error.code !== PrismaErrorType.UniqueConstraintViolation) {
     return false;
   }

apps/web/app/api/v1/client/[workspaceId]/displays/route.ts

@@ -1,6 +1,7 @@
 import { logger } from "@formbricks/logger";
 import { ZDisplayCreateInput } from "@formbricks/types/displays";
 import { InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -32,7 +33,25 @@ export const POST = withV1ApiWrapper({
     }
     const { workspaceId } = resolved;
 
-    const jsonInput = await req.json();
+    let jsonInput;
+    try {
+      jsonInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
+    } catch (error) {
+      if (error instanceof RequestBodyTooLargeError) {
+        return {
+          response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }, true),
+        };
+      }
+
+      return {
+        response: responses.badRequestResponse(
+          "Malformed JSON input, please check your request body",
+          { error: error instanceof Error ? error.message : "Unknown error occurred" },
+          true
+        ),
+      };
+    }
+
     const inputValidation = ZDisplayCreateInput.safeParse({
       ...jsonInput,
       workspaceId,

apps/web/app/api/v1/client/[workspaceId]/responses/[responseId]/lib/put-response-handler.test.ts

@@ -9,12 +9,12 @@ const mocks = vi.hoisted(() => ({
   getSurvey: vi.fn(),
   getValidatedResponseUpdateInput: vi.fn(),
   loggerError: vi.fn(),
-  resolveClientApiIds: vi.fn(),
   sendToPipeline: vi.fn(),
   updateResponseWithQuotaEvaluation: vi.fn(),
   validateFileUploads: vi.fn(),
   validateOtherOptionLengthForMultipleChoice: vi.fn(),
   validateResponseData: vi.fn(),
+  resolveClientApiIds: vi.fn(),
 }));
 
 vi.mock("@formbricks/logger", () => ({
@@ -128,11 +128,11 @@ describe("putResponseHandler", () => {
     });
     mocks.getResponse.mockResolvedValue(getBaseExistingResponse());
     mocks.getSurvey.mockResolvedValue(getBaseSurvey());
-    mocks.resolveClientApiIds.mockResolvedValue({ workspaceId });
     mocks.updateResponseWithQuotaEvaluation.mockResolvedValue(getBaseUpdatedResponse());
     mocks.validateFileUploads.mockReturnValue(true);
     mocks.validateOtherOptionLengthForMultipleChoice.mockReturnValue(null);
     mocks.validateResponseData.mockReturnValue(null);
+    mocks.resolveClientApiIds.mockResolvedValue({ workspaceId });
   });
 
   test("returns a bad request response when the response id is missing", async () => {
@@ -245,34 +245,6 @@ describe("putResponseHandler", () => {
     });
   });
 
-  test("returns not found when the workspace id cannot be resolved", async () => {
-    mocks.resolveClientApiIds.mockResolvedValue(null);
-
-    const result = await putResponseHandler(createHandlerParams({ workspaceId: "unknown_workspace_or_env" }));
-
-    expect(result.response.status).toBe(404);
-    await expect(result.response.json()).resolves.toEqual({
-      code: "not_found",
-      message: "Workspace not found",
-      details: {
-        resource_id: "unknown_workspace_or_env",
-        resource_type: "Workspace",
-      },
-    });
-    expect(mocks.getResponse).not.toHaveBeenCalled();
-    expect(mocks.updateResponseWithQuotaEvaluation).not.toHaveBeenCalled();
-  });
-
-  test("accepts updates when the route param is a legacy environment id that resolves to the survey workspace", async () => {
-    mocks.resolveClientApiIds.mockResolvedValue({ workspaceId });
-
-    const result = await putResponseHandler(createHandlerParams({ workspaceId: "legacy_environment_id" }));
-
-    expect(mocks.resolveClientApiIds).toHaveBeenCalledWith("legacy_environment_id");
-    expect(result.response.status).toBe(200);
-    expect(mocks.updateResponseWithQuotaEvaluation).toHaveBeenCalledTimes(1);
-  });
-
   test("rejects updates when the response survey does not belong to the requested workspace", async () => {
     mocks.getSurvey.mockResolvedValue({
       ...getBaseSurvey(),

apps/web/app/api/v1/client/[workspaceId]/responses/route.ts

@@ -6,6 +6,7 @@ import { TResponseWithQuotaFull } from "@formbricks/types/quota";
 import { TResponseInput, ZResponseInput } from "@formbricks/types/responses";
 import { TSurvey } from "@formbricks/types/surveys/types";
 import { validateSingleUseResponseInput } from "@/app/api/client/[workspaceId]/responses/lib/single-use";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -56,11 +57,17 @@ export const POST = withV1ApiWrapper({
     const requestHeaders = await headers();
     let responseInput;
     try {
-      responseInput = await req.json();
+      responseInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
     } catch (error) {
+      if (error instanceof RequestBodyTooLargeError) {
+        return {
+          response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }, true),
+        };
+      }
+
       return {
         response: responses.badRequestResponse(
-          "Invalid JSON in request body",
+          "Malformed JSON input, please check your request body",
           { error: error instanceof Error ? error.message : "Unknown error occurred" },
           true
         ),
@@ -211,7 +218,7 @@ export const POST = withV1ApiWrapper({
       response: responseData,
     });
 
-    if (responseInput.finished) {
+    if (responseInputData.finished) {
       await sendToPipeline({
         event: "responseFinished",
         workspaceId,

apps/web/app/api/v1/management/action-classes/[actionClassId]/route.ts

@@ -3,6 +3,7 @@ import { TActionClass, ZActionClassInput } from "@formbricks/types/action-classe
 import { TAuthenticationApiKey } from "@formbricks/types/auth";
 import { handleErrorResponse } from "@/app/api/v1/auth";
 import { resolveBodyIds } from "@/app/api/v1/management/lib/workspace-resolver";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -84,8 +85,14 @@ export const PUT = withV1ApiWrapper({
 
       let actionClassUpdate;
       try {
-        actionClassUpdate = await req.json();
+        actionClassUpdate = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/app/api/v1/management/action-classes/route.ts

@@ -2,6 +2,7 @@ import { logger } from "@formbricks/logger";
 import { TActionClass, ZActionClassInput } from "@formbricks/types/action-classes";
 import { DatabaseError, UniqueConstraintError } from "@formbricks/types/errors";
 import { resolveBodyIds } from "@/app/api/v1/management/lib/workspace-resolver";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -45,8 +46,14 @@ export const POST = withV1ApiWrapper({
     try {
       let actionClassInput;
       try {
-        actionClassInput = await req.json();
+        actionClassInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON input");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/app/api/v1/management/responses/[responseId]/route.ts

@@ -1,6 +1,7 @@
 import { logger } from "@formbricks/logger";
-import { ZResponseUpdateInput } from "@formbricks/types/responses";
+import { TResponseData, ZResponseUpdateInput } from "@formbricks/types/responses";
 import { handleErrorResponse } from "@/app/api/v1/auth";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { TApiV1Authentication, THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -12,6 +13,11 @@ import { hasPermission } from "@/modules/organization/settings/api-keys/lib/util
 import { resolveStorageUrlsInObject, validateFileUploads } from "@/modules/storage/utils";
 import { updateResponseWithQuotaEvaluation } from "./lib/response";
 
+type TUncheckedResponseUpdate = Record<string, unknown> & {
+  data: TResponseData;
+  language?: string;
+};
+
 async function fetchAndAuthorizeResponse(
   responseId: string,
   authentication: TApiV1Authentication | undefined,
@@ -120,10 +126,16 @@ export const PUT = withV1ApiWrapper({
         auditLog.oldObject = result.response;
       }
 
-      let responseUpdate;
+      let responseUpdate: TUncheckedResponseUpdate;
       try {
-        responseUpdate = await req.json();
+        responseUpdate = await parseJsonBodyWithLimit<TUncheckedResponseUpdate>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/app/api/v1/management/responses/route.ts

@@ -2,6 +2,7 @@ import { logger } from "@formbricks/logger";
 import { DatabaseError, InvalidInputError } from "@formbricks/types/errors";
 import { TResponse, TResponseInput, ZResponseInput } from "@formbricks/types/responses";
 import { resolveBodyIds } from "@/app/api/v1/management/lib/workspace-resolver";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -91,8 +92,14 @@ export const POST = withV1ApiWrapper({
     try {
       let jsonInput;
       try {
-        jsonInput = await req.json();
+        jsonInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON input");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/app/api/v1/management/storage/route.ts

@@ -2,6 +2,7 @@ import { logger } from "@formbricks/logger";
 import { ZUploadPublicFileRequest } from "@formbricks/types/storage";
 import { resolveBodyIds } from "@/app/api/v1/management/lib/workspace-resolver";
 import { checkAuth } from "@/app/api/v1/management/storage/lib/utils";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -19,8 +20,14 @@ export const POST = withV1ApiWrapper({
     let storageInput;
 
     try {
-      storageInput = await req.json();
+      storageInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
     } catch (error) {
+      if (error instanceof RequestBodyTooLargeError) {
+        return {
+          response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+        };
+      }
+
       logger.error({ error, url: req.url }, "Error parsing JSON input");
       return {
         response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/app/api/v1/management/surveys/[surveyId]/route.ts

@@ -9,6 +9,7 @@ import {
   addLegacyProjectOverwrites,
   normaliseProjectOverwritesToWorkspace,
 } from "@/app/lib/api/api-backwards-compat";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import {
   transformBlocksToQuestions,
@@ -22,6 +23,12 @@ import { getSurvey, updateSurvey } from "@/lib/survey/service";
 import { hasPermission } from "@/modules/organization/settings/api-keys/lib/utils";
 import { resolveStorageUrlsInObject } from "@/modules/storage/utils";
 
+type TSurveyUpdateBody = Record<string, unknown> & {
+  blocks?: Parameters<typeof validateSurveyInput>[0]["blocks"];
+  endings?: Parameters<typeof transformQuestionsToBlocks>[1];
+  questions?: Parameters<typeof transformQuestionsToBlocks>[0];
+};
+
 const fetchAndAuthorizeSurvey = async (
   surveyId: string,
   authentication: TAuthenticationApiKey,
@@ -164,10 +171,16 @@ export const PUT = withV1ApiWrapper({
         };
       }
 
-      let surveyUpdate;
+      let surveyUpdate: TSurveyUpdateBody;
       try {
-        surveyUpdate = await req.json();
+        surveyUpdate = await parseJsonBodyWithLimit<TSurveyUpdateBody>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON input");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),
@@ -188,7 +201,7 @@ export const PUT = withV1ApiWrapper({
 
       if (hasQuestions) {
         surveyUpdate.blocks = transformQuestionsToBlocks(
-          surveyUpdate.questions,
+          surveyUpdate.questions ?? [],
           surveyUpdate.endings || result.survey.endings
         );
         surveyUpdate.questions = [];
@@ -208,7 +221,11 @@ export const PUT = withV1ApiWrapper({
         };
       }
 
-      const featureCheckResult = await checkFeaturePermissions(surveyUpdate, organization, result.survey);
+      const featureCheckResult = await checkFeaturePermissions(
+        surveyUpdate as Parameters<typeof checkFeaturePermissions>[0],
+        organization,
+        result.survey
+      );
       if (featureCheckResult) {
         return {
           response: featureCheckResult,

apps/web/app/api/v1/management/surveys/lib/utils.test.ts

@@ -51,7 +51,6 @@ const mockOrganization: TOrganization = {
     usageCycleAnchor: new Date(),
   },
   isAISmartToolsEnabled: false,
-  isAIDataAnalysisEnabled: false,
 };
 
 const mockFollowUp: TSurveyCreateInputWithWorkspaceId["followUps"][number] = {

apps/web/app/api/v1/management/surveys/route.ts

@@ -8,6 +8,7 @@ import {
   addLegacyProjectOverwritesToList,
   normaliseProjectOverwritesToWorkspace,
 } from "@/app/lib/api/api-backwards-compat";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import {
   transformBlocksToQuestions,
@@ -84,8 +85,14 @@ export const POST = withV1ApiWrapper({
     try {
       let surveyInput;
       try {
-        surveyInput = await req.json();
+        surveyInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/app/api/v1/webhooks/route.ts

@@ -2,6 +2,7 @@ import { DatabaseError, InvalidInputError } from "@formbricks/types/errors";
 import { resolveBodyIds } from "@/app/api/v1/management/lib/workspace-resolver";
 import { createWebhook, getWebhooks } from "@/app/api/v1/webhooks/lib/webhook";
 import { ZWebhookInput } from "@/app/api/v1/webhooks/types/webhooks";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -40,8 +41,14 @@ export const POST = withV1ApiWrapper({
 
     let webhookInput;
     try {
-      webhookInput = await req.json();
-    } catch {
+      webhookInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
+    } catch (error) {
+      if (error instanceof RequestBodyTooLargeError) {
+        return {
+          response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+        };
+      }
+
       return {
         response: responses.badRequestResponse("Malformed JSON input, please check your request body"),
       };

apps/web/app/api/v3/lib/api-wrapper.test.ts

@@ -2,6 +2,7 @@ import { NextRequest } from "next/server";
 import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
 import { z } from "zod";
 import { TooManyRequestsError } from "@formbricks/types/errors";
+import { DEFAULT_REQUEST_BODY_LIMIT_BYTES } from "@/app/lib/api/request-body";
 import { withV3ApiWrapper } from "./api-wrapper";
 
 const { mockAuthenticateRequest, mockGetServerSession } = vi.hoisted(() => ({

apps/web/app/api/v3/lib/api-wrapper.ts

@@ -4,6 +4,7 @@ import { z } from "zod";
 import { logger } from "@formbricks/logger";
 import { TooManyRequestsError } from "@formbricks/types/errors";
 import { authenticateRequest } from "@/app/api/v1/auth";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { buildAuditLogBaseObject } from "@/app/lib/api/with-api-logging";
 import { getApiKeyFromHeaders } from "@/modules/api/lib/api-key-auth";
 import { authOptions } from "@/modules/auth/lib/authOptions";
@@ -16,6 +17,7 @@ import {
   type InvalidParam,
   problemBadRequest,
   problemInternalError,
+  problemPayloadTooLarge,
   problemTooManyRequests,
   problemUnauthorized,
 } from "./response";
@@ -170,8 +172,15 @@ async function parseV3Input<S extends TV3Schemas | undefined, TProps>(
     let bodyData: unknown;
 
     try {
-      bodyData = await req.json();
-    } catch {
+      bodyData = await parseJsonBodyWithLimit(req);
+    } catch (error) {
+      if (error instanceof RequestBodyTooLargeError) {
+        return {
+          ok: false,
+          response: problemPayloadTooLarge(requestId, error.message, instance),
+        };
+      }
+
       return {
         ok: false,
         response: problemBadRequest(requestId, "Invalid request body", {

apps/web/app/api/v3/lib/response.ts

@@ -71,6 +71,17 @@ export function problemBadRequest(
   });
 }
 
+export function problemPayloadTooLarge(
+  requestId: string,
+  detail: string = "Payload Too Large",
+  instance?: string
+): Response {
+  return problemResponse(413, "Payload Too Large", detail, requestId, {
+    code: "payload_too_large",
+    instance,
+  });
+}
+
 export function problemUnauthorized(
   requestId: string,
   detail: string = "Not authenticated",

apps/web/app/lib/api/parse-and-validate-json-body.test.ts

@@ -1,6 +1,7 @@
 import { describe, expect, test } from "vitest";
 import { z } from "zod";
 import { parseAndValidateJsonBody } from "./parse-and-validate-json-body";
+import { DEFAULT_REQUEST_BODY_LIMIT_BYTES } from "./request-body";
 
 describe("parseAndValidateJsonBody", () => {
   test("returns a malformed JSON response when request parsing fails", async () => {

apps/web/app/lib/api/parse-and-validate-json-body.ts

@@ -1,8 +1,9 @@
 import { z } from "zod";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 
-type TJsonBodyValidationIssue = "invalid_json" | "invalid_body";
+type TJsonBodyValidationIssue = "invalid_json" | "invalid_body" | "payload_too_large";
 
 type TJsonBodyValidationError = {
   details: Record<string, string> | { error: string };
@@ -44,10 +45,18 @@ export const parseAndValidateJsonBody = async <TSchema extends z.ZodTypeAny>({
   let jsonInput: unknown;
 
   try {
-    jsonInput = await request.json();
+    jsonInput = await parseJsonBodyWithLimit(request);
   } catch (error) {
     const details = { error: getErrorMessage(error) };
 
