fix test

.cursor/rules/build-and-deployment.mdc

@@ -0,0 +1,61 @@
+---
+description: 
+globs: 
+alwaysApply: false
+---
+# Build & Deployment Best Practices
+
+## Build Process
+
+### Running Builds
+- Use `pnpm build` from project root for full build
+- Monitor for React hooks warnings and fix them immediately
+- Ensure all TypeScript errors are resolved before deployment
+
+### Common Build Issues & Fixes
+
+#### React Hooks Warnings
+- Capture ref values in variables within useEffect cleanup
+- Avoid accessing `.current` directly in cleanup functions
+- Pattern for fixing ref cleanup warnings:
+```typescript
+useEffect(() => {
+  const currentRef = myRef.current;
+  return () => {
+    if (currentRef) {
+      currentRef.cleanup();
+    }
+  };
+}, []);
+```
+
+#### Test Failures During Build
+- Ensure all test mocks include required constants like `SESSION_MAX_AGE`
+- Mock Next.js navigation hooks properly: `useParams`, `useRouter`, `useSearchParams`
+- Remove unused imports and constants from test files
+- Use literal values instead of imported constants when the constant isn't actually needed
+
+### Test Execution
+- Run `pnpm test` to execute all tests
+- Use `pnpm test -- --run filename.test.tsx` for specific test files
+- Fix test failures before merging code
+- Ensure 100% test coverage for new components
+
+### Performance Monitoring
+- Monitor build times and optimize if necessary
+- Watch for memory usage during builds
+- Use proper caching strategies for faster rebuilds
+
+### Deployment Checklist
+1. All tests passing
+2. Build completes without warnings
+3. TypeScript compilation successful
+4. No linter errors
+5. Database migrations applied (if any)
+6. Environment variables configured
+
+### EKS Deployment Considerations
+- Ensure latest code is deployed to all pods
+- Monitor AWS RDS Performance Insights for database issues
+- Verify environment-specific configurations
+- Check pod health and resource usage

.cursor/rules/cache-optimization.mdc

@@ -0,0 +1,415 @@
+---
+description: Caching rules for performance improvements
+globs: 
+alwaysApply: false
+---
+# Cache Optimization Patterns for Formbricks
+
+## Cache Strategy Overview
+
+Formbricks uses a **hybrid caching approach** optimized for enterprise scale:
+
+- **Redis** for persistent cross-request caching  
+- **React `cache()`** for request-level deduplication
+- **NO Next.js `unstable_cache()`** - avoid for reliability
+
+## Key Files
+
+### Core Cache Infrastructure
+- [packages/cache/src/service.ts](mdc:packages/cache/src/service.ts) - Redis cache service
+- [packages/cache/src/client.ts](mdc:packages/cache/src/client.ts) - Cache client initialization and singleton management  
+- [apps/web/lib/cache/index.ts](mdc:apps/web/lib/cache/index.ts) - Cache service proxy for web app
+- [packages/cache/src/index.ts](mdc:packages/cache/src/index.ts) - Cache package exports and utilities
+
+### Environment State Caching (Critical Endpoint)
+- [apps/web/app/api/v1/client/[environmentId]/environment/route.ts](mdc:apps/web/app/api/v1/client/[environmentId]/environment/route.ts) - Main endpoint serving hundreds of thousands of SDK clients
+- [apps/web/app/api/v1/client/[environmentId]/environment/lib/data.ts](mdc:apps/web/app/api/v1/client/[environmentId]/environment/lib/data.ts) - Optimized data layer with caching
+
+## Enterprise-Grade Cache Key Patterns
+
+**Always use** the `createCacheKey` utilities from the cache package:
+
+```typescript
+// ✅ Correct patterns
+createCacheKey.environment.state(environmentId)     // "fb:env:abc123:state"
+createCacheKey.organization.billing(organizationId) // "fb:org:xyz789:billing"
+createCacheKey.license.status(organizationId)       // "fb:license:org123:status"
+createCacheKey.user.permissions(userId, orgId)      // "fb:user:456:org:123:permissions"
+
+// ❌ Never use flat keys - collision-prone
+"environment_abc123"
+"user_data_456"
+```
+
+## When to Use Each Cache Type
+
+### Use React `cache()` for Request Deduplication
+```typescript
+// ✅ Prevents multiple calls within same request
+export const getEnterpriseLicense = reactCache(async () => {
+  // Complex license validation logic
+});
+```
+
+### Use `cache.withCache()` for Simple Database Queries
+```typescript
+// ✅ Simple caching with automatic fallback (TTL in milliseconds)
+export const getActionClasses = (environmentId: string) => {
+  return cache.withCache(() => fetchActionClassesFromDB(environmentId), 
+    createCacheKey.environment.actionClasses(environmentId),
+    60 * 30 * 1000 // 30 minutes in milliseconds
+  );
+};
+```
+
+### Use Explicit Redis Cache for Complex Business Logic
+```typescript
+// ✅ Full control for high-stakes endpoints
+export const getEnvironmentState = async (environmentId: string) => {
+  const cached = await environmentStateCache.getEnvironmentState(environmentId);
+  if (cached) return cached;
+  
+  const fresh = await buildComplexState(environmentId);
+  await environmentStateCache.setEnvironmentState(environmentId, fresh);
+  return fresh;
+};
+```
+
+## Caching Decision Framework
+
+### When TO Add Caching
+
+```typescript
+// ✅ Expensive operations that benefit from caching
+- Database queries (>10ms typical)
+- External API calls (>50ms typical)  
+- Complex computations (>5ms)
+- File system operations
+- Heavy data transformations
+
+// Example: Database query with complex joins (TTL in milliseconds)
+export const getEnvironmentWithDetails = withCache(
+  async (environmentId: string) => {
+    return prisma.environment.findUnique({
+      where: { id: environmentId },
+      include: { /* complex joins */ }
+    });
+  },
+  { key: createCacheKey.environment.details(environmentId), ttl: 60 * 30 * 1000 } // 30 minutes
+)();
+```
+
+### When NOT to Add Caching
+
+```typescript
+// ❌ Don't cache these operations - minimal overhead
+- Simple property access (<0.1ms)
+- Basic transformations (<1ms)
+- Functions that just call already-cached functions
+- Pure computation without I/O
+
+// ❌ Bad example: Redundant caching
+const getCachedLicenseFeatures = withCache(
+  async () => {
+    const license = await getEnterpriseLicense(); // Already cached!
+    return license.active ? license.features : null; // Just property access
+  },
+  { key: "license-features", ttl: 1800 * 1000 } // 30 minutes in milliseconds
+);
+
+// ✅ Good example: Simple and efficient
+const getLicenseFeatures = async () => {
+  const license = await getEnterpriseLicense(); // Already cached
+  return license.active ? license.features : null; // 0.1ms overhead
+};
+```
+
+### Computational Overhead Analysis
+
+Before adding caching, analyze the overhead:
+
+```typescript
+// ✅ High overhead - CACHE IT
+- Database queries: ~10-100ms
+- External APIs: ~50-500ms  
+- File I/O: ~5-50ms
+- Complex algorithms: >5ms
+
+// ❌ Low overhead - DON'T CACHE
+- Property access: ~0.001ms
+- Simple lookups: ~0.1ms
+- Basic validation: ~1ms
+- Type checks: ~0.01ms
+
+// Example decision tree:
+const expensiveOperation = async () => {
+  return prisma.query(); // 50ms - CACHE IT
+};
+
+const cheapOperation = (data: any) => {
+  return data.property; // 0.001ms - DON'T CACHE
+};
+```
+
+### Avoid Cache Wrapper Anti-Pattern
+
+```typescript
+// ❌ Don't create wrapper functions just for caching
+const getCachedUserPermissions = withCache(
+  async (userId: string) => getUserPermissions(userId),
+  { key: createCacheKey.user.permissions(userId), ttl: 3600 * 1000 } // 1 hour in milliseconds
+);
+
+// ✅ Add caching directly to the original function
+export const getUserPermissions = withCache(
+  async (userId: string) => {
+    return prisma.user.findUnique({
+      where: { id: userId },
+      include: { permissions: true }
+    });
+  },
+  { key: createCacheKey.user.permissions(userId), ttl: 3600 * 1000 } // 1 hour in milliseconds
+);
+```
+
+## TTL Coordination Strategy
+
+### Multi-Layer Cache Coordination
+For endpoints serving client SDKs, coordinate TTLs across layers:
+
+```typescript
+// Client SDK cache (expiresAt) - longest TTL for fewer requests
+const CLIENT_TTL = 60;           // 1 minute (seconds for client)
+
+// Server Redis cache - shorter TTL ensures fresh data for clients  
+const SERVER_TTL = 60 * 1000;   // 1 minutes in milliseconds
+
+// HTTP cache headers (seconds)
+const BROWSER_TTL = 60;         // 1 minute (max-age)
+const CDN_TTL = 60;             // 1 minute (s-maxage)
+const CORS_TTL = 60 * 60;            // 1 hour (balanced approach)
+```
+
+### Standard TTL Guidelines (in milliseconds for cache-manager + Keyv)
+```typescript
+// Configuration data - rarely changes
+const CONFIG_TTL = 60 * 60 * 24 * 1000;     // 24 hours
+
+// User data - moderate frequency  
+const USER_TTL = 60 * 60 * 2 * 1000;        // 2 hours
+
+// Survey data - changes moderately
+const SURVEY_TTL = 60 * 15 * 1000;          // 15 minutes
+
+// Billing data - expensive to compute
+const BILLING_TTL = 60 * 30 * 1000;         // 30 minutes
+
+// Action classes - infrequent changes
+const ACTION_CLASS_TTL = 60 * 30 * 1000;    // 30 minutes
+```
+
+## High-Frequency Endpoint Optimization
+
+### Performance Patterns for High-Volume Endpoints
+
+```typescript
+// ✅ Optimized high-frequency endpoint pattern
+export const GET = async (request: NextRequest, props: { params: Promise<{ id: string }> }) => {
+  const params = await props.params;
+
+  try {
+    // Simple validation (avoid Zod for high-frequency)
+    if (!params.id || typeof params.id !== 'string') {
+      return responses.badRequestResponse("ID is required", undefined, true);
+    }
+
+    // Single optimized query with caching
+    const data = await getOptimizedData(params.id);
+
+    return responses.successResponse(
+      {
+        data,
+        expiresAt: new Date(Date.now() + CLIENT_TTL * 1000), // SDK cache duration
+      },
+      true,
+      "public, s-maxage=1800, max-age=3600, stale-while-revalidate=1800, stale-if-error=3600"
+    );
+  } catch (err) {
+    // Simplified error handling for performance
+    if (err instanceof ResourceNotFoundError) {
+      return responses.notFoundResponse(err.resourceType, err.resourceId);
+    }
+    logger.error({ error: err, url: request.url }, "Error in high-frequency endpoint");
+    return responses.internalServerErrorResponse(err.message, true);
+  }
+};
+```
+
+### Avoid These Performance Anti-Patterns
+
+```typescript
+// ❌ Avoid for high-frequency endpoints
+const inputValidation = ZodSchema.safeParse(input);     // Too slow
+const startTime = Date.now(); logger.debug(...);       // Logging overhead
+const { data, revalidateEnvironment } = await get();   // Complex return types
+```
+
+### CORS Optimization
+```typescript
+// ✅ Balanced CORS caching (not too aggressive)
+export const OPTIONS = async (): Promise<Response> => {
+  return responses.successResponse(
+    {},
+    true,
+    "public, s-maxage=3600, max-age=3600" // 1 hour balanced approach
+  );
+};
+```
+
+## Redis Cache Migration from Next.js
+
+### Avoid Legacy Next.js Patterns
+```typescript
+// ❌ Old Next.js unstable_cache pattern (avoid)
+const getCachedData = unstable_cache(
+  async (id) => fetchData(id),
+  ['cache-key'],
+  { tags: ['environment'], revalidate: 900 }
+);
+
+// ❌ Don't use revalidateEnvironment flags with Redis
+return { data, revalidateEnvironment: true }; // This gets cached incorrectly!
+
+// ✅ New Redis pattern with withCache (TTL in milliseconds)
+export const getCachedData = (id: string) => 
+  withCache(
+    () => fetchData(id),
+    {
+      key: createCacheKey.environment.data(id),
+      ttl: 60 * 15 * 1000, // 15 minutes in milliseconds
+    }
+  )();
+```
+
+### Remove Revalidation Logic
+When migrating from Next.js `unstable_cache`:
+- Remove `revalidateEnvironment` or similar flags
+- Remove tag-based invalidation logic  
+- Use TTL-based expiration instead
+- Handle one-time updates (like `appSetupCompleted`) directly in cache
+
+## Data Layer Optimization
+
+### Single Query Pattern
+```typescript
+// ✅ Optimize with single database query
+export const getOptimizedEnvironmentData = async (environmentId: string) => {
+  return prisma.environment.findUniqueOrThrow({
+    where: { id: environmentId },
+    include: {
+      project: { 
+        select: { id: true, recontactDays: true, /* ... */ }
+      },
+      organization: {
+        select: { id: true, billing: true }
+      },
+      surveys: {
+        where: { status: "inProgress" },
+        select: { id: true, name: true, /* ... */ }
+      },
+      actionClasses: {
+        select: { id: true, name: true, /* ... */ }
+      }
+    }
+  });
+};
+
+// ❌ Avoid multiple separate queries
+const environment = await getEnvironment(id);
+const organization = await getOrganization(environment.organizationId);  
+const surveys = await getSurveys(id);
+const actionClasses = await getActionClasses(id);
+```
+
+## Invalidation Best Practices
+
+**Always use explicit key-based invalidation:**
+
+```typescript
+// ✅ Clear and debuggable
+await invalidateCache(createCacheKey.environment.state(environmentId));
+await invalidateCache([
+  createCacheKey.environment.surveys(environmentId),
+  createCacheKey.environment.actionClasses(environmentId)
+]);
+
+// ❌ Avoid complex tag systems
+await invalidateByTags(["environment", "survey"]); // Don't do this
+```
+
+## Critical Performance Targets
+
+### High-Frequency Endpoint Goals
+- **Cache hit ratio**: >85%
+- **Response time P95**: <200ms  
+- **Database load reduction**: >60%
+- **HTTP cache duration**: 1hr browser, 30min Cloudflare
+- **SDK refresh interval**: 1 hour with 30min server cache
+
+### Performance Monitoring
+- Use **existing elastic cache analytics** for metrics
+- Log cache errors and warnings (not debug info)
+- Track database query reduction
+- Monitor response times for cached endpoints
+- **Avoid performance logging** in high-frequency endpoints
+
+## Error Handling Pattern
+
+Always provide fallback to fresh data on cache errors:
+
+```typescript
+try {
+  const cached = await cache.get(key);
+  if (cached) return cached;
+  
+  const fresh = await fetchFresh();
+  await cache.set(key, fresh, ttl); // ttl in milliseconds
+  return fresh;
+} catch (error) {
+  // ✅ Always fallback to fresh data
+  logger.warn("Cache error, fetching fresh", { key, error });
+  return fetchFresh();
+}
+```
+
+## Common Pitfalls to Avoid
+
+1. **Never use Next.js `unstable_cache()`** - unreliable in production
+2. **Don't use revalidation flags with Redis** - they get cached incorrectly
+3. **Avoid Zod validation** for simple parameters in high-frequency endpoints
+4. **Don't add performance logging** to high-frequency endpoints
+5. **Coordinate TTLs** between client and server caches
+6. **Don't over-engineer** with complex tag systems  
+7. **Avoid caching rapidly changing data** (real-time metrics)
+8. **Always validate cache keys** to prevent collisions
+9. **Don't add redundant caching layers** - analyze computational overhead first
+10. **Avoid cache wrapper functions** - add caching directly to expensive operations
+11. **Don't cache property access or simple transformations** - overhead is negligible
+12. **Analyze the full call chain** before adding caching to avoid double-caching
+13. **Remember TTL is in milliseconds** for cache-manager + Keyv stack (not seconds)
+
+## Monitoring Strategy
+
+- Use **existing elastic cache analytics** for metrics
+- Log cache errors and warnings  
+- Track database query reduction
+- Monitor response times for cached endpoints
+- **Don't add custom metrics** that duplicate existing monitoring
+
+## Important Notes
+
+### TTL Units
+- **cache-manager + Keyv**: TTL in **milliseconds**
+- **Direct Redis commands**: TTL in **seconds** (EXPIRE, SETEX) or **milliseconds** (PEXPIRE, PSETEX)
+- **HTTP cache headers**: TTL in **seconds** (max-age, s-maxage)
+- **Client SDK**: TTL in **seconds** (expiresAt calculation)

.cursor/rules/database-performance.mdc

@@ -0,0 +1,41 @@
+---
+description: 
+globs: 
+alwaysApply: false
+---
+# Database Performance & Prisma Best Practices
+
+## Critical Performance Rules
+
+### Response Count Queries
+- **NEVER** use `skip`/`offset` with `prisma.response.count()` - this causes expensive subqueries with OFFSET
+- Always use only `where` clauses for count operations: `prisma.response.count({ where: { ... } })`
+- For pagination, separate count queries from data queries
+- Reference: [apps/web/lib/response/service.ts](mdc:apps/web/lib/response/service.ts) line 654-686
+
+### Prisma Query Optimization
+- Use proper indexes defined in [packages/database/schema.prisma](mdc:packages/database/schema.prisma)
+- Leverage existing indexes: `@@index([surveyId, createdAt])`, `@@index([createdAt])`
+- Use cursor-based pagination for large datasets instead of offset-based
+- Cache frequently accessed data using React Cache and custom cache tags
+
+### Date Range Filtering
+- When filtering by `createdAt`, always use indexed queries
+- Combine with `surveyId` for optimal performance: `{ surveyId, createdAt: { gte: start, lt: end } }`
+- Avoid complex WHERE clauses that can't utilize indexes
+
+### Count vs Data Separation
+- Always separate count queries from data fetching queries
+- Use `Promise.all()` to run count and data queries in parallel
+- Example pattern from [apps/web/modules/api/v2/management/responses/lib/response.ts](mdc:apps/web/modules/api/v2/management/responses/lib/response.ts):
+```typescript
+const [responses, totalCount] = await Promise.all([
+  prisma.response.findMany(query),
+  prisma.response.count({ where: whereClause }),
+]);
+```
+
+### Monitoring & Debugging
+- Monitor AWS RDS Performance Insights for problematic queries
+- Look for queries with OFFSET in count operations - these indicate performance issues
+- Use proper error handling with `DatabaseError` for Prisma exceptions

.cursor/rules/database.mdc

@@ -0,0 +1,105 @@
+---
+description: >
+globs: schema.prisma
+alwaysApply: false
+---
+# Formbricks Database Schema Reference
+
+This rule provides a reference to the Formbricks database structure. For the most up-to-date and complete schema definitions, please refer to the schema.prisma file directly.
+
+## Database Overview
+
+Formbricks uses PostgreSQL with Prisma ORM. The schema is designed for multi-tenancy with strong data isolation between organizations.
+
+### Core Hierarchy
+
+```
+Organization
+└── Project
+    └── Environment (production/development)
+        ├── Survey
+        ├── Contact
+        ├── ActionClass
+        └── Integration
+```
+
+## Schema Reference
+
+For the complete and up-to-date database schema, please refer to:
+
+- Main schema: `packages/database/schema.prisma`
+- JSON type definitions: `packages/database/json-types.ts`
+
+The schema.prisma file contains all model definitions, relationships, enums, and field types. The json-types.ts file contains TypeScript type definitions for JSON fields.
+
+## Data Access Patterns
+
+### Multi-tenancy
+
+- All data is scoped by Organization
+- Environment-level isolation for surveys and contacts
+- Project-level grouping for related surveys
+
+### Soft Deletion
+
+Some models use soft deletion patterns:
+
+- Check `isActive` fields where present
+- Use proper filtering in queries
+
+### Cascading Deletes
+
+Configured cascade relationships:
+
+- Organization deletion cascades to all child entities
+- Survey deletion removes responses, displays, triggers
+- Contact deletion removes attributes and responses
+
+## Common Query Patterns
+
+### Survey with Responses
+
+```typescript
+// Include response count and latest responses
+const survey = await prisma.survey.findUnique({
+  where: { id: surveyId },
+  include: {
+    responses: {
+      take: 10,
+      orderBy: { createdAt: "desc" },
+    },
+    _count: {
+      select: { responses: true },
+    },
+  },
+});
+```
+
+### Environment Scoping
+
+```typescript
+// Always scope by environment
+const surveys = await prisma.survey.findMany({
+  where: {
+    environmentId: environmentId,
+    // Additional filters...
+  },
+});
+```
+
+### Contact with Attributes
+
+```typescript
+const contact = await prisma.contact.findUnique({
+  where: { id: contactId },
+  include: {
+    attributes: {
+      include: {
+        attributeKey: true,
+      },
+    },
+  },
+});
+```
+
+This schema supports Formbricks' core functionality: multi-tenant survey management, user targeting, response collection, and analysis, all while maintaining strict data isolation and security.

.cursor/rules/documentations.mdc

@@ -0,0 +1,28 @@
+---
+description: Guideline for writing end-user facing documentation in the apps/docs folder
+globs:
+alwaysApply: false
+---
+
+Follow these instructions and guidelines when asked to write documentation in the apps/docs folder
+
+Follow this structure to write the title, describtion and pick a matching icon and insert it at the top of the MDX file:
+
+---
+
+title: "FEATURE NAME"
+description: "1 concise sentence to describe WHEN the feature is being used and FOR WHAT BENEFIT."
+icon: "link"
+
+---
+
+- Description: 1 concise sentence to describe WHEN the feature is being used and FOR WHAT BENEFIT.
+- Make ample use of the Mintlify components you can find here https://mintlify.com/docs/llms.txt - e.g. if docs describe consecutive steps, always use Mintlify Step component.
+- In all Headlines, only capitalize the current feature and nothing else, to Camel Case.
+- The page should never start with H1 headline, because it's already part of the template.
+- Tonality: Keep it concise and to the point. Avoid Jargon where possible.
+- If a feature is part of the Enterprise Edition, use this note:
+
+<Note>
+  FEATURE NAME is part of the [Enterprise Edition](/self-hosting/advanced/license) 
+</Note>

.cursor/rules/formbricks-architecture.mdc

@@ -0,0 +1,332 @@
+---
+description: 
+globs: 
+alwaysApply: false
+---
+# Formbricks Architecture & Patterns
+
+## Monorepo Structure
+
+### Apps Directory
+- `apps/web/` - Main Next.js web application
+- `packages/` - Shared packages and utilities
+
+### Key Directories in Web App
+```
+apps/web/
+├── app/                    # Next.js 13+ app directory
+│   ├── (app)/             # Main application routes
+│   ├── (auth)/            # Authentication routes
+│   ├── api/               # API routes
+├── components/            # Shared components
+├── lib/                   # Utility functions and services
+└── modules/               # Feature-specific modules
+```
+
+## Routing Patterns
+
+### App Router Structure
+The application uses Next.js 13+ app router with route groups:
+
+```
+(app)/environments/[environmentId]/
+├── surveys/[surveyId]/
+│   ├── (analysis)/        # Analysis views
+│   │   ├── responses/     # Response management
+│   │   ├── summary/       # Survey summary
+│   │   └── hooks/         # Analysis-specific hooks
+│   ├── edit/              # Survey editing
+│   └── settings/          # Survey settings
+```
+
+### Dynamic Routes
+- `[environmentId]` - Environment-specific routes
+- `[surveyId]` - Survey-specific routes
+
+## Service Layer Pattern
+
+### Service Organization
+Services are organized by domain in `apps/web/lib/`:
+
+```typescript
+// Example: Response service
+// apps/web/lib/response/service.ts
+export const getResponseCountAction = async ({
+  surveyId,
+  filterCriteria,
+}: {
+  surveyId: string;
+  filterCriteria: any;
+}) => {
+  // Service implementation
+};
+```
+
+### Action Pattern
+Server actions follow a consistent pattern:
+
+```typescript
+// Action wrapper for service calls
+export const getResponseCountAction = async (params) => {
+  try {
+    const result = await responseService.getCount(params);
+    return { data: result };
+  } catch (error) {
+    return { error: error.message };
+  }
+};
+```
+
+## Context Patterns
+
+### Provider Structure
+Context providers follow a consistent pattern:
+
+```typescript
+// Provider component
+export const ResponseFilterProvider = ({ children }: { children: React.ReactNode }) => {
+  const [selectedFilter, setSelectedFilter] = useState(defaultFilter);
+  
+  const value = {
+    selectedFilter,
+    setSelectedFilter,
+    // ... other state and methods
+  };
+
+  return (
+    <ResponseFilterContext.Provider value={value}>
+      {children}
+    </ResponseFilterContext.Provider>
+  );
+};
+
+// Hook for consuming context
+export const useResponseFilter = () => {
+  const context = useContext(ResponseFilterContext);
+  if (!context) {
+    throw new Error('useResponseFilter must be used within ResponseFilterProvider');
+  }
+  return context;
+};
+```
+
+### Context Composition
+Multiple contexts are often composed together:
+
+```typescript
+// Layout component with multiple providers
+export default function AnalysisLayout({ children }: { children: React.ReactNode }) {
+  return (
+    <ResponseFilterProvider>
+      <ResponseCountProvider>
+        {children}
+      </ResponseCountProvider>
+    </ResponseFilterProvider>
+  );
+}
+```
+
+## Component Patterns
+
+### Page Components
+Page components are located in the app directory and follow this pattern:
+
+```typescript
+// apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/responses/page.tsx
+export default function ResponsesPage() {
+  return (
+    <div>
+      <ResponsesTable />
+      <ResponsesPagination />
+    </div>
+  );
+}
+```
+
+### Component Organization
+- **Pages** - Route components in app directory
+- **Components** - Reusable UI components
+- **Modules** - Feature-specific components and logic
+
+### Shared Components
+Common components are in `apps/web/components/`:
+- UI components (buttons, inputs, modals)
+- Layout components (headers, sidebars)
+- Data display components (tables, charts)
+
+## Hook Patterns
+
+### Custom Hook Structure
+Custom hooks follow consistent patterns:
+
+```typescript
+export const useResponseCount = ({ 
+  survey, 
+  initialCount 
+}: {
+  survey: TSurvey;
+  initialCount?: number;
+}) => {
+  const [responseCount, setResponseCount] = useState(initialCount ?? 0);
+  const [isLoading, setIsLoading] = useState(false);
+  
+  // Hook logic...
+  
+  return {
+    responseCount,
+    isLoading,
+    refetch,
+  };
+};
+```
+
+### Hook Dependencies
+- Use context hooks for shared state
+- Implement proper cleanup with AbortController
+- Optimize dependency arrays to prevent unnecessary re-renders
+
+## Data Fetching Patterns
+
+### Server Actions
+The app uses Next.js server actions for data fetching:
+
+```typescript
+// Server action
+export async function getResponsesAction(params: GetResponsesParams) {
+  const responses = await getResponses(params);
+  return { data: responses };
+}
+
+// Client usage
+const { data } = await getResponsesAction(params);
+```
+
+### Error Handling
+Consistent error handling across the application:
+
+```typescript
+try {
+  const result = await apiCall();
+  return { data: result };
+} catch (error) {
+  console.error("Operation failed:", error);
+  return { error: error.message };
+}
+```
+
+## Type Safety
+
+### Type Organization
+Types are organized in packages:
+- `@formbricks/types` - Shared type definitions
+- Local types in component/hook files
+
+### Common Types
+```typescript
+import { TSurvey } from "@formbricks/types/surveys/types";
+import { TResponse } from "@formbricks/types/responses";
+import { TEnvironment } from "@formbricks/types/environment";
+```
+
+## State Management
+
+### Local State
+- Use `useState` for component-specific state
+- Use `useReducer` for complex state logic
+- Use refs for mutable values that don't trigger re-renders
+
+### Global State
+- React Context for feature-specific shared state
+- URL state for filters and pagination
+- Server state through server actions
+
+## Performance Considerations
+
+### Code Splitting
+- Dynamic imports for heavy components
+- Route-based code splitting with app router
+- Lazy loading for non-critical features
+
+### Caching Strategy
+- Server-side caching for database queries
+- Client-side caching with React Query (where applicable)
+- Static generation for public pages
+
+## Testing Strategy
+
+### Test Organization
+```
+component/
+├── Component.tsx
+├── Component.test.tsx
+└── hooks/
+    ├── useHook.ts
+    └── useHook.test.tsx
+```
+
+### Test Patterns
+- Unit tests for utilities and services
+- Integration tests for components with context
+- Hook tests with proper mocking
+
+## Build & Deployment
+
+### Build Process
+- TypeScript compilation
+- Next.js build optimization
+- Asset optimization and bundling
+
+### Environment Configuration
+- Environment-specific configurations
+- Feature flags for gradual rollouts
+- Database connection management
+
+## Security Patterns
+
+### Authentication
+- Session-based authentication
+- Environment-based access control
+- API route protection
+
+### Data Validation
+- Input validation on both client and server
+- Type-safe API contracts
+- Sanitization of user inputs
+
+## Monitoring & Observability
+
+### Error Tracking
+- Client-side error boundaries
+- Server-side error logging
+- Performance monitoring
+
+### Analytics
+- User interaction tracking
+- Performance metrics
+- Database query monitoring
+
+## Best Practices Summary
+
+### Code Organization
+- ✅ Follow the established directory structure
+- ✅ Use consistent naming conventions
+- ✅ Separate concerns (UI, logic, data)
+- ✅ Keep components focused and small
+
+### Performance
+- ✅ Implement proper loading states
+- ✅ Use AbortController for async operations
+- ✅ Optimize database queries
+- ✅ Implement proper caching strategies
+
+### Type Safety
+- ✅ Use TypeScript throughout
+- ✅ Define proper interfaces for props
+- ✅ Use type guards for runtime validation
+- ✅ Leverage shared type packages
+
+### Testing
+- ✅ Write tests for critical functionality
+- ✅ Mock external dependencies properly
+- ✅ Test error scenarios and edge cases
+- ✅ Maintain good test coverage