+    if (error instanceof RequestBodyTooLargeError) {
+      return {
+        details,
+        issue: "payload_too_large",
+        response: responses.payloadTooLargeResponse("Payload Too Large", details, true),
+      };
+    }
+
     return {
       details,
       issue: "invalid_json",

apps/web/app/lib/api/request-body.ts

@@ -0,0 +1,90 @@
+export const DEFAULT_REQUEST_BODY_LIMIT_BYTES = 2 * 1024 * 1024;
+
+export class RequestBodyTooLargeError extends Error {
+  readonly actualBytes: number | null;
+  readonly limitBytes: number;
+
+  constructor(limitBytes: number, actualBytes: number | null = null) {
+    super(`Request body must not exceed ${limitBytes} bytes`);
+    this.name = "RequestBodyTooLargeError";
+    this.limitBytes = limitBytes;
+    this.actualBytes = actualBytes;
+  }
+}
+
+const textDecoder = new TextDecoder();
+
+const getContentLength = (headers: Headers): number | null => {
+  const contentLength = headers.get("content-length");
+  if (!contentLength) {
+    return null;
+  }
+
+  const parsedContentLength = Number(contentLength);
+  if (!Number.isSafeInteger(parsedContentLength) || parsedContentLength < 0) {
+    return null;
+  }
+
+  return parsedContentLength;
+};
+
+const assertBodySize = (actualBytes: number, limitBytes: number): void => {
+  if (actualBytes > limitBytes) {
+    throw new RequestBodyTooLargeError(limitBytes, actualBytes);
+  }
+};
+
+export const readRequestBodyWithLimit = async (
+  request: Request,
+  limitBytes: number = DEFAULT_REQUEST_BODY_LIMIT_BYTES
+): Promise<string> => {
+  const contentLength = getContentLength(request.headers);
+  if (contentLength !== null) {
+    assertBodySize(contentLength, limitBytes);
+  }
+
+  if (!request.body) {
+    return "";
+  }
+
+  const reader = request.body.getReader();
+  const chunks: Uint8Array[] = [];
+  let receivedBytes = 0;
+
+  while (true) {
+    const { done, value } = await reader.read();
+    if (done) {
+      break;
+    }
+
+    receivedBytes += value.byteLength;
+    if (receivedBytes > limitBytes) {
+      await reader.cancel().catch(() => undefined);
+      throw new RequestBodyTooLargeError(limitBytes, receivedBytes);
+    }
+
+    chunks.push(value);
+  }
+
+  if (chunks.length === 0) {
+    return "";
+  }
+
+  if (chunks.length === 1) {
+    return textDecoder.decode(chunks[0]);
+  }
+
+  const body = new Uint8Array(receivedBytes);
+  let offset = 0;
+  for (const chunk of chunks) {
+    body.set(chunk, offset);
+    offset += chunk.byteLength;
+  }
+
+  return textDecoder.decode(body);
+};
+
+export const parseJsonBodyWithLimit = async <TJson = unknown>(
+  request: Request,
+  limitBytes: number = DEFAULT_REQUEST_BODY_LIMIT_BYTES
+): Promise<TJson> => JSON.parse(await readRequestBodyWithLimit(request, limitBytes)) as TJson;

apps/web/app/lib/api/response.ts

@@ -17,7 +17,8 @@ interface ApiErrorResponse {
     | "not_authenticated"
     | "forbidden"
     | "too_many_requests"
-    | "conflict";
+    | "conflict"
+    | "payload_too_large";
   message: string;
   details: {
     [key: string]: string | string[] | number | number[] | boolean | boolean[];
@@ -80,6 +81,30 @@ const badRequestResponse = (
   );
 };
 
+const payloadTooLargeResponse = (
+  message: string = "Payload Too Large",
+  details: ApiErrorResponse["details"] = {},
+  cors: boolean = false,
+  cache: string = "private, no-store"
+) => {
+  const headers = {
+    ...(cors && corsHeaders),
+    "Cache-Control": cache,
+  };
+
+  return Response.json(
+    {
+      code: "payload_too_large",
+      message,
+      details,
+    },
+    {
+      status: 413,
+      headers,
+    }
+  );
+};
+
 const methodNotAllowedResponse = (
   res: CustomNextApiResponse,
   allowedMethods: string[],
@@ -294,6 +319,7 @@ export const responses = {
   unauthorizedResponse,
   notFoundResponse,
   successResponse,
+  payloadTooLargeResponse,
   tooManyRequestsResponse,
   forbiddenResponse,
   conflictResponse,

apps/web/lib/ai/service.test.ts

@@ -3,7 +3,6 @@ import { OperationNotAllowedError, ResourceNotFoundError } from "@formbricks/typ
 import {
   assertOrganizationAIConfigured,
   generateOrganizationAIText,
-  getAIDataAnalysisUnavailableReason,
   getAISmartToolsUnavailableReason,
   getOrganizationAIConfig,
   isInstanceAIConfigured,
@@ -13,7 +12,6 @@ const mocks = vi.hoisted(() => ({
   generateText: vi.fn(),
   isAiConfigured: vi.fn(),
   getOrganization: vi.fn(),
-  getIsAIDataAnalysisEnabled: vi.fn(),
   getIsAISmartToolsEnabled: vi.fn(),
   loggerError: vi.fn(),
 }));
@@ -63,7 +61,6 @@ vi.mock("@/lib/organization/service", () => ({
 }));
 
 vi.mock("@/modules/ee/license-check/lib/utils", () => ({
-  getIsAIDataAnalysisEnabled: mocks.getIsAIDataAnalysisEnabled,
   getIsAISmartToolsEnabled: mocks.getIsAISmartToolsEnabled,
 }));
 
@@ -75,10 +72,8 @@ describe("AI organization service", () => {
     mocks.getOrganization.mockResolvedValue({
       id: "org_1",
       isAISmartToolsEnabled: true,
-      isAIDataAnalysisEnabled: false,
     });
     mocks.getIsAISmartToolsEnabled.mockResolvedValue(true);
-    mocks.getIsAIDataAnalysisEnabled.mockResolvedValue(true);
   });
 
   test("returns the instance AI status and organization settings", async () => {
@@ -89,9 +84,7 @@ describe("AI organization service", () => {
     expect(result).toMatchObject({
       organizationId: "org_1",
       isAISmartToolsEnabled: true,
-      isAIDataAnalysisEnabled: false,
       isAISmartToolsEntitled: true,
-      isAIDataAnalysisEntitled: true,
       isInstanceConfigured: true,
     });
   });
@@ -105,29 +98,22 @@ describe("AI organization service", () => {
   test("fails closed when the organization is not entitled to AI", async () => {
     mocks.getIsAISmartToolsEnabled.mockResolvedValueOnce(false);
 
-    await expect(assertOrganizationAIConfigured("org_1", "smartTools")).rejects.toThrow(
-      OperationNotAllowedError
-    );
+    await expect(assertOrganizationAIConfigured("org_1")).rejects.toThrow(OperationNotAllowedError);
   });
 
   test("fails closed when the requested AI capability is disabled", async () => {
     mocks.getOrganization.mockResolvedValueOnce({
       id: "org_1",
       isAISmartToolsEnabled: false,
-      isAIDataAnalysisEnabled: true,
     });
 
-    await expect(assertOrganizationAIConfigured("org_1", "smartTools")).rejects.toThrow(
-      OperationNotAllowedError
-    );
+    await expect(assertOrganizationAIConfigured("org_1")).rejects.toThrow(OperationNotAllowedError);
   });
 
   test("fails closed when the instance AI configuration is incomplete", async () => {
     mocks.isAiConfigured.mockReturnValueOnce(false);
 
-    await expect(assertOrganizationAIConfigured("org_1", "smartTools")).rejects.toThrow(
-      OperationNotAllowedError
-    );
+    await expect(assertOrganizationAIConfigured("org_1")).rejects.toThrow(OperationNotAllowedError);
   });
 
   test("generates organization AI text with the configured package abstraction", async () => {
@@ -136,7 +122,6 @@ describe("AI organization service", () => {
 
     const result = await generateOrganizationAIText({
       organizationId: "org_1",
-      capability: "smartTools",
       prompt: "Translate this survey",
     });
 
@@ -160,14 +145,12 @@ describe("AI organization service", () => {
     await expect(
       generateOrganizationAIText({
         organizationId: "org_1",
-        capability: "smartTools",
         prompt: "Translate this survey",
       })
     ).rejects.toThrow(modelError);
     expect(mocks.loggerError).toHaveBeenCalledWith(
       {
         organizationId: "org_1",
-        capability: "smartTools",
         isInstanceConfigured: true,
         errorCode: undefined,
         err: modelError,
@@ -176,46 +159,11 @@ describe("AI organization service", () => {
     );
   });
 
-  describe("getAIDataAnalysisUnavailableReason", () => {
-    const baseConfig = {
-      organizationId: "org_1",
-      isAISmartToolsEntitled: true,
-      isAISmartToolsEnabled: true,
-      isAIDataAnalysisEntitled: true,
-      isAIDataAnalysisEnabled: true,
-      isInstanceConfigured: true,
-    };
-
-    test("returns undefined when all checks pass", () => {
-      expect(getAIDataAnalysisUnavailableReason(baseConfig)).toBeUndefined();
-    });
-
-    test("returns not_in_plan when not entitled", () => {
-      expect(getAIDataAnalysisUnavailableReason({ ...baseConfig, isAIDataAnalysisEntitled: false })).toBe(
-        "not_in_plan"
-      );
-    });
-
-    test("returns not_enabled when disabled at org level", () => {
-      expect(getAIDataAnalysisUnavailableReason({ ...baseConfig, isAIDataAnalysisEnabled: false })).toBe(
-        "not_enabled"
-      );
-    });
-
-    test("returns instance_not_configured when instance AI is missing", () => {
-      expect(getAIDataAnalysisUnavailableReason({ ...baseConfig, isInstanceConfigured: false })).toBe(
-        "instance_not_configured"
-      );
-    });
-  });
-
   describe("getAISmartToolsUnavailableReason", () => {
     const baseConfig = {
       organizationId: "org_1",
       isAISmartToolsEntitled: true,
       isAISmartToolsEnabled: true,
-      isAIDataAnalysisEntitled: true,
-      isAIDataAnalysisEnabled: true,
       isInstanceConfigured: true,
     };
 
@@ -240,15 +188,5 @@ describe("AI organization service", () => {
         "instance_not_configured"
       );
     });
-
-    test("ignores data-analysis flags (smart tools is independent of data analysis state)", () => {
-      expect(
-        getAISmartToolsUnavailableReason({
-          ...baseConfig,
-          isAIDataAnalysisEntitled: false,
-          isAIDataAnalysisEnabled: false,
-        })
-      ).toBeUndefined();
-    });
   });
 });

apps/web/lib/ai/service.ts

@@ -4,12 +4,11 @@ import { logger } from "@formbricks/logger";
 import { OperationNotAllowedError, ResourceNotFoundError } from "@formbricks/types/errors";
 import { env } from "@/lib/env";
 import { getOrganization } from "@/lib/organization/service";
-import { getIsAIDataAnalysisEnabled, getIsAISmartToolsEnabled } from "@/modules/ee/license-check/lib/utils";
+import { getIsAISmartToolsEnabled } from "@/modules/ee/license-check/lib/utils";
 
 export const AI_ERROR_CODES = {
   FEATURES_NOT_ENABLED: "ai_features_not_enabled",
   SMART_TOOLS_DISABLED: "ai_smart_tools_disabled",
-  DATA_ANALYSIS_DISABLED: "ai_data_analysis_disabled",
   INSTANCE_NOT_CONFIGURED: "ai_instance_not_configured",
 } as const;
 
@@ -18,9 +17,7 @@ export type TAIErrorCode = (typeof AI_ERROR_CODES)[keyof typeof AI_ERROR_CODES];
 export interface TOrganizationAIConfig {
   organizationId: string;
   isAISmartToolsEnabled: boolean;
-  isAIDataAnalysisEnabled: boolean;
   isAISmartToolsEntitled: boolean;
-  isAIDataAnalysisEntitled: boolean;
   isInstanceConfigured: boolean;
 }
 
@@ -33,32 +30,18 @@ export const getOrganizationAIConfig = async (organizationId: string): Promise<T
     throw new ResourceNotFoundError("Organization", organizationId);
   }
 
-  const [isAISmartToolsEntitled, isAIDataAnalysisEntitled] = await Promise.all([
-    getIsAISmartToolsEnabled(organizationId),
-    getIsAIDataAnalysisEnabled(organizationId),
-  ]);
+  const isAISmartToolsEntitled = await getIsAISmartToolsEnabled(organizationId);
 
   return {
     organizationId,
     isAISmartToolsEnabled: organization.isAISmartToolsEnabled,
-    isAIDataAnalysisEnabled: organization.isAIDataAnalysisEnabled,
     isAISmartToolsEntitled,
-    isAIDataAnalysisEntitled,
     isInstanceConfigured: isInstanceAIConfigured(),
   };
 };
 
 export type TAIUnavailableReason = "not_in_plan" | "not_enabled" | "instance_not_configured";
 
-export const getAIDataAnalysisUnavailableReason = (
-  aiConfig: TOrganizationAIConfig
-): TAIUnavailableReason | undefined => {
-  if (!aiConfig.isAIDataAnalysisEntitled) return "not_in_plan";
-  if (!aiConfig.isAIDataAnalysisEnabled) return "not_enabled";
-  if (!aiConfig.isInstanceConfigured) return "instance_not_configured";
-  return undefined;
-};
-
 export const getAISmartToolsUnavailableReason = (
   aiConfig: TOrganizationAIConfig
 ): TAIUnavailableReason | undefined => {
@@ -69,25 +52,18 @@ export const getAISmartToolsUnavailableReason = (
 };
 
 export const assertOrganizationAIConfigured = async (
-  organizationId: string,
-  capability: "smartTools" | "dataAnalysis"
+  organizationId: string
 ): Promise<TOrganizationAIConfig> => {
   const aiConfig = await getOrganizationAIConfig(organizationId);
-  const isCapabilityEntitled =
-    capability === "smartTools" ? aiConfig.isAISmartToolsEntitled : aiConfig.isAIDataAnalysisEntitled;
 
-  if (!isCapabilityEntitled) {
+  if (!aiConfig.isAISmartToolsEntitled) {
     throw new OperationNotAllowedError(AI_ERROR_CODES.FEATURES_NOT_ENABLED);
   }
 
-  if (capability === "smartTools" && !aiConfig.isAISmartToolsEnabled) {
+  if (!aiConfig.isAISmartToolsEnabled) {
     throw new OperationNotAllowedError(AI_ERROR_CODES.SMART_TOOLS_DISABLED);
   }
 
-  if (capability === "dataAnalysis" && !aiConfig.isAIDataAnalysisEnabled) {
-    throw new OperationNotAllowedError(AI_ERROR_CODES.DATA_ANALYSIS_DISABLED);
-  }
-
   if (!aiConfig.isInstanceConfigured) {
     throw new OperationNotAllowedError(AI_ERROR_CODES.INSTANCE_NOT_CONFIGURED);
   }
@@ -97,15 +73,13 @@ export const assertOrganizationAIConfigured = async (
 
 type TGenerateOrganizationAITextInput = {
   organizationId: string;
-  capability: "smartTools" | "dataAnalysis";
 } & Parameters<typeof generateText>[0];
 
 export const generateOrganizationAIText = async ({
   organizationId,
-  capability,
   ...options
 }: TGenerateOrganizationAITextInput): Promise<Awaited<ReturnType<typeof generateText>>> => {
-  const aiConfig = await assertOrganizationAIConfigured(organizationId, capability);
+  const aiConfig = await assertOrganizationAIConfigured(organizationId);
 
   try {
     return await generateText(options, env);
@@ -113,7 +87,6 @@ export const generateOrganizationAIText = async ({
     logger.error(
       {
         organizationId,
-        capability,
         isInstanceConfigured: aiConfig.isInstanceConfigured,
         errorCode: error instanceof AIConfigurationError ? error.code : undefined,
         err: error,

apps/web/lib/connector/service.ts

@@ -1,6 +1,5 @@
 import "server-only";
 import { Prisma } from "@prisma/client";
-import type { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";
 import { cache as reactCache } from "react";
 import { prisma } from "@formbricks/database";
 import { PrismaErrorType } from "@formbricks/database/types/error";
@@ -213,7 +212,7 @@ export const deleteConnector = async (connectorId: string, workspaceId: string):
 