.cursor/rules/github-actions-security.mdc

@@ -0,0 +1,232 @@
+---
+description: Security best practices and guidelines for writing GitHub Actions and workflows
+globs: .github/workflows/*.yml,.github/workflows/*.yaml,.github/actions/*/action.yml,.github/actions/*/action.yaml
+---
+
+# GitHub Actions Security Best Practices
+
+## Required Security Measures
+
+### 1. Set Minimum GITHUB_TOKEN Permissions
+
+Always explicitly set the minimum required permissions for GITHUB_TOKEN:
+
+```yaml
+permissions:
+  contents: read
+  # Only add additional permissions if absolutely necessary:
+  # pull-requests: write  # for commenting on PRs
+  # issues: write         # for creating/updating issues
+  # checks: write         # for publishing check results
+```
+
+### 2. Add Harden-Runner as First Step
+
+For **every job** on `ubuntu-latest`, add Harden-Runner as the first step:
+
+```yaml
+- name: Harden the runner
+  uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
+  with:
+    egress-policy: audit # or 'block' for stricter security
+```
+
+### 3. Pin Actions to Full Commit SHA
+
+**Always** pin third-party actions to their full commit SHA, not tags:
+
+```yaml
+# ❌ BAD - uses mutable tag
+- uses: actions/checkout@v4
+
+# ✅ GOOD - pinned to immutable commit SHA
+- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+```
+
+### 4. Secure Variable Handling
+
+Prevent command injection by properly quoting variables:
+
+```yaml
+# ❌ BAD - potential command injection
+run: echo "Processing ${{ inputs.user_input }}"
+
+# ✅ GOOD - properly quoted
+env:
+  USER_INPUT: ${{ inputs.user_input }}
+run: echo "Processing ${USER_INPUT}"
+```
+
+Use `${VARIABLE}` syntax in shell scripts instead of `$VARIABLE`.
+
+### 5. Environment Variables for Secrets
+
+Store sensitive data in environment variables, not inline:
+
+```yaml
+# ❌ BAD
+run: curl -H "Authorization: Bearer ${{ secrets.TOKEN }}" api.example.com
+
+# ✅ GOOD
+env:
+  API_TOKEN: ${{ secrets.TOKEN }}
+run: curl -H "Authorization: Bearer ${API_TOKEN}" api.example.com
+```
+
+## Workflow Structure Best Practices
+
+### Required Workflow Elements
+
+```yaml
+name: "Descriptive Workflow Name"
+
+on:
+  # Define specific triggers
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+# Always set explicit permissions
+permissions:
+  contents: read
+
+jobs:
+  job-name:
+    name: "Descriptive Job Name"
+    runs-on: ubuntu-latest
+    timeout-minutes: 30 # tune per job; standardize repo-wide
+
+    # Set job-level permissions if different from workflow level
+    permissions:
+      contents: read
+
+    steps:
+      # Always start with Harden-Runner on ubuntu-latest
+      - name: Harden the runner
+        uses: step-security/harden-runner@v2
+        with:
+          egress-policy: audit
+
+      # Pin all actions to commit SHA
+      - name: Checkout code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+```
+
+### Input Validation for Actions
+
+For composite actions, always validate inputs:
+
+```yaml
+inputs:
+  user_input:
+    description: "User provided input"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Validate input
+      shell: bash
+      run: |
+        # Harden shell and validate input format/content before use
+        set -euo pipefail
+
+        USER_INPUT="${{ inputs.user_input }}"
+
+        if [[ ! "${USER_INPUT}" =~ ^[A-Za-z0-9._-]+$ ]]; then
+          echo "❌ Invalid input format"
+          exit 1
+        fi
+```
+
+## Docker Security in Actions
+
+### Pin Docker Images to Digests
+
+```yaml
+# ❌ BAD - mutable tag
+container: node:18
+
+# ✅ GOOD - pinned to digest
+container: node:18@sha256:a1ba21bf0c92931d02a8416f0a54daad66cb36a85d6a37b82dfe1604c4c09cad
+```
+
+## Common Patterns
+
+### Secure File Operations
+
+```yaml
+- name: Process files securely
+  shell: bash
+  env:
+    FILE_PATH: ${{ inputs.file_path }}
+  run: |
+    set -euo pipefail  # Fail on errors, undefined vars, pipe failures
+
+    # Use absolute paths and validate
+    SAFE_PATH=$(realpath "${FILE_PATH}")
+    if [[ "$SAFE_PATH" != "${GITHUB_WORKSPACE}"/* ]]; then
+      echo "❌ Path outside workspace"
+      exit 1
+    fi
+```
+
+### Artifact Handling
+
+```yaml
+- name: Upload artifacts securely
+  uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+  with:
+    name: build-artifacts
+    path: |
+      dist/
+      !dist/**/*.log  # Exclude sensitive files
+    retention-days: 30
+```
+
+### GHCR authentication for pulls/scans
+
+```yaml
+# Minimal permissions required for GHCR pulls/scans
+permissions:
+  contents: read
+  packages: read
+
+steps:
+  - name: Log in to GitHub Container Registry
+    uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+    with:
+      registry: ghcr.io
+      username: ${{ github.actor }}
+      password: ${{ secrets.GITHUB_TOKEN }}
+```
+
+## Security Checklist
+
+- [ ] Minimum GITHUB_TOKEN permissions set
+- [ ] Harden-Runner added to all ubuntu-latest jobs
+- [ ] All third-party actions pinned to commit SHA
+- [ ] Input validation implemented for custom actions
+- [ ] Variables properly quoted in shell scripts
+- [ ] Secrets stored in environment variables
+- [ ] Docker images pinned to digests (if used)
+- [ ] Error handling with `set -euo pipefail`
+- [ ] File paths validated and sanitized
+- [ ] No sensitive data in logs or outputs
+- [ ] GHCR login performed before pulls/scans (packages: read)
+- [ ] Job timeouts configured (`timeout-minutes`)
+
+## Recommended Additional Workflows
+
+Consider adding these security-focused workflows to your repository:
+
+1. **CodeQL Analysis** - Static Application Security Testing (SAST)
+2. **Dependency Review** - Scan for vulnerable dependencies in PRs
+3. **Dependabot Configuration** - Automated dependency updates
+
+## Resources
+
+- [GitHub Security Hardening Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions)
+- [Step Security Harden-Runner](https://github.com/step-security/harden-runner)
+- [Secure-Repo Best Practices](https://github.com/step-security/secure-repo)

.cursor/rules/i18n-management.mdc

@@ -0,0 +1,457 @@
+---
+title: i18n Management with Lingo.dev
+description: Guidelines for managing internationalization (i18n) with Lingo.dev, including translation workflow, key validation, and best practices
+---
+
+# i18n Management with Lingo.dev
+
+This rule defines the workflow and best practices for managing internationalization (i18n) in the Formbricks project using Lingo.dev.
+
+## Overview
+
+Formbricks uses [Lingo.dev](https://lingo.dev) for managing translations across multiple languages. The translation workflow includes:
+
+1. **Translation Keys**: Defined in code using the `t()` function from `react-i18next`
+2. **Translation Files**: JSON files stored in `apps/web/locales/` for each supported language
+3. **Validation**: Automated scanning to detect missing and unused translation keys
+4. **CI/CD**: Pre-commit hooks and GitHub Actions to enforce translation quality
+
+## Translation Workflow
+
+### 1. Using Translations in Code
+
+When adding translatable text in the web app, use the `t()` function or `<Trans>` component:
+
+**Using the `t()` function:**
+```tsx
+import { useTranslate } from "@/lib/i18n/translate";
+
+const MyComponent = () => {
+  const { t } = useTranslate();
+  
+  return (
+    <div>
+      <h1>{t("common.welcome")}</h1>
+      <p>{t("pages.dashboard.description")}</p>
+    </div>
+  );
+};
+```
+
+**Using the `<Trans>` component (for text with HTML elements):**
+```tsx
+import { Trans } from "react-i18next";
+
+const MyComponent = () => {
+  return (
+    <div>
+      <p>
+        <Trans
+          i18nKey="auth.terms_agreement"
+          components={{ 
+            link: <a href="/terms" />,
+            b: <b />
+          }}
+        />
+      </p>
+    </div>
+  );
+};
+```
+
+**Key Naming Conventions:**
+- Use dot notation for nested keys: `section.subsection.key`
+- Use descriptive names: `auth.login.success_message` not `auth.msg1`
+- Group related keys together: `auth.*`, `errors.*`, `common.*`
+- Use lowercase with underscores: `user_profile_settings` not `UserProfileSettings`
+
+### 2. Translation File Structure
+
+Translation files are located in `apps/web/locales/` and use the following naming convention:
+- `en-US.json` (English - United States, default)
+- `de-DE.json` (German)
+- `fr-FR.json` (French)
+- `pt-BR.json` (Portuguese - Brazil)
+- etc.
+
+**File Structure:**
+```json
+{
+  "common": {
+    "welcome": "Welcome",
+    "save": "Save",
+    "cancel": "Cancel"
+  },
+  "auth": {
+    "login": {
+      "title": "Login",
+      "email_placeholder": "Enter your email",
+      "password_placeholder": "Enter your password"
+    }
+  }
+}
+```
+
+### 3. Adding New Translation Keys
+
+When adding new translation keys:
+
+1. **Add the key in your code** using `t("your.new.key")`
+2. **Add translation for that key in en-US.json file**
+3. **Run the translation workflow:**
+   ```bash
+   pnpm i18n
+   ```
+   This will:
+   - Generate translations for all languages using Lingo.dev
+   - Validate that all keys are present and used
+
+4. **Review and commit** the generated translation files
+
+### 4. Available Scripts
+
+```bash
+# Generate translations using Lingo.dev
+pnpm generate-translations
+
+# Scan and validate translation keys
+pnpm scan-translations
+
+# Full workflow: generate + validate
+pnpm i18n
+
+# Validate only (without generation)
+pnpm i18n:validate
+```
+
+## Translation Key Validation
+
+### Automated Validation
+
+The project includes automated validation that runs:
+- **Pre-commit hook**: Validates translations before allowing commits (when `LINGODOTDEV_API_KEY` is set)
+- **GitHub Actions**: Validates translations on every PR and push to main
+
+### Validation Rules
+
+The validation script (`scan-translations.ts`) checks for:
+
+1. **Missing Keys**: Translation keys used in code but not present in translation files
+2. **Unused Keys**: Translation keys present in translation files but not used in code
+3. **Incomplete Translations**: Keys that exist in the default language (`en-US`) but are missing in target languages
+
+**What gets scanned:**
+- All `.ts` and `.tsx` files in `apps/web/`
+- Both `t()` function calls and `<Trans i18nKey="">` components
+- All locale files (`de-DE.json`, `fr-FR.json`, `ja-JP.json`, etc.)
+
+**What gets excluded:**
+- Test files (`*.test.ts`, `*.test.tsx`, `*.spec.ts`, `*.spec.tsx`)
+- Build directories (`node_modules`, `dist`, `build`, `.next`, `coverage`)
+- Locale files themselves (from code scanning)
+
+**Note:** Test files are excluded because they often use mock or example translation keys for testing purposes that don't need to exist in production translation files.
+
+### Fixing Validation Errors
+
+#### Missing Keys
+
+If you encounter missing key errors:
+
+```
+❌ MISSING KEYS (2):
+
+   These keys are used in code but not found in translation files:
+
+   • auth.signup.email_required
+   • settings.profile.update_success
+```
+
+**Resolution:**
+1. Ensure that translations for those keys are present in en-US.json .  
+2. Run `pnpm generate-translations` to have Lingo.dev generate the missing translations
+3. OR manually add the keys to `apps/web/locales/en-US.json`:
+   ```json
+   {
+     "auth": {
+       "signup": {
+         "email_required": "Email is required"
+       }
+     },
+     "settings": {
+       "profile": {
+         "update_success": "Profile updated successfully"
+       }
+     }
+   }
+   ```
+3. Run `pnpm scan-translations` to verify
+4. Commit the changes
+
+#### Unused Keys
+
+If you encounter unused key errors:
+
+```
+⚠️  UNUSED KEYS (1):
+
+   These keys exist in translation files but are not used in code:
+
+   • old.deprecated.key
+```
+
+**Resolution:**
+1. If the key is truly unused, remove it from all translation files
+2. If the key should be used, add it to your code using `t("old.deprecated.key")`
+3. Run `pnpm scan-translations` to verify
+4. Commit the changes
+
+#### Incomplete Translations
+
+If you encounter incomplete translation errors:
+
+```
+⚠️  INCOMPLETE TRANSLATIONS:
+
+   Some keys from en-US are missing in target languages:
+
+   📝 de-DE (5 missing keys):
+      • auth.new_feature.title
+      • auth.new_feature.description
+      • settings.advanced.option
+      ... and 2 more
+```
+
+**Resolution:**
+1. **Recommended:** Run `pnpm generate-translations` to have Lingo.dev automatically translate the missing keys
+2. **Manual:** Add the missing keys to the target language files:
+   ```bash
+   # Copy the structure from en-US.json and translate the values
+   # For example, in de-DE.json:
+   {
+     "auth": {
+       "new_feature": {
+         "title": "Neues Feature",
+         "description": "Beschreibung des neuen Features"
+       }
+     }
+   }
+   ```
+3. Run `pnpm scan-translations` to verify all translations are complete
+4. Commit the changes
+
+## Pre-commit Hook Behavior
+
+The pre-commit hook will:
+
+1. Run `lint-staged` for code formatting
+2. If `LINGODOTDEV_API_KEY` is set:
+   - Generate translations using Lingo.dev
+   - Validate translation keys
+   - Auto-add updated locale files to the commit
+   - **Block the commit** if validation fails
+3. If `LINGODOTDEV_API_KEY` is not set:
+   - Skip translation validation (for community contributors)
+   - Show a warning message
+
+## Environment Variables
+
+### LINGODOTDEV_API_KEY
+
+This is the API key for Lingo.dev integration.
+
+**For Core Team:**
+- Add to your local `.env` file
+- Required for running translation generation
+
+**For Community Contributors:**
+- Not required for local development
+- Translation validation will be skipped
+- The CI will still validate translations
+
+## Best Practices
+
+### 1. Keep Keys Organized
+
+Group related keys together:
+```json
+{
+  "auth": {
+    "login": { ... },
+    "signup": { ... },
+    "forgot_password": { ... }
+  },
+  "dashboard": {
+    "header": { ... },
+    "sidebar": { ... }
+  }
+}
+```
+
+### 2. Avoid Hardcoded Strings
+
+**❌ Bad:**
+```tsx
+<button>Click here</button>
+```
+
+**✅ Good:**
+```tsx
+<button>{t("common.click_here")}</button>
+```
+
+### 3. Use Interpolation for Dynamic Content
+
+**❌ Bad:**
+```tsx
+{t("welcome")} {userName}!
+```
+
+**✅ Good:**
+```tsx
+{t("auth.welcome_message", { userName })}
+```
+
+With translation:
+```json
+{
+  "auth": {
+    "welcome_message": "Welcome, {userName}!"
+  }
+}
+```
+
+### 4. Avoid Dynamic Key Construction
+
+**❌ Bad:**
+```tsx
+const key = `errors.${errorCode}`;
+t(key);
+```
+
+**✅ Good:**
+```tsx
+switch (errorCode) {
+  case "401":
+    return t("errors.unauthorized");
+  case "404":
+    return t("errors.not_found");
+  default:
+    return t("errors.unknown");
+}
+```
+
+### 5. Test Translation Keys
+
+When adding new features:
+1. Add translation keys
+2. Test in multiple languages using the language switcher
+3. Ensure text doesn't overflow in longer translations (German, French)
+4. Run `pnpm scan-translations` before committing
+
+## Troubleshooting
+
+### Issue: Pre-commit hook fails with validation errors
+
+**Solution:**
+```bash
+# Run the full i18n workflow
+pnpm i18n
+
+# Fix any missing or unused keys
+# Then commit again
+git add .
+git commit -m "your message"
+```
+
+### Issue: Translation validation passes locally but fails in CI
+
+**Solution:**
+- Ensure all translation files are committed
+- Check that `scan-translations.ts` hasn't been modified
+- Verify that locale files are properly formatted JSON
+
+### Issue: Cannot commit because of missing translations
+
+**Solution:**
+```bash
+# If you have LINGODOTDEV_API_KEY:
+pnpm generate-translations
+
+# If you don't have the API key (community contributor):
+# Manually add the missing keys to en-US.json
+# Then run validation:
+pnpm scan-translations
+```
+
+### Issue: Getting "unused keys" for keys that are used
+
+**Solution:**
+- The script scans `.ts` and `.tsx` files only
+- If keys are used in other file types, they may be flagged
+- Verify the key is actually used with `grep -r "your.key" apps/web/`
+- If it's a false positive, consider updating the scanning patterns in `scan-translations.ts`
+
+## AI Assistant Guidelines
+
+When assisting with i18n-related tasks, always:
+
+1. **Use the `t()` function** for all user-facing text
+2. **Follow key naming conventions** (lowercase, dots for nesting)
+3. **Run validation** after making changes: `pnpm scan-translations`
+4. **Fix missing keys** by adding them to `en-US.json`
+5. **Remove unused keys** from all translation files
+6. **Test the pre-commit hook** if making changes to translation workflow
+7. **Update this rule file** if translation workflow changes
+
+### Fixing Missing Translation Keys
+
+When the AI encounters missing translation key errors:
+
+1. Identify the missing keys from the error output
+2. Determine the appropriate section and naming for each key
+3. Add the keys to `apps/web/locales/en-US.json` with meaningful English text
+4. Ensure proper JSON structure and nesting
+5. Run `pnpm scan-translations` to verify
+6. Inform the user that other language files will be updated via Lingo.dev
+
+**Example:**
+```typescript
+// Error: Missing key "settings.api.rate_limit_exceeded"
+
+// Add to en-US.json:
+{
+  "settings": {
+    "api": {
+      "rate_limit_exceeded": "API rate limit exceeded. Please try again later."
+    }
+  }
+}
+```
+
+### Removing Unused Translation Keys
+
+When the AI encounters unused translation key errors:
+
+1. Verify the keys are truly unused by searching the codebase
+2. Remove the keys from `apps/web/locales/en-US.json`
+3. Note that removal from other language files can be handled via Lingo.dev
+4. Run `pnpm scan-translations` to verify
+
+## Migration Notes
+
+This project previously used Tolgee for translations. As of this migration:
+
+- **Old scripts**: `tolgee-pull` is deprecated (kept for reference)
+- **New scripts**: Use `pnpm i18n` or `pnpm generate-translations`
+- **Old workflows**: `tolgee.yml` and `tolgee-missing-key-check.yml` removed
+- **New workflow**: `translation-check.yml` handles all validation
+
+---
+
+**Last Updated:** October 14, 2025
+**Related Files:**
+- `scan-translations.ts` - Translation validation script
+- `.husky/pre-commit` - Pre-commit hook with i18n validation
+- `.github/workflows/translation-check.yml` - CI workflow for translation validation
+- `apps/web/locales/*.json` - Translation files

.cursor/rules/react-context-patterns.mdc

@@ -0,0 +1,52 @@
+---
+description: 
+globs: 
+alwaysApply: false
+---
+# React Context & Provider Patterns
+
+## Context Provider Best Practices
+
+### Provider Implementation
+- Use TypeScript interfaces for provider props with optional `initialCount` for testing
+- Implement proper cleanup in `useEffect` to avoid React hooks warnings
+- Reference: [apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/components/ResponseCountProvider.tsx](mdc:apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/components/ResponseCountProvider.tsx)
+
+### Cleanup Pattern for Refs
+```typescript
+useEffect(() => {
+  const currentPendingRequests = pendingRequests.current;
+  const currentAbortController = abortController.current;
+  
+  return () => {
+    if (currentAbortController) {
+      currentAbortController.abort();
+    }
+    currentPendingRequests.clear();
+  };
+}, []);
+```
+
+### Testing Context Providers
+- Always wrap components using context in the provider during tests
+- Use `initialCount` prop for predictable test scenarios
+- Mock context dependencies like `useParams`, `useResponseFilter`
+- Example from [apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/SurveyAnalysisCTA.test.tsx](mdc:apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/(analysis)/summary/components/SurveyAnalysisCTA.test.tsx):
+
+```typescript
+render(
+  <ResponseCountProvider survey={dummySurvey} initialCount={5}>
+    <ComponentUnderTest />
+  </ResponseCountProvider>
+);
+```
+
+### Required Mocks for Context Testing
+- Mock `next/navigation` with `useParams` returning environment and survey IDs
+- Mock response filter context and actions
+- Mock API actions that the provider depends on
+
+### Context Hook Usage
+- Create custom hooks like `useResponseCountContext()` for consuming context
+- Provide meaningful error messages when context is used outside provider
+- Use context for shared state that multiple components need to access

.cursor/rules/review-and-refine.mdc

@@ -0,0 +1,179 @@
+---
+description: Apply these quality standards before finalizing code changes to ensure DRY principles, React best practices, TypeScript conventions, and maintainable code.
+globs:
+alwaysApply: false
+---
+
+# Review & Refine
+
+Before finalizing any code changes, review your implementation against these quality standards:
+
+## Core Principles
+
+### DRY (Don't Repeat Yourself)
+
+- Extract duplicated logic into reusable functions or hooks
+- If the same code appears in multiple places, consolidate it
+- Create helper functions at appropriate scope (component-level, module-level, or utility files)
+- Avoid copy-pasting code blocks
+
+### Code Reduction
+
+- Remove unnecessary code, comments, and abstractions
+- Prefer built-in solutions over custom implementations
+- Consolidate similar logic
+- Remove dead code and unused imports
+- Question if every line of code is truly needed
+
+## React Best Practices
+
+### Component Design
+
+- Keep components focused on a single responsibility
+- Extract complex logic into custom hooks
+- Prefer composition over prop drilling
+- Use children props and render props when appropriate
+- Keep component files under 300 lines when possible
+
+### Hooks Usage
+
+- Follow Rules of Hooks (only call at top level, only in React functions)
+- Extract complex `useEffect` logic into custom hooks
+- Use `useMemo` and `useCallback` only when you have a measured performance issue
+- Declare dependencies arrays correctly - don't ignore exhaustive-deps warnings
+- Keep `useEffect` focused on a single concern
+
+### State Management
+
+- Colocate state as close as possible to where it's used
+- Lift state only when necessary
+- Use `useReducer` for complex state logic with multiple sub-values
+- Avoid derived state - compute values during render instead
+- Don't store values in state that can be computed from props
+
+### Event Handlers
+
+- Name event handlers with `handle` prefix (e.g., `handleClick`, `handleSubmit`)
+- Extract complex event handler logic into separate functions
+- Avoid inline arrow functions in JSX when they contain complex logic
+
+## TypeScript Best Practices
+
+### Type Safety
+
+- Prefer type inference over explicit types when possible
+- Use `const` assertions for literal types
+- Avoid `any` - use `unknown` if type is truly unknown
+- Use discriminated unions for complex conditional logic
+- Leverage type guards and narrowing
+
+### Interface & Type Usage
+
+- Use existing types from `@formbricks/types` - don't recreate them
+- Prefer `interface` for object shapes that might be extended
+- Prefer `type` for unions, intersections, and mapped types
+- Define types close to where they're used unless they're shared
+- Export types from index files for shared types
+
+### Type Assertions
+
+- Avoid type assertions (`as`) when possible
+- Use type guards instead of assertions
+- Only assert when you have more information than TypeScript
+
+## Code Organization
+
+### Separation of Concerns
+
+- Separate business logic from UI rendering
+- Extract API calls into separate functions or modules
+- Keep data transformation separate from component logic
+- Use custom hooks for stateful logic that doesn't render UI
+
+### Function Clarity
+
+- Functions should do one thing well
+- Name functions clearly and descriptively
+- Keep functions small (aim for under 20 lines)
+- Extract complex conditionals into named boolean variables or functions
+- Avoid deep nesting (max 3 levels)
+
+### File Structure
+
+- Group related functions together
+- Order declarations logically (types → hooks → helpers → component)
+- Keep imports organized (external → internal → relative)
+- Consider splitting large files by concern
+
+## Additional Quality Checks
+
+### Performance
+
+- Don't optimize prematurely - measure first
+- Avoid creating new objects/arrays/functions in render unnecessarily
+- Use keys properly in lists (stable, unique identifiers)
+- Lazy load heavy components when appropriate
+
+### Accessibility
+
+- Use semantic HTML elements
+- Include ARIA labels where needed
+- Ensure keyboard navigation works
+- Check color contrast and focus states
+
+### Error Handling
+
+- Handle error states in components
+- Provide user feedback for failed operations
+- Use error boundaries for component errors
+- Log errors appropriately (avoid swallowing errors silently)
+
+### Naming Conventions
+
+- Use descriptive names (avoid abbreviations unless very common)
+- Boolean variables/props should sound like yes/no questions (`isLoading`, `hasError`, `canEdit`)
+- Arrays should be plural (`users`, `choices`, `items`)
+- Event handlers: `handleX` in components, `onX` for props
+- Constants in UPPER_SNAKE_CASE only for true constants
+
+### Code Readability
+
+- Prefer early returns to reduce nesting
+- Use destructuring to make code clearer
+- Break complex expressions into named variables
+- Add comments only when code can't be made self-explanatory
+- Use whitespace to group related code
+
+### Testing Considerations
+
+- Write code that's easy to test (pure functions, clear inputs/outputs)
+- Avoid hard-to-mock dependencies when possible
+- Keep side effects at the edges of your code
+
+## Review Checklist
+
+Before submitting your changes, ask yourself:
+
+1. **DRY**: Is there any duplicated logic I can extract?
+2. **Clarity**: Would another developer understand this code easily?
+3. **Simplicity**: Is this the simplest solution that works?
+4. **Types**: Am I using TypeScript effectively?
+5. **React**: Am I following React idioms and best practices?
+6. **Performance**: Are there obvious performance issues?
+7. **Separation**: Are concerns properly separated?
+8. **Testing**: Is this code testable?
+9. **Maintenance**: Will this be easy to change in 6 months?
+10. **Deletion**: Can I remove any code and still accomplish the goal?
+
+## When to Apply This Rule
+
+Apply this rule:
+
+- After implementing a feature but before marking it complete
+- When you notice your code feels "messy" or complex
+- Before requesting code review
+- When you see yourself copy-pasting code
+- After receiving feedback about code quality
+
+Don't let perfect be the enemy of good, but always strive for:
+**Simple, readable, maintainable code that does one thing well.**

.cursor/rules/storybook-component-migration.mdc

@@ -0,0 +1,216 @@
+---
+description: Migrate deprecated UI components to a unified component
+globs: 
+alwaysApply: false
+---
+# Component Migration Automation Rule
+
+## Overview
+This rule automates the migration of deprecated components to new component systems in React/TypeScript codebases.
+
+## Trigger
+When the user requests component migration (e.g., "migrate [DeprecatedComponent] to [NewComponent]" or "component migration").
+
+## Process
+
+### Step 1: Discovery and Planning
+1. **Identify migration parameters:**
+   - Ask user for deprecated component name (e.g., "Modal")
+   - Ask user for new component name(s) (e.g., "Dialog")
+   - Ask for any components to exclude (e.g., "ModalWithTabs")
+   - Ask for specific import paths if needed
+
+2. **Scan codebase** for deprecated components:
+   - Search for `import.*[DeprecatedComponent]` patterns
+   - Exclude specified components that should not be migrated
+   - List all found components with file paths
+   - Present numbered list to user for confirmation
+
+### Step 2: Component-by-Component Migration
+For each component, follow this exact sequence:
+
+#### 2.1 Component Migration
+- **Import changes:**
+  - Ask user to provide the new import structure
+  - Example transformation pattern:
+  ```typescript
+  // FROM:
+  import { [DeprecatedComponent] } from "@/components/ui/[DeprecatedComponent]"
+  
+  // TO:
+  import {
+    [NewComponent],
+    [NewComponentPart1],
+    [NewComponentPart2],
+    // ... other parts
+  } from "@/components/ui/[NewComponent]"
+  ```
+
+- **Props transformation:**
+  - Ask user for prop mapping rules (e.g., `open` → `open`, `setOpen` → `onOpenChange`)
+  - Ask for props to remove (e.g., `noPadding`, `closeOnOutsideClick`, `size`)
+  - Apply transformations based on user specifications
+
+- **Structure transformation:**
+  - Ask user for the new component structure pattern
+  - Apply the transformation maintaining all functionality
+  - Preserve all existing logic, state management, and event handlers
+
+#### 2.2 Wait for User Approval
+- Present the migration changes
+- Wait for explicit user approval before proceeding
+- If rejected, ask for specific feedback and iterate
+#### 2.3 Re-read and Apply Additional Changes
+- Re-read the component file to capture any user modifications
+- Apply any additional improvements the user made
+- Ensure all changes are incorporated
+
+#### 2.4 Test File Updates
+- **Find corresponding test file** (same name with `.test.tsx` or `.test.ts`)
+- **Update test mocks:**
+  - Ask user for new component mock structure
+  - Replace old component mocks with new ones
+  - Example pattern:
+  ```typescript
+  // Add to test setup:
+  jest.mock("@/components/ui/[NewComponent]", () => ({
+    [NewComponent]: ({ children, [props] }: any) => ([mock implementation]),
+    [NewComponentPart1]: ({ children }: any) => <div data-testid="[new-component-part1]">{children}</div>,
+    [NewComponentPart2]: ({ children }: any) => <div data-testid="[new-component-part2]">{children}</div>,
+    // ... other parts
+  }));
+  ```
+- **Update test expectations:**
+  - Change test IDs from old component to new component
+  - Update any component-specific assertions
+  - Ensure all new component parts used in the component are mocked
+
+#### 2.5 Run Tests and Optimize
+- Execute `Node package manager test -- ComponentName.test.tsx`
+- Fix any failing tests
+- Optimize code quality (imports, formatting, etc.)
+- Re-run tests until all pass
+- **Maximum 3 iterations** - if still failing, ask user for guidance
+
+#### 2.6 Wait for Final Approval
+- Present test results and any optimizations made
+- Wait for user approval of the complete migration
+- If rejected, iterate based on feedback
+
+#### 2.7 Git Commit
+- Run: `git add .`
+- Run: `git commit -m "migrate [ComponentName] from [DeprecatedComponent] to [NewComponent]"`
+- Confirm commit was successful
+
+### Step 3: Final Report Generation
+After all components are migrated, generate a comprehensive GitHub PR report:
+
+#### PR Title
+```
+feat: migrate [DeprecatedComponent] components to [NewComponent] system
+```
+
+#### PR Description Template
+```markdown
+## 🔄 [DeprecatedComponent] to [NewComponent] Migration
+
+### Overview
+Migrated [X] [DeprecatedComponent] components to the new [NewComponent] component system to modernize the UI architecture and improve consistency.
+
+### Components Migrated
+[List each component with file path]
+
+### Technical Changes
+- **Imports:** Replaced `[DeprecatedComponent]` with `[NewComponent], [NewComponentParts...]`
+- **Props:** [List prop transformations]
+- **Structure:** Implemented proper [NewComponent] component hierarchy
+- **Styling:** [Describe styling changes]
+- **Tests:** Updated all test mocks and expectations
+
+### Migration Pattern
+```typescript
+// Before
+<[DeprecatedComponent] [oldProps]>
+  [oldStructure]
+</[DeprecatedComponent]>
+
+// After
+<[NewComponent] [newProps]>
+  [newStructure]
+</[NewComponent]>
+```
+
+### Testing
+- ✅ All existing tests updated and passing
+- ✅ Component functionality preserved
+- ✅ UI/UX behavior maintained
+
+### How to Test This PR
+1. **Functional Testing:**
+   - Navigate to each migrated component's usage
+   - Verify [component] opens and closes correctly
+   - Test all interactive elements within [components]
+   - Confirm styling and layout are preserved
+
+2. **Automated Testing:**
+   ```bash
+   Node package manager test
+   ```
+
+3. **Visual Testing:**
+   - Check that all [components] maintain proper styling
+   - Verify responsive behavior
+   - Test keyboard navigation and accessibility
+
+### Breaking Changes
+[List any breaking changes or state "None - this is a drop-in replacement maintaining all existing functionality."]
+
+### Notes
+- [Any excluded components] were preserved as they already use [NewComponent] internally
+- All form validation and complex state management preserved
+- Enhanced code quality with better imports and formatting
+```
+
+## Special Considerations
+
+### Excluded Components
+- **DO NOT MIGRATE** components specified by user as exclusions
+- They may already use the new component internally or have other reasons
+- Inform user these are skipped and why
+
+### Complex Components
+- Preserve all existing functionality (forms, validation, state management)
+- Maintain prop interfaces
+- Keep all event handlers and callbacks
+- Preserve accessibility features
+
+### Test Coverage
+- Ensure all new component parts are mocked when used
+- Mock all new component parts that appear in the component
+- Update test IDs from old component to new component
+- Maintain all existing test scenarios
+
+### Error Handling
+- If tests fail after 3 iterations, stop and ask user for guidance
+- If component is too complex, ask user for specific guidance
+- If unsure about functionality preservation, ask for clarification
+
+### Migration Patterns
+- Always ask user for specific migration patterns before starting
+- Confirm import structures, prop mappings, and component hierarchies
+- Adapt to different component architectures (simple replacements, complex restructuring, etc.)
+
+## Success Criteria
+- All deprecated components successfully migrated to new components
+- All tests passing
+- No functionality lost
+- Code quality maintained or improved
+- User approval on each component
+- Successful git commits for each migration
+- Comprehensive PR report generated
+
+## Usage Examples
+- "migrate Modal to Dialog"
+- "migrate Button to NewButton" 
+- "migrate Card to ModernCard"
+- "component migration" (will prompt for details) 

.cursor/rules/storybook-create-new-story.mdc

@@ -0,0 +1,177 @@
+---
+description: Create a story in Storybook for a given component
+globs:
+alwaysApply: false
+---
+
+# Formbricks Storybook Stories
+
+## When generating Storybook stories for Formbricks components:
+
+### 1. **File Structure**
+- Create `stories.tsx` (not `.stories.tsx`) in component directory
+- Use exact import: `import { Meta, StoryObj } from "@storybook/react-vite";`
+- Import component from `"./index"`
+
+### 2. **Story Structure Template**
+```tsx
+import { Meta, StoryObj } from "@storybook/react-vite";
+import { ComponentName } from "./index";
+
+// For complex components with configurable options
+// consider this as an example the options need to reflect the props types
+interface StoryOptions {
+  showIcon: boolean;
+  numberOfElements: number;
+  customLabels: string[];
+}
+
+type StoryProps = React.ComponentProps<typeof ComponentName> & StoryOptions;
+
+const meta: Meta<StoryProps> = {
+  title: "UI/ComponentName",
+  component: ComponentName,
+  tags: ["autodocs"],
+  parameters: {
+    layout: "centered",
+    controls: { sort: "alpha", exclude: [] },
+    docs: {
+      description: {
+        component: "The **ComponentName** component provides [description].",
+      },
+    },
+  },
+  argTypes: {
+    // Organize in exactly these categories: Behavior, Appearance, Content
+  },
+};
+
+export default meta;
+type Story = StoryObj<typeof ComponentName> & { args: StoryOptions };
+```
+
+### 3. **ArgTypes Organization**
+Organize ALL argTypes into exactly three categories:
+- **Behavior**: disabled, variant, onChange, etc.
+- **Appearance**: size, color, layout, styling, etc.  
+- **Content**: text, icons, numberOfElements, etc.
+
+Format:
+```tsx
+argTypes: {
+  propName: {
+    control: "select" | "boolean" | "text" | "number",
+    options: ["option1", "option2"], // for select
+    description: "Clear description",
+    table: {
+      category: "Behavior" | "Appearance" | "Content",
+      type: { summary: "string" },
+      defaultValue: { summary: "default" },
+    },
+    order: 1,
+  },
+}
+```
+
+### 4. **Required Stories**
+Every component must include:
+- `Default`: Most common use case
+- `Disabled`: If component supports disabled state
+- `WithIcon`: If component supports icons
+- Variant stories for each variant (Primary, Secondary, Error, etc.)
+- Edge case stories (ManyElements, LongText, CustomStyling)
+
+### 5. **Story Format**
+```tsx
+export const Default: Story = {
+  args: {
+    // Props with realistic values
+  },
+};
+
+export const EdgeCase: Story = {
+  args: { /* ... */ },
+  parameters: {
+    docs: {
+      description: {
+        story: "Use this when [specific scenario].",
+      },
+    },
+  },
+};
+```
+
+### 6. **Dynamic Content Pattern**
+For components with dynamic content, create render function:
+```tsx
+const renderComponent = (args: StoryProps) => {
+  const { numberOfElements, showIcon, customLabels } = args;
+  
+  // Generate dynamic content
+  const elements = Array.from({ length: numberOfElements }, (_, i) => ({
+    id: `element-${i}`,
+    label: customLabels[i] || `Element ${i + 1}`,
+    icon: showIcon ? <IconComponent /> : undefined,
+  }));
+  
+  return <ComponentName {...args} elements={elements} />;
+};
+
+export const Dynamic: Story = {
+  render: renderComponent,
+  args: {
+    numberOfElements: 3,
+    showIcon: true,
+    customLabels: ["First", "Second", "Third"],
+  },
+};
+```
+
+### 7. **State Management**
+For interactive components:
+```tsx
+import { useState } from "react";
+
+const ComponentWithState = (args: any) => {
+  const [value, setValue] = useState(args.defaultValue);
+  
+  return (
+    <ComponentName
+      {...args}
+      value={value}
+      onChange={(newValue) => {
+        setValue(newValue);
+        args.onChange?.(newValue);
+      }}
+    />
+  );
+};
+
+export const Interactive: Story = {
+  render: ComponentWithState,
+  args: { defaultValue: "initial" },
+};
+```
+
+### 8. **Quality Requirements**
+- Include component description in parameters.docs
+- Add story documentation for non-obvious use cases
+- Test edge cases (overflow, empty states, many elements)
+- Ensure no TypeScript errors
+- Use realistic prop values
+- Include at least 3-5 story variants
+- Example values need to be in the context of survey application
+
+### 9. **Naming Conventions**
+- **Story titles**: "UI/ComponentName"
+- **Story exports**: PascalCase (Default, WithIcon, ManyElements)
+- **Categories**: "Behavior", "Appearance", "Content" (exact spelling)
+- **Props**: camelCase matching component props
+
+### 10. **Special Cases**
+- **Generic components**: Remove `component` from meta if type conflicts
+- **Form components**: Include Invalid, WithValue stories
+- **Navigation**: Include ManyItems stories
+- **Modals, Dropdowns and Popups **: Include trigger and content structure
+
+## Generate stories that are comprehensive, well-documented, and reflect all component states and edge cases. 