 // -- Composite functions --
 
-const mapUniqueConstraintError = (error: PrismaClientKnownRequestError): InvalidInputError => {
+const mapUniqueConstraintError = (error: Prisma.PrismaClientKnownRequestError): InvalidInputError => {
   const target = error.meta?.target;
   const targetFields = Array.isArray(target) ? (target as string[]) : [];
   if (targetFields.includes("elementId") || targetFields.includes("surveyId")) {

apps/web/lib/organization/auth.test.ts

@@ -38,7 +38,6 @@ describe("auth", () => {
             usageCycleAnchor: new Date(),
           },
           isAISmartToolsEnabled: false,
-          isAIDataAnalysisEnabled: false,
         },
       ];
       vi.mocked(getOrganizationsByUserId).mockResolvedValue(mockOrganizations);

apps/web/lib/organization/service.test.ts

@@ -46,6 +46,13 @@ vi.mock("@/modules/ee/billing/lib/organization-billing", () => ({
   cleanupStripeCustomer: vi.fn().mockResolvedValue(undefined),
 }));
 
+vi.mock("@/modules/hub/service", () => ({
+  deleteHubTenantData: vi.fn().mockResolvedValue({
+    data: { deletedFeedbackRecords: 0, deletedEmbeddings: 0, deletedWebhooks: 0 },
+    error: null,
+  }),
+}));
+
 describe("Organization Service", () => {
   beforeEach(() => {
     vi.mocked(ensureCloudStripeSetupForOrganization).mockResolvedValue(undefined);
@@ -73,7 +80,6 @@ describe("Organization Service", () => {
           usageCycleAnchor: new Date(),
         },
         isAISmartToolsEnabled: false,
-        isAIDataAnalysisEnabled: false,
         whitelabel: false,
       };
 
@@ -126,7 +132,6 @@ describe("Organization Service", () => {
             usageCycleAnchor: new Date(),
           },
           isAISmartToolsEnabled: false,
-          isAIDataAnalysisEnabled: false,
           whitelabel: false,
         },
       ];
@@ -179,7 +184,6 @@ describe("Organization Service", () => {
         updatedAt: new Date(),
         billing: expectedBilling,
         isAISmartToolsEnabled: false,
-        isAIDataAnalysisEnabled: false,
         whitelabel: false,
       };
 
@@ -239,7 +243,6 @@ describe("Organization Service", () => {
           usageCycleAnchor: new Date(),
         },
         isAISmartToolsEnabled: false,
-        isAIDataAnalysisEnabled: false,
         whitelabel: false,
         memberships: [{ userId: "user1" }, { userId: "user2" }],
         workspaces: [
@@ -281,7 +284,6 @@ describe("Organization Service", () => {
           usageCycleAnchor: expect.any(Date),
         },
         isAISmartToolsEnabled: false,
-        isAIDataAnalysisEnabled: false,
         whitelabel: false,
       });
       expect(prisma.organization.update).toHaveBeenCalledWith({
@@ -355,6 +357,7 @@ describe("Organization Service", () => {
         billing: { stripeCustomerId: "cus_123" },
         memberships: [],
         workspaces: [],
+        feedbackDirectories: [],
       } as any);
 
       await deleteOrganization("org1");
@@ -363,5 +366,23 @@ describe("Organization Service", () => {
         expect(cleanupStripeCustomer).toHaveBeenCalledWith("cus_123");
       }
     });
+
+    test("should purge Hub-owned data for each feedback directory", async () => {
+      const { deleteHubTenantData } = await import("@/modules/hub/service");
+      vi.mocked(prisma.organization.delete).mockResolvedValue({
+        id: "org1",
+        name: "Test Org",
+        billing: null,
+        memberships: [],
+        workspaces: [],
+        feedbackDirectories: [{ id: "frd_1" }, { id: "frd_2" }],
+      } as any);
+
+      await deleteOrganization("org1");
+
+      expect(deleteHubTenantData).toHaveBeenCalledTimes(2);
+      expect(deleteHubTenantData).toHaveBeenCalledWith("frd_1");
+      expect(deleteHubTenantData).toHaveBeenCalledWith("frd_2");
+    });
   });
 });

apps/web/lib/organization/service.ts

@@ -19,6 +19,7 @@ import { updateUser } from "@/lib/user/service";
 import { getBillingUsageCycleWindow } from "@/lib/utils/billing";
 import { getWorkspaces } from "@/lib/workspace/service";
 import { cleanupStripeCustomer } from "@/modules/ee/billing/lib/organization-billing";
+import { deleteHubTenantData } from "@/modules/hub/service";
 import { validateInputs } from "../utils/validate";
 
 export const select = {
@@ -35,7 +36,6 @@ export const select = {
     },
   },
   isAISmartToolsEnabled: true,
-  isAIDataAnalysisEnabled: true,
   whitelabel: true,
 } satisfies Prisma.OrganizationSelect;
 
@@ -74,7 +74,6 @@ const mapOrganization = (organization: TOrganizationWithBilling): TOrganization
   name: organization.name,
   billing: mapOrganizationBilling(organization.billing),
   isAISmartToolsEnabled: organization.isAISmartToolsEnabled,
-  isAIDataAnalysisEnabled: organization.isAIDataAnalysisEnabled,
   whitelabel: organization.whitelabel as TOrganization["whitelabel"],
 });
 
@@ -294,6 +293,11 @@ export const deleteOrganization = async (organizationId: string) => {
             id: true,
           },
         },
+        feedbackDirectories: {
+          select: {
+            id: true,
+          },
+        },
       },
     });
 
@@ -301,6 +305,13 @@ export const deleteOrganization = async (organizationId: string) => {
     if (IS_FORMBRICKS_CLOUD && stripeCustomerId) {
       await cleanupStripeCustomer(stripeCustomerId);
     }
+
+    // Best-effort: purge Hub-owned data (feedback records, embeddings, webhooks) for each
+    // directory tenant. Failures are logged inside the gateway and do not roll back the
+    // local delete.
+    for (const directory of deletedOrganization.feedbackDirectories) {
+      await deleteHubTenantData(directory.id);
+    }
   } catch (error) {
     if (error instanceof Prisma.PrismaClientKnownRequestError) {
       throw new DatabaseError(error.message);

apps/web/lib/survey/__mock__/survey.mock.ts

@@ -228,7 +228,6 @@ export const mockOrganizationOutput: TOrganization = {
   createdAt: currentDate,
   updatedAt: currentDate,
   isAISmartToolsEnabled: false,
-  isAIDataAnalysisEnabled: false,
   billing: {
     stripeCustomerId: null,
     limits: {

apps/web/lib/user/service.test.ts

@@ -67,7 +67,6 @@ describe("User Service", () => {
         usageCycleAnchor: new Date(),
       },
       isAISmartToolsEnabled: false,
-      isAIDataAnalysisEnabled: false,
     },
     {
       id: "org2",
@@ -85,7 +84,6 @@ describe("User Service", () => {
         usageCycleAnchor: new Date(),
       },
       isAISmartToolsEnabled: false,
-      isAIDataAnalysisEnabled: false,
     },
   ];
 

apps/web/lib/utils/action-client/index.test.ts

@@ -18,6 +18,7 @@ import {
   ValidationError,
   isExpectedError,
 } from "@formbricks/types/errors";
+import { RequestBodyTooLargeError } from "@/app/lib/api/request-body";
 
 // Mock Sentry
 vi.mock("@sentry/nextjs", () => ({
@@ -78,6 +79,7 @@ describe("isExpectedError (shared helper)", () => {
       "TooManyRequestsError",
       "InvalidPasswordResetTokenError",
       "UniqueConstraintError",
+      "RequestBodyTooLargeError",
     ];
 
     expect(EXPECTED_ERROR_NAMES.size).toBe(expected.length);
@@ -97,6 +99,7 @@ describe("isExpectedError (shared helper)", () => {
     { ErrorClass: QueryExecutionError, args: ["Cube query failed. Details: connect ECONNREFUSED"] },
     { ErrorClass: InvalidPasswordResetTokenError, args: [INVALID_PASSWORD_RESET_TOKEN_ERROR_CODE] },
     { ErrorClass: UniqueConstraintError, args: ["Already exists"] },
+    { ErrorClass: RequestBodyTooLargeError, args: [2 * 1024 * 1024] },
   ])("returns true for $ErrorClass.name", ({ ErrorClass, args }) => {
     const error = new (ErrorClass as any)(...args);
     expect(isExpectedError(error)).toBe(true);

apps/web/lib/utils/file-conversion.test.ts

@@ -38,50 +38,6 @@ describe("convertToCsv", () => {
 
     parseSpy.mockRestore();
   });
-
-  test("should defang formula injection payloads in cell values", async () => {
-    const payloads = [
-      '=HYPERLINK("https://evil.tld","Click")',
-      "+1+1",
-      "-2+3",
-      "@SUM(A1:A2)",
-      "\tleading-tab",
-      "\rleading-cr",
-    ];
-    const rows = payloads.map((p) => ({ name: p, age: 0 }));
-    const csv = await convertToCsv(["name", "age"], rows);
-    const lines = csv.trim().split("\n").slice(1); // drop header
-    payloads.forEach((p, i) => {
-      // each value should be prefixed with a single quote so the spreadsheet
-      // app treats it as text rather than a formula
-      expect(lines[i].startsWith(`"'${p.charAt(0)}`)).toBe(true);
-    });
-  });
-
-  test("should defang formula injection in field/header names", async () => {
-    const csv = await convertToCsv(["=evil", "age"], [{ "=evil": "x", age: 1 }]);
-    const lines = csv.trim().split("\n");
-    expect(lines[0]).toBe('"\'=evil","age"');
-    expect(lines[1]).toBe('"x",1');
-  });
-
-  test("should not alter benign strings", async () => {
-    const csv = await convertToCsv(["name"], [{ name: "Alice = Bob" }]);
-    const lines = csv.trim().split("\n");
-    expect(lines[1]).toBe('"Alice = Bob"');
-  });
-
-  test("should preserve distinct columns whose labels collide after sanitization", async () => {
-    // "=field" and "'=field" both render as "'=field" once defanged, but the
-    // underlying row keys must stay distinct so neither cell is dropped.
-    const csv = await convertToCsv(
-      ["=field", "'=field"],
-      [{ "=field": "a", "'=field": "b" }]
-    );
-    const lines = csv.trim().split("\n");
-    expect(lines[0]).toBe('"\'=field","\'=field"');
-    expect(lines[1]).toBe('"a","b"');
-  });
 });
 
 describe("convertToXlsxBuffer", () => {
@@ -104,54 +60,4 @@ describe("convertToXlsxBuffer", () => {
     const cleaned = raw.map(({ __rowNum__, ...rest }) => rest);
     expect(cleaned).toEqual(data);
   });
-
-  test("should defang formula injection payloads in xlsx cells", () => {
-    const payloads = [
-      '=HYPERLINK("https://evil.tld","Click")',
-      "+1+1",
-      "-2+3",
-      "@SUM(A1:A2)",
-      "\tleading-tab",
-      "\rleading-cr",
-    ];
-    const rows = payloads.map((p) => ({ name: p }));
-    const buffer = convertToXlsxBuffer(["name"], rows);
-    const wb = xlsx.read(buffer, { type: "buffer" });
-    const sheet = wb.Sheets["Sheet1"];
-    payloads.forEach((p, i) => {
-      const cell = sheet[`A${i + 2}`]; // row 1 is header
-      // value stored as plain text, not as a formula (no `f` property)
-      expect(cell.f).toBeUndefined();
-      expect(cell.v).toBe(`'${p}`);
-    });
-  });
-
-  test("should defang formula injection in xlsx header names", () => {
-    const buffer = convertToXlsxBuffer(["=evil", "name"], [{ "=evil": "x", name: "Alice" }]);
-    const wb = xlsx.read(buffer, { type: "buffer" });
-    const sheet = wb.Sheets["Sheet1"];
-    const headerCell = sheet["A1"];
-    expect(headerCell.f).toBeUndefined();
-    expect(headerCell.v).toBe("'=evil");
-    // benign header untouched
-    expect(sheet["B1"].v).toBe("name");
-    // data row mapped via original key
-    expect(sheet["A2"].v).toBe("x");
-    expect(sheet["B2"].v).toBe("Alice");
-  });
-
-  test("should preserve distinct xlsx columns whose labels collide after sanitization", () => {
-    // Original keys "=field" and "'=field" both render as "'=field"; ensure
-    // both cells survive instead of one overwriting the other.
-    const buffer = convertToXlsxBuffer(
-      ["=field", "'=field"],
-      [{ "=field": "a", "'=field": "b" }]
-    );
-    const wb = xlsx.read(buffer, { type: "buffer" });
-    const sheet = wb.Sheets["Sheet1"];
-    expect(sheet["A1"].v).toBe("'=field");
-    expect(sheet["B1"].v).toBe("'=field");
-    expect(sheet["A2"].v).toBe("a");
-    expect(sheet["B2"].v).toBe("b");
-  });
 });

apps/web/locales/de-DE.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Workspaces, denen Zugriff gewährt wird"
       },
       "general": {
-        "ai_data_analysis_enabled": "Datenanreicherung & -analyse (KI)",
-        "ai_data_analysis_enabled_description": "KI nutzen, um mehr aus deinen Daten herauszuholen – richte Dashboards, Diagramme, Berichte und mehr ein. Greift auf deine Erfahrungsdaten zu.",
         "ai_enabled": "Formbricks KI",
         "ai_enabled_description": "Verwalte KI-gestützte Funktionen für diese Organisation.",
         "ai_instance_not_configured": "KI wird auf Instanzebene über Umgebungsvariablen konfiguriert. Bitte deine:n Administrator:in, AI_PROVIDER, AI_MODEL und die passenden Provider-Zugangsdaten zu setzen, bevor du KI-Funktionen aktivierst.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "„Umfrage geschlossen“-Nachricht anpassen",
         "adjust_survey_closed_message_description": "Ändere die Nachricht, die Besucher sehen, wenn die Umfrage geschlossen ist.",
         "adjust_theme_in_look_and_feel_settings": "Passe das Theme in den <lookFeelLink>Look & Feel</lookFeelLink> Einstellungen an.",
-        "ai_data_analysis_disabled": "KI-Datenanalyse ist für diese Organisation deaktiviert.",
         "ai_features_not_enabled": "KI-Funktionen sind für diese Organisation nicht aktiviert.",
         "ai_instance_not_configured": "KI ist nicht konfiguriert. Kontaktiere deinen Administrator.",
         "ai_smart_tools_disabled": "KI-Smart-Tools sind für diese Organisation deaktiviert.",

apps/web/locales/en-US.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Workspaces being granted access"
       },
       "general": {
-        "ai_data_analysis_enabled": "Data enrichment & analysis (AI)",
-        "ai_data_analysis_enabled_description": "AI to get more out of your data, setup dashboards, charts, reports and more. Touches your experience data.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "Manage AI-powered features for this organization.",
         "ai_instance_not_configured": "AI is configured at the instance level via environment variables. Ask your administrator to set AI_PROVIDER, AI_MODEL, and the matching provider credentials before enabling AI features.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Adjust “Survey Closed” message",
         "adjust_survey_closed_message_description": "Change the message visitors see when the survey is closed.",
         "adjust_theme_in_look_and_feel_settings": "Adjust the theme in the <lookFeelLink>Look & Feel</lookFeelLink> Settings.",
-        "ai_data_analysis_disabled": "AI data analysis is disabled for this organization.",
         "ai_features_not_enabled": "AI features are not enabled for this organization.",
         "ai_instance_not_configured": "AI is not configured. Contact your administrator.",
         "ai_smart_tools_disabled": "AI smart tools are disabled for this organization.",