.github/workflows/pr-size-check.yml

@@ -111,21 +111,27 @@ jobs:
             const additions = ${{ steps.check-size.outputs.total_additions }};
             const deletions = ${{ steps.check-size.outputs.total_deletions }};
             
-            const body = '## 🚨 PR Size Warning\n\n' +
-              'This PR has approximately **' + totalChanges + ' lines** of changes (' + additions + ' additions, ' + deletions + ' deletions across ' + countedFiles + ' files).\n\n' +
-              'Large PRs (>800 lines) are significantly harder to review and increase the chance of merge conflicts. Consider splitting this into smaller, self-contained PRs.\n\n' +
-              '### 💡 Suggestions:\n' +
-              '- **Split by feature or module** - Break down into logical, independent pieces\n' +
-              '- **Create a sequence of PRs** - Each building on the previous one\n' +
-              '- **Branch off PR branches** - Don\'t wait for reviews to continue dependent work\n\n' +
-              '### 📊 What was counted:\n' +
-              '- ✅ Source files, stylesheets, configuration files\n' +
-              '- ❌ Excluded ' + excludedFiles + ' files (tests, locales, locks, generated files)\n\n' +
-              '### 📚 Guidelines:\n' +
-              '- **Ideal:** 300-500 lines per PR\n' +
-              '- **Warning:** 500-800 lines\n' +
-              '- **Critical:** 800+ lines ⚠️\n\n' +
-              'If this large PR is unavoidable (e.g., migration, dependency update, major refactor), please explain in the PR description why it couldn\'t be split.';
+            const body = `## 🚨 PR Size Warning
+            
+This PR has approximately **${totalChanges} lines** of changes (${additions} additions, ${deletions} deletions across ${countedFiles} files).
+
+Large PRs (>800 lines) are significantly harder to review and increase the chance of merge conflicts. Consider splitting this into smaller, self-contained PRs.
+
+### 💡 Suggestions:
+- **Split by feature or module** - Break down into logical, independent pieces
+- **Create a sequence of PRs** - Each building on the previous one
+- **Branch off PR branches** - Don't wait for reviews to continue dependent work
+
+### 📊 What was counted:
+- ✅ Source files, stylesheets, configuration files
+- ❌ Excluded ${excludedFiles} files (tests, locales, locks, generated files)
+
+### 📚 Guidelines:
+- **Ideal:** 300-500 lines per PR
+- **Warning:** 500-800 lines
+- **Critical:** 800+ lines ⚠️
+
+If this large PR is unavoidable (e.g., migration, dependency update, major refactor), please explain in the PR description why it couldn't be split.`;
             
             // Check if we already commented
             const { data: comments } = await github.rest.issues.listComments({

.gitignore

@@ -62,4 +62,3 @@ branch.json
 packages/ios/FormbricksSDK/FormbricksSDK.xcodeproj/project.xcworkspace/xcuserdata
 .cursorrules
 i18n.cache
-stats.html

.husky/pre-commit

@@ -1,3 +1,6 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
 # Load environment variables from .env files
 if [ -f .env ]; then
   set -a

AGENTS.md

@@ -18,65 +18,11 @@ Formbricks runs as a pnpm/turbo monorepo. `apps/web` is the Next.js product surf
 ## Coding Style & Naming Conventions
 
 TypeScript, React, and Prisma are the primary languages. Use the shared ESLint presets (`@formbricks/eslint-config`) and Prettier preset (110-char width, semicolons, double quotes, sorted import groups). Two-space indentation is standard; prefer `PascalCase` for React components and folders under `modules/`, `camelCase` for functions/variables, and `SCREAMING_SNAKE_CASE` only for constants. When adding mocks, place them inside `__mocks__` so import ordering stays stable.
-We are using SonarQube to identify code smells and security hotspots.
-
-## Architecture & Patterns
-
-- Next.js app router lives in `apps/web/app` with route groups like `(app)` and `(auth)`. Services live in `apps/web/lib`, feature modules in `apps/web/modules`.
-- Server actions wrap service calls and return `{ data }` or `{ error }` consistently.
-- Context providers should guard against missing provider usage and use cleanup patterns that snapshot refs inside `useEffect` to avoid React hooks warnings
-
-## Caching
-
-- Use React `cache()` for request-level dedupe and `cache.withCache()` or explicit Redis for expensive data.
-- Do not use Next.js `unstable_cache()`.
-- Always use `createCacheKey.*` utilities for cache keys.
-
-## i18n (Internationalization)
-
-- All user-facing text must use the `t()` function from `react-i18next`.
-- Key naming: use lowercase with dots for nesting (e.g., `common.welcome`).
-- Translations are in `apps/web/locales/`. Default is `en-US.json`.
-- Lingo.dev is automatically translating strings from en-US into other languages on commit. Run `pnpm i18n` to generate missing translations and validate keys.
-
-## Database & Prisma Performance
-
-- Multi-tenancy: All data must be scoped by Organization or Environment.
-- Soft Deletion: Check for `isActive` or `deletedAt` fields; use proper filtering.
-- Never use `skip`/`offset` with `prisma.response.count()`; only use `where`.
-- Separate count and data queries and run in parallel (`Promise.all`).
-- Prefer cursor pagination for large datasets.
-- When filtering by `createdAt`, include indexed fields (e.g., `surveyId` + `createdAt`).
 
 ## Testing Guidelines
 
 Prefer Vitest with Testing Library for logic in `.ts` files, keeping specs colocated with the code they exercise (`utility.test.ts`). Do not write tests for `.tsx` files—React components are covered by Playwright E2E tests instead. Mock network and storage boundaries through helpers from `@formbricks/*`. Run `pnpm test` before opening a PR and `pnpm test:coverage` when touching critical flows; keep coverage from regressing. End-to-end scenarios belong in `apps/web/playwright`, using descriptive filenames (`billing.spec.ts`) and tagging slow suites with `@slow` when necessary.
 
-## Documentation (apps/docs)
-
-- Add frontmatter with `title`, `description`, and `icon` at the top of the MDX file.
-- Do not start with an H1; use Camel Case headings (only capitalize the feature name).
-- Use Mintlify components for steps and callouts.
-- If Enterprise-only, add the Enterprise note block described in docs.
-
-## Storybook
-
-- Stories live in `stories.tsx` in the component folder and import from `"./index"`.
-- Use `@storybook/react-vite` and organize argTypes into `Behavior`, `Appearance`, `Content`.
-- Include Default, Disabled (if supported), WithIcon (if supported), all variants, and edge cases.
-
-## GitHub Actions
-
-- Always set minimal `permissions` for `GITHUB_TOKEN`.
-- On `ubuntu-latest`, add `step-security/harden-runner` as the first step.
-
-## Quality Checklist
-
-- Keep code DRY and small; remove dead code and unused imports.
-- Follow React hooks rules, keep effects focused, and avoid unnecessary `useMemo`/`useCallback`.
-- Prefer type inference, avoid `any`, and use shared types from `@formbricks/types`.
-- Keep components focused, avoid deep nesting, and ensure basic accessibility.
-
 ## Commit & Pull Request Guidelines
 
 Commits follow a lightweight Conventional Commit format (`fix:`, `chore:`, `feat:`) and usually append the PR number, e.g. `fix: update OpenAPI schema (#6617)`. Keep commits scoped and lint-clean. Pull requests should outline the problem, summarize the solution, and link to issues or product specs. Attach screenshots or gifs for UI-facing work, list any migrations or env changes, and paste the output of relevant commands (`pnpm test`, `pnpm lint`, `pnpm db:migrate:dev`) so reviewers can verify readiness.

apps/storybook/package.json

@@ -11,24 +11,24 @@
     "clean": "rimraf .turbo node_modules dist storybook-static"
   },
   "dependencies": {
-    "@formbricks/survey-ui": "workspace:*"
+    "@formbricks/survey-ui": "workspace:*",
+    "eslint-plugin-react-refresh": "0.4.24"
   },
   "devDependencies": {
-    "@chromatic-com/storybook": "^5.0.0",
-    "@storybook/addon-a11y": "10.1.11",
-    "@storybook/addon-links": "10.1.11",
-    "@storybook/addon-onboarding": "10.1.11",
-    "@storybook/react-vite": "10.1.11",
-    "@typescript-eslint/eslint-plugin": "8.53.0",
-    "@tailwindcss/vite": "4.1.18",
-    "@typescript-eslint/parser": "8.53.0",
-    "@vitejs/plugin-react": "5.1.2",
-    "esbuild": "0.27.2",
-    "eslint-plugin-react-refresh": "0.4.26",
-    "eslint-plugin-storybook": "10.1.11",
+    "@chromatic-com/storybook": "^4.1.3",
+    "@storybook/addon-a11y": "10.0.8",
+    "@storybook/addon-links": "10.0.8",
+    "@storybook/addon-onboarding": "10.0.8",
+    "@storybook/react-vite": "10.0.8",
+    "@typescript-eslint/eslint-plugin": "8.48.0",
+    "@tailwindcss/vite": "4.1.17",
+    "@typescript-eslint/parser": "8.48.0",
+    "@vitejs/plugin-react": "5.1.1",
+    "esbuild": "0.27.0",
+    "eslint-plugin-storybook": "10.0.8",
     "prop-types": "15.8.1",
-    "storybook": "10.1.11",
-    "vite": "7.3.1",
-    "@storybook/addon-docs": "10.1.11"
+    "storybook": "10.0.8",
+    "vite": "7.2.4",
+    "@storybook/addon-docs": "10.0.8"
   }
 }

apps/web/.eslintignore

@@ -1,7 +0,0 @@
-node_modules/
-.next/
-public/
-playwright/
-dist/
-coverage/
-vendor/

apps/web/Dockerfile

@@ -104,9 +104,6 @@ RUN chown -R nextjs:nextjs ./apps/web/.next/static && chmod -R 755 ./apps/web/.n
 COPY --from=installer /app/apps/web/public ./apps/web/public
 RUN chown -R nextjs:nextjs ./apps/web/public && chmod -R 755 ./apps/web/public
 
-# Create packages/database directory structure with proper ownership for runtime migrations
-RUN mkdir -p ./packages/database/migrations && chown -R nextjs:nextjs ./packages/database
-
 COPY --from=installer /app/packages/database/schema.prisma ./packages/database/schema.prisma
 RUN chown nextjs:nextjs ./packages/database/schema.prisma && chmod 644 ./packages/database/schema.prisma
 

apps/web/app/(app)/environments/[environmentId]/components/organization-breadcrumb.tsx

@@ -209,7 +209,7 @@ export const OrganizationBreadcrumb = ({
               )}
               {!isLoadingOrganizations && !loadError && (
                 <>
-                  <DropdownMenuGroup className="max-h-[300px] overflow-y-auto">
+                  <DropdownMenuGroup>
                     {organizations.map((org) => (
                       <DropdownMenuCheckboxItem
                         key={org.id}

apps/web/app/(app)/environments/[environmentId]/components/project-breadcrumb.tsx

@@ -234,7 +234,7 @@ export const ProjectBreadcrumb = ({
           )}
           {!isLoadingProjects && !loadError && (
             <>
-              <DropdownMenuGroup className="max-h-[300px] overflow-y-auto">
+              <DropdownMenuGroup>
                 {projects.map((proj) => (
                   <DropdownMenuCheckboxItem
                     key={proj.id}

apps/web/app/(app)/environments/[environmentId]/settings/(organization)/general/components/SecurityListTip.tsx

@@ -1,26 +0,0 @@
-"use client";
-
-import { ShieldCheckIcon } from "lucide-react";
-import Link from "next/link";
-import { useTranslation } from "react-i18next";
-
-export const SecurityListTip = () => {
-  const { t } = useTranslation();
-  return (
-    <div className="max-w-4xl">
-      <div className="flex items-center space-x-3 rounded-lg border border-blue-100 bg-blue-50 p-4 text-sm text-blue-900 shadow-sm">
-        <ShieldCheckIcon className="h-5 w-5 flex-shrink-0 text-blue-400" />
-        <p className="text-sm">
-          {t("environments.settings.general.security_list_tip")}{" "}
-          <Link
-            href="https://formbricks.com/security#stay-informed-with-formbricks-security-updates"
-            target="_blank"
-            rel="noopener noreferrer"
-            className="underline hover:text-blue-700">
-            {t("environments.settings.general.security_list_tip_link")}
-          </Link>
-        </p>
-      </div>
-    </div>
-  );
-};

apps/web/app/(app)/environments/[environmentId]/settings/(organization)/general/page.tsx

@@ -12,7 +12,6 @@ import { PageHeader } from "@/modules/ui/components/page-header";
 import { SettingsCard } from "../../components/SettingsCard";
 import { DeleteOrganization } from "./components/DeleteOrganization";
 import { EditOrganizationNameForm } from "./components/EditOrganizationNameForm";
-import { SecurityListTip } from "./components/SecurityListTip";
 
 const Page = async (props: { params: Promise<{ environmentId: string }> }) => {
   const params = await props.params;
@@ -49,7 +48,6 @@ const Page = async (props: { params: Promise<{ environmentId: string }> }) => {
           </Alert>
         </div>
       )}
-      {!IS_FORMBRICKS_CLOUD && <SecurityListTip />}
       <SettingsCard
         title={t("environments.settings.general.organization_name")}
         description={t("environments.settings.general.organization_name_description")}>

apps/web/app/(app)/environments/[environmentId]/surveys/[surveyId]/components/ElementsComboBox.tsx

@@ -21,7 +21,6 @@ import {
   ListOrderedIcon,
   MessageSquareTextIcon,
   MousePointerClickIcon,
-  NetworkIcon,
   PieChartIcon,
   Rows3Icon,
   SmartphoneIcon,
@@ -100,7 +99,6 @@ const elementIcons = {
   action: MousePointerClickIcon,
   country: FlagIcon,
   url: LinkIcon,
-  ipAddress: NetworkIcon,
 
   // others
   Language: LanguagesIcon,
@@ -192,7 +190,7 @@ export const ElementsComboBox = ({ options, selected, onChangeValue }: ElementCo
             value={inputValue}
             onValueChange={setInputValue}
             placeholder={open ? `${t("common.search")}...` : t("common.select_filter")}
-            className="max-w-full grow border-none p-0 pl-2 text-sm shadow-none ring-offset-transparent outline-none focus:border-none focus:shadow-none focus:ring-offset-0 focus:outline-none"
+            className="max-w-full grow border-none p-0 pl-2 text-sm shadow-none outline-none ring-offset-transparent focus:border-none focus:shadow-none focus:outline-none focus:ring-offset-0"
           />
         )}
         <Button

apps/web/app/api/(internal)/pipeline/lib/handleIntegrations.test.ts

@@ -82,7 +82,6 @@ const mockPipelineInput = {
       },
       country: "USA",
       action: "Action Name",
-      ipAddress: "203.0.113.7",
     } as TResponseMeta,
     personAttributes: {},
     singleUseId: null,
@@ -347,7 +346,7 @@ describe("handleIntegrations", () => {
       expect(airtableWriteData).toHaveBeenCalledTimes(1);
       // Adjust expectations for metadata and recalled question
       const expectedMetadataString =
-        "Source: web\nURL: http://example.com\nBrowser: Chrome\nOS: Mac OS\nDevice: Desktop\nCountry: USA\nAction: Action Name\nIP Address: 203.0.113.7";
+        "Source: web\nURL: http://example.com\nBrowser: Chrome\nOS: Mac OS\nDevice: Desktop\nCountry: USA\nAction: Action Name";
       expect(airtableWriteData).toHaveBeenCalledWith(
         mockAirtableIntegration.config.key,
         mockAirtableIntegration.config.data[0],

apps/web/app/api/(internal)/pipeline/lib/handleIntegrations.ts

@@ -31,7 +31,6 @@ const convertMetaObjectToString = (metadata: TResponseMeta): string => {
   if (metadata.userAgent?.device) result.push(`Device: ${metadata.userAgent.device}`);
   if (metadata.country) result.push(`Country: ${metadata.country}`);
   if (metadata.action) result.push(`Action: ${metadata.action}`);
-  if (metadata.ipAddress) result.push(`IP Address: ${metadata.ipAddress}`);
 
   // Join all the elements in the result array with a newline for formatting
   return result.join("\n");

apps/web/app/api/(internal)/pipeline/route.ts

@@ -1,6 +1,5 @@
 import { PipelineTriggers, Webhook } from "@prisma/client";
 import { headers } from "next/headers";
-import { v7 as uuidv7 } from "uuid";
 import { prisma } from "@formbricks/database";
 import { logger } from "@formbricks/logger";
 import { ResourceNotFoundError } from "@formbricks/types/errors";
@@ -9,7 +8,6 @@ import { ZPipelineInput } from "@/app/api/(internal)/pipeline/types/pipelines";
 import { responses } from "@/app/lib/api/response";
 import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { CRON_SECRET } from "@/lib/constants";
-import { generateStandardWebhookSignature } from "@/lib/crypto";
 import { getIntegrations } from "@/lib/integration/service";
 import { getOrganizationByEnvironmentId } from "@/lib/organization/service";
 import { getResponseCountBySurveyId } from "@/lib/response/service";
@@ -92,50 +90,28 @@ export const POST = async (request: Request) => {
     ]);
   };
 
-  const webhookPromises = webhooks.map((webhook) => {
-    const body = JSON.stringify({
-      webhookId: webhook.id,
-      event,
-      data: {
-        ...response,
-        survey: {
-          title: survey.name,
-          type: survey.type,
-          status: survey.status,
-          createdAt: survey.createdAt,
-          updatedAt: survey.updatedAt,
-        },
-      },
-    });
-
-    // Generate Standard Webhooks headers
-    const webhookMessageId = uuidv7();
-    const webhookTimestamp = Math.floor(Date.now() / 1000);
-
-    const requestHeaders: Record<string, string> = {
-      "content-type": "application/json",
-      "webhook-id": webhookMessageId,
-      "webhook-timestamp": webhookTimestamp.toString(),
-    };
-
-    // Add signature if webhook has a secret configured
-    if (webhook.secret) {
-      requestHeaders["webhook-signature"] = generateStandardWebhookSignature(
-        webhookMessageId,
-        webhookTimestamp,
-        body,
-        webhook.secret
-      );
-    }
-
-    return fetchWithTimeout(webhook.url, {
+  const webhookPromises = webhooks.map((webhook) =>
+    fetchWithTimeout(webhook.url, {
       method: "POST",
-      headers: requestHeaders,
-      body,
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        webhookId: webhook.id,
+        event,
+        data: {
+          ...response,
+          survey: {
+            title: survey.name,
+            type: survey.type,
+            status: survey.status,
+            createdAt: survey.createdAt,
+            updatedAt: survey.updatedAt,
+          },
+        },
+      }),
     }).catch((error) => {
       logger.error({ error, url: request.url }, `Webhook call to ${webhook.url} failed`);
-    });
-  });
+    })
+  );
 
   if (event === "responseFinished") {
     // Fetch integrations and responseCount in parallel

apps/web/app/api/v1/client/[environmentId]/responses/route.ts

@@ -11,7 +11,6 @@ import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { withV1ApiWrapper } from "@/app/lib/api/with-api-logging";
 import { sendToPipeline } from "@/app/lib/pipelines";
 import { getSurvey } from "@/lib/survey/service";
-import { getClientIpFromHeaders } from "@/lib/utils/client-ip";
 import { getIsContactsEnabled } from "@/modules/ee/license-check/lib/utils";
 import { createQuotaFullObject } from "@/modules/ee/quotas/lib/helpers";
 import { validateFileUploads } from "@/modules/storage/utils";
@@ -137,13 +136,6 @@ export const POST = withV1ApiWrapper({
         action: responseInputData?.meta?.action,
       };
 
-      // Capture IP address if the survey has IP capture enabled
-      // Server-derived IP always overwrites any client-provided value
-      if (survey.isCaptureIpEnabled) {
-        const ipAddress = await getClientIpFromHeaders();
-        meta.ipAddress = ipAddress;
-      }
-
       response = await createResponseWithQuotaEvaluation({
         ...responseInputData,
         meta,

apps/web/app/api/v1/webhooks/lib/webhook.test.ts

@@ -19,10 +19,6 @@ vi.mock("@/lib/utils/validate", () => ({
   validateInputs: vi.fn(),
 }));
 
-vi.mock("@/lib/crypto", () => ({
-  generateWebhookSecret: vi.fn(() => "whsec_test_secret_1234567890"),
-}));
-
 describe("createWebhook", () => {
   afterEach(() => {
     cleanup();
@@ -63,7 +59,6 @@ describe("createWebhook", () => {
         source: webhookInput.source,
         surveyIds: webhookInput.surveyIds,
         triggers: webhookInput.triggers,
-        secret: "whsec_test_secret_1234567890",
         environment: {
           connect: {
             id: webhookInput.environmentId,
@@ -149,7 +144,6 @@ describe("createWebhook", () => {
         source: webhookInput.source,
         surveyIds: webhookInput.surveyIds,
         triggers: webhookInput.triggers,
-        secret: "whsec_test_secret_1234567890",
         environment: {
           connect: {
             id: webhookInput.environmentId,

apps/web/app/api/v1/webhooks/lib/webhook.ts

@@ -4,15 +4,12 @@ import { ZId, ZOptionalNumber } from "@formbricks/types/common";
 import { DatabaseError, InvalidInputError } from "@formbricks/types/errors";
 import { TWebhookInput, ZWebhookInput } from "@/app/api/v1/webhooks/types/webhooks";
 import { ITEMS_PER_PAGE } from "@/lib/constants";
-import { generateWebhookSecret } from "@/lib/crypto";
 import { validateInputs } from "@/lib/utils/validate";
 
 export const createWebhook = async (webhookInput: TWebhookInput): Promise<Webhook> => {
   validateInputs([webhookInput, ZWebhookInput]);
 
   try {
-    const secret = generateWebhookSecret();
-
     const createdWebhook = await prisma.webhook.create({
       data: {
         url: webhookInput.url,
@@ -20,7 +17,6 @@ export const createWebhook = async (webhookInput: TWebhookInput): Promise<Webhoo
         source: webhookInput.source,
         surveyIds: webhookInput.surveyIds || [],
         triggers: webhookInput.triggers || [],
-        secret,
         environment: {
           connect: {
             id: webhookInput.environmentId,

apps/web/app/api/v2/client/[environmentId]/responses/route.ts

@@ -10,7 +10,6 @@ import { transformErrorToDetails } from "@/app/lib/api/validator";
 import { sendToPipeline } from "@/app/lib/pipelines";
 import { getSurvey } from "@/lib/survey/service";
 import { getElementsFromBlocks } from "@/lib/survey/utils";
-import { getClientIpFromHeaders } from "@/lib/utils/client-ip";
 import { validateOtherOptionLengthForMultipleChoice } from "@/modules/api/v2/lib/element";
 import { getIsContactsEnabled } from "@/modules/ee/license-check/lib/utils";
 import { createQuotaFullObject } from "@/modules/ee/quotas/lib/helpers";
@@ -120,13 +119,6 @@ export const POST = async (request: Request, context: Context): Promise<Response
       action: responseInputData?.meta?.action,
     };
 
-    // Capture IP address if the survey has IP capture enabled
-    // Server-derived IP always overwrites any client-provided value
-    if (survey.isCaptureIpEnabled) {
-      const ipAddress = await getClientIpFromHeaders();
-      meta.ipAddress = ipAddress;
-    }
-
     response = await createResponseWithQuotaEvaluation({
       ...responseInputData,
       meta,

apps/web/app/lib/survey-block-builder.test.ts

@@ -1,80 +0,0 @@
-import type { TFunction } from "i18next";
-import { describe, expect, test, vi } from "vitest";
-import { TSurveyElementTypeEnum } from "@formbricks/types/surveys/elements";
-import { createI18nString } from "@/lib/i18n/utils";
-import { buildBlock } from "./survey-block-builder";
-
-const mockT = vi.fn((key: string) => {
-  const translations: Record<string, string> = {
-    "common.next": "Next",
-    "common.back": "Back",
-    "": "",
-  };
-  return translations[key] || key;
-}) as unknown as TFunction;
-
-describe("survey-block-builder", () => {
-  describe("buildBlock", () => {
-    const mockElements = [
-      {
-        id: "element-1",
-        type: TSurveyElementTypeEnum.OpenText,
-        headline: createI18nString("Test Question", []),
-        required: false,
-        inputType: "text",
-        longAnswer: false,
-        charLimit: { enabled: false },
-      },
-    ];
-
-    test("should use getDefaultButtonLabel when buttonLabel is provided", () => {
-      const result = buildBlock({
-        name: "Test Block",
-        elements: mockElements,
-        buttonLabel: "Custom Next",
-        t: mockT,
-      });
-
-      expect(result.buttonLabel).toEqual({
-        default: "Custom Next",
-      });
-    });
-
-    test("should use createI18nString with empty translation when buttonLabel is not provided", () => {
-      const result = buildBlock({
-        name: "Test Block",
-        elements: mockElements,
-        t: mockT,
-      });
-
-      expect(result.buttonLabel).toEqual({
-        default: "",
-      });
-    });
-
-    test("should use getDefaultBackButtonLabel when backButtonLabel is provided", () => {
-      const result = buildBlock({
-        name: "Test Block",
-        elements: mockElements,
-        backButtonLabel: "Custom Back",
-        t: mockT,
-      });
-
-      expect(result.backButtonLabel).toEqual({
-        default: "Custom Back",
-      });
-    });
-
-    test("should use createI18nString with empty translation when backButtonLabel is not provided", () => {
-      const result = buildBlock({
-        name: "Test Block",
-        elements: mockElements,
-        t: mockT,
-      });
-
-      expect(result.backButtonLabel).toEqual({
-        default: "",
-      });
-    });
-  });
-});

apps/web/app/lib/survey-block-builder.ts

@@ -302,9 +302,7 @@ export const buildBlock = ({
     elements,
     logic,
     logicFallback,
-    buttonLabel: buttonLabel ? getDefaultButtonLabel(buttonLabel, t) : createI18nString(t(""), []),
-    backButtonLabel: backButtonLabel
-      ? getDefaultBackButtonLabel(backButtonLabel, t)
-      : createI18nString(t(""), []),
+    buttonLabel: buttonLabel ? getDefaultButtonLabel(buttonLabel, t) : undefined,
+    backButtonLabel: backButtonLabel ? getDefaultBackButtonLabel(backButtonLabel, t) : undefined,
   };
 };

apps/web/app/lib/templates.ts

@@ -4913,7 +4913,6 @@ export const previewSurvey = (projectName: string, t: TFunction): TSurvey => {
     showLanguageSwitch: false,
     followUps: [],
     isBackButtonHidden: false,
-    isCaptureIpEnabled: false,
     metadata: {},
     questions: [], // Required for build-time type checking (Zod defaults to [] at runtime)
     slug: null,

apps/web/lib/crypto.test.ts

@@ -1,11 +1,8 @@
-import * as crypto from "node:crypto";
+import * as crypto from "crypto";
 import { beforeEach, describe, expect, test, vi } from "vitest";
 import { logger } from "@formbricks/logger";
 // Import after unmocking
 import {
-  generateStandardWebhookSignature,
-  generateWebhookSecret,
-  getWebhookSecretBytes,
   hashSecret,
   hashSha256,
   parseApiKeyV2,
@@ -286,133 +283,6 @@ describe("Crypto Utils", () => {
     });
   });
 
-  describe("Webhook Signature Functions", () => {
-    describe("generateWebhookSecret", () => {
-      test("should generate a secret with whsec_ prefix", () => {
-        const secret = generateWebhookSecret();
-        expect(secret.startsWith("whsec_")).toBe(true);
-      });
-
-      test("should generate base64-encoded content after prefix", () => {
-        const secret = generateWebhookSecret();
-        const base64Part = secret.slice(6); // Remove "whsec_"
-
-        // Should be valid base64
-        expect(() => Buffer.from(base64Part, "base64")).not.toThrow();
-
-        // Should decode to 32 bytes (256 bits)
-        const decoded = Buffer.from(base64Part, "base64");
-        expect(decoded.length).toBe(32);
-      });
-
-      test("should generate unique secrets each time", () => {
-        const secret1 = generateWebhookSecret();
-        const secret2 = generateWebhookSecret();
-        expect(secret1).not.toBe(secret2);
-      });
-    });
-
-    describe("getWebhookSecretBytes", () => {
-      test("should decode whsec_ prefixed secret to bytes", () => {
-        const secret = generateWebhookSecret();
-        const bytes = getWebhookSecretBytes(secret);
-
-        expect(Buffer.isBuffer(bytes)).toBe(true);
-        expect(bytes.length).toBe(32);
-      });
-
-      test("should handle secret without whsec_ prefix", () => {
-        const base64Secret = Buffer.from("test-secret-bytes-32-characters!").toString("base64");
-        const bytes = getWebhookSecretBytes(base64Secret);
-
-        expect(Buffer.isBuffer(bytes)).toBe(true);
-        expect(bytes.toString()).toBe("test-secret-bytes-32-characters!");
-      });
-
-      test("should correctly decode a known secret", () => {
-        // Create a known secret
-        const knownBytes = Buffer.from("known-test-secret-for-testing!!");
-        const secret = `whsec_${knownBytes.toString("base64")}`;
-
-        const decoded = getWebhookSecretBytes(secret);
-        expect(decoded.toString()).toBe("known-test-secret-for-testing!!");
-      });
-    });
-
-    describe("generateStandardWebhookSignature", () => {
-      test("should generate signature in v1,{base64} format", () => {
-        const secret = generateWebhookSecret();
-        const signature = generateStandardWebhookSignature("msg_123", 1704547200, '{"test":"data"}', secret);
-
-        expect(signature.startsWith("v1,")).toBe(true);
-        const base64Part = signature.slice(3);
-        expect(() => Buffer.from(base64Part, "base64")).not.toThrow();
-      });
-
-      test("should generate deterministic signatures for same inputs", () => {
-        const secret = "whsec_" + Buffer.from("test-secret-32-bytes-exactly!!!").toString("base64");
-        const webhookId = "msg_test123";
-        const timestamp = 1704547200;
-        const payload = '{"event":"test"}';
-
-        const sig1 = generateStandardWebhookSignature(webhookId, timestamp, payload, secret);
-        const sig2 = generateStandardWebhookSignature(webhookId, timestamp, payload, secret);
-
-        expect(sig1).toBe(sig2);
-      });
-
-      test("should generate different signatures for different payloads", () => {
-        const secret = "whsec_" + Buffer.from("test-secret-32-bytes-exactly!!!").toString("base64");
-        const webhookId = "msg_test123";
-        const timestamp = 1704547200;
-
-        const sig1 = generateStandardWebhookSignature(webhookId, timestamp, '{"event":"a"}', secret);
-        const sig2 = generateStandardWebhookSignature(webhookId, timestamp, '{"event":"b"}', secret);
-
-        expect(sig1).not.toBe(sig2);
-      });
-
-      test("should generate different signatures for different timestamps", () => {
-        const secret = "whsec_" + Buffer.from("test-secret-32-bytes-exactly!!!").toString("base64");
-        const webhookId = "msg_test123";
-        const payload = '{"event":"test"}';
-
-        const sig1 = generateStandardWebhookSignature(webhookId, 1704547200, payload, secret);
-        const sig2 = generateStandardWebhookSignature(webhookId, 1704547201, payload, secret);
-
-        expect(sig1).not.toBe(sig2);
-      });
-
-      test("should generate different signatures for different webhook IDs", () => {
-        const secret = "whsec_" + Buffer.from("test-secret-32-bytes-exactly!!!").toString("base64");
-        const timestamp = 1704547200;
-        const payload = '{"event":"test"}';
-
-        const sig1 = generateStandardWebhookSignature("msg_1", timestamp, payload, secret);
-        const sig2 = generateStandardWebhookSignature("msg_2", timestamp, payload, secret);
-
-        expect(sig1).not.toBe(sig2);
-      });
-
-      test("should produce verifiable signatures", () => {
-        // This test verifies the signature can be verified using the same algorithm
-        const secretBytes = Buffer.from("test-secret-32-bytes-exactly!!!");
-        const secret = `whsec_${secretBytes.toString("base64")}`;
-        const webhookId = "msg_verify";
-        const timestamp = 1704547200;
-        const payload = '{"event":"verify"}';
-
-        const signature = generateStandardWebhookSignature(webhookId, timestamp, payload, secret);
-
-        // Manually compute the expected signature
-        const signedContent = `${webhookId}.${timestamp}.${payload}`;
-        const expectedSig = crypto.createHmac("sha256", secretBytes).update(signedContent).digest("base64");
-
-        expect(signature).toBe(`v1,${expectedSig}`);
-      });
-    });
-  });
-
   describe("GCM decryption failure logging", () => {
     // Test key - 32 bytes for AES-256
     const testKey = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef";
@@ -444,11 +314,11 @@ describe("Crypto Utils", () => {
       expect(() => symmetricDecrypt(corruptedPayload, testKey)).toThrow();
 
       // Verify logger.warn was called with the correct format (object first, message second)
+      expect(logger.warn).toHaveBeenCalledWith(
+        { err: expect.any(Error) },
+        "AES-GCM decryption failed; refusing to fall back to insecure CBC"
+      );
       expect(logger.warn).toHaveBeenCalledTimes(1);
-      const [firstArg, secondArg] = vi.mocked(logger.warn).mock.calls[0];
-      expect(firstArg).toHaveProperty("err");
-      expect(firstArg.err).toHaveProperty("message");
-      expect(secondArg).toBe("AES-GCM decryption failed; refusing to fall back to insecure CBC");
     });
 
     test("logs warning and throws when GCM decryption fails with corrupted encrypted data", () => {
@@ -472,11 +342,11 @@ describe("Crypto Utils", () => {
       expect(() => symmetricDecrypt(corruptedPayload, testKey)).toThrow();
 
       // Verify logger.warn was called
+      expect(logger.warn).toHaveBeenCalledWith(
+        { err: expect.any(Error) },
+        "AES-GCM decryption failed; refusing to fall back to insecure CBC"
+      );
       expect(logger.warn).toHaveBeenCalledTimes(1);
-      const [firstArg, secondArg] = vi.mocked(logger.warn).mock.calls[0];
-      expect(firstArg).toHaveProperty("err");
-      expect(firstArg.err).toHaveProperty("message");
-      expect(secondArg).toBe("AES-GCM decryption failed; refusing to fall back to insecure CBC");
     });
 
     test("logs warning and throws when GCM decryption fails with wrong key", () => {
@@ -496,11 +366,11 @@ describe("Crypto Utils", () => {
       expect(() => symmetricDecrypt(payload, wrongKey)).toThrow();
 
       // Verify logger.warn was called
+      expect(logger.warn).toHaveBeenCalledWith(
+        { err: expect.any(Error) },
+        "AES-GCM decryption failed; refusing to fall back to insecure CBC"
+      );
       expect(logger.warn).toHaveBeenCalledTimes(1);
-      const [firstArg, secondArg] = vi.mocked(logger.warn).mock.calls[0];
-      expect(firstArg).toHaveProperty("err");
-      expect(firstArg.err).toHaveProperty("message");
-      expect(secondArg).toBe("AES-GCM decryption failed; refusing to fall back to insecure CBC");
     });
   });
 });

apps/web/lib/crypto.ts

@@ -1,5 +1,5 @@
 import { compare, hash } from "bcryptjs";
-import { createCipheriv, createDecipheriv, createHash, createHmac, randomBytes } from "node:crypto";
+import { createCipheriv, createDecipheriv, createHash, randomBytes } from "crypto";
 import { logger } from "@formbricks/logger";
 import { ENCRYPTION_KEY } from "@/lib/constants";
 
@@ -141,54 +141,3 @@ export const parseApiKeyV2 = (key: string): { secret: string } | null => {
 
   return { secret };
 };
-
-// Standard Webhooks secret prefix
-const WEBHOOK_SECRET_PREFIX = "whsec_";
-
-/**
- * Generate a Standard Webhooks compliant secret
- * Following: https://github.com/standard-webhooks/standard-webhooks/blob/main/spec/standard-webhooks.md
- *
- * Format: whsec_ + base64(32 random bytes)
- * @returns A webhook secret in format "whsec_{base64_encoded_random_bytes}"
- */
-export const generateWebhookSecret = (): string => {
-  const secretBytes = randomBytes(32); // 256 bits of entropy
-  return `${WEBHOOK_SECRET_PREFIX}${secretBytes.toString("base64")}`;
-};
-
-/**
- * Decode a Standard Webhooks secret to get the raw bytes
- * Strips the whsec_ prefix and base64 decodes the rest
- *
- * @param secret The webhook secret (with or without whsec_ prefix)
- * @returns Buffer containing the raw secret bytes
- */
-export const getWebhookSecretBytes = (secret: string): Buffer => {
-  const base64Part = secret.startsWith(WEBHOOK_SECRET_PREFIX)
-    ? secret.slice(WEBHOOK_SECRET_PREFIX.length)
-    : secret;
-  return Buffer.from(base64Part, "base64");
-};
-
-/**
- * Generate Standard Webhooks compliant signature
- * Following: https://github.com/standard-webhooks/standard-webhooks/blob/main/spec/standard-webhooks.md
- *
- * @param webhookId Unique message identifier
- * @param timestamp Unix timestamp in seconds
- * @param payload The request body as a string
- * @param secret The shared secret (whsec_ prefixed)
- * @returns The signature in format "v1,{base64_signature}"
- */
-export const generateStandardWebhookSignature = (
-  webhookId: string,
-  timestamp: number,
-  payload: string,
-  secret: string
-): string => {
-  const signedContent = `${webhookId}.${timestamp}.${payload}`;
-  const secretBytes = getWebhookSecretBytes(secret);
-  const signature = createHmac("sha256", secretBytes).update(signedContent).digest("base64");
-  return `v1,${signature}`;
-};

apps/web/lib/i18n/utils.ts

@@ -88,7 +88,7 @@ export const getLanguageCode = (surveyLanguages: TSurveyLanguage[], languageCode
   return language?.default ? "default" : language?.language.code || "default";
 };
 
-export const iso639Identifiers = iso639Languages.map((language) => language.code);
+export const iso639Identifiers = iso639Languages.map((language) => language.alpha2);
 
 // Helper function to add language keys to a multi-language object (e.g. survey or question)
 // Iterates over the object recursively and adds empty strings for new language keys
@@ -130,78 +130,217 @@ export const appLanguages = [
     code: "en-US",
     label: {
       "en-US": "English (US)",
+      "de-DE": "Englisch (US)",
+      "pt-BR": "Inglês (EUA)",
+      "fr-FR": "Anglais (États-Unis)",
+      "zh-Hant-TW": "英文 (美國)",
+      "pt-PT": "Inglês (EUA)",
+      "ro-RO": "Engleză (SUA)",
+      "ja-JP": "英語（米国）",
+      "zh-Hans-CN": "英语（美国）",
+      "nl-NL": "Engels (VS)",
+      "es-ES": "Inglés (EE.UU.)",
+      "sv-SE": "Engelska (USA)",
+      "ru-RU": "Английский (США)",
     },
   },
   {
     code: "de-DE",
     label: {
       "en-US": "German",
+      "de-DE": "Deutsch",
+      "pt-BR": "Alemão",
+      "fr-FR": "Allemand",
+      "zh-Hant-TW": "德語",
+      "pt-PT": "Alemão",
+      "ro-RO": "Germană",
+      "ja-JP": "ドイツ語",
+      "zh-Hans-CN": "德语",
+      "nl-NL": "Duits",
+      "es-ES": "Alemán",
+      "sv-SE": "Tyska",
+      "ru-RU": "Немецкий",
     },
   },
   {
     code: "pt-BR",
     label: {
       "en-US": "Portuguese (Brazil)",
+      "de-DE": "Portugiesisch (Brasilien)",
+      "pt-BR": "Português (Brasil)",
+      "fr-FR": "Portugais (Brésil)",
+      "zh-Hant-TW": "葡萄牙語 (巴西)",
+      "pt-PT": "Português (Brasil)",
+      "ro-RO": "Portugheză (Brazilia)",
+      "ja-JP": "ポルトガル語（ブラジル）",
+      "zh-Hans-CN": "葡萄牙语（巴西）",
+      "nl-NL": "Portugees (Brazilië)",
+      "es-ES": "Portugués (Brasil)",
+      "sv-SE": "Portugisiska (Brasilien)",
+      "ru-RU": "Португальский (Бразилия)",
     },
   },
   {
     code: "fr-FR",
     label: {
       "en-US": "French",
+      "de-DE": "Französisch",
+      "pt-BR": "Francês",
+      "fr-FR": "Français",
+      "zh-Hant-TW": "法語",
+      "pt-PT": "Francês",
+      "ro-RO": "Franceză",
+      "ja-JP": "フランス語",
+      "zh-Hans-CN": "法语",
+      "nl-NL": "Frans",
+      "es-ES": "Francés",
+      "sv-SE": "Franska",
+      "ru-RU": "Французский",
     },
   },
   {
     code: "zh-Hant-TW",
     label: {
       "en-US": "Chinese (Traditional)",
+      "de-DE": "Chinesisch (Traditionell)",
+      "pt-BR": "Chinês (Tradicional)",
+      "fr-FR": "Chinois (Traditionnel)",
+      "zh-Hant-TW": "繁體中文",
+      "pt-PT": "Chinês (Tradicional)",
+      "ro-RO": "Chineza (Tradițională)",
+      "ja-JP": "中国語（繁体字）",
+      "zh-Hans-CN": "繁体中文",
+      "nl-NL": "Chinees (Traditioneel)",
+      "es-ES": "Chino (Tradicional)",
+      "sv-SE": "Kinesiska (traditionell)",
+      "ru-RU": "Китайский (традиционный)",
     },
   },
   {
     code: "pt-PT",
     label: {
       "en-US": "Portuguese (Portugal)",
+      "de-DE": "Portugiesisch (Portugal)",
+      "pt-BR": "Português (Portugal)",
+      "fr-FR": "Portugais (Portugal)",
+      "zh-Hant-TW": "葡萄牙語 (葡萄牙)",
+      "pt-PT": "Português (Portugal)",
+      "ro-RO": "Portugheză (Portugalia)",
+      "ja-JP": "ポルトガル語（ポルトガル）",
+      "zh-Hans-CN": "葡萄牙语（葡萄牙）",
+      "nl-NL": "Portugees (Portugal)",
+      "es-ES": "Portugués (Portugal)",
+      "sv-SE": "Portugisiska (Portugal)",
+      "ru-RU": "Португальский (Португалия)",
     },
   },
   {
     code: "ro-RO",
     label: {
       "en-US": "Romanian",
+      "de-DE": "Rumänisch",
+      "pt-BR": "Romeno",
+      "fr-FR": "Roumain",
+      "zh-Hant-TW": "羅馬尼亞語",
+      "pt-PT": "Romeno",
+      "ro-RO": "Română",
+      "ja-JP": "ルーマニア語",
+      "zh-Hans-CN": "罗马尼亚语",
+      "nl-NL": "Roemeens",
+      "es-ES": "Rumano",
+      "sv-SE": "Rumänska",
+      "ru-RU": "Румынский",
     },
   },
   {
     code: "ja-JP",
     label: {
       "en-US": "Japanese",
+      "de-DE": "Japanisch",
+      "pt-BR": "Japonês",
+      "fr-FR": "Japonais",
+      "zh-Hant-TW": "日語",
+      "pt-PT": "Japonês",
+      "ro-RO": "Japoneză",
+      "ja-JP": "日本語",
+      "zh-Hans-CN": "日语",
+      "nl-NL": "Japans",
+      "es-ES": "Japonés",
+      "sv-SE": "Japanska",
+      "ru-RU": "Японский",
     },
   },
   {
     code: "zh-Hans-CN",
     label: {
       "en-US": "Chinese (Simplified)",
+      "de-DE": "Chinesisch (Vereinfacht)",
+      "pt-BR": "Chinês (Simplificado)",
+      "fr-FR": "Chinois (Simplifié)",
+      "zh-Hant-TW": "簡體中文",
+      "pt-PT": "Chinês (Simplificado)",
+      "ro-RO": "Chineza (Simplificată)",
+      "ja-JP": "中国語（簡体字）",
+      "zh-Hans-CN": "简体中文",
+      "nl-NL": "Chinees (Vereenvoudigd)",
+      "es-ES": "Chino (Simplificado)",
+      "sv-SE": "Kinesiska (förenklad)",
+      "ru-RU": "Китайский (упрощенный)",
     },
   },
   {
     code: "nl-NL",
     label: {
       "en-US": "Dutch",
+      "de-DE": "Niederländisch",
+      "pt-BR": "Holandês",
+      "fr-FR": "Néerlandais",
+      "zh-Hant-TW": "荷蘭語",
+      "pt-PT": "Holandês",
+      "ro-RO": "Olandeza",
+      "ja-JP": "オランダ語",
+      "zh-Hans-CN": "荷兰语",
+      "nl-NL": "Nederlands",
+      "es-ES": "Neerlandés",
+      "sv-SE": "Nederländska",
+      "ru-RU": "Голландский",
     },
   },
   {
     code: "es-ES",
     label: {
       "en-US": "Spanish",
+      "de-DE": "Spanisch",
+      "pt-BR": "Espanhol",
+      "fr-FR": "Espagnol",
+      "zh-Hant-TW": "西班牙語",
+      "pt-PT": "Espanhol",
+      "ro-RO": "Spaniol",
+      "ja-JP": "スペイン語",
+      "zh-Hans-CN": "西班牙语",
+      "nl-NL": "Spaans",
+      "es-ES": "Español",
+      "sv-SE": "Spanska",
+      "ru-RU": "Испанский",
     },
   },
   {
     code: "sv-SE",
     label: {
       "en-US": "Swedish",
-    },
-  },
-  {
-    code: "ru-RU",
-    label: {
-      "en-US": "Russian",
+      "de-DE": "Schwedisch",
+      "pt-BR": "Sueco",
+      "fr-FR": "Suédois",
+      "zh-Hant-TW": "瑞典語",
+      "pt-PT": "Sueco",
+      "ro-RO": "Suedeză",
+      "ja-JP": "スウェーデン語",
+      "zh-Hans-CN": "瑞典语",
+      "nl-NL": "Zweeds",
+      "es-ES": "Sueco",
+      "sv-SE": "Svenska",
+      "ru-RU": "Шведский",
     },
   },
 ];
+export { iso639Languages };

apps/web/lib/survey/__mock__/survey.mock.ts

@@ -208,7 +208,6 @@ const baseSurveyProperties = {
     },
   ],
   isBackButtonHidden: false,
-  isCaptureIpEnabled: false,
   endings: [
     {
       id: "umyknohldc7w26ocjdhaa62c",

apps/web/lib/survey/service.test.ts

@@ -308,10 +308,6 @@ describe("Tests for updateSurvey", () => {
       const updatedSurvey = await updateSurvey(updateSurveyInput);
       expect(updatedSurvey).toEqual(mockTransformedSurveyOutput);
     });
-
-    // Note: Language handling tests (for languages.length > 0 fix) are covered in
-    // apps/web/modules/survey/editor/lib/survey.test.ts where we have better control
-    // over the test mocks. The key fix ensures languages.length > 0 (not > 1) is used.
   });
 
   describe("Sad Path", () => {

apps/web/lib/survey/service.ts

@@ -56,7 +56,6 @@ export const selectSurvey = {
   isVerifyEmailEnabled: true,
   isSingleResponsePerEmailEnabled: true,
   isBackButtonHidden: true,
-  isCaptureIpEnabled: true,
   redirectUrl: true,
   projectOverwrites: true,
   styling: true,
@@ -329,7 +328,7 @@ export const updateSurveyInternal = async (
         ? currentSurvey.languages.map((l) => l.language.id)
         : [];
       const updatedLanguageIds =
-        languages.length > 0 ? updatedSurvey.languages.map((l) => l.language.id) : [];
+        languages.length > 1 ? updatedSurvey.languages.map((l) => l.language.id) : [];
       const enabledLanguageIds = languages.map((language) => {
         if (language.enabled) return language.language.id;
       });

apps/web/lib/utils/locale.test.ts

@@ -90,10 +90,11 @@ describe("locale", () => {
     // Verify sv-SE is in AVAILABLE_LOCALES
     expect(AVAILABLE_LOCALES).toContain("sv-SE");
 
-    // Verify Swedish has a language entry with proper label
+    // Verify Swedish has a language entry with proper labels
     const swedishLanguage = appLanguages.find((lang) => lang.code === "sv-SE");
     expect(swedishLanguage).toBeDefined();
     expect(swedishLanguage?.label["en-US"]).toBe("Swedish");
+    expect(swedishLanguage?.label["sv-SE"]).toBe("Svenska");
 
     // Verify the locale can be matched from Accept-Language header
     vi.mocked(nextHeaders.headers).mockReturnValue({

apps/web/locales/de-DE.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Mix aus Groß- und Kleinbuchstaben",
       "please_verify_captcha": "Bitte bestätige reCAPTCHA",
       "privacy_policy": "Datenschutzerklärung",
-      "product_updates_description": "Monatliche Produktneuigkeiten und Feature-Updates, es gilt die Datenschutzerklärung.",
-      "product_updates_title": "Produkt-Updates",
-      "security_updates_description": "Nur sicherheitsrelevante Informationen, es gilt die Datenschutzerklärung.",
-      "security_updates_title": "Sicherheits-Updates",
       "terms_of_service": "Nutzungsbedingungen",
       "title": "Erstelle dein Formbricks-Konto"
     },
@@ -201,7 +197,6 @@
     "docs": "Dokumentation",
     "documentation": "Dokumentation",
     "domain": "Domain",
-    "done": "Fertig",
     "download": "Herunterladen",
     "draft": "Entwurf",
     "duplicate": "Duplikat",
@@ -788,26 +783,20 @@
         "add_webhook": "Webhook hinzufügen",
         "add_webhook_description": "Sende Umfragedaten an einen benutzerdefinierten Endpunkt",
         "all_current_and_new_surveys": "Alle aktuellen und neuen Umfragen",
-        "copy_secret_now": "Signierungsschlüssel kopieren",
         "created_by_third_party": "Erstellt von einer dritten Partei",
         "discord_webhook_not_supported": "Discord-Webhooks werden derzeit nicht unterstützt.",
         "empty_webhook_message": "Deine Webhooks werden hier angezeigt, sobald Du sie hinzufügst ⏲️",
         "endpoint_pinged": "Juhu! Wir können den Webhook anpingen!",
         "endpoint_pinged_error": "Kann den Webhook nicht anpingen!",
-        "learn_to_verify": "Erfahren Sie, wie Sie Webhook-Signaturen verifizieren",
         "please_check_console": "Bitte überprüfe die Konsole für weitere Details",
         "please_enter_a_url": "Bitte gib eine URL ein",
         "response_created": "Antwort erstellt",
         "response_finished": "Antwort abgeschlossen",
         "response_updated": "Antwort aktualisiert",
-        "secret_copy_warning": "Bewahren Sie diesen Schlüssel sicher auf. Sie können ihn erneut in den Webhook-Einstellungen einsehen.",
-        "secret_description": "Verwenden Sie diesen Schlüssel, um Webhook-Anfragen zu verifizieren. Siehe Dokumentation zur Signaturverifizierung.",
-        "signing_secret": "Signierungsschlüssel",
         "source": "Quelle",
         "test_endpoint": "Test-Endpunkt",
         "triggers": "Auslöser",
         "webhook_added_successfully": "Webhook wurde erfolgreich hinzugefügt",
-        "webhook_created": "Webhook erstellt",
         "webhook_delete_confirmation": "Bist Du sicher, dass Du diesen Webhook löschen möchtest? Dadurch werden dir keine weiteren Benachrichtigungen mehr gesendet.",
         "webhook_deleted_successfully": "Webhook erfolgreich gelöscht",
         "webhook_name_placeholder": "Optional: Benenne deinen Webhook zur einfachen Identifizierung",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Logo entfernen",
         "replace_logo": "Logo ersetzen",
         "resend_invitation_email": "Einladungsemail erneut senden",
-        "security_list_tip": "Haben Sie sich für unsere Sicherheitsliste angemeldet? Bleiben Sie informiert, um Ihre Instanz sicher zu halten!",
-        "security_list_tip_link": "Hier registrieren.",
         "share_invite_link": "Einladungslink teilen",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Teile diesen Link, damit dein Organisationsmitglied deiner Organisation beitreten kann:",
         "test_email_sent_successfully": "Test-E-Mail erfolgreich gesendet",
@@ -1182,9 +1169,6 @@
         "assign": "Zuweisen =",
         "audience": "Publikum",
         "auto_close_on_inactivity": "Automatisches Schließen bei Inaktivität",
-        "auto_save_disabled": "Automatisches Speichern deaktiviert",
-        "auto_save_disabled_tooltip": "Ihre Umfrage wird nur im Entwurfsmodus automatisch gespeichert. So wird sichergestellt, dass öffentliche Umfragen nicht unbeabsichtigt aktualisiert werden.",
-        "auto_save_on": "Automatisches Speichern an",
         "automatically_close_survey_after": "Umfrage automatisch schließen nach",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Schließe die Umfrage automatisch nach einer bestimmten Anzahl von Antworten.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Schließe die Umfrage automatisch, wenn der Benutzer nach einer bestimmten Anzahl von Sekunden nicht antwortet.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Cal.com Benutzername oder Benutzername/Ereignis",
         "calculate": "Berechnen",
         "capture_a_new_action_to_trigger_a_survey_on": "Erfasse eine neue Aktion, um eine Umfrage auszulösen.",
-        "capture_ip_address": "IP-Adresse erfassen",
-        "capture_ip_address_description": "Speichern Sie die IP-Adresse des Befragten in den Antwort-Metadaten zur Duplikaterkennung und für Sicherheitszwecke",
         "capture_new_action": "Neue Aktion erfassen",
         "card_arrangement_for_survey_type_derived": "Kartenanordnung für {surveyTypeDerived} Umfragen",
         "card_background_color": "Hintergrundfarbe der Karte",
@@ -1466,7 +1448,6 @@
         "please_specify": "Bitte angeben",
         "prevent_double_submission": "Doppeltes Anbschicken verhindern",
         "prevent_double_submission_description": "Nur eine Antwort pro E-Mail-Adresse zulassen (beta)",
-        "progress_saved": "Fortschritt gespeichert",
         "protect_survey_with_pin": "Umfrage mit einer PIN schützen",
         "protect_survey_with_pin_description": "Nur Benutzer, die die PIN haben, können auf die Umfrage zugreifen.",
         "publish": "Veröffentlichen",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Beim Herunterladen der Antworten ist ein Fehler aufgetreten",
         "first_name": "Vorname",
         "how_to_identify_users": "Wie man Benutzer identifiziert",
-        "ip_address": "IP-Adresse",
         "last_name": "Nachname",
         "not_completed": "Nicht abgeschlossen ⏳",
         "os": "Betriebssystem",

apps/web/locales/es-ES.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Mezcla de mayúsculas y minúsculas",
       "please_verify_captcha": "Por favor, verifica el reCAPTCHA",
       "privacy_policy": "Política de privacidad",
-      "product_updates_description": "Noticias mensuales del producto y actualizaciones de funciones, se aplica la política de privacidad.",
-      "product_updates_title": "Actualizaciones del producto",
-      "security_updates_description": "Solo información relevante sobre seguridad, se aplica la política de privacidad.",
-      "security_updates_title": "Actualizaciones de seguridad",
       "terms_of_service": "Términos de servicio",
       "title": "Crea tu cuenta de Formbricks"
     },
@@ -201,7 +197,6 @@
     "docs": "Documentación",
     "documentation": "Documentación",
     "domain": "Dominio",
-    "done": "Hecho",
     "download": "Descargar",
     "draft": "Borrador",
     "duplicate": "Duplicar",
@@ -788,26 +783,20 @@
         "add_webhook": "Añadir webhook",
         "add_webhook_description": "Envía datos de respuestas de encuestas a un endpoint personalizado",
         "all_current_and_new_surveys": "Todas las encuestas actuales y nuevas",
-        "copy_secret_now": "Copia tu secreto de firma",
         "created_by_third_party": "Creado por un tercero",
         "discord_webhook_not_supported": "Los webhooks de Discord no son compatibles actualmente.",
         "empty_webhook_message": "Tus webhooks aparecerán aquí tan pronto como los añadas. ⏲️",
         "endpoint_pinged": "¡Genial! ¡Podemos hacer ping al webhook!",
         "endpoint_pinged_error": "¡No se puede hacer ping al webhook!",
-        "learn_to_verify": "Aprende a verificar las firmas de webhook",
         "please_check_console": "Por favor, consulta la consola para más detalles",
         "please_enter_a_url": "Por favor, introduce una URL",
         "response_created": "Respuesta creada",
         "response_finished": "Respuesta finalizada",
         "response_updated": "Respuesta actualizada",
-        "secret_copy_warning": "Almacena este secreto de forma segura. Puedes verlo de nuevo en la configuración del webhook.",
-        "secret_description": "Usa este secreto para verificar las solicitudes del webhook. Consulta la documentación para la verificación de firma.",
-        "signing_secret": "Secreto de firma",
         "source": "Origen",
         "test_endpoint": "Probar endpoint",
         "triggers": "Disparadores",
         "webhook_added_successfully": "Webhook añadido correctamente",
-        "webhook_created": "Webhook creado",
         "webhook_delete_confirmation": "¿Estás seguro de que quieres eliminar este webhook? Esto detendrá el envío de futuras notificaciones.",
         "webhook_deleted_successfully": "Webhook eliminado correctamente",
         "webhook_name_placeholder": "Opcional: Etiqueta tu webhook para identificarlo fácilmente",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Eliminar logotipo",
         "replace_logo": "Reemplazar logotipo",
         "resend_invitation_email": "Reenviar correo electrónico de invitación",
-        "security_list_tip": "¿Estás suscrito a nuestra lista de seguridad? ¡Mantente informado para mantener tu instancia segura!",
-        "security_list_tip_link": "Regístrate aquí.",
         "share_invite_link": "Compartir enlace de invitación",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Comparte este enlace para permitir que los miembros de tu organización se unan a tu organización:",
         "test_email_sent_successfully": "Correo electrónico de prueba enviado correctamente",
@@ -1182,9 +1169,6 @@
         "assign": "Asignar =",
         "audience": "Audiencia",
         "auto_close_on_inactivity": "Cierre automático por inactividad",
-        "auto_save_disabled": "Guardado automático desactivado",
-        "auto_save_disabled_tooltip": "Su encuesta solo se guarda automáticamente cuando está en borrador. Esto asegura que las encuestas públicas no se actualicen involuntariamente.",
-        "auto_save_on": "Guardado automático activado",
         "automatically_close_survey_after": "Cerrar automáticamente la encuesta después de",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Cerrar automáticamente la encuesta después de un cierto número de respuestas.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Cerrar automáticamente la encuesta si el usuario no responde después de cierto número de segundos.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Nombre de usuario de Cal.com o nombre de usuario/evento",
         "calculate": "Calcular",
         "capture_a_new_action_to_trigger_a_survey_on": "Captura una nueva acción para activar una encuesta.",
-        "capture_ip_address": "Capturar dirección IP",
-        "capture_ip_address_description": "Almacenar la dirección IP del encuestado en los metadatos de respuesta para la detección de duplicados y fines de seguridad",
         "capture_new_action": "Capturar nueva acción",
         "card_arrangement_for_survey_type_derived": "Disposición de tarjetas para encuestas de tipo {surveyTypeDerived}",
         "card_background_color": "Color de fondo de la tarjeta",
@@ -1466,7 +1448,6 @@
         "please_specify": "Por favor, especifica",
         "prevent_double_submission": "Evitar envío duplicado",
         "prevent_double_submission_description": "Permitir solo 1 respuesta por dirección de correo electrónico",
-        "progress_saved": "Progreso guardado",
         "protect_survey_with_pin": "Proteger encuesta con un PIN",
         "protect_survey_with_pin_description": "Solo los usuarios que tengan el PIN pueden acceder a la encuesta.",
         "publish": "Publicar",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Se produjo un error al descargar las respuestas",
         "first_name": "Nombre",
         "how_to_identify_users": "Cómo identificar a los usuarios",
-        "ip_address": "Dirección IP",
         "last_name": "Apellido",
         "not_completed": "No completado ⏳",
         "os": "Sistema operativo",