apps/web/locales/es-ES.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Espacios de trabajo a los que se concede acceso"
       },
       "general": {
-        "ai_data_analysis_enabled": "Enriquecimiento y análisis de datos (IA)",
-        "ai_data_analysis_enabled_description": "IA para sacar más partido a tus datos, configurar paneles, gráficos, informes y más. Accede a los datos de experiencia.",
         "ai_enabled": "IA de Formbricks",
         "ai_enabled_description": "Gestiona las funciones impulsadas por IA para esta organización.",
         "ai_instance_not_configured": "La IA se configura a nivel de instancia mediante variables de entorno. Pide a tu administrador que configure AI_PROVIDER, las credenciales de ese proveedor y la lista de modelos correspondiente antes de habilitar las funciones de IA.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Ajustar mensaje 'Encuesta cerrada'",
         "adjust_survey_closed_message_description": "Cambiar el mensaje que ven los visitantes cuando la encuesta está cerrada.",
         "adjust_theme_in_look_and_feel_settings": "Ajusta el tema en la configuración de <lookFeelLink>Aspecto</lookFeelLink>.",
-        "ai_data_analysis_disabled": "El análisis de datos con IA está deshabilitado para esta organización.",
         "ai_features_not_enabled": "Las funciones de IA no están habilitadas para esta organización.",
         "ai_instance_not_configured": "La IA no está configurada. Contacta con tu administrador.",
         "ai_smart_tools_disabled": "Las herramientas inteligentes de IA están deshabilitadas para esta organización.",

apps/web/locales/fr-FR.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Espaces de travail en cours d'ajout"
       },
       "general": {
-        "ai_data_analysis_enabled": "Enrichissement et analyse des données (IA)",
-        "ai_data_analysis_enabled_description": "L'IA pour tirer le meilleur parti de vos données, configurer des tableaux de bord, des graphiques, des rapports et plus encore. Accède à vos données d'expérience.",
         "ai_enabled": "IA Formbricks",
         "ai_enabled_description": "Gérer les fonctionnalités alimentées par l'IA pour cette organisation.",
         "ai_instance_not_configured": "L'IA est configurée au niveau de l'instance via des variables d'environnement. Demandez à votre administrateur de définir AI_PROVIDER, les identifiants du fournisseur et la liste de modèles correspondante avant d'activer les fonctionnalités d'IA.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Ajuster le message \"Sondage fermé\"",
         "adjust_survey_closed_message_description": "Modifiez le message que les visiteurs voient lorsque l'enquête est fermée.",
         "adjust_theme_in_look_and_feel_settings": "Ajuste le thème dans les paramètres <lookFeelLink>Apparence et ressenti</lookFeelLink>.",
-        "ai_data_analysis_disabled": "L'analyse de données par IA est désactivée pour cette organisation.",
         "ai_features_not_enabled": "Les fonctionnalités IA ne sont pas activées pour cette organisation.",
         "ai_instance_not_configured": "L'IA n'est pas configurée. Contacte ton administrateur.",
         "ai_smart_tools_disabled": "Les outils intelligents IA sont désactivés pour cette organisation.",

apps/web/locales/hu-HU.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Hozzáférést kapó munkaterületek"
       },
       "general": {
-        "ai_data_analysis_enabled": "Adatgazdagítás és elemzés (AI)",
-        "ai_data_analysis_enabled_description": "AI segítségével többet hozhat ki az adataiból, irányítópultokat, diagramokat, jelentéseket és egyebeket állíthat be. Hozzáfér az élményekhez kapcsolódó adatokhoz.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "AI-alapú funkciók kezelése ehhez a szervezethez.",
         "ai_instance_not_configured": "Az MI példányszinten, környezeti változókkal van konfigurálva. Kérd meg a rendszergazdát, hogy állítsa be az AI_PROVIDER értékét, a szolgáltató hitelesítő adatait és a megfelelő modelllistát, mielőtt engedélyezné az MI-funkciókat.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "A „Kérdőív lezárva” üzenet módosítása",
         "adjust_survey_closed_message_description": "Annak az üzenetnek a megváltoztatása, amelyet a látogatók akkor látnak, amikor a kérdőív lezárul.",
         "adjust_theme_in_look_and_feel_settings": "A témát a <lookFeelLink>Megjelenés és Élmény</lookFeelLink> beállításokban módosíthatja.",
-        "ai_data_analysis_disabled": "Az AI adatelemzés le van tiltva ezen szervezet számára.",
         "ai_features_not_enabled": "Az AI funkciók nincsenek engedélyezve ezen szervezet számára.",
         "ai_instance_not_configured": "Az AI nincs konfigurálva. Kérjük, forduljon a rendszergazdájához.",
         "ai_smart_tools_disabled": "Az AI intelligens eszközök le vannak tiltva ezen szervezet számára.",

apps/web/locales/ja-JP.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "アクセス権が付与されるワークスペース"
       },
       "general": {
-        "ai_data_analysis_enabled": "データエンリッチメントと分析（AI）",
-        "ai_data_analysis_enabled_description": "AIを活用してデータから最大限の価値を引き出し、ダッシュボード、チャート、レポートなどを設定できます。エクスペリエンスデータに触れます。",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "この組織のAI機能を管理します。",
         "ai_instance_not_configured": "AI は環境変数を使ってインスタンスレベルで設定されます。AI 機能を有効にする前に、管理者に AI_PROVIDER、このプロバイダーの認証情報、および対応するモデル一覧を設定してもらってください。",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "「フォームはクローズしました」メッセージを調整",
         "adjust_survey_closed_message_description": "フォームがクローズしたときに訪問者が見るメッセージを変更します。",
         "adjust_theme_in_look_and_feel_settings": "テーマは<lookFeelLink>外観</lookFeelLink>設定で調整できます。",
-        "ai_data_analysis_disabled": "この組織ではAIデータ分析が無効になっています。",
         "ai_features_not_enabled": "この組織ではAI機能が有効になっていません。",
         "ai_instance_not_configured": "AIが設定されていません。管理者にお問い合わせください。",
         "ai_smart_tools_disabled": "この組織ではAIスマートツールが無効になっています。",

apps/web/locales/nl-NL.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Werkruimtes die toegang krijgen"
       },
       "general": {
-        "ai_data_analysis_enabled": "Dataverrijking & analyse (AI)",
-        "ai_data_analysis_enabled_description": "AI om meer uit je data te halen, dashboards op te zetten, grafieken, rapporten en meer. Raakt je ervaringsdata aan.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "Beheer AI-functies voor deze organisatie.",
         "ai_instance_not_configured": "AI wordt op instantieniveau geconfigureerd via omgevingsvariabelen. Vraag je beheerder om AI_PROVIDER, de inloggegevens voor die provider en de bijbehorende modellenlijst in te stellen voordat AI-functies worden ingeschakeld.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Pas het bericht 'Enquête gesloten' aan",
         "adjust_survey_closed_message_description": "Wijzig het bericht dat bezoekers zien wanneer de enquête wordt gesloten.",
         "adjust_theme_in_look_and_feel_settings": "Pas het thema aan in de <lookFeelLink>Look & Feel</lookFeelLink> instellingen.",
-        "ai_data_analysis_disabled": "AI-gegevensanalyse is uitgeschakeld voor deze organisatie.",
         "ai_features_not_enabled": "AI-functies zijn niet ingeschakeld voor deze organisatie.",
         "ai_instance_not_configured": "AI is niet geconfigureerd. Neem contact op met je beheerder.",
         "ai_smart_tools_disabled": "AI slimme tools zijn uitgeschakeld voor deze organisatie.",

apps/web/locales/pt-BR.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Workspaces recebendo acesso"
       },
       "general": {
-        "ai_data_analysis_enabled": "Enriquecimento e análise de dados (IA)",
-        "ai_data_analysis_enabled_description": "IA para extrair mais dos seus dados, configurar dashboards, gráficos, relatórios e muito mais. Acessa os dados da sua experiência.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "Gerencie recursos com IA para esta organização.",
         "ai_instance_not_configured": "A IA é configurada no nível da instância por meio de variáveis de ambiente. Peça ao seu administrador para definir AI_PROVIDER, as credenciais desse provedor e a lista de modelos correspondente antes de habilitar os recursos de IA.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Ajustar mensagem 'Pesquisa Encerrada''",
         "adjust_survey_closed_message_description": "Mude a mensagem que os visitantes veem quando a pesquisa está fechada.",
         "adjust_theme_in_look_and_feel_settings": "Ajuste o tema nas configurações de <lookFeelLink>Aparência</lookFeelLink>.",
-        "ai_data_analysis_disabled": "A análise de dados por IA está desabilitada para esta organização.",
         "ai_features_not_enabled": "Os recursos de IA não estão habilitados para esta organização.",
         "ai_instance_not_configured": "A IA não está configurada. Entre em contato com seu administrador.",
         "ai_smart_tools_disabled": "As ferramentas inteligentes de IA estão desabilitadas para esta organização.",

apps/web/locales/pt-PT.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Workspaces a receber acesso"
       },
       "general": {
-        "ai_data_analysis_enabled": "Enriquecimento e análise de dados (IA)",
-        "ai_data_analysis_enabled_description": "IA para tirar mais partido dos teus dados, configurar dashboards, gráficos, relatórios e muito mais. Acede aos dados da tua experiência.",
         "ai_enabled": "IA da Formbricks",
         "ai_enabled_description": "Gerir funcionalidades com IA para esta organização.",
         "ai_instance_not_configured": "A IA é configurada ao nível da instância através de variáveis de ambiente. Peça ao seu administrador para definir AI_PROVIDER, as credenciais desse fornecedor e a lista de modelos correspondente antes de ativar as funcionalidades de IA.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Ajustar mensagem de 'Inquérito Fechado'",
         "adjust_survey_closed_message_description": "Alterar a mensagem que os visitantes veem quando o inquérito está fechado.",
         "adjust_theme_in_look_and_feel_settings": "Ajusta o tema nas definições de <lookFeelLink>Aparência</lookFeelLink>.",
-        "ai_data_analysis_disabled": "A análise de dados por IA está desativada para esta organização.",
         "ai_features_not_enabled": "As funcionalidades de IA não estão ativadas para esta organização.",
         "ai_instance_not_configured": "A IA não está configurada. Contacta o teu administrador.",
         "ai_smart_tools_disabled": "As ferramentas inteligentes de IA estão desativadas para esta organização.",

apps/web/locales/ro-RO.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Spații de lucru cărora li se acordă acces"
       },
       "general": {
-        "ai_data_analysis_enabled": "Îmbogățire și analiză de date (AI)",
-        "ai_data_analysis_enabled_description": "AI pentru a obține mai mult din datele tale, configurare dashboard-uri, grafice, rapoarte și multe altele. Accesează datele tale de experiență.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "Gestionează funcționalitățile bazate pe AI pentru această organizație.",
         "ai_instance_not_configured": "AI este configurată la nivel de instanță prin variabile de mediu. Cere administratorului să configureze AI_PROVIDER, credențialele acelui furnizor și lista de modele corespunzătoare înainte de a activa funcționalitățile AI.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Ajustați mesajul 'Sondaj Închis'",
         "adjust_survey_closed_message_description": "Schimbați mesajul pe care îl văd vizitatorii atunci când sondajul este închis.",
         "adjust_theme_in_look_and_feel_settings": "Ajustează tema în setările <lookFeelLink>Aspect și Experiență</lookFeelLink>.",
-        "ai_data_analysis_disabled": "Analiza de date AI este dezactivată pentru această organizație.",
         "ai_features_not_enabled": "Funcțiile AI nu sunt activate pentru această organizație.",
         "ai_instance_not_configured": "AI nu este configurat. Contactează administratorul.",
         "ai_smart_tools_disabled": "Instrumentele inteligente AI sunt dezactivate pentru această organizație.",

apps/web/locales/ru-RU.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Рабочие пространства, которым предоставляется доступ"
       },
       "general": {
-        "ai_data_analysis_enabled": "Обогащение и анализ данных (ИИ)",
-        "ai_data_analysis_enabled_description": "ИИ для получения большего от твоих данных: настройка дашбордов, графиков, отчетов и не только. Работает с твоими данными об опыте.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "Управляй функциями на базе ИИ для этой организации.",
         "ai_instance_not_configured": "ИИ настраивается на уровне инстанса через переменные окружения. Попросите администратора настроить AI_PROVIDER, учетные данные этого провайдера и соответствующий список моделей перед включением функций ИИ.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Изменить сообщение «Опрос закрыт»",
         "adjust_survey_closed_message_description": "Измените сообщение, которое видят посетители, когда опрос закрыт.",
         "adjust_theme_in_look_and_feel_settings": "Настройте тему в разделе <lookFeelLink>Внешний вид</lookFeelLink>.",
-        "ai_data_analysis_disabled": "Анализ данных с помощью ИИ отключён для этой организации.",
         "ai_features_not_enabled": "Функции ИИ не включены для этой организации.",
         "ai_instance_not_configured": "ИИ не настроен. Свяжись с администратором.",
         "ai_smart_tools_disabled": "Умные инструменты ИИ отключены для этой организации.",

apps/web/locales/sv-SE.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Arbetsytor som beviljas åtkomst"
       },
       "general": {
-        "ai_data_analysis_enabled": "Dataförbättring & analys (AI)",
-        "ai_data_analysis_enabled_description": "AI för att få ut mer av din data, skapa dashboards, diagram, rapporter och mer. Använder din upplevelsedata.",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "Hantera AI-drivna funktioner för den här organisationen.",
         "ai_instance_not_configured": "AI konfigureras på instansnivå via miljövariabler. Be din administratör att ange AI_PROVIDER, autentiseringsuppgifterna för den leverantören och den tillhörande modellistan innan AI-funktioner aktiveras.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "Justera meddelande för 'Enkät stängd'",
         "adjust_survey_closed_message_description": "Ändra meddelandet besökare ser när enkäten är stängd.",
         "adjust_theme_in_look_and_feel_settings": "Justera temat i inställningarna för <lookFeelLink>Utseende & Känsla</lookFeelLink>.",
-        "ai_data_analysis_disabled": "AI-dataanalys är inaktiverad för den här organisationen.",
         "ai_features_not_enabled": "AI-funktioner är inte aktiverade för den här organisationen.",
         "ai_instance_not_configured": "AI är inte konfigurerad. Kontakta din administratör.",
         "ai_smart_tools_disabled": "AI smarta verktyg är inaktiverade för den här organisationen.",

apps/web/locales/tr-TR.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "Erişim verilen çalışma alanları"
       },
       "general": {
-        "ai_data_analysis_enabled": "Veri zenginleştirme ve analiz (Yapay Zeka)",
-        "ai_data_analysis_enabled_description": "Verilerinden daha fazlasını elde etmek, kontrol panelleri, grafikler, raporlar ve daha fazlasını kurmak için yapay zeka. Deneyim verilerine dokunur.",
         "ai_enabled": "Formbricks Yapay Zeka",
         "ai_enabled_description": "Bu organizasyon için yapay zeka destekli özellikleri yönet.",
         "ai_instance_not_configured": "Yapay zeka, ortam değişkenleri aracılığıyla instance seviyesinde yapılandırılır. Yapay zeka özelliklerini etkinleştirmeden önce yöneticinden AI_PROVIDER, AI_MODEL ve eşleşen sağlayıcı kimlik bilgilerini ayarlamasını iste.",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "\"Anket Kapatıldı\" mesajını düzenle",
         "adjust_survey_closed_message_description": "Anket kapalıyken ziyaretçilerin gördüğü mesajı değiştir.",
         "adjust_theme_in_look_and_feel_settings": "Temayı <lookFeelLink>Görünüm ve His</lookFeelLink> Ayarlarından düzenleyin.",
-        "ai_data_analysis_disabled": "Bu organizasyon için yapay zeka veri analizi devre dışı.",
         "ai_features_not_enabled": "Bu organizasyon için yapay zeka özellikleri etkinleştirilmemiş.",
         "ai_instance_not_configured": "Yapay zeka yapılandırılmamış. Yöneticinle iletişime geç.",
         "ai_smart_tools_disabled": "Bu organizasyon için yapay zeka akıllı araçları devre dışı.",

apps/web/locales/zh-Hans-CN.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "将被授权访问的工作区"
       },
       "general": {
-        "ai_data_analysis_enabled": "数据增强与分析（AI）",
-        "ai_data_analysis_enabled_description": "使用 AI 深度挖掘你的数据，设置仪表盘、图表、报告等。会处理你的体验数据。",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "管理该组织的 AI 驱动功能。",
         "ai_instance_not_configured": "AI 通过环境变量在实例级别进行配置。启用 AI 功能前，请让管理员设置 AI_PROVIDER、该提供商的凭据以及对应的模型列表。",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "调整 \"调查 关闭\" 消息",
         "adjust_survey_closed_message_description": "更改 访客 看到 调查 关闭 时 的 消息。",
         "adjust_theme_in_look_and_feel_settings": "在<lookFeelLink>外观与感觉</lookFeelLink>设置中调整主题。",
-        "ai_data_analysis_disabled": "此组织已禁用 AI 数据分析。",
         "ai_features_not_enabled": "此组织未启用 AI 功能。",
         "ai_instance_not_configured": "AI 未配置。请联系您的管理员。",
         "ai_smart_tools_disabled": "此组织已禁用 AI 智能工具。",

apps/web/locales/zh-Hant-TW.json

@@ -2612,8 +2612,6 @@
         "workspaces_being_added": "正在授予存取權限的工作區"
       },
       "general": {
-        "ai_data_analysis_enabled": "資料增強與分析（AI）",
-        "ai_data_analysis_enabled_description": "利用 AI 深入分析你的資料，建立儀表板、圖表、報告等。會處理你的體驗資料。",
         "ai_enabled": "Formbricks AI",
         "ai_enabled_description": "管理此組織的 AI 功能。",
         "ai_instance_not_configured": "AI 會透過環境變數在實例層級進行設定。啟用 AI 功能前，請管理員設定 AI_PROVIDER、該供應商的憑證，以及對應的模型清單。",
@@ -2820,7 +2818,6 @@
         "adjust_survey_closed_message": "調整「問卷已關閉」訊息",
         "adjust_survey_closed_message_description": "變更訪客在問卷關閉時看到的訊息。",
         "adjust_theme_in_look_and_feel_settings": "在<lookFeelLink>外觀與感覺</lookFeelLink>設定中調整主題。",
-        "ai_data_analysis_disabled": "此組織已停用 AI 資料分析。",
         "ai_features_not_enabled": "此組織未啟用 AI 功能。",
         "ai_instance_not_configured": "AI 未設定。請聯絡您的管理員。",
         "ai_smart_tools_disabled": "此組織已停用 AI 智慧工具。",

apps/web/modules/api/v2/auth/api-wrapper.ts

@@ -1,6 +1,7 @@
 import { ZodRawShape, z } from "zod";
 import { logger } from "@formbricks/logger";
 import { TAuthenticationApiKey } from "@formbricks/types/auth";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { TApiAuditLog } from "@/app/lib/api/with-api-logging";
 import { formatZodError, handleApiError } from "@/modules/api/v2/lib/utils";
 import { applyRateLimit } from "@/modules/core/rate-limit/helpers";
@@ -73,10 +74,22 @@ export const apiWrapper = async <S extends ExtendedSchemas>({
   let parsedInput: ParsedSchemas<S> = {} as ParsedSchemas<S>;
 
   if (schemas?.body) {
-    let bodyData;
+    let bodyData: Record<string, unknown>;
     try {
-      bodyData = await request.json();
+      bodyData = await parseJsonBodyWithLimit<Record<string, unknown>>(request);
     } catch (error) {
+      if (error instanceof RequestBodyTooLargeError) {
+        return handleApiError(request, {
+          type: "payload_too_large",
+          details: [
+            {
+              field: "body",
+              issue: error.message,
+            },
+          ],
+        });
+      }
+
       logger.error({ error, url: request.url }, "Error parsing JSON input");
       return handleApiError(request, {
         type: "bad_request",

apps/web/modules/api/v2/auth/tests/api-wrapper.test.ts

@@ -1,6 +1,7 @@
 import { describe, expect, test, vi } from "vitest";
 import { z } from "zod";
 import { err, ok } from "@formbricks/types/error-handlers";
+import { DEFAULT_REQUEST_BODY_LIMIT_BYTES } from "@/app/lib/api/request-body";
 import { apiWrapper } from "@/modules/api/v2/auth/api-wrapper";
 import { authenticateRequest } from "@/modules/api/v2/auth/authenticate-request";
 import { handleApiError } from "@/modules/api/v2/lib/utils";

apps/web/modules/api/v2/lib/response.ts

@@ -148,6 +148,35 @@ const conflictResponse = ({
   );
 };
 
+const payloadTooLargeResponse = ({
+  details = [],
+  cors = false,
+  cache = "private, no-store",
+}: {
+  details?: ApiErrorDetails;
+  cors?: boolean;
+  cache?: string;
+} = {}) => {
+  const headers = {
+    ...(cors && corsHeaders),
+    "Cache-Control": cache,
+  };
+
+  return Response.json(
+    {
+      error: {
+        code: 413,
+        message: "Payload Too Large",
+        details,
+      },
+    },
+    {
+      status: 413,
+      headers,
+    }
+  );
+};
+
 const unprocessableEntityResponse = ({
   details = [],
   cors = false,
@@ -351,6 +380,7 @@ export const responses = {
   forbiddenResponse,
   notFoundResponse,
   conflictResponse,
+  payloadTooLargeResponse,
   unprocessableEntityResponse,
   tooManyRequestsResponse,
   internalServerErrorResponse,

apps/web/modules/api/v2/lib/utils.ts

@@ -28,6 +28,8 @@ export const handleApiError = (
       return responses.notFoundResponse({ details: err.details });
     case "conflict":
       return responses.conflictResponse({ details: err.details });
+    case "payload_too_large":
+      return responses.payloadTooLargeResponse({ details: err.details });
     case "unprocessable_entity":
       return responses.unprocessableEntityResponse({ details: err.details });
     case "too_many_requests":

apps/web/modules/api/v2/types/api-error.ts

@@ -10,7 +10,13 @@ export type ApiErrorDetails = {
 
 export type ApiErrorResponseV2 =
   | {
-      type: "unauthorized" | "forbidden" | "conflict" | "too_many_requests" | "internal_server_error";
+      type:
+        | "unauthorized"
+        | "forbidden"
+        | "conflict"
+        | "payload_too_large"
+        | "too_many_requests"
+        | "internal_server_error";
       details?: ApiErrorDetails;
     }
   | {

apps/web/modules/billing/lib/stripe-catalog.ts

@@ -10,7 +10,6 @@ export const CLOUD_STRIPE_FEATURE_LOOKUP_KEYS = {
   SPAM_PROTECTION: "spam-protection",
   CONTACTS: "contacts",
   AI_SMART_TOOLS: "ai-smart-tools",
-  AI_DATA_ANALYSIS: "ai-data-analysis",
   FEEDBACK_DIRECTORIES: "feedback-directories",
   DASHBOARDS: "dashboards",
 } as const;

apps/web/modules/ee/ai-translation/lib/actions.ts

@@ -81,7 +81,7 @@ export const translateSurveyFieldsAction = authenticatedActionClient
       ],
     });
 
-    await assertOrganizationAIConfigured(organizationId, "smartTools");
+    await assertOrganizationAIConfigured(organizationId);
 
     const translations = await translateFields({
       organizationId,

apps/web/modules/ee/ai-translation/lib/translate-fields.ts

@@ -40,7 +40,6 @@ Rules:
 
   const result = await generateOrganizationAIText({
     organizationId,
-    capability: "smartTools",
     system: systemPrompt,
     prompt: JSON.stringify(items),
   });

apps/web/modules/ee/analysis/charts/actions.ts

@@ -363,10 +363,7 @@ export const generateAIChartAction = authenticatedActionClient
 
       await checkDashboardsEnabled(organizationId);
 
-      // Verify AI is entitled, enabled at org level, and configured at instance level.
-      // Uses "smartTools" (not "dataAnalysis") because chart generation only sends the
-      // Cube schema context and the user's prompt to the LLM — no response PII.
-      await assertOrganizationAIConfigured(organizationId, "smartTools");
+      await assertOrganizationAIConfigured(organizationId);
 
       const { feedbackDirectoryId } = await checkFeedbackDirectoryAccess({
         feedbackDirectoryId: parsedInput.feedbackDirectoryId,

apps/web/modules/ee/analysis/lib/date-presets.test.ts

@@ -1,96 +0,0 @@
-import { describe, expect, test } from "vitest";
-import type { TChartQuery } from "@formbricks/types/analysis";
-import { expandPresetDateRanges } from "./date-presets";
-
-const queryWithDateRange = (dateRange: string | [string, string]): TChartQuery => ({
-  measures: ["FeedbackRecords.count"],
-  timeDimensions: [{ dimension: "FeedbackRecords.collectedAt", dateRange }],
-});
-
-// Mid-month, mid-quarter date that exercises month/quarter/year boundaries cleanly.
-const NOW = new Date(2026, 4, 21, 14, 30, 0); // May 21, 2026 14:30 local
-
-describe("expandPresetDateRanges", () => {
-  test("includes today for 'last 7 days'", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("last 7 days"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-05-15", "2026-05-21"]);
-  });
-
-  test("includes today for 'last 30 days'", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("last 30 days"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-04-22", "2026-05-21"]);
-  });
-
-  test("expands 'today' to today..today", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("today"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-05-21", "2026-05-21"]);
-  });
-
-  test("expands 'yesterday' to yesterday..yesterday", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("yesterday"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-05-20", "2026-05-20"]);
-  });
-
-  test("'this month' runs from the 1st through today", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("this month"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-05-01", "2026-05-21"]);
-  });
-
-  test("'last month' is the full previous calendar month", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("last month"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-04-01", "2026-04-30"]);
-  });
-
-  test("'last month' handles year rollover", () => {
-    const janFirst = new Date(2026, 0, 15, 10, 0, 0);
-    const result = expandPresetDateRanges(queryWithDateRange("last month"), janFirst);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2025-12-01", "2025-12-31"]);
-  });
-
-  test("'this quarter' starts at the first day of the calendar quarter", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("this quarter"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-04-01", "2026-05-21"]);
-  });
-
-  test("'this year' starts on Jan 1", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("this year"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-01-01", "2026-05-21"]);
-  });
-
-  test("leaves explicit [start, end] tuple unchanged", () => {
-    const result = expandPresetDateRanges(queryWithDateRange(["2026-01-01", "2026-01-15"]), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toEqual(["2026-01-01", "2026-01-15"]);
-  });
-
-  test("leaves an unknown preset string unchanged so Cube can interpret it", () => {
-    const result = expandPresetDateRanges(queryWithDateRange("from -3 days to now"), NOW);
-    expect(result.timeDimensions?.[0].dateRange).toBe("from -3 days to now");
-  });
-
-  test("returns input unchanged when there are no time dimensions", () => {
-    const q: TChartQuery = { measures: ["FeedbackRecords.count"] };
-    expect(expandPresetDateRanges(q, NOW)).toEqual(q);
-  });
-
-  test("preserves other timeDimension fields (granularity, dimension)", () => {
-    const q: TChartQuery = {
-      measures: ["FeedbackRecords.count"],
-      timeDimensions: [
-        { dimension: "FeedbackRecords.collectedAt", granularity: "day", dateRange: "last 7 days" },
-      ],
-    };
-    const result = expandPresetDateRanges(q, NOW);
-    expect(result.timeDimensions?.[0]).toMatchObject({
-      dimension: "FeedbackRecords.collectedAt",
-      granularity: "day",
-      dateRange: ["2026-05-15", "2026-05-21"],
-    });
-  });
-
-  test("does not mutate the input query", () => {
-    const q = queryWithDateRange("last 7 days");
-    const before = JSON.stringify(q);
-    expandPresetDateRanges(q, NOW);
-    expect(JSON.stringify(q)).toBe(before);
-  });
-});

apps/web/modules/ee/analysis/lib/schema-definition.test.ts

@@ -1,5 +1,3 @@
-import { readFileSync } from "node:fs";
-import { fileURLToPath } from "node:url";
 import { describe, expect, test } from "vitest";
 import {
   FEEDBACK_FIELDS,
@@ -8,17 +6,6 @@ import {
   getFilterOperatorsForType,
 } from "./schema-definition";
 
-const chartCubeSchemaPath = fileURLToPath(
-  new URL("../../../../../../charts/formbricks/cube/schema/FeedbackRecords.js", import.meta.url)
-);
-const dockerCubeSchemaPath = fileURLToPath(
-  new URL("../../../../../../docker/cube/schema/FeedbackRecords.js", import.meta.url)
-);
-
-const readChartCubeSchema = (): string => readFileSync(chartCubeSchemaPath, "utf8");
-const readDockerCubeSchema = (): string => readFileSync(dockerCubeSchemaPath, "utf8");
-const getCubeMemberName = (id: string): string => id.replace("FeedbackRecords.", "");
-
 describe("schema-definition", () => {
   describe("getFilterOperatorsForType", () => {
     test("returns string operators", () => {
@@ -107,20 +94,5 @@ describe("schema-definition", () => {
       );
       expect(ids).not.toContain("FeedbackRecords.averageScore");
     });
-
-    test("only exposes members present in the deployed Cube schema", () => {
-      const chartCubeSchema = readChartCubeSchema();
-      const exposedMembers = [...FEEDBACK_FIELDS.measures, ...FEEDBACK_FIELDS.dimensions].map(({ id }) =>
-        getCubeMemberName(id)
-      );
-
-      for (const member of exposedMembers) {
-        expect(chartCubeSchema).toContain(`    ${member}: {`);
-      }
-    });
-
-    test("keeps the Helm and Docker Cube schemas in sync", () => {
-      expect(readChartCubeSchema()).toBe(readDockerCubeSchema());
-    });
   });
 });

apps/web/modules/ee/billing/api/route.ts

@@ -1,11 +1,12 @@
 import { headers } from "next/headers";
 import { NextResponse } from "next/server";
 import { logger } from "@formbricks/logger";
+import { RequestBodyTooLargeError, readRequestBodyWithLimit } from "@/app/lib/api/request-body";
 import { webhookHandler } from "@/modules/ee/billing/api/lib/stripe-webhook";
 
 export const POST = async (request: Request) => {
   try {
-    const body = await request.text();
+    const body = await readRequestBodyWithLimit(request);
     const requestHeaders = await headers(); // Corrected: headers() is async
     const signature = requestHeaders.get("stripe-signature");
 
@@ -26,6 +27,10 @@ export const POST = async (request: Request) => {
 
     return NextResponse.json(result.message || { received: true }, { status: 200 });
   } catch (error: any) {
+    if (error instanceof RequestBodyTooLargeError) {
+      return NextResponse.json({ message: "Payload Too Large" }, { status: 413 });
+    }
+
     logger.error(error, `Unhandled error in Stripe webhook POST handler: ${error.message}`);
     return NextResponse.json({ message: "Internal server error" }, { status: 500 });
   }

apps/web/modules/ee/contacts/api/v1/client/[workspaceId]/user/route.ts

@@ -4,6 +4,7 @@ import { ZId } from "@formbricks/types/common";
 import { TContactAttributesInput } from "@formbricks/types/contact-attribute";
 import { ResourceNotFoundError, ValidationError } from "@formbricks/types/errors";
 import { TJsPersonState } from "@formbricks/types/js";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
 import { getOrganizationIdFromWorkspaceId } from "@/lib/utils/helper";
@@ -27,6 +28,11 @@ const handleError = (err: unknown, url: string): { response: Response; error?: u
   };
 };
 
+type TContactUserRequestBody = Record<string, unknown> & {
+  attributes?: Record<string, unknown>;
+  userId?: unknown;
+};
+
 export const OPTIONS = async (): Promise<Response> => {
   return responses.successResponse(
     {},
@@ -76,7 +82,24 @@ export const POST = withV1ApiWrapper({
       }
       const { workspaceId } = resolved;
 