apps/web/locales/fr-FR.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Mélange de majuscules et de minuscules",
       "please_verify_captcha": "Veuillez vérifier reCAPTCHA",
       "privacy_policy": "Politique de confidentialité",
-      "product_updates_description": "Actualités mensuelles du produit et mises à jour des fonctionnalités, la politique de confidentialité s'applique.",
-      "product_updates_title": "Mises à jour du produit",
-      "security_updates_description": "Informations relatives à la sécurité uniquement, la politique de confidentialité s'applique.",
-      "security_updates_title": "Mises à jour de sécurité",
       "terms_of_service": "Conditions d'utilisation",
       "title": "Créez votre compte Formbricks"
     },
@@ -201,7 +197,6 @@
     "docs": "Documentation",
     "documentation": "Documentation",
     "domain": "Domaine",
-    "done": "Terminé",
     "download": "Télécharger",
     "draft": "Brouillon",
     "duplicate": "Dupliquer",
@@ -788,26 +783,20 @@
         "add_webhook": "Ajouter un Webhook",
         "add_webhook_description": "Envoyer les données de réponse à l'enquête à un point de terminaison personnalisé",
         "all_current_and_new_surveys": "Tous les sondages actuels et nouveaux",
-        "copy_secret_now": "Copiez votre secret de signature",
         "created_by_third_party": "Créé par un tiers",
         "discord_webhook_not_supported": "Les webhooks Discord ne sont actuellement pas pris en charge.",
         "empty_webhook_message": "Vos webhooks apparaîtront ici dès que vous les ajouterez. ⏲️",
         "endpoint_pinged": "Yay ! Nous pouvons pinger le webhook !",
         "endpoint_pinged_error": "Impossible de pinger le webhook !",
-        "learn_to_verify": "Découvrez comment vérifier les signatures de webhook",
         "please_check_console": "Veuillez vérifier la console pour plus de détails.",
         "please_enter_a_url": "Veuillez entrer une URL.",
         "response_created": "Réponse créée",
         "response_finished": "Réponse terminée",
         "response_updated": "Réponse mise à jour",
-        "secret_copy_warning": "Conservez ce secret en lieu sûr. Vous pourrez le consulter à nouveau dans les paramètres du webhook.",
-        "secret_description": "Utilisez ce secret pour vérifier les requêtes webhook. Consultez la documentation pour la vérification de signature.",
-        "signing_secret": "Secret de signature",
         "source": "Source",
         "test_endpoint": "Point de test",
         "triggers": "Déclencheurs",
         "webhook_added_successfully": "Webhook ajouté avec succès",
-        "webhook_created": "Webhook créé",
         "webhook_delete_confirmation": "Êtes-vous sûr de vouloir supprimer ce Webhook ? Cela arrêtera l'envoi de toute notification future.",
         "webhook_deleted_successfully": "Webhook supprimé avec succès",
         "webhook_name_placeholder": "Optionnel : Étiquetez votre webhook pour une identification facile",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Supprimer le logo",
         "replace_logo": "Remplacer le logo",
         "resend_invitation_email": "Renvoyer l'e-mail d'invitation",
-        "security_list_tip": "Êtes-vous inscrit à notre liste de sécurité ? Restez informé pour maintenir votre instance sécurisée !",
-        "security_list_tip_link": "Inscrivez-vous ici.",
         "share_invite_link": "Partager le lien d'invitation",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Partagez ce lien pour permettre à un membre de votre organisation de rejoindre votre organisation :",
         "test_email_sent_successfully": "E-mail de test envoyé avec succès",
@@ -1182,9 +1169,6 @@
         "assign": "Attribuer =",
         "audience": "Public",
         "auto_close_on_inactivity": "Fermeture automatique en cas d'inactivité",
-        "auto_save_disabled": "Sauvegarde automatique désactivée",
-        "auto_save_disabled_tooltip": "Votre sondage n'est sauvegardé automatiquement que lorsqu'il est en brouillon. Cela garantit que les sondages publics ne sont pas mis à jour involontairement.",
-        "auto_save_on": "Sauvegarde automatique activée",
         "automatically_close_survey_after": "Fermer automatiquement l'enquête après",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Fermer automatiquement l'enquête après un certain nombre de réponses.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Fermer automatiquement l'enquête si l'utilisateur ne répond pas après un certain nombre de secondes.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Nom d'utilisateur Cal.com ou nom d'utilisateur/événement",
         "calculate": "Calculer",
         "capture_a_new_action_to_trigger_a_survey_on": "Capturez une nouvelle action pour déclencher une enquête.",
-        "capture_ip_address": "Capturer l'adresse IP",
-        "capture_ip_address_description": "Stocker l'adresse IP du répondant dans les métadonnées de réponse à des fins de détection des doublons et de sécurité",
         "capture_new_action": "Capturer une nouvelle action",
         "card_arrangement_for_survey_type_derived": "Disposition des cartes pour les enquêtes {surveyTypeDerived}",
         "card_background_color": "Couleur de fond de la carte",
@@ -1466,7 +1448,6 @@
         "please_specify": "Veuillez préciser",
         "prevent_double_submission": "Empêcher la double soumission",
         "prevent_double_submission_description": "Autoriser uniquement 1 réponse par adresse e-mail",
-        "progress_saved": "Progression enregistrée",
         "protect_survey_with_pin": "Protéger l'enquête par un code PIN",
         "protect_survey_with_pin_description": "Seules les personnes ayant le code PIN peuvent accéder à l'enquête.",
         "publish": "Publier",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Une erreur s'est produite lors du téléchargement des réponses",
         "first_name": "Prénom",
         "how_to_identify_users": "Comment identifier les utilisateurs",
-        "ip_address": "Adresse IP",
         "last_name": "Nom de famille",
         "not_completed": "Non terminé ⏳",
         "os": "Système d'exploitation",

apps/web/locales/ja-JP.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "大文字と小文字を混ぜる",
       "please_verify_captcha": "reCAPTCHAを認証してください",
       "privacy_policy": "プライバシーポリシー",
-      "product_updates_description": "毎月の製品ニュースと機能アップデート、プライバシーポリシーが適用されます。",
-      "product_updates_title": "製品アップデート",
-      "security_updates_description": "セキュリティ関連情報のみ、プライバシーポリシーが適用されます。",
-      "security_updates_title": "セキュリティアップデート",
       "terms_of_service": "利用規約",
       "title": "Formbricksアカウントを作成"
     },
@@ -201,7 +197,6 @@
     "docs": "ドキュメント",
     "documentation": "ドキュメント",
     "domain": "ドメイン",
-    "done": "完了",
     "download": "ダウンロード",
     "draft": "下書き",
     "duplicate": "複製",
@@ -788,26 +783,20 @@
         "add_webhook": "Webhook を追加",
         "add_webhook_description": "フォーム回答データを任意のエンドポイントへ送信",
         "all_current_and_new_surveys": "現在および新規のすべてのフォーム",
-        "copy_secret_now": "署名シークレットをコピー",
         "created_by_third_party": "サードパーティによって作成",
         "discord_webhook_not_supported": "現在、Discord Webhook はサポートしていません。",
         "empty_webhook_message": "Webhook は追加するとここに表示されます。⏲️",
         "endpoint_pinged": "成功！Webhook に ping できました。",
         "endpoint_pinged_error": "Webhook への ping に失敗しました。",
-        "learn_to_verify": "Webhook署名の検証方法を学ぶ",
         "please_check_console": "詳細はコンソールを確認してください",
         "please_enter_a_url": "URL を入力してください",
         "response_created": "回答作成",
         "response_finished": "回答完了",
         "response_updated": "回答更新",
-        "secret_copy_warning": "このシークレットを安全に保管してください。Webhook 設定で再度確認できます。",
-        "secret_description": "このシークレットを使用して Webhook リクエストを検証します。署名検証についてはドキュメントを参照してください。",
-        "signing_secret": "署名シークレット",
         "source": "ソース",
         "test_endpoint": "エンドポイントをテスト",
         "triggers": "トリガー",
         "webhook_added_successfully": "Webhook を追加しました",
-        "webhook_created": "Webhook を作成しました",
         "webhook_delete_confirmation": "このWebhookを削除してもよろしいですか？以後の通知は送信されません。",
         "webhook_deleted_successfully": "Webhook を削除しました",
         "webhook_name_placeholder": "任意: 識別しやすいようWebhookにラベルを付ける",
@@ -1019,8 +1008,6 @@
         "remove_logo": "ロゴを削除",
         "replace_logo": "ロゴを交換",
         "resend_invitation_email": "招待メールを再送信",
-        "security_list_tip": "セキュリティリストに登録していますか？インスタンスを安全に保つために最新情報を入手しましょう！",
-        "security_list_tip_link": "こちらからサインアップしてください。",
         "share_invite_link": "招待リンクを共有",
         "share_this_link_to_let_your_organization_member_join_your_organization": "このリンクを共有して、組織メンバーを招待できます:",
         "test_email_sent_successfully": "テストメールを正常に送信しました",
@@ -1182,9 +1169,6 @@
         "assign": "割り当て =",
         "audience": "オーディエンス",
         "auto_close_on_inactivity": "非アクティブ時に自動閉鎖",
-        "auto_save_disabled": "自動保存が無効",
-        "auto_save_disabled_tooltip": "アンケートは下書き状態の時のみ自動保存されます。これにより、公開中のアンケートが意図せず更新されることを防ぎます。",
-        "auto_save_on": "自動保存オン",
         "automatically_close_survey_after": "フォームを自動的に閉じる",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "一定の回答数に達した後にフォームを自動的に閉じます。",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "ユーザーが一定秒数応答しない場合、フォームを自動的に閉じます。",
@@ -1206,8 +1190,6 @@
         "cal_username": "Cal.comのユーザー名またはユーザー名/イベント",
         "calculate": "計算",
         "capture_a_new_action_to_trigger_a_survey_on": "フォームをトリガーする新しいアクションをキャプチャします。",
-        "capture_ip_address": "IPアドレスを記録",
-        "capture_ip_address_description": "重複検出とセキュリティ目的で、回答者のIPアドレスを回答メタデータに保存します",
         "capture_new_action": "新しいアクションをキャプチャ",
         "card_arrangement_for_survey_type_derived": "{surveyTypeDerived} フォームのカード配置",
         "card_background_color": "カードの背景色",
@@ -1466,7 +1448,6 @@
         "please_specify": "具体的に指定してください",
         "prevent_double_submission": "二重送信を防ぐ",
         "prevent_double_submission_description": "メールアドレスごとに1つの回答のみを許可する",
-        "progress_saved": "進捗を保存しました",
         "protect_survey_with_pin": "PINでフォームを保護",
         "protect_survey_with_pin_description": "PINを持つユーザーのみがフォームにアクセスできます。",
         "publish": "公開",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "回答のダウンロード中にエラーが発生しました",
         "first_name": "名",
         "how_to_identify_users": "ユーザーを識別する方法",
-        "ip_address": "IPアドレス",
         "last_name": "姓",
         "not_completed": "未完了 ⏳",
         "os": "OS",

apps/web/locales/nl-NL.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Mix van hoofdletters en kleine letters",
       "please_verify_captcha": "Controleer reCAPTCHA",
       "privacy_policy": "Privacybeleid",
-      "product_updates_description": "Maandelijks productnieuws en feature-updates, privacybeleid is van toepassing.",
-      "product_updates_title": "Product-updates",
-      "security_updates_description": "Alleen beveiligingsrelevante informatie, privacybeleid is van toepassing.",
-      "security_updates_title": "Beveiligingsupdates",
       "terms_of_service": "Servicevoorwaarden",
       "title": "Maak uw Formbricks-account aan"
     },
@@ -201,7 +197,6 @@
     "docs": "Documentatie",
     "documentation": "Documentatie",
     "domain": "Domein",
-    "done": "Klaar",
     "download": "Downloaden",
     "draft": "Voorlopige versie",
     "duplicate": "Duplicaat",
@@ -788,26 +783,20 @@
         "add_webhook": "Webhook toevoegen",
         "add_webhook_description": "Stuur enquêtereactiegegevens naar een aangepast eindpunt",
         "all_current_and_new_surveys": "Alle huidige en nieuwe onderzoeken",
-        "copy_secret_now": "Kopieer je ondertekeningsgeheim",
         "created_by_third_party": "Gemaakt door een derde partij",
         "discord_webhook_not_supported": "Discord-webhooks worden momenteel niet ondersteund.",
         "empty_webhook_message": "Uw webhooks verschijnen hier zodra u ze toevoegt. ⏲️",
         "endpoint_pinged": "Jawel! We kunnen de webhook pingen!",
         "endpoint_pinged_error": "Kan de webhook niet pingen!",
-        "learn_to_verify": "Leer hoe je webhook-handtekeningen kunt verifiëren",
         "please_check_console": "Controleer de console voor meer details",
         "please_enter_a_url": "Voer een URL in",
         "response_created": "Reactie gemaakt",
         "response_finished": "Reactie voltooid",
         "response_updated": "Reactie bijgewerkt",
-        "secret_copy_warning": "Bewaar dit geheim veilig. Je kunt het opnieuw bekijken in de webhook-instellingen.",
-        "secret_description": "Gebruik dit geheim om webhook-verzoeken te verifiëren. Zie de documentatie voor handtekeningverificatie.",
-        "signing_secret": "Ondertekeningsgeheim",
         "source": "Bron",
         "test_endpoint": "Eindpunt testen",
         "triggers": "Triggers",
         "webhook_added_successfully": "Webhook succesvol toegevoegd",
-        "webhook_created": "Webhook aangemaakt",
         "webhook_delete_confirmation": "Weet u zeker dat u deze webhook wilt verwijderen? Hierdoor worden er geen verdere meldingen meer verzonden.",
         "webhook_deleted_successfully": "Webhook is succesvol verwijderd",
         "webhook_name_placeholder": "Optioneel: Label uw webhook voor gemakkelijke identificatie",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Logo verwijderen",
         "replace_logo": "Logo vervangen",
         "resend_invitation_email": "Uitnodigings-e-mail opnieuw verzenden",
-        "security_list_tip": "Ben je aangemeld voor onze beveiligingslijst? Blijf op de hoogte om je instantie veilig te houden!",
-        "security_list_tip_link": "Meld je hier aan.",
         "share_invite_link": "Deel de uitnodigingslink",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Deel deze link om uw organisatielid lid te laten worden van uw organisatie:",
         "test_email_sent_successfully": "Test-e-mail succesvol verzonden",
@@ -1182,9 +1169,6 @@
         "assign": "Toewijzen =",
         "audience": "Publiek",
         "auto_close_on_inactivity": "Automatisch sluiten bij inactiviteit",
-        "auto_save_disabled": "Automatisch opslaan uitgeschakeld",
-        "auto_save_disabled_tooltip": "Uw enquête wordt alleen automatisch opgeslagen wanneer deze een concept is. Dit zorgt ervoor dat openbare enquêtes niet onbedoeld worden bijgewerkt.",
-        "auto_save_on": "Automatisch opslaan aan",
         "automatically_close_survey_after": "Sluit de enquête daarna automatisch af",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Sluit de enquête automatisch af na een bepaald aantal reacties.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Sluit de enquête automatisch af als de gebruiker na een bepaald aantal seconden niet reageert.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Cal.com-gebruikersnaam of gebruikersnaam/evenement",
         "calculate": "Berekenen",
         "capture_a_new_action_to_trigger_a_survey_on": "Leg een nieuwe actie vast om een ​​enquête over te activeren.",
-        "capture_ip_address": "IP-adres vastleggen",
-        "capture_ip_address_description": "Sla het IP-adres van de respondent op in de metadata van het antwoord voor detectie van duplicaten en beveiligingsdoeleinden",
         "capture_new_action": "Leg nieuwe actie vast",
         "card_arrangement_for_survey_type_derived": "Kaartarrangement voor {surveyTypeDerived} enquêtes",
         "card_background_color": "Achtergrondkleur van de kaart",
@@ -1466,7 +1448,6 @@
         "please_specify": "Gelieve te specificeren",
         "prevent_double_submission": "Voorkom dubbele indiening",
         "prevent_double_submission_description": "Er is slechts 1 reactie per e-mailadres toegestaan",
-        "progress_saved": "Voortgang opgeslagen",
         "protect_survey_with_pin": "Beveilig onderzoek met een pincode",
         "protect_survey_with_pin_description": "Alleen gebruikers die de pincode hebben, hebben toegang tot de enquête.",
         "publish": "Publiceren",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Er is een fout opgetreden bij het downloaden van de antwoorden",
         "first_name": "Voornaam",
         "how_to_identify_users": "Hoe gebruikers te identificeren",
-        "ip_address": "IP-adres",
         "last_name": "Achternaam",
         "not_completed": "Niet voltooid ⏳",
         "os": "Besturingssysteem",

apps/web/locales/pt-BR.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "mistura de maiúsculas e minúsculas",
       "please_verify_captcha": "Por favor, verifique o reCAPTCHA",
       "privacy_policy": "Política de Privacidade",
-      "product_updates_description": "Novidades mensais do produto e atualizações de recursos, a Política de Privacidade se aplica.",
-      "product_updates_title": "Atualizações do produto",
-      "security_updates_description": "Apenas informações relevantes sobre segurança, a Política de Privacidade se aplica.",
-      "security_updates_title": "Atualizações de segurança",
       "terms_of_service": "Termos de Serviço",
       "title": "Crie sua conta no Formbricks"
     },
@@ -201,7 +197,6 @@
     "docs": "Documentação",
     "documentation": "Documentação",
     "domain": "Domínio",
-    "done": "Concluído",
     "download": "baixar",
     "draft": "Rascunho",
     "duplicate": "Duplicar",
@@ -788,26 +783,20 @@
         "add_webhook": "Adicionar Webhook",
         "add_webhook_description": "Enviar dados das respostas da pesquisa para um endpoint personalizado",
         "all_current_and_new_surveys": "Todas as pesquisas atuais e novas",
-        "copy_secret_now": "Copie seu segredo de assinatura",
         "created_by_third_party": "Criado por um Terceiro",
         "discord_webhook_not_supported": "Webhooks do Discord não são suportados no momento.",
         "empty_webhook_message": "Seus webhooks vão aparecer aqui assim que você adicioná-los. ⏲️",
         "endpoint_pinged": "Uhul! Conseguimos pingar o webhook!",
         "endpoint_pinged_error": "Não consegui pingar o webhook!",
-        "learn_to_verify": "Aprenda como verificar assinaturas de webhook",
         "please_check_console": "Por favor, verifica o console para mais detalhes",
         "please_enter_a_url": "Por favor, insira uma URL",
         "response_created": "Resposta Criada",
         "response_finished": "Resposta Finalizada",
         "response_updated": "Resposta Atualizada",
-        "secret_copy_warning": "Armazene este segredo com segurança. Você pode visualizá-lo novamente nas configurações do webhook.",
-        "secret_description": "Use este segredo para verificar requisições de webhook. Consulte a documentação para verificação de assinatura.",
-        "signing_secret": "Segredo de assinatura",
         "source": "fonte",
         "test_endpoint": "Testar Ponto de Extremidade",
         "triggers": "gatilhos",
         "webhook_added_successfully": "Webhook adicionado com sucesso",
-        "webhook_created": "Webhook criado",
         "webhook_delete_confirmation": "Tem certeza de que quer deletar esse Webhook? Isso vai parar de te enviar qualquer notificação.",
         "webhook_deleted_successfully": "Webhook deletado com sucesso",
         "webhook_name_placeholder": "Opcional: Dê um nome ao seu webhook para facilitar a identificação",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Remover logo",
         "replace_logo": "Substituir logo",
         "resend_invitation_email": "Reenviar E-mail de Convite",
-        "security_list_tip": "Você está inscrito na nossa Lista de Segurança? Mantenha-se informado para manter sua instância segura!",
-        "security_list_tip_link": "Cadastre-se aqui.",
         "share_invite_link": "Compartilhar Link de Convite",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Compartilhe esse link para que o membro da sua organização possa entrar na sua organização:",
         "test_email_sent_successfully": "E-mail de teste enviado com sucesso",
@@ -1182,9 +1169,6 @@
         "assign": "atribuir =",
         "audience": "Público",
         "auto_close_on_inactivity": "Fechar automaticamente por inatividade",
-        "auto_save_disabled": "Salvamento automático desativado",
-        "auto_save_disabled_tooltip": "Sua pesquisa só é salva automaticamente quando está em rascunho. Isso garante que pesquisas públicas não sejam atualizadas involuntariamente.",
-        "auto_save_on": "Salvamento automático ativado",
         "automatically_close_survey_after": "Fechar pesquisa automaticamente após",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Fechar automaticamente a pesquisa depois de um certo número de respostas.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Feche automaticamente a pesquisa se o usuário não responder depois de alguns segundos.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Nome de usuário do Cal.com ou nome de usuário/evento",
         "calculate": "Calcular",
         "capture_a_new_action_to_trigger_a_survey_on": "Captura uma nova ação pra disparar uma pesquisa.",
-        "capture_ip_address": "Capturar endereço IP",
-        "capture_ip_address_description": "Armazenar o endereço IP do respondente nos metadados da resposta para fins de detecção de duplicatas e segurança",
         "capture_new_action": "Capturar nova ação",
         "card_arrangement_for_survey_type_derived": "Arranjo de Cartões para Pesquisas {surveyTypeDerived}",
         "card_background_color": "Cor de fundo do cartão",
@@ -1466,7 +1448,6 @@
         "please_specify": "Por favor, especifique",
         "prevent_double_submission": "Evitar envio duplicado",
         "prevent_double_submission_description": "Permitir apenas 1 resposta por endereço de email",
-        "progress_saved": "Progresso salvo",
         "protect_survey_with_pin": "Proteger pesquisa com um PIN",
         "protect_survey_with_pin_description": "Somente usuários que têm o PIN podem acessar a pesquisa.",
         "publish": "Publicar",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Ocorreu um erro ao baixar as respostas",
         "first_name": "Primeiro Nome",
         "how_to_identify_users": "Como identificar usuários",
-        "ip_address": "Endereço IP",
         "last_name": "Sobrenome",
         "not_completed": "Não Concluído ⏳",
         "os": "sistema operacional",

apps/web/locales/pt-PT.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Mistura de maiúsculas e minúsculas",
       "please_verify_captcha": "Por favor, verifique o reCAPTCHA",
       "privacy_policy": "Política de Privacidade",
-      "product_updates_description": "Notícias mensais sobre o produto e atualizações de funcionalidades, aplica-se a Política de Privacidade.",
-      "product_updates_title": "Atualizações do produto",
-      "security_updates_description": "Apenas informações relevantes sobre segurança, aplica-se a Política de Privacidade.",
-      "security_updates_title": "Atualizações de segurança",
       "terms_of_service": "Termos de Serviço",
       "title": "Crie a sua conta Formbricks"
     },
@@ -201,7 +197,6 @@
     "docs": "Documentação",
     "documentation": "Documentação",
     "domain": "Domínio",
-    "done": "Concluído",
     "download": "Transferir",
     "draft": "Rascunho",
     "duplicate": "Duplicar",
@@ -788,26 +783,20 @@
         "add_webhook": "Adicionar Webhook",
         "add_webhook_description": "Enviar dados de resposta do inquérito para um endpoint personalizado",
         "all_current_and_new_surveys": "Todos os inquéritos atuais e novos",
-        "copy_secret_now": "Copiar o seu segredo de assinatura",
         "created_by_third_party": "Criado por um Terceiro",
         "discord_webhook_not_supported": "Os webhooks do Discord não são atualmente suportados.",
         "empty_webhook_message": "Os seus webhooks aparecerão aqui assim que os adicionar. ⏲️",
         "endpoint_pinged": "Yay! Conseguimos aceder ao webhook!",
         "endpoint_pinged_error": "Não foi possível aceder ao webhook!",
-        "learn_to_verify": "Aprenda a verificar assinaturas de webhook",
         "please_check_console": "Por favor, verifique a consola para mais detalhes",
         "please_enter_a_url": "Por favor, insira um URL",
         "response_created": "Resposta Criada",
         "response_finished": "Resposta Concluída",
         "response_updated": "Resposta Atualizada",
-        "secret_copy_warning": "Armazene este segredo de forma segura. Pode visualizá-lo novamente nas definições do webhook.",
-        "secret_description": "Use este segredo para verificar os pedidos do webhook. Consulte a documentação para verificação de assinatura.",
-        "signing_secret": "Segredo de assinatura",
         "source": "Fonte",
         "test_endpoint": "Testar Endpoint",
         "triggers": "Disparadores",
         "webhook_added_successfully": "Webhook adicionado com sucesso",
-        "webhook_created": "Webhook criado",
         "webhook_delete_confirmation": "Tem a certeza de que deseja eliminar este Webhook? Isto irá parar de lhe enviar quaisquer notificações futuras.",
         "webhook_deleted_successfully": "Webhook eliminado com sucesso",
         "webhook_name_placeholder": "Opcional: Rotule o seu webhook para fácil identificação",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Remover logótipo",
         "replace_logo": "Substituir logotipo",
         "resend_invitation_email": "Reenviar Email de Convite",
-        "security_list_tip": "Está inscrito na nossa Lista de Segurança? Mantenha-se informado para manter a sua instância segura!",
-        "security_list_tip_link": "Inscreva-se aqui.",
         "share_invite_link": "Partilhar Link de Convite",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Partilhe este link para permitir que o membro da sua organização se junte à sua organização:",
         "test_email_sent_successfully": "Email de teste enviado com sucesso",
@@ -1182,9 +1169,6 @@
         "assign": "Atribuir =",
         "audience": "Público",
         "auto_close_on_inactivity": "Fechar automaticamente por inatividade",
-        "auto_save_disabled": "Guardar automático desativado",
-        "auto_save_disabled_tooltip": "O seu inquérito só é guardado automaticamente quando está em rascunho. Isto garante que os inquéritos públicos não sejam atualizados involuntariamente.",
-        "auto_save_on": "Guardar automático ativado",
         "automatically_close_survey_after": "Fechar automaticamente o inquérito após",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Fechar automaticamente o inquérito após um certo número de respostas",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Fechar automaticamente o inquérito se o utilizador não responder após um certo número de segundos.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Nome de utilizador do Cal.com ou nome de utilizador/evento",
         "calculate": "Calcular",
         "capture_a_new_action_to_trigger_a_survey_on": "Capturar uma nova ação para desencadear um inquérito.",
-        "capture_ip_address": "Capturar endereço IP",
-        "capture_ip_address_description": "Armazenar o endereço IP do inquirido nos metadados da resposta para deteção de duplicados e fins de segurança",
         "capture_new_action": "Capturar nova ação",
         "card_arrangement_for_survey_type_derived": "Arranjo de Cartões para Inquéritos {surveyTypeDerived}",
         "card_background_color": "Cor de fundo do cartão",
@@ -1466,7 +1448,6 @@
         "please_specify": "Por favor, especifique",
         "prevent_double_submission": "Impedir submissão dupla",
         "prevent_double_submission_description": "Permitir apenas 1 resposta por endereço de email",
-        "progress_saved": "Progresso guardado",
         "protect_survey_with_pin": "Proteger inquérito com um PIN",
         "protect_survey_with_pin_description": "Apenas utilizadores com o PIN podem aceder ao inquérito.",
         "publish": "Publicar",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Ocorreu um erro ao transferir as respostas",
         "first_name": "Primeiro Nome",
         "how_to_identify_users": "Como identificar utilizadores",
-        "ip_address": "Endereço IP",
         "last_name": "Apelido",
         "not_completed": "Não Concluído ⏳",
         "os": "SO",

apps/web/locales/ro-RO.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Amestec de majuscule și minuscule",
       "please_verify_captcha": "Vă rugăm să verificați CAPTCHA",
       "privacy_policy": "Politica de confidențialitate",
-      "product_updates_description": "Noutăți lunare despre produse și actualizări de funcționalități; se aplică Politica de confidențialitate.",
-      "product_updates_title": "Actualizări de produs",
-      "security_updates_description": "Doar informații relevante pentru securitate; se aplică Politica de confidențialitate.",
-      "security_updates_title": "Actualizări de securitate",
       "terms_of_service": "Termeni de utilizare a serviciului",
       "title": "Creați-vă contul Formbricks"
     },
@@ -201,7 +197,6 @@
     "docs": "Documentație",
     "documentation": "Documentație",
     "domain": "Domeniu",
-    "done": "Gata",
     "download": "Descărcare",
     "draft": "Schiță",
     "duplicate": "Duplicități",
@@ -788,26 +783,20 @@
         "add_webhook": "Adaugă Webhook",
         "add_webhook_description": "Trimite datele de răspuns ale chestionarului la un punct final personalizat",
         "all_current_and_new_surveys": "Toate chestionarele curente și noi",
-        "copy_secret_now": "Copiază secretul de semnare",
         "created_by_third_party": "Creat de o Parte Terță",
         "discord_webhook_not_supported": "Webhook-urile Discord nu sunt în prezent suportate.",
         "empty_webhook_message": "Webhook-urile tale vor apărea aici de îndată ce le vei adăuga. ⏲️",
         "endpoint_pinged": "Grozav! Am reușit să ping-ui webhooks-ul!",
         "endpoint_pinged_error": "Nu pot să ping-ui webhooks-ul!",
-        "learn_to_verify": "Află cum să verifici semnăturile webhook",
         "please_check_console": "Vă rugăm să verificați consola pentru mai multe detalii",
         "please_enter_a_url": "Vă rugăm să introduceți un URL",
         "response_created": "Răspuns creat",
         "response_finished": "Răspuns finalizat",
         "response_updated": "Răspuns actualizat",
-        "secret_copy_warning": "Păstrează acest secret în siguranță. Îl poți vizualiza din nou în setările webhook-ului.",
-        "secret_description": "Folosește acest secret pentru a verifica cererile webhook. Vezi documentația pentru verificarea semnăturii.",
-        "signing_secret": "Secret de semnare",
         "source": "Sursă",
         "test_endpoint": "Punct final de test",
         "triggers": "Declanșatori",
         "webhook_added_successfully": "Webhook adăugat cu succes",
-        "webhook_created": "Webhook creat",
         "webhook_delete_confirmation": "Sigur doriți să ștergeți acest Webhook? Acest lucru va opri trimiterea oricăror notificări viitoare.",
         "webhook_deleted_successfully": "Webhook șters cu succes",
         "webhook_name_placeholder": "Opțional: Etichetează webhook-ul pentru identificare ușoară",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Înlătură siglă",
         "replace_logo": "Înlocuiește sigla",
         "resend_invitation_email": "Retrimite emailul de invitație",
-        "security_list_tip": "Ești abonat la lista noastră de securitate? Rămâi informat pentru a-ți menține instanța în siguranță!",
-        "security_list_tip_link": "Înscrie-te aici.",
         "share_invite_link": "Distribuie link-ul de invitație",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Distribuie acest link pentru a permite membrului organizației să se alăture organizației tale:",
         "test_email_sent_successfully": "Email de test trimis cu succes",
@@ -1182,9 +1169,6 @@
         "assign": "Atribuire =",
         "audience": "Public",
         "auto_close_on_inactivity": "Închidere automată la inactivitate",
-        "auto_save_disabled": "Salvare automată dezactivată",
-        "auto_save_disabled_tooltip": "Chestionarul dvs. este salvat automat doar când este în ciornă. Acest lucru asigură că sondajele publice nu sunt actualizate neintenționat.",
-        "auto_save_on": "Salvare automată activată",
         "automatically_close_survey_after": "Închideți automat sondajul după",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Închideți automat sondajul după un număr anumit de răspunsuri.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Închideți automat sondajul dacă utilizatorul nu răspunde după un anumit număr de secunde.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Utilizator Cal.com sau utilizator/eveniment",
         "calculate": "Calculați",
         "capture_a_new_action_to_trigger_a_survey_on": "Capturează o acțiune nouă pentru a declanșa un sondaj.",
-        "capture_ip_address": "Capturare adresă IP",
-        "capture_ip_address_description": "Stochează adresa IP a respondentului în metadatele răspunsului pentru detectarea duplicatelor și în scopuri de securitate",
         "capture_new_action": "Capturați acțiune nouă",
         "card_arrangement_for_survey_type_derived": "Aranjament de carduri pentru sondaje de tip {surveyTypeDerived}",
         "card_background_color": "Culoarea de fundal a cardului",
@@ -1466,7 +1448,6 @@
         "please_specify": "Vă rugăm să specificați",
         "prevent_double_submission": "Prevenire trimitere dublă",
         "prevent_double_submission_description": "Permite doar 1 răspuns per adresă de email.",
-        "progress_saved": "Progres salvat",
         "protect_survey_with_pin": "Protejați sondajul cu un PIN",
         "protect_survey_with_pin_description": "Doar utilizatorii care cunosc PIN-ul pot accesa sondajul.",
         "publish": "Publică",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "A apărut o eroare la descărcarea răspunsurilor",
         "first_name": "Prenume",
         "how_to_identify_users": "Cum să identifici utilizatorii",
-        "ip_address": "Adresă IP",
         "last_name": "Nume de familie",
         "not_completed": "Necompletat ⏳",
         "os": "SO",