-      const jsonInput = await req.json();
+      let jsonInput: TContactUserRequestBody;
+      try {
+        jsonInput = await parseJsonBodyWithLimit<TContactUserRequestBody>(req);
+      } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }, true),
+          };
+        }
+
+        return {
+          response: responses.badRequestResponse(
+            "Malformed JSON input, please check your request body",
+            { error: error instanceof Error ? error.message : "Unknown error occurred" },
+            true
+          ),
+        };
+      }
 
       // Basic input validation without Zod overhead
       if (
@@ -91,8 +114,13 @@ export const POST = withV1ApiWrapper({
       }
 
       // Simple email validation if present (avoid Zod)
-      if (jsonInput.attributes?.email) {
-        const email = jsonInput.attributes.email;
+      const attributes =
+        typeof jsonInput.attributes === "object" && jsonInput.attributes !== null
+          ? jsonInput.attributes
+          : undefined;
+
+      if (attributes && Object.hasOwn(attributes, "email")) {
+        const email = attributes.email;
         if (typeof email !== "string" || !email.includes("@") || email.length < 3) {
           return {
             response: responses.badRequestResponse("Invalid email format", undefined, true),
@@ -100,7 +128,7 @@ export const POST = withV1ApiWrapper({
         }
       }
 
-      const { userId, attributes } = jsonInput;
+      const userId = jsonInput.userId;
 
       const organizationId = await getOrganizationIdFromWorkspaceId(workspaceId);
       const isContactsEnabled = await getIsContactsEnabled(organizationId);

apps/web/modules/ee/contacts/api/v1/management/contact-attribute-keys/[contactAttributeKeyId]/route.ts

@@ -1,5 +1,6 @@
 import { logger } from "@formbricks/logger";
 import { handleErrorResponse } from "@/app/api/v1/auth";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { TApiKeyAuthentication, THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -149,8 +150,14 @@ export const PUT = withV1ApiWrapper({
 
       let contactAttributeKeyUpdate;
       try {
-        contactAttributeKeyUpdate = await req.json();
+        contactAttributeKeyUpdate = await parseJsonBodyWithLimit(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON input");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/modules/ee/contacts/api/v1/management/contact-attribute-keys/route.ts

@@ -1,6 +1,7 @@
 import { logger } from "@formbricks/logger";
 import { DatabaseError } from "@formbricks/types/errors";
 import { resolveBodyIds } from "@/app/api/v1/management/lib/workspace-resolver";
+import { RequestBodyTooLargeError, parseJsonBodyWithLimit } from "@/app/lib/api/request-body";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { THandlerParams, withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
@@ -63,8 +64,14 @@ export const POST = withV1ApiWrapper({
 
       let contactAttributeKeyInput;
       try {
-        contactAttributeKeyInput = await req.json();
+        contactAttributeKeyInput = await parseJsonBodyWithLimit<Record<string, unknown>>(req);
       } catch (error) {
+        if (error instanceof RequestBodyTooLargeError) {
+          return {
+            response: responses.payloadTooLargeResponse("Payload Too Large", { error: error.message }),
+          };
+        }
+
         logger.error({ error, url: req.url }, "Error parsing JSON input");
         return {
           response: responses.badRequestResponse("Malformed JSON input, please check your request body"),

apps/web/modules/ee/license-check/lib/license.test.ts

@@ -148,7 +148,6 @@ describe("License Core Logic", () => {
       saml: true,
       spamProtection: true,
       aiSmartTools: false,
-      aiDataAnalysis: false,
       auditLogs: true,
       accessControl: true,
       quotas: true,
@@ -286,7 +285,6 @@ describe("License Core Logic", () => {
             removeBranding: false,
             contacts: false,
             aiSmartTools: false,
-            aiDataAnalysis: false,
             saml: false,
             spamProtection: false,
             auditLogs: false,
@@ -310,7 +308,6 @@ describe("License Core Logic", () => {
           removeBranding: false,
           contacts: false,
           aiSmartTools: false,
-          aiDataAnalysis: false,
           saml: false,
           spamProtection: false,
           auditLogs: false,
@@ -343,7 +340,6 @@ describe("License Core Logic", () => {
         removeBranding: false,
         contacts: false,
         aiSmartTools: false,
-        aiDataAnalysis: false,
         saml: false,
         spamProtection: false,
         auditLogs: false,
@@ -537,7 +533,6 @@ describe("License Core Logic", () => {
           saml: true,
           spamProtection: true,
           aiSmartTools: false,
-          aiDataAnalysis: false,
           auditLogs: true,
           accessControl: true,
           quotas: true,
@@ -604,7 +599,6 @@ describe("License Core Logic", () => {
           saml: true,
           spamProtection: true,
           aiSmartTools: false,
-          aiDataAnalysis: false,
           auditLogs: true,
           accessControl: true,
           quotas: true,
@@ -662,7 +656,6 @@ describe("License Core Logic", () => {
           saml: true,
           spamProtection: true,
           aiSmartTools: false,
-          aiDataAnalysis: false,
           auditLogs: true,
           accessControl: true,
           quotas: true,
@@ -807,7 +800,6 @@ describe("License Core Logic", () => {
           saml: true,
           spamProtection: true,
           aiSmartTools: true,
-          aiDataAnalysis: true,
           auditLogs: true,
           accessControl: true,
           quotas: true,
@@ -836,7 +828,6 @@ describe("License Core Logic", () => {
         saml: true,
         spamProtection: true,
         aiSmartTools: true,
-        aiDataAnalysis: true,
         auditLogs: true,
         accessControl: true,
         quotas: true,
@@ -866,7 +857,6 @@ describe("License Core Logic", () => {
                   removeBranding: false,
                   contacts: false,
                   aiSmartTools: false,
-                  aiDataAnalysis: false,
                   saml: false,
                   spamProtection: false,
                   auditLogs: false,
@@ -940,7 +930,6 @@ describe("License Core Logic", () => {
               removeBranding: true,
               contacts: true,
               aiSmartTools: true,
-              aiDataAnalysis: true,
               saml: true,
               spamProtection: true,
               auditLogs: true,
@@ -1009,7 +998,6 @@ describe("License Core Logic", () => {
               removeBranding: true,
               contacts: true,
               aiSmartTools: true,
-              aiDataAnalysis: true,
               saml: true,
               spamProtection: true,
               auditLogs: true,
@@ -1051,7 +1039,6 @@ describe("License Core Logic", () => {
           saml: true,
           spamProtection: true,
           aiSmartTools: false,
-          aiDataAnalysis: false,
           auditLogs: true,
           accessControl: true,
           quotas: true,
@@ -1180,7 +1167,6 @@ describe("License Core Logic", () => {
         saml: true,
         spamProtection: true,
         aiSmartTools: false,
-        aiDataAnalysis: false,
         auditLogs: true,
         accessControl: true,
         quotas: true,
@@ -1304,7 +1290,6 @@ describe("License Core Logic", () => {
           removeBranding: true,
           contacts: true,
           aiSmartTools: true,
-          aiDataAnalysis: true,
           saml: true,
           spamProtection: true,
           auditLogs: true,
@@ -1360,7 +1345,6 @@ describe("License Core Logic", () => {
               removeBranding: true,
               contacts: true,
               aiSmartTools: true,
-              aiDataAnalysis: true,
               saml: true,
               spamProtection: true,
               auditLogs: true,
@@ -1416,7 +1400,6 @@ describe("License Core Logic", () => {
               removeBranding: true,
               contacts: true,
               aiSmartTools: true,
-              aiDataAnalysis: true,
               saml: true,
               spamProtection: true,
               auditLogs: true,

apps/web/modules/ee/license-check/lib/license.ts

@@ -83,7 +83,6 @@ const LicenseFeaturesSchema = z.object({
   removeBranding: z.boolean(),
   contacts: z.boolean(),
   aiSmartTools: z.boolean(),
-  aiDataAnalysis: z.boolean(),
   saml: z.boolean(),
   spamProtection: z.boolean(),
   auditLogs: z.boolean(),
@@ -153,7 +152,6 @@ const DEFAULT_FEATURES: TEnterpriseLicenseFeatures = {
   removeBranding: false,
   contacts: false,
   aiSmartTools: false,
-  aiDataAnalysis: false,
   saml: false,
   spamProtection: false,
   auditLogs: false,

apps/web/modules/ee/license-check/lib/utils.test.ts

@@ -9,7 +9,6 @@ import { getEnterpriseLicense, getLicenseFeatures } from "./license";
 import {
   getAccessControlPermission,
   getBiggerUploadFileSizePermission,
-  getIsAIDataAnalysisEnabled,
   getIsAISmartToolsEnabled,
   getIsAuditLogsEnabled,
   getIsContactsEnabled,
@@ -60,7 +59,6 @@ const defaultFeatures: TEnterpriseLicenseFeatures = {
   saml: false,
   spamProtection: false,
   aiSmartTools: false,
-  aiDataAnalysis: false,
   auditLogs: false,
   accessControl: false,
   quotas: false,
@@ -216,57 +214,26 @@ describe("License Utils", () => {
       );
     });
 
-    test("uses cloud AI data analysis entitlement", async () => {
-      vi.mocked(constants).IS_FORMBRICKS_CLOUD = true;
-      vi.mocked(hasOrganizationEntitlementWithLicenseGuard).mockResolvedValueOnce(true);
-
-      const result = await getIsAIDataAnalysisEnabled("org_1");
+    test("returns self-hosted AI smart tools from license", async () => {
+      vi.mocked(constants).IS_FORMBRICKS_CLOUD = false;
+      vi.mocked(getEnterpriseLicense).mockResolvedValue({
+        ...defaultLicense,
+        features: { ...defaultFeatures, aiSmartTools: true },
+      });
 
+      const result = await getIsAISmartToolsEnabled("org_1");
       expect(result).toBe(true);
-      expect(hasOrganizationEntitlementWithLicenseGuard).toHaveBeenCalledWith(
-        "org_1",
-        CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.AI_DATA_ANALYSIS
-      );
     });
 
-    test("returns self-hosted AI features from license", async () => {
+    test("returns false for self-hosted AI smart tools when not enabled", async () => {
       vi.mocked(constants).IS_FORMBRICKS_CLOUD = false;
       vi.mocked(getEnterpriseLicense).mockResolvedValue({
         ...defaultLicense,
-        features: {
-          ...defaultFeatures,
-          aiSmartTools: true,
-          aiDataAnalysis: true,
-        },
+        features: { ...defaultFeatures, aiSmartTools: false },
       });
 
-      const [smartTools, dataAnalysis] = await Promise.all([
-        getIsAISmartToolsEnabled("org_1"),
-        getIsAIDataAnalysisEnabled("org_1"),
-      ]);
-
-      expect(smartTools).toBe(true);
-      expect(dataAnalysis).toBe(true);
-    });
-
-    test("returns false for self-hosted AI features when not enabled", async () => {
-      vi.mocked(constants).IS_FORMBRICKS_CLOUD = false;
-      vi.mocked(getEnterpriseLicense).mockResolvedValue({
-        ...defaultLicense,
-        features: {
-          ...defaultFeatures,
-          aiSmartTools: false,
-          aiDataAnalysis: false,
-        },
-      });
-
-      const [smartTools, dataAnalysis] = await Promise.all([
-        getIsAISmartToolsEnabled("org_1"),
-        getIsAIDataAnalysisEnabled("org_1"),
-      ]);
-
-      expect(smartTools).toBe(false);
-      expect(dataAnalysis).toBe(false);
+      const result = await getIsAISmartToolsEnabled("org_1");
+      expect(result).toBe(false);
     });
 
     test("uses cloud feedback record directories entitlement", async () => {

apps/web/modules/ee/license-check/lib/utils.ts

@@ -31,13 +31,7 @@ const getCustomPlanFeaturePermission = async (
   organizationId: string,
   featureKey: keyof Pick<
     TEnterpriseLicenseFeatures,
-    | "accessControl"
-    | "quotas"
-    | "contacts"
-    | "aiSmartTools"
-    | "aiDataAnalysis"
-    | "feedbackDirectories"
-    | "dashboards"
+    "accessControl" | "quotas" | "contacts" | "aiSmartTools" | "feedbackDirectories" | "dashboards"
   >
 ): Promise<boolean> => {
   if (IS_FORMBRICKS_CLOUD) {
@@ -46,7 +40,6 @@ const getCustomPlanFeaturePermission = async (
       quotas: CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.QUOTA_MANAGEMENT,
       contacts: CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.CONTACTS,
       aiSmartTools: CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.AI_SMART_TOOLS,
-      aiDataAnalysis: CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.AI_DATA_ANALYSIS,
       feedbackDirectories: CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.FEEDBACK_DIRECTORIES,
       dashboards: CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.DASHBOARDS,
     };
@@ -126,10 +119,6 @@ export const getIsAISmartToolsEnabled = async (organizationId: string): Promise<
   return getCustomPlanFeaturePermission(organizationId, "aiSmartTools");
 };
 
-export const getIsAIDataAnalysisEnabled = async (organizationId: string): Promise<boolean> => {
-  return getCustomPlanFeaturePermission(organizationId, "aiDataAnalysis");
-};
-
 export const getIsAuditLogsEnabled = async (): Promise<boolean> => {
   if (!AUDIT_LOG_ENABLED) return false;
   return getSpecificFeatureFlag("auditLogs");

apps/web/modules/ee/license-check/types/enterprise-license.ts

@@ -15,7 +15,6 @@ const ZEnterpriseLicenseFeatures = z.object({
   saml: z.boolean(),
   spamProtection: z.boolean(),
   aiSmartTools: z.boolean(),
-  aiDataAnalysis: z.boolean(),
   auditLogs: z.boolean(),
   accessControl: z.boolean(),
   quotas: z.boolean(),

apps/web/modules/ee/sso/lib/organization.test.ts

@@ -28,7 +28,6 @@ describe("getFirstOrganization", () => {
       whitelabel: null,
       updatedAt: new Date(),
       isAISmartToolsEnabled: false,
-      isAIDataAnalysisEnabled: false,
     };
     vi.mocked(prisma.organization.findFirst).mockResolvedValue(org);
     const result = await getFirstOrganization();

apps/web/modules/ee/sso/lib/tests/__mock__/sso-handlers.mock.ts

@@ -46,7 +46,6 @@ export const mockOrganization: TOrganization = {
   id: "org-123",
   name: "Test Organization",
   isAISmartToolsEnabled: false,
-  isAIDataAnalysisEnabled: false,
   whitelabel: {
     logoUrl: null,
     faviconUrl: null,

apps/web/modules/entitlements/lib/checks.test.ts

@@ -145,26 +145,6 @@ describe("hasOrganizationEntitlementWithLicenseGuard", () => {
     expect(await hasOrganizationEntitlementWithLicenseGuard("org1", "ai-smart-tools")).toBe(false);
   });
 