apps/web/locales/ru-RU.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Сочетание заглавных и строчных букв",
       "please_verify_captcha": "Пожалуйста, подтвердите reCAPTCHA",
       "privacy_policy": "Политика конфиденциальности",
-      "product_updates_description": "Ежемесячные новости о продукте и обновления функций. Применяется Политика конфиденциальности.",
-      "product_updates_title": "Обновления продукта",
-      "security_updates_description": "Только важная информация по безопасности. Применяется Политика конфиденциальности.",
-      "security_updates_title": "Обновления безопасности",
       "terms_of_service": "Условия использования",
       "title": "Создайте аккаунт Formbricks"
     },
@@ -201,7 +197,6 @@
     "docs": "Документация",
     "documentation": "Документация",
     "domain": "Домен",
-    "done": "Готово",
     "download": "Скачать",
     "draft": "Черновик",
     "duplicate": "Дублировать",
@@ -788,26 +783,20 @@
         "add_webhook": "Добавить webhook",
         "add_webhook_description": "Отправляйте данные ответов на опрос на пользовательский endpoint",
         "all_current_and_new_surveys": "Все текущие и новые опросы",
-        "copy_secret_now": "Скопируйте ваш секрет подписи",
         "created_by_third_party": "Создано сторонней организацией",
         "discord_webhook_not_supported": "В настоящее время webhooks Discord не поддерживаются.",
         "empty_webhook_message": "Ваши webhooks появятся здесь, как только вы их добавите. ⏲️",
         "endpoint_pinged": "Ура! Нам удалось отправить ping на webhook!",
         "endpoint_pinged_error": "Не удалось отправить ping на webhook!",
-        "learn_to_verify": "Узнайте, как проверить подписи вебхуков",
         "please_check_console": "Пожалуйста, проверьте консоль для получения подробностей",
         "please_enter_a_url": "Пожалуйста, введите URL",
         "response_created": "Ответ создан",
         "response_finished": "Ответ завершён",
         "response_updated": "Ответ обновлён",
-        "secret_copy_warning": "Храните этот секрет в надёжном месте. Вы сможете просмотреть его снова в настройках webhook.",
-        "secret_description": "Используйте этот секрет для проверки запросов webhook. Подробнее о проверке подписи — в документации.",
-        "signing_secret": "Секрет подписи",
         "source": "Источник",
         "test_endpoint": "Тестировать endpoint",
         "triggers": "Триггеры",
         "webhook_added_successfully": "Webhook успешно добавлен",
-        "webhook_created": "Webhook создан",
         "webhook_delete_confirmation": "Вы уверены, что хотите удалить этот webhook? Это прекратит отправку вам любых дальнейших уведомлений.",
         "webhook_deleted_successfully": "Webhook успешно удалён",
         "webhook_name_placeholder": "Необязательно: дайте метку вашему webhook для удобной идентификации",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Удалить логотип",
         "replace_logo": "Заменить логотип",
         "resend_invitation_email": "Отправить приглашение повторно",
-        "security_list_tip": "Вы подписаны на нашу рассылку по безопасности? Будьте в курсе, чтобы обезопасить свой экземпляр!",
-        "security_list_tip_link": "Зарегистрируйтесь здесь.",
         "share_invite_link": "Поделиться ссылкой-приглашением",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Поделитесь этой ссылкой, чтобы участник вашей организации мог присоединиться к ней:",
         "test_email_sent_successfully": "Тестовое письмо успешно отправлено",
@@ -1182,9 +1169,6 @@
         "assign": "Назначить =",
         "audience": "Аудитория",
         "auto_close_on_inactivity": "Автоматически закрывать при бездействии",
-        "auto_save_disabled": "Автосохранение отключено",
-        "auto_save_disabled_tooltip": "Ваш опрос автоматически сохраняется только в режиме черновика. Это гарантирует, что публичные опросы не будут случайно обновлены.",
-        "auto_save_on": "Автосохранение включено",
         "automatically_close_survey_after": "Автоматически закрыть опрос через",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Автоматически закрывать опрос после определённого количества ответов.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Автоматически закрывать опрос, если пользователь не ответил за определённое количество секунд.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Имя пользователя Cal.com или username/event",
         "calculate": "Вычислить",
         "capture_a_new_action_to_trigger_a_survey_on": "Захватить новое действие для запуска опроса.",
-        "capture_ip_address": "Сохранять IP-адрес",
-        "capture_ip_address_description": "Сохранять IP-адрес респондента в метаданных ответа для обнаружения дубликатов и обеспечения безопасности",
         "capture_new_action": "Захватить новое действие",
         "card_arrangement_for_survey_type_derived": "Расположение карточек для опросов типа {surveyTypeDerived}",
         "card_background_color": "Цвет фона карточки",
@@ -1466,7 +1448,6 @@
         "please_specify": "Пожалуйста, уточните",
         "prevent_double_submission": "Предотвратить повторную отправку",
         "prevent_double_submission_description": "Разрешить только 1 ответ на один адрес электронной почты",
-        "progress_saved": "Прогресс сохранён",
         "protect_survey_with_pin": "Защитить опрос с помощью PIN-кода",
         "protect_survey_with_pin_description": "Только пользователи, у которых есть PIN-код, могут получить доступ к опросу.",
         "publish": "Опубликовать",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Произошла ошибка при загрузке ответов",
         "first_name": "Имя",
         "how_to_identify_users": "Как идентифицировать пользователей",
-        "ip_address": "IP-адрес",
         "last_name": "Фамилия",
         "not_completed": "Не завершено ⏳",
         "os": "ОС",

apps/web/locales/sv-SE.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "Blandning av stora och små bokstäver",
       "please_verify_captcha": "Vänligen verifiera reCAPTCHA",
       "privacy_policy": "Integritetspolicy",
-      "product_updates_description": "Månatliga produktnyheter och funktionsuppdateringar. Integritetspolicyn gäller.",
-      "product_updates_title": "Produktuppdateringar",
-      "security_updates_description": "Endast säkerhetsrelaterad information. Integritetspolicyn gäller.",
-      "security_updates_title": "Säkerhetsuppdateringar",
       "terms_of_service": "Användarvillkor",
       "title": "Skapa ditt Formbricks-konto"
     },
@@ -201,7 +197,6 @@
     "docs": "Dokumentation",
     "documentation": "Dokumentation",
     "domain": "Domän",
-    "done": "Klar",
     "download": "Ladda ner",
     "draft": "Utkast",
     "duplicate": "Duplicera",
@@ -788,26 +783,20 @@
         "add_webhook": "Lägg till webhook",
         "add_webhook_description": "Skicka enkätsvardata till en anpassad endpoint",
         "all_current_and_new_surveys": "Alla nuvarande och nya enkäter",
-        "copy_secret_now": "Kopiera din signeringsnyckel",
         "created_by_third_party": "Skapad av tredje part",
         "discord_webhook_not_supported": "Discord-webhooks stöds för närvarande inte.",
         "empty_webhook_message": "Dina webhooks visas här så snart du lägger till dem. ⏲️",
         "endpoint_pinged": "Ja! Vi kan nå webhooken!",
         "endpoint_pinged_error": "Kunde inte nå webhooken!",
-        "learn_to_verify": "Lär dig hur du verifierar webhook-signaturer",
         "please_check_console": "Vänligen kontrollera konsolen för mer information",
         "please_enter_a_url": "Vänligen ange en URL",
         "response_created": "Svar skapat",
         "response_finished": "Svar slutfört",
         "response_updated": "Svar uppdaterat",
-        "secret_copy_warning": "Förvara denna nyckel säkert. Du kan visa den igen i webhook-inställningarna.",
-        "secret_description": "Använd denna nyckel för att verifiera webhook-förfrågningar. Se dokumentationen för signaturverifiering.",
-        "signing_secret": "Signeringsnyckel",
         "source": "Källa",
         "test_endpoint": "Testa endpoint",
         "triggers": "Utlösare",
         "webhook_added_successfully": "Webhook tillagd",
-        "webhook_created": "Webhook skapad",
         "webhook_delete_confirmation": "Är du säker på att du vill ta bort denna webhook? Detta kommer att stoppa alla ytterligare notifieringar.",
         "webhook_deleted_successfully": "Webhook borttagen",
         "webhook_name_placeholder": "Valfritt: Namnge din webhook för enkel identifiering",
@@ -1019,8 +1008,6 @@
         "remove_logo": "Ta bort logotyp",
         "replace_logo": "Ersätt logotyp",
         "resend_invitation_email": "Skicka inbjudningsmejl igen",
-        "security_list_tip": "Är du med på vår säkerhetslista? Håll dig informerad för att skydda din instans!",
-        "security_list_tip_link": "Registrera dig här.",
         "share_invite_link": "Dela inbjudningslänk",
         "share_this_link_to_let_your_organization_member_join_your_organization": "Dela denna länk för att låta din organisationsmedlem gå med i din organisation:",
         "test_email_sent_successfully": "Test-e-post skickat",
@@ -1182,9 +1169,6 @@
         "assign": "Tilldela =",
         "audience": "Målgrupp",
         "auto_close_on_inactivity": "Stäng automatiskt vid inaktivitet",
-        "auto_save_disabled": "Automatisk sparning inaktiverad",
-        "auto_save_disabled_tooltip": "Din enkät sparas endast automatiskt när den är ett utkast. Detta säkerställer att publika enkäter inte uppdateras oavsiktligt.",
-        "auto_save_on": "Automatisk sparning på",
         "automatically_close_survey_after": "Stäng enkäten automatiskt efter",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "Stäng enkäten automatiskt efter ett visst antal svar.",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "Stäng enkäten automatiskt om användaren inte svarar efter ett visst antal sekunder.",
@@ -1206,8 +1190,6 @@
         "cal_username": "Cal.com-användarnamn eller användarnamn/händelse",
         "calculate": "Beräkna",
         "capture_a_new_action_to_trigger_a_survey_on": "Fånga en ny åtgärd att utlösa en enkät på.",
-        "capture_ip_address": "Registrera IP-adress",
-        "capture_ip_address_description": "Spara respondentens IP-adress i svarsmetadatan för att upptäcka dubbletter och av säkerhetsskäl",
         "capture_new_action": "Fånga ny åtgärd",
         "card_arrangement_for_survey_type_derived": "Kortarrangemang för {surveyTypeDerived}-enkäter",
         "card_background_color": "Kortets bakgrundsfärg",
@@ -1466,7 +1448,6 @@
         "please_specify": "Vänligen specificera",
         "prevent_double_submission": "Förhindra dubbelinskickning",
         "prevent_double_submission_description": "Tillåt endast 1 svar per e-postadress",
-        "progress_saved": "Framsteg sparade",
         "protect_survey_with_pin": "Skydda enkäten med en PIN",
         "protect_survey_with_pin_description": "Endast användare som har PIN-koden kan komma åt enkäten.",
         "publish": "Publicera",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "Ett fel uppstod vid nedladdning av svar",
         "first_name": "Förnamn",
         "how_to_identify_users": "Hur man identifierar användare",
-        "ip_address": "IP-adress",
         "last_name": "Efternamn",
         "not_completed": "Inte slutförd ⏳",
         "os": "OS",

apps/web/locales/zh-Hans-CN.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "大小写混合",
       "please_verify_captcha": "请 验证 reCAPTCHA",
       "privacy_policy": "隐私政策",
-      "product_updates_description": "每月产品新闻和功能更新，适用隐私政策。",
-      "product_updates_title": "产品更新",
-      "security_updates_description": "仅限安全相关信息，适用隐私政策。",
-      "security_updates_title": "安全更新",
       "terms_of_service": "服务条款",
       "title": "创建你的 Formbricks 账户"
     },
@@ -201,7 +197,6 @@
     "docs": "文档",
     "documentation": "文档",
     "domain": "域名",
-    "done": "完成",
     "download": "下载",
     "draft": "草稿",
     "duplicate": "复制",
@@ -788,26 +783,20 @@
         "add_webhook": "添加 Webhook",
         "add_webhook_description": "发送 调查 响应 数据 到 自定义 端点",
         "all_current_and_new_surveys": "所有 当前 和 新的 调查",
-        "copy_secret_now": "复制您的签名密钥",
         "created_by_third_party": "由 第三方 创建",
         "discord_webhook_not_supported": "Discord webhooks 目前不 支持。",
         "empty_webhook_message": "您的 Webhooks 会在您 添加 后 出现在这里。 ⏲️",
         "endpoint_pinged": "太好了! 我们能 ping 该 webhook!",
         "endpoint_pinged_error": "无法 ping 该 webhook！",
-        "learn_to_verify": "了解如何验证 webhook 签名",
         "please_check_console": "请查看控制台以获取更多详情",
         "please_enter_a_url": "请输入一个 URL",
         "response_created": "创建 响应",
         "response_finished": "响应 完成",
         "response_updated": "更新 响应",
-        "secret_copy_warning": "请妥善保存此密钥。您可以在 Webhook 设置中再次查看。",
-        "secret_description": "使用此密钥验证 Webhook 请求。有关签名验证，请参阅文档。",
-        "signing_secret": "签名密钥",
         "source": "来源",
         "test_endpoint": "测试 端点",
         "triggers": "触发器",
         "webhook_added_successfully": "Webhook 添加成功",
-        "webhook_created": "Webhook 已创建",
         "webhook_delete_confirmation": "您 确定 要 删除 此 Webhook 吗？这 将 停止 向 您 发送 更多 通知 。",
         "webhook_deleted_successfully": "Webhook 删除 成功",
         "webhook_name_placeholder": "可选 ： 为 您的 Webhook 标注 标签 以 便于 识别",
@@ -1019,8 +1008,6 @@
         "remove_logo": "移除 logo",
         "replace_logo": "替换 logo",
         "resend_invitation_email": "重新发送邀请邮件",
-        "security_list_tip": "您已订阅我们的安全列表了吗？保持关注，保障您的实例安全！",
-        "security_list_tip_link": "点击此处注册。",
         "share_invite_link": "分享邀请链接",
         "share_this_link_to_let_your_organization_member_join_your_organization": "分享 这个 链接 以 让 你的 组织 成员 加入 你的 组织：",
         "test_email_sent_successfully": "测试 邮件 发送 成功",
@@ -1182,9 +1169,6 @@
         "assign": "指派 =",
         "audience": "受众",
         "auto_close_on_inactivity": "自动关闭 在 无活动时",
-        "auto_save_disabled": "自动保存已禁用",
-        "auto_save_disabled_tooltip": "您的调查仅在草稿状态时自动保存。这确保公开的调查不会被意外更新。",
-        "auto_save_on": "自动保存已启用",
         "automatically_close_survey_after": "自动 关闭 调查 后",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "自动 关闭 调查 在 达到 一定数量 的 回应 后",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "用户未在一定秒数内应答时 自动关闭 问卷",
@@ -1206,8 +1190,6 @@
         "cal_username": "Cal.com 用户名 或 用户名/事件",
         "calculate": "计算",
         "capture_a_new_action_to_trigger_a_survey_on": "捕获一个新动作以触发调查。",
-        "capture_ip_address": "记录IP地址",
-        "capture_ip_address_description": "将答题者的IP地址存储在响应元数据中，用于重复检测和安全目的",
         "capture_new_action": "捕获 新动作",
         "card_arrangement_for_survey_type_derived": "{surveyTypeDerived} 调查 的 卡片 布局",
         "card_background_color": "卡片 的 背景 颜色",
@@ -1466,7 +1448,6 @@
         "please_specify": "请 指定",
         "prevent_double_submission": "防止 重复 提交",
         "prevent_double_submission_description": "只允许每个 email 地址提供 1 个回复",
-        "progress_saved": "进度已保存",
         "protect_survey_with_pin": "使用 PIN 保护 调查",
         "protect_survey_with_pin_description": "只有 拥有 PIN 的 用户 可以 访问 调查。",
         "publish": "发布",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "下载答复时发生错误",
         "first_name": "名字",
         "how_to_identify_users": "如何 识别 用户",
-        "ip_address": "IP地址",
         "last_name": "姓",
         "not_completed": "未完成 ⏳",
         "os": "操作系统",

apps/web/locales/zh-Hant-TW.json

@@ -75,10 +75,6 @@
       "password_validation_uppercase_and_lowercase": "混合使用大小寫字母",
       "please_verify_captcha": "請驗證 reCAPTCHA",
       "privacy_policy": "隱私權政策",
-      "product_updates_description": "每月產品新聞與功能更新，適用隱私權政策。",
-      "product_updates_title": "產品更新",
-      "security_updates_description": "僅限安全相關資訊，適用隱私權政策。",
-      "security_updates_title": "安全更新",
       "terms_of_service": "服務條款",
       "title": "建立您的 Formbricks 帳戶"
     },
@@ -201,7 +197,6 @@
     "docs": "文件",
     "documentation": "文件",
     "domain": "網域",
-    "done": "完成",
     "download": "下載",
     "draft": "草稿",
     "duplicate": "複製",
@@ -788,26 +783,20 @@
         "add_webhook": "新增 Webhook",
         "add_webhook_description": "將問卷回應資料傳送至自訂端點",
         "all_current_and_new_surveys": "所有目前和新的問卷",
-        "copy_secret_now": "複製您的簽章密鑰",
         "created_by_third_party": "由第三方建立",
         "discord_webhook_not_supported": "目前不支援 Discord webhooks。",
         "empty_webhook_message": "您的 Webhook 將在您新增後立即顯示在此處。⏲️",
         "endpoint_pinged": "耶！我們能夠 ping Webhook！",
         "endpoint_pinged_error": "無法 ping Webhook！",
-        "learn_to_verify": "了解如何驗證 webhook 簽章",
         "please_check_console": "請檢查主控台以取得更多詳細資料",
         "please_enter_a_url": "請輸入網址",
         "response_created": "已建立回應",
         "response_finished": "已完成回應",
         "response_updated": "已更新回應",
-        "secret_copy_warning": "請妥善保存此密鑰。您可以在 Webhook 設定中再次查看。",
-        "secret_description": "使用此密鑰來驗證 Webhook 請求。請參閱文件以了解簽章驗證方式。",
-        "signing_secret": "簽章密鑰",
         "source": "來源",
         "test_endpoint": "測試端點",
         "triggers": "觸發器",
         "webhook_added_successfully": "Webhook 已成功新增",
-        "webhook_created": "Webhook 已建立",
         "webhook_delete_confirmation": "您確定要刪除此 Webhook 嗎？這將停止向您發送任何進一步的通知。",
         "webhook_deleted_successfully": "Webhook 已成功刪除",
         "webhook_name_placeholder": "選填：為您的 Webhook 加上標籤以便於識別",
@@ -1019,8 +1008,6 @@
         "remove_logo": "移除標誌",
         "replace_logo": "取代標誌",
         "resend_invitation_email": "重新發送邀請電子郵件",
-        "security_list_tip": "您已訂閱我們的安全名單了嗎？保持關注，確保您的實例安全！",
-        "security_list_tip_link": "請在此註冊。",
         "share_invite_link": "分享邀請連結",
         "share_this_link_to_let_your_organization_member_join_your_organization": "分享此連結以讓您的組織成員加入您的組織：",
         "test_email_sent_successfully": "測試電子郵件已成功發送",
@@ -1182,9 +1169,6 @@
         "assign": "等於 =",
         "audience": "受眾",
         "auto_close_on_inactivity": "非活動時自動關閉",
-        "auto_save_disabled": "自動儲存已停用",
-        "auto_save_disabled_tooltip": "您的問卷僅在草稿狀態時自動儲存。這確保公開的問卷不會被意外更新。",
-        "auto_save_on": "自動儲存已啟用",
         "automatically_close_survey_after": "在指定時間自動關閉問卷",
         "automatically_close_the_survey_after_a_certain_number_of_responses": "在收到一定數量的回覆後自動關閉問卷。",
         "automatically_close_the_survey_if_the_user_does_not_respond_after_certain_number_of_seconds": "如果用戶在特定秒數後未回應，則自動關閉問卷。",
@@ -1206,8 +1190,6 @@
         "cal_username": "Cal.com 使用者名稱或使用者名稱/事件",
         "calculate": "計算",
         "capture_a_new_action_to_trigger_a_survey_on": "擷取新的操作以觸發問卷。",
-        "capture_ip_address": "擷取 IP 位址",
-        "capture_ip_address_description": "將受訪者的 IP 位址儲存在回應中繼資料中，以便進行重複檢測與安全性用途",
         "capture_new_action": "擷取新操作",
         "card_arrangement_for_survey_type_derived": "'{'surveyTypeDerived'}' 問卷的卡片排列",
         "card_background_color": "卡片背景顏色",
@@ -1466,7 +1448,6 @@
         "please_specify": "請指定",
         "prevent_double_submission": "防止重複提交",
         "prevent_double_submission_description": "每個電子郵件地址僅允許 1 個回應",
-        "progress_saved": "進度已儲存",
         "protect_survey_with_pin": "使用 PIN 碼保護問卷",
         "protect_survey_with_pin_description": "只有擁有 PIN 碼的使用者才能存取問卷。",
         "publish": "發布",
@@ -1665,7 +1646,6 @@
         "error_downloading_responses": "下載回應時發生錯誤",
         "first_name": "名字",
         "how_to_identify_users": "如何識別使用者",
-        "ip_address": "IP 位址",
         "last_name": "姓氏",
         "not_completed": "未完成 ⏳",
         "os": "作業系統",

apps/web/middleware.ts

@@ -56,7 +56,7 @@ const handleDomainAwareRouting = (request: NextRequest): Response | null => {
   }
 };
 
-export const proxy = async (originalRequest: NextRequest) => {
+export const middleware = async (originalRequest: NextRequest) => {
   // Handle domain-aware routing first
   const domainResponse = handleDomainAwareRouting(originalRequest);
   if (domainResponse) return domainResponse;

apps/web/modules/analysis/components/ShareSurveyLink/components/LanguageDropdown.tsx

@@ -1,15 +1,11 @@
 import { Languages } from "lucide-react";
+import { useRef, useState } from "react";
 import { getLanguageLabel } from "@formbricks/i18n-utils/src/utils";
 import { TSurvey } from "@formbricks/types/surveys/types";
 import { TUserLocale } from "@formbricks/types/user";
 import { getEnabledLanguages } from "@/lib/i18n/utils";
+import { useClickOutside } from "@/lib/utils/hooks/useClickOutside";
 import { Button } from "@/modules/ui/components/button";
-import {
-  DropdownMenu,
-  DropdownMenuContent,
-  DropdownMenuItem,
-  DropdownMenuTrigger,
-} from "@/modules/ui/components/dropdown-menu";
 
 interface LanguageDropdownProps {
   survey: TSurvey;
@@ -18,31 +14,38 @@ interface LanguageDropdownProps {
 }
 
 export const LanguageDropdown = ({ survey, setLanguage, locale }: LanguageDropdownProps) => {
+  const [showLanguageSelect, setShowLanguageSelect] = useState(false);
+  const containerRef = useRef(null);
   const enabledLanguages = getEnabledLanguages(survey.languages ?? []);
 
-  if (enabledLanguages.length <= 1) {
-    return null;
-  }
+  useClickOutside(containerRef, () => setShowLanguageSelect(false));
 
   return (
-    <DropdownMenu>
-      <DropdownMenuTrigger asChild>
-        <Button variant="secondary" title="Select Language" aria-label="Select Language">
+    enabledLanguages.length > 1 && (
+      <div className="relative" ref={containerRef}>
+        {showLanguageSelect && (
+          <div className="absolute top-12 z-30 max-h-64 max-w-48 overflow-auto rounded-lg border bg-slate-900 p-1 text-sm text-white">
+            {enabledLanguages.map((surveyLanguage) => (
+              <button
+                key={surveyLanguage.language.code}
+                className="w-full truncate rounded-md p-2 text-start hover:cursor-pointer hover:bg-slate-700"
+                onClick={() => {
+                  setLanguage(surveyLanguage.language.code);
+                  setShowLanguageSelect(false);
+                }}>
+                {getLanguageLabel(surveyLanguage.language.code, locale)}
+              </button>
+            ))}
+          </div>
+        )}
+        <Button
+          variant="secondary"
+          title="Select Language"
+          aria-label="Select Language"
+          onClick={() => setShowLanguageSelect(!showLanguageSelect)}>
           <Languages className="h-5 w-5" />
         </Button>
-      </DropdownMenuTrigger>
-      <DropdownMenuContent
-        className="max-h-64 max-w-48 overflow-auto bg-slate-900 p-1 text-sm text-white"
-        align="start">
-        {enabledLanguages.map((surveyLanguage) => (
-          <DropdownMenuItem
-            key={surveyLanguage.language.code}
-            className="w-full truncate rounded-md p-2 text-start text-white hover:cursor-pointer hover:bg-slate-700 focus:bg-slate-700"
-            onSelect={() => setLanguage(surveyLanguage.language.code)}>
-            {getLanguageLabel(surveyLanguage.language.code, locale)}
-          </DropdownMenuItem>
-        ))}
-      </DropdownMenuContent>
-    </DropdownMenu>
+      </div>
+    )
   );
 };

apps/web/modules/analysis/components/SingleResponseCard/components/SingleResponseCardMetadata.tsx

@@ -123,11 +123,6 @@ export const SingleResponseCardMetadata = ({ response, locale }: SingleResponseC
           {t("environments.surveys.responses.country")}: {response.meta.country}
         </p>
       )}
-      {response.meta.ipAddress && (
-        <p className="truncate" title={`IP Address: ${response.meta.ipAddress}`}>
-          {t("environments.surveys.responses.ip_address")}: {response.meta.ipAddress}
-        </p>
-      )}
     </div>
   ) : null;
 

apps/web/modules/api/v2/management/lib/utils.test.ts

@@ -1,10 +1,10 @@
 import { Prisma } from "@prisma/client";
-import { describe, expect, test } from "vitest";
+import { describe, expect, it } from "vitest";
 import { buildCommonFilterQuery } from "./utils";
 
 describe("buildCommonFilterQuery", () => {
   // Test for line 32: spread existing date filter when adding startDate
-  test("should preserve existing date filter when adding startDate", () => {
+  it("should preserve existing date filter when adding startDate", () => {
     const query: Prisma.ResponseFindManyArgs = {
       where: {
         createdAt: {
@@ -23,7 +23,7 @@ describe("buildCommonFilterQuery", () => {
   });
 
   // Test for line 45: spread existing date filter when adding endDate
-  test("should preserve existing date filter when adding endDate", () => {
+  it("should preserve existing date filter when adding endDate", () => {
     const query: Prisma.ResponseFindManyArgs = {
       where: {
         createdAt: {

apps/web/modules/api/v2/management/webhooks/[webhookId]/types/webhooks.ts

@@ -21,7 +21,6 @@ export const ZWebhookUpdateSchema = ZWebhook.omit({
   createdAt: true,
   updatedAt: true,
   environmentId: true,
-  secret: true,
 }).openapi({
   ref: "webhookUpdate",
   description: "A webhook to update.",

apps/web/modules/api/v2/management/webhooks/lib/webhook.ts

@@ -1,7 +1,6 @@
 import { Prisma, Webhook } from "@prisma/client";
 import { prisma } from "@formbricks/database";
 import { Result, err, ok } from "@formbricks/types/error-handlers";
-import { generateWebhookSecret } from "@/lib/crypto";
 import { getWebhooksQuery } from "@/modules/api/v2/management/webhooks/lib/utils";
 import { TGetWebhooksFilter, TWebhookInput } from "@/modules/api/v2/management/webhooks/types/webhooks";
 import { ApiErrorResponseV2 } from "@/modules/api/v2/types/api-error";
@@ -50,8 +49,6 @@ export const createWebhook = async (webhook: TWebhookInput): Promise<Result<Webh
   const { environmentId, name, url, source, triggers, surveyIds } = webhook;
 
   try {
-    const secret = generateWebhookSecret();
-
     const prismaData: Prisma.WebhookCreateInput = {
       environment: {
         connect: {
@@ -63,7 +60,6 @@ export const createWebhook = async (webhook: TWebhookInput): Promise<Result<Webh
       source,
       triggers,
       surveyIds,
-      secret,
     };
 
     const createdWebhook = await prisma.webhook.create({

apps/web/modules/auth/signup/actions.ts

@@ -18,7 +18,6 @@ import { applyIPRateLimit } from "@/modules/core/rate-limit/helpers";
 import { rateLimitConfigs } from "@/modules/core/rate-limit/rate-limit-configs";
 import { withAuditLogging } from "@/modules/ee/audit-logs/lib/handler";
 import { getIsMultiOrgEnabled } from "@/modules/ee/license-check/lib/utils";
-import { subscribeUserToMailingList } from "@/modules/ee/mailing/lib/mailing-subscription";
 import { sendInviteAcceptedEmail, sendVerificationEmail } from "@/modules/email";
 
 const ZCreatedUser = ZUser.pick({
@@ -45,9 +44,6 @@ const ZCreateUserAction = z.object({
       (token) => !IS_TURNSTILE_CONFIGURED || (IS_TURNSTILE_CONFIGURED && token),
       "CAPTCHA verification required"
     ),
-  isFormbricksCloud: z.boolean(),
-  subscribeToSecurityUpdates: z.boolean().optional(),
-  subscribeToProductUpdates: z.boolean().optional(),
 });
 
 async function verifyTurnstileIfConfigured(turnstileToken: string | undefined): Promise<void> {
@@ -195,13 +191,6 @@ export const createUserAction = actionClient.schema(ZCreateUserAction).action(
           parsedInput.inviteToken,
           parsedInput.emailVerificationDisabled
         );
-
-        await subscribeUserToMailingList({
-          email: user.email,
-          isFormbricksCloud: parsedInput.isFormbricksCloud,
-          subscribeToSecurityUpdates: parsedInput.subscribeToSecurityUpdates,
-          subscribeToProductUpdates: parsedInput.subscribeToProductUpdates,
-        });
       }
 
       if (user) {

apps/web/modules/auth/signup/components/signup-form.tsx

@@ -15,7 +15,6 @@ import { createUserAction } from "@/modules/auth/signup/actions";
 import { TermsPrivacyLinks } from "@/modules/auth/signup/components/terms-privacy-links";
 import { SSOOptions } from "@/modules/ee/sso/components/sso-options";
 import { Button } from "@/modules/ui/components/button";
-import { Checkbox } from "@/modules/ui/components/checkbox";
 import { FormControl, FormError, FormField, FormItem } from "@/modules/ui/components/form";
 import { Input } from "@/modules/ui/components/input";
 import { PasswordInput } from "@/modules/ui/components/password-input";
@@ -49,7 +48,6 @@ interface SignupFormProps {
   samlTenant: string;
   samlProduct: string;
   turnstileSiteKey?: string;
-  isFormbricksCloud: boolean;
 }
 
 export const SignupForm = ({
@@ -71,7 +69,6 @@ export const SignupForm = ({
   samlTenant,
   samlProduct,
   turnstileSiteKey,
-  isFormbricksCloud,
 }: SignupFormProps) => {
   const [showLogin, setShowLogin] = useState(false);
   const searchParams = useSearchParams();
@@ -79,8 +76,6 @@ export const SignupForm = ({
   const inviteToken = searchParams?.get("inviteToken");
   const router = useRouter();
   const [turnstileToken, setTurnstileToken] = useState<string>();
-  const [subscribeToSecurityUpdates, setSubscribeToSecurityUpdates] = useState(false);
-  const [subscribeToProductUpdates, setSubscribeToProductUpdates] = useState(false);
 
   const turnstile = useTurnstile();
 
@@ -115,9 +110,6 @@ export const SignupForm = ({
         inviteToken: inviteToken ?? "",
         emailVerificationDisabled,
         turnstileToken,
-        isFormbricksCloud,
-        subscribeToSecurityUpdates,
-        subscribeToProductUpdates,
       });
 
       const emailTokenActionResponse = await createEmailTokenAction({ email: data.email });
@@ -247,43 +239,6 @@ export const SignupForm = ({
               />
             )}
 
-            {showLogin &&
-              (isFormbricksCloud ? (
-                <label
-                  htmlFor="product-updates"
-                  className="my-4 flex cursor-pointer space-x-2 rounded-md border border-slate-200 bg-slate-100 p-2 text-left">
-                  <Checkbox
-                    id="product-updates"
-                    checked={subscribeToProductUpdates}
-                    onCheckedChange={(checked) => setSubscribeToProductUpdates(checked === true)}
-                    className="mt-0.5 h-4 w-4"
-                  />
-                  <div>
-                    <span className="text-sm font-medium text-slate-700">
-                      {t("auth.signup.product_updates_title")}
-                    </span>
-                    <p className="text-xs text-slate-500">{t("auth.signup.product_updates_description")}</p>
-                  </div>
-                </label>
-              ) : (
-                <label
-                  htmlFor="security-updates"
-                  className="my-4 flex cursor-pointer space-x-2 rounded-md border border-slate-200 bg-slate-100 p-2 text-left">
-                  <Checkbox
-                    id="security-updates"
-                    checked={subscribeToSecurityUpdates}
-                    onCheckedChange={(checked) => setSubscribeToSecurityUpdates(checked === true)}
-                    className="mt-0.5 h-4 w-4"
-                  />
-                  <div>
-                    <span className="text-sm font-medium text-slate-700">
-                      {t("auth.signup.security_updates_title")}
-                    </span>
-                    <p className="text-xs text-slate-500">{t("auth.signup.security_updates_description")}</p>
-                  </div>
-                </label>
-              ))}
-
             {showLogin && (
               <Button
                 data-testid="signup-submit"

apps/web/modules/auth/signup/page.tsx

@@ -5,7 +5,6 @@ import {
   EMAIL_VERIFICATION_DISABLED,
   GITHUB_OAUTH_ENABLED,
   GOOGLE_OAUTH_ENABLED,
-  IS_FORMBRICKS_CLOUD,
   IS_TURNSTILE_CONFIGURED,
   OIDC_DISPLAY_NAME,
   OIDC_OAUTH_ENABLED,
@@ -77,7 +76,6 @@ export const SignupPage = async ({ searchParams: searchParamsProps }) => {
           samlTenant={SAML_TENANT}
           samlProduct={SAML_PRODUCT}
           turnstileSiteKey={TURNSTILE_SITE_KEY}
-          isFormbricksCloud={IS_FORMBRICKS_CLOUD}
         />
       </FormWrapper>
     </div>

apps/web/modules/ee/license-check/lib/license.ts

@@ -30,7 +30,6 @@ const CONFIG = {
       env.ENVIRONMENT === "staging"
         ? "https://staging.ee.formbricks.com/api/licenses/check"
         : "https://ee.formbricks.com/api/licenses/check",
-    // ENDPOINT: "https://localhost:8080/api/licenses/check",
     TIMEOUT_MS: 5000,
   },
 } as const;

apps/web/modules/ee/mailing/lib/mailing-subscription.test.ts

@@ -1,205 +0,0 @@
-import { afterEach, beforeEach, describe, expect, test, vi } from "vitest";
-import { logger } from "@formbricks/logger";
-import { subscribeToMailingList, subscribeUserToMailingList } from "./mailing-subscription";
-
-vi.mock("@formbricks/logger", () => ({
-  logger: {
-    error: vi.fn(),
-    info: vi.fn(),
-  },
-}));
-
-vi.mock("@/lib/utils/validate", () => ({
-  validateInputs: vi.fn(),
-}));
-
-globalThis.fetch = vi.fn();
-
-describe("subscribeToMailingList", () => {
-  beforeEach(() => {
-    vi.clearAllMocks();
-    vi.useFakeTimers();
-  });
-
-  afterEach(() => {
-    vi.useRealTimers();
-  });
-
-  test("should successfully subscribe to security mailing list", async () => {
-    vi.mocked(globalThis.fetch).mockResolvedValueOnce(new Response(null, { status: 200 }));
-
-    const result = await subscribeToMailingList({
-      email: "test@example.com",
-      listId: "security",
-    });
-
-    expect(result).toEqual({ success: true });
-    expect(globalThis.fetch).toHaveBeenCalledWith(
-      "https://ee.formbricks.com/api/v1/public/mailing/security/subscriptions",
-      expect.objectContaining({
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ email: "test@example.com" }),
-      })
-    );
-    expect(logger.info).toHaveBeenCalledWith(
-      { listId: "security" },
-      "Successfully subscribed to security mailing list"
-    );
-  });
-
-  test("should successfully subscribe to product-updates mailing list", async () => {
-    vi.mocked(globalThis.fetch).mockResolvedValueOnce(new Response(null, { status: 200 }));
-
-    const result = await subscribeToMailingList({
-      email: "test@example.com",
-      listId: "product-updates",
-    });
-
-    expect(result).toEqual({ success: true });
-    expect(globalThis.fetch).toHaveBeenCalledWith(
-      "https://ee.formbricks.com/api/v1/public/mailing/product-updates/subscriptions",
-      expect.objectContaining({
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ email: "test@example.com" }),
-      })
-    );
-  });
-
-  test("should return error when API returns non-ok response", async () => {
-    vi.mocked(globalThis.fetch).mockResolvedValueOnce(
-      new Response("Bad Request", { status: 400, statusText: "Bad Request" })
-    );
-
-    const result = await subscribeToMailingList({
-      email: "test@example.com",
-      listId: "security",
-    });
-
-    expect(result).toEqual({ success: false, error: "Failed to subscribe: 400" });
-    expect(logger.error).toHaveBeenCalledWith(
-      { status: 400, error: "Bad Request" },
-      "Failed to subscribe to security mailing list"
-    );
-  });
-
-  test("should return error when fetch throws an error", async () => {
-    vi.mocked(globalThis.fetch).mockRejectedValueOnce(new Error("Network error"));
-
-    const result = await subscribeToMailingList({
-      email: "test@example.com",
-      listId: "security",
-    });
-
-    expect(result).toEqual({ success: false, error: "Failed to subscribe to mailing list" });
-    expect(logger.error).toHaveBeenCalledWith(
-      expect.any(Error),
-      "Error subscribing to security mailing list"
-    );
-  });
-
-  test("should return timeout error when request times out", async () => {
-    const abortError = new Error("Aborted");
-    abortError.name = "AbortError";
-    vi.mocked(globalThis.fetch).mockRejectedValueOnce(abortError);
-
-    const result = await subscribeToMailingList({
-      email: "test@example.com",
-      listId: "security",
-    });
-
-    expect(result).toEqual({ success: false, error: "Request timed out" });
-    expect(logger.error).toHaveBeenCalledWith(
-      { listId: "security" },
-      "Mailing subscription request timed out"
-    );
-  });
-});
-
-describe("subscribeUserToMailingList", () => {
-  beforeEach(() => {
-    vi.clearAllMocks();
-  });
-
-  test("should subscribe to product-updates when isFormbricksCloud is true and subscribeToProductUpdates is true", async () => {
-    vi.mocked(globalThis.fetch).mockResolvedValueOnce(new Response(null, { status: 200 }));
-
-    await subscribeUserToMailingList({
-      email: "test@example.com",
-      isFormbricksCloud: true,
-      subscribeToProductUpdates: true,
-      subscribeToSecurityUpdates: false,
-    });
-
-    expect(globalThis.fetch).toHaveBeenCalledWith(
-      "https://ee.formbricks.com/api/v1/public/mailing/product-updates/subscriptions",
-      expect.any(Object)
-    );
-  });
-
-  test("should not subscribe when isFormbricksCloud is true but subscribeToProductUpdates is false", async () => {
-    await subscribeUserToMailingList({
-      email: "test@example.com",
-      isFormbricksCloud: true,
-      subscribeToProductUpdates: false,
-      subscribeToSecurityUpdates: true,
-    });
-
-    expect(globalThis.fetch).not.toHaveBeenCalled();
-  });
-
-  test("should subscribe to security when isFormbricksCloud is false and subscribeToSecurityUpdates is true", async () => {
-    vi.mocked(globalThis.fetch).mockResolvedValueOnce(new Response(null, { status: 200 }));
-
-    await subscribeUserToMailingList({
-      email: "test@example.com",
-      isFormbricksCloud: false,
-      subscribeToSecurityUpdates: true,
-      subscribeToProductUpdates: false,
-    });
-
-    expect(globalThis.fetch).toHaveBeenCalledWith(
-      "https://ee.formbricks.com/api/v1/public/mailing/security/subscriptions",
-      expect.any(Object)
-    );
-  });
-
-  test("should not subscribe when isFormbricksCloud is false but subscribeToSecurityUpdates is false", async () => {
-    await subscribeUserToMailingList({
-      email: "test@example.com",
-      isFormbricksCloud: false,
-      subscribeToSecurityUpdates: false,
-      subscribeToProductUpdates: true,
-    });
-
-    expect(globalThis.fetch).not.toHaveBeenCalled();
-  });
-
-  test("should not subscribe when both subscription flags are undefined", async () => {
-    await subscribeUserToMailingList({
-      email: "test@example.com",
-      isFormbricksCloud: true,
-    });
-
-    expect(globalThis.fetch).not.toHaveBeenCalled();
-  });
-
-  test("should prioritize product-updates for cloud users even if security is also true", async () => {
-    vi.mocked(globalThis.fetch).mockResolvedValueOnce(new Response(null, { status: 200 }));
-
-    await subscribeUserToMailingList({
-      email: "test@example.com",
-      isFormbricksCloud: true,
-      subscribeToProductUpdates: true,
-      subscribeToSecurityUpdates: true,
-    });
-
-    // Should only call product-updates endpoint for cloud users
-    expect(globalThis.fetch).toHaveBeenCalledTimes(1);
-    expect(globalThis.fetch).toHaveBeenCalledWith(
-      "https://ee.formbricks.com/api/v1/public/mailing/product-updates/subscriptions",
-      expect.any(Object)
-    );
-  });
-});

apps/web/modules/ee/mailing/lib/mailing-subscription.ts

@@ -1,91 +0,0 @@
-"use server";
-
-import { logger } from "@formbricks/logger";
-import { TUserEmail, ZUserEmail } from "@formbricks/types/user";
-import { validateInputs } from "@/lib/utils/validate";
-
-export type TMailingListId = "security" | "product-updates";
-
-const MAILING_LIST_ENDPOINTS: Record<TMailingListId, string> = {
-  security: "https://ee.formbricks.com/api/v1/public/mailing/security/subscriptions",
-  "product-updates": "https://ee.formbricks.com/api/v1/public/mailing/product-updates/subscriptions",
-} as const;
-
-const EE_SERVER_TIMEOUT_MS = 5000;
-
-interface TSubscribeToMailingListParams {
-  email: TUserEmail;
-  listId: TMailingListId;
-}
-
-/**
- * Subscribe a user to a mailing list via the EE server
- * @param email - The user's email address
- * @param listId - The mailing list ID ("security" or "product-updates")
- */
-export const subscribeToMailingList = async ({
-  email,
-  listId,
-}: TSubscribeToMailingListParams): Promise<{ success: boolean; error?: string }> => {
-  validateInputs([email, ZUserEmail.toLowerCase()]);
-
-  const endpoint = MAILING_LIST_ENDPOINTS[listId];
-  if (!endpoint) {
-    logger.error({ listId }, "Invalid mailing list ID");
-    return { success: false, error: "Invalid mailing list ID" };
-  }
-
-  try {
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), EE_SERVER_TIMEOUT_MS);
-
-    const response = await fetch(endpoint, {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-      },
-      body: JSON.stringify({ email }),
-      signal: controller.signal,
-    });
-
-    clearTimeout(timeoutId);
-
-    if (!response.ok) {
-      const errorText = await response.text();
-      logger.error(
-        { status: response.status, error: errorText },
-        `Failed to subscribe to ${listId} mailing list`
-      );
-      return { success: false, error: `Failed to subscribe: ${response.status}` };
-    }
-
-    logger.info({ listId }, `Successfully subscribed to ${listId} mailing list`);
-    return { success: true };
-  } catch (error) {
-    if (error instanceof Error && error.name === "AbortError") {
-      logger.error({ listId }, "Mailing subscription request timed out");
-      return { success: false, error: "Request timed out" };
-    }
-
-    logger.error(error, `Error subscribing to ${listId} mailing list`);
-    return { success: false, error: "Failed to subscribe to mailing list" };
-  }
-};
-
-export const subscribeUserToMailingList = async ({
-  email,
-  isFormbricksCloud,
-  subscribeToSecurityUpdates,
-  subscribeToProductUpdates,
-}: {
-  email: TUserEmail;
-  isFormbricksCloud: boolean;
-  subscribeToSecurityUpdates?: boolean;
-  subscribeToProductUpdates?: boolean;
-}): Promise<void> => {
-  if (isFormbricksCloud && subscribeToProductUpdates) {
-    await subscribeToMailingList({ email, listId: "product-updates" });
-  } else if (!isFormbricksCloud && subscribeToSecurityUpdates) {
-    await subscribeToMailingList({ email, listId: "security" });
-  }
-};

apps/web/modules/ee/multi-language-surveys/components/edit-language.tsx

@@ -67,7 +67,7 @@ const validateLanguages = (languages: Language[], t: TFunction) => {
   // (e.g. alias "nl" pointing to a non-Dutch language) which later breaks the
   // dropdowns that rely on ISO identifiers.
   for (const alias of languageAliases) {
-    if (iso639Languages.some((language) => language.code === alias && !languageCodes.includes(alias))) {
+    if (iso639Languages.some((language) => language.alpha2 === alias && !languageCodes.includes(alias))) {
       toast.error(
         t("environments.workspace.languages.conflict_between_selected_alias_and_another_language"),
         {

apps/web/modules/ee/multi-language-surveys/components/language-select.tsx

@@ -22,7 +22,7 @@ export function LanguageSelect({ language, onLanguageChange, disabled, locale }:
   const [isOpen, setIsOpen] = useState(false);
   const [searchTerm, setSearchTerm] = useState("");
   const [selectedOption, setSelectedOption] = useState(
-    iso639Languages.find((isoLang) => isoLang.code === language.code)
+    iso639Languages.find((isoLang) => isoLang.alpha2 === language.code)
   );
   const items = iso639Languages;
 
@@ -39,7 +39,7 @@ export function LanguageSelect({ language, onLanguageChange, disabled, locale }:
 
   const handleOptionSelect = (option: TIso639Language) => {
     setSelectedOption(option);
-    onLanguageChange({ ...language, code: option.code || "" });
+    onLanguageChange({ ...language, code: option.alpha2 || "" });
     setIsOpen(false);
   };
 
@@ -87,7 +87,7 @@ export function LanguageSelect({ language, onLanguageChange, disabled, locale }:
           {filteredItems.map((item) => (
             <button
               className="block w-full cursor-pointer rounded-md px-4 py-2 text-left text-slate-700 hover:bg-slate-100 active:bg-blue-100"
-              key={item.code}
+              key={item.alpha2}
               onClick={() => {
                 handleOptionSelect(item);
               }}>

apps/web/modules/integrations/webhooks/components/add-webhook-modal.tsx

@@ -1,8 +1,8 @@
 "use client";
 
-import { PipelineTriggers, Webhook } from "@prisma/client";
+import { PipelineTriggers } from "@prisma/client";
 import clsx from "clsx";
-import { Webhook as WebhookIcon } from "lucide-react";
+import { Webhook } from "lucide-react";
 import { useRouter } from "next/navigation";
 import { useState } from "react";
 import { useForm } from "react-hook-form";
@@ -12,7 +12,6 @@ import { TSurvey } from "@formbricks/types/surveys/types";
 import { getFormattedErrorMessage } from "@/lib/utils/helper";
 import { SurveyCheckboxGroup } from "@/modules/integrations/webhooks/components/survey-checkbox-group";
 import { TriggerCheckboxGroup } from "@/modules/integrations/webhooks/components/trigger-checkbox-group";
-import { WebhookCreatedModal } from "@/modules/integrations/webhooks/components/webhook-created-modal";
 import { isDiscordWebhook, validWebHookURL } from "@/modules/integrations/webhooks/lib/utils";
 import { Button } from "@/modules/ui/components/button";
 import {
@@ -52,7 +51,6 @@ export const AddWebhookModal = ({ environmentId, surveys, open, setOpen }: AddWe
   const [selectedSurveys, setSelectedSurveys] = useState<string[]>([]);
   const [selectedAllSurveys, setSelectedAllSurveys] = useState(false);
   const [creatingWebhook, setCreatingWebhook] = useState(false);
-  const [createdWebhook, setCreatedWebhook] = useState<Webhook | null>(null);
 
   const handleTestEndpoint = async (sendSuccessToast: boolean) => {
     try {
@@ -144,7 +142,7 @@ export const AddWebhookModal = ({ environmentId, surveys, open, setOpen }: AddWe
         });
         if (createWebhookActionResult?.data) {
           router.refresh();
-          setCreatedWebhook(createWebhookActionResult.data);
+          setOpenWithStates(false);
           toast.success(t("environments.integrations.webhooks.webhook_added_successfully"));
         } else {
           const errorMessage = getFormattedErrorMessage(createWebhookActionResult);
@@ -158,27 +156,21 @@ export const AddWebhookModal = ({ environmentId, surveys, open, setOpen }: AddWe
     }
   };
 
-  const resetAndClose = () => {
-    setOpen(false);
+  const setOpenWithStates = (isOpen: boolean) => {
+    setOpen(isOpen);
     reset();
     setTestEndpointInput("");
     setEndpointAccessible(undefined);
     setSelectedSurveys([]);
     setSelectedTriggers([]);
     setSelectedAllSurveys(false);
-    setCreatedWebhook(null);
   };
 
-  // Show success dialog with secret after webhook creation
-  if (createdWebhook) {
-    return <WebhookCreatedModal open={open} webhook={createdWebhook} onClose={resetAndClose} />;
-  }
-
   return (
-    <Dialog open={open} onOpenChange={resetAndClose}>
+    <Dialog open={open} onOpenChange={setOpenWithStates}>
       <DialogContent>
         <DialogHeader>
-          <WebhookIcon />
+          <Webhook />
           <DialogTitle>{t("environments.integrations.webhooks.add_webhook")}</DialogTitle>
           <DialogDescription>
             {t("environments.integrations.webhooks.add_webhook_description")}
@@ -257,7 +249,12 @@ export const AddWebhookModal = ({ environmentId, surveys, open, setOpen }: AddWe
           </DialogBody>
 
           <DialogFooter>
-            <Button type="button" variant="secondary" onClick={resetAndClose}>
+            <Button
+              type="button"
+              variant="secondary"
+              onClick={() => {
+                setOpenWithStates(false);
+              }}>
               {t("common.cancel")}
             </Button>
             <Button type="submit" loading={creatingWebhook}>

apps/web/modules/integrations/webhooks/components/webhook-created-modal.tsx

@@ -1,92 +0,0 @@
-"use client";
-
-import { Webhook } from "@prisma/client";
-import { CheckIcon, CopyIcon, ExternalLinkIcon } from "lucide-react";
-import Link from "next/link";
-import { useState } from "react";
-import toast from "react-hot-toast";
-import { useTranslation } from "react-i18next";
-import { Button } from "@/modules/ui/components/button";
-import {
-  Dialog,
-  DialogBody,
-  DialogContent,
-  DialogDescription,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-} from "@/modules/ui/components/dialog";
-import { Input } from "@/modules/ui/components/input";
-import { Label } from "@/modules/ui/components/label";
-
-interface WebhookCreatedModalProps {
-  open: boolean;
-  webhook: Webhook;
-  onClose: () => void;
-}
-
-export const WebhookCreatedModal = ({ open, webhook, onClose }: WebhookCreatedModalProps) => {
-  const { t } = useTranslation();
-  const [copied, setCopied] = useState(false);
-
-  const copyToClipboard = async (text: string) => {
-    await navigator.clipboard.writeText(text);
-    setCopied(true);
-    toast.success(t("common.copied_to_clipboard"));
-    setTimeout(() => setCopied(false), 2000);
-  };
-
-  return (
-    <Dialog open={open} onOpenChange={onClose}>
-      <DialogContent>
-        <DialogHeader>
-          <CheckIcon className="h-6 w-6 text-green-500" />
-          <DialogTitle>{t("environments.integrations.webhooks.webhook_created")}</DialogTitle>
-          <DialogDescription>{t("environments.integrations.webhooks.copy_secret_now")}</DialogDescription>
-        </DialogHeader>
-
-        <DialogBody className="space-y-4 pb-4">
-          <div className="col-span-1">
-            <Label>{t("environments.integrations.webhooks.signing_secret")}</Label>
-            <div className="mt-1 flex">
-              <Input type="text" readOnly value={webhook.secret ?? ""} className="font-mono text-sm" />
-              <Button
-                type="button"
-                variant="secondary"
-                className="ml-2 whitespace-nowrap"
-                onClick={() => copyToClipboard(webhook.secret ?? "")}>
-                {copied ? (
-                  <>
-                    <CheckIcon className="h-4 w-4" />
-                    {t("common.copied")}
-                  </>
-                ) : (
-                  <>
-                    <CopyIcon className="h-4 w-4" />
-                    {t("common.copy")}
-                  </>
-                )}
-              </Button>
-            </div>
-            <p className="mt-2 text-xs text-slate-500">
-              {t("environments.integrations.webhooks.secret_copy_warning")}
-            </p>
-            <Link
-              href="https://formbricks.com/docs/xm-and-surveys/core-features/integrations/webhooks#webhook-security-with-standard-webhooks"
-              target="_blank"
-              className="mt-2 inline-flex items-center gap-1 text-xs text-slate-600 underline hover:text-slate-800">
-              {t("environments.integrations.webhooks.learn_to_verify")}
-              <ExternalLinkIcon className="h-3 w-3" />
-            </Link>
-          </div>
-        </DialogBody>
-
-        <DialogFooter>
-          <Button type="button" onClick={onClose}>
-            {t("common.done")}
-          </Button>
-        </DialogFooter>
-      </DialogContent>
-    </Dialog>
-  );
-};

apps/web/modules/integrations/webhooks/components/webhook-settings-tab.tsx

@@ -2,7 +2,7 @@
 
 import { PipelineTriggers, Webhook } from "@prisma/client";
 import clsx from "clsx";
-import { CheckIcon, CopyIcon, ExternalLinkIcon, EyeIcon, EyeOff, TrashIcon } from "lucide-react";
+import { TrashIcon } from "lucide-react";
 import Link from "next/link";
 import { useRouter } from "next/navigation";
 import { useState } from "react";
@@ -48,15 +48,6 @@ export const WebhookSettingsTab = ({ webhook, surveys, setOpen, isReadOnly }: We
   const [endpointAccessible, setEndpointAccessible] = useState<boolean>();
   const [hittingEndpoint, setHittingEndpoint] = useState<boolean>(false);
   const [selectedAllSurveys, setSelectedAllSurveys] = useState(webhook.surveyIds.length === 0);
-  const [showSecret, setShowSecret] = useState(false);
-  const [copied, setCopied] = useState(false);
-
-  const copyToClipboard = async (text: string) => {
-    await navigator.clipboard.writeText(text);
-    setCopied(true);
-    toast.success(t("common.copied_to_clipboard"));
-    setTimeout(() => setCopied(false), 2000);
-  };
 
   const handleTestEndpoint = async (sendSuccessToast: boolean) => {
     try {
@@ -122,7 +113,6 @@ export const WebhookSettingsTab = ({ webhook, surveys, setOpen, isReadOnly }: We
       toast.error(t("common.please_select_at_least_one_survey"));
       return;
     }
-
     const endpointHitSuccessfully = await handleTestEndpoint(false);
     if (!endpointHitSuccessfully) {
       return;
@@ -206,60 +196,6 @@ export const WebhookSettingsTab = ({ webhook, surveys, setOpen, isReadOnly }: We
           </div>
         </div>
 
-        {webhook.secret && (
-          <div className="col-span-1">
-            <Label htmlFor="secret">{t("environments.integrations.webhooks.signing_secret")}</Label>
-            <div className="mt-1 flex">
-              <div className="relative flex-1">
-                <Input
-                  type={showSecret ? "text" : "password"}
-                  id="secret"
-                  readOnly
-                  value={webhook.secret}
-                  className="pr-10 font-mono text-sm"
-                />
-                <button
-                  type="button"
-                  className="absolute top-1/2 right-3 -translate-y-1/2 transform"
-                  onClick={() => setShowSecret(!showSecret)}>
-                  {showSecret ? (
-                    <EyeOff className="h-5 w-5 text-slate-400" />
-                  ) : (
-                    <EyeIcon className="h-5 w-5 text-slate-400" />
-                  )}
-                </button>
-              </div>
-              <Button
-                type="button"
-                variant="secondary"
-                className="ml-2 whitespace-nowrap"
-                onClick={() => copyToClipboard(webhook.secret ?? "")}>
-                {copied ? (
-                  <>
-                    <CheckIcon className="h-4 w-4" />
-                    {t("common.copied")}
-                  </>
-                ) : (
-                  <>
-                    <CopyIcon className="h-4 w-4" />
-                    {t("common.copy")}
-                  </>
-                )}
-              </Button>
-            </div>
-            <p className="mt-1 text-xs text-slate-500">
-              {t("environments.integrations.webhooks.secret_description")}
-            </p>
-            <Link
-              href="https://formbricks.com/docs/xm-and-surveys/core-features/integrations/webhooks#webhook-security-with-standard-webhooks"
-              target="_blank"
-              className="mt-1 inline-flex items-center gap-1 text-xs text-slate-600 underline hover:text-slate-800">
-              {t("environments.integrations.webhooks.learn_to_verify")}
-              <ExternalLinkIcon className="h-3 w-3" />
-            </Link>
-          </div>
-        )}
-
         <div>
           <Label htmlFor="Triggers">{t("environments.integrations.webhooks.triggers")}</Label>
           <TriggerCheckboxGroup

apps/web/modules/integrations/webhooks/components/webhook-table.tsx

@@ -35,7 +35,6 @@ export const WebhookTable = ({
     surveyIds: [],
     createdAt: new Date(),
     updatedAt: new Date(),
-    secret: null,
   });
 
   const handleOpenWebhookDetailModalClick = (e, webhook: Webhook) => {

apps/web/modules/integrations/webhooks/lib/webhook.ts

@@ -1,5 +1,4 @@
 import { Prisma, Webhook } from "@prisma/client";
-import { v7 as uuidv7 } from "uuid";
 import { prisma } from "@formbricks/database";
 import { PrismaErrorType } from "@formbricks/database/types/error";
 import { ZId } from "@formbricks/types/common";
@@ -9,7 +8,6 @@ import {
   ResourceNotFoundError,
   UnknownError,
 } from "@formbricks/types/errors";
-import { generateStandardWebhookSignature, generateWebhookSecret } from "@/lib/crypto";
 import { validateInputs } from "@/lib/utils/validate";
 import { isDiscordWebhook } from "@/modules/integrations/webhooks/lib/utils";
 import { TWebhookInput } from "../types/webhooks";
@@ -61,19 +59,15 @@ export const deleteWebhook = async (id: string): Promise<boolean> => {
   }
 };
 
-export const createWebhook = async (environmentId: string, webhookInput: TWebhookInput): Promise<Webhook> => {
+export const createWebhook = async (environmentId: string, webhookInput: TWebhookInput): Promise<boolean> => {
   try {
     if (isDiscordWebhook(webhookInput.url)) {
       throw new UnknownError("Discord webhooks are currently not supported.");
     }
-
-    const secret = generateWebhookSecret();
-
-    const webhook = await prisma.webhook.create({
+    await prisma.webhook.create({
       data: {
         ...webhookInput,
         surveyIds: webhookInput.surveyIds || [],
-        secret,
         environment: {
           connect: {
             id: environmentId,
@@ -82,7 +76,7 @@ export const createWebhook = async (environmentId: string, webhookInput: TWebhoo
       },
     });
 
-    return webhook;
+    return true;
   } catch (error) {
     if (error instanceof Prisma.PrismaClientKnownRequestError) {
       throw new DatabaseError(error.message);
@@ -127,22 +121,13 @@ export const testEndpoint = async (url: string): Promise<boolean> => {
       throw new UnknownError("Discord webhooks are currently not supported.");
     }
 
-    const webhookMessageId = uuidv7();
-    const webhookTimestamp = Math.floor(Date.now() / 1000);
-    const body = JSON.stringify({ event: "testEndpoint" });
-
-    // Generate a temporary test secret and signature for consistency with actual webhooks
-    const testSecret = generateWebhookSecret();
-    const signature = generateStandardWebhookSignature(webhookMessageId, webhookTimestamp, body, testSecret);
-
     const response = await fetch(url, {
       method: "POST",
-      body,
+      body: JSON.stringify({
+        event: "testEndpoint",
+      }),
       headers: {
         "Content-Type": "application/json",
-        "webhook-id": webhookMessageId,
-        "webhook-timestamp": webhookTimestamp.toString(),
-        "webhook-signature": signature,
       },
       signal: controller.signal,
     });

apps/web/modules/organization/settings/api-keys/components/add-api-key-modal.tsx

@@ -255,7 +255,7 @@ export const AddApiKeyModal = ({
                               </span>
                             </button>
                           </DropdownMenuTrigger>
-                          <DropdownMenuContent className="max-h-[300px] min-w-[8rem] overflow-y-auto">
+                          <DropdownMenuContent className="min-w-[8rem]">
                             {projectOptions.map((option) => (
                               <DropdownMenuItem
                                 key={option.id}
@@ -286,7 +286,7 @@ export const AddApiKeyModal = ({
                               </span>
                             </button>
                           </DropdownMenuTrigger>
-                          <DropdownMenuContent className="max-h-[300px] min-w-[8rem] overflow-y-auto capitalize">
+                          <DropdownMenuContent className="min-w-[8rem] capitalize">
                             {getEnvironmentOptionsForProject(permission.projectId).map((env) => (
                               <DropdownMenuItem
                                 key={env.id}

apps/web/modules/organization/settings/api-keys/page.tsx

@@ -18,9 +18,9 @@ export const APIKeysPage = async (props) => {
 
   const projects = await getProjectsByOrganizationId(organization.id);
 
-  const canAccessApiKeys = currentUserMembership.role === "owner" || currentUserMembership.role === "manager";
+  const isNotOwner = currentUserMembership.role !== "owner";
 
-  if (!canAccessApiKeys) throw new Error(t("common.not_authorized"));
+  if (isNotOwner) throw new Error(t("common.not_authorized"));
 
   return (
     <PageContentWrapper>
@@ -38,7 +38,7 @@ export const APIKeysPage = async (props) => {
         <ApiKeyList
           organizationId={organization.id}
           locale={locale}
-          isReadOnly={!canAccessApiKeys}
+          isReadOnly={isNotOwner}
           projects={projects}
         />
       </SettingsCard>

apps/web/modules/setup/(fresh-instance)/signup/page.tsx

@@ -5,7 +5,6 @@ import {
   EMAIL_VERIFICATION_DISABLED,
   GITHUB_OAUTH_ENABLED,
   GOOGLE_OAUTH_ENABLED,
-  IS_FORMBRICKS_CLOUD,
   IS_TURNSTILE_CONFIGURED,
   OIDC_DISPLAY_NAME,
   OIDC_OAUTH_ENABLED,
@@ -58,7 +57,6 @@ export const SignupPage = async () => {
         samlTenant={SAML_TENANT}
         samlProduct={SAML_PRODUCT}
         turnstileSiteKey={TURNSTILE_SITE_KEY}
-        isFormbricksCloud={IS_FORMBRICKS_CLOUD}
       />
     </div>
   );

apps/web/modules/survey/editor/components/auto-save-indicator.tsx

@@ -1,61 +0,0 @@
-"use client";
-
-import { useEffect, useMemo, useState } from "react";
-import { useTranslation } from "react-i18next";
-import { cn } from "@/lib/cn";
-import { TooltipRenderer } from "@/modules/ui/components/tooltip";
-
-interface AutoSaveIndicatorProps {
-  isDraft: boolean;
-  lastSaved: Date | null;
-}
-
-export const AutoSaveIndicator = ({ isDraft, lastSaved }: AutoSaveIndicatorProps) => {
-  const { t } = useTranslation();
-  const [showSaved, setShowSaved] = useState(false);
-
-  useEffect(() => {
-    if (lastSaved) {
-      setShowSaved(true);
-      const timer = setTimeout(() => {
-        setShowSaved(false);
-      }, 3000);
-      return () => clearTimeout(timer);
-    }
-  }, [lastSaved]);
-
-  const isSavedState = isDraft && showSaved;
-
-  const text = useMemo(() => {
-    if (!isDraft) {
-      return t("environments.surveys.edit.auto_save_disabled");
-    }
-
-    if (showSaved) {
-      return t("environments.surveys.edit.progress_saved");
-    }
-
-    return t("environments.surveys.edit.auto_save_on");
-  }, [isDraft, showSaved, t]);
-
-  const badge = (
-    <span
-      className={cn(
-        "inline-flex cursor-default items-center rounded-full border px-2.5 py-0.5 text-xs font-medium transition-colors duration-300",
-        isSavedState
-          ? "border-green-600 bg-green-50 text-green-800"
-          : "border-slate-200 bg-slate-100 text-slate-600"
-      )}>
-      {text}
-    </span>
-  );
-
-  return (
-    <TooltipRenderer
-      shouldRender={!isDraft}
-      tooltipContent={t("environments.surveys.edit.auto_save_disabled_tooltip")}
-      className="max-w-64 text-center">
-      {badge}
-    </TooltipRenderer>
-  );
-};

apps/web/modules/survey/editor/components/response-options-card.tsx

@@ -33,10 +33,9 @@ export const ResponseOptionsCard = ({
   const [surveyClosedMessageToggle, setSurveyClosedMessageToggle] = useState(false);
   const [verifyEmailToggle, setVerifyEmailToggle] = useState(localSurvey.isVerifyEmailEnabled);
   const [recaptchaToggle, setRecaptchaToggle] = useState(localSurvey.recaptcha?.enabled ?? false);
-  const [singleResponsePerEmailToggle, setSingleResponsePerEmailToggle] = useState(
+  const [isSingleResponsePerEmailEnabledToggle, setIsSingleResponsePerEmailToggle] = useState(
     localSurvey.isSingleResponsePerEmailEnabled
   );
-  const [captureIpToggle, setCaptureIpToggle] = useState(localSurvey.isCaptureIpEnabled);
 
   const [surveyClosedMessage, setSurveyClosedMessage] = useState({
     heading: t("environments.surveys.edit.survey_completed_heading"),
@@ -91,7 +90,7 @@ export const ResponseOptionsCard = ({
   };
 
   const handleSingleResponsePerEmailToggle = () => {
-    setSingleResponsePerEmailToggle(!singleResponsePerEmailToggle);
+    setIsSingleResponsePerEmailToggle(!isSingleResponsePerEmailEnabledToggle);
     setLocalSurvey({
       ...localSurvey,
       isSingleResponsePerEmailEnabled: !localSurvey.isSingleResponsePerEmailEnabled,
@@ -118,11 +117,6 @@ export const ResponseOptionsCard = ({
     setLocalSurvey({ ...localSurvey, isBackButtonHidden: !localSurvey.isBackButtonHidden });
   };
 