-  test("returns true when license active and ai-data-analysis mapped feature enabled", async () => {
-    mockGetContext.mockResolvedValue({
-      ...baseContext,
-      features: ["ai-data-analysis"],
-      licenseStatus: "active",
-      licenseFeatures: { aiDataAnalysis: true } as TOrganizationEntitlementsContext["licenseFeatures"],
-    });
-    expect(await hasOrganizationEntitlementWithLicenseGuard("org1", "ai-data-analysis")).toBe(true);
-  });
-
-  test("returns false when license active but ai-data-analysis mapped feature disabled", async () => {
-    mockGetContext.mockResolvedValue({
-      ...baseContext,
-      features: ["ai-data-analysis"],
-      licenseStatus: "active",
-      licenseFeatures: { aiDataAnalysis: false } as TOrganizationEntitlementsContext["licenseFeatures"],
-    });
-    expect(await hasOrganizationEntitlementWithLicenseGuard("org1", "ai-data-analysis")).toBe(false);
-  });
-
   test("returns true when license active and feature has no license mapping", async () => {
     mockGetContext.mockResolvedValue({
       ...baseContext,

apps/web/modules/entitlements/lib/checks.ts

@@ -11,7 +11,6 @@ const LICENSE_GUARDED_ENTITLEMENTS: Partial<Record<string, keyof TEnterpriseLice
   "spam-protection": "spamProtection",
   contacts: "contacts",
   "ai-smart-tools": "aiSmartTools",
-  "ai-data-analysis": "aiDataAnalysis",
   "feedback-directories": "feedbackDirectories",
   dashboards: "dashboards",
 };

apps/web/modules/entitlements/lib/self-hosted-provider.test.ts

@@ -111,35 +111,6 @@ describe("getSelfHostedOrganizationEntitlementsContext", () => {
     const result = await getSelfHostedOrganizationEntitlementsContext("org1");
 
     expect(result.features).toContain("ai-smart-tools");
-    expect(result.features).not.toContain("ai-data-analysis");
-  });
-
-  test("maps aiDataAnalysis feature to ai-data-analysis entitlement", async () => {
-    mockGetOrg.mockResolvedValue({ id: "org1" } as any);
-    mockGetLicense.mockResolvedValue({
-      status: "active",
-      active: true,
-      features: { aiDataAnalysis: true },
-    } as any);
-
-    const result = await getSelfHostedOrganizationEntitlementsContext("org1");
-
-    expect(result.features).toContain("ai-data-analysis");
-    expect(result.features).not.toContain("ai-smart-tools");
-  });
-
-  test("maps both AI features when both are enabled", async () => {
-    mockGetOrg.mockResolvedValue({ id: "org1" } as any);
-    mockGetLicense.mockResolvedValue({
-      status: "active",
-      active: true,
-      features: { aiSmartTools: true, aiDataAnalysis: true },
-    } as any);
-
-    const result = await getSelfHostedOrganizationEntitlementsContext("org1");
-
-    expect(result.features).toContain("ai-smart-tools");
-    expect(result.features).toContain("ai-data-analysis");
   });
 
   test("maps feedbackDirectories feature to feedback-directories entitlement", async () => {

apps/web/modules/entitlements/lib/self-hosted-provider.ts

@@ -30,9 +30,6 @@ const mapLicenseFeaturesToEntitlements = (
   if (features.aiSmartTools) {
     entitlementKeys.push(CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.AI_SMART_TOOLS);
   }
-  if (features.aiDataAnalysis) {
-    entitlementKeys.push(CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.AI_DATA_ANALYSIS);
-  }
   if (features.feedbackDirectories) {
     entitlementKeys.push(CLOUD_STRIPE_FEATURE_LOOKUP_KEYS.FEEDBACK_DIRECTORIES);
   }

apps/web/modules/hub/feedback-records-gateway.ts

@@ -6,6 +6,7 @@ import { logger } from "@formbricks/logger";
 import { TAuthenticationApiKey } from "@formbricks/types/auth";
 import { ZId } from "@formbricks/types/common";
 import { AuthorizationError } from "@formbricks/types/errors";
+import { RequestBodyTooLargeError, readRequestBodyWithLimit } from "@/app/lib/api/request-body";
 import { verifyFeedbackRecordsGatewayToken } from "@/lib/jwt";
 import { checkAuthorizationUpdated } from "@/lib/utils/action-client/action-client-middleware";
 import { getBearerTokenFromHeaders } from "@/modules/api/lib/api-key-auth";
@@ -147,17 +148,35 @@ const parseTenantId = (tenantId: string | null): string | null => {
   return ZId.safeParse(tenantId).success ? tenantId : null;
 };
 
-const parseJsonBody = async (request: NextRequest): Promise<Record<string, unknown> | null> => {
+const parseJsonBody = async (
+  request: NextRequest
+): Promise<
+  | {
+      ok: true;
+      body: Record<string, unknown> | null;
+    }
+  | {
+      ok: false;
+      response: Response;
+    }
+> => {
   try {
-    const rawBody = await request.text();
+    const rawBody = await readRequestBodyWithLimit(request);
     if (!rawBody.trim()) {
-      return null;
+      return { ok: true, body: null };
     }
 
     const parsedBody = JSON.parse(rawBody);
-    return parsedBody && typeof parsedBody === "object" ? (parsedBody as Record<string, unknown>) : null;
-  } catch {
-    return null;
+    return {
+      ok: true,
+      body: parsedBody && typeof parsedBody === "object" ? (parsedBody as Record<string, unknown>) : null,
+    };
+  } catch (error) {
+    if (error instanceof RequestBodyTooLargeError) {
+      return { ok: false, response: buildGatewayStatusResponse(413, "Payload Too Large") };
+    }
+
+    return { ok: true, body: null };
   }
 };
 
@@ -208,7 +227,12 @@ const resolveTenantId = async (
   }
 
   if (route.tenantSource === "body") {
-    const body = await parseJsonBody(request);
+    const parseResult = await parseJsonBody(request);
+    if (!parseResult.ok) {
+      return { errorResponse: parseResult.response };
+    }
+
+    const body = parseResult.body;
     const tenantId = parseTenantId(typeof body?.tenant_id === "string" ? body.tenant_id : null);
     if (!tenantId) {
       return {

apps/web/modules/hub/service.ts

@@ -129,6 +129,57 @@ export const deleteFeedbackRecord = async (id: string): Promise<HubFeedbackRecor
   }
 };
 
+export type HubTenantDataDeleteResult = {
+  data: {
+    deletedFeedbackRecords: number;
+    deletedEmbeddings: number;
+    deletedWebhooks: number;
+  } | null;
+  error: HubError | null;
+};
+
+type TenantDataDeleteResponse = {
+  tenant_id: string;
+  deleted_feedback_records: number;
+  deleted_embeddings: number;
+  deleted_webhooks: number;
+  message?: string;
+};
+
+/**
+ * Purge all Hub-owned data (feedback records, derived embeddings, webhooks) for a tenant.
+ * Called when the owning organization is deleted so Hub-side rows don't become orphaned.
+ * Idempotent on the Hub side; the caller treats failures as best-effort.
+ *
+ * Hits `DELETE /v1/tenants/{tenant_id}/data` directly because the SDK doesn't yet expose
+ * a typed method for this endpoint.
+ */
+export const deleteHubTenantData = async (tenantId: string): Promise<HubTenantDataDeleteResult> => {
+  const client = getHubClient();
+  if (!client) {
+    return { data: null, error: { ...NO_CONFIG_ERROR } };
+  }
+
+  try {
+    const data = await client.delete<TenantDataDeleteResponse>(
+      `/v1/tenants/${encodeURIComponent(tenantId)}/data`
+    );
+    return {
+      data: {
+        deletedFeedbackRecords: data.deleted_feedback_records,
+        deletedEmbeddings: data.deleted_embeddings,
+        deletedWebhooks: data.deleted_webhooks,
+      },
+      error: null,
+    };
+  } catch (err) {
+    logger.warn({ err, tenantId }, "Hub: deleteHubTenantData failed");
+    const status = getErrorStatus(err);
+    const message = getErrorMessage(err);
+    return { data: null, error: { status, message, detail: message } };
+  }
+};
+
 export type ListFeedbackRecordsResult = {
   data: FeedbackRecordListResponse | null;
   error: HubError | null;

apps/web/modules/response-pipeline/lib/process-response-pipeline-job.test.ts

@@ -6,6 +6,8 @@ import { processResponsePipelineJob } from "./process-response-pipeline-job";
 const {
   mockFetch,
   mockCaptureSurveyResponsePostHogEvent,
+  mockCreatePinnedDispatcher,
+  mockDispatcherDestroy,
   mockGetIntegrations,
   mockGetResponseCountBySurveyId,
   mockHandleIntegrations,
@@ -21,13 +23,16 @@ const {
   mockSendFollowUpsForResponse,
   mockSendResponseFinishedEmail,
   mockSendTelemetryEvents,
-  mockValidateWebhookUrl,
+  mockValidateAndResolveWebhookUrl,
 } = vi.hoisted(() => {
   process.env.HUB_API_URL ??= "https://hub.test";
+  const dispatcherDestroy = vi.fn().mockResolvedValue(undefined);
 
   return {
     mockFetch: vi.fn(),
     mockCaptureSurveyResponsePostHogEvent: vi.fn(),
+    mockCreatePinnedDispatcher: vi.fn(() => ({ destroy: dispatcherDestroy })),
+    mockDispatcherDestroy: dispatcherDestroy,
     mockGetIntegrations: vi.fn(),
     mockGetResponseCountBySurveyId: vi.fn(),
     mockHandleIntegrations: vi.fn(),
@@ -43,7 +48,7 @@ const {
     mockSendFollowUpsForResponse: vi.fn(),
     mockSendResponseFinishedEmail: vi.fn(),
     mockSendTelemetryEvents: vi.fn(),
-    mockValidateWebhookUrl: vi.fn(),
+    mockValidateAndResolveWebhookUrl: vi.fn(),
   };
 });
 
@@ -80,6 +85,7 @@ vi.mock(import("@/lib/constants"), async (importOriginal) => {
   return {
     ...actual,
     POSTHOG_KEY: undefined,
+    DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS: false,
   };
 });
 
@@ -104,7 +110,8 @@ vi.mock("./posthog", () => ({
 }));
 
 vi.mock("@/lib/utils/validate-webhook-url", () => ({
-  validateWebhookUrl: mockValidateWebhookUrl,
+  validateAndResolveWebhookUrl: mockValidateAndResolveWebhookUrl,
+  createPinnedDispatcher: mockCreatePinnedDispatcher,
 }));
 
 vi.mock("@/modules/ee/audit-logs/lib/handler", () => ({
@@ -205,7 +212,9 @@ describe("processResponsePipelineJob", () => {
     mockPrismaUserFindMany.mockResolvedValue([]);
     mockGetResponseCountBySurveyId.mockResolvedValue(1);
     mockHandleIntegrations.mockResolvedValue(undefined);
-    mockValidateWebhookUrl.mockResolvedValue(undefined);
+    mockValidateAndResolveWebhookUrl.mockResolvedValue({ ip: "93.184.216.34", family: 4 });
+    mockDispatcherDestroy.mockResolvedValue(undefined);
+    mockCreatePinnedDispatcher.mockImplementation(() => ({ destroy: mockDispatcherDestroy }));
     mockQueueAuditEventWithoutRequest.mockResolvedValue(undefined);
     mockRecordResponseCreatedMeterEvent.mockResolvedValue(undefined);
     mockSendResponseFinishedEmail.mockResolvedValue(undefined);
@@ -242,7 +251,7 @@ describe("processResponsePipelineJob", () => {
         triggers: { has: "responseCreated" },
       },
     });
-    expect(mockValidateWebhookUrl).toHaveBeenCalledWith("https://example.com/webhook");
+    expect(mockValidateAndResolveWebhookUrl).toHaveBeenCalledWith("https://example.com/webhook");
     expect(mockFetch).toHaveBeenCalledWith(
       "https://example.com/webhook",
       expect.objectContaining({
@@ -481,7 +490,7 @@ describe("processResponsePipelineJob", () => {
         url: "https://example.com/webhook",
       },
     ]);
-    mockValidateWebhookUrl.mockRejectedValue(webhookError);
+    mockValidateAndResolveWebhookUrl.mockRejectedValue(webhookError);
 
     await expect(
       processResponsePipelineJob(
@@ -527,7 +536,7 @@ describe("processResponsePipelineJob", () => {
         locale: "en",
       },
     ]);
-    mockValidateWebhookUrl.mockRejectedValue(webhookError);
+    mockValidateAndResolveWebhookUrl.mockRejectedValue(webhookError);
 
     await expect(
       processResponsePipelineJob(
@@ -780,6 +789,133 @@ describe("processResponsePipelineJob", () => {
     );
   });
 
+  test("pins fetch to the resolved webhook IP via undici dispatcher", async () => {
+    mockPrismaWebhookFindMany.mockResolvedValue([
+      {
+        id: "webhook_123",
+        secret: null,
+        url: "https://example.com/webhook",
+      },
+    ]);
+    const pinnedDispatcher = { destroy: mockDispatcherDestroy };
+    mockValidateAndResolveWebhookUrl.mockResolvedValue({ ip: "203.0.113.10", family: 4 });
+    mockCreatePinnedDispatcher.mockReturnValue(pinnedDispatcher);
+
+    await expect(processResponsePipelineJob(baseData, baseContext)).resolves.toBeUndefined();
+
+    expect(mockValidateAndResolveWebhookUrl).toHaveBeenCalledWith("https://example.com/webhook");
+    expect(mockCreatePinnedDispatcher).toHaveBeenCalledWith({ ip: "203.0.113.10", family: 4 });
+    expect(mockFetch).toHaveBeenCalledWith(
+      "https://example.com/webhook",
+      expect.objectContaining({
+        dispatcher: pinnedDispatcher,
+        redirect: "manual",
+      })
+    );
+  });
+
+  test("blocks 3xx redirects from webhook endpoints as delivery failures", async () => {
+    mockPrismaWebhookFindMany.mockResolvedValue([
+      {
+        id: "webhook_123",
+        secret: null,
+        url: "https://example.com/webhook",
+      },
+    ]);
+    mockFetch.mockResolvedValue({
+      ok: false,
+      status: 302,
+    });
+
+    await expect(processResponsePipelineJob(baseData, baseContext)).rejects.toThrow(
+      "Webhook delivery blocked: redirect status 302"
+    );
+
+    expect(mockFetch).toHaveBeenCalledWith(
+      "https://example.com/webhook",
+      expect.objectContaining({ redirect: "manual" })
+    );
+    expect(mockLoggerError).toHaveBeenCalledWith(
+      expect.objectContaining({
+        err: expect.any(Error),
+        webhookId: "webhook_123",
+      }),
+      "Response pipeline webhook delivery failed"
+    );
+  });
+
+  test("destroys the pinned dispatcher after a successful webhook delivery", async () => {
+    mockPrismaWebhookFindMany.mockResolvedValue([
+      {
+        id: "webhook_123",
+        secret: null,
+        url: "https://example.com/webhook",
+      },
+    ]);
+
+    await expect(processResponsePipelineJob(baseData, baseContext)).resolves.toBeUndefined();
+
+    expect(mockDispatcherDestroy).toHaveBeenCalledTimes(1);
+  });
+
+  test("logs dispatcher cleanup failures without failing a successful webhook delivery", async () => {
+    const cleanupError = new Error("destroy failed");
+    mockPrismaWebhookFindMany.mockResolvedValue([
+      {
+        id: "webhook_123",
+        secret: null,
+        url: "https://example.com/webhook",
+      },
+    ]);
+    mockDispatcherDestroy.mockRejectedValue(cleanupError);
+
+    await expect(processResponsePipelineJob(baseData, baseContext)).resolves.toBeUndefined();
+
+    expect(mockLoggerWarn).toHaveBeenCalledWith(
+      expect.objectContaining({
+        err: cleanupError,
+        webhookId: "webhook_123",
+        webhookUrl: "https://example.com/webhook",
+      }),
+      "Response pipeline webhook dispatcher cleanup failed"
+    );
+  });
+
+  test("destroys the pinned dispatcher when the webhook fetch throws", async () => {
+    mockPrismaWebhookFindMany.mockResolvedValue([
+      {
+        id: "webhook_123",
+        secret: null,
+        url: "https://example.com/webhook",
+      },
+    ]);
+    mockFetch.mockRejectedValue(new Error("connect refused"));
+
+    await expect(processResponsePipelineJob(baseData, baseContext)).rejects.toThrow("connect refused");
+
+    expect(mockDispatcherDestroy).toHaveBeenCalledTimes(1);
+  });
+
+  test("does not pin a dispatcher when the resolver returns null (internal URL flag)", async () => {
+    mockPrismaWebhookFindMany.mockResolvedValue([
+      {
+        id: "webhook_123",
+        secret: null,
+        url: "http://localhost:3000/webhook",
+      },
+    ]);
+    mockValidateAndResolveWebhookUrl.mockResolvedValue(null);
+
+    await expect(processResponsePipelineJob(baseData, baseContext)).resolves.toBeUndefined();
+
+    expect(mockCreatePinnedDispatcher).not.toHaveBeenCalled();
+    expect(mockDispatcherDestroy).not.toHaveBeenCalled();
+    expect(mockFetch).toHaveBeenCalledWith(
+      "http://localhost:3000/webhook",
+      expect.objectContaining({ dispatcher: undefined })
+    );
+  });
+
   test("classifies database pool exhaustion as retryable and logs a warning", async () => {
     const poolExhaustionError = new Error("Timed out fetching a new connection from the connection pool");
     mockPrismaSurveyFindUnique.mockRejectedValue(poolExhaustionError);

apps/web/modules/response-pipeline/lib/process-response-pipeline-job.ts

@@ -7,11 +7,11 @@ import { logger } from "@formbricks/logger";
 import { DatabaseError } from "@formbricks/types/errors";
 import { type TUserLocale, ZUserLocale } from "@formbricks/types/user";
 import { handleConnectorPipeline } from "@/lib/connector/pipeline-handler";
-import { POSTHOG_KEY } from "@/lib/constants";
+import { DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS, POSTHOG_KEY } from "@/lib/constants";
 import { generateStandardWebhookSignature } from "@/lib/crypto";
 import { getIntegrations } from "@/lib/integration/service";
 import { getResponseCountBySurveyId } from "@/lib/response/service";
-import { validateWebhookUrl } from "@/lib/utils/validate-webhook-url";
+import { createPinnedDispatcher, validateAndResolveWebhookUrl } from "@/lib/utils/validate-webhook-url";
 import { queueAuditEventWithoutRequest } from "@/modules/ee/audit-logs/lib/handler";
 import { type TAuditStatus, UNKNOWN_DATA } from "@/modules/ee/audit-logs/types/audit-log";
 import { recordResponseCreatedMeterEvent } from "@/modules/ee/billing/lib/metering";
@@ -136,9 +136,13 @@ const createWebhookMessageId = ({
   webhookId: string;
 }): string => createHash("sha256").update(`${jobId}:${webhookId}:${event}`).digest("hex");
 