-  const handleCaptureIpToggle = () => {
-    setCaptureIpToggle(!captureIpToggle);
-    setLocalSurvey({ ...localSurvey, isCaptureIpEnabled: !localSurvey.isCaptureIpEnabled });
-  };
-
   useEffect(() => {
     if (!!localSurvey.surveyClosedMessage) {
       setSurveyClosedMessage({
@@ -205,7 +199,7 @@ export const ResponseOptionsCard = ({
       )}>
       <Collapsible.CollapsibleTrigger asChild className="h-full w-full cursor-pointer">
         <div className="inline-flex px-4 py-4">
-          <div className="flex items-center pr-5 pl-2">
+          <div className="flex items-center pl-2 pr-5">
             <CheckIcon
               strokeWidth={3}
               className="h-7 w-7 rounded-full border border-green-300 bg-green-100 p-1.5 text-green-600"
@@ -243,7 +237,7 @@ export const ResponseOptionsCard = ({
                   value={localSurvey.autoComplete?.toString()}
                   onChange={handleInputResponse}
                   onBlur={handleInputResponseBlur}
-                  className="mr-2 ml-2 inline w-20 bg-white text-center text-sm"
+                  className="ml-2 mr-2 inline w-20 bg-white text-center text-sm"
                 />
                 {t("environments.surveys.edit.completed_responses")}
               </p>
@@ -310,7 +304,7 @@ export const ResponseOptionsCard = ({
                     <Input
                       autoFocus
                       id="heading"
-                      className="mt-2 mb-4 bg-white"
+                      className="mb-4 mt-2 bg-white"
                       name="heading"
                       defaultValue={surveyClosedMessage.heading}
                       onChange={(e) => handleClosedSurveyMessageChange({ heading: e.target.value })}
@@ -339,7 +333,7 @@ export const ResponseOptionsCard = ({
                 <div className="m-1">
                   <AdvancedOptionToggle
                     htmlId="preventDoubleSubmission"
-                    isChecked={singleResponsePerEmailToggle}
+                    isChecked={isSingleResponsePerEmailEnabledToggle}
                     onToggle={handleSingleResponsePerEmailToggle}
                     title={t("environments.surveys.edit.prevent_double_submission")}
                     description={t("environments.surveys.edit.prevent_double_submission_description")}
@@ -386,13 +380,6 @@ export const ResponseOptionsCard = ({
             title={t("environments.surveys.edit.hide_back_button")}
             description={t("environments.surveys.edit.hide_back_button_description")}
           />
-          <AdvancedOptionToggle
-            htmlId="captureIp"
-            isChecked={captureIpToggle}
-            onToggle={handleCaptureIpToggle}
-            title={t("environments.surveys.edit.capture_ip_address")}
-            description={t("environments.surveys.edit.capture_ip_address_description")}
-          />
         </div>
       </Collapsible.CollapsibleContent>
     </Collapsible.Root>

apps/web/modules/survey/editor/components/survey-menu-bar.tsx

@@ -26,7 +26,6 @@ import { Button } from "@/modules/ui/components/button";
 import { Input } from "@/modules/ui/components/input";
 import { updateSurveyAction, updateSurveyDraftAction } from "../actions";
 import { isSurveyValid } from "../lib/validation";
-import { AutoSaveIndicator } from "./auto-save-indicator";
 
 interface SurveyMenuBarProps {
   localSurvey: TSurvey;
@@ -69,14 +68,7 @@ export const SurveyMenuBar = ({
   const [isConfirmDialogOpen, setConfirmDialogOpen] = useState(false);
   const [isSurveyPublishing, setIsSurveyPublishing] = useState(false);
   const [isSurveySaving, setIsSurveySaving] = useState(false);
-  const [lastAutoSaved, setLastAutoSaved] = useState<Date | null>(null);
   const isSuccessfullySavedRef = useRef(false);
-  const isAutoSavingRef = useRef(false);
-
-  // Refs for interval-based auto-save (to access current values without re-creating interval)
-  const localSurveyRef = useRef(localSurvey);
-  const surveyRef = useRef(survey);
-  const isSurveySavingRef = useRef(isSurveySaving);
 
   useEffect(() => {
     if (audiencePrompt && activeId === "settings") {
@@ -88,19 +80,6 @@ export const SurveyMenuBar = ({
     setIsLinkSurvey(localSurvey.type === "link");
   }, [localSurvey.type]);
 
-  // Keep refs updated for interval-based auto-save
-  useEffect(() => {
-    localSurveyRef.current = localSurvey;
-  }, [localSurvey]);
-
-  useEffect(() => {
-    surveyRef.current = survey;
-  }, [survey]);
-
-  useEffect(() => {
-    isSurveySavingRef.current = isSurveySaving;
-  }, [isSurveySaving]);
-
   // Reset the successfully saved flag when survey prop updates (page refresh complete)
   useEffect(() => {
     if (isSuccessfullySavedRef.current) {
@@ -249,52 +228,6 @@ export const SurveyMenuBar = ({
     return true;
   };
 
-  // Interval-based auto-save for draft surveys (every 10 seconds)
-  useEffect(() => {
-    // Only set up interval for draft surveys
-    if (localSurvey.status !== "draft") return;
-
-    const intervalId = setInterval(async () => {
-      // Skip if tab is not visible (no computation, no API calls for background tabs)
-      if (document.hidden) return;
-
-      // Skip if already saving (manual or auto)
-      if (isAutoSavingRef.current || isSurveySavingRef.current) return;
-
-      // Check for changes using refs (avoids re-creating interval on every change)
-      const { updatedAt: localUpdatedAt, ...localSurveyRest } = localSurveyRef.current;
-      const { updatedAt: surveyUpdatedAt, ...surveyRest } = surveyRef.current;
-
-      // Skip if no changes
-      if (isEqual(localSurveyRest, surveyRest)) return;
-
-      isAutoSavingRef.current = true;
-
-      try {
-        const currentSurvey = localSurveyRef.current;
-        const updatedSurveyResponse = await updateSurveyDraftAction({
-          ...currentSurvey,
-          segment: currentSurvey.segment?.id === "temp" ? null : currentSurvey.segment,
-        } as unknown as TSurveyDraft);
-
-        if (updatedSurveyResponse?.data) {
-          // Update surveyRef (not localSurvey state) to prevent re-renders during auto-save.
-          // This keeps the UI stable while still tracking that changes have been saved.
-          // The comparison uses refs, so this prevents unnecessary re-saves.
-          surveyRef.current = { ...updatedSurveyResponse.data };
-          isSuccessfullySavedRef.current = true;
-          setLastAutoSaved(new Date());
-        }
-      } catch (e) {
-        console.error(e);
-      } finally {
-        isAutoSavingRef.current = false;
-      }
-    }, 10000);
-
-    return () => clearInterval(intervalId);
-  }, [localSurvey.status]);
-
   // Add new handler after handleSurveySave
   const handleSurveySaveDraft = async (): Promise<boolean> => {
     setIsSurveySaving(true);
@@ -468,7 +401,6 @@ export const SurveyMenuBar = ({
       </div>
 
       <div className="mt-3 flex items-center gap-2 sm:mt-0 sm:ml-4">
-        <AutoSaveIndicator isDraft={localSurvey.status === "draft"} lastSaved={lastAutoSaved} />
         {!isStorageConfigured && (
           <div>
             <Alert variant="warning" size="small">
@@ -495,7 +427,6 @@ export const SurveyMenuBar = ({
         )}
         {!isCxMode && (
           <Button
-            data-save-button
             disabled={disableSave}
             variant="secondary"
             size="sm"

apps/web/modules/survey/editor/lib/survey.test.ts

@@ -168,7 +168,7 @@ describe("Survey Editor Library Tests", () => {
       vi.mocked(getOrganizationAIKeys).mockResolvedValue(mockOrganization as any);
     });
 
-    test("should handle languages update with multiple languages", async () => {
+    test("should handle languages update", async () => {
       const updatedSurvey: TSurvey = {
         ...mockSurvey,
         languages: [
@@ -219,60 +219,6 @@ describe("Survey Editor Library Tests", () => {
       });
     });
 
-    test("should handle languages update with single default language", async () => {
-      // This tests the fix for the bug where languages.length === 1 would incorrectly
-      // set updatedLanguageIds to [] causing the default language to be removed
-      const updatedSurvey: TSurvey = {
-        ...mockSurvey,
-        languages: [
-          {
-            language: {
-              id: "en",
-              code: "en",
-              createdAt: new Date(),
-              updatedAt: new Date(),
-              alias: null,
-              projectId: "project1",
-            },
-            default: true,
-            enabled: true,
-          },
-        ],
-      };
-
-      await updateSurvey(updatedSurvey);
-
-      // Verify that prisma.survey.update was called
-      expect(prisma.survey.update).toHaveBeenCalled();
-
-      const updateCall = vi.mocked(prisma.survey.update).mock.calls[0][0];
-
-      // The key test: when languages.length === 1, we should still process language updates
-      // and NOT delete the language. Before the fix, languages.length > 1 would fail this case.
-      expect(updateCall).toBeDefined();
-      expect(updateCall.where).toEqual({ id: "survey123" });
-      expect(updateCall.data).toBeDefined();
-    });
-
-    test("should remove all languages when empty array is passed", async () => {
-      const updatedSurvey: TSurvey = {
-        ...mockSurvey,
-        languages: [],
-      };
-
-      await updateSurvey(updatedSurvey);
-
-      // Verify that prisma.survey.update was called
-      expect(prisma.survey.update).toHaveBeenCalled();
-
-      const updateCall = vi.mocked(prisma.survey.update).mock.calls[0][0];
-
-      // When languages is empty array, all existing languages should be removed
-      expect(updateCall).toBeDefined();
-      expect(updateCall.where).toEqual({ id: "survey123" });
-      expect(updateCall.data).toBeDefined();
-    });
-
     test("should delete private segment for non-app type surveys", async () => {
       const mockSegment: TSegment = {
         id: "segment1",

apps/web/modules/survey/editor/lib/survey.ts

@@ -43,7 +43,7 @@ export const updateSurvey = async (updatedSurvey: TSurvey): Promise<TSurvey> =>
         ? currentSurvey.languages.map((l) => l.language.id)
         : [];
       const updatedLanguageIds =
-        languages.length > 0 ? updatedSurvey.languages.map((l) => l.language.id) : [];
+        languages.length > 1 ? updatedSurvey.languages.map((l) => l.language.id) : [];
       const enabledLanguageIds = languages.map((language) => {
         if (language.enabled) return language.language.id;
       });

apps/web/modules/survey/lib/elements.tsx

@@ -168,6 +168,7 @@ export const getElementTypes = (t: TFunction): TElement[] => [
     icon: MousePointerClickIcon,
     preset: {
       headline: createI18nString("", []),
+      subheader: createI18nString("", []),
       ctaButtonLabel: createI18nString(t("templates.book_interview"), []),
       buttonUrl: "",
       buttonExternal: true,
@@ -181,6 +182,7 @@ export const getElementTypes = (t: TFunction): TElement[] => [
     icon: CheckIcon,
     preset: {
       headline: createI18nString("", []),
+      subheader: createI18nString("", []),
       label: createI18nString("", []),
     },
   },

apps/web/modules/survey/lib/survey.ts

@@ -29,7 +29,6 @@ export const selectSurvey = {
   autoComplete: true,
   isVerifyEmailEnabled: true,
   isSingleResponsePerEmailEnabled: true,
-  isCaptureIpEnabled: true,
   redirectUrl: true,
   projectOverwrites: true,
   styling: true,

apps/web/modules/survey/link/components/custom-scripts-injector.tsx

@@ -56,16 +56,9 @@ export const CustomScriptsInjector = ({
           newScript.setAttribute(attr.name, attr.value);
         });
 
-        // Copy inline script content with error handling
+        // Copy inline script content
         if (script.textContent) {
-          // Wrap inline scripts in try-catch to prevent user script errors from breaking the survey
-          newScript.textContent = `
-try {
-${script.textContent}
-} catch (error) {
-  console.warn('[Formbricks] Error in custom script:', error);
-}
-          `.trim();
+          newScript.textContent = script.textContent;
         }
 
         document.head.appendChild(newScript);

apps/web/modules/survey/link/lib/data.ts

@@ -48,7 +48,6 @@ export const getSurveyWithMetadata = reactCache(async (surveyId: string) => {
         redirectUrl: true,
         pin: true,
         isBackButtonHidden: true,
-        isCaptureIpEnabled: true,
 
         // Single use configuration
         singleUse: true,

apps/web/modules/survey/templates/lib/minimal-survey.ts

@@ -43,5 +43,4 @@ export const getMinimalSurvey = (t: TFunction): TSurvey => ({
   isBackButtonHidden: false,
   metadata: {},
   slug: null,
-  isCaptureIpEnabled: false,
 });

apps/web/modules/ui/globals.css

@@ -64,13 +64,11 @@
 
 *::-webkit-scrollbar-track {
   background: #e2e8f0;
-  border-radius: 10px;
 }
 
 *::-webkit-scrollbar-thumb {
   background-color: #cbd5e1;
   border: 1px solid #cbd5e1;
-  border-radius: 10px;
 }
 
 .filter-scrollbar::-webkit-scrollbar {

apps/web/next-env.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
-import "./.next/dev/types/routes.d.ts";
+/// <reference path="./.next/types/routes.d.ts" />
 
 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/app/api-reference/config/typescript for more information.

apps/web/next.config.mjs

@@ -24,7 +24,6 @@ const nextConfig = {
   outputFileTracingIncludes: {
     "/api/auth/**/*": ["../../node_modules/jose/**/*"],
   },
-  turbopack: {},
   experimental: {},
   transpilePackages: ["@formbricks/database"],
   images: {

apps/web/package.json

@@ -10,7 +10,7 @@
     "build": "cross-env NODE_OPTIONS=--max-old-space-size=8192 next build",
     "build:dev": "pnpm run build",
     "start": "next start",
-    "lint": "eslint . --fix --ext .ts,.js,.tsx,.jsx",
+    "lint": "next lint",
     "test": "dotenv -e ../../.env -- vitest run",
     "test:coverage": "dotenv -e ../../.env -- vitest run --coverage",
     "generate-api-specs": "./scripts/openapi/generate.sh",
@@ -46,7 +46,7 @@
     "@lexical/rich-text": "0.36.2",
     "@lexical/table": "0.36.2",
     "@opentelemetry/exporter-prometheus": "0.203.0",
-    "@opentelemetry/host-metrics": "0.38.0",
+    "@opentelemetry/host-metrics": "0.36.0",
     "@opentelemetry/instrumentation": "0.203.0",
     "@opentelemetry/instrumentation-http": "0.203.0",
     "@opentelemetry/instrumentation-runtime-node": "0.17.1",
@@ -101,7 +101,7 @@
     "lucide-react": "0.507.0",
     "markdown-it": "14.1.0",
     "mime-types": "3.0.1",
-    "next": "16.1.1",
+    "next": "15.5.9",
     "next-auth": "4.24.12",
     "next-safe-action": "7.10.8",
     "node-fetch": "3.3.2",
@@ -133,9 +133,7 @@
     "webpack": "5.99.8",
     "xlsx": "file:vendor/xlsx-0.20.3.tgz",
     "zod": "3.24.4",
-    "zod-openapi": "4.2.4",
-    "react": "19.2.3",
-    "react-dom": "19.2.3"
+    "zod-openapi": "4.2.4"
   },
   "devDependencies": {
     "@formbricks/config-typescript": "workspace:*",
@@ -158,7 +156,7 @@
     "autoprefixer": "10.4.21",
     "cross-env": "10.0.0",
     "dotenv": "16.5.0",
-    "esbuild": "0.25.11",
+    "esbuild": "0.25.10",
     "postcss": "8.5.3",
     "resize-observer-polyfill": "1.5.1",
     "ts-node": "10.9.2",

apps/web/playwright/onboarding.spec.ts

@@ -35,7 +35,7 @@ test.describe("Onboarding Flow Test", async () => {
     await page.getByPlaceholder("e.g. Formbricks").fill(projectName);
     await page.locator("#form-next-button").click();
 
-    await page.getByRole("button", { name: "I'll do it later" }).click();
+    await page.getByRole("button", { name: "I will do it later" }).click();
 
     await page.waitForURL(/\/environments\/[^/]+\/surveys/);
     await expect(page.getByText(projectName)).toBeVisible();

apps/web/playwright/survey.spec.ts

@@ -255,14 +255,14 @@ test.describe("Multi Language Survey Create", async () => {
     await page.getByRole("button", { name: "Select" }).click();
     await page.getByPlaceholder("Search items").click();
     await page.getByPlaceholder("Search items").fill("Eng");
-    await page.getByText("English", { exact: true }).click();
+    await page.getByText("English").click();
     await page.getByRole("button", { name: "Save changes" }).click();
     await page.getByRole("button", { name: "Edit languages" }).click();
     await page.getByRole("button", { name: "Add language" }).click();
     await page.getByRole("button", { name: "Select" }).click();
     await page.getByRole("textbox", { name: "Search items" }).click();
     await page.getByRole("textbox", { name: "Search items" }).fill("German");
-    await page.getByText("German", { exact: true }).nth(1).click();
+    await page.getByText("German").nth(1).click();
     await page.getByRole("button", { name: "Save changes" }).click();
     await page.waitForTimeout(2000);
     await page.getByRole("link", { name: "Surveys" }).click();

apps/web/playwright/utils/helper.ts

@@ -121,7 +121,7 @@ export const finishOnboarding = async (
   await page.locator("#form-next-button").click();
 
   if (projectChannel !== "link") {
-    await page.getByRole("button", { name: "I'll do it later" }).click();
+    await page.getByRole("button", { name: "I will do it later" }).click();
   }
 
   await page.waitForURL(/\/environments\/[^/]+\/surveys/);

apps/web/scripts/docker/next-start.sh

@@ -48,10 +48,10 @@ run_with_timeout() {
 
 
 echo "🗃️ Running database migrations..."
-run_with_timeout 300 "database migration" node packages/database/dist/scripts/apply-migrations.js
+run_with_timeout 300 "database migration" sh -c '(cd packages/database && npm run db:migrate:deploy)'
 
 echo "🗃️ Running SAML database setup..."
-run_with_timeout 60 "SAML database setup" node packages/database/dist/scripts/create-saml-database.js
+run_with_timeout 60 "SAML database setup" sh -c '(cd packages/database && npm run db:create-saml-database:deploy)'
 
 echo "✅ Database setup completed"
 echo "🚀 Starting Next.js server..."

docs/api-reference/openapi.json

@@ -5868,7 +5868,6 @@
                         "jpeg",
                         "jpg",
                         "webp",
-                        "ico",
                         "pdf",
                         "eml",
                         "doc",
@@ -5884,7 +5883,6 @@
                         "avi",
                         "mkv",
                         "webm",
-                        "mp3",
                         "zip",
                         "rar",
                         "7z",

docs/xm-and-surveys/core-features/integrations/webhooks.mdx

@@ -48,169 +48,6 @@ If you encounter any issues or need help setting up webhooks, feel free to reach
 
 ---
 
-## Webhook Security with Standard Webhooks
-
-Formbricks implements the [Standard Webhooks](https://github.com/standard-webhooks/standard-webhooks) specification to ensure webhook requests can be verified as genuinely originating from Formbricks.
-
-### Webhook Headers
-
-Every webhook request includes the following headers:
-
-| Header              | Description                                          | Example                                |
-| ------------------- | ---------------------------------------------------- | -------------------------------------- |
-| `webhook-id`        | Unique message identifier                            | `019ba292-c1f6-7618-aaf2-ecf8e39d1cc7` |
-| `webhook-timestamp` | Unix timestamp (seconds) when the webhook was sent   | `1704547200`                           |
-| `webhook-signature` | HMAC-SHA256 signature (only if secret is configured) | `v1,K3Q2bXlzZWNyZXQ=`                  |
-
-### Signing Secret
-
-When you create a webhook (via the UI or API), Formbricks automatically generates a unique signing secret for that webhook. The secret follows the Standard Webhooks format: `whsec_` followed by a base64-encoded random value.
-
-**Via UI:** After creating a webhook, the signing secret is displayed immediately. Copy and store it securely—you can also view it later in the webhook settings.
-
-**Via API:** The signing secret is returned in the webhook creation response.
-
-This secret is used to generate the HMAC signature included in each webhook request, allowing you to verify the authenticity of incoming webhooks.
-
-### Signature Verification
-
-The signature is computed as follows:
-
-```
-signed_content = "{webhook-id}.{webhook-timestamp}.{body}"
-signature = base64(HMAC-SHA256(secret, signed_content))
-header_value = "v1,{signature}"
-```
-
-### Validating Webhooks
-
-To validate incoming webhook requests:
-
-1. Extract the `webhook-id`, `webhook-timestamp`, and `webhook-signature` headers
-2. Verify the timestamp is within an acceptable tolerance (e.g., 5 minutes) to prevent replay attacks
-3. Decode the secret by stripping the `whsec_` prefix and base64 decoding the rest
-4. Compute the expected signature using HMAC-SHA256 with the decoded secret
-5. Compare your computed signature with the received signature (after stripping the `v1,` prefix)
-
-### Node.js Verification Functions
-
-```javascript
-const crypto = require("crypto");
-
-const WEBHOOK_TOLERANCE_IN_SECONDS = 300; // 5 minutes
-
-/**
- * Decodes a Formbricks webhook secret (whsec_...) to raw bytes
- */
-function decodeSecret(secret) {
-  const base64 = secret.startsWith("whsec_") ? secret.slice(6) : secret;
-  return Buffer.from(base64, "base64");
-}
-
-/**
- * Verifies the webhook timestamp is within tolerance
- * @throws {Error} if timestamp is too old or too new
- */
-function verifyTimestamp(timestampHeader) {
-  const now = Math.floor(Date.now() / 1000);
-  const timestamp = parseInt(timestampHeader, 10);
-
-  if (isNaN(timestamp)) {
-    throw new Error("Invalid timestamp");
-  }
-
-  if (Math.abs(now - timestamp) > WEBHOOK_TOLERANCE_IN_SECONDS) {
-    throw new Error("Timestamp outside tolerance window");
-  }
-
-  return timestamp;
-}
-
-/**
- * Computes the expected signature for a webhook payload
- */
-function computeSignature(webhookId, timestamp, body, secret) {
-  const signedContent = `${webhookId}.${timestamp}.${body}`;
-  const secretBytes = decodeSecret(secret);
-  return crypto.createHmac("sha256", secretBytes).update(signedContent).digest("base64");
-}
-
-/**
- * Verifies a Formbricks webhook request
- * @param {string} body - Raw request body as string
- * @param {object} headers - Object containing webhook-id, webhook-timestamp, webhook-signature
- * @param {string} secret - Your webhook secret (whsec_...)
- * @returns {boolean} true if valid
- * @throws {Error} if verification fails
- */
-function verifyWebhook(body, headers, secret) {
-  const webhookId = headers["webhook-id"];
-  const webhookTimestamp = headers["webhook-timestamp"];
-  const webhookSignature = headers["webhook-signature"];
-
-  if (!webhookId || !webhookTimestamp || !webhookSignature) {
-    throw new Error("Missing required webhook headers");
-  }
-
-  // Verify timestamp
-  const timestamp = verifyTimestamp(webhookTimestamp);
-
-  // Compute expected signature
-  const expectedSignature = computeSignature(webhookId, timestamp, body, secret);
-
-  // Extract signature from header (format: "v1,{signature}")
-  const receivedSignature = webhookSignature.split(",")[1];
-
-  if (!receivedSignature) {
-    throw new Error("Invalid signature format");
-  }
-
-  // Use constant-time comparison to prevent timing attacks
-  const expectedBuffer = Buffer.from(expectedSignature, "utf8");
-  const receivedBuffer = Buffer.from(receivedSignature, "utf8");
-
-  if (
-    expectedBuffer.length !== receivedBuffer.length ||
-    !crypto.timingSafeEqual(expectedBuffer, receivedBuffer)
-  ) {
-    throw new Error("Invalid signature");
-  }
-
-  return true;
-}
-
-module.exports = { verifyWebhook, decodeSecret, computeSignature, verifyTimestamp };
-```
-
-**Usage:**
-
-```javascript
-// In your webhook handler, use the raw body (not parsed JSON)
-try {
-  verifyWebhook(rawBody, req.headers, process.env.FORMBRICKS_WEBHOOK_SECRET);
-  const payload = JSON.parse(rawBody);
-  // Process verified webhook...
-} catch (error) {
-  // Verification failed - reject the request
-  console.error("Webhook verification failed:", error.message);
-}
-```
-
-<Note>
-  Always use the **raw request body** (as a string) for signature verification, not the parsed JSON object.
-  Parsing and re-stringifying can change the formatting and break signature validation.
-</Note>
-
-### Using Standard Webhooks Libraries
-
-You can also use the official [Standard Webhooks libraries](https://github.com/standard-webhooks/standard-webhooks#libraries) available for various languages:
-
-- **Node.js**: `npm install standardwebhooks`
-- **Python**: `pip install standardwebhooks`
-- **Go, Ruby, Java, Kotlin, PHP, Rust**: See the [Standard Webhooks GitHub](https://github.com/standard-webhooks/standard-webhooks)
-
----
-
 ## Example Webhook Payloads
 
 We provide the following webhook payloads, `responseCreated`, `responseUpdated`, and `responseFinished`.
@@ -245,10 +82,10 @@ Example of Response Created webhook payload:
       },
       "singleUseId": null,
       "survey": {
-        "createdAt": "2025-07-20T10:30:00.000Z",
-        "status": "inProgress",
         "title": "Customer Satisfaction Survey",
         "type": "link",
+        "status": "inProgress",
+        "createdAt": "2025-07-20T10:30:00.000Z",
         "updatedAt": "2025-07-24T07:45:00.000Z"
       },
       "surveyId": "surveyId",
@@ -296,10 +133,10 @@ Example of Response Updated webhook payload:
       },
       "singleUseId": null,
       "survey": {
-        "createdAt": "2025-07-20T10:30:00.000Z",
-        "status": "inProgress",
         "title": "Customer Satisfaction Survey",
         "type": "link",
+        "status": "inProgress",
+        "createdAt": "2025-07-20T10:30:00.000Z",
         "updatedAt": "2025-07-24T07:45:00.000Z"
       },
       "surveyId": "surveyId",
@@ -348,10 +185,10 @@ Example of Response Finished webhook payload:
       },
       "singleUseId": null,
       "survey": {
-        "createdAt": "2025-07-20T10:30:00.000Z",
-        "status": "inProgress",
         "title": "Customer Satisfaction Survey",
         "type": "link",
+        "status": "inProgress",
+        "createdAt": "2025-07-20T10:30:00.000Z",
         "updatedAt": "2025-07-24T07:45:00.000Z"
       },
       "surveyId": "surveyId",

helm-chart/Chart.yaml

@@ -7,11 +7,6 @@ type: application
 # Helm chart Version
 version: 0.0.0-dev
 
-# This is the version number of the application being deployed.
-appVersion: "3.7.0"
-
-icon: https://formbricks.com/favicon.ico
-
 keywords:
   - formbricks
   - postgresql

helm-chart/templates/NOTES.txt

@@ -84,18 +84,13 @@ Redis Access:
 ---
 
 Environment Variables:
-The following environment variables have been configured:
+The following environment variables have been automatically generated:
 
-- `WEBAPP_URL`: {{ .Values.formbricks.webappUrl }}
-- `NEXTAUTH_URL`: {{ .Values.formbricks.webappUrl }}
-{{- if .Values.formbricks.publicUrl }}
-- `PUBLIC_URL`: {{ .Values.formbricks.publicUrl }}
-{{- end }}
-- `NEXTAUTH_SECRET`: A random 32-character string (auto-generated)
-- `ENCRYPTION_KEY`: A random 32-character string (auto-generated)
-- `CRON_SECRET`: A random 32-character string (auto-generated)
-- `EMAIL_VERIFICATION_DISABLED`: 1 # By Default email verification is disabled, configure SMTP settings to enable(https://formbricks.com/docs/self-hosting/configuration/smtp)
-- `PASSWORD_RESET_DISABLED`: 1 # By Default password reset is disabled, configure SMTP settings to enable(https://formbricks.com/docs/self-hosting/configuration/smtp)
+- `NEXTAUTH_SECRET`: A random 32-character string
+- `ENCRYPTION_KEY`: A random 32-character string
+- `CRON_SECRET`: A random 32-character string
+- 'EMAIL_VERIFICATION_DISABLED': 1 # By Default email verification is disabled, configure SMTP settings to enable(https://formbricks.com/docs/self-hosting/configuration/smtp)
+- 'PASSWORD_RESET_DISABLED': 1 # By Default password reset is disabled, configure SMTP settings to enable(https://formbricks.com/docs/self-hosting/configuration/smtp)
 
 Retrieve them using:
 ```sh

helm-chart/templates/secrets.yaml

@@ -3,7 +3,6 @@
 {{- $postgresAdminPassword := include "formbricks.postgresAdminPassword" . }}
 {{- $postgresUserPassword := include "formbricks.postgresUserPassword" . }}
 {{- $redisPassword := include "formbricks.redisPassword" . }}
-{{- $webappUrl := required "formbricks.webappUrl is required. Set it to your Formbricks instance URL (e.g., https://formbricks.example.com)" .Values.formbricks.webappUrl }}
 ---
 apiVersion: v1
 kind: Secret
@@ -12,12 +11,6 @@ metadata:
   labels:
     {{- include "formbricks.labels" . | nindent 4 }}
 data:
-  # Formbricks application URLs
-  WEBAPP_URL: {{ $webappUrl | b64enc }}
-  NEXTAUTH_URL: {{ $webappUrl | b64enc }}
-  {{- if .Values.formbricks.publicUrl }}
-  PUBLIC_URL: {{ .Values.formbricks.publicUrl | b64enc }}
-  {{- end }}
   {{- if .Values.redis.enabled }}
   REDIS_URL: {{ printf "redis://:%s@formbricks-redis-master:6379" $redisPassword | b64enc }}
   {{- else }}
@@ -28,7 +21,7 @@ data:
   {{- else }}
   DATABASE_URL: {{ .Values.postgresql.externalDatabaseUrl | b64enc }}
   {{- end }}
-  CRON_SECRET: {{ include "formbricks.cronSecret" . | b64enc }}
+  CRON_SECRET: {{ include "formbricks.cronSecret" . | b64enc }}	
   ENCRYPTION_KEY: {{ include "formbricks.encryptionKey" . | b64enc }}
   NEXTAUTH_SECRET: {{ include "formbricks.nextAuthSecret" . | b64enc }}
   {{- if and (.Values.enterprise.licenseKey) (ne .Values.enterprise.licenseKey "") }}