+type WebhookFetchOptions = RequestInit & {
+  dispatcher?: ReturnType<typeof createPinnedDispatcher>;
+};
+
 const fetchWithTimeout = async (
   url: string,
-  options: RequestInit,
+  options: WebhookFetchOptions,
   timeoutMs: number = WEBHOOK_TIMEOUT_MS
 ): Promise<Response> => {
   const abortController = new AbortController();
@@ -153,7 +157,7 @@ const fetchWithTimeout = async (
     return await fetch(url, {
       ...options,
       signal,
-    });
+    } as RequestInit);
   } finally {
     clearTimeout(timeoutId);
   }
@@ -222,15 +226,47 @@ const createWebhookDeliveryTask = async ({
       );
     }
 
-    await validateWebhookUrl(webhook.url);
-    const response = await fetchWithTimeout(webhook.url, {
-      method: "POST",
-      headers: requestHeaders,
-      body,
-    });
+    const address = await validateAndResolveWebhookUrl(webhook.url);
+    // Pin TCP connect to the validated IP — closes DNS-rebinding TOCTOU between
+    // validation and fetch. Skip pinning when address is null (DANGEROUSLY flag +
+    // blocked name resolved via /etc/hosts).
+    const dispatcher = address ? createPinnedDispatcher(address) : undefined;
+    // `redirect: "manual"` blocks 30x-based SSRF to private/internal hosts.
+    // Gated on the same env var as URL validation for self-hosters who opted in.
+    const redirectMode: RequestRedirect = DANGEROUSLY_ALLOW_WEBHOOK_INTERNAL_URLS ? "follow" : "manual";
 
-    if (!response.ok) {
-      throw new Error(`Webhook delivery failed with status ${response.status}`);
+    try {
+      const response = await fetchWithTimeout(webhook.url, {
+        method: "POST",
+        headers: requestHeaders,
+        body,
+        redirect: redirectMode,
+        dispatcher,
+      });
+
+      // With `redirect: "manual"`, undici returns the actual 30x (not opaqueredirect).
+      // Treat as delivery failure so redirect-based SSRF cannot silently succeed.
+      if (response.status >= 300 && response.status < 400) {
+        throw new Error(`Webhook delivery blocked: redirect status ${response.status}`);
+      }
+
+      if (!response.ok) {
+        throw new Error(`Webhook delivery failed with status ${response.status}`);
+      }
+    } finally {
+      try {
+        await dispatcher?.destroy();
+      } catch (cleanupError) {
+        logger.warn(
+          {
+            ...logContext,
+            err: cleanupError,
+            webhookId: webhook.id,
+            webhookUrl: webhook.url,
+          },
+          "Response pipeline webhook dispatcher cleanup failed"
+        );
+      }
     }
   } catch (error) {
     logger.error(

apps/web/modules/survey/lib/organization.test.ts

@@ -77,11 +77,9 @@ describe("getOrganizationAIKeys", () => {
   const mockOrgId = "org_test789";
   const mockOrganizationData: {
     isAISmartToolsEnabled: boolean;
-    isAIDataAnalysisEnabled: boolean;
     billing: TOrganizationBilling;
   } = {
     isAISmartToolsEnabled: true,
-    isAIDataAnalysisEnabled: true,
     billing: {
       stripeCustomerId: null,
       usageCycleAnchor: new Date(),
@@ -104,7 +102,6 @@ describe("getOrganizationAIKeys", () => {
       },
       select: {
         isAISmartToolsEnabled: true,
-        isAIDataAnalysisEnabled: true,
         billing: {
           select: {
             stripeCustomerId: true,

apps/web/modules/survey/lib/organization.ts

@@ -22,7 +22,6 @@ export const getOrganizationAIKeys = reactCache(
     organizationId: string
   ): Promise<{
     isAISmartToolsEnabled: boolean;
-    isAIDataAnalysisEnabled: boolean;
     billing: TOrganizationBilling;
   } | null> => {
     try {
@@ -32,7 +31,6 @@ export const getOrganizationAIKeys = reactCache(
         },
         select: {
           isAISmartToolsEnabled: true,
-          isAIDataAnalysisEnabled: true,
           billing: {
             select: {
               stripeCustomerId: true,
@@ -50,7 +48,6 @@ export const getOrganizationAIKeys = reactCache(
 
       return {
         isAISmartToolsEnabled: organization.isAISmartToolsEnabled,
-        isAIDataAnalysisEnabled: organization.isAIDataAnalysisEnabled,
         billing: {
           stripeCustomerId: organization.billing.stripeCustomerId,
           limits: organization.billing.limits as TOrganizationBilling["limits"],

apps/web/modules/survey/link/components/survey-completed-message.tsx

@@ -31,7 +31,7 @@ export const SurveyCompletedMessage = async ({
       {(!workspace || workspace.linkSurveyBranding) && (
         <div>
           <Link href="https://formbricks.com">
-            <Image src={footerLogo} alt="Brand logo" className="mx-auto w-40" />
+            <Image src={footerLogo as string} alt="Brand logo" className="mx-auto w-40" />
           </Link>
         </div>
       )}

apps/web/modules/survey/link/components/survey-inactive.tsx

@@ -76,7 +76,7 @@ export const SurveyInactive = async ({
       {(!workspace || workspace.linkSurveyBranding) && (
         <div>
           <Link href="https://formbricks.com">
-            <Image src={footerLogo} alt="Brand logo" className="mx-auto w-40" />
+            <Image src={footerLogo as string} alt="Brand logo" className="mx-auto w-40" />
           </Link>
         </div>
       )}

apps/web/modules/survey/link/components/survey-loading-animation.tsx

@@ -123,7 +123,11 @@ export const SurveyLoadingAnimation = ({
           isReadyToTransition ? "animate-surveyExit" : "animate-surveyLoading"
         )}>
         {isBrandingEnabled && (
-          <Image src={Logo} alt="Logo" className={cn("w-32 transition-all duration-1000 md:w-40")} />
+          <Image
+            src={Logo as string}
+            alt="Logo"
+            className={cn("w-32 transition-all duration-1000 md:w-40")}
+          />
         )}
         <LoadingSpinner />
       </div>

apps/web/modules/survey/multi-language-surveys/components/manage-translations-modal.tsx

@@ -145,7 +145,6 @@ export const ManageTranslationsModal = ({
       const errorMessages: Record<string, string> = {
         ai_features_not_enabled: t("workspace.surveys.edit.ai_features_not_enabled"),
         ai_smart_tools_disabled: t("workspace.surveys.edit.ai_smart_tools_disabled"),
-        ai_data_analysis_disabled: t("workspace.surveys.edit.ai_data_analysis_disabled"),
         ai_instance_not_configured: t("workspace.surveys.edit.ai_instance_not_configured"),
       };
       return errorMessages[errorCode] ?? errorCode;

apps/web/modules/ui/components/dropdown-menu/index.tsx

@@ -46,7 +46,7 @@ const DropdownMenuSubContent: React.ComponentType<DropdownMenuPrimitive.Dropdown
     <DropdownMenuPrimitive.SubContent
       ref={ref as any}
       className={cn(
-        "z-50 min-w-[8rem] overflow-hidden rounded-lg border border-slate-200 bg-white p-1 font-medium text-slate-600 shadow-sm animate-in slide-in-from-left-1 hover:text-slate-700",
+        "animate-in slide-in-from-left-1 z-50 min-w-[8rem] overflow-hidden rounded-lg border border-slate-200 bg-white p-1 font-medium text-slate-600 shadow-sm hover:text-slate-700",
         className
       )}
       {...props}
@@ -67,7 +67,7 @@ const DropdownMenuContent: React.ComponentType<DropdownMenuPrimitive.DropdownMen
           ref={ref}
           sideOffset={sideOffset}
           className={cn(
-            "z-50 min-w-[8rem] overflow-hidden rounded-lg border border-slate-200 bg-white p-1 font-medium text-slate-700 shadow-sm animate-in data-[side=bottom]:slide-in-from-top-2 data-[side=left]:slide-in-from-right-2 data-[side=right]:slide-in-from-left-2 data-[side=top]:slide-in-from-bottom-2",
+            "animate-in data-[side=right]:slide-in-from-left-2 data-[side=left]:slide-in-from-right-2 data-[side=bottom]:slide-in-from-top-2 data-[side=top]:slide-in-from-bottom-2 z-50 min-w-[8rem] overflow-hidden rounded-lg border border-slate-200 bg-white p-1 font-medium text-slate-700 shadow-sm",
             className
           )}
           {...props}

apps/web/modules/ui/components/popover/index.tsx

@@ -19,7 +19,7 @@ const PopoverContent: React.ForwardRefExoticComponent<
       align={align}
       sideOffset={sideOffset}
       className={cn(
-        "z-50 w-72 rounded-md border border-slate-100 bg-white p-4 shadow-md outline-none animate-in data-[side=bottom]:slide-in-from-top-2 data-[side=left]:slide-in-from-right-2 data-[side=right]:slide-in-from-left-2 data-[side=top]:slide-in-from-bottom-2",
+        "animate-in data-[side=bottom]:slide-in-from-top-2 data-[side=top]:slide-in-from-bottom-2 data-[side=right]:slide-in-from-left-2 data-[side=left]:slide-in-from-right-2 z-50 w-72 rounded-md border border-slate-100 bg-white p-4 shadow-md outline-none",
         className
       )}
       {...props}

apps/web/modules/ui/components/tooltip/index.tsx

@@ -23,7 +23,7 @@ const TooltipContent: React.ComponentType<TooltipPrimitive.TooltipContentProps>
       ref={ref}
       sideOffset={sideOffset}
       className={cn(
-        "z-50 overflow-hidden rounded-md border border-slate-100 bg-white px-3 py-1.5 text-sm text-slate-700 shadow-md animate-in fade-in-50 data-[side=bottom]:slide-in-from-top-1 data-[side=left]:slide-in-from-right-1 data-[side=right]:slide-in-from-left-1 data-[side=top]:slide-in-from-bottom-1",
+        "animate-in fade-in-50 data-[side=bottom]:slide-in-from-top-1 data-[side=top]:slide-in-from-bottom-1 data-[side=left]:slide-in-from-right-1 data-[side=right]:slide-in-from-left-1 z-50 overflow-hidden rounded-md border border-slate-100 bg-white px-3 py-1.5 text-sm text-slate-700 shadow-md",
         className
       )}
       {...props}

apps/web/modules/workspaces/lib/utils.ts

@@ -119,7 +119,6 @@ export const workspaceIdLayoutChecks = async (workspaceId: string) => {
             },
           },
           isAISmartToolsEnabled: true,
-          isAIDataAnalysisEnabled: true,
           whitelabel: true,
         },
       },
@@ -173,7 +172,6 @@ export const getWorkspaceWithRelations = reactCache(async (workspaceId: string,
               },
             },
             isAISmartToolsEnabled: true,
-            isAIDataAnalysisEnabled: true,
             whitelabel: true,
             memberships: {
               where: { userId },
@@ -223,7 +221,6 @@ export const getWorkspaceWithRelations = reactCache(async (workspaceId: string,
         name: data.organization.name,
         billing: data.organization.billing,
         isAISmartToolsEnabled: data.organization.isAISmartToolsEnabled,
-        isAIDataAnalysisEnabled: data.organization.isAIDataAnalysisEnabled,
         whitelabel: data.organization.whitelabel,
       },
       membership: data.organization.memberships[0] || null,

apps/web/package.json

@@ -10,8 +10,6 @@
     "build": "cross-env NODE_OPTIONS=--max-old-space-size=8192 next build",
     "build:dev": "pnpm run build",
     "start": "next start",
-    "typecheck": "pnpm typegen && tsc --noEmit --project tsconfig.typecheck.json",
-    "typegen": "cross-env DATABASE_URL=postgresql://postgres:postgres@localhost:5432/formbricks ENCRYPTION_KEY=example REDIS_URL=redis://localhost:6379 next typegen",
     "lint": "eslint . --fix --ext .ts,.js,.tsx,.jsx",
     "test": "dotenv -e ../../.env -- vitest run",
     "test:coverage": "dotenv -e ../../.env -- vitest run --coverage",

apps/web/prisma-client-errors.d.ts

@@ -1,8 +0,0 @@
-import "@prisma/client";
-
-declare module "@prisma/client" {
-  namespace Prisma {
-    // Prisma exposes this error class at runtime, but the generated client types do not declare it on Prisma.
-    const PrismaClientKnownRequestError: typeof import("@prisma/client/runtime/library").PrismaClientKnownRequestError;
-  }
-}

apps/web/tsconfig.typecheck.json

@@ -1,26 +0,0 @@
-{
-  "exclude": [
-    "../../.env",
-    ".next",
-    "node_modules",
-    "playwright",
-    "**/*.test.ts",
-    "**/*.test.tsx",
-    "**/tests/**",
-    "**/__mocks__/**",
-    "**/__tests__/**"
-  ],
-  "extends": "./tsconfig.json",
-  "include": [
-    "next-env.d.ts",
-    "**/*.d.ts",
-    "app/**/*.ts",
-    "app/**/*.tsx",
-    "lib/**/*.ts",
-    "lib/**/*.tsx",
-    "modules/**/*.ts",
-    "modules/**/*.tsx",
-    "scripts/**/*.ts",
-    "../../packages/types/*.d.ts"
-  ]
-}

charts/formbricks/Chart.lock

@@ -2,14 +2,11 @@ dependencies:
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
   version: 16.4.16
-- name: redis
-  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 20.11.2
 - name: gateway-helm
   repository: oci://docker.io/envoyproxy
   version: v1.7.1
 - name: redis
   repository: oci://registry-1.docker.io/bitnamicharts
   version: 20.11.2
-digest: sha256:d93a29cb9cbef513db410ded5aa199f219c5b25ce1870e1e049dc470acc34235
-generated: "2026-04-08T00:33:09.875832+05:30"
+digest: sha256:078652b37649ba5bb72f7463709356c08f464cb989270b97d095b8243c0e58b9
+generated: "2026-05-21T12:52:44.141547+05:30"

charts/formbricks/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: formbricks
-description: A Helm chart for Formbricks with PostgreSQL, Redis
+description: A Helm chart for Formbricks with PostgreSQL, Valkey
 
 type: application
 
@@ -15,7 +15,7 @@ icon: https://formbricks.com/favicon.ico
 keywords:
   - formbricks
   - postgresql
-  - redis
+  - valkey
 
 home: https://formbricks.com/docs/self-hosting/setup/kubernetes
 maintainers:
@@ -27,10 +27,6 @@ dependencies:
     version: "16.4.16"
     repository: "oci://registry-1.docker.io/bitnamicharts"
     condition: postgresql.enabled
-  - name: redis
-    version: 20.11.2
-    repository: "oci://registry-1.docker.io/bitnamicharts"
-    condition: redis.enabled
   - name: gateway-helm
     alias: envoy
     version: "v1.7.1"